[TBT-381] - Sync and Create Subscription

Author: mshahzaib-travis

lib/travis/api/app/endpoint/assembla.rb

@@ -3,33 +3,35 @@
 require 'travis/remote_vcs/user'
 require 'travis/remote_vcs/repository'
 require 'travis/api/v3/billing_client'
+require 'travis/services/assembla_user_service'
 require_relative '../jwt_utils'
 
 class Travis::Api::App
   class Endpoint
+    # Assembla integration endpoint for handling user authentication and organization setup
     class Assembla < Endpoint
       include Travis::Api::App::JWTUtils
+
+      REQUIRED_JWT_FIELDS = %w[name email login space_id id access_token refresh_token].freeze
+      CLUSTER_HEADER = 'HTTP_X_ASSEMBLA_CLUSTER'.freeze
+
+
       set prefix: '/assembla'
       set :check_auth, false
 
       before do
-        halt 403, { error: 'Deep integration not enabled' } unless deep_integration_enabled?
-        halt 403, { error: 'Invalid ASM cluster' } unless valid_asm_cluster?
-        begin
-          @jwt_payload = verify_jwt(request, Travis.config.assembla_jwt_secret)
-        rescue JWTUtils::UnauthorizedError => e
-          halt 401, { error: e.message }.to_json
-        end
+        validate_request!
       end
 
-      # POST /assembla/login
-      # Accepts a JWT, finds or creates a user, and signs them in
       post '/login' do
-        user = find_or_create_user(@jwt_payload)
-        sync_user(user.id)
-        create_org_subscription(user.id, @jwt_payload[:space_id])
+        service = Travis::Services::AssemblaUserService.new(@jwt_payload)
+        
+        user = service.find_or_create_user
+        org = service.find_or_create_organization(user)
+        service.create_org_subscription(user, org.id)
+
 
-        {
+        response = {
           user_id: user.id,
           login: user.login,
           token: user.token,
@@ -39,48 +41,28 @@ class Assembla < Endpoint
 
       private
 
-      def deep_integration_enabled?
-        Travis.config.deep_integration_enabled
-      end
-
-      def valid_asm_cluster?
-        allowed = Array(Travis.config.assembla_clusters.split(','))
-        cluster = request.env['HTTP_X_ASSEMBLA_CLUSTER']
-        allowed.include?(cluster)
+      def validate_request!
+        halt 403, { error: 'Deep integration not enabled' } unless deep_integration_enabled?
+        halt 403, { error: 'Invalid ASM cluster' } unless valid_asm_cluster?
+        @jwt_payload = verify_jwt(request)
+        check_required_fields
       end
 
-      # Finds or creates a user based on the payload
-      def find_or_create_user(payload)
-        required_fields = %w[name email login space_id]
-        missing = required_fields.select { |f| payload[f].nil? || payload[f].to_s.strip.empty? }
+      def check_required_fields
+        missing = REQUIRED_JWT_FIELDS.select { |f| @jwt_payload[f].nil? || @jwt_payload[f].to_s.strip.empty? }
         unless missing.empty?
           halt 400, { error: 'Missing required fields', missing: missing }.to_json
         end
-        attrs = {
-          name: payload['name'],
-          email: payload['email'],
-          login: payload['login'],
-          org_id: payload['space_id'],
-          vcs_type: 'AssemblaUser'
-        }
-        ::User.find_or_create_by!(attrs)
       end
 
-      def sync_user(user_id)
-        Travis::RemoteVCS::User.new.sync(user_id: user_id)
-      rescue => e
-        halt 500, { error: 'User sync failed', details: e.message }.to_json
+      def deep_integration_enabled?
+        Travis.config.deep_integration_enabled
       end
 
-      def create_org_subscription(user_id, space_id)
-        plan = 'beta_plan'
-        client = Travis::API::V3::BillingClient.new(user_id)
-        client.create_v2_subscription({
-          'plan' => plan,
-          'organization_id' => space_id,
-        })
-      rescue => e
-        halt 500, { error: 'Subscription creation failed', details: e.message }.to_json
+      def valid_asm_cluster?
+        allowed = Array(Travis.config.assembla_clusters.to_s.split(','))
+        cluster = request.env[CLUSTER_HEADER]
+        !cluster.nil? && allowed.include?(cluster)
       end
     end
   end

lib/travis/api/app/jwt_utils.rb

@@ -4,17 +4,18 @@ def extract_jwt_token(request)
       request.env['HTTP_AUTHORIZATION']&.split(' ')&.last
     end
 
