From d928deaa2f201b7fe662c7941c02a73aef63e46b Mon Sep 17 00:00:00 2001 From: Yan Date: Wed, 8 Nov 2017 17:12:36 +0630 Subject: [PATCH 01/23] fix dining and change price for total price not (qty*unit_price) for sale item in bill --- app/models/dining_charge.rb | 38 ++++++++++++++++++++----------------- app/pdf/receipt_bill_pdf.rb | 4 ++-- 2 files changed, 23 insertions(+), 19 deletions(-) diff --git a/app/models/dining_charge.rb b/app/models/dining_charge.rb index bfd25efc..2d687850 100755 --- a/app/models/dining_charge.rb +++ b/app/models/dining_charge.rb @@ -17,7 +17,7 @@ class DiningCharge < ApplicationRecord if charge_type == 'hr' block_count, price = DiningCharge.charges(dining_charges_obj, dining_minutes, 'hr') elsif charge_type == 'day' - block_count, price = charges(dining_charges_obj, dining_minutes, 'day') + block_count, price = DiningCharge.charges(dining_charges_obj, dining_minutes, 'day') end end return block_count, price @@ -27,40 +27,44 @@ class DiningCharge < ApplicationRecord end + # dining charges calculate def self.charges(chargesObj, dining_minutes, type) solid_price = 0 charge_block = DiningCharge.convert_to_minutes(chargesObj.charge_block.utc.localtime.strftime('%H:%M')) result = dining_minutes / charge_block if result.to_i < 1 + # for dining minute is under charge_block return result.to_i,chargesObj.unit_price elsif result.to_i >= 1 solid_price = result * chargesObj.unit_price remain_value = dining_minutes % charge_block - rounding_block = DiningCharge.convert_to_minutes(chargesObj.time_rounding_block.utc.localtime.strftime('%H:%M')) - roundingblock = remain_value / rounding_block + rounding_time = DiningCharge.convert_to_minutes(chargesObj.time_rounding_block.utc.localtime.strftime('%H:%M')) + roundingblock = remain_value / rounding_time if roundingblock.to_i < 1 - return result.to_i, DiningCharge.check_rounding(chargesObj, solid_price) + # no time rounding block + return result.to_i, DiningCharge.check_rounding(chargesObj, solid_price, roundingblock) else solid_price += roundingblock * chargesObj.time_rounding_block_price - return result.to_i, DiningCharge.check_rounding(chargesObj, solid_price) - # remain_rounding = dining_minutes % charge_block - # if remain_rounding.to_i < 1 - # return DiningCharge.check_rounding(chargesObj, solid_price) - # else - # return solid_price - # end + return result.to_i, DiningCharge.check_rounding(chargesObj, solid_price, roundingblock) end end end - def self.check_rounding(chargesObj,solid_price) - if chargesObj.time_rounding == "down" - return solid_price - else - return solid_price += chargesObj.time_rounding_block_price - end + # check for rounding and calculate with rounding price + def self.check_rounding(chargesObj,solid_price, roundingblock) + rounding_block_remain = roundingblock % 1 + if chargesObj.time_rounding == "down" + return solid_price + else + # check and calc for time rounding block for up + if rounding_block_remain > 0 + return solid_price += chargesObj.time_rounding_block_price + else + return solid_price + end + end end def self.time_diff(start_time, end_time) diff --git a/app/pdf/receipt_bill_pdf.rb b/app/pdf/receipt_bill_pdf.rb index cb53c5f6..fe6b46b0 100755 --- a/app/pdf/receipt_bill_pdf.rb +++ b/app/pdf/receipt_bill_pdf.rb @@ -145,9 +145,9 @@ class ReceiptBillPdf < Prawn::Document sale_items.each do |item| # check for item not to show if item.price != 0 - sub_total += (item.qty*item.unit_price) + sub_total += item.price #(item.qty*item.unit_price) - comment for room charges qty = item.qty - total_price = item.qty*item.unit_price + total_price = item.price #item.qty*item.unit_price - comment for room charges price = item.unit_price product_name = item.product_name From a5d2b3b32b06a5cbd740de9a85650ccb5ca24f14 Mon Sep 17 00:00:00 2001 From: Yan Date: Wed, 8 Nov 2017 18:56:03 +0630 Subject: [PATCH 02/23] fix dining time --- .../settings/dining_charges_controller.rb | 20 +++++++++++-------- 1 file changed, 12 insertions(+), 8 deletions(-) diff --git a/app/controllers/settings/dining_charges_controller.rb b/app/controllers/settings/dining_charges_controller.rb index 576703ed..763f5086 100755 --- a/app/controllers/settings/dining_charges_controller.rb +++ b/app/controllers/settings/dining_charges_controller.rb @@ -16,9 +16,9 @@ class Settings::DiningChargesController < ApplicationController # GET /dining_charges/new def new @dining_charge = DiningCharge.new - @dining_charge.minimum_free_time="00:30" - @dining_charge.charge_block="02:00" - @dining_charge.time_rounding_block="00:15" + @dining_charge.minimum_free_time = "00:15:00".to_datetime + @dining_charge.charge_block= "02:00:00".to_datetime + @dining_charge.time_rounding_block="00:15:00".to_datetime end # GET /dining_charges/1/edit @@ -27,15 +27,19 @@ class Settings::DiningChargesController < ApplicationController # POST /dining_charges # POST /dining_charges.json - def create + def create @dining_charge = DiningCharge.new(dining_charge_params) @dining_charge.dining_facility_id = @settings_dining_facility.id + @dining_charge.minimum_free_time = DateTime.parse(dining_charge_params["minimum_free_time"]) + @dining_charge.charge_block = DateTime.parse(dining_charge_params["charge_block"]) + @dining_charge.time_rounding_block = DateTime.parse(dining_charge_params["time_rounding_block"]) + respond_to do |format| if @dining_charge.save if @table - format.html { redirect_to edit_settings_zone_table_path(@zone,@settings_dining_facility), notice: 'Dining charge was successfully created.' } + format.html { redirect_to settings_zone_table_path(@zone,@settings_dining_facility), notice: 'Dining charge was successfully created.' } else - format.html { redirect_to edit_settings_zone_room_path(@zone,@settings_dining_facility), notice: 'Dining charge was successfully created.' } + format.html { redirect_to settings_zone_room_path(@zone,@settings_dining_facility), notice: 'Dining charge was successfully created.' } end format.json { render :show, status: :created, location: @dining_charge } else @@ -56,9 +60,9 @@ class Settings::DiningChargesController < ApplicationController # @dining_charge.time_rounding_block = @dining_charge.time_rounding_block.to_datetime.advance(hours: +6, minutes: +30) # @dining_charge.save if @table - format.html { redirect_to edit_settings_zone_table_path(@zone,@settings_dining_facility), notice: 'Dining charge was successfully updated.' } + format.html { redirect_to settings_zone_table_path(@zone,@settings_dining_facility), notice: 'Dining charge was successfully updated.' } else - format.html { redirect_to edit_settings_zone_room_path(@zone,@settings_dining_facility), notice: 'Dining charge was successfully updated.' } + format.html { redirect_to settings_zone_table_path(@zone,@settings_dining_facility), notice: 'Dining charge was successfully updated.' } end format.json { render :show, status: :ok, location: @dining_charge } else From 845adf7d19952111f160642baedae6f4131283a9 Mon Sep 17 00:00:00 2001 From: Yan Date: Thu, 9 Nov 2017 10:56:03 +0630 Subject: [PATCH 03/23] install form --- app/views/install/_form.html.erb | 2 +- app/views/install/index.html.erb | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/app/views/install/_form.html.erb b/app/views/install/_form.html.erb index e165b51b..e1b78851 100755 --- a/app/views/install/_form.html.erb +++ b/app/views/install/_form.html.erb @@ -13,5 +13,5 @@ - + diff --git a/app/views/install/index.html.erb b/app/views/install/index.html.erb index 2c08db7e..80716f76 100755 --- a/app/views/install/index.html.erb +++ b/app/views/install/index.html.erb @@ -4,7 +4,7 @@
-

New Restaurant Installation

+

License Activation


Welcome to new installation of SmartSales Restaurant Edition

Please provide us with following details to setup necessary user account and base system settings.

