From 65816a980b4187eb7e6a3467d792a56bab0d8889 Mon Sep 17 00:00:00 2001
From: chenjing <chenjing@19930415@163.com>
Date: Tue, 20 Jun 2023 15:27:03 +0800
Subject: [PATCH] cla fix and add token verify

---
 app/controllers/projects_controller.rb        | 15 +++-
 app/controllers/users/clas_controller.rb      |  8 +-
 app/models/cla.rb                             |  3 +-
 app/models/user_cla.rb                        | 14 +++-
 .../projects/verify_auth_token_service.rb     | 83 +++++++++++++++++++
 .../pull_requests/send_journal_service.rb     |  2 +-
 app/views/users/clas/_detail.json.jbuilder    |  2 +-
 config/routes.rb                              |  1 +
 ...230620030511_add_sign_time_to_user_clas.rb |  5 ++
 9 files changed, 123 insertions(+), 10 deletions(-)
 create mode 100644 app/services/projects/verify_auth_token_service.rb
 create mode 100644 db/migrate/20230620030511_add_sign_time_to_user_clas.rb

diff --git a/app/controllers/projects_controller.rb b/app/controllers/projects_controller.rb
index 0d7caba05..e5dc7103a 100644
--- a/app/controllers/projects_controller.rb
+++ b/app/controllers/projects_controller.rb
@@ -4,9 +4,9 @@ class ProjectsController < ApplicationController
   include ProjectsHelper
   include Acceleratorable
 
-  before_action :require_login, except: %i[index branches branches_slice group_type_list simple show fork_users praise_users watch_users recommend banner_recommend about menu_list]
-  before_action :require_profile_completed, only: [:create, :migrate]
-  before_action :load_repository, except: %i[index group_type_list migrate create recommend banner_recommend]
+  before_action :require_login, except: %i[index branches branches_slice group_type_list simple show fork_users praise_users watch_users recommend banner_recommend about menu_list verify_auth_token]
+  before_action :require_profile_completed, only: [:create, :migrate,:verify_auth_token]
+  before_action :load_repository, except: %i[index group_type_list migrate create recommend banner_recommend verify_auth_token]
   before_action :authorizate_user_can_edit_project!, only: %i[update]
   before_action :project_public?, only: %i[fork_users praise_users watch_users]
   before_action :request_limit, only: %i[index]
@@ -63,6 +63,15 @@ class ProjectsController < ApplicationController
     tip_exception(e.message)
   end
 
+  def verify_auth_token
+    data = Projects::VerifyAuthTokenService.call(params[:clone_addr], params[:auth_token])
+    if data
+      render_ok
+    else
+      render_error('token验证不通过') 
+    end
+  end
+
   def migrate
     Projects::MigrateForm.new(mirror_params).validate!
 
diff --git a/app/controllers/users/clas_controller.rb b/app/controllers/users/clas_controller.rb
index 51a93819b..b1e09cacc 100644
--- a/app/controllers/users/clas_controller.rb
+++ b/app/controllers/users/clas_controller.rb
@@ -11,14 +11,16 @@ class Users::ClasController <  Users::BaseController
 
     def create
         @user_cla = current_user.user_clas.find_by(cla_id: params[:cla_id])
-        if @user_cla
-            @user_cla.update_attributes(state: 1)
-        else
+        if @user_cla.nil?
             ActiveRecord::Base.transaction do
                 Users::UserClaForm.new(user_cla_params).validate!
                 @user_cla = UserCla.build(user_cla_params, current_user.id)
                 
             end
+        elsif @user_cla.state == "failed"
+            @user_cla.update_by_params(user_cla_params)
+        elsif @user_cla.state == "signed"
+            return render_error('协议生效中，请勿重复签署') 
         end
         render_ok
         rescue Exception => e
diff --git a/app/models/cla.rb b/app/models/cla.rb
index fca050430..6bbfb6143 100644
--- a/app/models/cla.rb
+++ b/app/models/cla.rb
@@ -40,6 +40,7 @@ class Cla < ApplicationRecord
         user_clas.where(user_id: user_id, state:1).present?
     end
     def fresh_count
-        update(count:self.users.count)
+        number = self.user_clas.where(state: 1).count
+        update(count: number)
     end
 end
diff --git a/app/models/user_cla.rb b/app/models/user_cla.rb
index 848a825db..b109a74fa 100644
--- a/app/models/user_cla.rb
+++ b/app/models/user_cla.rb
@@ -10,6 +10,7 @@
 #  state      :integer          default("0")
 #  created_at :datetime         not null
 #  updated_at :datetime         not null
+#  sign_time  :datetime
 #
 # Indexes
 #
@@ -22,7 +23,8 @@ class UserCla < ApplicationRecord
     belongs_to :cla
 # identity 0: 教师教授 1: 学生, 2: 专业人士, 3: 开发者
     enum state: { deafult: 0, signed: 1, failed: 2}
-    after_create do 
+ 
+    after_save do
         cla.fresh_count
     end
 
@@ -35,10 +37,20 @@ class UserCla < ApplicationRecord
                     cla_id: params[:cla_id],
                     real_name: params[:real_name], 
                     email: params[:email],
+                    sign_time: Time.now,
                     state: 1
                 )
     end
 
