From d933931d9c5ecadd41dbf4d4b0219b81ba262af8 Mon Sep 17 00:00:00 2001
From: Eric Schultz <eric@wwahammy.com>
Date: Thu, 19 Jul 2018 12:13:30 -0500
Subject: [PATCH 1/6] Remove silly joke in the mainenance page

---
 public/maintenance.html | 1 -
 1 file changed, 1 deletion(-)

diff --git a/public/maintenance.html b/public/maintenance.html
index 1f46eb24..75e2d914 100644
--- a/public/maintenance.html
+++ b/public/maintenance.html
@@ -26,7 +26,6 @@
   <div class="dialog">
 		<h1 class='logo'><a href='/'>Houdini Project</a></h1>
     <h1>We're down for maintenance.</h1>
-		<p>All of our hamsters needed a break from running in their wheels all day.</p>
 		<p>We're sorry for the inconvenience. Please check back soon.</p>
   </div>
 </body>

From 3dd63135a83f9860756b3fbdb828b12e51511dbe Mon Sep 17 00:00:00 2001
From: Eric Schultz <eric@wwahammy.com>
Date: Thu, 19 Jul 2018 12:14:03 -0500
Subject: [PATCH 2/6] Add maintenance feature

---
 app/controllers/application_controller.rb |  11 ++-
 spec/requests/maintenance_spec.rb         | 105 ++++++++++++++++++++++
 2 files changed, 115 insertions(+), 1 deletion(-)
 create mode 100644 spec/requests/maintenance_spec.rb

diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 3c3328d7..737bf56c 100755
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -1,6 +1,6 @@
 # License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
 class ApplicationController < ActionController::Base
-	before_filter :set_locale
+	before_filter :set_locale, :redirect_to_maintenance
 
 	protect_from_forgery
 
@@ -19,6 +19,15 @@ class ApplicationController < ActionController::Base
 		end
 	end
 
+	def redirect_to_maintenance
+		if (Settings&.maintenance&.maintenance_mode && !current_user)
+			unless (self.class == Users::SessionsController &&
+							(params[:maintenance_token] == Settings.maintenance.maintenance_token || params[:format] == 'json'))
+				redirect_to Settings.maintenance.maintenance_page
+			end
+		end
+	end
+
 protected
 
 	def json_saved(model, msg=nil)
diff --git a/spec/requests/maintenance_spec.rb b/spec/requests/maintenance_spec.rb
new file mode 100644
index 00000000..045b0237
--- /dev/null
+++ b/spec/requests/maintenance_spec.rb
@@ -0,0 +1,105 @@
+# License: AGPL-3.0-or-later WITH Web-Template-Output-Additional-Permission-3.0-or-later
+require 'rails_helper'
+require 'controllers/support/shared_user_context'
+
+describe 'Maintenance Mode' do
+  page = "http://commet"
+  token = "thoathioa"
+  include_context :shared_user_context
+  around(:each) do |example|
+    example.run
+    Settings.reload!
+  end
+
+  describe OnboardController, type: :controller do
+    describe '(Onboard is just a basic example controller)'
+    it 'not in maintenance mode' do
+      get :index
+      assert_response 200
+    end
+
+    describe 'in maintenance' do
+      before(:each) do
+        Settings.merge!({maintenance:
+                             {maintenance_mode: true,
+                              maintenance_token: token,
+                              maintenance_page: page}})
+      end
+
+      it 'redirects for onboard' do
+        get :index
+        assert_redirected_to page
+      end
+
+      it 'allows access to non-sign_in pages if youre logged in' do
+        sign_in user_as_np_associate
+        get :index
+        assert_response 200
+      end
+    end
+  end
+
+  describe Users::SessionsController, type: :controller do
+    describe 'in maintenance' do
+      include_context :shared_user_context
+      around(:each) do |example|
+        example.run
+        Settings.reload!
+      end
+
+      before(:each) do
+        @request.env["devise.mapping"] = Devise.mappings[:user]
+      end
+
+      describe 'in maintenance' do
+        before(:each) do
+          Settings.merge!({maintenance:
+                               {maintenance_mode: true,
+                                maintenance_token: token,
+                                maintenance_page: page}})
+        end
+
+        it 'redirects sign_in if the token is wrong' do
+          get(:new, {maintenance_token: "#{token}3"})
+          expect(response.code).to eq "302"
+          expect(response.location).to eq page
+        end
+
+        it 'redirects for login' do
+          get(:new)
+          expect(response.code).to eq "302"
+          expect(response.location).to eq page
+        end
+
+
+        it 'redirects sign_in if the token is passed in wrong param' do
+          get(:new, {maintnancerwrwer_token: "#{token}"})
+          expect(response.code).to eq "302"
+          expect(response.location).to eq page
+        end
+
+        it 'allows sign_in if the token is passed' do
+          get(:new, {maintenance_token: "#{token}"})
+          expect(response.code).to eq '200'
+        end
+
+        it 'allows sign_in.json' do
+          get(:new, {maintenance_token: "#{token}", format: 'json'})
+          expect(response.code).to eq '406'
+        end
+      end
+    end
+
+  end
+
+  # it 'redirect to general user' do
+  #   nonprofit
+  #   unauth_user.create_profile
+  #   sign_in unauth_user
+  #   get(:index)
+  #   expect(response).to redirect_to profile_url(unauth_user.profile.id)
+  # end
+
+
+end
+

