Add Provider to v3 migration endpoints (#4922)

* Add Provider to v3 migration endpoints * Fix specs * Add a spec to check for room provider and owner provider * Add Tenant and Guest Role creation in create_role * Add provider * Add settings specs * Fix migration endpoints * Rubo * Fix typo * Fix typos in specs --------- Co-authored-by: Ahmad Farhat <ahmad.af.farhat@gmail.com>

Add Provider to v3 migration endpoints (#4922)
f17b206d · Samuel Couillard · GitHub · bc751f36 · f17b206d · f17b206d
Unverified Commit f17b206d authored Jun 7, 2023 by Samuel Couillard Committed by GitHub Jun 7, 2023
--- a/app/controllers/api/v1/migrations/external_controller.rb
+++ b/app/controllers/api/v1/migrations/external_controller.rb
@@ -47,14 +47,19 @@ module Api
        def create_role
          role_hash = role_params.to_h
-          return render_data status: :created if Role.exists? name: role_hash[:name], provider: 'greenlight'
+          # Returns an error if the provider does not exist
+          if role_hash[:provider] != 'greenlight' && Tenant.find_by(provider: role_hash[:provider]).nil?
+            return render_error(status: :bad_request, errors: 'Provider does not exist')
+          end
-          role = Role.new(name: role_hash[:name], provider: 'greenlight')
+          # Returns created if the Role exists and the RolePermissions have default values
+          if Role.exists?(name: role_hash[:name], provider: role_hash[:provider]) && role_hash[:role_permissions].empty?
+            return render_data status: :created
+          end
-          return render_error(status: :bad_request, errors: role&.errors&.to_a) unless role.save
+          role = Role.find_or_initialize_by(name: role_hash[:name], provider: role_hash[:provider])
-          # Returns unless the Role has a RolePermission that differs from V3 default RolePermissions values
+          return render_error(status: :bad_request, errors: role&.errors&.to_a) unless role.save
-          return render_data status: :created unless role_hash[:role_permissions].any?
          # Finds all the RolePermissions that need to be updated
          role_permissions_joined = RolePermission.includes(:permission)
@@ -78,17 +83,22 @@ module Api
        def create_user
          user_hash = user_params.to_h
-          return render_data status: :created if User.exists? email: user_hash[:email], provider: 'greenlight'
+          # Returns an error if the provider does not exist
+          unless user_hash[:provider] == 'greenlight' || Tenant.exists?(name: user_hash[:provider])
+            return render_error(status: :bad_request, errors: 'Provider does not exist')
+          end
+          return render_data status: :created if User.exists? email: user_hash[:email], provider: user_hash[:provider]
          user_hash[:language] = I18n.default_locale if user_hash[:language].blank? || user_hash[:language] == 'default'
-          role = Role.find_by(name: user_hash[:role], provider: 'greenlight')
+          role = Role.find_by(name: user_hash[:role], provider: user_hash[:provider])
          return render_error(status: :bad_request, errors: 'The user role does not exist.') unless role
          user_hash[:password] = generate_secure_pwd if user_hash[:external_id].blank?
-          user = User.new(user_hash.merge(verified: true, provider: 'greenlight', role:))
+          user = User.new(user_hash.merge(verified: true, role:))
          return render_error(status: :bad_request, errors: user&.errors&.to_a) unless user.save
@@ -104,13 +114,17 @@ module Api
        def create_room
          room_hash = room_params.to_h
+          unless room_hash[:provider] == 'greenlight' || Tenant.exists?(name: room_hash[:provider])
+            return render_error(status: :bad_request, errors: 'Provider does not exist')
+          end
          return render_data status: :created if Room.exists? friendly_id: room_hash[:friendly_id]
-          user = User.find_by(email: room_hash[:owner_email], provider: 'greenlight')
+          user = User.find_by(email: room_hash[:owner_email], provider: room_hash[:provider])
          return render_error(status: :bad_request, errors: 'The room owner does not exist.') unless user
-          room = Room.new(room_hash.except(:owner_email, :room_settings, :shared_users_emails).merge({ user: }))
+          room = Room.new(room_hash.except(:owner_email, :provider, :room_settings, :shared_users_emails).merge({ user: }))
          # Redefines the validations method to do nothing
          # rubocop:disable Lint/EmptyBlock
@@ -137,7 +151,7 @@ module Api
          return render_data status: :created unless room_hash[:shared_users_emails].any?
