Merge branch 'survey-session-revamp'

Author: lukebaker

.travis.yml

@@ -1,7 +1,6 @@
 # please build
 language: ruby
 rvm:
-  - 1.8.7
   - 1.9.3
 services:
  - redis-server

Gemfile.lock

@@ -12,7 +12,6 @@ GEM
     activeresource (2.3.18)
       activesupport (= 2.3.18)
     activesupport (2.3.18)
-    addressable (2.3.2)
     airbrake (3.1.12)
       activesupport
       builder
@@ -36,8 +35,8 @@ GEM
       rack-test (>= 0.5.4)
       selenium-webdriver (~> 2.0)
       xpath (~> 0.1.4)
-    childprocess (0.3.5)
-      ffi (~> 1.0, >= 1.0.6)
+    childprocess (0.5.1)
+      ffi (~> 1.0, >= 1.0.11)
     chunky_png (1.2.6)
     cocaine (0.3.2)
     compass (0.12.2)
@@ -80,7 +79,7 @@ GEM
     fastercsv (1.5.1)
     faye-websocket (0.4.6)
       eventmachine (>= 0.12.0)
-    ffi (1.1.5)
+    ffi (1.9.3)
     formtastic (0.2.5)
     friendly_id (2.2.5)
       activerecord (>= 2.2.3)
@@ -107,8 +106,6 @@ GEM
       rake
     json (1.7.7)
     json_pure (1.7.5)
-    libwebsocket (0.1.5)
-      addressable
     libxml-ruby (2.2.2)
     mime-types (1.16)
     multi_json (1.0.4)
@@ -152,15 +149,15 @@ GEM
     rspec-rails (1.3.4)
       rack (>= 1.0.0)
       rspec (~> 1.3.1)
-    rubyzip (0.9.9)
+    rubyzip (1.1.0)
     sass (3.2.1)
     sax-machine (0.0.14)
       nokogiri (> 0.0.0)
-    selenium-webdriver (2.25.0)
-      childprocess (>= 0.2.5)
-      libwebsocket (~> 0.1.3)
+    selenium-webdriver (2.40.0)
+      childprocess (>= 0.5.0)
       multi_json (~> 1.0)
-      rubyzip
+      rubyzip (~> 1.0)
+      websocket (~> 1.0.4)
     sendgrid (0.1.4)
     shoulda (2.10.3)
     sqlite3 (1.3.5)
@@ -172,6 +169,7 @@ GEM
     thoughtbot-clearance (0.8.2)
     timecop (0.3.5)
     uuidtools (2.1.4)
+    websocket (1.0.7)
     will_paginate (2.3.14)
     xml-simple (1.0.12)
     xpath (0.1.4)

app/controllers/application_controller.rb

@@ -4,7 +4,8 @@ class ApplicationController < ActionController::Base
   helper :all
   protect_from_forgery
 
-  before_filter :initialize_session, :set_session_timestamp, :record_action, :view_filter, :set_pairwise_credentials, :set_locale, :set_p3p_header
+  before_filter :initialize_session, :get_survey_session, :record_action, :view_filter, :set_pairwise_credentials, :set_locale, :set_p3p_header
+  after_filter :write_survey_session_cookie
 
   # preprocess photocracy_view_path on boot because
   # doing pathset generation during a request is very costly.
@@ -30,13 +31,6 @@ def set_pairwise_credentials
 
   def initialize_session
     session[:session_id] # this forces load of the session in Rails 2.3.x
-    if signed_in?
-      logger.info "current user is #{current_user.inspect}"
-    end
-
-    if white_label_request?
-      logger.info "white_label request - no header and footer displayed"
-    end
   end
 
   helper_method :white_label_request?
@@ -60,19 +54,85 @@ def show_aoi_nav?
   # called when the request is not verified via the authenticity_token
   def handle_unverified_request
     super
-    raise(ActionController::InvalidAuthenticityToken)
+    # Appearance_lookup can act like an authenticity token because
+    # get_survey_session will raise an error if no cookie found with proper appearance_lookup
+    raise(ActionController::InvalidAuthenticityToken) unless params[:appearance_lookup]
   end
 
