activeadmin-refinerycms-authentication 0.0.2

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 164ccaf2c38de9e195e0b073f2fc5a90cc24dd4a
+  data.tar.gz: e0a639f835e86dd7faa07927bfe05d71686230e6
+SHA512:
+  metadata.gz: ee56f47b688dd18ca803a690110ff672661512bef7b8321d3e3dea3e67f42d6e927141a73cba6495271fcecb815c9bec6d7c707dd8cd015d905af46919069e6e
+  data.tar.gz: 4844b0e8db4a5e07bd762019285552841a23ccf010120e76e5da6f6aad0fc2fe627d6dc98b8606019fc2999432c11c78576fac4cded44187bb2d7f40bfe266a2

data/Gemfile

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in activeadmin-refinerycms-authentication.gemspec
+gemspec

data/LICENSE.txt

@@ -0,0 +1,22 @@
+Copyright (c) 2015 Appmospheres, and other contributors. All rights reserved.
+
+MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,25 @@
+# Add to Gemfile
+gem 'refinerycms', '~> 3.0'
+gem 'activeadmin', '~> 1.0.0pre'
+gem 'devise'
+
+gem 'activeadmin-refinerycms-authentication'
+gem 'deface', '~> 1.0.0'
+
+Run ActiveAdmin generator, then the refinery:cms generator.
+
+# Add to routes
+Make sure refinery is mounted in a subpath, not directly at root.
+
+mount Refinery::Core::Engine, at: Refinery::Core.mounted_path
+
+# Configure refinery authentication
+`rails g activeadmin_refinery_authentication:install MODELNAME` where MODELNAME is the name of the ActiveAdmin user.
+
+Add `plugins: []` to `permit_params` in the ActiveAdmin user model.
+
+Add the plugins partial to the edit form of the ActiveAdmin user model:
+
+    panel t('panels.user_plugins') do
+      render 'admin/users/plugins_form', f: f
+    end

data/Rakefile

@@ -0,0 +1 @@
+require "bundler/gem_tasks"

data/activeadmin-refinerycms-authentication.gemspec

@@ -0,0 +1,21 @@
+# -*- encoding: utf-8 -*-
+
+Gem::Specification.new do |s|
+  s.name          = "activeadmin-refinerycms-authentication"
+  s.version       = "0.0.2"
+  s.authors       = ["eugen neagoe"]
+  s.description   = "A Refinery CMS and activeadmin connector"
+  s.summary       = "This will tell Refinery CMS to use ActiveAdmin for authentication."
+  s.homepage      = "https://github.com/appmospheres/activeadmin-refinery-authentication"
+
+  s.files         = `git ls-files`.split($/)
+  s.test_files    = s.files.grep(%r{^spec/})
+  s.require_paths = ["lib"]
+
+  s.add_runtime_dependency 'activeadmin', '~> 1.0.0pre'
+
+  s.add_runtime_dependency 'refinerycms-core', '~> 3.0.0'
+  s.add_runtime_dependency 'zilch-authorisation', '>= 0.0.1'
+  s.add_runtime_dependency 'decorators', '~> 2.0.0'
+  s.add_runtime_dependency 'deface', '~> 1.0.0'
+end

data/app/decorators/controllers/action_controller_base_decorator.rb

@@ -0,0 +1,26 @@
+require "activeadmin_refinery_authentication/authorisation_manager"
+
+module ActiveAdminAuthenticationActionControllerBaseDecoration
+  def self.prepended(base)
+    base.prepend_before_action :detect_activeadmin_sign_on!
+  end
+
+  protected
+  def refinery_users_exist?
+    raise not_yet_implemented
+  end
+
+  private
+  def refinery_authorisation_manager
+    @refinery_authorisation_manager ||= ActiveAdminRefineryAuthentication::AuthorisationManager.new
+  end
+
+  def detect_activeadmin_sign_on!
+    current_user = send Rails.application.config.x.aa_refinery.current_user_method
+    if current_user
+      refinery_authorisation_manager.set_user!(current_user)
+    end
+  end
+end
+
+ActionController::Base.send :prepend, ActiveAdminAuthenticationActionControllerBaseDecoration

data/app/decorators/controllers/refinery/admin_controller_decorator.rb

@@ -0,0 +1,24 @@
+module ActiveAdminRefineryAuthenticationAdminControllerDecorator
+  protected
+  def authenticate_refinery_user!
+    begin
+      super
+    rescue Zilch::Authorisation::NotAuthorisedException
+      session["user_return_to"] = request.path
+      current_user = send(Rails.application.config.x.aa_refinery.current_user_method)
+      if current_user.present?
+        # avoid redirect loop
+        redirect_to main_app.admin_root_path and return
+      else
+        redirect_to main_app.send(Rails.application.config.x.aa_refinery.admin_login_path) and return
+      end
+    end
+  end
+
+  private
+  def authorisation_manager
+    refinery_authorisation_manager
+  end
+end
+
+Refinery::AdminController.send :prepend, ActiveAdminRefineryAuthenticationAdminControllerDecorator

