fix: Twitter inbox creation error (#1783)

fixes #1708 Co-authored-by: Pranav <pranav@chatwoot.com>
2021-02-16 19:35:10 +05:30 · 2021-02-16 19:35:10 +05:30 · 850041bc1d
commit 850041bc1d
parent ac15f08995
11 changed files with 156 additions and 62 deletions
--- a/app/controllers/api/v1/accounts/twitter/authorizations_controller.rb
+++ b/app/controllers/api/v1/accounts/twitter/authorizations_controller.rb
@ -0,0 +1,29 @@
 class Api::V1::Accounts::Twitter::AuthorizationsController < Api::V1::Accounts::BaseController
  include TwitterConcern
  before_action :check_authorization
  def create
    @response = twitter_client.request_oauth_token(url: twitter_callback_url)
    if @response.status == '200'
      ::Redis::Alfred.setex(oauth_token, Current.account.id)
      render json: { success: true, url: oauth_authorize_endpoint(oauth_token) }
    else
      render json: { success: false }, status: :unprocessable_entity
    end
  end
  private
  def oauth_token
    parsed_body['oauth_token']
  end
  def oauth_authorize_endpoint(oauth_token)
    "#{twitter_api_base_url}/oauth/authorize?oauth_token=#{oauth_token}"
  end
  def check_authorization
    raise Pundit::NotAuthorizedError unless Current.account_user.administrator?
  end
 end
--- a/app/controllers/concerns/twitter_concern.rb
+++ b/app/controllers/concerns/twitter_concern.rb
@ -0,0 +1,26 @@
 module TwitterConcern
  extend ActiveSupport::Concern
  private
  def parsed_body
    @parsed_body ||= Rack::Utils.parse_nested_query(@response.raw_response.body)
  end
  def host
    ENV.fetch('FRONTEND_URL', '')
  end
  def twitter_client
    Twitty::Facade.new do |config|
      config.consumer_key = ENV.fetch('TWITTER_CONSUMER_KEY', nil)
      config.consumer_secret = ENV.fetch('TWITTER_CONSUMER_SECRET', nil)
      config.base_url = twitter_api_base_url
      config.environment = ENV.fetch('TWITTER_ENVIRONMENT', '')
    end
  end
  def twitter_api_base_url
    'https://api.twitter.com'
  end
 end
--- a/app/controllers/twitter/authorizations_controller.rb
+++ b/app/controllers/twitter/authorizations_controller.rb
@ -1,30 +0,0 @@
 class Twitter::AuthorizationsController < Twitter::BaseController
  def create
    @response = twitter_client.request_oauth_token(url: twitter_callback_url)
    if @response.status == '200'
      ::Redis::Alfred.setex(oauth_token, account.id)
      redirect_to oauth_authorize_endpoint(oauth_token)
    else
      redirect_to app_new_twitter_inbox_url(account_id: account.id)
    end
  end
  private
  def oauth_token
    parsed_body['oauth_token']
  end
  def user
    @user ||= User.find_by(id: params[:user_id])
  end
  def account
    @account ||= user.account
  end
  def oauth_authorize_endpoint(oauth_token)
    "#{twitter_api_base_url}/oauth/authorize?oauth_token=#{oauth_token}"
  end
 end
--- a/app/controllers/twitter/base_controller.rb
+++ b/app/controllers/twitter/base_controller.rb
@ -1,24 +1,3 @@
 class Twitter::BaseController < ApplicationController
-  private
+  include TwitterConcern
  def parsed_body
    @parsed_body ||= Rack::Utils.parse_nested_query(@response.raw_response.body)
  end
  def host
    ENV.fetch('FRONTEND_URL', '')
  end
  def twitter_client
    Twitty::Facade.new do |config|
      config.consumer_key = ENV.fetch('TWITTER_CONSUMER_KEY', nil)
      config.consumer_secret = ENV.fetch('TWITTER_CONSUMER_SECRET', nil)
      config.base_url = twitter_api_base_url
      config.environment = ENV.fetch('TWITTER_ENVIRONMENT', '')
    end
  end
  def twitter_api_base_url
    'https://api.twitter.com'
  end
 end
--- a/app/controllers/twitter/callbacks_controller.rb
+++ b/app/controllers/twitter/callbacks_controller.rb
@ -1,4 +1,6 @@
 class Twitter::CallbacksController < Twitter::BaseController
  include TwitterConcern
  def show
    return redirect_to twitter_app_redirect_url if permitted_params[:denied]
--- a/app/javascript/dashboard/api/channel/twitterClient.js
+++ b/app/javascript/dashboard/api/channel/twitterClient.js
@ -0,0 +1,14 @@
 /* global axios */
 import ApiClient from '../ApiClient';
 class TwitterClient extends ApiClient {
  constructor() {
    super('twitter', { accountScoped: true });
  }
  generateAuthorization() {
    return axios.post(`${this.url}/authorization`);
  }
 }
 export default new TwitterClient();
--- a/app/javascript/dashboard/api/specs/channel/twitterClient.spec.js
+++ b/app/javascript/dashboard/api/specs/channel/twitterClient.spec.js
@ -0,0 +1,9 @@
 import TwitterClient from '../../channel/twitterClient';
 import ApiClient from '../../ApiClient';
 describe('#TwitterClient', () => {
  it('creates correct instance', () => {
    expect(TwitterClient).toBeInstanceOf(ApiClient);
    expect(TwitterClient).toHaveProperty('generateAuthorization');
  });
 });
--- a/app/javascript/dashboard/i18n/locale/en/inboxMgmt.json