-  def set_session_timestamp
-    # ActiveResource::HttpMock only matches static strings for query parameters
-    # when in test set this to a static value, so we can match the resulting API queries for mocking
-    request.session_options[:id] = "test123" if Rails.env == "test"
-    expiration_time = session[:expiration_time]
-    if expiration_time && expiration_time < Time.now || session[:session_id].nil?
-      session[:session_id] = ActiveSupport::SecureRandom.hex(16)
-      request.session_options[:id] = session[:session_id]
+  # This method sets question_id based on the URL and parameters of the request
+  # We want to know the question_id early in the request process because we
+  # use it to determine the proper session for this request.
+  #
+  # The different controller / actions have differing ways of determining the
+  # question_id. Some are only passed the Earl.name, while others get the
+  # question_id directly as a parameter.
+  #
+  # Some requests like the homepage will have @question_id = nil. This is
+  # okay as they don't pass any session information to pairwise. A separate
+  # session is kept for requests that have no question_id.
+  def set_question_id_earl
+    @question_id = nil
+    if [controller_name, action_name] == ['earls', 'show']
+      @earl = Earl.find_by_name(params[:id])
+      @question_id = @earl.try(:question_id)
+    elsif controller_name == 'prompts'
+      @question_id = params[:question_id]
+    elsif controller_name == 'questions'
+      if ['add_idea', 'visitor_voting_history'].include?(action_name)
+        @question_id = params[:id]
+      elsif ['results', 'about', 'admin', 'update_name'].include?(action_name)
+        @earl = Earl.find_by_name(params[:id])
+        @question_id = @earl.try(:question_id)
+      end
+    elsif controller_name == 'choices'
+      if action_name == 'toggle'
+        @earl = Earl.find(params[:earl_id])
+      else
+        @earl = Earl.find_by_name(params[:question_id])
+      end
+      @question_id = @earl.try(:question_id)
     end
-    session[:expiration_time] = 10.minutes.from_now
+  end
+
+  # Called as a before_filter.
+  def get_survey_session
+    # First order of business is to set the question_id.
+    set_question_id_earl
+
+    begin
+      # Based on the cookies, question_id, and appearance_lookup, find the
+      # proper session for this request.
+      session_data = SurveySession.find(cookies, @question_id, params[:appearance_lookup])
+    rescue CantFindSessionFromCookies => e
+      # if no appearance_lookup, then we can safely create a new sesssion
+      # otherwise this request ought to fail as they are attempting some action
+      # without the proper session being found
+      if params[:appearance_lookup].nil?
+        session_data = [{:question_id => @question_id }]
+      else
+        raise e
+      end
+    end
+    # Create new SurveySession object for this request.
+    @survey_session = SurveySession.send(:new, *session_data)
+    if @survey_session.expired?
+      # This will regenerate the session_id, saving the old one.
+      # We can send along both the new and old session_id to pairwise
+      # for requests that have sessions that have expired.
+      @survey_session.regenerate
+    end
+
+    # We want the session to expire after X minutes of inactivity, so update
+    # the expiry with every request.
+    @survey_session.update_expiry
+  end
+
+  # Called as a after_filter to ensure we pass along the updated survey session
+  # cookie in the response to this request.
+  def write_survey_session_cookie
+    cookies[@survey_session.cookie_name] = {
+      :value => @survey_session.cookie_value
+    }
   end
 
   def record_action
@@ -88,7 +148,7 @@ def record_action
     end
 
     visitor = Visitor.find_or_create_by_remember_token(:remember_token => visitor_remember_token)
-    user_session = SessionInfo.find_or_create_by_session_id(:session_id => request.session_options[:id], 
+    user_session = SessionInfo.find_or_create_by_session_id(:session_id => @survey_session.session_id,
 						       :ip_addr => request.remote_ip,
 						       :user_agent => request.env["HTTP_USER_AGENT"],
 						       :white_label_request => white_label_request?, 
@@ -103,13 +163,6 @@ def record_action
 	    user_session.save!
     end
 
-    if current_user 
-      logger.info "CLICKSTREAM: #{controller_name}##{action_name} by Session #{request.session_options[:id]} (User: #{current_user.email})"
-    else
-      logger.info "CLICKSTREAM: #{controller_name}##{action_name} by Session #{request.session_options[:id]} (not logged in)"
-    end
-   #   Click.create( :sid => request.session_options[:id], :ip_addr => request.remote_ip, :url => request.url,
-#		   :controller => controller_name, :action => action_name, :user => nil, :referrer => request.referrer)
     if (session[:abingo_identity])
 	    Abingo.identity = session[:abingo_identity]
     else

app/controllers/earls_controller.rb

@@ -25,7 +25,7 @@ def show
       show_params = {:with_prompt => true, 
 		     :with_appearance => true, 
 		     :with_visitor_stats => true,
-		     :visitor_identifier => request.session_options[:id]}
+		     :visitor_identifier => @survey_session.session_id}
 
       show_params.merge!({:future_prompts => {:number => 1}, :with_average_votes => true}) if @photocracy
 
