module HousingMisc::ApiHelper

Constants

MOBILE_REQUEST_TIME_THRESHOLD

Public Instance Methods

add_attachments(email_template_hash, attachments) click to toggle source
# File lib/housing_misc/api_helper.rb, line 128
def add_attachments(email_template_hash, attachments)
  email_template_hash[:params_json][:attachments] = attachments if attachments.present?
  return email_template_hash
end
add_base_vars(email_template_hash, base_vars) click to toggle source
# File lib/housing_misc/api_helper.rb, line 90
def add_base_vars(email_template_hash, base_vars)
  email_template_hash[:params_json].merge!(base_vars)
  email_template_hash[:test_email] = Housing.mail_test_id
  return email_template_hash
end
add_global_merge_vars(email_template_hash, vars) click to toggle source
# File lib/housing_misc/api_helper.rb, line 105
def add_global_merge_vars(email_template_hash, vars)
  email_template_hash[:params_json][:global_merge_vars][:modules].each do |mod_name|
    mod_name[:merge_vars].first.each do |key, value|
      mod_name[:merge_vars].first[key] = vars[key] if value.nil?
    end
  end
  return email_template_hash
end
add_merge_vars(email_template_hash, vars) click to toggle source
# File lib/housing_misc/api_helper.rb, line 114
def add_merge_vars(email_template_hash, vars)
  email_template_hash[:params_json][:merge_vars] = []
  email_template_hash[:params_json][:users].each do |user_email|
    email = user_email[:email]
    email_template_hash[:params_json][:merge_vars].push(email_template_hash[:params_json][:global_merge_vars].merge({email: email}))
  end
  if email_template_hash[:params_json][:global_merge_vars][:template_merge_vars].present?
    email_template_hash[:params_json][:global_merge_vars][:template_merge_vars].each do |key, value|
      email_template_hash[:params_json][:global_merge_vars][:template_merge_vars][key] = vars[key]
    end
  end
  return email_template_hash
end
add_user_emails(email_template_hash, users) click to toggle source
# File lib/housing_misc/api_helper.rb, line 96
def add_user_emails(email_template_hash, users)
  email_template_hash[:params_json][:users] = []
  users.each do |user_email|
    user_email = user_email.with_indifferent_access
    email_template_hash[:params_json][:users].push({name: user_email[:name], email: user_email[:email]})
  end
  return email_template_hash
end
csrf_check(csrf_encryption_key, velocity_salt) click to toggle source
# File lib/housing_misc/api_helper.rb, line 58
def csrf_check(csrf_encryption_key, velocity_salt)
  unless is_request_csrf_valid?(request, cookies, params, csrf_encryption_key, velocity_salt)
    log_file ||= Logger.new("#{Rails.root}/log/unauthorized_api_requests.log")
    log_invalid_csrf_request(log_file, request, cookies, params)
    render :json => {:message => "You are not authorized to make this call", :error => "CSRF_CHECK_FAILED"}, status: 401
  end
end
filter_parameters(params) click to toggle source
# File lib/housing_misc/api_helper.rb, line 9
def filter_parameters(params)
  filters = Rails.application.config.filter_parameters rescue []
  f = ActionDispatch::Http::ParameterFilter.new filters
  return f.filter(params)
end
get_api_call(url, request_timeout = 15.0) click to toggle source
# File lib/housing_misc/api_helper.rb, line 169
def get_api_call(url, request_timeout = 15.0)
  parsed_url = URI.parse(url)
  http = Net::HTTP.new(parsed_url.host, parsed_url.port)
  http.read_timeout = request_timeout
  request = Net::HTTP::Get.new(parsed_url.request_uri)
  begin
    response = http.request(request)
    raise "request failed :: #{response}" if response.code != "200"
    request_response = response.body
  rescue => exception
    logging_file.error("CampaignError :: #{exception}")
    raise "CampaignError for url: #{url}"
  end
  return request_response
end
get_email_template_from_mail_service(template_slug, template_version) click to toggle source
# File lib/housing_misc/api_helper.rb, line 134
def get_email_template_from_mail_service(template_slug, template_version)
  template_name = template_slug.gsub("-","_")
  uri = URI.parse("#{Housing.mail_service_url}v1/email/request_format?template_name=#{template_name}&template_version=#{template_version}")
  response = (Oj.load(Net::HTTP.get(uri))["data"]) rescue {}
end
get_past_channel_details(profiles_hash, start_datetime, end_datetime, channel, template_details) click to toggle source
# File lib/housing_misc/api_helper.rb, line 140
def get_past_channel_details(profiles_hash, start_datetime, end_datetime, channel, template_details)
  response = {}
  query_params = {
                  template_name: template_details[:template_name],
                  end_datetime: end_datetime
                 }
  query_params[:template_version] = template_details[:template_version] if channel == "email"

