Merge pull request #1265 from crossroads/master

[0.22] Release
crossroads · May 28, 2021 · 69cafc5 · 69cafc5
2 parents bd8c7be + 9300b37
commit 69cafc5
Show file tree

Hide file tree

Showing 29 changed files with 426 additions and 132 deletions.
diff --git a/.circleci/config.yml b/.circleci/config.yml
@@ -6,7 +6,7 @@ version: 2
 
 defaults: &defaults
   docker:
-    - image: circleci/ruby:2.6.1
+    - image: circleci/ruby:2.7.3
   working_directory: ~/api.goodcity
 
 jobs:
@@ -47,7 +47,7 @@ jobs:
   test:
     <<: *defaults
     docker:
-      - image: circleci/ruby:2.6.1
+      - image: cimg/ruby:2.7.3
       - image: circleci/postgres:9.6.9-alpine-ram
       - image: circleci/redis:4.0.9-alpine
     parallelism: 4
@@ -57,6 +57,8 @@ jobs:
       - run:
           name: Install PostgreSQL Client (required to run migrations)
           command: |
+            sudo sh -c 'echo "deb http://apt.postgresql.org/pub/repos/apt/ `lsb_release -cs`-pgdg main" >> /etc/apt/sources.list.d/pgdg.list'
+            wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc | sudo apt-key add -
             sudo apt update
             sudo apt-get install postgresql-client-9.6
       - restore_cache:

diff --git a/.codeclimate.yml b/.codeclimate.yml
@@ -19,6 +19,7 @@ engines:
     enabled: true
   rubocop:
     enabled: true
+    channel: rubocop-1-10-0
     checks:
       Rubocop/Metrics/ClassLength:
         enabled: false

diff --git a/.ruby-version b/.ruby-version
@@ -1 +1 @@
-ruby-2.6.1
+ruby-2.7.3
diff --git a/Gemfile b/Gemfile
@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 source 'https://rubygems.org'
-ruby '2.6.1'
+ruby '2.7.3'
 
 gem 'pg'
 gem 'rails', '~> 6.1.3'

diff --git a/Gemfile.lock b/Gemfile.lock
@@ -635,7 +635,7 @@ DEPENDENCIES
   with_advisory_lock
 
 RUBY VERSION
-   ruby 2.6.1p33
+   ruby 2.7.3p183
 
 BUNDLED WITH
-   1.17.3
+   2.2.16
diff --git a/app/controllers/api/v1/authentication_controller.rb b/app/controllers/api/v1/authentication_controller.rb
@@ -62,13 +62,14 @@ def send_pin
         end
 
         @user = User.find_by_mobile(@mobile.mobile)
+        @otp_auth_key = otp_auth_key_for(@user, refresh: true)
 
         if @user && @user.allowed_login?(app_name)
           @user.send_verification_pin(app_name, params[:mobile])
         elsif @user
           return render json: {error: "You are not authorized."}, status: 401
         end
-        render json: {otp_auth_key: otp_auth_key_for(@user)}
+        render json: { otp_auth_key: @otp_auth_key }
       end
 
       api :POST, "/v1/auth/signup", "Register a new user"
@@ -190,11 +191,11 @@ def authenticated_user
       # to successfully authenticate. This helps prevent man-in-the-middle attacks by ensuring that only this
       # client that can authenticate the OTP code with it.
       # Note: if user is nil, we generate a fake token so as to ward off unruly hackers.
-      def otp_auth_key_for(user)
+      def otp_auth_key_for(user, refresh: false)
         if user.present?
-          user.most_recent_token.otp_auth_key
+          AuthenticationService.otp_auth_key_for(user, refresh: refresh)
         else
-          AuthToken.new.new_otp_auth_key
+          AuthenticationService.fake_otp_auth_key
         end
       end
 

diff --git a/app/controllers/api/v1/users_controller.rb b/app/controllers/api/v1/users_controller.rb
@@ -90,7 +90,7 @@ def mentionable_users
         render json: @users, each_serializer: Api::V1::UserMentionsSerializer
       end
 
