Capcode 0.8.4 → 0.8.5

data/examples/rest-run.rb

@@ -0,0 +1,3 @@
+require 'rest'
+
+run Capcode.run()

data/examples/rest.rb

@@ -74,4 +74,4 @@ module Capcode::Views
   
 end
 
-Capcode.run( )
+#Capcode.run( )

data/examples/rest.ru

@@ -0,0 +1,3 @@
+require 'rest'
+
+run Capcode.application()

data/lib/capcode.rb

@@ -7,11 +7,13 @@ require 'irb'
 require 'mime/types'
 require 'capcode/version'
 require 'capcode/core_ext'
+require 'capcode/helpers/auth'
 require 'capcode/render/text'
 
 module Capcode
   @@__ROUTES = {}
   @@__STATIC_DIR = nil
+  @@__APP = nil
   
   # @@__FILTERS = []
   # def self.before_filter( opts, &b )
@@ -51,9 +53,13 @@ module Capcode
     # * :json => MyObject : this suppose that's MyObject respond to .to_json
     # * :static => "my_file.xxx" : this suppose that's my_file.xxx exist in the static directory
     # * :xml => :my_func : :my_func must be defined in Capcode::Views
+    # * :webdav => /path/to/root
     #
     # If you want to use a specific layout, you can specify it with option 
     #   :layout
+    #
+    # If you use the WebDav renderer, you can use the option 
+    #   :resource_class (see http://github.com/georgi/rack_dav for more informations)
     def render( hash )
       if hash.class == Hash
         render_type = nil
@@ -167,7 +173,7 @@ module Capcode
         path = klass
       end
       
-      path+((a.size>0)?("/"+a.join("/")):(""))
+      (ENV['RACK_BASE_URI']||'')+path+((a.size>0)?("/"+a.join("/")):(""))
     end
     
     # Calling content_for stores a block of markup in an identifier.
@@ -218,6 +224,8 @@ module Capcode
         :path => File.expand_path( File.join(".", Capcode.static ) )
       }
     end
+    
+    include Authorization
   end
   
   include Rack
@@ -254,7 +262,7 @@ module Capcode
   end
     
   class << self
-    attr :__args__, true
+    attr :__auth__, true
     
     # Add routes to a controller class
     # 
@@ -348,55 +356,86 @@ module Capcode
           #   puts "call #{proc} for #{__k}"
           # end
 
-          r = case @env["REQUEST_METHOD"]
-            when "GET"
-              finalPath = nil
-              finalArgs = nil
-              finalNArgs = nil
+          # Check authz
+          authz_options = nil
+          if Capcode.__auth__.size > 0
+            authz_options = Capcode.__auth__[@request.path]||nil
+            if authz_options.nil?
+              route = nil
               
-              aPath = @request.path.gsub( /^\//, "" ).split( "/" )
-              self.class.__urls__[0].each do |p, r|
-                xPath = p.gsub( /^\//, "" ).split( "/" )
-                if (xPath - aPath).size == 0
-                  diffArgs = aPath - xPath
-                  diffNArgs = diffArgs.size
-                  if finalNArgs.nil? or finalNArgs > diffNArgs
-                    finalPath = p
-                    finalNArgs = diffNArgs
-                    finalArgs = diffArgs
+              Capcode.__auth__.each do |r, o|
+                regexp = "^#{r.gsub(/\/$/, "")}([/]{1}.*)?$"
+                if Regexp.new(regexp).match( @request.path )
+                  if route.nil? or r.size > route.size
+                    route = r
+                    authz_options = o
                   end
-                end
-                
+                end  
               end
+            end
+          end
 