data/app/decorators/controllers/refinery/application_controller_decorator.rb

@@ -0,0 +1,6 @@
+Refinery::ApplicationController.module_eval do
+  private
+  def authorisation_manager
+    refinery_authorisation_manager
+  end
+end

data/app/decorators/controllers/sessions_controller_decorator.rb

@@ -0,0 +1,9 @@
+Devise::SessionsController.class_eval do
+  skip_before_action :detect_activeadmin_sign_on!, only: [:create]
+  after_action :detect_activeadmin_sign_on!, only: [:create]
+
+  private
+  def after_sign_in_path_for(resource)
+    session["user_return_to"] || super
+  end
+end

data/app/decorators/models/user_decorator.rb

@@ -0,0 +1,76 @@
+unless Rails.application.config.x.aa_refinery.empty?
+  Rails.application.config.x.aa_refinery.admin_user_class.constantize.class_eval do
+    has_many :plugins, -> { order('position ASC') },
+      class_name: "::UserPlugin", foreign_key: 'user_id', dependent: :destroy
+
+    # Should be overridden in authentication solutions.
+    def has_role?(role)
+      case
+      when role == :superuser
+        send Rails.application.config.x.aa_refinery.refinery_role_method
+      when role == :refinery
+        send Rails.application.config.x.aa_refinery.refinery_role_method
+      else
+        false
+      end
+    end
+
+    def self.available_plugins
+      Refinery::Plugins.registered.in_menu.map { |a|
+        { :name => a.name, :title => a.title }
+      }.sort_by { |a| a[:title] }
+    end
+
+    def plugins=(plugin_names)
+      filtered_names = filter_existing_plugins_for(string_plugin_names(plugin_names))
+      create_plugins_for(filtered_names)
+    end
+
+    def active_plugins
+      @active_plugins ||= Refinery::Plugins.new(
+        Refinery::Plugins.registered.select do |plugin|
+          authorised_plugins.include?(plugin.name)
+        end
+      )
+    end
+
+    def has_plugin?(name)
+      active_plugins.names.include?(name)
+    end
+
+    def authorised_plugins
+      plugins.collect(&:name) | ::Refinery::Plugins.always_allowed.names
+    end
+    alias_method :authorized_plugins, :authorised_plugins
+
+    def landing_url
+      active_plugins.in_menu.first_url_in_menu
+    end
+
+    private
+
+    def string_plugin_names(plugin_names)
+      plugin_names.select{ |plugin_name| plugin_name.is_a?(String) }
+    end
+
+    def create_plugins_for(plugin_names)
+      plugin_names.each { |plugin_name| plugins.create name: plugin_name, position: plugin_position}
+    end
+
+    def plugin_position
+      plugins.select(:position).map{ |p| p.position.to_i}.max.to_i + 1
+    end
+
+    def filter_existing_plugins_for(plugin_names)
+      assigned_plugins = plugins.load
+      assigned_plugins.each do |assigned_plugin|
+        if plugin_names.include?(assigned_plugin.name)
+          plugin_names.delete(assigned_plugin.name)
+        else
+          assigned_plugin.destroy
+        end
+      end
+      plugin_names
+    end
+  end
+end

data/app/models/user_plugin.rb

@@ -0,0 +1,5 @@
+class UserPlugin < Refinery::Core::BaseModel
+  self.table_name = 'active_admin_refinery_user_plugins'
+  belongs_to Rails.application.config.x.aa_refinery.admin_user_class.singularize.underscore.to_sym,
+             foreign_key: 'user_id'
+end

data/app/overrides/active_admin_link.rb

@@ -0,0 +1,7 @@
+Deface::Override.new(
+  virtual_path: 'refinery/admin/_menu',
+  original: '71468c0788f57fd03c9c6c2ebe3c6c026be5aeb5',
+  name: 'active_admin_link',
+  insert_top: '#menu',
+  text: "<%= link_to I18n.t('active_admin.title', default: 'ActiveAdmin'), main_app.admin_root_path %>"
+)

data/lib/activeadmin-refinerycms-authentication.rb

@@ -0,0 +1 @@
+require "activeadmin_refinery_authentication/engine"

data/lib/activeadmin_refinery_authentication/authorisation_adapter.rb

@@ -0,0 +1,29 @@
+require "refinery/core/authorisation_adapter"
+
+module ActiveAdminRefineryAuthentication
+  class AuthorisationAdapter < Refinery::Core::AuthorisationAdapter
+
+    def current_user
+      @current_user ||= Rails.application.config.x.aa_refinery.admin_user_class.constantize.new
+    end
+
+    def current_user=(user)
+      @current_user = user
+    end
+
+    def allow?(operation, resource)
+      case
+      when resource == :site_bar
+        current_user.has_role?(:refinery)
+      when operation == :plugin
+        current_user.active_plugins.names.include?(resource)
+      when operation == :controller
+        current_user.active_plugins.any? do |plugin|
+          Regexp.new(plugin.menu_match) === resource
+        end
+      else
+        false
+      end
+    end
+  end
+end

data/lib/activeadmin_refinery_authentication/authorisation_manager.rb

@@ -0,0 +1,29 @@
+require "refinery/core/authorisation_manager"
+require "activeadmin_refinery_authentication/authorisation_adapter"
+
+module ActiveAdminRefineryAuthentication
+  class AuthorisationManager < Refinery::Core::AuthorisationManager
+
+    def authenticate!
+      unless adapter.current_user.send(config.refinery_role_method)
+        raise Zilch::Authorisation::NotAuthorisedException
+      end
+
+      adapter.current_user
+    end
+
+    def default_adapter
+      @default_adapter ||= ActiveAdminRefineryAuthentication::AuthorisationAdapter.new
+    end
+
+    def set_user!(user)
+      adapter.current_user = user
+    end
+
+    private
+
+    def config
+      Rails.application.config.x.aa_refinery
+    end
+  end
+end

data/lib/activeadmin_refinery_authentication/engine.rb

@@ -0,0 +1,56 @@
+require 'refinery/engine'
+require 'zilch/authorisation'
+
+module ActiveAdminRefineryAuthentication
+  class Engine < Rails::Engine
+
+    include Refinery::Engine
+    engine_name "activeadmin_refinery_authentication"
+
+    config.autoload_paths += %W( #{config.root}/lib )
+
+    before_inclusion do
+      Refinery::Plugin.register do |plugin|
+        plugin.name = 'activeadmin_refinery_authentication'
+        plugin.pathname = root
+        plugin.hide_from_menu = true
+        plugin.always_allow_access = true
+      end
+    end
+
+    config.to_prepare do
+      if defined?(WillPaginate)
+        ::WillPaginate::ActiveRecord::RelationMethods.module_eval do
+          def per_page(num)
+            if (n = num.to_i) <= 0
+              self
+            else
+              limit(n).offset(offset_value / limit_value * n)
+            end
+          end
+
+          def total_pages
+            (total_count.to_f / limit_value).ceil
+          end
+
+          alias_method :per, :per_page
+          alias_method :num_pages, :total_pages
+          alias_method :total_count, :total_entries
+          alias_method :prev_page, :previous_page
+        end
+      end
+    end
+
+    config.after_initialize do
+      Rails.application.reload_routes!
+
+      if Rails.application.config.x.aa_refinery.show_refinery_in_active_admin
+        ::ActiveAdmin.register_page 'Refinery CMS' do
+          menu label: I18n.t('refinery.plugins.refinery_core.title'),
+               url: Refinery::Core.backend_path,
+               priority: Rails.application.config.x.aa_refinery.refinery_active_admin_menu_priority
+        end
+      end
+    end
+  end
+end

data/lib/generators/activeadmin_refinery_authentication/install/install_generator.rb

@@ -0,0 +1,28 @@
+require 'rails/generators/active_record'
+
+module ActiveadminRefineryAuthentication
+  module Generators
+    class InstallGenerator < ActiveRecord::Generators::Base
+      desc "Installs Refinery Authentication via Active Admin and generates the necessary migrations"
+      argument :name, type: :string, default: 'AdminUser'
+
+      source_root File.expand_path("../templates", __FILE__)
+
+      def copy_initializer
+        @user_class = name
+        @formatted_user_name = name.underscore.gsub('/', '_')
+        template 'activeadmin-refinery-authentication.rb.erb', 'config/initializers/activeadmin_refinery_authentication.rb'
+      end
+
+      def copy_views
+        @user_class = name
+        @formatted_user_name = name.underscore.gsub('/', '_')
+        template '_plugins_form.html.erb', 'app/views/admin/users/_plugins_form.html.erb'
+      end
+
+      def create_migrations
+        migration_template 'migrations/create_user_plugins.rb', 'db/migrate/create_user_plugins.rb'
+      end
+    end
+  end
+end

data/lib/generators/activeadmin_refinery_authentication/install/templates/_plugins_form.html.erb