          # Finds all the users that have a SharedAccess to the Room
-          shared_with_users = User.where(email: room_hash[:shared_users_emails])
+          shared_with_users = User.where(email: room_hash[:shared_users_emails], provider: room_hash[:provider])
          okay = true
          shared_with_users.each do |shared_with_user|
@@ -152,18 +166,22 @@ module Api
        # POST /api/v1/migrations/site_settings.json
        # Expects: { settings: { site_settings: { :PrimaryColor, :PrimaryColorLight, :PrimaryColorDark,
        #                          :Terms, :PrivacyPolicy, :RegistrationMethod, :ShareRooms, :PreuploadPresentation },
-        #                        room_configurations: { :record, :muteOnStart, :guestPolicy, :glAnyoneCanStart,
+        #                        rooms_configurations: { :record, :muteOnStart, :guestPolicy, :glAnyoneCanStart,
        #                          :glAnyoneJoinAsModerator, :glRequireAuthentication } } }
        # Returns: { data: Array[serializable objects] , errors: Array[String] }
        # Does: Creates a SiteSettings or a RoomsConfiguration.
        def create_settings
          settings_hash = settings_params.to_h
+          unless settings_hash[:provider] == 'greenlight' || Tenant.exists?(name: settings_hash[:provider])
+            return render_error(status: :bad_request, errors: 'Provider does not exist')
+          end
          render_data status: :created unless settings_hash.any?
          # Finds all the SiteSettings that need to be updated
          site_settings_joined = SiteSetting.joins(:setting)
-                                            .where('settings.name': settings_hash[:site_settings].keys, provider: 'greenlight')
+                                            .where('settings.name': settings_hash[:site_settings].keys, provider: settings_hash[:provider])
          okay = true
          site_settings_joined.each do |site_setting|
@@ -174,14 +192,14 @@ module Api
          return render_error status: :bad_request, errors: 'Something went wrong when migrating site settings.' unless okay
          # Finds all the RoomsConfiguration that need to be updated
-          room_configurations_joined = RoomsConfiguration.joins(:meeting_option)
+          rooms_configurations_joined = RoomsConfiguration.joins(:meeting_option)
-                                                         .where('meeting_options.name': settings_hash[:room_configurations].keys,
+                                                          .where('meeting_options.name': settings_hash[:rooms_configurations].keys,
-                                                                provider: 'greenlight')
+                                                                 provider: settings_hash[:provider])
          okay = true
-          room_configurations_joined.each do |room_configuration|
+          rooms_configurations_joined.each do |rooms_configuration|
-            room_configuration_name = room_configuration.meeting_option.name
+            rooms_configuration_name = rooms_configuration.meeting_option.name
-            okay = false unless room_configuration.update(value: settings_hash[:room_configurations][room_configuration_name])
+            okay = false unless rooms_configuration.update(value: settings_hash[:rooms_configurations][rooms_configuration_name])
          end
          return render_error status: :bad_request, errors: 'Something went wrong when migrating room configurations.' unless okay
@@ -193,24 +211,26 @@ module Api
        def role_params
          decrypted_params.require(:role).permit(:name,
+                                                 :provider,
                                                 role_permissions: %w[CreateRoom CanRecord ManageUsers ManageRoles ManageRooms ManageRecordings
                                                                      ManageSiteSettings])
        end
        def user_params
-          decrypted_params.require(:user).permit(:name, :email, :external_id, :language, :role)
+          decrypted_params.require(:user).permit(:name, :email, :provider, :external_id, :language, :role)
        end
        def room_params
-          decrypted_params.require(:room).permit(:name, :friendly_id, :meeting_id, :last_session, :owner_email,
