alberich 0.2.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (242) hide show
  1. data/Gemfile +18 -0
  2. data/MIT-LICENSE +20 -0
  3. data/README.rdoc +37 -0
  4. data/Rakefile +34 -0
  5. data/alberich.gemspec +34 -0
  6. data/app/assets/javascripts/alberich/application.js +15 -0
  7. data/app/assets/javascripts/alberich/permissions.js +2 -0
  8. data/app/assets/javascripts/alberich/privileges.js +2 -0
  9. data/app/assets/javascripts/alberich/roles.js +2 -0
  10. data/app/assets/stylesheets/alberich/application.css +13 -0
  11. data/app/assets/stylesheets/alberich/permissions.css +4 -0
  12. data/app/assets/stylesheets/alberich/privileges.css +4 -0
  13. data/app/assets/stylesheets/alberich/roles.css +4 -0
  14. data/app/assets/stylesheets/scaffold.css +56 -0
  15. data/app/controllers/alberich/application_controller.rb +4 -0
  16. data/app/controllers/alberich/application_controller_helper.rb +118 -0
  17. data/app/controllers/alberich/permissions_controller.rb +211 -0
  18. data/app/controllers/alberich/privileges_controller.rb +105 -0
  19. data/app/controllers/alberich/roles_controller.rb +97 -0
  20. data/app/helpers/alberich/application_helper.rb +4 -0
  21. data/app/helpers/alberich/permissions_helper.rb +4 -0
  22. data/app/helpers/alberich/privileges_helper.rb +4 -0
  23. data/app/helpers/alberich/roles_helper.rb +4 -0
  24. data/app/models/alberich/base_permission_object.rb +42 -0
  25. data/app/models/alberich/derived_permission.rb +25 -0
  26. data/app/models/alberich/entity.rb +27 -0
  27. data/app/models/alberich/entity_target_observer.rb +16 -0
  28. data/app/models/alberich/permission.rb +59 -0
  29. data/app/models/alberich/permission_session.rb +33 -0
  30. data/app/models/alberich/permissioned_object.rb +139 -0
  31. data/app/models/alberich/privilege.rb +29 -0
  32. data/app/models/alberich/role.rb +37 -0
  33. data/app/models/alberich/session_entity.rb +15 -0
  34. data/app/views/alberich/permissions/_form.html.haml +27 -0
  35. data/app/views/alberich/permissions/_list.html.haml +1 -0
  36. data/app/views/alberich/permissions/_objects.html.haml +38 -0
  37. data/app/views/alberich/permissions/_permissions.html.haml +45 -0
  38. data/app/views/alberich/permissions/index.html.haml +2 -0
  39. data/app/views/alberich/permissions/new.html.haml +5 -0
  40. data/app/views/alberich/permissions/show.html.haml +12 -0
  41. data/app/views/alberich/privileges/_form.html.haml +19 -0
  42. data/app/views/alberich/privileges/_list.html.haml +17 -0
  43. data/app/views/alberich/privileges/create.html.haml +2 -0
  44. data/app/views/alberich/privileges/destroy.html.haml +2 -0
  45. data/app/views/alberich/privileges/edit.html.haml +5 -0
  46. data/app/views/alberich/privileges/index.html.haml +5 -0
  47. data/app/views/alberich/privileges/new.html.haml +5 -0
  48. data/app/views/alberich/privileges/show.html.haml +12 -0
  49. data/app/views/alberich/privileges/update.html.haml +2 -0
  50. data/app/views/alberich/roles/_form.html.haml +24 -0
  51. data/app/views/alberich/roles/edit.html.haml +7 -0
  52. data/app/views/alberich/roles/index.html.haml +23 -0
  53. data/app/views/alberich/roles/new.html.haml +5 -0
  54. data/app/views/alberich/roles/show.html.haml +16 -0
  55. data/app/views/layouts/alberich/application.html.erb +14 -0
  56. data/config/initializers/haml.rb +1 -0
  57. data/config/routes.rb +17 -0
  58. data/db/migrate/20120925162242_create_alberich_roles.rb +12 -0