-      api :PUT, '/v1/merge_users', "Merge one user details into another user"
+      api :PUT, '/v1/users/merge_users', "Merge one user details into another user"
       param :master_user_id, String, desc: "Id of user in which other user will be merged"
       param :merged_user_id, String, desc: "Id of user which needs to be merged and removed."
       def merge_users

diff --git a/app/jobs/print_label_job.rb b/app/jobs/print_label_job.rb
@@ -1,5 +1,5 @@
 class PrintLabelJob < ActiveJob::Base
-  def perform(package_id, printer_id, opts={})
+  def perform(package_id, printer_id, opts = {})
     package = Package.find(package_id)
     options = { inventory_number: package.inventory_number, print_count: opts[:print_count] }
     label = "Labels::#{opts[:label_type].classify}".safe_constantize.new(options)

diff --git a/app/jobs/slack_message_job.rb b/app/jobs/slack_message_job.rb
@@ -5,5 +5,4 @@ def perform(message, channel)
     client = Slack::Web::Client.new
     client.chat_postMessage(channel: channel, text: message, as_user: true)
   end
-
 end
diff --git a/app/models/concerns/offer_filtering.rb b/app/models/concerns/offer_filtering.rb
@@ -9,20 +9,20 @@ module OfferFiltering
     #   -[:before] = timestamp
     #   -[:after] = timestamp
 
-    scope :filter_offers, -> (options = {}) do
+    scope :filter_offers, lambda { |options = {}|
       res = where.not(state: 'draft')
       res = res.assoicate_delivery_and_schedule
       res = res.shareable if options[:shareable].present?
       res = res.select('offers.*, schedules.scheduled_at')
-      res = res.where("offers.state IN (?)", options[:state_names]) unless options[:state_names].empty?
+      res = res.where('offers.state IN (?)', options[:state_names]) unless options[:state_names].empty?
       res = res.priority if options[:priority].present?
       res = res.self_reviewer if options[:self_reviewer].present?
       res = res.due_after(options[:after]) if options[:after].present?
       res = res.due_before(options[:before]) if options[:before].present?
       res = res.order(sort_offer(options)) if options[:sort_column] || options[:recent_offers]
       res = res.with_notifications(options[:with_notifications]) if options[:with_notifications].present?
       res.distinct
-    end
+    }
 
     def self.priority
       where <<-SQL
@@ -35,19 +35,20 @@ def self.priority
     end
 
     def self.sort_offer(options)
-      return "id DESC" if options[:recent_offers]
+      return 'id DESC' if options[:recent_offers]
+
       # prevent SQL injection by sanitizing the input
       sort_column = if self.column_names.include?(options[:sort_column]) || (options[:sort_column] == 'schedules.scheduled_at')
-          options[:sort_column]
-        else
-          'id'
-        end
-      sort_type = options[:is_desc] ? "DESC" : "ASC"
+                      options[:sort_column]
+                    else
+                      'id'
+                    end
+      sort_type = options[:is_desc] ? 'DESC' : 'ASC'
       "#{sort_column} #{sort_type}"
     end
 
     def self.self_reviewer
-      where("reviewed_by_id= ?", User.current_user.id)
+      where('reviewed_by_id= ?', User.current_user.id)
     end
 
     def self.due_after(time)
@@ -60,8 +61,8 @@ def self.due_before(time)
 
     def self.with_notifications(state)
       res = joins("LEFT OUTER JOIN subscriptions ON offers.id = subscriptions.subscribable_id and subscriptions.subscribable_type = 'Offer'")
-      res = res.where("subscriptions.user_id = (?)", User.current_user.id)
-      res = res.where("subscriptions.state = (?)", state) if %w[unread read].include?(state)
+      res = res.where('subscriptions.user_id = (?)', User.current_user.id)
+      res = res.where('subscriptions.state = (?)', state) if %w[unread read].include?(state)
       res
     end
 
@@ -74,13 +75,12 @@ def self.last_6pm
     end
 
     def self.shareable
-      joins("INNER JOIN shareables ON shareables.resource_id=offers.id")
+      joins('INNER JOIN shareables ON shareables.resource_id=offers.id')
     end
 
     def self.assoicate_delivery_and_schedule
-      res = joins("LEFT OUTER JOIN deliveries ON offers.id = deliveries.offer_id")
-      res = res.joins("LEFT OUTER JOIN schedules ON deliveries.schedule_id = schedules.id")
-      res
+      res = joins('LEFT OUTER JOIN deliveries ON offers.id = deliveries.offer_id')
+      res.joins('LEFT OUTER JOIN schedules ON deliveries.schedule_id = schedules.id')
     end
   end
 end
diff --git a/app/models/concerns/push_updates_for_message.rb b/app/models/concerns/push_updates_for_message.rb
@@ -41,14 +41,14 @@ def update_client_store
 