+++ b/app/javascript/dashboard/i18n/locale/en/inboxMgmt.json
@ -38,7 +38,8 @@
        "PICK_A_VALUE": "Pick a value"
      },
      "TWITTER": {
-        "HELP": "To add your Twitter profile as a channel, you need to authenticate your Twitter Profile by clicking on 'Sign in with Twitter' "
+        "HELP": "To add your Twitter profile as a channel, you need to authenticate your Twitter Profile by clicking on 'Sign in with Twitter' ",
        "ERROR_MESSAGE": "There was an error connecting to Twitter, please try again"
      },
      "WEBSITE_CHANNEL": {
        "TITLE": "Website channel",
--- a/app/javascript/dashboard/routes/dashboard/settings/inbox/channels/Twitter.vue
+++ b/app/javascript/dashboard/routes/dashboard/settings/inbox/channels/Twitter.vue
@ -1,27 +1,42 @@
 <template>
  <div class="wizard-body columns content-box small-9">
    <div class="login-init full-height text-center">
-      <form method="POST" action="/twitter/authorization">
+      <form @submit.prevent="requestAuthorization">
        <input type="hidden" name="user_id" :value="currentUserID" />
        <woot-submit-button
          icon-class="ion-social-twitter"
          button-text="Sign in with Twitter"
          type="submit"
          :loading="isRequestingAuthorization"
        />
      </form>
      <p>{{ $t('INBOX_MGMT.ADD.TWITTER.HELP') }}</p>
    </div>
  </div>
 </template>
 <script>
-import { mapGetters } from 'vuex';
+import alertMixin from 'shared/mixins/alertMixin';
 import twitterClient from '../../../../../api/channel/twitterClient';
 export default {
-  computed: {
+  mixins: [alertMixin],
-    ...mapGetters({
+  data() {
-      currentUserID: 'getCurrentUserID',
+    return { isRequestingAuthorization: false };
-    }),
+  },
  methods: {
    async requestAuthorization() {
      try {
        this.isRequestingAuthorization = true;
        const response = await twitterClient.generateAuthorization();
        const {
          data: { url },
        } = response;
        window.location.href = url;
      } catch (error) {
        this.showAlert(this.$t('INBOX_MGMT.ADD.TWITTER.ERROR_MESSAGE'));
      } finally {
        this.isRequestingAuthorization = false;
      }
    },
  },
 };
 </script>
--- a/config/routes.rb
+++ b/config/routes.rb
@ -107,6 +107,10 @@ Rails.application.routes.draw do
            end
          end
          namespace :twitter do
            resource :authorization, only: [:create]
          end
          resources :webhooks, except: [:show]
          namespace :integrations do
            resources :apps, only: [:index, :show]
@ -202,7 +206,6 @@ Rails.application.routes.draw do
  post 'webhooks/twitter', to: 'api/v1/webhooks#twitter_events'
  namespace :twitter do
    resource :authorization, only: [:create]
    resource :callback, only: [:show]
  end
--- a/spec/controllers/api/v1/accounts/twitter/authorizations_controller_spec.rb
+++ b/spec/controllers/api/v1/accounts/twitter/authorizations_controller_spec.rb
@ -0,0 +1,46 @@
 require 'rails_helper'
 RSpec.describe 'Twitter Authorization API', type: :request do
  let(:account) { create(:account) }
  describe 'POST /api/v1/accounts/{account.id}/twitter/authorization' do
    context 'when it is an unauthenticated user' do
      it 'returns unauthorized' do
        post "/api/v1/accounts/#{account.id}/twitter/authorization"
        expect(response).to have_http_status(:unauthorized)
      end
    end
    context 'when it is an authenticated user' do
      let(:agent) { create(:user, account: account, role: :agent) }
      let(:administrator) { create(:user, account: account, role: :administrator) }
      let(:twitter_client) { double }
      let(:twitter_response) { double }
      let(:raw_response) { double }
      it 'returns unathorized for agent' do
        post "/api/v1/accounts/#{account.id}/twitter/authorization",
             headers: agent.create_new_auth_token,
             as: :json
        expect(response).to have_http_status(:unauthorized)
      end
      it 'creates a new authorization and returns the redirect url' do
        allow(Twitty::Facade).to receive(:new).and_return(twitter_client)
        allow(twitter_client).to receive(:request_oauth_token).and_return(twitter_response)
        allow(twitter_response).to receive(:status).and_return('200')
        allow(twitter_response).to receive(:raw_response).and_return(raw_response)
        allow(raw_response).to receive(:body).and_return('oauth_token=test_token')
        post "/api/v1/accounts/#{account.id}/twitter/authorization",
             headers: administrator.create_new_auth_token,
             as: :json
        expect(response).to have_http_status(:success)
        expect(JSON.parse(response.body)['url']).to include('test_token')
      end
    end
  end
 end