-    def verify_jwt(request, secret)
+    def verify_jwt(request)
+      secret = Travis.config.assembla_jwt_secret
       token = extract_jwt_token(request)
-      raise UnauthorizedError, 'Missing JWT' unless token
+      
+      halt 401, { error: "Missing JWT" }.to_json  unless token
+      
       begin
         decoded, = JWT.decode(token, secret, true, { algorithm: 'HS256' })
         decoded
       rescue JWT::DecodeError => e
-        raise UnauthorizedError, "Invalid JWT: #{e.message}"
+        halt 401, { error: "Invalid JWT: #{e.message}" }.to_json
       end
     end
-
-    class UnauthorizedError < StandardError; end
   end
 end

lib/travis/model/user.rb

@@ -22,8 +22,10 @@ class User < Travis::Model
   after_create :create_the_tokens
   before_save :track_previous_changes
 
-  serialize :github_scopes
+  alias_attribute :vcs_oauth_token, :github_oauth_token
 
+  serialize :github_scopes
+  serialize :vcs_oauth_token, EncryptedColumn.new
   serialize :github_oauth_token, Travis::Model::EncryptedColumn.new
 
   before_save do

lib/travis/services/assembla_user_service.rb

@@ -0,0 +1,69 @@
+module Travis
+  module Services
+    class AssemblaUserService
+      class SyncError < StandardError; end
+
+      def initialize(payload)
+        @payload = payload
+      end
+
+      def find_or_create_user
+        attrs = {
+          vcs_id: @payload['id'],
+          email: @payload['email'],
+          login: @payload['login'],
+          vcs_type: 'AssemblaUser'
+        }
+
+        user = ::User.find_or_create_by!(attrs)
+        user.update(vcs_oauth_token: @payload['refresh_token'])
+        sync_user(user.id)
+        user
+      end
+
+      def find_or_create_organization(user)
+        attrs = {
+          vcs_id: @payload['space_id'], 
+          vcs_type: 'AssemblaOrganization'
+        }
+        user.organizations.find_or_create_by(attrs)
+      end
+
+      def create_org_subscription(user, organization_id)
+        client = Travis::API::V3::BillingClient.new(user.id)
+        client.create_v2_subscription(subscription_params(user, organization_id))
+      rescue => e
+        { error: true, details: e.message }
+      end
+
+      private
+
+      def sync_user(user_id)
+        Travis::RemoteVCS::User.new.sync(user_id: user_id)
+      rescue => e
+        raise SyncError, "Failed to sync user: #{e.message}"
+      end
+
+      def subscription_params(user, organization_id)
+        {
+          'plan' => 'beta_plan',
+          'organization_id' => organization_id,
+          'billing_info' => billing_info(user),
+          'credit_card_info' => { 'token' => nil }
+        }
+      end
+
+      def billing_info(user)
+        {
+          'address' => "System-generated for user #{user.login} (#{user.id})",
+          'city' => "AutoCity-#{user.id}",
+          'country' => 'Poland',
+          'first_name' => user.name&.split&.first,
+          'last_name' => user.name&.split&.last,
+          'zip_code' => "000#{user.id}",
+          'billing_email' => user.email
+        }
+      end
+    end
+  end
+end

