MERGE TO FEATURE - 214 add environment sso config (#510)

* Use global constant for SHIBBOLETH_ENABLED

* Remove sensitive environment files from repository

* Rubocop fix

* Update 'rake' to ''rails' and remove .env* from .gitignore

* Re-add .env development and test files

* Correct .env errors

* Remove rake task to check SSO environment variable

.circleci/config.yml

@@ -81,9 +81,9 @@ jobs:
           key: v1-dependencies-{{ checksum "Gemfile.lock" }}
 
       # Database setup
-      - run: bundle exec rake db:create
-      - run: bundle exec rake db:schema:load
-      - run: bundle exec rake db:seed
+      - run: bundle exec rails db:create
+      - run: bundle exec rails db:schema:load
+      - run: bundle exec rails db:seed
 
       - run:
           name: Rubocop

.env.development

@@ -1,6 +1,6 @@
-# Admin Variables
- ADMIN_USERNAME=test
- ADMIN_PASSWORD=password
+  # Admin Variables
+  ADMIN_USERNAME=test
+  ADMIN_PASSWORD=password
 
   # Mail Variables
   MAIL_SENDER=[email protected]
@@ -15,6 +15,9 @@
   TREATMENT_DATABASE_TIMEOUT=5000
   TREATMENT_DATABASE_USERNAME=
 
-  Mailer settings
+  # Mailer settings
   TREATMENT_PRODUCTION_MAILER_FROM=[email protected]
   TREATMENT_PRODUCTION_MAILER_URL=localhost
+
+  # SSO settings
+  SHIBBOLETH_SSO_ENABLED=true

.env.example

@@ -0,0 +1,23 @@
+  # Admin Variables
+  ADMIN_USERNAME=test  # Change this to a unique username for production
+  ADMIN_PASSWORD=password  # Ensure to use a strong, secure password in production
+
+  # Mail Variables
+  MAIL_SENDER=[email protected]
+
+  # Database settings
+  TREATMENT_DATABASE_ADAPTER=sqlite3
+  TREATMENT_DATABASE_HOST=
+  TREATMENT_DATABASE_NAME=db/development.sqlite3
+  TREATMENT_DATABASE_PASSWORD=
+  TREATMENT_DATABASE_POOL=5
+  TREATMENT_DATABASE_PORT=
+  TREATMENT_DATABASE_TIMEOUT=5000
+  TREATMENT_DATABASE_USERNAME=
+
+  # Mailer settings
+  TREATMENT_PRODUCTION_MAILER_FROM=[email protected]
+  TREATMENT_PRODUCTION_MAILER_URL=localhost
+
+  # SSO settings
+  SHIBBOLETH_SSO_ENABLED=true

.env.test

@@ -13,4 +13,7 @@
  TREATMENT_DATABASE_POOL=5
  TREATMENT_DATABASE_PORT=
  TREATMENT_DATABASE_TIMEOUT=5000
- TREATMENT_DATABASE_USERNAME=
+ TREATMENT_DATABASE_USERNAME=
+
+ # SSO settings
+ SHIBBOLETH_SSO_ENABLED=true

.gitignore

@@ -44,6 +44,9 @@
 .env.test.local
 .env.development.local
 
+!.env.example
+
+
 /tmp/puma/*
 !/tmp/puma/
 !/tmp/puma/.keep

README.md

@@ -76,6 +76,11 @@ Then:
 docker-compose up
 ```
 
+## Environment Setup
+To set up your development environment:
+1. Copy the `.env.example` file to `.env.development` and `.env.test` and fill in the necessary values.
+
+
 ## Running the Tests
 
 The treatment database has a test suite built with rspec, running it is simple, just call the following in the project directory:

config/initializers/shibboleth.rb

@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+
+# Use this variable to enable or disable Shibboleth authentication
+# example:
+# if SHIBBOLETH_ENABLED
+#   # do something
+# else
+#   # do something else
+# end
+
+shibboleth_config = YAML.safe_load(ERB.new(Rails.root.join('config/shibboleth.yml').read).result)
+SHIBBOLETH_ENABLED = shibboleth_config[Rails.env]['shibboleth_enabled']

config/shibboleth.yml

@@ -0,0 +1,6 @@
+development:
+  shibboleth_enabled: <%= ENV['SHIBBOLETH_SSO_ENABLED'] || 'false' %>
+test:
+  shibboleth_enabled: <%= ENV['SHIBBOLETH_SSO_ENABLED'] || 'false' %>
+production:
+  shibboleth_enabled: <%= ENV['SHIBBOLETH_SSO_ENABLED'] || 'false' %>

spec/config/shibboleth_spec.rb

@@ -0,0 +1,69 @@
+# frozen_string_literal: true
+
+require 'rails_helper'
+
+RSpec.describe 'Shibboleth Configuration' do
+  describe 'Environment Variable' do
+    it 'checks for the presence of SHIBBOLETH_SSO_ENABLED' do
+      expect(ENV).to have_key('SHIBBOLETH_SSO_ENABLED')
+    end
+  end
+
+  shared_examples 'correctly parses shibboleth config' do |environment|
+    let(:shibboleth_config) { YAML.safe_load(ERB.new(Rails.root.join('config/shibboleth.yml').read).result) }
+
+    it "parses the ERB content correctly for #{environment}" do
+      allow(ENV).to receive(:[]).and_call_original
+      allow(ENV).to receive(:[]).with('SHIBBOLETH_SSO_ENABLED').and_return('true')
+      expect(shibboleth_config[environment]['shibboleth_enabled']).to eq(true)
+    end
+  end
+
+  describe 'Configuration File' do
+    it 'loads the configuration' do
+      expect(shibboleth_config).to be_a(Hash)
+    end
+
+    include_examples 'correctly parses shibboleth config', 'development'
+    include_examples 'correctly parses shibboleth config', 'test'
+    include_examples 'correctly parses shibboleth config', 'production'
+  end
+
+  describe 'SHIBBOLETH_ENABLED' do
+    context 'when the configuration is set to true' do
+      let(:shibboleth_config) do
+        {
+          'development' => { 'shibboleth_enabled' => 'true' },
+          'test' => { 'shibboleth_enabled' => 'true' },
+          'production' => { 'shibboleth_enabled' => 'true' }
+        }
+      end
+      before do
+        allow(YAML).to receive(:safe_load).and_return(shibboleth_config)
+      end
+
+      it 'matches the environment configuration' do
+        load Rails.root.join('config/initializers/shibboleth.rb')
+        expect(SHIBBOLETH_ENABLED).to eq('true')
+      end
+    end
+
+    context 'when the configuration is set to false' do
+      let(:shibboleth_config) do
+        {
+          'development' => { 'shibboleth_enabled' => 'false' },
+          'test' => { 'shibboleth_enabled' => 'false' },
+          'production' => { 'shibboleth_enabled' => 'false' }
+        }
+      end
+      before do
+        allow(YAML).to receive(:safe_load).and_return(shibboleth_config)
+      end
+
+      it 'matches the environment configuration' do
+        load Rails.root.join('config/initializers/shibboleth.rb')
+        expect(SHIBBOLETH_ENABLED).to eq('false')
+      end
+    end
+  end
+end