+          decrypted_params.require(:room).permit(:name, :friendly_id, :meeting_id, :last_session, :owner_email, :provider,
                                                 shared_users_emails: [],
                                                 room_settings: %w[record muteOnStart guestPolicy glAnyoneCanStart glAnyoneJoinAsModerator])
        end
        def settings_params
-          decrypted_params.require(:settings).permit(site_settings: %w[PrimaryColor PrimaryColorLight Terms PrivacyPolicy RegistrationMethod
+          decrypted_params.require(:settings).permit(:provider,
-                                                                       ShareRooms PreuploadPresentation],
+                                                     site_settings: %w[PrimaryColor PrimaryColorLight Terms PrivacyPolicy RegistrationMethod
-                                                     room_configurations: %w[record muteOnStart guestPolicy glAnyoneCanStart glAnyoneJoinAsModerator
+                                                                       ShareRooms PreloadPresentation],
+                                                     rooms_configurations: %w[record muteOnStart guestPolicy glAnyoneCanStart glAnyoneJoinAsModerator
                                                                              glRequireAuthentication])
        end

--- a/spec/controllers/migrations/external_controller_spec.rb
+++ b/spec/controllers/migrations/external_controller_spec.rb
@@ -28,7 +28,7 @@ RSpec.describe Api::V1::Migrations::ExternalController, type: :controller do
    context 'when decryption passes' do
      describe 'when decrypted params encapsulation is conform and data is valid' do
        it 'returns :created and creates a role' do
-          encrypted_params = encrypt_params({ role: { name: 'CrazyRole', role_permissions: {} } }, expires_in: 10.seconds)
+          encrypted_params = encrypt_params({ role: { name: 'CrazyRole', provider: 'greenlight', role_permissions: {} } }, expires_in: 10.seconds)
          expect { post :create_role, params: { v2: { encrypted_params: } } }.to change(Role, :count).from(0).to(1)
          role = Role.take
          expect(role.name).to eq('CrazyRole')
@@ -39,7 +39,7 @@ RSpec.describe Api::V1::Migrations::ExternalController, type: :controller do
      describe 'when decrypted params data are invalid' do
        it 'returns :bad_request without creating a role' do
-          encrypted_params = encrypt_params({ role: { name: '', role_permissions: {} } }, expires_in: 10.seconds)
+          encrypted_params = encrypt_params({ role: { name: '', provider: 'greenlight', role_permissions: {} } }, expires_in: 10.seconds)
          expect { post :create_role, params: { v2: { encrypted_params: } } }.not_to change(Role, :count)
          expect(response).to have_http_status(:bad_request)
        end
@@ -57,11 +57,45 @@ RSpec.describe Api::V1::Migrations::ExternalController, type: :controller do
        let(:role) { create(:role, provider: 'greenlight', name: 'OnlyOne') }
        it 'returns :created without creating a role' do
-          encrypted_params = encrypt_params({ role: { name: role.name, role_permissions: {} } }, expires_in: 10.seconds)
+          encrypted_params = encrypt_params({ role: { name: role.name, provider: 'greenlight', role_permissions: {} } }, expires_in: 10.seconds)
          expect { post :create_role, params: { v2: { encrypted_params: } } }.not_to change(Role, :count)
          expect(response).to have_http_status(:created)
        end
      end
+      describe 'when role already exists and role permissions are not default values' do
+        let!(:role) { create(:role) }
+        let!(:not_greenlight_role) { create(:role, provider: 'not_greenlight') }
+        let!(:create_room_role_permission) { create(:role_permission, role:, permission: create(:permission, name: 'ManageUsers'), value: 'true') }
+        let!(:not_greenlight_create_room_role_permission) do
+          create(:role_permission,
+                 role: not_greenlight_role,
+                 permission: create(:permission, name: 'ManageUsers'),
+                 value: 'true')
+        end
+        it 'creates role role_permissions with the given value' do
+          role_permissions = {