-              nargs = self.class.__urls__[1]
-              regexp = Regexp.new( self.class.__urls__[0][finalPath] )
-              args = regexp.match( Rack::Utils.unescape(@request.path).gsub( Regexp.new( "^#{finalPath}" ), "" ).gsub( /^\//, "" ) )
-              if args.nil?
-                raise Capcode::ParameterError, "Path info `#{@request.path_info}' does not match route regexp `#{regexp.source}'"
+          r = catch(:halt) { 
+            unless authz_options.nil?
+              http_authentication( :type => authz_options[:type], :realm => authz_options[:realm], :opaque => authz_options[:realm] ) { 
+                authz_options[:autz]
+              }
+            end
+
+            case @env["REQUEST_METHOD"]
+              when "GET"
+                finalPath = nil
+                finalArgs = nil
+                finalNArgs = nil
+                
+                aPath = @request.path.gsub( /^\//, "" ).split( "/" )
+                self.class.__urls__[0].each do |p, r|
+                  xPath = p.gsub( /^\//, "" ).split( "/" )
+                  if (xPath - aPath).size == 0
+                    diffArgs = aPath - xPath
+                    diffNArgs = diffArgs.size
+                    if finalNArgs.nil? or finalNArgs > diffNArgs
+                      finalPath = p
+                      finalNArgs = diffNArgs
+                      finalArgs = diffArgs
+                    end
+                  end
+                  
+                end
+            
+                nargs = self.class.__urls__[1]
+                regexp = Regexp.new( self.class.__urls__[0][finalPath] )
+                args = regexp.match( Rack::Utils.unescape(@request.path).gsub( Regexp.new( "^#{finalPath}" ), "" ).gsub( /^\//, "" ) )
+                if args.nil?
+                  raise Capcode::ParameterError, "Path info `#{@request.path_info}' does not match route regexp `#{regexp.source}'"
+                else
+                  args = args.captures.map { |x| (x.size == 0)?nil:x }
+                end
+                
+                while args.size < nargs
+                  args << nil
+                end
+                      
+                get( *args )
+              when "POST"
+                _method = params.delete( "_method" ) { |_| "post" }
+                send( _method.downcase.to_sym )
               else
-                args = args.captures.map { |x| (x.size == 0)?nil:x }
-              end
-              
-              while args.size < nargs
-                args << nil
-              end
-                    
-              get( *args )
-            when "POST"
-              _method = params.delete( "_method" ) { |_| "post" }
-              send( _method.downcase.to_sym )
-          end
+                _method = @env["REQUEST_METHOD"]
+                send( _method.downcase.to_sym )
+            end
+          }
           if r.respond_to?(:to_ary)
-            @response.status = r[0]
-            r[1].each do |k,v|
+            @response.status = r.shift #r[0]
+            #r[1].each do |k,v|
+            r.shift.each do |k,v|
               @response[k] = v
             end
-            @response.body = r[2]
+            @response.body = r.shift #r[2]
           else
             @response.write r
           end
-          
+                    
           @response.finish
         end
                 
@@ -413,26 +452,46 @@ module Capcode
     def map( route, &b )
       @@__ROUTES[route] = yield
     end
-  
-    # Start your application.
+
+    # Allow you to add and HTTP Authentication (Basic or Digest) to controllers for or specific route
     # 
     # Options :
-    # * <tt>:port</tt> = Listen port 
-    # * <tt>:host</tt> = Listen host
-    # * <tt>:server</tt> = Server type (webrick or mongrel)
-    # * <tt>:log</tt> = Output logfile (default: STDOUT)
-    # * <tt>:session</tt> = Session parameters. See Rack::Session for more informations
-    # * <tt>:pid</tt> = PID file (default: $0.pid)
-    # * <tt>:daemonize</tt> = Daemonize application (default: false)
-    # * <tt>:db_config</tt> = database configuration file (default: database.yml)
-    # * <tt>:static</tt> = Static directory (default: none -- relative to the working directory)
-    # * <tt>:root</tt> = Root directory (default: directory of the main.rb) -- This is also the working directory !
-    def run( args = {} )
-      __VERBOSE = false
+    # * <tt>:type</tt> : Authentication type (<tt>:basic</tt> or <tt>:digest</tt>) - default : <tt>:basic</tt>
+    # * <tt>:realm</tt> : realm ;) - default : "Capcode.app"
+    # * <tt>:opaque</tt> : Your secret passphrase. You MUST set it if you use Digest Auth - default : "opaque"
+    # * <tt>:routes</tt> : Routes - default : "/"
+    #
+    # The block must return a Hash of username => password like that :
+    #   {
+    #     "user1" => "pass1",
+    #     "user2" => "pass2",
+    #     # ...
+    #   }
+    def http_authentication( opts = {}, &b )
+      options = {
+        :type => :basic,
+        :realm => "Capcode.app",
+        :opaque => "opaque",
+        :routes => "/"
+      }.merge( opts )
+      
+      options[:autz] = b.call()
+      
+      @__auth__ ||= {}
       