spec/lib/services/assembla_user_service_spec.rb

@@ -0,0 +1,144 @@
+require 'spec_helper'
+
+RSpec.describe Travis::Services::AssemblaUserService do
+  let(:payload) do
+    {
+      'id' => '12345',
+      'email' => '[email protected]',
+      'login' => 'testuser',
+      'refresh_token' => 'refresh123',
+      'space_id' => '67890'
+    }
+  end
+
+  let(:service) { described_class.new(payload) }
+  let(:user) { double('User', id: 1, login: 'testuser', email: '[email protected]', name: 'Test User') }
+  let(:organization) { double('Organization', id: 2) }
+
+  describe '#initialize' do
+    it 'stores the payload' do
+      expect(service.instance_variable_get(:@payload)).to eq(payload)
+    end
+  end
+
+  describe '#find_or_create_user' do
+    let(:expected_attrs) do
+      {
+        vcs_id: '12345',
+        email: '[email protected]',
+        login: 'testuser',
+        vcs_type: 'AssemblaUser'
+      }
+    end
+
+    before do
+      allow(::User).to receive(:find_or_create_by!).with(expected_attrs).and_return(user)
+      allow(user).to receive(:update)
+      allow(Travis::RemoteVCS::User).to receive(:new).and_return(double(sync: true))
+    end
+
+    it 'finds or creates a user with correct attributes' do
+      expect(::User).to receive(:find_or_create_by!).with(expected_attrs)
+      service.find_or_create_user
+    end
+
+    it 'returns the user' do
+      result = service.find_or_create_user
+      expect(result).to eq(user)
+    end
+
+    context 'when sync fails' do
+      it 'raises SyncError' do
+        allow(Travis::RemoteVCS::User).to receive(:new).and_raise(StandardError.new('Sync failed'))
+        
+        expect { service.find_or_create_user }.to raise_error(
+          Travis::Services::AssemblaUserService::SyncError,
+          'Failed to sync user: Sync failed'
+        )
+      end
+    end
+  end
+
+  describe '#find_or_create_organization' do
+    let(:organizations_relation) { double('organizations') }
+    let(:expected_attrs) do
+      {
+        vcs_id: '67890',
+        vcs_type: 'AssemblaOrganization'
+      }
+    end
+
+    before do
+      allow(user).to receive(:organizations).and_return(organizations_relation)
+    end
+
+    it 'finds or creates organization with correct attributes' do
+      expect(organizations_relation).to receive(:find_or_create_by).with(expected_attrs).and_return(organization)
+      
+      result = service.find_or_create_organization(user)
+      expect(result).to eq(organization)
+    end
+  end
+
+  describe '#create_org_subscription' do
+    let(:billing_client) { double('BillingClient') }
+    let(:expected_subscription_params) do
+      {
+        'plan' => 'beta_plan',
+        'organization_id' => 2,
+        'billing_info' => {
+          'address' => 'System-generated for user testuser (1)',
+          'city' => 'AutoCity-1',
+          'country' => 'Poland',
+          'first_name' => 'Test',
+          'last_name' => 'User',
+          'zip_code' => '0001',
+          'billing_email' => '[email protected]'
+        },
+        'credit_card_info' => { 'token' => nil }
+      }
+    end
+
+    before do
+      allow(Travis::API::V3::BillingClient).to receive(:new).with(1).and_return(billing_client)
+    end
+
+    it 'creates a billing client with user id' do
+      expect(Travis::API::V3::BillingClient).to receive(:new).with(1)
+      allow(billing_client).to receive(:create_v2_subscription)
+      
+      service.create_org_subscription(user, 2)
+    end
+
+    it 'calls create_v2_subscription with correct params' do
+      expect(billing_client).to receive(:create_v2_subscription).with(expected_subscription_params)
+      
+      service.create_org_subscription(user, 2)
+    end
+
+    context 'when billing client raises an error' do
+      let(:error) { StandardError.new('Billing error') }
+
+      it 'returns error hash' do
+        allow(billing_client).to receive(:create_v2_subscription).and_raise(error)
+        
+        result = service.create_org_subscription(user, 2)
+        expect(result).to eq({ error: true, details: 'Billing error' })
+      end
+    end
+
+    context 'when user has no name' do
+      let(:user_without_name) { double('User', id: 1, login: 'testuser', email: '[email protected]', name: nil) }
+
+      it 'handles nil name gracefully' do
+        expected_params = expected_subscription_params.dup
+        expected_params['billing_info']['first_name'] = nil
+        expected_params['billing_info']['last_name'] = nil
+
+        expect(billing_client).to receive(:create_v2_subscription).with(expected_params)
+        
+        service.create_org_subscription(user_without_name, 2)
+      end
+    end
+  end
+end