  59. data/db/migrate/20121022223626_create_alberich_privileges.rb +12 -0
  60. data/db/migrate/20121023051301_create_alberich_base_permission_objects.rb +9 -0
  61. data/db/migrate/20121023233648_create_alberich_permission_sessions.rb +11 -0
  62. data/db/migrate/20121027023136_create_alberich_entities.rb +34 -0
  63. data/db/migrate/20121204205213_create_alberich_session_entities.rb +12 -0
  64. data/db/migrate/20121205180518_create_alberich_permissions.rb +13 -0
  65. data/db/migrate/20130107043252_create_alberich_derived_permissions.rb +18 -0
  66. data/lib/alberich.rb +10 -0
  67. data/lib/alberich/#version.rb# +3 -0
  68. data/lib/alberich/engine.rb +10 -0
  69. data/lib/alberich/version.rb +3 -0
  70. data/lib/generators/alberich/install_generator.rb +15 -0
  71. data/lib/generators/alberich/templates/README +6 -0
  72. data/lib/generators/alberich/templates/alberich.rb +11 -0
  73. data/lib/tasks/alberich_tasks.rake +4 -0
  74. data/spec/controllers/alberich/permissions_controller_spec.rb +112 -0
  75. data/spec/controllers/alberich/privileges_controller_spec.rb +131 -0
  76. data/spec/controllers/alberich/roles_controller_spec.rb +130 -0
  77. data/spec/factories/alberich/permission.rb +51 -0
  78. data/spec/factories/alberich/permission_session.rb +7 -0
  79. data/spec/factories/alberich/privilege.rb +6 -0
  80. data/spec/factories/alberich/role.rb +103 -0
  81. data/spec/factories/child_resource.rb +14 -0
  82. data/spec/factories/child_resource.rb~ +7 -0
  83. data/spec/factories/global_resource.rb +11 -0
  84. data/spec/factories/global_resource.rb~ +25 -0
  85. data/spec/factories/parent_resource.rb +12 -0
  86. data/spec/factories/parent_resource.rb~ +7 -0
  87. data/spec/factories/standalone_resource.rb +7 -0
  88. data/spec/factories/standalone_resource.rb~ +11 -0
  89. data/spec/factories/user.rb +30 -0
  90. data/spec/factories/user_group.rb +8 -0
  91. data/spec/models/alberich/derived_permission_spec.rb +34 -0
  92. data/spec/models/alberich/entity_spec.rb +15 -0
  93. data/spec/models/alberich/permission_spec.rb +133 -0
  94. data/spec/models/alberich/privilege_spec.rb +39 -0
  95. data/spec/models/alberich/role_spec.rb +33 -0
  96. data/spec/models/alberich/session_entity_spec.rb +24 -0
  97. data/spec/spec_helper.rb +81 -0
  98. data/spec/support/routes.rb +41 -0
  99. data/test/dummy/README.rdoc +261 -0
  100. data/test/dummy/Rakefile +7 -0
  101. data/test/dummy/app/assets/javascripts/application.js +15 -0
  102. data/test/dummy/app/assets/javascripts/child_resources.js +2 -0
  103. data/test/dummy/app/assets/javascripts/global_resources.js +2 -0
  104. data/test/dummy/app/assets/javascripts/parent_resources.js +2 -0
  105. data/test/dummy/app/assets/javascripts/standalone_resources.js +2 -0
  106. data/test/dummy/app/assets/javascripts/user_groups.js +2 -0
  107. data/test/dummy/app/assets/javascripts/users.js +2 -0
  108. data/test/dummy/app/assets/stylesheets/application.css +13 -0
  109. data/test/dummy/app/assets/stylesheets/child_resources.css +4 -0
  110. data/test/dummy/app/assets/stylesheets/global_resources.css +4 -0
  111. data/test/dummy/app/assets/stylesheets/parent_resources.css +4 -0
  112. data/test/dummy/app/assets/stylesheets/scaffold.css +56 -0
  113. data/test/dummy/app/assets/stylesheets/standalone_resources.css +4 -0
  114. data/test/dummy/app/assets/stylesheets/user_groups.css +4 -0
  115. data/test/dummy/app/assets/stylesheets/users.css +4 -0
