Ability to disable account by default and enable it with ACCOUNT_ENABLED env variable

2 years ago · 428aac0152
parent ff51149eab
commit 428aac0152
15 changed files with 146 additions and 53 deletions
--- a/apps/block_scout_web/lib/block_scout_web/api_router.ex
+++ b/apps/block_scout_web/lib/block_scout_web/api_router.ex
@ -13,6 +13,7 @@ defmodule BlockScoutWeb.ApiRouter do
  Router for API
  """
  use BlockScoutWeb, :router
+  alias BlockScoutWeb.Plug.CheckAccountAPI

  pipeline :api do
    plug(:accepts, ["json"])
@ -21,6 +22,7 @@ defmodule BlockScoutWeb.ApiRouter do
  pipeline :account_api do
    plug(:fetch_session)
    plug(:protect_from_forgery)
+    plug(CheckAccountAPI)
  end

  alias BlockScoutWeb.Account.Api.V1.{TagsController, UserController}
--- a/apps/block_scout_web/lib/block_scout_web/controllers/account/auth_controller.ex
+++ b/apps/block_scout_web/lib/block_scout_web/controllers/account/auth_controller.ex
@ -2,6 +2,7 @@ defmodule BlockScoutWeb.Account.AuthController do
  use BlockScoutWeb, :controller

  alias BlockScoutWeb.Models.UserFromAuth
+  alias Explorer.Account

  plug(Ueberauth)

@ -53,8 +54,13 @@ defmodule BlockScoutWeb.Account.AuthController do
    current_user(conn) || redirect(conn, to: root())
  end

-  def current_user(%{private: %{plug_session: %{"current_user" => _}}} = conn),
-    do: get_session(conn, :current_user)
+  def current_user(%{private: %{plug_session: %{"current_user" => _}}} = conn) do
+    if Account.enabled?() do
+      get_session(conn, :current_user)
+    else
+      nil
+    end
+  end