-      conf = {
+      if options[:routes].class == Array
+        options[:routes].each do |r|
+          @__auth__[r] = options
+        end
+      else
+        @__auth__[options[:routes]] = options
+      end      
+    end
+  
+    def configuration( args = {} ) #:nodoc:
+      {
         :port => args[:port]||3000, 
-        :host => args[:host]||"localhost",
+        :host => args[:host]||"0.0.0.0",
         :server => args[:server]||nil,
         :log => args[:log]||$stdout,
         :session => args[:session]||{},
@@ -441,9 +500,82 @@ module Capcode
         :db_config => File.expand_path(args[:db_config]||"database.yml"),
         :static => args[:static]||nil,
         :root => args[:root]||File.expand_path(File.dirname($0)),
-        
+        :static => args[:static]||args[:root]||File.expand_path(File.dirname($0)),
+        :verbose => args[:verbose]||false,
         :console => false
       }
+    end
+    
+    # Return the Rack App.
+    # 
+    # Options : same has Capcode.run
+    def application( args = {} )
+      conf = configuration(args)
+      
+      Capcode.constants.each do |k|
+        begin
+          if eval "Capcode::#{k}.public_methods(true).include?( '__urls__' )"
+            hash_of_routes, max_captures_for_routes, klass = eval "Capcode::#{k}.__urls__"
+            hash_of_routes.keys.each do |current_route_path|
+              raise Capcode::RouteError, "Route `#{current_route_path}' already define !", caller if @@__ROUTES.keys.include?(current_route_path)
+              @@__ROUTES[current_route_path] = klass.new
+            end
+          end
+        rescue => e
+          raise e.message
+        end
+      end
+      
+      # Set Static directory
+      @@__STATIC_DIR = (conf[:static][0].chr == "/")?conf[:static]:"/"+conf[:static] unless conf[:static].nil?
+      
+      # Initialize Rack App
+      puts "** Map routes." if conf[:verbose]
+      app = Rack::URLMap.new(@@__ROUTES)
+      puts "** Initialize static directory (#{conf[:static]})" if conf[:verbose]
+      app = Rack::Static.new( 
+        app, 
+        :urls => [@@__STATIC_DIR], 
+        :root => File.expand_path(conf[:root]) 
+      ) unless conf[:static].nil?
+      puts "** Initialize session" if conf[:verbose]
+      app = Rack::Session::Cookie.new( app, conf[:session] )
+      app = Capcode::HTTPError.new(app)
+      app = Rack::ContentLength.new(app)
+      app = Rack::Lint.new(app)
+      app = Rack::ShowExceptions.new(app)
+      #app = Rack::Reloader.new(app) ## -- NE RELOAD QUE capcode.rb -- So !!!
+      # app = Rack::CommonLogger.new( app, Logger.new(conf[:log]) )
+      
+      # Start database
+      if self.methods.include? "db_connect"
+        db_connect( conf[:db_config], conf[:log] )
+      end
+      
+      if block_given?
+        yield( self )
+      end
+      
+      return app
+    end
+    
+    # Start your application.
+    # 
+    # Options :
+    # * <tt>:port</tt> = Listen port (default: 3000)
+    # * <tt>:host</tt> = Listen host (default: 0.0.0.0)
+    # * <tt>:server</tt> = Server type (webrick or mongrel)
+    # * <tt>:log</tt> = Output logfile (default: STDOUT)
+    # * <tt>:session</tt> = Session parameters. See Rack::Session for more informations
+    # * <tt>:pid</tt> = PID file (default: $0.pid)
+    # * <tt>:daemonize</tt> = Daemonize application (default: false)
+    # * <tt>:db_config</tt> = database configuration file (default: database.yml)
+    # * <tt>:static</tt> = Static directory (default: none -- relative to the working directory)
+    # * <tt>:root</tt> = Root directory (default: directory of the main.rb) -- This is also the working directory !
+    # * <tt>:verbose</tt> = run in verbose mode
+    # * <tt>:auth</tt> = HTTP Basic Authentication options
+    def run( args = {} )
+      conf = configuration(args)
       