  116. data/test/dummy/app/controllers/application_controller.rb +73 -0
  117. data/test/dummy/app/controllers/child_resources_controller.rb +99 -0
  118. data/test/dummy/app/controllers/child_resources_controller.rb~ +83 -0
  119. data/test/dummy/app/controllers/global_resources_controller.rb +95 -0
  120. data/test/dummy/app/controllers/global_resources_controller.rb~ +83 -0
  121. data/test/dummy/app/controllers/parent_resources_controller.rb +101 -0
  122. data/test/dummy/app/controllers/parent_resources_controller.rb~ +83 -0
  123. data/test/dummy/app/controllers/standalone_resources_controller.rb +101 -0
  124. data/test/dummy/app/controllers/standalone_resources_controller.rb~ +83 -0
  125. data/test/dummy/app/controllers/user_groups_controller.rb +131 -0
  126. data/test/dummy/app/controllers/user_sessions_controller.rb +38 -0
  127. data/test/dummy/app/controllers/users_controller.rb +87 -0
  128. data/test/dummy/app/helpers/application_helper.rb +2 -0
  129. data/test/dummy/app/helpers/child_resources_helper.rb +2 -0
  130. data/test/dummy/app/helpers/global_resources_helper.rb +2 -0
  131. data/test/dummy/app/helpers/parent_resources_helper.rb +2 -0
  132. data/test/dummy/app/helpers/standalone_resources_helper.rb +2 -0
  133. data/test/dummy/app/helpers/user_groups_helper.rb +2 -0
  134. data/test/dummy/app/helpers/users_helper.rb +2 -0
  135. data/test/dummy/app/models/child_resource.rb +25 -0
  136. data/test/dummy/app/models/child_resource.rb~ +4 -0
  137. data/test/dummy/app/models/global_resource.rb +3 -0
  138. data/test/dummy/app/models/parent_resource.rb +32 -0
  139. data/test/dummy/app/models/parent_resource.rb~ +3 -0
  140. data/test/dummy/app/models/standalone_resource.rb +22 -0
  141. data/test/dummy/app/models/standalone_resource.rb~ +3 -0
  142. data/test/dummy/app/models/user.rb +80 -0
  143. data/test/dummy/app/models/user_group.rb +12 -0
  144. data/test/dummy/app/views/child_resources/_form.html.erb +30 -0
  145. data/test/dummy/app/views/child_resources/_form.html.erb~ +29 -0
  146. data/test/dummy/app/views/child_resources/edit.html.erb +6 -0
  147. data/test/dummy/app/views/child_resources/index.html.erb +25 -0
  148. data/test/dummy/app/views/child_resources/index.html.erb~ +27 -0
  149. data/test/dummy/app/views/child_resources/new.html.erb +5 -0
  150. data/test/dummy/app/views/child_resources/show.html.erb +20 -0
  151. data/test/dummy/app/views/child_resources/show.html.erb~ +20 -0
  152. data/test/dummy/app/views/global_resources/_form.html.erb +25 -0
  153. data/test/dummy/app/views/global_resources/edit.html.erb +6 -0
  154. data/test/dummy/app/views/global_resources/index.html.erb +25 -0
  155. data/test/dummy/app/views/global_resources/new.html.erb +5 -0
  156. data/test/dummy/app/views/global_resources/show.html.erb +15 -0
  157. data/test/dummy/app/views/layouts/application.html.erb +14 -0
  158. data/test/dummy/app/views/parent_resources/_form.html.erb +25 -0
  159. data/test/dummy/app/views/parent_resources/edit.html.erb +6 -0
  160. data/test/dummy/app/views/parent_resources/index.html.erb +25 -0
  161. data/test/dummy/app/views/parent_resources/index.html.erb~ +25 -0
  162. data/test/dummy/app/views/parent_resources/new.html.erb +5 -0
  163. data/test/dummy/app/views/parent_resources/show.html.erb +44 -0
  164. data/test/dummy/app/views/parent_resources/show.html.erb~ +15 -0
  165. data/test/dummy/app/views/standalone_resources/_form.html.erb +25 -0
  166. data/test/dummy/app/views/standalone_resources/edit.html.erb +6 -0