+    def update_by_params(params)
+        update(\
+            state: 1,
+            sign_time: Time.now,
+            real_name: params[:real_name], 
+            email: params[:email],
+        )
+    end
+
     def fresh_pull_request
         project_ids = cla.organization.projects.pluck(:id)
         if state == "signed"
diff --git a/app/services/projects/verify_auth_token_service.rb b/app/services/projects/verify_auth_token_service.rb
new file mode 100644
index 000000000..1318bb9db
--- /dev/null
+++ b/app/services/projects/verify_auth_token_service.rb
@@ -0,0 +1,83 @@
+class Projects::VerifyAuthTokenService < ApplicationService
+    attr_accessor :url, :token
+
+    def initialize(url, token)
+        @url   = url
+        @token = token
+        @repo = nil
+        @owner = nil
+        @website = nil
+        @success = nil
+    end
+
+    def call 
+        Rails.logger.info("###### VerifyAuthTokenService begin ######")
+        regular_url
+        to_verify
+        Rails.logger.info("##### VerifyAuthTokenService end ######")
+        return @success
+    end
+
+    private 
+    def regular_url
+        regx = /\/\/[\s\S]*.git$/  #获取字串
+        data = (regx.match @url).to_s[2..-5].split("/")
+        @website = data[0]
+        @owner  = data[1]
+        @repo = data[2]
+    end
+
+
+    def to_verify
+        data = case @website
+        when "github.com"
+            github_verify
+        when "gitlab.com"
+            gitlab_verify
+        when "gitee.com"
+            gitee_verify
+        end
+    end
+
+    def gitee_verify
+        url = "/api/v5/repos/#{@owner}/#{@repo}"
+        api_url=  "https://gitee.com"
+        client = Faraday.new(url: api_url)
+        client.options["open_timeout"] = 1
+        client.options["timeout"] = 1
+        client.options["write_timeout"] = 1
+        req_params={
+            access_token: @token,
+            owner: @owner,
+            repo: @repo
+        }
+        response = client.public_send("get", url, req_params)
+        @success = true if response.status == 200 
+    end
+
+    def github_verify
+        url = "/octocat"
+        api_url=  "https://api.github.com"
+        client = Faraday.new(url: api_url)
+        client.options["open_timeout"] = 1
+        client.options["timeout"] = 1
+        client.options["write_timeout"] = 1
+        client.headers["Authorization"] = "Bearer #{@token}"
+        response = client.public_send("get", url)
+        @success = true if response.status == 200 
+    end
+
+    def gitlab_verify
+        url = "/api/v4/projects"
+        api_url=  "https://gitlab.com"
+        client = Faraday.new(url: api_url)
+        client.options["open_timeout"] = 1
+        client.options["timeout"] = 1
+        client.options["write_timeout"] = 1
+        req_params={
+            private_token: @token
+        }
+        response = client.public_send("get", url, req_params)
+        @success = true if response.status == 200 
+    end
+end
\ No newline at end of file
diff --git a/app/services/pull_requests/send_journal_service.rb b/app/services/pull_requests/send_journal_service.rb
index 17f6fdabd..578faa4b9 100644
--- a/app/services/pull_requests/send_journal_service.rb
+++ b/app/services/pull_requests/send_journal_service.rb
@@ -20,7 +20,7 @@ class PullRequests::SendJournalService < ApplicationService
                     journalized_id: @issue.id ,
                     journalized_type: "Issue",
                     user_id: sender_id ,
-                    notes: "@#{@current_user.nickname} 您好！欢迎参与 #{@project.name} 的贡献。首次进行贡献请完成《<a href='/#{@project.owner.login}/cla/#{@project.owner.cla.key}' target='_blank'>#{@project.owner.cla.name}</a>》的签署，签署完成后，项目成员才可查看到您的合并请求",
+                    notes: "<b>#{@current_user.nickname}</b>您好！欢迎参与 #{@project.name} 的贡献。首次进行贡献请完成《<a href='/#{@project.owner.login}/cla/#{@project.owner.cla.key}' target='_blank'>#{@project.owner.cla.name}</a>》的签署，签署完成后，项目成员才可查看到您的合并请求",
                 }
                 journal = Journal.new journal_params
                 if journal.save
diff --git a/app/views/users/clas/_detail.json.jbuilder b/app/views/users/clas/_detail.json.jbuilder
index 5b6d246e5..106145f6e 100644
--- a/app/views/users/clas/_detail.json.jbuilder
+++ b/app/views/users/clas/_detail.json.jbuilder
@@ -2,7 +2,7 @@ json.id user_cla.id
 json.real_name user_cla.real_name
 json.email user_cla.email
 json.state user_cla.state
-json.created_at format_time(user_cla.created_at)
+json.created_at format_time(user_cla.sign_time)
 json.cla do 
     json.partial! "/organizations/clas/detail", locals: {cla: user_cla.cla}
 end
diff --git a/config/routes.rb b/config/routes.rb
index 90526f9e6..0d04c498a 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -241,6 +241,7 @@ Rails.application.routes.draw do
         get :group_type_list
         get :recommend
         get :banner_recommend
+        post :verify_auth_token
       end
     end
 
diff --git a/db/migrate/20230620030511_add_sign_time_to_user_clas.rb b/db/migrate/20230620030511_add_sign_time_to_user_clas.rb
new file mode 100644
index 000000000..f913f244f
--- /dev/null
+++ b/db/migrate/20230620030511_add_sign_time_to_user_clas.rb
@@ -0,0 +1,5 @@
+class AddSignTimeToUserClas < ActiveRecord::Migration[5.2]
+  def change
+    add_column :user_clas, :sign_time, :datetime
+  end
+end