From 66ae94c3e25bce7e29a5d2ad7b87e229ccbe564d Mon Sep 17 00:00:00 2001 From: Yan Date: Thu, 9 Nov 2017 11:51:49 +0630 Subject: [PATCH 04/23] fix dining charges for room --- app/controllers/application_controller.rb | 4 ++-- app/controllers/settings/dining_charges_controller.rb | 2 +- app/models/dining_charge.rb | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 949276cd..ce00dda9 100755 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -4,7 +4,7 @@ class ApplicationController < ActionController::Base protect_from_forgery with: :exception # lookup domain for db from provision - before_action :lookup_domain, :set_locale + before_action :lookup_domain, :set_locale helper_method :current_company,:current_login_employee,:current_user # alias_method :current_user, :current_login_employee,:current_user @@ -93,7 +93,7 @@ class ApplicationController < ActionController::Base end private - def check_installation + def check_license if current_company.nil? redirect_to install_path end diff --git a/app/controllers/settings/dining_charges_controller.rb b/app/controllers/settings/dining_charges_controller.rb index 763f5086..0f71d85c 100755 --- a/app/controllers/settings/dining_charges_controller.rb +++ b/app/controllers/settings/dining_charges_controller.rb @@ -62,7 +62,7 @@ class Settings::DiningChargesController < ApplicationController if @table format.html { redirect_to settings_zone_table_path(@zone,@settings_dining_facility), notice: 'Dining charge was successfully updated.' } else - format.html { redirect_to settings_zone_table_path(@zone,@settings_dining_facility), notice: 'Dining charge was successfully updated.' } + format.html { redirect_to settings_zone_room_path(@zone,@settings_dining_facility), notice: 'Dining charge was successfully updated.' } end format.json { render :show, status: :ok, location: @dining_charge } else diff --git a/app/models/dining_charge.rb b/app/models/dining_charge.rb index 2d687850..6eddbad4 100755 --- a/app/models/dining_charge.rb +++ b/app/models/dining_charge.rb @@ -35,7 +35,7 @@ class DiningCharge < ApplicationRecord result = dining_minutes / charge_block if result.to_i < 1 # for dining minute is under charge_block - return result.to_i,chargesObj.unit_price + return 1, result.to_i,chargesObj.unit_price elsif result.to_i >= 1 solid_price = result * chargesObj.unit_price From 121338677c9b8e4978133319311495d0eb50af87 Mon Sep 17 00:00:00 2001 From: Yan Date: Thu, 9 Nov 2017 14:41:35 +0630 Subject: [PATCH 05/23] add license --- app/controllers/application_controller.rb | 7 +++++-- app/helpers/application_helper.rb | 16 +--------------- app/models/license.rb | 8 ++++---- config/sx.yml | 3 ++- 4 files changed, 12 insertions(+), 22 deletions(-) diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index ce00dda9..956c90d0 100755 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -4,7 +4,7 @@ class ApplicationController < ActionController::Base protect_from_forgery with: :exception # lookup domain for db from provision - before_action :lookup_domain, :set_locale + before_action :check_license, :lookup_domain, :set_locale helper_method :current_company,:current_login_employee,:current_user # alias_method :current_user, :current_login_employee,:current_user @@ -94,7 +94,10 @@ class ApplicationController < ActionController::Base private def check_license - if current_company.nil? + # if current_company.nil? + # redirect_to install_path + # end + if !File.directory?("/config/license.yml") redirect_to install_path end end diff --git a/app/helpers/application_helper.rb b/app/helpers/application_helper.rb index 037767c9..27024d75 100755 --- a/app/helpers/application_helper.rb +++ b/app/helpers/application_helper.rb @@ -6,19 +6,5 @@ module ApplicationHelper when :error then "alert alert-error fade-in" when :alert then "alert alert-error fade-in" end - end - - # For Pageless - # def pageless(total_pages, url=nil, container=nil) - # opts = { - # :totalPages => total_pages, - # :url => url, - # :loaderMsg => 'Loading more pages...', - # :loaderImage => image_path('load.gif') - # } - - # container && opts[:container] ||= container - - # javascript_tag("$('#{container}').pageless(#{opts.to_json});") - # end + end end diff --git a/app/models/license.rb b/app/models/license.rb index b2682213..b7e2a9bb 100755 --- a/app/models/license.rb +++ b/app/models/license.rb @@ -13,14 +13,14 @@ class License def initialize(server = "", lookup = "") #this code is hard-code to reflect server mode - Very important. - self.server_mode = "cloud" + self.server_mode = ENV["server_mode"] if (server != "") self.class.base_uri server end @secret = SecureRandom.hex(10) - @params = { query: { device: "SXlite", token: SECRETS_CONFIG['provision_key'] } } + @params = { query: { device: "SX", token: SECRETS_CONFIG['provision_key'] } } end def shop_code @@ -106,7 +106,7 @@ class License def check_remote_license(license_key) # @options = { query: {device: "cloud", key: license_key, skey: @secret, token: Rails.application.secrets.provision_key} } - @options = { query: {device: "SXlite", key: license_key, skey: @secret, token: SECRETS_CONFIG['provision_key']} } + @options = { query: {device: "SX", key: license_key, skey: @secret, token: SECRETS_CONFIG['provision_key']} } response = self.class.get("/license", @options) @license = response.parsed_response @@ -120,7 +120,7 @@ class License end def verify_by_api_token(api_token) - @options = { query: {device: "SXlite", api_token: api_token, skey: @secret, token: SECRETS_CONFIG['provision_key']} } + @options = { query: {device: "SX", api_token: api_token, skey: @secret, token: SECRETS_CONFIG['provision_key']} } response = self.class.get("/verify", @options) @license = response.parsed_response diff --git a/config/sx.yml b/config/sx.yml index 1fc3a186..4dca50a2 100755 --- a/config/sx.yml +++ b/config/sx.yml @@ -1,6 +1,7 @@ development: - server_mode: cloud #local + server_mode: local sx_provision_url: http://192.168.1.162:3005/api + expired_date: 2017-11-09 05:02:33 test: From 99cfc19392c5cd88a432d19b7c5fdf2209902487 Mon Sep 17 00:00:00 2001 From: Yan Date: Thu, 9 Nov 2017 14:41:56 +0630 Subject: [PATCH 06/23] add AES key --- app/models/AESEncDec.rb | 15 +++++++++++++++ 1 file changed, 15 insertions(+) create mode 100644 app/models/AESEncDec.rb diff --git a/app/models/AESEncDec.rb b/app/models/AESEncDec.rb new file mode 100644 index 00000000..54afbe1a --- /dev/null +++ b/app/models/AESEncDec.rb @@ -0,0 +1,15 @@ +require 'openssl' +require 'base64' +require 'uri' + +class AESEncDec { + cipher = OpenSSL::Cipher::Cipher.new("aes-256-cbc") + + def encrypt + cipher.encrypt + end + + def decrypt + + end +} \ No newline at end of file From 09dcbaf9f2e41b87c396dada17aff08c5e8f858b Mon Sep 17 00:00:00 2001 From: Yan Date: Thu, 9 Nov 2017 15:47:16 +0630 Subject: [PATCH 07/23] license and AES --- app/models/AESEncDec.rb | 31 +++++++++++++++++++++++++++++++ config/secrets.yml | 10 ++++++---- config/sx.yml | 5 +++-- 3 files changed, 40 insertions(+), 6 deletions(-) create mode 100644 app/models/AESEncDec.rb diff --git a/app/models/AESEncDec.rb b/app/models/AESEncDec.rb new file mode 100644 index 00000000..ec84dcb7 --- /dev/null +++ b/app/models/AESEncDec.rb @@ -0,0 +1,31 @@ +require 'openssl' +require 'base64' +require 'uri' + +class AESEncDec { + cipher = OpenSSL::Cipher::Cipher.new("aes-256-cbc") + + def export_key + ENV['aes_key'] = cipher.key = cipher.random_key # stores the key in key, and also sets the generated key on the cipher + ENV['aes_iv'] = cipher.iv = cipher.random_iv # stores the iv in iv, and also sets the generated iv on the cipher + end + + def encrypt(data) + cipher.encrypt + cipher.key = ENV["aes_key"] + cipher.iv = ENV["aes_iv"] + encrypted = cipher.update(data) + cipher.final + encrypted = Base64.urlsafe_encode64(encrypted) + return