  profiles_date_hash = {}
  profiles_hash.each do |key, value|
    date = value["last_activity_time"] || start_datetime
    date = Date.strptime(date.to_s,'%s').to_time.to_i
    (profiles_date_hash[date] ||= []) << key
  end

  profiles_date_hash.each do |date, email_or_numbers|
    # increasing batch size would lead to exception 414 URI too large, Please don't increase batch size
    email_or_numbers.each_slice(100) do |batch|
      query_params[identifier[channel.to_sym]] = batch.join(',')
      query_params[:start_datetime] = date
      query = query_params.to_query
      url = send("#{channel}_report_url".to_sym) + query
      batch_response = (Oj.load(get_api_call(url))["data"])
      response.merge!(batch_response)
    end
  end
  response
end
get_request_attribute_value(headers, params, key) click to toggle source
# File lib/housing_misc/api_helper.rb, line 5
def get_request_attribute_value(headers, params, key)
  headers["HTTP_#{key.upcase.tr('-', '_')}"] || params[key]
end
get_shortened_url(url) click to toggle source
# File lib/housing_misc/api_helper.rb, line 200
def get_shortened_url(url)
  shortened_url = ""
  uri = URI.parse("#{Housing.url_shortener}/shorten")
  response = Net::HTTP.post_form(uri, {url: url})
  if response.code.to_i == 200
    shortened_url = Housing.short_url_domain + JSON.parse(response.body)["id"]
  end
  shortened_url
end
internal_host_check() click to toggle source
# File lib/housing_misc/api_helper.rb, line 50
def internal_host_check
  unless is_request_internal?(request)
    log_file ||= Logger.new("#{Rails.root}/log/unauthorized_api_requests.log")
    log_file.info "Internal host check violated | remote_ip:#{request.remote_ip}, host:#{request.host}, port:#{request.port}, params:#{filter_parameters(params)}"
    render :json => {:message => "You are not authorized to make this call"}, status: 401
  end
end
is_request_csrf_valid?(request, cookies, params, csrf_encryption_key, velocity_salt) click to toggle source
# File lib/housing_misc/api_helper.rb, line 40
def is_request_csrf_valid?(request, cookies, params, csrf_encryption_key, velocity_salt)
  if request.get? || is_request_internal?(request) || is_request_from_mobile?(request, params, velocity_salt)
    return true
  else
    csrf_id = cookies["cuid"] || ""
    csrf_token = request.headers["HTTP_X_CSRF_TOKEN_V2"]
    return OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'), csrf_encryption_key, csrf_id) == csrf_token
  end
end
is_request_from_mobile?(request, params, velocity_salt) click to toggle source
# File lib/housing_misc/api_helper.rb, line 19
def is_request_from_mobile?(request, params, velocity_salt)
  source = get_request_attribute_value(request.headers, params, "source") || ""
  time_stamp = get_request_attribute_value(request.headers, params, "ts")
  signed_param = get_request_attribute_value(request.headers, params, "sp")