+            ManageUsers: 'false'
+          }
+          encrypted_params = encrypt_params({ role: { name: role.name, provider: role.provider, role_permissions: } }, expires_in: 10.seconds)
+          post :create_role, params: { v2: { encrypted_params: } }
+          expect(create_room_role_permission.reload.value).to eq(role_permissions[:ManageUsers])
+          expect(response).to have_http_status(:created)
+        end
+        it 'does not create other providers role role_permissions' do
+          role_permissions = {
+            ManageUsers: 'false'
+          }
+          encrypted_params = encrypt_params({ role: { name: role.name, provider: role.provider, role_permissions: } }, expires_in: 10.seconds)
+          post :create_role, params: { v2: { encrypted_params: } }
+          expect(not_greenlight_create_room_role_permission.reload.value).not_to eq(role_permissions[:ManageUsers])
+          expect(response).to have_http_status(:created)
+        end
+      end
    end
    context 'when decryption failes' do
@@ -115,6 +149,7 @@ RSpec.describe Api::V1::Migrations::ExternalController, type: :controller do
      {
        name: 'user',
        email: 'user@users.com',
+        provider: 'greenlight',
        language: 'language',
        role: valid_user_role.name
      }
@@ -218,7 +253,7 @@ RSpec.describe Api::V1::Migrations::ExternalController, type: :controller do
        end
        context 'when providing a :provider or a :password' do
-          before { valid_user_params.merge!(provider: 'lightgreen', password: 'Password1!') }
+          before { valid_user_params.merge!(password: 'Password1!') }
          it 'returns :created and creates a user while ignoring the extra values' do
            encrypted_params = encrypt_params({ user: valid_user_params }, expires_in: 10.seconds)
@@ -230,7 +265,7 @@ RSpec.describe Api::V1::Migrations::ExternalController, type: :controller do
            expect(user.language).to eq(valid_user_params[:language])
            expect(user.role).to eq(valid_user_role)
            expect(user.session_token).to be_present
-            expect(user.provider).to eq('greenlight')
+            expect(user.provider).to eq(valid_user_params[:provider])
            expect(response).to have_http_status(:created)
            expect(user.authenticate('Password1!')).to be_falsy
          end
@@ -393,6 +428,7 @@ RSpec.describe Api::V1::Migrations::ExternalController, type: :controller do
        meeting_id: 'kzukaw3xk7ql5kefbfpsruud61pztf00jzltgafs',
        last_session: Time.zone.now.to_datetime,
        owner_email: user.email,
+        provider: 'greenlight',
        room_settings: {},
        shared_users_emails: []
      }
@@ -410,6 +446,7 @@ RSpec.describe Api::V1::Migrations::ExternalController, type: :controller do
          expect(room.friendly_id).to eq(valid_room_params[:friendly_id])
          expect(room.meeting_id).to eq(valid_room_params[:meeting_id])
          expect(room.last_session).to eq(valid_room_params[:last_session])
+          expect(room.user.provider).to eq(valid_room_params[:provider])
          expect(room.user).to eq(user)
          expect(response).to have_http_status(:created)
        end
@@ -420,6 +457,12 @@ RSpec.describe Api::V1::Migrations::ExternalController, type: :controller do
          encrypted_params = encrypt_params({ room: valid_room_params }, expires_in: 10.seconds)
          expect { post :create_room, params: { v2: { encrypted_params: } } }.not_to change(Room, :count)
        end
+        it 'does not create a new room if the room owner does not have same provider has the room data' do
+          valid_room_params[:provider] = 'random_provider'
+          encrypted_params = encrypt_params({ room: valid_room_params }, expires_in: 10.seconds)
+          expect { post :create_room, params: { v2: { encrypted_params: } } }.not_to change(Room, :count)
+        end
      end
      describe 'when decrypted params data are invalid' do
@@ -491,6 +534,94 @@ RSpec.describe Api::V1::Migrations::ExternalController, type: :controller do
    end
  end
+  describe '#create_settings' do
+    let(:primary_color_setting) { create(:setting, name: 'PrimaryColor') }
+    let(:terms_setting) { create(:setting, name: 'Terms') }
+    let(:registration_method_setting) { create(:setting, name: 'RegistrationMethod') }