  def current_user(_), do: nil

--- a/apps/block_scout_web/lib/block_scout_web/plug/check_account_api.ex
+++ b/apps/block_scout_web/lib/block_scout_web/plug/check_account_api.ex
@ -0,0 +1,21 @@
+defmodule BlockScoutWeb.Plug.CheckAccountAPI do
+  @moduledoc """
+    Checks if the Account functionality enabled for API level.
+  """
+  import Plug.Conn
+
+  alias Explorer.Account
+
+  def init(opts), do: opts
+
+  def call(conn, _opts) do
+    if Account.enabled?() do
+      conn
+    else
+      conn
+      |> put_resp_content_type("application/json")
+      |> send_resp(404, Jason.encode!(%{message: "Account functionality is disabled"}))
+      |> halt()
+    end
+  end
+end
--- a/apps/block_scout_web/lib/block_scout_web/plug/check_account_web.ex
+++ b/apps/block_scout_web/lib/block_scout_web/plug/check_account_web.ex
@ -0,0 +1,31 @@
+defmodule BlockScoutWeb.Plug.CheckAccountWeb do
+  @moduledoc """
+    Checks if the Account functionality enabled for web interface.
+  """
+  import Phoenix.Controller
+  alias Phoenix.View
+  import Plug.Conn
+
+  alias Explorer.Account
+
+  def init(opts), do: opts
+
+  def call(conn, _opts) do
+    if Account.enabled?() do
+      conn
+    else
+      inner_view =
+        View.render(
+          BlockScoutWeb.PageNotFoundView,
+          "index.html",
+          token: nil
+        )
+
+      conn
+      |> put_status(404)
+      |> put_view(BlockScoutWeb.LayoutView)
+      |> render(:app, inner_content: inner_view)
+      |> halt()
+    end
+  end
+end
--- a/apps/block_scout_web/lib/block_scout_web/templates/layout/_account_menu_item.html.eex
+++ b/apps/block_scout_web/lib/block_scout_web/templates/layout/_account_menu_item.html.eex
@ -0,0 +1,33 @@
+<%= if Explorer.Account.enabled?() do %>
+    <%= if @current_user do %>
+        <li class="nav-item dropdown">
+        <a class="nav-link topnav-nav-link dropdown-toggle" href="#" id="navbarBlocksDropdown" role="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">
+            <span class="nav-link-icon">
+            <img src="<%= Plug.Conn.get_session(@conn, :current_user)[:avatar] %>"  size="20" height="20" width="20"  >
+            </span>
+        </a>
+        <div class="dropdown-menu" aria-labelledby="navbarBlocksDropdown">
+            <div class="header dropdown-item">
+            <%= "Signed in as " <> Plug.Conn.get_session(@conn, :current_user)[:nickname] %>
+            </div>
+            <a href="<%= auth_path(@conn, :profile) %>" class= "dropdown-item"><%= gettext "Profile" %></a>
+            <a href="<%= watchlist_path(@conn, :show) %>" class= "dropdown-item"><%= gettext "Watch list" %></a>
+            <a href="<%= tag_address_path(@conn, :index) %>" class= "dropdown-item"><%= gettext "Address Tags" %></a>
+            <a href="<%= tag_transaction_path(@conn, :index) %>" class= "dropdown-item"><%= gettext "Transaction Tags" %></a>
+            <a href="<%= api_key_path(@conn, :index) %>" class= "dropdown-item"><%= gettext "API keys" %></a>
+            <a href="<%= custom_abi_path(@conn, :index) %>" class= "dropdown-item"><%= gettext "Custom ABI" %></a>
+            <a href="<%= public_tags_request_path(@conn, :index) %>" class= "dropdown-item"><%= gettext "Public Tags" %></a>
+            <a href="<%= BlockScoutWeb.LayoutView.sign_out_link %>" class= "dropdown-item"><%= gettext "Sign out" %></a>
+        </div>
+        </li>
+    <% else %>
+        <li>
+        <a class="nav-link topnav-nav-link" href="<%= BlockScoutWeb.LayoutView.sign_in_link %>" id="navbarBlocksDropdown" role="button" aria-haspopup="true">
+            <span class="nav-link-icon">
+            <%= render BlockScoutWeb.IconsView, "_accounts_icon.html" %>
+            </span>
+            Sign in
+        </a>
+        </li>
+    <% end %>
+<% end %>
--- a/apps/block_scout_web/lib/block_scout_web/templates/layout/_topnav.html.eex
+++ b/apps/block_scout_web/lib/block_scout_web/templates/layout/_topnav.html.eex
@ -172,37 +172,7 @@
            <path fill="#9B62FF" fill-rule="evenodd" d="M14.88 11.578a.544.544 0 0 0-.599-.166 5.7 5.7 0 0 1-1.924.321c-3.259 0-5.91-2.632-5.91-5.866 0-1.947.968-3.759 2.59-4.849a.534.534 0 0 0-.225-.97A5.289 5.289 0 0 0 8.059 0C3.615 0 0 3.588 0 8s3.615 8 8.059 8c2.82 0 5.386-1.423 6.862-3.806a.533.533 0 0 0-.041-.616z"/>
          </svg>
        </button>
-        <%= if @current_user do %>
-          <li class="nav-item dropdown">
-            <a class="nav-link topnav-nav-link dropdown-toggle" href="#" id="navbarBlocksDropdown" role="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">
-              <span class="nav-link-icon">
-                <img src="<%= Plug.Conn.get_session(@conn, :current_user)[:avatar] %>"  size="20" height="20" width="20"  >
-              </span>
-            </a>
-            <div class="dropdown-menu" aria-labelledby="navbarBlocksDropdown">
-              <div class="header dropdown-item">
-                <%= "Signed in as " <> Plug.Conn.get_session(@conn, :current_user)[:nickname] %>
-              </div>
-              <a href="<%= auth_path(@conn, :profile) %>" class= "dropdown-item"><%= gettext "Profile" %></a>
-              <a href="<%= watchlist_path(@conn, :show) %>" class= "dropdown-item"><%= gettext "Watch list" %></a>
-              <a href="<%= tag_address_path(@conn, :index) %>" class= "dropdown-item"><%= gettext "Address Tags" %></a>
-              <a href="<%= tag_transaction_path(@conn, :index) %>" class= "dropdown-item"><%= gettext "Transaction Tags" %></a>
-              <a href="<%= api_key_path(@conn, :index) %>" class= "dropdown-item"><%= gettext "API keys" %></a>
-              <a href="<%= custom_abi_path(@conn, :index) %>" class= "dropdown-item"><%= gettext "Custom ABI" %></a>
-              <a href="<%= public_tags_request_path(@conn, :index) %>" class= "dropdown-item"><%= gettext "Public Tags" %></a>
-              <a href="<%= BlockScoutWeb.LayoutView.sign_out_link %>" class= "dropdown-item"><%= gettext "Sign out" %></a>
-            </div>
-          </li>
-        <% else %>
-          <li>
-            <a class="nav-link topnav-nav-link" href="<%= BlockScoutWeb.LayoutView.sign_in_link %>" id="navbarBlocksDropdown" role="button" aria-haspopup="true">
-              <span class="nav-link-icon">
-                <%= render BlockScoutWeb.IconsView, "_accounts_icon.html" %>
-              </span>
-              Sign in
-            </a>
-          </li>
-        <% end %>
+        <%= render BlockScoutWeb.LayoutView, "_account_menu_item.html", conn: @conn, current_user: @current_user %>
      </ul>
      <%= render BlockScoutWeb.LayoutView, "_search.html", conn: @conn, id: "main-search-autocomplete", additional_classes: ["mobile-search-hide"] %>
    </div>
--- a/apps/block_scout_web/lib/block_scout_web/views/layout_view.ex
+++ b/apps/block_scout_web/lib/block_scout_web/views/layout_view.ex
@ -266,11 +266,15 @@ defmodule BlockScoutWeb.LayoutView do
    return_to = Application.get_env(:ueberauth, Ueberauth)[:logout_return_to_url]
    logout_url = Application.get_env(:ueberauth, Ueberauth)[:logout_url]