From 3ed6b06b21fe525324dcda7886a030843eefdf5f Mon Sep 17 00:00:00 2001
From: Eric Schultz <eric@wwahammy.com>
Date: Thu, 19 Jul 2018 12:53:18 -0500
Subject: [PATCH 3/6] Add support for getting settings from ENV

---
 config/initializers/config.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/config/initializers/config.rb b/config/initializers/config.rb
index 897a47c5..b253585e 100644
--- a/config/initializers/config.rb
+++ b/config/initializers/config.rb
@@ -2,7 +2,7 @@
 Config.setup do |config|
   # Name of the constant exposing loaded settings
   config.const_name = 'Settings'
-
+  config.use_env = true
   # Ability to remove elements of the array set in earlier loaded settings file. For example value: '--'.
   #
   # config.knockout_prefix = nil

From 1ad29e743639082dbaf056e30ff999959095b4ec Mon Sep 17 00:00:00 2001
From: Eric Schultz <eric@wwahammy.com>
Date: Thu, 19 Jul 2018 12:59:29 -0500
Subject: [PATCH 4/6] If maintenance_token is nil, you can't pass an empty
 token to get in.

---
 app/controllers/application_controller.rb |  2 +-
 spec/requests/maintenance_spec.rb         | 18 ++++++++++++++++++
 2 files changed, 19 insertions(+), 1 deletion(-)

diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 737bf56c..76f75165 100755
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -22,7 +22,7 @@ class ApplicationController < ActionController::Base
 	def redirect_to_maintenance
 		if (Settings&.maintenance&.maintenance_mode && !current_user)
 			unless (self.class == Users::SessionsController &&
-							(params[:maintenance_token] == Settings.maintenance.maintenance_token || params[:format] == 'json'))
+							((Settings.maintenance.maintenance_token && params[:maintenance_token] == Settings.maintenance.maintenance_token) || params[:format] == 'json'))
 				redirect_to Settings.maintenance.maintenance_page
 			end
 		end
diff --git a/spec/requests/maintenance_spec.rb b/spec/requests/maintenance_spec.rb
index 045b0237..6e09f77c 100644
--- a/spec/requests/maintenance_spec.rb
+++ b/spec/requests/maintenance_spec.rb
@@ -90,6 +90,24 @@ describe 'Maintenance Mode' do
       end
     end
 
+    describe 'in maintenance without maintenance_token set' do
+      before(:each) do
+        @request.env["devise.mapping"] = Devise.mappings[:user]
+      end
+      before(:each) do
+        Settings.merge!({maintenance:
+                             {maintenance_mode: true,
+                              maintenance_token: nil,
+                              maintenance_page: page}})
+      end
+
+      it 'redirects sign_in if the token is nil' do
+        get(:new)
+        expect(response.code).to eq "302"
+        expect(response.location).to eq page
+      end
+    end
+
   end
 
   # it 'redirect to general user' do

From 9c5d2df50be83f327d72d46a0b76fd5d9a6c644c Mon Sep 17 00:00:00 2001
From: Eric Schultz <eric@wwahammy.com>
Date: Thu, 19 Jul 2018 13:31:58 -0500
Subject: [PATCH 5/6] remove commented out code

---
 spec/requests/maintenance_spec.rb | 10 ----------
 1 file changed, 10 deletions(-)

diff --git a/spec/requests/maintenance_spec.rb b/spec/requests/maintenance_spec.rb
index 6e09f77c..407558bc 100644
--- a/spec/requests/maintenance_spec.rb
+++ b/spec/requests/maintenance_spec.rb
@@ -109,15 +109,5 @@ describe 'Maintenance Mode' do
     end
 
   end
-
-  # it 'redirect to general user' do
-  #   nonprofit
-  #   unauth_user.create_profile
-  #   sign_in unauth_user
-  #   get(:index)
-  #   expect(response).to redirect_to profile_url(unauth_user.profile.id)
-  # end
-
-
 end
 

From f8b96856c86835dcec36280e99482bc5422e4bbb Mon Sep 17 00:00:00 2001
From: Eric Schultz <eric@wwahammy.com>
Date: Fri, 20 Jul 2018 16:37:08 -0500
Subject: [PATCH 6/6] Add maintenance mode setting checks

---
 config/environment.rb | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/config/environment.rb b/config/environment.rb
index b8209deb..b036d1a3 100755
--- a/config/environment.rb
+++ b/config/environment.rb
@@ -268,6 +268,20 @@ Config.schema do
     end
   end
 
+  # the settings to get into maintenance_mode
+  optional(:maintenance).schema do
+    # true if you want to be in maintenance mode, otherwise false
+    required(:maintenance_mode).filled(:bool?)
+
+    # the token you pass into /users/sign_in to actually get to
+    # a signin page during maintenance mode
+    optional(:maintenance_token).filled(:str?)
+
+    # the url, absolute or relative, that visitors should be redirected to
+    optional(:maintenance_page).filled(:str?)
+
+  end
+
 end
 
 Settings.reload!