Authentication Validator

Author: mereghost

modules/storages/app/common/storages/peripherals/connection_validators/one_drive/authentication_validator.rb

@@ -0,0 +1,71 @@
+# frozen_string_literal: true
+
+#-- copyright
+# OpenProject is an open source project management software.
+# Copyright (C) the OpenProject GmbH
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License version 3.
+#
+# OpenProject is a fork of ChiliProject, which is a fork of Redmine. The copyright follows:
+# Copyright (C) 2006-2013 Jean-Philippe Lang
+# Copyright (C) 2010-2013 the ChiliProject Team
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License
+# as published by the Free Software Foundation; either version 2
+# of the License, or (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+#
+# See COPYRIGHT and LICENSE files for more details.
+#++
+
+module Storages
+  module Peripherals
+    module ConnectionValidators
+      module OneDrive
+        class AuthenticationValidator < BaseValidatorGroup
+          def initialize(storage)
+            super
+            @user = User.current
+          end
+
+          private
+
+          def validate
+            register_checks(:existing_token, :user_bound_request)
+
+            oauth_token
+            user_bound_request
+          end
+
+          def oauth_token
+            if OAuthClientToken.where(user: @user, oauth_client: @storage.oauth_client).any?
+              pass_check(:existing_token)
+            else
+              warn_check(:existing_token, message(:oauth_token_missing), halt_validation: true)
+            end
+          end
+
+          def user_bound_request
+            Registry["one_drive.queries.user"].call(storage: @storage, auth_strategy:).on_failure do
+              fail_check(:user_bound_request, message("oauth_request_#{it.result}"))
+            end
+
+            pass_check(:user_bound_request)
+          end
+
+          def auth_strategy = Registry["one_drive.authentication.user_bound"].call(storage: @storage, user: @user)
+        end
+      end
+    end
+  end
+end

modules/storages/spec/common/storages/peripherals/connection_validators/one_drive/authentication_validator_spec.rb

@@ -0,0 +1,76 @@
+# frozen_string_literal: true
+
+#-- copyright
+# OpenProject is an open source project management software.
+# Copyright (C) the OpenProject GmbH
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License version 3.
+#
+# OpenProject is a fork of ChiliProject, which is a fork of Redmine. The copyright follows:
+# Copyright (C) 2006-2013 Jean-Philippe Lang
+# Copyright (C) 2010-2013 the ChiliProject Team
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License
+# as published by the Free Software Foundation; either version 2
+# of the License, or (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+#
+# See COPYRIGHT and LICENSE files for more details.
+#++
+
+require "spec_helper"
+require_module_spec_helper
+
+module Storages
+  module Peripherals
+    module ConnectionValidators
+      module OneDrive
+        RSpec.describe AuthenticationValidator, :webmock do
+          subject(:validator) { described_class.new(storage) }
+
+          context "when using OAuth2" do
+            let(:user) { create(:user) }
+            let(:storage) { create(:sharepoint_dev_drive_storage, oauth_client_token_user: user) }
+
+            before { User.current = user }
+
+            it "passes when the user has a token and the request works", vcr: "one_drive/user_query_success" do
+              expect(validator.call).to be_success
+            end
+
+            it "returns a warning when there's no token for the current user" do
+              User.current = create(:user)
+              result = validator.call
+
+              expect(result[:existing_token]).to be_a_warning
+              expect(result[:existing_token].message).to eq(I18n.t(i18n_key(:oauth_token_missing)))
+              expect(result[:user_bound_request]).to be_skipped
+            end
+
+            it "returns a failure if the remote call failed" do
+              Registry.stub("one_drive.queries.user", ->(_) { ServiceResult.failure(result: :unauthorized) })
+
+              result = validator.call
+              expect(result[:user_bound_request]).to be_a_failure
+              expect(result[:user_bound_request].message).to eq(I18n.t(i18n_key(:oauth_request_unauthorized)))
+            end
+          end
+
+          private
+
+          def i18n_key(key) = "storages.health.connection_validation.#{key}"
+        end
+      end
+    end
+  end
+end