encrypted + end + + def decrypt + cipher.decrypt + cipher.key = ENV["aes_key"] + cipher.iv = ENV["aes_iv"] + + # Start the decryption + decoded = Base64.urlsafe_decode64(encrypted) + decrypted = cipher.update(decoded) + cipher.final + end +} \ No newline at end of file diff --git a/config/secrets.yml b/config/secrets.yml index f81a9056..d177f160 100755 --- a/config/secrets.yml +++ b/config/secrets.yml @@ -11,8 +11,9 @@ # if you're sharing your code publicly. development: - secret_key_base: b61d85f8ed2a1a9e0eeece3443b3e8f838d002cc1d9f32115d8e93db920e2957adfedc57501d44741211538f3108b742cdeada87d5bfae796c53da1f90a3cd61 - provision_key: IAAXHpbSWAfvlWGYpDoXvZdmuRABNGk + secret_key_base: b61d85f8ed2a1a9e0eeece3443b3e8f838d002cc1d9f32115d8e93db920e2957adfedc57501d44741211538f3108b742cdeada87d5bfae796c53da1f90a3cd61 + aes_key: <%= ENV['aes_key'] %> + aes_iv: <%= ENV['aes_iv'] %> test: secret_key_base: 5c92143fd4a844fdaf8b22aba0cda22ef1fc68f1b26dd3d40656866893718ae5e58625b4c3a5dc86b04c8be0a505ec0ebc0be3bf52249a3d1e0c1334ee591cf0 @@ -20,6 +21,7 @@ test: # Do not keep production secrets in the repository, # instead read values from the environment. production: - secret_key_base: c4bc81065013f9a3506d385bcbd49586c42e586488144b0de90c7da36867de9fa880f46b5c4f86f0ce9b7c783bb5a73bdb0e5605a47716567294390e726d3e22 - provision_key: IAAXHpbSWAfvlWGYpDoXvZdmuRABNGk + secret_key_base: c4bc81065013f9a3506d385bcbd49586c42e586488144b0de90c7da36867de9fa880f46b5c4f86f0ce9b7c783bb5a73bdb0e5605a47716567294390e726d3e22 + aes_key: <%= ENV['aes_key'] %> + aes_iv: <%= ENV['aes_iv'] %> diff --git a/config/sx.yml b/config/sx.yml index 1fc3a186..a1b4ba34 100755 --- a/config/sx.yml +++ b/config/sx.yml @@ -1,7 +1,7 @@ development: server_mode: cloud #local sx_provision_url: http://192.168.1.162:3005/api - + license_key: IAAXHpbSWAfvlWGYpDoXvZdmuRABNGk test: sx_provision_url: secure.smartsales.asia/api @@ -10,5 +10,6 @@ test: # instead read values from the environment. production: server_mode: cloud - sx_provision_url: secure.smartsales.asia/api + sx_provision_url: secure.smartsales.asia/api + license_key: IAAXHpbSWAfvlWGYpDoXvZdmuRABNGk From 02f3c0d2530b7ec4e867824bd70e7e8b339a4b6c Mon Sep 17 00:00:00 2001 From: Yan Date: Thu, 9 Nov 2017 15:49:29 +0630 Subject: [PATCH 08/23] license --- config/initializers/secrets.rb | 6 ------ 1 file changed, 6 deletions(-) delete mode 100755 config/initializers/secrets.rb diff --git a/config/initializers/secrets.rb b/config/initializers/secrets.rb deleted file mode 100755 index 6ad1f1eb..00000000 --- a/config/initializers/secrets.rb +++ /dev/null @@ -1,6 +0,0 @@ -# config = YAML.load_file(Rails.root.join("config/smartsales.yml")) -# config.fetch(Rails.env, {}).each do |key, value| -# ENV[key.upcase] = value.to_s -# end - -SECRETS_CONFIG = YAML.load_file("#{Rails.root}/config/secrets.yml")[Rails.env] From 9c50e1486f71aa8e87030911ee8c6669c596990e Mon Sep 17 00:00:00 2001 From: Yan Date: Thu, 9 Nov 2017 18:30:33 +0630 Subject: [PATCH 09/23] activation form --- config/initializers/license.rb | 4 ++++ config/license.yml | 14 ++++++++++++++ 2 files changed, 18 insertions(+) create mode 100755 config/initializers/license.rb create mode 100755 config/license.yml diff --git a/config/initializers/license.rb b/config/initializers/license.rb new file mode 100755 index 00000000..edb075ea --- /dev/null +++ b/config/initializers/license.rb @@ -0,0 +1,4 @@ +config = YAML.load_file(Rails.root.join("config/license.yml")) +config.fetch(Rails.env, {}).each do |key, value| + ENV[key.upcase] = value.to_s +end \ No newline at end of file diff --git a/config/license.yml b/config/license.yml new file mode 100755 index 00000000..5e66e752 --- /dev/null +++ b/config/license.yml @@ -0,0 +1,14 @@ +development: + server_mode: local + license_key: IAAXHpbSWAfvlWGYpDoXvZdmuRABNGk + + +test: + sx_provision_url: secure.smartsales.asia/api + +# Do not keep production secrets in the repository, +# instead read values from the environment. +production: + server_mode: cloud + license_key: IAAXHpbSWAfvlWGYpDoXvZdmuRABNGk + From b82099368f3dc918ab0df7bb377a9e058d0074e3 Mon Sep 17 00:00:00 2001 From: Yan Date: Fri, 10 Nov 2017 11:29:45 +0630 Subject: [PATCH 10/23] fix edit dining charges --- app/controllers/settings/dining_charges_controller.rb | 5 ++++- app/models/dining_charge.rb | 2 +- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/app/controllers/settings/dining_charges_controller.rb b/app/controllers/settings/dining_charges_controller.rb index 0f71d85c..72a59ce3 100755 --- a/app/controllers/settings/dining_charges_controller.rb +++ b/app/controllers/settings/dining_charges_controller.rb @@ -17,7 +17,7 @@ class Settings::DiningChargesController < ApplicationController def new @dining_charge = DiningCharge.new @dining_charge.minimum_free_time = "00:15:00".to_datetime - @dining_charge.charge_block= "02:00:00".to_datetime + @dining_charge.charge_block= "01:00:00".to_datetime @dining_charge.time_rounding_block="00:15:00".to_datetime end @@ -54,6 +54,9 @@ class Settings::DiningChargesController < ApplicationController def update respond_to do |format| @dining_charge.dining_facility_id = @settings_dining_facility.id + @dining_charge.minimum_free_time = DateTime.parse(dining_charge_params["minimum_free_time"]) + @dining_charge.charge_block = DateTime.parse(dining_charge_params["charge_block"]) + @dining_charge.time_rounding_block = DateTime.parse(dining_charge_params["time_rounding_block"]) if @dining_charge.update(dining_charge_params) # @dining_charge.minimum_free_time = @dining_charge.minimum_free_time.to_datetime.advance(hours: +6, minutes: +30) # @dining_charge.charge_block = @dining_charge.charge_block.to_datetime.advance(hours: +6, minutes: +30) diff --git a/app/models/dining_charge.rb b/app/models/dining_charge.rb index 6eddbad4..555ba168 100755 --- a/app/models/dining_charge.rb +++ b/app/models/dining_charge.rb @@ -46,7 +46,7 @@ class DiningCharge < ApplicationRecord # no time rounding block return result.to_i, DiningCharge.check_rounding(chargesObj, solid_price, roundingblock) else - solid_price += roundingblock * chargesObj.time_rounding_block_price + solid_price += (roundingblock * chargesObj.time_rounding_block_price) return result.to_i, DiningCharge.check_rounding(chargesObj, solid_price, roundingblock) end end From a70f9a43e6a97769661b3c2ffe1881afc75386d5 Mon Sep 17 00:00:00 2001 From: Yan Date: Fri, 10 Nov 2017 14:11:10 +0630 Subject: [PATCH 11/23] license --- app/controllers/application_controller.rb | 9 ++++----- app/models/AESEncDec.rb | 8 ++++---- app/models/license.rb | 13 ++++++++++--- config/initializers/license.rb | 0 config/license.yml | 0 5 files changed, 18 insertions(+), 12 deletions(-) mode change 100755 => 100644 config/initializers/license.rb mode change 100755 => 100644 config/license.yml diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index aab3f86f..da9fde0a 100755 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -4,7 +4,7 @@ class ApplicationController < ActionController::Base protect_from_forgery with: :exception # lookup domain for db from provision - before_action :lookup_domain, :set_locale + before_action :check_license, :lookup_domain, :set_locale helper_method :current_company,:current_login_employee,:current_user # alias_method :current_user, :current_login_employee,:current_user @@ -94,10 +94,9 @@ class ApplicationController < ActionController::Base private def check_license - # if current_company.nil? - # redirect_to install_path - # end - if !File.directory?