diff --git a/src/clj/auto_ap/datomic/reports.clj b/src/clj/auto_ap/datomic/reports.clj deleted file mode 100644 index 4cf84daa..00000000 --- a/src/clj/auto_ap/datomic/reports.clj +++ /dev/null @@ -1,68 +0,0 @@ -(ns auto-ap.datomic.reports - (:require - [auto-ap.datomic - :refer [add-sorter-fields - apply-pagination - apply-sort-3 - conn - merge-query - pull-many - query2]] - [auto-ap.graphql.utils :refer [can-see-client? extract-client-ids]] - [clj-time.coerce :as c] - [datomic.api :as dc] - [clojure.set :as set])) - -(def default-read '[:db/id :report/client :report/created :report/url :report/name :report/creator]) - -(defn raw-graphql-ids [db args] - - (let [valid-clients (extract-client-ids (:clients args) - (:client-id args) - (when (:client-code args) - [:client/code (:client-code args)])) - query (cond-> {:query {:find [] - :in '[$ [?c ...]] - :where '[[?e :report/client ?c]]} - :args [db valid-clients]} - - - (:sort args) (add-sorter-fields {"client" ['[?e :report/client ?c] - '[?c :client/name ?sort-client]] - "created" ['[?e :report/created ?sort-created]] - "creator" ['[?e :report/creator ?sort-creator]] - "name" ['[?e :report/name ?sort-name] - ]} - args) - - true - (merge-query {:query {:find ['?sort-default '?e] :where ['[?e :report/created ?sort-default]]}}))] - (->> (query2 query) - (apply-sort-3 (update args :sort conj {:sort-key "default-2" :asc true})) - (apply-pagination args)))) - -(defn graphql-results [ids db args] - (let [results (->> (pull-many db default-read ids) - (map #(update % :report/created c/from-date)) - (group-by :db/id)) - valid-clients (extract-client-ids (:clients args) - (:client-id args) - (when (:client-code args) - [:client/code (:client-code args)]))] - (->> ids - (map results) - (filter identity) - - (map first) - (filter (fn [r] - (let [used-clients (set (map :db/id (:report/client r)))] - (= used-clients - (set/intersection valid-clients - used-clients)))))))) - -(defn get-graphql [args] - (let [db (dc/db conn) - {ids-to-retrieve :ids matching-count :count} (raw-graphql-ids db args)] - - [(->> (graphql-results ids-to-retrieve db args)) - matching-count])) diff --git a/src/clj/auto_ap/ssr/auth.clj b/src/clj/auto_ap/ssr/auth.clj index b5afa02e..6f863dc4 100644 --- a/src/clj/auto_ap/ssr/auth.clj +++ b/src/clj/auto_ap/ssr/auth.clj @@ -1,6 +1,16 @@ -(ns auto-ap.ssr.auth) +(ns auto-ap.ssr.auth + (:require [buddy.sign.jwt :as jwt] + [config.core :refer [env]])) (defn logout [request] {:status 301 :headers {"Location" "/login"} :session {}}) + + +(defn impersonate [request] + {:status 200 + :session {:identity (dissoc (jwt/unsign (get-in request [:query-params "jwt"]) + (:jwt-secret env) + {:alg :hs512}) + :exp)}}) diff --git a/src/clj/auto_ap/ssr/company/yodlee.clj b/src/clj/auto_ap/ssr/company/yodlee.clj index eb619894..699c40fa 100644 --- a/src/clj/auto_ap/ssr/company/yodlee.clj +++ b/src/clj/auto_ap/ssr/company/yodlee.clj @@ -9,7 +9,7 @@ pull-attr pull-many query2]] - [auto-ap.graphql.utils :refer [is-admin?]] + [auto-ap.graphql.utils :refer [assert-can-see-client is-admin?]] [auto-ap.ssr-routes :as ssr-routes] [auto-ap.ssr.components :as com] [auto-ap.ssr.grid-page-helper :as helper] @@ -94,7 +94,10 @@ fastlink.open({fastLinkURL: '%s', ] [:div])))) -(defn reauthenticate [{:keys [form-params]}] +(defn reauthenticate [{:keys [form-params identity]}] + (assert-can-see-client identity (-> (dc/pull (dc/db conn) '[{:yodlee-provider-account/client [:db/id]}] (Long/parseLong (get form-params "id"))) + :yodlee-provider-account/client + :db/id)) (html-response (com/modal {} diff --git a/src/clj/auto_ap/ssr/core.clj b/src/clj/auto_ap/ssr/core.clj index e0c4f160..a26400b0 100644 --- a/src/clj/auto_ap/ssr/core.clj +++ b/src/clj/auto_ap/ssr/core.clj @@ -25,6 +25,7 @@ (def key->handler (-> {:logout auth/logout + :impersonate (wrap-client-redirect-unauthenticated (wrap-secure (wrap-admin auth/impersonate))) :admin-history (wrap-client-redirect-unauthenticated (wrap-secure (wrap-admin history/page))) :admin-history-search (wrap-client-redirect-unauthenticated (wrap-secure (wrap-admin history/page))) :admin-history-inspect (wrap-client-redirect-unauthenticated (wrap-secure (wrap-admin history/inspect))) @@ -44,7 +45,7 @@ :company-yodlee-table (wrap-client-redirect-unauthenticated (wrap-secure company-yodlee/table)) :company-yodlee-fastlink-dialog (wrap-client-redirect-unauthenticated (wrap-secure company-yodlee/fastlink-dialog)) :company-yodlee-provider-account-refresh (wrap-client-redirect-unauthenticated (wrap-admin company-yodlee/refresh-provider-account)) - :company-yodlee-provider-account-reauthenticate (wrap-client-redirect-unauthenticated (wrap-admin company-yodlee/reauthenticate)) + :company-yodlee-provider-account-reauthenticate (wrap-client-redirect-unauthenticated (wrap-secure company-yodlee/reauthenticate)) :company-reports (wrap-client-redirect-unauthenticated (wrap-secure company-reports/page)) :company-reports-table (wrap-client-redirect-unauthenticated (wrap-secure company-reports/table)) :company-reports-delete (wrap-client-redirect-unauthenticated (wrap-admin company-reports/delete-report)) diff --git a/src/clj/auto_ap/ssr/grid_page_helper.clj b/src/clj/auto_ap/ssr/grid_page_helper.clj index 36b1782c..50d666e4 100644 --- a/src/clj/auto_ap/ssr/grid_page_helper.clj +++ b/src/clj/auto_ap/ssr/grid_page_helper.clj @@ -184,6 +184,7 @@ valid-clients (->> valid-clients (take 20) set)] + (println "VALID CLIENTS ARE" valid-clients) (handler (assoc request :trimmed-clients valid-clients))))) (defn table-route [grid-spec] diff --git a/src/clj/auto_ap/ssr/pos/sales_orders.clj b/src/clj/auto_ap/ssr/pos/sales_orders.clj index 3ae3dbcd..7398c9f7 100644 --- a/src/clj/auto_ap/ssr/pos/sales_orders.clj +++ b/src/clj/auto_ap/ssr/pos/sales_orders.clj @@ -150,6 +150,7 @@ true (merge-query {:query {:find ['?sort-default '?e]}}))] + (clojure.pprint/pprint query) (cond->> (query2 query) true (apply-sort-3 query-params) true (apply-pagination query-params)))) diff --git a/src/cljc/auto_ap/ssr_routes.cljc b/src/cljc/auto_ap/ssr_routes.cljc index 79f6edce..282fc13d 100644 --- a/src/cljc/auto_ap/ssr_routes.cljc +++ b/src/cljc/auto_ap/ssr_routes.cljc @@ -1,6 +1,7 @@ (ns auto-ap.ssr-routes) -(def routes {"logout" :logout +(def routes {"impersonate" :impersonate + "logout" :logout "search" :search "invoice" {"/glimpse" {"" {:get :invoice-glimpse :post :invoice-glimpse-upload diff --git a/src/cljs/auto_ap/views/pages/admin/users/table.cljs b/src/cljs/auto_ap/views/pages/admin/users/table.cljs index 3decaa90..7baa9576 100644 --- a/src/cljs/auto_ap/views/pages/admin/users/table.cljs +++ b/src/cljs/auto_ap/views/pages/admin/users/table.cljs @@ -1,11 +1,32 @@ (ns auto-ap.views.pages.admin.users.table - (:require - [clojure.string :as str] - [re-frame.core :as re-frame] - [auto-ap.views.utils :refer [action-cell-width]] - [auto-ap.views.pages.admin.users.form :as form] + (:require [auto-ap.views.components.buttons :as buttons] - [auto-ap.views.components.grid :as grid])) + [auto-ap.views.components.grid :as grid] + [auto-ap.views.pages.admin.users.form :as form] + [auto-ap.views.utils + :refer [action-cell-width dispatch-event with-user]] + [clojure.string :as str] + [re-frame.core :as re-frame])) + +(re-frame/reg-event-fx + ::impersonated + (fn [_ [_ impersonate-jwt]] + (println "SUCCESED") + (.setItem js/localStorage "jwt" impersonate-jwt) + (.removeItem js/localStorage "last-client-id" nil) + (.removeItem js/localStorage "last-selected-clients" nil) + (.reload (.-location js/document ) true) + {})) + +(re-frame/reg-event-fx + ::impersonate + [with-user] + (fn [{:keys [db user]} [_ impersonate-jwt]] + (js/alert "HI") + + {:http {:method "GET" + :uri (str "/impersonate?jwt=" impersonate-jwt) + :on-success [::impersonated impersonate-jwt]}})) (re-frame/reg-event-fx ::params-changed @@ -50,11 +71,7 @@ [grid/cell {} role] [grid/cell {} (str/join ", " (map :name clients))] [grid/cell {} - [:a.button {:on-click (fn [] - (.setItem js/localStorage "jwt" (:impersonate-jwt c)) - (.removeItem js/localStorage "last-client-id" nil) - (.removeItem js/localStorage "last-selected-clients" nil) - (.reload (.-location js/document ) true))} + [:a.button {:on-click (dispatch-event [::impersonate (:impersonate-jwt c)])} "Impersonate"]