  167. data/test/dummy/app/views/standalone_resources/index.html.erb +25 -0
  168. data/test/dummy/app/views/standalone_resources/new.html.erb +5 -0
  169. data/test/dummy/app/views/standalone_resources/show.html.erb +15 -0
  170. data/test/dummy/app/views/user_groups/_form.html.haml +9 -0
  171. data/test/dummy/app/views/user_groups/add_members.html.haml +18 -0
  172. data/test/dummy/app/views/user_groups/edit.html.haml +13 -0
  173. data/test/dummy/app/views/user_groups/index.html.haml +20 -0
  174. data/test/dummy/app/views/user_groups/new.html.haml +11 -0
  175. data/test/dummy/app/views/user_groups/show.html.haml +42 -0
  176. data/test/dummy/app/views/user_sessions/new.html.haml +26 -0
  177. data/test/dummy/app/views/users/_form.html.haml +25 -0
  178. data/test/dummy/app/views/users/edit.html.haml +14 -0
  179. data/test/dummy/app/views/users/index.html.haml +26 -0
  180. data/test/dummy/app/views/users/new.html.haml +11 -0
  181. data/test/dummy/app/views/users/show.html.haml +56 -0
  182. data/test/dummy/config.ru +4 -0
  183. data/test/dummy/config/application.rb +59 -0
  184. data/test/dummy/config/boot.rb +10 -0
  185. data/test/dummy/config/database.yml +25 -0
  186. data/test/dummy/config/environment.rb +5 -0
  187. data/test/dummy/config/environments/development.rb +37 -0
  188. data/test/dummy/config/environments/production.rb +67 -0
  189. data/test/dummy/config/environments/test.rb +37 -0
  190. data/test/dummy/config/initializers/alberich.rb +13 -0
  191. data/test/dummy/config/initializers/backtrace_silencers.rb +7 -0
  192. data/test/dummy/config/initializers/inflections.rb +15 -0
  193. data/test/dummy/config/initializers/mime_types.rb +5 -0
  194. data/test/dummy/config/initializers/secret_token.rb +7 -0
  195. data/test/dummy/config/initializers/session_store.rb +8 -0
  196. data/test/dummy/config/initializers/warden.rb +79 -0
  197. data/test/dummy/config/initializers/wrap_parameters.rb +14 -0
  198. data/test/dummy/config/locales/en.yml +5 -0
  199. data/test/dummy/config/routes.rb +33 -0
  200. data/test/dummy/db/migrate/20120801010101_create_users.rb +20 -0
  201. data/test/dummy/db/migrate/20121121054319_create_user_groups.rb +16 -0
  202. data/test/dummy/db/migrate/20130220160811_create_global_resources.rb +10 -0
  203. data/test/dummy/db/migrate/20130220175258_create_standalone_resources.rb +10 -0
  204. data/test/dummy/db/migrate/20130226145412_create_parent_resources.rb +10 -0
  205. data/test/dummy/db/migrate/20130226151256_create_child_resources.rb +12 -0
  206. data/test/dummy/db/migrate/20130226151256_create_child_resources.rb~ +12 -0
  207. data/test/dummy/db/schema.rb +151 -0
  208. data/test/dummy/db/seeds.rb +65 -0
  209. data/test/dummy/lib/password.rb +58 -0
  210. data/test/dummy/public/404.html +26 -0
  211. data/test/dummy/public/422.html +26 -0
  212. data/test/dummy/public/500.html +25 -0
  213. data/test/dummy/public/favicon.ico +0 -0
  214. data/test/dummy/script/rails +6 -0
  215. data/test/dummy/test/fixtures/child_resources.yml +11 -0
  216. data/test/dummy/test/fixtures/global_resources.yml +9 -0
  217. data/test/dummy/test/fixtures/parent_resources.yml +9 -0
  218. data/test/dummy/test/fixtures/standalone_resources.yml +9 -0
  219. data/test/dummy/test/fixtures/user_groups.yml +9 -0
  220. data/test/dummy/test/fixtures/users.yml +37 -0
  221. data/test/dummy/test/functional/child_resources_controller_test.rb +49 -0