  if time_stamp.blank? || signed_param.blank?
    if ["android", "ios"].include?(source.downcase) # To be removed once all the users moves to latest app version which includes ts-sp thing
      log_file ||= Logger.new("#{Rails.root}/log/app_requests_with_missing_params.log")
      log_invalid_csrf_request(log_file, request, cookies, params)
       return true 
    elsif params["app_name"] == "locon.com.datacollection" # To be removed once dc app implements ts-sp thing
      log_file ||= Logger.new("#{Rails.root}/log/dc_app_requests_with_missing_params.log")
      log_invalid_csrf_request(log_file, request, cookies, params)
       return true 
    end
  else
    return ((Time.now.to_i - time_stamp.to_i) <= MOBILE_REQUEST_TIME_THRESHOLD) && (Digest::MD5.hexdigest(velocity_salt + time_stamp) == signed_param)
  end
  return false
end
is_request_internal?(request) click to toggle source
# File lib/housing_misc/api_helper.rb, line 15
def is_request_internal?(request)
  Rails.env != "production" || request.host.include?("internal")
end
log_invalid_csrf_request(log_file, request, cookies, params) click to toggle source
# File lib/housing_misc/api_helper.rb, line 66
def log_invalid_csrf_request(log_file, request, cookies, params)
  log_file.info "CSRF check violated | new_csrf_token:#{request.headers["HTTP_X_CSRF_TOKEN_V2"]} | new_csrf_id:#{cookies["cuid"]} | remote_ip:#{request.remote_ip} | host:#{request.host} | port:#{request.port} | method:#{request.method} | referrer:#{request.referrer} | User-Agent:#{request.headers["User-Agent"]} | source:#{get_request_attribute_value(request.headers, params, "source")} | time_stamp: #{get_request_attribute_value(request.headers, params, "ts")} | signed_param:#{get_request_attribute_value(request.headers, params, "sp")} | params:#{filter_parameters(params)}"
end
logging_file() click to toggle source
# File lib/housing_misc/api_helper.rb, line 185
def logging_file
  @log_file ||= Logger.new("#{Rails.root}/log/campaign_errors.log")
end
send_generic_mail(template_slug, template_version, users, base_vars, merge_vars, high_priority=false, attachments=[], deferred=false, send_time=nil, google_analytics_campaign=nil) click to toggle source
# File lib/housing_misc/api_helper.rb, line 70
def send_generic_mail(template_slug, template_version, users, base_vars, merge_vars, high_priority=false, attachments=[], deferred=false, send_time=nil, google_analytics_campaign=nil)
  base_vars = base_vars.with_indifferent_access
  merge_vars = merge_vars.with_indifferent_access
  email_template_hash = get_email_template_from_mail_service(template_slug, template_version).with_indifferent_access
  email_template_hash = add_base_vars(email_template_hash, base_vars)
  if google_analytics_campaign.present?
    email_template_hash[:params_json].merge!(google_analytics_campaign: google_analytics_campaign)
  end
  email_template_hash = add_user_emails(email_template_hash, users)
  email_template_hash = add_global_merge_vars(email_template_hash, merge_vars)
  email_template_hash = add_merge_vars(email_template_hash, merge_vars)
  email_template_hash = add_attachments(email_template_hash, attachments)
  if deferred
    response = Net::HTTP.post_form( URI( "#{Housing.mail_service_url}v1/email/send_deferred" ), "email_request"=> email_template_hash.to_json, "high_priority"=>high_priority, "send_time" => send_time)
  else
    response = Net::HTTP.post_form( URI( "#{Housing.mail_service_url}v1/email/send" ), "email_request"=> email_template_hash.to_json, "high_priority"=>high_priority)
  end
  return response.code.to_i, response.body
end
send_generic_sms(phone_number, template_name, send_time, sms_params) click to toggle source
# File lib/housing_misc/api_helper.rb, line 189
def send_generic_sms(phone_number, template_name, send_time, sms_params)
  post_args ={
    "template_name" => template_name,
    "sms_request[number]" => phone_number,
    "sms_request[test_number]" => Housing.sms_test_number,
    "send_time" => send_time,
    "sms_request[params_json]" => sms_params.to_json
  }
  response = Net::HTTP.post_form( URI("#{Housing.sms_service_url}/v0/sms/send_deferred"), post_args)
end
upload_log_to_s3(file_path) click to toggle source
# File lib/housing_misc/api_helper.rb, line 210
def upload_log_to_s3(file_path)
  s3_key = Rails.root.to_s.split('/')[-1] + '/' + file_path.split('/')[-1]
  s3_client.bucket(HousingMisc.bucket).object(s3_key).upload_file(file_path)
end

Private Instance Methods

email_report_url() click to toggle source
# File lib/housing_misc/api_helper.rb, line 217
def email_report_url
  "#{Housing.mail_service_url}/api/v1/email-report?"
end
identifier() click to toggle source
# File lib/housing_misc/api_helper.rb, line 225
def identifier
  {
    email: :emails,
    sms: :phone_numbers
  }
end
s3_client() click to toggle source
# File lib/housing_misc/api_helper.rb, line 232
def s3_client
  @s3_client ||= Aws::S3::Resource.new(
    credentials: Aws::Credentials.new(HousingMisc.aws_access_token, HousingMisc.aws_access_secret),
    region: HousingMisc.region
  )
end
sms_report_url() click to toggle source
# File lib/housing_misc/api_helper.rb, line 221
def sms_report_url
  "#{Housing.sms_service_url}/v0/sms-report?"
end