("/config/license.yml") + if License.check_license_file + + else redirect_to install_path end end diff --git a/app/models/AESEncDec.rb b/app/models/AESEncDec.rb index ec84dcb7..e175a3a9 100644 --- a/app/models/AESEncDec.rb +++ b/app/models/AESEncDec.rb @@ -5,12 +5,12 @@ require 'uri' class AESEncDec { cipher = OpenSSL::Cipher::Cipher.new("aes-256-cbc") - def export_key + def self.export_key ENV['aes_key'] = cipher.key = cipher.random_key # stores the key in key, and also sets the generated key on the cipher ENV['aes_iv'] = cipher.iv = cipher.random_iv # stores the iv in iv, and also sets the generated iv on the cipher end - def encrypt(data) + def self.encrypt(data) cipher.encrypt cipher.key = ENV["aes_key"] cipher.iv = ENV["aes_iv"] @@ -19,13 +19,13 @@ class AESEncDec { return encrypted end - def decrypt + def self.decrypt(data) cipher.decrypt cipher.key = ENV["aes_key"] cipher.iv = ENV["aes_iv"] # Start the decryption - decoded = Base64.urlsafe_decode64(encrypted) + decoded = Base64.urlsafe_decode64(data) decrypted = cipher.update(decoded) + cipher.final end } \ No newline at end of file diff --git a/app/models/license.rb b/app/models/license.rb index d7c23fbf..6089218a 100755 --- a/app/models/license.rb +++ b/app/models/license.rb @@ -19,7 +19,10 @@ class License self.class.base_uri server end - @secret = SecureRandom.hex(10) + # generate key for license file encrypt + AESCrypt.export_key() + + @secret = ENV["aes_key"] @params = { query: { device: "SX", token: SECRETS_CONFIG['provision_key'] } } end @@ -31,6 +34,10 @@ class License end end + def self.check_license_file + return File.exist?("config/license.yml") + end + def detail_with_local_cache(lookup, key) ##Check from local redis - if available load local otherwise get from remote cache_key = "store:license:#{key}:hostname" @@ -50,7 +57,7 @@ class License if cache_license.nil? ##change the d/e key # @options = { query: {device: "SXlite", lookup: lookup, skey: @secret, token: SECRETS_CONFIG['provision_key']} } - @params = { query: { device: "SXlite", token: SECRETS_CONFIG['license_key']} } + @params = { query: { lookup_type: "cloud", lookup: "subdomain", token: SECRETS_CONFIG['license_key']} } response = self.class.get("/request_license", @params) @license = response.parsed_response @@ -106,7 +113,7 @@ class License def check_remote_license(license_key) # @options = { query: {device: "cloud", key: license_key, skey: @secret, token: Rails.application.secrets.provision_key} } - @options = { query: {device: "SX", key: license_key, skey: @secret, token: SECRETS_CONFIG['provision_key']} } + @options = { query: {lookup_type: "application", encrypted_key: @secret, token: SECRETS_CONFIG['provision_key']} } response = self.class.get("/license", @options) @license = response.parsed_response diff --git a/config/initializers/license.rb b/config/initializers/license.rb old mode 100755 new mode 100644 diff --git a/config/license.yml b/config/license.yml old mode 100755 new mode 100644 From 4ce8fe48bc5544ad00001353b1d7d95ac44a21a2 Mon Sep 17 00:00:00 2001 From: Yan Date: Fri, 10 Nov 2017 14:15:05 +0630 Subject: [PATCH 12/23] license for master --- app/controllers/application_controller.rb | 6 +++--- app/models/license.rb | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index ce00dda9..896d0b5b 100755 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -38,13 +38,13 @@ class ApplicationController < ActionController::Base end end - def current_license(url, key) - @license = License.new(url, key) + def current_license(url, subdomain) + @license = License.new(url, subdomain) ##creating md5 hash md5_hostname = Digest::MD5.new md5key = md5_hostname.update(request.host) - if (@license.detail_with_local_cache(key, md5key.to_s) == true) + if (@license.detail_with_local_cache(subdomain, md5key.to_s) == true) #if (@license.detail == true) return @license diff --git a/app/models/license.rb b/app/models/license.rb index b2682213..2a8fca4e 100755 --- a/app/models/license.rb +++ b/app/models/license.rb @@ -50,7 +50,7 @@ class License if cache_license.nil? ##change the d/e key # @options = { query: {device: "SXlite", lookup: lookup, skey: @secret, token: SECRETS_CONFIG['provision_key']} } - @params = { query: { device: "SXlite", token: SECRETS_CONFIG['provision_key']} } + @params = { query: { lookup_type: "cloud", lookup: lookup, encrypted_key: SECRETS_CONFIG['provision_key']} } response = self.class.get("/request_license", @params) @license = response.parsed_response From 97fd7619ced40cacba5e2136d12d6915cfc3ec9c Mon Sep 17 00:00:00 2001 From: Yan Date: Fri, 10 Nov 2017 18:08:48 +0630 Subject: [PATCH 13/23] license test --- app/controllers/application_controller.rb | 6 +++--- app/models/AESEncDec.rb | 4 ++++ app/models/license.rb | 6 +++--- app/views/origami/home/index.html.erb | 6 ++---- config/secrets.yml | 4 ++-- lib/tasks/clear_data.rake | 2 +- 6 files changed, 15 insertions(+), 13 deletions(-) diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index d378a694..14838c20 100755 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -23,8 +23,8 @@ class ApplicationController < ActionController::Base end def lookup_domain - if request.subdomain.present? && request.subdomain != "www" - @license = current_license(ENV["SX_PROVISION_URL"], request.subdomain.downcase) + # if request.subdomain.present? && request.subdomain != "www" + @license = current_license(ENV["SX_PROVISION_URL"], "chromis") # request.subdomain.downcase if (!@license.nil?) # logger.info "Location - " + @license.name ActiveRecord::Base.establish_connection(website_connection(@license)) @@ -35,7 +35,7 @@ class ApplicationController < ActionController::Base # redirect_to root_url(:host => request.domain) + "store_error" render :json => [{ status: false, message: 'Invalid Access!'}] end - end + # end end def current_license(url, subdomain) diff --git a/app/models/AESEncDec.rb b/app/models/AESEncDec.rb index e175a3a9..0a8be5de 100644 --- a/app/models/AESEncDec.rb +++ b/app/models/AESEncDec.rb @@ -5,6 +5,10 @@ require 'uri' class AESEncDec { cipher = OpenSSL::Cipher::Cipher.new("aes-256-cbc") + def initialize + + end + def self.export_key ENV['aes_key'] = cipher.key = cipher.random_key # stores the key in key, and also sets the generated key on the cipher ENV['aes_iv'] = cipher.iv = cipher.random_iv # stores the iv in iv, and also sets the generated iv on the cipher diff --git a/app/models/license.rb b/app/models/license.rb index 537e1221..53cc81ba 100755 --- a/app/models/license.rb +++ b/app/models/license.rb @@ -1,7 +1,7 @@ class License include HTTParty - base_uri "secure.smartsales.asia/api" + base_uri "provision.zsai.ws/api" attr_accessor :name, :address_1, :address_2, :township, :city, :country, :email, :phone, :fax, :logo, :subdomain, :plan_activation_date, :plan_next_renewal_date, :plan_max_products,:plan_max_customers, :plan_active_connections, @@ -20,8 +20,8 @@ class License end # generate key for license file encrypt - AESCrypt.export_key() - + AESEncDec.export_key() +byebug @secret = ENV["aes_key"] @params = { query: { device: "SX", token: SECRETS_CONFIG['provision_key'] } } end diff --git a/app/views/origami/home/index.html.erb b/app/views/origami/home/index.html.erb index 845c3a95..9b9d3a2e 100755 --- a/app/views/origami/home/index.html.erb +++ b/app/views/origami/home/index.html.erb @@ -42,16 +42,14 @@ <% if table.status == 'occupied' %> <% if table.get_booking.nil? %>
-
- <%= table.get_booking %> +
Zone <%= table.zone_id %>
Table <%= table.name %> ( <%= table.seater %> Seat )
<% else %>
-
- <%= table.get_booking %> +
Zone <%= table.zone_id %>
Table <%= table.name %> ( <%= table.seater %> Seat )