@@ -38,6 +38,7 @@ def show
       end
 
 
+        @survey_session.appearance_lookup = @question.attributes["appearance_id"]
        logger.info "inside questions#show " + @question.inspect
 
        # we can probably make this into one api call
@@ -218,7 +219,6 @@ def validate_hex_color(color)
   end
 
   def dumb_cleartext_authentication
-    @earl = Earl.find_by_name(params[:id])
     redirect_to('/') and return unless @earl
     unless @earl.pass.blank?
       authenticate_or_request_with_http_basic(t('questions.owner_password_exp')) do |user_name, password|

app/controllers/prompts_controller.rb

@@ -30,6 +30,7 @@ def vote
         :appearance_lookup => next_prompt['appearance_id'],
         :prompt_id         => next_prompt['id'],
       }
+      @survey_session.appearance_lookup = result[:appearance_lookup]
 
       if wikipedia?
         # wikipedia ideas are prepended by a 4 character integer
@@ -71,6 +72,7 @@ def skip
         :right_choice_url  => question_choice_path(@earl.name, next_prompt['right_choice_id']),
         :message => t('vote.cant_decide_message')
       }
+      @survey_session.appearance_lookup = result[:appearance_lookup]
 
       if wikipedia?
         # wikipedia ideas are prepended by a 4 character integer
@@ -103,7 +105,7 @@ def flag
     @choice.prefix_options[:question_id] = question_id
 
     c = @choice.put(:flag,
-                    :visitor_identifier => request.session_options[:id],
+                    :visitor_identifier => @survey_session.session_id,
                     :explanation => reason)
 
     new_choice = Crack::XML.parse(c.body)['choice']
@@ -134,6 +136,7 @@ def flag
         :prompt_id         => next_prompt['id'],
         :message => t('vote.flag_complete_message')
       }
+      @survey_session.appearance_lookup = result[:appearance_lookup]
 
       result = add_photocracy_info(result, next_prompt, params[:question_id]) if @photocracy
       render :json => result.to_json
@@ -175,11 +178,14 @@ def add_photocracy_info(result, next_prompt, question_id)
   end
 
   def get_object_request_options(params, request_type)
-     options = { :visitor_identifier => request.session_options[:id],
+     options = { :visitor_identifier => @survey_session.session_id,
                  # use static value of 5 if in test, so we can mock resulting API queries
                  :time_viewed => (Rails.env == 'test') ? 5 : params[:time_viewed],
                  :appearance_lookup => params[:appearance_lookup]
      }
+    if @survey_session.old_session_id
+      options.merge!({:old_visitor_identifier => @survey_session.old_session_id})
+    end
      case request_type
        when :vote
            options.merge!({:direction => params[:direction],
@@ -203,7 +209,7 @@ def get_object_request_options(params, request_type)
   def get_next_prompt_options
     next_prompt_params = { :with_appearance => true,
                             :with_visitor_stats => true,
-                            :visitor_identifier => request.session_options[:id]
+                            :visitor_identifier => @survey_session.session_id
                           }
     next_prompt_params.merge!(:future_prompts => {:number => 1}) if @photocracy
     next_prompt_params

app/controllers/questions_controller.rb

@@ -963,7 +963,7 @@ def add_idea
       end
     end
 
-    choice_params = {:visitor_identifier => request.session_options[:id], 
+    choice_params = {:visitor_identifier => @survey_session.session_id,
       :data => new_idea_data, 
       :question_id => params[:id]}
 
@@ -973,7 +973,7 @@ def add_idea
     if @choice = Choice.create(choice_params)
       @question = Question.find(params[:id], :params => {
         :with_visitor_stats => true,
-        :visitor_identifier => request.session_options[:id]
+        :visitor_identifier => @survey_session.session_id
       })
       @earl = Earl.find_by_question_id(params[:id])
 
@@ -1093,7 +1093,7 @@ def create
   def question_params_valid
     if @question.valid?(@photocracy) && (signed_in? || (@user.valid? && @user.save && sign_in(@user)))
       @question.attributes.merge!({'local_identifier' => current_user.id,
-                                  'visitor_identifier' => request.session_options[:id]})
+                                  'visitor_identifier' => @survey_session.session_id})
       return true if @question.save
     else
       return false
@@ -1252,7 +1252,7 @@ def upload_photos
   end
 
   def visitor_voting_history
-    @votes = Session.new(:id => request.session_options[:id]).get(:votes, :question_id => params[:id])
+    @votes = Session.new(:id => @survey_session.session_id).get(:votes, :question_id => params[:id])
 
     if @photocracy
       @votes['votes'].each do |vote|