  222. data/test/dummy/test/functional/global_resources_controller_test.rb +49 -0
  223. data/test/dummy/test/functional/parent_resources_controller_test.rb +49 -0
  224. data/test/dummy/test/functional/standalone_resources_controller_test.rb +49 -0
  225. data/test/dummy/test/functional/user_groups_controller_test.rb +49 -0
  226. data/test/dummy/test/functional/users_controller_test.rb +39 -0
  227. data/test/dummy/test/unit/child_resource_test.rb +7 -0
  228. data/test/dummy/test/unit/global_resource_test.rb +7 -0
  229. data/test/dummy/test/unit/helpers/child_resources_helper_test.rb +4 -0
  230. data/test/dummy/test/unit/helpers/global_resources_helper_test.rb +4 -0
  231. data/test/dummy/test/unit/helpers/parent_resources_helper_test.rb +4 -0
  232. data/test/dummy/test/unit/helpers/standalone_resources_helper_test.rb +4 -0
  233. data/test/dummy/test/unit/helpers/user_groups_helper_test.rb +4 -0
  234. data/test/dummy/test/unit/helpers/users_helper_test.rb +4 -0
  235. data/test/dummy/test/unit/parent_resource_test.rb +7 -0
  236. data/test/dummy/test/unit/standalone_resource_test.rb +7 -0
  237. data/test/dummy/test/unit/user_group_test.rb +7 -0
  238. data/test/dummy/test/unit/user_test.rb +7 -0
  239. data/test/integration/alberich/permission_test.rb +7 -0
  240. data/test/integration/alberich/privilege_test.rb +7 -0
  241. data/test/integration/alberich/role_test.rb +7 -0
  242. metadata +639 -0
data/app/models/alberich/privilege.rb ADDED
@@ -0,0 +1,29 @@
1
+ module Alberich
2
+ class Privilege < ActiveRecord::Base
3
+ attr_accessible :action, :role, :role_id, :target_type
4
+
5
+ PERM_SET = "set_perms" # can create/modify/delete permission
6
+ # records on this object
7
+ PERM_VIEW = "view_perms" # can view permission records on this
8
+ # object
9
+ CREATE = "create" # can create objects of this type here
10
+ MODIFY = "modify" # can modify objects of this type here
11
+ VIEW = "view" # can view objects of this type here
12
+ USE = "use" # can use objects of this type here
13
+
14
+ ACTIONS = [ CREATE, MODIFY, USE, VIEW,
15
+ PERM_SET, PERM_VIEW]
16
+ TARGET_TYPES = ["Alberich::BasePermissionObject"] +
17
+ Alberich.permissioned_object_classes +
18
+ Alberich.additional_privilege_scopes
19
+
20
+ belongs_to :role
21
+ validates_presence_of :role_id
22
+ validates_presence_of :target_type
23
+ validates_presence_of :action
24
+ validates_uniqueness_of :action, :scope => [:target_type, :role_id]
25
+ validates_inclusion_of :target_type, :in => TARGET_TYPES
26
+ validates_inclusion_of :action, :in => ACTIONS
27
+
28
+ end
29
+ end
data/app/models/alberich/role.rb ADDED
@@ -0,0 +1,37 @@
1
+ module Alberich
2
+ class Role < ActiveRecord::Base
3
+ VALID_SCOPES = ["Alberich::BasePermissionObject"] + Alberich.permissioned_object_classes
4
+ has_many :permissions, :dependent => :destroy
5
+ has_many :derived_permissions, :dependent => :destroy
6
+ has_many :privileges, :dependent => :destroy
7
+
8
+ attr_accessible :name, :assign_to_owner, :scope
9
+
10
+ validates_presence_of :scope
11
+ validates_presence_of :name
12
+ validates_uniqueness_of :name
13
+
14
+ validates_associated :privileges
15
+
16
+ validates_length_of :name, :maximum => 255
17
+ validates_inclusion_of :scope, :in => VALID_SCOPES
18
+ def privilege_target_types
19
+ privileges.collect {|x| x.target_type.constantize}.uniq
20
+ end
21
+ def privilege_target_match(obj_type)
22
+ (privilege_target_types & obj_type.active_privilege_target_types).any?