+    let!(:site_setting_a) { create(:site_setting, setting: primary_color_setting, value: 'valueA') }
+    let!(:site_setting_b) { create(:site_setting, setting: terms_setting, value: 'valueB') }
+    let!(:site_setting_c) { create(:site_setting, setting: registration_method_setting, value: 'valueC') }
+    let!(:site_setting_d) do
+      create(:site_setting, setting: primary_color_setting, value: 'valueA', provider: 'not_greenlight')
+    end
+    let!(:site_setting_e) do
+      create(:site_setting, setting: terms_setting, value: 'valueB', provider: 'not_greenlight')
+    end
+    let!(:site_setting_f) do
+      create(:site_setting, setting: registration_method_setting, value: 'valueC', provider: 'not_greenlight')
+    end
+    let(:record_meeting_option) { create(:meeting_option, name: 'record') }
+    let(:mute_on_start_meeting_option) { create(:meeting_option, name: 'muteOnStart') }
+    let(:guest_policy_meeting_option) { create(:meeting_option, name: 'guestPolicy') }
+    let!(:rooms_config_a) { create(:rooms_configuration, meeting_option: record_meeting_option, value: 'true') }
+    let!(:rooms_config_b) { create(:rooms_configuration, meeting_option: mute_on_start_meeting_option, value: 'true') }
+    let!(:rooms_config_c) { create(:rooms_configuration, meeting_option: guest_policy_meeting_option, value: 'true') }
+    let!(:rooms_config_d) do
+      create(:rooms_configuration, meeting_option: record_meeting_option, value: 'true', provider: 'not_greenlight')
+    end
+    let!(:rooms_config_e) do
+      create(:rooms_configuration, meeting_option: mute_on_start_meeting_option, value: 'true', provider: 'not_greenlight')
+    end
+    let!(:rooms_config_f) do
+      create(:rooms_configuration, meeting_option: guest_policy_meeting_option, value: 'true', provider: 'not_greenlight')
+    end
+    let(:valid_settings_params) do
+      {
+        provider: 'greenlight',
+        site_settings: {
+          PrimaryColor: 'new_valueA',
+          Terms: 'new_valueB',
+          RegistrationMethod: 'new_valueC'
+        },
+        rooms_configurations: {
+          record: 'false',
+          muteOnStart: 'false',
+          guestPolicy: 'false'
+        }
+      }
+    end
+    before { clear_enqueued_jobs }
+    it 'updates the site settings' do
+      encrypted_params = encrypt_params({ settings: valid_settings_params }, expires_in: 10.seconds)
+      post :create_settings, params: { v2: { encrypted_params: } }
+      expect(site_setting_a.reload.value).to eq(valid_settings_params[:site_settings][:PrimaryColor])
+      expect(site_setting_b.reload.value).to eq(valid_settings_params[:site_settings][:Terms])
+      expect(site_setting_c.reload.value).to eq(valid_settings_params[:site_settings][:RegistrationMethod])
+    end
+    it 'does not update the site settings for other providers' do
+      encrypted_params = encrypt_params({ settings: valid_settings_params }, expires_in: 10.seconds)
+      post :create_settings, params: { v2: { encrypted_params: } }
+      expect(site_setting_d.reload.value).to eq('valueA')
+      expect(site_setting_e.reload.value).to eq('valueB')
+      expect(site_setting_f.reload.value).to eq('valueC')
+    end
+    it 'updates the room configs' do
+      encrypted_params = encrypt_params({ settings: valid_settings_params }, expires_in: 10.seconds)
+      post :create_settings, params: { v2: { encrypted_params: } }
+      expect(rooms_config_a.reload.value).to eq(valid_settings_params[:rooms_configurations][:record])
+      expect(rooms_config_b.reload.value).to eq(valid_settings_params[:rooms_configurations][:muteOnStart])
+      expect(rooms_config_c.reload.value).to eq(valid_settings_params[:rooms_configurations][:guestPolicy])
+    end
+    it 'does not update the room configs for other providers' do
+      encrypted_params = encrypt_params({ settings: valid_settings_params }, expires_in: 10.seconds)
+      post :create_settings, params: { v2: { encrypted_params: } }
+      expect(rooms_config_d.reload.value).to eq('true')
+      expect(rooms_config_e.reload.value).to eq('true')
+      expect(rooms_config_f.reload.value).to eq('true')
+    end
+  end
  private
  def encrypt_params(params, key: nil, expires_at: nil, expires_in: nil, purpose: nil)