diff --git a/config/secrets.yml b/config/secrets.yml index 794deddf..6dabc7c7 100755 --- a/config/secrets.yml +++ b/config/secrets.yml @@ -12,7 +12,7 @@ development: secret_key_base: b61d85f8ed2a1a9e0eeece3443b3e8f838d002cc1d9f32115d8e93db920e2957adfedc57501d44741211538f3108b742cdeada87d5bfae796c53da1f90a3cd61 - sx_provision_url: secure.smartsales.asia/api + sx_provision_url: 192.168.1.94:3002/api #provision.zsai.ws aes_key: <%= ENV['aes_key'] %> aes_iv: <%= ENV['aes_iv'] %> @@ -23,7 +23,7 @@ test: # instead read values from the environment. production: secret_key_base: c4bc81065013f9a3506d385bcbd49586c42e586488144b0de90c7da36867de9fa880f46b5c4f86f0ce9b7c783bb5a73bdb0e5605a47716567294390e726d3e22 - sx_provision_url: secure.smartsales.asia/api + sx_provision_url: 192.168.1.94:3002/api #provision.zsai.ws aes_key: <%= ENV['aes_key'] %> aes_iv: <%= ENV['aes_iv'] %> diff --git a/lib/tasks/clear_data.rake b/lib/tasks/clear_data.rake index a761636e..3071132b 100755 --- a/lib/tasks/clear_data.rake +++ b/lib/tasks/clear_data.rake @@ -14,7 +14,7 @@ namespace :clear do ShiftSale.delete_all PaymentJournal.delete_all DiningFacility.update_all(status:'available') - CashierTerminal.update_all(is_currently_login: 1) + CashierTerminal.update_all(is_currently_login: 0) puts "Clear Data Done." end end From e4308cdc53ec6882fa970a88ec28db0a2d4bf8e3 Mon Sep 17 00:00:00 2001 From: Yan Date: Fri, 10 Nov 2017 18:10:19 +0630 Subject: [PATCH 14/23] license test remove --- app/controllers/application_controller.rb | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 14838c20..f6d3c957 100755 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -23,8 +23,8 @@ class ApplicationController < ActionController::Base end def lookup_domain - # if request.subdomain.present? && request.subdomain != "www" - @license = current_license(ENV["SX_PROVISION_URL"], "chromis") # request.subdomain.downcase + if request.subdomain.present? && request.subdomain != "www" + @license = current_license(ENV["SX_PROVISION_URL"], request.subdomain.downcase) # request.subdomain.downcase if (!@license.nil?) # logger.info "Location - " + @license.name ActiveRecord::Base.establish_connection(website_connection(@license)) @@ -35,7 +35,7 @@ class ApplicationController < ActionController::Base # redirect_to root_url(:host => request.domain) + "store_error" render :json => [{ status: false, message: 'Invalid Access!'}] end - # end + end end def current_license(url, subdomain) From a6252923f1233b2e247c68544489738de9f919b2 Mon Sep 17 00:00:00 2001 From: Yan Date: Fri, 10 Nov 2017 19:03:10 +0630 Subject: [PATCH 15/23] test license --- app/controllers/application_controller.rb | 6 +++--- app/models/license.rb | 4 ++-- config/secrets.yml | 4 ++-- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index da9fde0a..5d68d8c5 100755 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -23,8 +23,8 @@ class ApplicationController < ActionController::Base end def lookup_domain - if request.subdomain.present? && request.subdomain != "www" - @license = current_license(ENV["SX_PROVISION_URL"], request.subdomain.downcase) + # if request.subdomain.present? && request.subdomain != "www" + @license = current_license(ENV["SX_PROVISION_URL"], "chromisreal-16") # request.subdomain.downcase if (!@license.nil?) # logger.info "Location - " + @license.name ActiveRecord::Base.establish_connection(website_connection(@license)) @@ -35,7 +35,7 @@ class ApplicationController < ActionController::Base # redirect_to root_url(:host => request.domain) + "store_error" render :json => [{ status: false, message: 'Invalid Access!'}] end - end + # end end def current_license(url, key) diff --git a/app/models/license.rb b/app/models/license.rb index 6089218a..a7365107 100755 --- a/app/models/license.rb +++ b/app/models/license.rb @@ -1,7 +1,7 @@ class License include HTTParty - base_uri "secure.smartsales.asia/api" + base_uri "provision.zsai.ws/api" attr_accessor :name, :address_1, :address_2, :township, :city, :country, :email, :phone, :fax, :logo, :subdomain, :plan_activation_date, :plan_next_renewal_date, :plan_max_products,:plan_max_customers, :plan_active_connections, @@ -20,7 +20,7 @@ class License end # generate key for license file encrypt - AESCrypt.export_key() + AESEncDec.export_key() @secret = ENV["aes_key"] @params = { query: { device: "SX", token: SECRETS_CONFIG['provision_key'] } } diff --git a/config/secrets.yml b/config/secrets.yml index 794deddf..a61f9592 100755 --- a/config/secrets.yml +++ b/config/secrets.yml @@ -12,7 +12,7 @@ development: secret_key_base: b61d85f8ed2a1a9e0eeece3443b3e8f838d002cc1d9f32115d8e93db920e2957adfedc57501d44741211538f3108b742cdeada87d5bfae796c53da1f90a3cd61 - sx_provision_url: secure.smartsales.asia/api + sx_provision_url: provision.zsai.ws/api aes_key: <%= ENV['aes_key'] %> aes_iv: <%= ENV['aes_iv'] %> @@ -23,7 +23,7 @@ test: # instead read values from the environment. production: secret_key_base: c4bc81065013f9a3506d385bcbd49586c42e586488144b0de90c7da36867de9fa880f46b5c4f86f0ce9b7c783bb5a73bdb0e5605a47716567294390e726d3e22 - sx_provision_url: secure.smartsales.asia/api + sx_provision_url: provision.zsai.ws/api aes_key: <%= ENV['aes_key'] %> aes_iv: <%= ENV['aes_iv'] %> From 54f68bdfc5a26b9b081f49265b8f93a411e700e0 Mon Sep 17 00:00:00 2001 From: Yan Date: Tue, 14 Nov 2017 13:46:24 +0630 Subject: [PATCH 16/23] remove byebun in license rb --- app/models/license.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/models/license.rb b/app/models/license.rb index 53cc81ba..96d88df0 100755 --- a/app/models/license.rb +++ b/app/models/license.rb @@ -21,7 +21,7 @@ class License # generate key for license file encrypt AESEncDec.export_key() -byebug + @secret = ENV["aes_key"] @params = { query: { device: "SX", token: SECRETS_CONFIG['provision_key'] } } end From 683982d4f5bc3a181079e4ecc8cb7cc585435da9 Mon Sep 17 00:00:00 2001 From: Yan Date: Tue, 14 Nov 2017 15:11:16 +0630 Subject: [PATCH 17/23] adding license --- app/controllers/application_controller.rb | 15 +++++----- app/models/AESEncDec.rb | 9 ++++-- app/models/license.rb | 35 ++++++++++++----------- config/license.yml | 2 +- 4 files changed, 35 insertions(+), 26 deletions(-) diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 5d68d8c5..087eb8fc 100755 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -23,8 +23,8 @@ class ApplicationController < ActionController::Base end def lookup_domain - # if request.subdomain.present? && request.subdomain != "www" - @license = current_license(ENV["SX_PROVISION_URL"], "chromisreal-16") # request.subdomain.downcase + if request.subdomain.present? && request.subdomain != "www" + @license = current_license(ENV["SX_PROVISION_URL"], request.subdomain.downcase) # request.subdomain.downcase if (!@license.nil?) # logger.info "Location - " + @license.name ActiveRecord::Base.establish_connection(website_connection(@license)) @@ -35,16 +35,17 @@ class ApplicationController < ActionController::Base # redirect_to root_url(:host => request.domain) + "store_error" render :json => [{ status: false, message: 'Invalid Access!'}] end - # end + end end def current_license(url, key) @license = License.new(url, key) - ##creating md5 hash - md5_hostname = Digest::MD5.new - md5key = md5_hostname.update(request.host) - if (@license.detail_with_local_cache(key, md5key.to_s) == true) + # Export for Key + passphrase = key + ENV["secret_key_base"] + key, iv = AESEncDec.export_key(passphrase) + + if (@license.detail_with_local_file(key, key, iv) == true) #if (@license.detail == true) return @license diff --git a/app/models/AESEncDec.rb b/app/models/AESEncDec.rb index e175a3a9..b6231df7 100644 --- a/app/models/AESEncDec.rb +++ b/app/models/AESEncDec.rb @@ -5,9 +5,14 @@ require 'uri' class AESEncDec { cipher = OpenSSL::Cipher::Cipher.new("aes-256-cbc") - def self.export_key - ENV['aes_key'] = cipher.key = cipher.random_key # stores the key in key, and also sets the generated key on the cipher + def self.export_key(passphrase) + # We want a 256 bit key symetric key based on passphrase + digest = Digest::SHA256.new + key = digest.update(passphrase) + # key = digest.digest + ENV['aes_key'] = cipher.key = key # stores the key in key, and also sets the generated key on the cipher ENV['aes_iv'] = cipher.iv = cipher.random_iv # stores the iv in iv, and also sets the generated iv on the cipher + return cipher.key, cipher.iv end def self.encrypt(data) diff --git a/app/models/license.rb b/app/models/license.rb index a7365107..b32eb48f 100755 --- a/app/models/license.rb +++ b/app/models/license.rb @@ -20,9 +20,9 @@ class License end # generate key for license file encrypt - AESEncDec.export_key() + # AESEncDec.export_key() - @secret = ENV["aes_key"] + # @secret = ENV["aes_key"] @params = { query: { device: "SX", token: SECRETS_CONFIG['provision_key'] } } end @@ -32,32 +32,32 @@ class License else return self.subdomain.upcase end - end + end - def self.check_license_file - return File.exist?