       # Parse options
       opts = OptionParser.new do |opts|
@@ -482,7 +614,7 @@ module Capcode
           exit
         end  
         opts.on_tail( "-V", "--verbose", "Run in verbose mode" ) do
-          __VERBOSE = true
+          conf[:verbose] = true
         end
       end
       
@@ -495,7 +627,7 @@ module Capcode
       end
       
       # Run in the Working directory
-      puts "** Go on root directory (#{File.expand_path(conf[:root])})" if __VERBOSE
+      puts "** Go on root directory (#{File.expand_path(conf[:root])})" if conf[:verbose]
       Dir.chdir( conf[:root] ) do
         
         # Check that mongrel exists 
@@ -508,41 +640,6 @@ module Capcode
             conf[:server] = "webrick"
           end
         end
-            
-        Capcode.constants.each do |k|
-          begin
-            if eval "Capcode::#{k}.public_methods(true).include?( '__urls__' )"
-              hash_of_routes, max_captures_for_routes, klass = eval "Capcode::#{k}.__urls__"
-              hash_of_routes.keys.each do |current_route_path|
-                raise Capcode::RouteError, "Route `#{current_route_path}' already define !", caller if @@__ROUTES.keys.include?(current_route_path)
-                @@__ROUTES[current_route_path] = klass.new
-              end
-            end
-          rescue => e
-            raise e.message
-          end
-        end
-        
-        # Set Static directory
-        @@__STATIC_DIR = (conf[:static][0].chr == "/")?conf[:static]:"/"+conf[:static] unless conf[:static].nil?
-        
-        # Initialize Rack App
-        puts "** Map routes." if __VERBOSE
-        app = Rack::URLMap.new(@@__ROUTES)
-        puts "** Initialize static directory (#{conf[:static]})" if __VERBOSE
-        app = Rack::Static.new( 
-          app, 
-          :urls => [@@__STATIC_DIR], 
-          :root => File.expand_path(conf[:root]) 
-        ) unless conf[:static].nil?
-        puts "** Initialize session" if __VERBOSE
-        app = Rack::Session::Cookie.new( app, conf[:session] )
-        app = Capcode::HTTPError.new(app)
-        app = Rack::ContentLength.new(app)
-        app = Rack::Lint.new(app)
-        app = Rack::ShowExceptions.new(app)
-#        app = Rack::Reloader.new(app) ## -- NE RELOAD QUE capcode.rb -- So !!!
-        app = Rack::CommonLogger.new( app, Logger.new(conf[:log]) )
         
         # From rackup !!!
         if conf[:daemonize]
@@ -567,14 +664,13 @@ module Capcode
           at_exit { File.delete(conf[:pid]) if File.exist?(conf[:pid]) }
         end
         
-        # Start database
-        if self.methods.include? "db_connect"
-          db_connect( conf[:db_config], conf[:log] )
-        end
-        
+        app = nil
         if block_given?
-          yield( self )
+          app = application(conf) { yield( self ) }
+        else
+          app = application(conf)
         end
+        app = Rack::CommonLogger.new( app, Logger.new(conf[:log]) )
         
         if conf[:console]
           puts "Run console..."