-    params = [
-      client_id: client_id,
-      returnTo: return_to
-    ]
+    if client_id && return_to && logout_url do
+      params = [
+        client_id: client_id,
+        returnTo: return_to
+      ]

-    [logout_url, "?", URI.encode_query(params)]
+      [logout_url, "?", URI.encode_query(params)]
+    else
+      []
+    end
  end
 end
--- a/apps/block_scout_web/lib/block_scout_web/web_router.ex
+++ b/apps/block_scout_web/lib/block_scout_web/web_router.ex
@ -5,6 +5,8 @@ defmodule BlockScoutWeb.WebRouter do
  use BlockScoutWeb, :router
  require Ueberauth

+  alias BlockScoutWeb.Plug.CheckAccountWeb
+
  pipeline :browser do
    plug(:accepts, ["html"])
    plug(:fetch_session)
@ -14,12 +16,22 @@ defmodule BlockScoutWeb.WebRouter do
    plug(BlockScoutWeb.ChecksumAddress)
  end

+  pipeline :account do
+    plug(:accepts, ["html"])
+    plug(:fetch_session)
+    plug(:fetch_flash)
+    plug(CheckAccountWeb)
+    plug(:protect_from_forgery)
+    plug(BlockScoutWeb.CSPHeader)
+    plug(BlockScoutWeb.ChecksumAddress)
+  end
+
  if Mix.env() == :dev do
    forward("/sent_emails", Bamboo.SentEmailViewerPlug)
  end

  scope "/auth", BlockScoutWeb do
-    pipe_through(:browser)
+    pipe_through(:account)

    get("/profile", Account.AuthController, :profile)
    get("/logout", Account.AuthController, :logout)
@ -28,7 +40,7 @@ defmodule BlockScoutWeb.WebRouter do
  end

  scope "/account", BlockScoutWeb do
-    pipe_through(:browser)
+    pipe_through(:account)

    resources("/tag_address", Account.TagAddressController,
      only: [:index, :new, :create, :delete],
--- a/apps/block_scout_web/priv/gettext/default.pot
+++ b/apps/block_scout_web/priv/gettext/default.pot
@ -804,7 +804,7 @@ msgstr ""
 #: lib/block_scout_web/templates/account/common/_nav.html.eex:19
 #: lib/block_scout_web/templates/account/custom_abi/form.html.eex:8
 #: lib/block_scout_web/templates/account/custom_abi/index.html.eex:7
-#: lib/block_scout_web/templates/layout/_topnav.html.eex:182
+#: lib/block_scout_web/templates/layout/_account_menu_item.html.eex:18
 #, elixir-autogen, elixir-format
 msgid "Custom ABI"
 msgstr ""
@ -1828,12 +1828,12 @@ msgid "Priority Fees"
 msgstr ""

 #: lib/block_scout_web/templates/account/common/_nav.html.eex:4
-#: lib/block_scout_web/templates/layout/_topnav.html.eex:177
+#: lib/block_scout_web/templates/layout/_account_menu_item.html.eex:13
 #, elixir-autogen, elixir-format
 msgid "Profile"
 msgstr ""

-#: lib/block_scout_web/templates/layout/_topnav.html.eex:183
+#: lib/block_scout_web/templates/layout/_account_menu_item.html.eex:19
 #, elixir-autogen, elixir-format
 msgid "Public Tags"
 msgstr ""
@ -2048,7 +2048,7 @@ msgstr ""
 msgid "Shows total assets held in the address"
 msgstr ""

-#: lib/block_scout_web/templates/layout/_topnav.html.eex:184
+#: lib/block_scout_web/templates/layout/_account_menu_item.html.eex:20
 #, elixir-autogen, elixir-format
 msgid "Sign out"
 msgstr ""
@ -2905,7 +2905,7 @@ msgstr ""