("config/license.yml") - end - - def detail_with_local_cache(lookup, key) + def detail_with_local_file(lookup, key, iv) ##Check from local redis - if available load local otherwise get from remote - cache_key = "store:license:#{key}:hostname" + #cache_key = "store:license:#{key}:hostname" # No Needs for current # @secret = key - cache_license = nil + #cache_license = nil ##Get redis connection from connection pool - Redis.current do |conn| - cache_license = conn.get(cache_key) - end + # - Rails.logger.info "Cache key - " + cache_key.to_s + #Rails.logger.info "Cache key - " + cache_key.to_s + + has_license = check_license_file + + if has_license + + end if cache_license.nil? ##change the d/e key # @options = { query: {device: "SXlite", lookup: lookup, skey: @secret, token: SECRETS_CONFIG['provision_key']} } - @params = { query: { lookup_type: "cloud", lookup: "subdomain", token: SECRETS_CONFIG['license_key']} } + @params = { query: { lookup_type: self.server_mode, lookup: lookup, encrypted_key: key, iv_key: iv} } response = self.class.get("/request_license", @params) @license = response.parsed_response @@ -95,7 +95,6 @@ class License end def detail - response = self.class.get("/subdomain", @options) @license = response.parsed_response @@ -151,6 +150,10 @@ class License end private + def check_license_file + return File.exist?("config/license.yml") + end + def assign # self.name = @license["name"] # self.address_1 = @license["address_1"] diff --git a/config/license.yml b/config/license.yml index 5e66e752..fc7d1355 100644 --- a/config/license.yml +++ b/config/license.yml @@ -1,5 +1,5 @@ development: - server_mode: local + server_mode: cloud license_key: IAAXHpbSWAfvlWGYpDoXvZdmuRABNGk From abb8838215e59829e099ca54d1e8308cf5d44795 Mon Sep 17 00:00:00 2001 From: Yan Date: Tue, 14 Nov 2017 15:31:18 +0630 Subject: [PATCH 18/23] licensing --- app/controllers/application_controller.rb | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 087eb8fc..48edff46 100755 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -38,6 +38,10 @@ class ApplicationController < ActionController::Base end end + def cache_license() + + end + def current_license(url, key) @license = License.new(url, key) From 93769bacb73c906aed70abcfc2972cbdab4e4356 Mon Sep 17 00:00:00 2001 From: Yan Date: Tue, 14 Nov 2017 18:35:14 +0630 Subject: [PATCH 19/23] licensing --- app/controllers/application_controller.rb | 34 +++++----- app/models/AESEncDec.rb | 37 ----------- app/models/license.rb | 79 ++++++++++++++++++++--- config/secrets.yml | 7 +- 4 files changed, 92 insertions(+), 65 deletions(-) delete mode 100644 app/models/AESEncDec.rb diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index ea71f60e..ef56c79d 100755 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -4,7 +4,7 @@ class ApplicationController < ActionController::Base protect_from_forgery with: :exception # lookup domain for db from provision - before_action :check_license, :lookup_domain, :set_locale + before_action :lookup_domain, :set_locale helper_method :current_company,:current_login_employee,:current_user # alias_method :current_user, :current_login_employee,:current_user @@ -24,7 +24,7 @@ class ApplicationController < ActionController::Base def lookup_domain if request.subdomain.present? && request.subdomain != "www" - @license = current_license(ENV["SX_PROVISION_URL"], request.subdomain.downcase) # request.subdomain.downcase + @license = cache_license(ENV["SX_PROVISION_URL"], request.subdomain.downcase) # request.subdomain.downcase if (!@license.nil?) # logger.info "Location - " + @license.name ActiveRecord::Base.establish_connection(website_connection(@license)) @@ -35,30 +35,32 @@ class ApplicationController < ActionController::Base # redirect_to root_url(:host => request.domain) + "store_error" render :json => [{ status: false, message: 'Invalid Access!'}] end + else + # check for license file + if check_license + current_license(ENV["SX_PROVISION_URL"]) + end end end - def cache_license() - @license = License.new(url, subdomain) - ##creating md5 hash - md5_hostname = Digest::MD5.new - md5key = md5_hostname.update(request.host) + def current_license(url) + @license = License.new(url) - if (@license.detail_with_local_cache(subdomain, md5key.to_s) == true) + if (@license.detail_with_local_file(lookup) == true) return @license else return nil end end - def current_license(url, key) - @license = License.new(url, key) + def cache_license(url, lookup) + @license = License.new(url, lookup) - # Export for Key - passphrase = key + ENV["secret_key_base"] - key, iv = AESEncDec.export_key(passphrase) + # Export for Key + aes = AesCrypt.new + aes_key, aes_iv = aes.export_key(lookup) - if (@license.detail_with_local_file(key, key, iv) == true) + if (@license.detail_with_local_cache(lookup, aes_key, aes_iv) == true) return @license else return nil @@ -107,9 +109,7 @@ class ApplicationController < ActionController::Base private def check_license if License.check_license_file - # if !License.check_license_valid - # redirect_to install_path - # end + return true else redirect_to install_path end diff --git a/app/models/AESEncDec.rb b/app/models/AESEncDec.rb deleted file mode 100644 index b70328ed..00000000 --- a/app/models/AESEncDec.rb +++ /dev/null @@ -1,37 +0,0 @@ -require 'openssl' -require 'base64' -require 'uri' - -class AESEncDec { - cipher = OpenSSL::Cipher::Cipher.new("aes-256-cbc") - -<<<<<<< HEAD - def self.export_key(passphrase) - # We want a 256 bit key symetric key based on passphrase - digest = Digest::SHA256.new - key = digest.update(passphrase) - # key = digest.digest - ENV['aes_key'] = cipher.key = key # stores the key in key, and also sets the generated key on the cipher - ENV['aes_iv'] = cipher.iv = cipher.random_iv # stores the iv in iv, and also sets the generated iv on the cipher - return cipher.key, cipher.iv - end - - def self.encrypt(data) - cipher.encrypt - cipher.key = ENV["aes_key"] - cipher.iv = ENV["aes_iv"] - encrypted = cipher.update(data) + cipher.final - encrypted = Base64.urlsafe_encode64(encrypted) - return encrypted - end - - def self.decrypt(data) - cipher.decrypt - cipher.key = ENV["aes_key"] - cipher.iv = ENV["aes_iv"] - - # Start the decryption - decoded = Base64.urlsafe_decode64(data) - decrypted = cipher.update(decoded) + cipher.final - end -} \ No newline at end of file diff --git a/app/models/license.rb b/app/models/license.rb index 9473f6a4..837a77f8 100755 --- a/app/models/license.rb +++ b/app/models/license.rb @@ -19,11 +19,8 @@ class License self.class.base_uri server end - # generate key for license file encrypt - # AESEncDec.export_key() - # @secret = ENV["aes_key"] - @params = { query: { device: "SX", token: SECRETS_CONFIG['provision_key'] } } + # @params = { query: { device: "SX", token: SECRETS_CONFIG['provision_key'] } } end def shop_code @@ -34,14 +31,52 @@ class License end end - def detail_with_local_cache(lookup) + def detail_with_local_cache(lookup, key, iv) ##Check from local redis - if available load local otherwise get from remote - cache_key = "store:license:#{@secret}:hostname" + cache_key = "#{lookup}:license:#{key}:hostname" + + # No Needs for current + # @secret = key + + cache_license = nil + + ##Get redis connection from connection pool + Redis.current do |conn| + cache_license = conn.get(cache_key) + end + + Rails.logger.info "Cache key - " + cache_key.to_s + if cache_license.nil? + ##change the d/e key + # @options = { query: {device: "SXlite", lookup: lookup, skey: @secret, token: SECRETS_CONFIG['provision_key']} } + @params = { query: { lookup_type: self.server_mode, lookup: lookup, encrypted_key: key, iv_key: iv} } + + response = self.class.get("/subdomain", @params) + @license = response.parsed_response + + if (@license["status"] == true) + + assign() + + Rails.logger.info "License - " + response.parsed_response.to_s + + Redis.current do |conn| + ##Remote - store the remote response in local redis cache + conn.set(cache_key, Marshal.dump(@license)) + ##ADD to List to remove later + conn.sadd("License:cache:keys", cache_key) + end + + return true + end + + Rails.logger.info 'API License' + end end - def detail_with_local_file(lookup, key, iv) - has_license = check_license_file + def detail_with_local_file(lookup) + has_license = verify_license() if has_license @@ -73,7 +108,6 @@ class License Rails.logger.info 'API License' else - @license = Marshal.load(cache_license) if cache_license Rails.logger.info 'Cache License' @@ -102,6 +136,20 @@ class License return false end + def verify_license + api_token = read_license("api_token") + @options = { query: {lookup_type: "application", token: api_token} } + response = self.class.get("/verify", @options) + @varified = response.parsed_response + + Rails.logger.debug "License Remote Response - " + response.parsed_response.to_s + if (@varified["status"]) + check_expire_date + else + delete_license_file + end + end + def check_remote_license(license_key) # @options = { query: {device: "cloud", key: license_key, skey: @secret, token: Rails.application.secrets.provision_key} } @options = { query: {lookup_type: "application", encrypted_key: @secret, token: SECRETS_CONFIG['provision_key']} } @@ -146,6 +194,19 @@ class License return File.exist?("config/license.yml") end + # read line by key for license file + def read_license(key) + decrypted_line = "" + if File.exist?("config/license.yml") + File.open("config/license.yml").each do |line| + if line.include? (key) + decrypted_line_array = line.split(":") + decrypted_line = AESEncDec.decrypt(decrypted_line_array[1]) + end + end + end + end + def assign # self.name = @license["name"] # self.address_1 = @license["address_1"] diff --git a/config/secrets.yml b/config/secrets.yml index 6dabc7c7..8f56c424 100755 --- a/config/secrets.yml +++ b/config/secrets.yml @@ -12,7 +12,9 @@ development: secret_key_base: b61d85f8ed2a1a9e0eeece3443b3e8f838d002cc1d9f32115d8e93db920e2957adfedc57501d44741211538f3108b742cdeada87d5bfae796c53da1f90a3cd61 - sx_provision_url: 192.168.1.94:3002/api #provision.zsai.ws + sx_provision_url: provision.zsai.ws/api #192.168.1.94:3002 + server_mode: cloud + cipher_type: AES-256-CBC aes_key: <%= ENV['aes_key'] %> aes_iv: <%= ENV['aes_iv'] %> @@ -23,7 +25,8 @@ test: # instead read values from the environment. production: secret_key_base: c4bc81065013f9a3506d385bcbd49586c42e586488144b0de90c7da36867de9fa880f46b5c4f86f0ce9b7c783bb5a73bdb0e5605a47716567294390e726d3e22 - sx_provision_url: 192.168.1.94:3002/api #provision.zsai.ws + sx_provision_url: provision.zsai.ws/api #192.168.1.94:3002 + server_mode: cloud aes_key: <%= ENV['aes_key'] %> aes_iv: <%= ENV['aes_iv'] %> From 5ec45593de851c854c43b04e54ea4856dacb892b Mon Sep 17 00:00:00 2001 From: Yan Date: Tue, 14 Nov 2017 18:35:25 +0630 Subject: [PATCH 20/23] licensing --- app/models/aes_crypt.rb | 38 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 38 insertions(+) create mode 100644 app/models/aes_crypt.rb diff --git a/app/models/aes_crypt.rb b/app/models/aes_crypt.rb new file mode 100644 index 00000000..8eeb6ee1 --- /dev/null +++ b/app/models/aes_crypt.rb @@ -0,0 +1,38 @@ +class AesCrypt + @cipher = "" + + def initialize + @cipher = OpenSSL::Cipher::Cipher.new(ENV["cipher_type"]) + end + + private + def export_key(passphrase) + # We want a 256 bit key symetric key based on passphrase + digest = Digest::SHA256.new + key = digest.update(passphrase) + # key = digest.digest + ENV['aes_key'] = @cipher.key = key # stores the key in key, and also sets the generated key on the @cipher + ENV['aes_iv'] = @cipher.iv = @cipher.random_iv # stores the iv in iv, and also sets the generated iv on the @cipher + return @cipher.key, @cipher.iv + end + + def encrypt(data) + cipher.encrypt + cipher.key = ENV["aes_key"] + cipher.iv = ENV["aes_iv"] + encrypted = cipher.update(data) + cipher.final + encrypted = Base64.encode64(encrypted) + return encrypted + end + + def decrypt(data) + cipher.decrypt + cipher.key = ENV["aes_key"] + cipher.iv = ENV["aes_iv"] + + # Start the decryption + decoded = Base64.decode64(data) + decrypted = cipher.update(decoded) + cipher.final + return decrypted + end +end \ No newline at end of file From 7c6153f16f60043603d04d3ca9b9969cdc36bd5e Mon Sep 17 00:00:00 2001 From: Yan Date: Wed, 15 Nov 2017 12:01:35 +0630 Subject: [PATCH 21/23] licensing --- app/controllers/application_controller.rb | 7 +- app/models/aes_crypt.rb | 38 -------- app/models/license.rb | 100 +++++++++++----------- config/secrets.yml | 8 +- 4 files changed, 58 insertions(+), 95 deletions(-) delete mode 100644 app/models/aes_crypt.rb diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index ef56c79d..8d5619cd 100755 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -46,8 +46,8 @@ class ApplicationController < ActionController::Base def current_license(url) @license = License.new(url) - if (@license.detail_with_local_file(lookup) == true) - return @license + if (@license.detail_with_local_file() == true) + puts "RUN SA BYAR" else return nil end @@ -55,9 +55,8 @@ class ApplicationController < ActionController::Base def cache_license(url, lookup) @license = License.new(url, lookup) - # Export for Key - aes = AesCrypt.new + aes = MyAesCrypt.new aes_key, aes_iv = aes.export_key(lookup) if (@license.detail_with_local_cache(lookup, aes_key, aes_iv) == true) diff --git a/app/models/aes_crypt.rb b/app/models/aes_crypt.rb deleted file mode 100644 index 8eeb6ee1..00000000 --- a/app/models/aes_crypt.rb +++ /dev/null @@ -1,38 +0,0 @@ -class AesCrypt - @cipher = "" - - def initialize - @cipher = OpenSSL::Cipher::Cipher.new(ENV["cipher_type"]) - end - - private - def export_key(passphrase) - # We want a 256 bit key symetric key based on passphrase - digest = Digest::SHA256.new - key = digest.update(passphrase) - # key = digest.digest - ENV['aes_key'] = @cipher.key = key # stores the key in key, and also sets the generated key on the @cipher - ENV['aes_iv'] = @cipher.iv = @cipher.random_iv # stores the iv in iv, and also sets the generated iv on the @cipher - return @cipher.key, @cipher.iv - end - - def encrypt(data) - cipher.encrypt - cipher.key = ENV["aes_key"] - cipher.iv = ENV["aes_iv"] - encrypted = cipher.update(data) + cipher.final - encrypted = Base64.encode64(encrypted) - return encrypted - end - - def decrypt(data) - cipher.decrypt - cipher.key = ENV["aes_key"] - cipher.iv = ENV["aes_iv"] - - # Start the decryption - decoded = Base64.decode64(data) - decrypted = cipher.update(decoded) + cipher.final - return decrypted - end -end \ No newline at end of file diff --git a/app/models/license.rb b/app/models/license.rb index 837a77f8..31403038 100755 --- a/app/models/license.rb +++ b/app/models/license.rb @@ -13,7 +13,7 @@ class License def initialize(server = "", lookup = "") #this code is hard-code to reflect server mode - Very important. - self.server_mode = ENV["server_mode"] + self.server_mode = ENV["SERVER_MODE"] if (server != "") self.class.base_uri server @@ -50,7 +50,6 @@ class License ##change the d/e key # @options = { query: {device: "SXlite", lookup: lookup, skey: @secret, token: SECRETS_CONFIG['provision_key']} } @params = { query: { lookup_type: self.server_mode, lookup: lookup, encrypted_key: key, iv_key: iv} } - response = self.class.get("/subdomain", @params) @license = response.parsed_response @@ -75,49 +74,49 @@ class License end - def detail_with_local_file(lookup) - has_license = verify_license() + def detail_with_local_file() + has_license = true #verify_license() if has_license - + puts "VERIFIED" end - if cache_license.nil? - ##change the d/e key - @params = { query: { lookup_type: self.server_mode, lookup: lookup, encrypted_key: key, iv_key: iv} } + # if cache_license.nil? + # ##change the d/e key + # @params = { query: { lookup_type: self.server_mode, lookup: lookup, encrypted_key: key, iv_key: iv} } - response = self.class.get("/request_license", @params) - @license = response.parsed_response + # response = self.class.get("/request_license", @params) + # @license = response.parsed_response - if (@license["status"] == true) + # if (@license["status"] == true) - assign() + # assign() - Rails.logger.info "License - " + response.parsed_response.to_s + # Rails.logger.info "License - " + response.parsed_response.to_s - Redis.current do |conn| - ##Remote - store the remote response in local redis cache - conn.set(cache_key, Marshal.dump(@license)) - ##ADD to List to remove later - conn.sadd("License:cache:keys", cache_key) - end + # Redis.current do |conn| + # ##Remote - store the remote response in local redis cache + # conn.set(cache_key, Marshal.dump(@license)) + # ##ADD to List to remove later + # conn.sadd("License:cache:keys", cache_key) + # end - return true - end + # return true + # end - Rails.logger.info 'API License' + # Rails.logger.info 'API License' - else - @license = Marshal.load(cache_license) if cache_license + # else + # @license = Marshal.load(cache_license) if cache_license - Rails.logger.info 'Cache License' + # Rails.logger.info 'Cache License' - if (@license["status"] == true) - assign() - return true - end - end - return false + # if (@license["status"] == true) + # assign() + # return true + # end + # end + # return false end def detail @@ -144,10 +143,13 @@ class License Rails.logger.debug "License Remote Response - " + response.parsed_response.to_s if (@varified["status"]) - check_expire_date + if (!check_expired(@varified["plan_next_renewal_date"])) + return true + end else delete_license_file - end + end + return false end def check_remote_license(license_key) @@ -181,32 +183,32 @@ class License #Load License is remove from the cloud license because - this license is must be validated against subdmain instead of license.data from file. - def expired? - if (self.plan_next_renewal_date < Date.today) + def check_expired(renewal_date) + if (renewal_date < Date.today) return true else return false end end + + def self.check_license_file + return File.exist?("config/license.yml") + end - private - def check_license_file - return File.exist?("config/license.yml") - end - - # read line by key for license file - def read_license(key) - decrypted_line = "" - if File.exist?("config/license.yml") - File.open("config/license.yml").each do |line| - if line.include? (key) - decrypted_line_array = line.split(":") - decrypted_line = AESEncDec.decrypt(decrypted_line_array[1]) - end + # read line by key for license file + def read_license(key) + decrypted_line = "" + if File.exist?("config/license.yml") + File.open("config/license.yml").each do |line| + if line.include? (key) + decrypted_line_array = line.split(":") + decrypted_line = AESCrypt.decrypt(decrypted_line_array[1]) end end end + end + private def assign # self.name = @license["name"] # self.address_1 = @license["address_1"] diff --git a/config/secrets.yml b/config/secrets.yml index 8f56c424..09555540 100755 --- a/config/secrets.yml +++ b/config/secrets.yml @@ -15,8 +15,8 @@ development: sx_provision_url: provision.zsai.ws/api #192.168.1.94:3002 server_mode: cloud cipher_type: AES-256-CBC - aes_key: <%= ENV['aes_key'] %> - aes_iv: <%= ENV['aes_iv'] %> + aes_key: <%= ENV['AES_KEY'] %> + aes_iv: <%= ENV['AES_IV'] %> test: secret_key_base: 5c92143fd4a844fdaf8b22aba0cda22ef1fc68f1b26dd3d40656866893718ae5e58625b4c3a5dc86b04c8be0a505ec0ebc0be3bf52249a3d1e0c1334ee591cf0 @@ -27,6 +27,6 @@ production: secret_key_base: c4bc81065013f9a3506d385bcbd49586c42e586488144b0de90c7da36867de9fa880f46b5c4f86f0ce9b7c783bb5a73bdb0e5605a47716567294390e726d3e22 sx_provision_url: provision.zsai.ws/api #192.168.1.94:3002 server_mode: cloud - aes_key: <%= ENV['aes_key'] %> - aes_iv: <%= ENV['aes_iv'] %> + aes_key: <%= ENV['AES_KEY'] %> + aes_iv: <%= ENV['AES_IV'] %> From 12f75ff403db252befc8d1ad70836486c6aa527f Mon Sep 17 00:00:00 2001 From: Yan Date: Wed, 15 Nov 2017 12:01:49 +0630 Subject: [PATCH 22/23] licensing --- app/models/my_aes_crypt.rb | 38 ++++++++++++++++++++++++++++++++++ config/initializers/secrets.rb | 6 ++++++ 2 files changed, 44 insertions(+) create mode 100644 app/models/my_aes_crypt.rb create mode 100755 config/initializers/secrets.rb diff --git a/app/models/my_aes_crypt.rb b/app/models/my_aes_crypt.rb new file mode 100644 index 00000000..7427a000 --- /dev/null +++ b/app/models/my_aes_crypt.rb @@ -0,0 +1,38 @@ +class MyAesCrypt + @cipher = "" + + def initialize + @cipher = OpenSSL::Cipher::Cipher.new(ENV["CIPHER_TYPE"]) + end + + def export_key(passphrase) + # We want a 256 bit key symetric key based on passphrase + digest = Digest::SHA256.new + key = digest.update(passphrase) + key = digest.digest + ENV['AES_KEY'] = cipher_key = key # stores the key in key, and also sets the generated key on the @cipher + ENV['AES_IV'] = cipher_iv = @cipher.random_iv # stores the iv in iv, and also sets the generated iv on the @cipher + return cipher_key, cipher_iv + end + + private + def encrypt(data) + cipher.encrypt + cipher.key = ENV["aes_key"] + cipher.iv = ENV["aes_iv"] + encrypted = cipher.update(data) + cipher.final + encrypted = Base64.encode64(encrypted) + return encrypted + end + + def decrypt(data) + cipher.decrypt + cipher.key = ENV["aes_key"] + cipher.iv = ENV["aes_iv"] + + # Start the decryption + decoded = Base64.decode64(data) + decrypted = cipher.update(decoded) + cipher.final + return decrypted + end +end \ No newline at end of file diff --git a/config/initializers/secrets.rb b/config/initializers/secrets.rb new file mode 100755 index 00000000..a88ce110 --- /dev/null +++ b/config/initializers/secrets.rb @@ -0,0 +1,6 @@ +config = YAML.load_file("#{Rails.root}/config/secrets.yml") +config.fetch(Rails.env, {}).each do |key, value| + ENV[key.upcase] = value.to_s +end + +# SECRETS_CONFIG = YAML.load_file("#{Rails.root}/config/secrets.yml")[Rails.env] From b8dc74f517c636ed73566df0fcf85e47af7bba8c Mon Sep 17 00:00:00 2001 From: Yan Date: Wed, 15 Nov 2017 12:06:06 +0630 Subject: [PATCH 23/23] merge with license but not complete --- app/controllers/application_controller.rb | 2 +- config/license.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 8d5619cd..83222004 100755 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -47,7 +47,7 @@ class ApplicationController < ActionController::Base @license = License.new(url) if (@license.detail_with_local_file() == true) - puts "RUN SA BYAR" + puts "RUN SAY BYAR" else return nil end diff --git a/config/license.yml b/config/license.yml index fc7d1355..f98a6e81 100644 --- a/config/license.yml +++ b/config/license.yml @@ -4,7 +4,7 @@ development: test: - sx_provision_url: secure.smartsales.asia/api + sx_provision_url: "provision.test.ws/api" # Do not keep production secrets in the repository, # instead read values from the environment.