data/lib/capcode/helpers/auth.rb

@@ -0,0 +1,130 @@
+# Because this helper was trully inspired by this post :
+# http://www.gittr.com/index.php/archive/sinatra-basic-authentication-selectively-applied/
+# and because the code in this post was extracted out of Wink, this file follow the 
+# Wink license :
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#  
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#  
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+module Capcode
+  module Helpers
+    module Authorization
+      def auth #:nodoc:
+        if @auth_type == :basic
+          @auth ||= Rack::Auth::Basic::Request.new(env)
+        else
+          @auth ||= Rack::Auth::Digest::Request.new(env)
+        end
+      end
+      
+      def basic_unauthorized!(realm) #:nodoc:
+        response['WWW-Authenticate'] = %(Basic realm="#{realm}")
+        throw :halt, [ 401, {}, 'Authorization Required' ]
+      end
+
+      def digest_unauthorized!(realm, opaque) #:nodoc:
+        response['WWW-Authenticate'] = %(Digest realm="#{realm}", qop="auth", nonce="#{Rack::Auth::Digest::Nonce.new.to_s}", opaque="#{H(opaque)}") 
+        throw :halt, [ 401, {}, 'Authorization Required' ]
+      end
+      
+      def H(data) #:nodoc:
+        ::Digest::MD5.hexdigest(data)
+      end
+      
+      def KD(secret, data) #:nodoc:
+        H([secret, data] * ':')
+      end
+
+      def A1(auth, password) #:nodoc:
+        [ auth.username, auth.realm, password ] * ':'
+      end
+
+      def A2(auth) #:nodoc:
+        [ auth.method, auth.uri ] * ':'
+      end
+
+      def digest(auth, password) #:nodoc:
+        password_hash = H(A1(auth, password))
+
+        KD(password_hash, [ auth.nonce, auth.nc, auth.cnonce, "auth", H(A2(auth)) ] * ':')
+      end
+      
+      def digest_authorize( ) #:nodoc:
+        h = @authorizations.call( )
+        
+        user = auth.username
+        pass = h[user]||false
+
+        (pass && (digest(auth, pass) == auth.response))
+      end
+
+      def basic_authorize(username, password) #:nodoc:
+        h = @authorizations.call( )
+        
+        user = username
+        pass = h[user]||false
+        
+        (pass == password)
+      end
+            
+      def bad_request! #:nodoc:
+        throw :halt, [ 400, {}, 'Bad Request' ]
+      end
+      
+      def authorized? #:nodoc:
+        request.env['REMOTE_USER']
+      end
+      
+      # Allow you to add and HTTP Authentication (Basic or Digest) to a controller
+      # 
+      # Options :
+      # * <tt>:type</tt> : Authentication type (<tt>:basic</tt> or <tt>:digest</tt>) - default : <tt>:basic</tt>
+      # * <tt>:realm</tt> : realm ;) - default : "Capcode.app"
+      # * <tt>:opaque</tt> : Your secret passphrase. You MUST set it if you use Digest Auth - default : "opaque"
+      #
+      # The block must return a Hash of username => password like that :
+      #   {
+      #     "user1" => "pass1",
+      #     "user2" => "pass2",
+      #     # ...
+      #   }
+      def http_authentication( opts = {}, &b )
+        @auth = nil
+        
+        @auth_type = opts[:type]||:basic
+        realm = opts[:realm]||"Capcode.app"
+        opaque = opts[:opaque]||"opaque"
+        @authorizations = b
+        
+        return if authorized?
+        
+        if @auth_type == :basic
+          basic_unauthorized!(realm) unless auth.provided?
+          bad_request! unless auth.basic?
+          basic_unauthorized!(realm) unless basic_authorize(*auth.credentials)
+        else
+          digest_unauthorized!(realm, opaque) unless auth.provided?
+          bad_request! unless auth.digest?
+          digest_unauthorized!(realm, opaque) unless digest_authorize
+        end        
+        
+        request.env['REMOTE_USER'] = auth.username
+      end
+    end
+  end
+end