   # All reviewers/supervisors/order_fulfillers
   def notify_deletion_to_subscribers
-    case object_class
-    when "Order"
-      channels = [Channel::ORDER_FULFILMENT_CHANNEL]
-    when "Package"
-      channels = [Channel::INVENTORY_CHANNEL]
-    else # Offer / Item
-      channels = [Channel::REVIEWER_CHANNEL, Channel::SUPERVISOR_CHANNEL]
-    end
+    channels = case object_class
+               when 'Order'
+                 [Channel::ORDER_FULFILMENT_CHANNEL]
+               when 'Package'
+                 [Channel::INVENTORY_CHANNEL]
+               else # Offer / Item
+                 [Channel::REVIEWER_CHANNEL, Channel::SUPERVISOR_CHANNEL]
+               end
     send_update('read', channels, :delete)
   end
 
@@ -66,7 +66,7 @@ def send_update(state, channels, operation = :create)
   # Need to inject subscription.state into message data
   #   because read/unread state is per subscription not per message
   def serialized_message(state)
-    message = self.tap{|m| m.state_value = state}
+    message = tap { |m| m.state_value = state }
     associations = Message.reflections.keys.map(&:to_sym)
     Api::V1::MessageSerializer.new(message, { exclude: associations })
   end
@@ -95,17 +95,17 @@ def app_names_for_user(user_id)
     obj = self.related_object
     owner_id = messageable_owner_id
 
-    if object_class == "Order"
+    if object_class == 'Order'
       return [owner_id == user_id ? BROWSE_APP : STOCK_APP]
     end
 
-    return [STOCK_APP] if object_class == "Package"
+    return [STOCK_APP] if object_class == 'Package'
 
-    if ["Offer", "Item"].include?(object_class)
+    if %w[Offer Item].include?(object_class)
       to = []
       to << DONOR_APP if owner_id == user_id
       to << (user_id == recipient_id ? BROWSE_APP : ADMIN_APP)
-      return to.flatten.uniq
+      to.flatten.uniq
     end
   end
 
@@ -116,16 +116,15 @@ def subscribed_user_ids
 
   # All admin users with permission to view messages on that object
   def relevant_staff_user_ids
-    if ['Offer', 'Item'].include?(object_class)
-      message_permissions = ['can_manage_offer_messages']
-    elsif object_class == 'Order'
-      message_permissions = ['can_manage_order_messages']
-    elsif object_class == 'Package'
-      message_permissions = ['can_manage_package_messages']
-    else
-      message_permissions = []
-    end
-    User.joins(roles: [:permissions]).where(permissions: { name: message_permissions } ).distinct.pluck(:id)
+    message_permissions = if %w[Offer Item].include?(object_class)
+                            ['can_manage_offer_messages']
+                          elsif object_class == 'Order'
+                            ['can_manage_order_messages']
+                          elsif object_class == 'Package'
+                            ['can_manage_package_messages']
+                          else
+                            []
+                          end
+    User.joins(roles: [:permissions]).where(permissions: { name: message_permissions }).distinct.pluck(:id)
   end
-
 end
diff --git a/app/models/gogovan_order.rb b/app/models/gogovan_order.rb
@@ -17,7 +17,7 @@ def self.place_order(user, attributes)
 
   def self.book_order(user, attributes)
     order = create(status: 'pending')
-    attributes["ggv_uuid"] = order.ggv_uuid
+    attributes['ggv_uuid'] = order.ggv_uuid
     attributes = set_vehicle_type(attributes)
     update_vehicle_type(attributes)
     book_order = Gogovan.new(user, attributes).confirm_order
@@ -28,6 +28,7 @@ def self.book_order(user, attributes)
   def self.offer_by_ggv_uuid(ggv_uuid)
     offer = find_by(ggv_uuid: ggv_uuid).try(:delivery).try(:offer)
     raise ActiveRecord::RecordNotFound unless offer
+
     Offer.with_eager_load.find(offer.id)
   end
 
@@ -36,15 +37,15 @@ def donor
   end
 
   def need_polling?
-    status == "active" || status == "pending"
+    status == 'active' || status == 'pending'
   end
 
   def pending?
-    status == "pending"
+    status == 'pending'
   end
 
   def cancelled?
-    status_changed?(to: "cancelled")
+    status_changed?(to: 'cancelled')
   end
 
   def can_cancel?
@@ -65,14 +66,14 @@ def cancel_order
   end
 
   def assign_details(order_details)
-    self.status = order_details["status"]
-    self.price = order_details["price"]
-    if (driver_details = order_details["driver"])
-      self.driver_name = driver_details["name"]
-      self.driver_mobile = driver_details["phone_number"]
-      self.driver_license = driver_details["license_plate"]
+    self.status = order_details['status']
+    self.price = order_details['price']
+    if (driver_details = order_details['driver'])
+      self.driver_name = driver_details['name']
+      self.driver_mobile = driver_details['phone_number']
+      self.driver_license = driver_details['license_plate']
     end
-    self.completed_at = Time.now if (order_details["status"] == "completed")
+    self.completed_at = Time.now if order_details['status'] == 'completed'
     self
   end
 
@@ -92,37 +93,37 @@ def start_polling_status
   end
 
   def self.set_vehicle_type(attributes)
-    attributes["vehicle"] =
-      if (attributes["gogovanOptionId"])
-        GogovanTransport.get_vehicle_tag(attributes["gogovanOptionId"])
-      elsif(attributes['offerId'])
-        Offer.find(attributes["offerId"]).try(:gogovan_transport).try(:vehicle_tag)
+    attributes['vehicle'] =
+      if attributes['gogovanOptionId']
+        GogovanTransport.get_vehicle_tag(attributes['gogovanOptionId'])
+      elsif attributes['offerId']
+        Offer.find(attributes['offerId']).try(:gogovan_transport).try(:vehicle_tag)
       else
         GogovanTransport.first.try(:vehicle_tag)
       end
     attributes
   end
 
   def self.update_vehicle_type(attributes)
-    if attributes["gogovanOptionId"] && attributes['offerId']
-      offer = Offer.find(attributes["offerId"])
-      offer && offer.update_column(:gogovan_transport_id, attributes["gogovanOptionId"])
+    if attributes['gogovanOptionId'] && attributes['offerId']
+      offer = Offer.find(attributes['offerId'])
+      offer&.update_column(:gogovan_transport_id, attributes['gogovanOptionId'])
     end
   end
 
   def notify_order_completed
-    message = I18n.t("gogovan.notify_completed", license: driver_license, booking_id: booking_id)
+    message = I18n.t('gogovan.notify_completed', license: driver_license, booking_id: booking_id)
 
     PushService.new.send_notification Channel::STAFF_CHANNEL, ADMIN_APP, {
       category: 'offer_delivery',
-      message:   message,
-      offer_id:  offer.id,
+      message: message,
+      offer_id: offer.id,
       author_id: User.system_user
     }
   end
 
   def order_completed?
-    previous_changes.key?("status") && previous_changes["status"].last == "completed"
+    previous_changes.key?('status') && previous_changes['status'].last == 'completed'
   end
 
   def pick_up_location

diff --git a/app/models/offer.rb b/app/models/offer.rb
@@ -287,7 +287,7 @@ def send_item_add_message
   end
 
   def send_message(body, user)
-    messages.create(body: body, sender: user) unless body.blank?
+    messages.create(body: body, sender: user, recipient: created_by) unless body.blank? || user.blank? || created_by.blank?
   end
 
   def assign_reviewer(reviewer)

diff --git a/app/models/printers_user.rb b/app/models/printers_user.rb
@@ -1,5 +1,5 @@
 class PrintersUser < ActiveRecord::Base
   belongs_to :printer
   belongs_to :user
-  validates :printer_id, uniqueness: { scope: [:user_id, :tag] }
-end
+  validates :printer_id, uniqueness: { scope: %i[user_id tag] }
+end
-Original file line number
+Diff line change
@@ Expand Up / @@ -5,5 +5,4 @@ def perform(message, channel) @@
         client = Slack::Web::Client.new
         client.chat_postMessage(channel: channel, text: message, as_user: true)
       end
     end