 #: lib/block_scout_web/templates/account/common/_nav.html.eex:7
 #: lib/block_scout_web/templates/account/watchlist/show.html.eex:7
-#: lib/block_scout_web/templates/layout/_topnav.html.eex:178
+#: lib/block_scout_web/templates/layout/_account_menu_item.html.eex:14
 #, elixir-autogen, elixir-format
 msgid "Watch list"
 msgstr ""
--- a/apps/block_scout_web/priv/gettext/en/LC_MESSAGES/default.po
+++ b/apps/block_scout_web/priv/gettext/en/LC_MESSAGES/default.po
@ -804,7 +804,7 @@ msgstr ""
 #: lib/block_scout_web/templates/account/common/_nav.html.eex:19
 #: lib/block_scout_web/templates/account/custom_abi/form.html.eex:8
 #: lib/block_scout_web/templates/account/custom_abi/index.html.eex:7
-#: lib/block_scout_web/templates/layout/_topnav.html.eex:182
+#: lib/block_scout_web/templates/layout/_account_menu_item.html.eex:18
 #, elixir-autogen, elixir-format
 msgid "Custom ABI"
 msgstr ""
@ -1828,12 +1828,12 @@ msgid "Priority Fees"
 msgstr ""

 #: lib/block_scout_web/templates/account/common/_nav.html.eex:4
-#: lib/block_scout_web/templates/layout/_topnav.html.eex:177
+#: lib/block_scout_web/templates/layout/_account_menu_item.html.eex:13
 #, elixir-autogen, elixir-format
 msgid "Profile"
 msgstr ""

-#: lib/block_scout_web/templates/layout/_topnav.html.eex:183
+#: lib/block_scout_web/templates/layout/_account_menu_item.html.eex:19
 #, elixir-autogen, elixir-format
 msgid "Public Tags"
 msgstr ""
@ -2048,7 +2048,7 @@ msgstr ""
 msgid "Shows total assets held in the address"
 msgstr ""

-#: lib/block_scout_web/templates/layout/_topnav.html.eex:184
+#: lib/block_scout_web/templates/layout/_account_menu_item.html.eex:20
 #, elixir-autogen, elixir-format
 msgid "Sign out"
 msgstr ""
@ -2905,7 +2905,7 @@ msgstr ""

 #: lib/block_scout_web/templates/account/common/_nav.html.eex:7
 #: lib/block_scout_web/templates/account/watchlist/show.html.eex:7
-#: lib/block_scout_web/templates/layout/_topnav.html.eex:178
+#: lib/block_scout_web/templates/layout/_account_menu_item.html.eex:14
 #, elixir-autogen, elixir-format
 msgid "Watch list"
 msgstr ""
--- a/apps/explorer/lib/explorer/account.ex
+++ b/apps/explorer/lib/explorer/account.ex
@ -0,0 +1,9 @@
+defmodule Explorer.Account do
+  @moduledoc """
+  Context for Account module.
+  """
+
+  def enabled? do
+    Application.get_env(:explorer, __MODULE__)[:enabled]
+  end
+end
--- a/apps/explorer/lib/explorer/account/notify.ex
+++ b/apps/explorer/lib/explorer/account/notify.ex
@ -3,6 +3,7 @@ defmodule Explorer.Account.Notify do
    Interface for notifier, for import and call from other modules
  """

+  alias Explorer.Account
  alias Explorer.Account.Notifier.Notify

  require Logger
@ -12,8 +13,10 @@ defmodule Explorer.Account.Notify do
  end

  defp process(transactions) do
-    check_envs()
-    Notify.call(transactions)
+    if Account.enabled?() do
+      check_envs()
+      Notify.call(transactions)
+    end
  rescue
    err ->
      Logger.info("--- Notifier error", fetcher: :account)
--- a/apps/explorer/lib/explorer/vault.ex
+++ b/apps/explorer/lib/explorer/vault.ex
@ -17,6 +17,6 @@ defmodule Explorer.Vault do
  defp decode_env!(var) do
    env = if Mix.env() == :test, do: "+fh7IElJfA61+vMMw8rW9SBJFHmhVL1DLpKE22qUJgw=", else: System.get_env(var)

-    Base.decode64!(env)
+    Base.decode64!(env || "")
  end
 end
--- a/config/runtime.exs
+++ b/config/runtime.exs
@ -328,6 +328,7 @@ config :explorer, Explorer.Mailer,
  api_key: System.get_env("ACCOUNT_SENDGRID_API_KEY")

 config :explorer, Explorer.Account,
+  enabled: System.get_env("ACCOUNT_ENABLED") == "true",
  sendgrid: [
    sender: System.get_env("ACCOUNT_SENDGRID_SENDER"),
    template: System.get_env("ACCOUNT_SENDGRID_TEMPLATE")
--- a/docker/Makefile
+++ b/docker/Makefile
@ -507,6 +507,7 @@ ifdef ACCOUNT_POOL_SIZE
 endif
 ifdef ACCOUNT_CLOAK_KEY
 	BLOCKSCOUT_CONTAINER_PARAMS += -e 'ACCOUNT_CLOAK_KEY=$(ACCOUNT_CLOAK_KEY)'
+endif

 HAS_BLOCKSCOUT_IMAGE := $(shell docker images | grep -sw "${BS_CONTAINER_IMAGE} ")
 build: