adva_user 0.0.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 3146f0136b688fa7c5c4f1322192e36870cceba8
+  data.tar.gz: 0451a800ba3eabd0a49988c574594fa6694f6d97
+SHA512:
+  metadata.gz: 0e562845d0556d547e81c7ba0520dc8b4a3c21cfb067b82b97cf8bbb08fe2f9de374c967752c9af4cc4f3d62670ee769aefabb1178bbf7ce48b4a6e90bb7075f
+  data.tar.gz: 698a604a2d145232556e6445d2723e3a5c3cbf82ad100b73d8a0e22ae7f387117b47f40638eaefb24faafdaa2257a319695f2457cfbd5804bb2dba7574c8dc2c

data/.gitignore

@@ -0,0 +1,17 @@
+*.gem
+*.rbc
+.bundle
+.config
+.yardoc
+Gemfile.lock
+InstalledFiles
+_yardoc
+coverage
+doc/
+lib/bundler/man
+pkg
+rdoc
+spec/reports
+test/tmp
+test/version_tmp
+tmp

data/Gemfile

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in adva_user.gemspec
+gemspec

data/LICENSE

@@ -0,0 +1,22 @@
+Copyright (c) 2012 Micah Geisel
+
+MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README

@@ -0,0 +1,114 @@
+As suggested by the author of this plugin, Bart Duchesne, we've used the 
+loginui plugin as a scaffolding and modified it for our own needs.
+
+See http://rubyforge.org/projects/loginui/ for more information about this 
+fantastic plugin.
+
+
+
+
+- original readme file -------------------------------------------------------
+
+= Login Plugin
+
+Provides a basic user interface for allowing a user to accomplish the
+following tasks:
+
+* Login (with Remember Me)
+* Logout
+
+* Forgot Password
+* Change Password
+
+* Register (with email verification)
+* Delete User
+* Restore Deleted User
+
+== Dependencies
+
+This plugin is implemented with the help of the "Engine" plugin and
+can either be considered reusable slice of an application or can
+be considered scaffolding to your own login work you will add later
+to your project.
+
+This plugin also does not implement the actual authentication process
+itself or even define the "User" object that is authenticated against.
+It just assumes certain functionality is available and any application
+that implements that functionality can use this plugin to provide the
+UI for their authentication.
+
+If you do not have your own backend authentication I highly suggest you
+check out the authentication plugin by the same author of this plugin.
+Although not required to go together they do together provide a
+complete authentication system.
+
+== Development Status
+
+This code has been used on many sites so it is fairly reliable. But all
+the sites it has been used on are very similar in design so some
+aspects that our outside of this design may not be tested as well. For
+example all the sites it is currently used on has email for the username.
+So if you don't use email for username (or don't even have an email
+field) it *should* work but has not received significant testing.
+
+Another aspect is Rails 1.x vs. Rails 2.0 apps. This was developed under
+Rails 1.x and 95% of sites using this plugin are on Rails 1.x. But it
+has been taken to Rails 2.0 and seems to work well there.
+
+I welcome patches towards making this plugin work in different
+environments.
+
+== Your User model
+
+Regardless of if you use the authentication plugin or build your own
+you will need a user model that this plugin assumes. The user model
+must be named "User". Also your User model needs a field that can
+serve as the username. "email" is prefered (because people can
+remember that) but username and user_name will also be accepted. If
+you have something completely different then implement a class method
+on the user object called "username_field" this method should return
+whatever field is being used as your username.
+
+== Optional support
+
+The email notifications will only be sent if a "email" field is
+on the model. This is regardless of what you use for a username. There
+is currently no way to disable email notifications if you have the
+email field. Obviously the "forgot my password" feature will not work
+without an email field on the User model as well.
+
+== Providing your own authentication
+
+If you want to provide your own authentication system instead of using
+the authentication plugin you will need to implement the following
+actions on your User model.
+
+=== Required methods
+
+password=:: Will assign the model a new password
+assign_token(name, expiration=nil)::
+  Will return a token that can be used to authenticate the user with.
+  This is used for URL token authentication (in email confirmation,
+  forgot password and restore deleted user) and also used in the
+  "Remember Me" authentication. The expiration can be considered
+  optional.
+authenticate(password)::
+  Will authenticate the current user against the given password
+  returning true or false to indicate the success
+
+=== Optional methods
+
+password_confirmation=::
+  Not required but if the model responds to this method then it
+  will receive a copy of the password when a user is updating
+  their password for verification purposes.
+deleted_at and deleted_at=::
+  If the model responds to deleted_at and deleted_at then when
+  a user is removed it will just get a date/time value to indicate
+  the user has been removed. It will assume once a object has this
+  value it will not be found unless User.find_with_deleted is used.
+  This is compatible with acts_as_paraniod
+User.find_with_deleted(*find_args)::
+  If the User class responds to then then this will be called when
+  attempting to restore a user. This is for compatibility with
+  acts_as_paranoid and anything else implementing that interface.

data/README.md

@@ -0,0 +1,29 @@
+# AdvaUser
+
+TODO: Write a gem description
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+    gem 'adva_user'
+
+And then execute:
+
+    $ bundle
+
+Or install it yourself as:
+
+    $ gem install adva_user
+
+## Usage
+
+TODO: Write usage instructions here
+
+## Contributing
+
+1. Fork it
+2. Create your feature branch (`git checkout -b my-new-feature`)
+3. Commit your changes (`git commit -am 'Added some feature'`)
+4. Push to the branch (`git push origin my-new-feature`)
+5. Create new Pull Request

data/Rakefile

@@ -0,0 +1,2 @@
+#!/usr/bin/env rake
+require "bundler/gem_tasks"

data/adva_user.gemspec

@@ -0,0 +1,17 @@
+# -*- encoding: utf-8 -*-
+require File.expand_path('../lib/adva_user/version', __FILE__)
+
+Gem::Specification.new do |gem|
+  gem.authors       = ["Micah Geisel"]
+  gem.email         = ["micah@botandrose.com"]
+  gem.description   = %q{Adva User}
+  gem.summary       = %q{Engine for Adva CMS user accounts}
+  gem.homepage      = ""
+
+  gem.files         = `git ls-files`.split($\)
+  gem.executables   = gem.files.grep(%r{^bin/}).map{ |f| File.basename(f) }
+  gem.test_files    = gem.files.grep(%r{^(test|spec|features)/})
+  gem.name          = "adva_user"
+  gem.require_paths = ["lib"]
+  gem.version       = AdvaUser::VERSION
+end

data/app/controllers/admin/base_account_controller.rb

@@ -0,0 +1,13 @@
+class Admin::BaseAccountController < Admin::BaseController
+  before_filter :set_account
+
+  def set_account
+    @account = current_user.account
+  end
+
+  def require_authentication
+    unless current_user and current_user.account
+      return redirect_to_login(t(:'adva.flash.authentication_required'))
+    end
+  end
+end

data/app/controllers/admin/users_controller.rb

@@ -0,0 +1,95 @@
+class Admin::UsersController < Admin::BaseController
+  before_filter :set_users, :only => [:index]
+  before_filter :set_user,  :only => [:show, :edit, :update, :destroy]
+  before_filter :authorize_access
+  before_filter :authorize_params, :only => :update
+
+  # guards_permissions :user
+
+  def index
+  end
+
+  def show
+  end
+
+  def new
+    @user = User.new
+  end
+
+  def create
+    # yuck! rails' params parsing is broken
+    params[:user][:roles_attributes] = params[:user][:roles_attributes].map { |key, value| value } if params[:user][:roles_attributes]
+
+    @user = User.new(params[:user])
+    @user.memberships.build(:site => @site) if @site and !@user.has_role?(:superuser)
+
+    if @user.save
+      @user.verify! # TODO hu??
+      trigger_events(@user)
+      flash[:notice] = t(:'adva.users.flash.create.success')
+      redirect_to admin_user_url(@site, @user)
+    else
+      flash.now[:error] = t(:'adva.users.flash.create.failure')
+      render :action => :new
+    end
+  end
+
+  def edit
+  end
+
+  def update
+    # yuck! rails' params parsing is broken
+    params[:user][:roles_attributes] = params[:user][:roles_attributes].map { |key, value| value } if params[:user][:roles_attributes]
+    
+    if @user.update_attributes(params[:user])
+      trigger_events(@user)
+      flash[:notice] = t(:'adva.users.flash.update.success')
+      redirect_to admin_user_url(@site, @user)
+    else
+      flash.now[:error] = t(:'adva.users.flash.update.failure')
+      render :action => :edit
+    end
+  end
+
+  def destroy
+    if @user.destroy
+      trigger_events(@user)
+      flash[:notice] = t(:'adva.users.flash.destroy.success')
+      redirect_to admin_users_url(@site)
+    else
+      flash.now[:error] = t(:'adva.users.flash.destroy.failure')
+      render :action => :edit
+    end
+  end
+
+  private
+
+    def set_menu
+      @menu = Menus::Admin::Users.new
+    end
+
+    def set_users
+      @users = @site ? @site.users_and_superusers :
+                       User.admins_and_superusers
+    end
+
+    def set_user
+      @user = User.find(params[:id])
+    end
+
+    # FIXME extract this and use Rbac contexts instead
+    def authorize_access
+      redirect_to admin_sites_url unless @site || current_user.has_role?(:superuser)
+    end
+
+    def authorize_params
+      return
+      return unless params[:user] && params[:user][:roles]
+
+      if params[:user][:roles].has_key?('superuser') && !current_user.has_role?(:superuser) ||
+         params[:user][:roles].has_key?('admin') && !current_user.has_role?(:admin, @site)
+        raise "unauthorized parameter" # TODO raise something more meaningful
+      end
+      # TODO as well check for membership site_id if !user.has_role?(:superuser)
+    end
+end

data/app/controllers/password_controller.rb

@@ -0,0 +1,36 @@
+class PasswordController < BaseController
+  renders_with_error_proc :below_field
+  layout 'login'
+
+  def new
+  end
+
+  def create
+    flash[:notice] = t(:'adva.passwords.flash.create.notification')
+    if user = User.find_by_email(params[:user][:email])
+      token = user.assign_token 'password'
+      user.save!
+      trigger_event user, :password_reset_requested, :token => "#{user.id};#{token}"
+      redirect_to edit_password_url
+    else
+      render :action => :new
+    end
+  end
+
+  def edit
+    params[:token] = nil unless current_user # TODO: maybe solve this nicer?
+  end
+
+  def update
+    if current_user && current_user.update_attributes(params[:user].slice(:password))
+      trigger_event current_user, :password_updated
+      flash[:notice] = t(:'adva.passwords.flash.update.success')
+      authenticate_user(:email => current_user.email, :password => params[:user][:password])
+      redirect_to root_url
+    else
+      params[:token] = nil # ugh
+      flash[:error] = t(:'adva.passwords.flash.update.failure')
+      render :action => :edit
+    end
+  end
+end

data/app/controllers/session_controller.rb

@@ -0,0 +1,30 @@
+class SessionController < BaseController
+  renders_with_error_proc :below_field
+
+  skip_before_filter :verify_authenticity_token # disable forgery protection
+
+  layout 'login'
+
+  def new
+    @user = User.new
+  end
+
+  def create
+    if authenticate_user(params[:user])
+      remember_me! if params[:user][:remember_me]
+      flash[:notice] = t(:'adva.session.flash.create.success')
+      redirect_to return_from(:login)
+    else
+      @user = User.new(:email => params[:user][:email])
+      @remember_me = params[:user][:remember_me]
+      flash.now[:error] = t(:'adva.session.flash.create.failure')
+      render :action => 'new'
+    end
+  end
+
+  def destroy
+    logout
+    flash[:notice] = t(:'adva.session.flash.destroy.success')
+    redirect_to return_from(:logout)
+  end
+end

data/app/helpers/users_helper.rb

@@ -0,0 +1,27 @@
+module UsersHelper
+  def who(name)
+    name = name.name if name.is_a? User
+    return current_user && current_user.name == name ? t(:'adva.common.you') : name
+  end
+
+  def gravatar_img(user, options = {})
+    image_tag gravatar_url(user.email), {:class => 'avatar'}.merge(options)
+  end
+
+  def gravatar_url(email = nil, size = 80)
+    default = '/assets/adva_cms/avatar.gif'
+    return default if email.blank?
+    require 'digest/md5'
+    digest = Digest::MD5.hexdigest(email)
+    # TODO #{ActionController::AbstractRequest.relative_url_root} missing in Rails 2.2
+    "http://www.gravatar.com/avatar.php?size=#{size}&gravatar_id=#{digest}&default=http://#{request.host_with_port}/assets/adva_cms/avatar.gif"
+  end
+
+  def link_to_author resource, options = {}
+    include_email = options[:include_email] && resource.respond_to?(:author_email)
+    name = resource.author_name
+    text = resource.author_homepage.blank? ? name : link_to(h(name), h(resource.author_homepage))
+    text = "#{text} (#{resource.author_email})" if include_email
+    text.html_safe
+  end
+end

data/app/models/account.rb

@@ -0,0 +1,7 @@
+class Account < ActiveRecord::Base
+  has_many :users
+
+  def members
+    
+  end
+end

data/app/models/membership.rb

@@ -0,0 +1,16 @@
+class Membership < ActiveRecord::Base
+  belongs_to :site
+  belongs_to :user
+
+  validates_uniqueness_of :site_id, :scope => :user_id
+
+  # tentacle does this. is it a good idea to keep has_many :roles on the membership?
+  # before_create :set_first_user_admin
+  # def set_first_user_admin
+  #   self.transaction do
+  #     if group && group.members.count == 0
+  #       self.admin = true
+  #     end
+  #   end
+  # end
+end