@@ -0,0 +1,19 @@
+<div class='field plugin_access'>
+  <ul id='plugins' class='checkboxes'>
+    <%% <%= @user_class %>.available_plugins.each do |plugin| -%>
+      <%% if Refinery::Plugins.always_allowed.names.include?(plugin[:name]) %>
+         <%%= hidden_field_tag '<%= @formatted_user_name %>[plugins][]', plugin[:name], :id => "plugins_#{plugin[:name]}" %>
+       <%% else %>
+         <li>
+           <%%= check_box_tag '<%= @formatted_user_name %>[plugins][]', plugin[:name],
+             @<%= @formatted_user_name %>.plugins.map(&:name).include?(plugin[:name]),
+             :id => "plugins_#{plugin[:name]}" %>
+           <%%= f.label '<%= @formatted_user_name %>[plugins][]',
+             t('title', :scope => "refinery.plugins.#{plugin[:name].downcase}", :default => plugin[:title]),
+             :class => "stripped",
+             :for => "plugins_#{plugin[:name]}" %>
+       </li>
+     <%% end %>
+   <%% end %>
+  </ul>
+</div>

data/lib/generators/activeadmin_refinery_authentication/install/templates/activeadmin-refinery-authentication.rb.erb

@@ -0,0 +1,8 @@
+Rails.application.config.x.aa_refinery.show_refinery_in_active_admin = true
+Rails.application.config.x.aa_refinery.refinery_active_admin_menu_priority = 1
+
+Rails.application.config.x.aa_refinery.current_user_method = :current_<%= @formatted_user_name %>
+Rails.application.config.x.aa_refinery.admin_login_path = :new_<%= @formatted_user_name %>_session_path
+Rails.application.config.x.aa_refinery.admin_user_class = '<%= @user_class %>'
+Rails.application.config.x.aa_refinery.refinery_role_method = :admin?
+

data/lib/generators/activeadmin_refinery_authentication/install/templates/migrations/create_user_plugins.rb

@@ -0,0 +1,12 @@
+class CreateUserPlugins < ActiveRecord::Migration
+  def change
+    create_table :active_admin_refinery_user_plugins do |t|
+      t.integer :user_id
+      t.string  :name
+      t.integer :position
+    end
+
+    add_index :active_admin_refinery_user_plugins, :name
+    add_index :active_admin_refinery_user_plugins, [:user_id, :name], unique: true
+  end
+end

metadata

@@ -0,0 +1,133 @@
+--- !ruby/object:Gem::Specification
+name: activeadmin-refinerycms-authentication
+version: !ruby/object:Gem::Version
+  version: 0.0.2
+platform: ruby
+authors:
+- eugen neagoe
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2017-02-01 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: activeadmin
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.0.0pre
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.0.0pre
+- !ruby/object:Gem::Dependency
+  name: refinerycms-core
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 3.0.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 3.0.0
+- !ruby/object:Gem::Dependency
+  name: zilch-authorisation
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 0.0.1
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 0.0.1
+- !ruby/object:Gem::Dependency
+  name: decorators
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 2.0.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 2.0.0
+- !ruby/object:Gem::Dependency
+  name: deface
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.0.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.0.0
+description: A Refinery CMS and activeadmin connector
+email: 
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- Gemfile
+- LICENSE.txt
+- README.md
+- Rakefile
+- activeadmin-refinerycms-authentication.gemspec
+- app/decorators/controllers/action_controller_base_decorator.rb
+- app/decorators/controllers/refinery/admin_controller_decorator.rb
+- app/decorators/controllers/refinery/application_controller_decorator.rb
+- app/decorators/controllers/sessions_controller_decorator.rb
+- app/decorators/models/user_decorator.rb
+- app/models/user_plugin.rb
+- app/overrides/active_admin_link.rb
+- lib/activeadmin-refinerycms-authentication.rb
+- lib/activeadmin_refinery_authentication/authorisation_adapter.rb
+- lib/activeadmin_refinery_authentication/authorisation_manager.rb
+- lib/activeadmin_refinery_authentication/engine.rb
+- lib/generators/activeadmin_refinery_authentication/install/install_generator.rb
+- lib/generators/activeadmin_refinery_authentication/install/templates/_plugins_form.html.erb
+- lib/generators/activeadmin_refinery_authentication/install/templates/activeadmin-refinery-authentication.rb.erb
+- lib/generators/activeadmin_refinery_authentication/install/templates/migrations/create_user_plugins.rb
+- pkg/activeadmin-refinerycms-authentication-0.0.2.gem
+homepage: https://github.com/appmospheres/activeadmin-refinery-authentication
+licenses: []
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.6.7
+signing_key: 
+specification_version: 4
+summary: This will tell Refinery CMS to use ActiveAdmin for authentication.
+test_files: []