23
+ end
24
+
25
+ def self.all_by_scope
26
+ roles = self.all
27
+ role_hash = {}
28
+ roles.each do |role|
29
+ role_hash[role.scope] ||= []
30
+ role_hash[role.scope] << role
31
+ end
32
+ role_hash
33
+ end
34
+
35
+ end
36
+
37
+ end
data/app/models/alberich/session_entity.rb ADDED
@@ -0,0 +1,15 @@
1
+ module Alberich
2
+ class SessionEntity < ActiveRecord::Base
3
+ attr_accessible :entity_id, :permission_session_id, :user_id,
4
+ :entity, :user
5
+ belongs_to :user
6
+ belongs_to :entity
7
+ belongs_to :permission_session
8
+
9
+ validates_presence_of :user_id
10
+ validates_presence_of :permission_session_id
11
+ validates_presence_of :entity_id
12
+ validates_uniqueness_of :entity_id, :scope => [:user_id, :permission_session_id]
13
+
14
+ end
15
+ end
data/app/views/alberich/permissions/_form.html.haml ADDED
@@ -0,0 +1,27 @@
1
+ = form_tag({:method => :post, :action => :create}) do
2
+ %table.flat.checkbox_table{ 'data-none_selected' => "none selected", 'data-confirm' => "are you sure?" }
3
+ %thead
4
+ %tr
5
+ - @header.each do |column|
6
+ - if column[:name] == 'checkbox'
7
+ %th{:class => column[:class]}= check_box_tag :select_all, true, false, :class => 'select_all'
8
+ -else
9
+ %th{:class => column[:class]}= column[:name]
10
+ - if !@entities.any?
11
+ %tr
12
+ %td{:colspan => @header.size}= "nothing here"
13
+ - @entities.each do |entity|
14
+ %tr{:class => cycle('nostripe','stripe')}
15
+ %td
16
+ -# - selected = params[:select] == 'all'
17
+ -# = check_box_tag "entity_selected[]", entity.id, selected, :id => "entity_checkbox_#{entity.id}"
18
+ %td= link_to entity.name, main_app.url_for(entity.entity_target)
19
+ %td= select_tag "entity_role_selected[]", options_for_select([['', "#{entity.id},"]] + @roles.map {|r| [t(r.name, :scope=> :role_defs, :default => r.name), "#{entity.id},#{r.id}" ] }, :disabled => @permission_object.permissions.where(:entity_id=>entity.id).collect {|p| "#{entity.id},#{p.role.id}"}), :id => "entity_role_selected_#{entity.id}"
20
+
21
+ %fieldset.options
22
+ = hidden_field_tag :permission_object_type, @permission_object.class.name
23
+ = hidden_field_tag :permission_object_id, @permission_object.id
24
+ = hidden_field_tag :path_prefix, @path_prefix
25
+ = hidden_field_tag :use_tabs, @use_tabs
26
+ = submit_tag "Grant Access"
27
+ = link_to 'Cancel', @return_path, :class => 'button danger'
data/app/views/alberich/permissions/_list.html.haml ADDED
@@ -0,0 +1 @@
1
+ = render :partial => 'permissions'
data/app/views/alberich/permissions/_objects.html.haml ADDED
@@ -0,0 +1,38 @@
1
+ - content_for :permissions_form_header do
2
+ %span{:id => ("tab-container-1-nav" unless @inline)}
3
+ - if @show_inherited
4
+ %li= link_to "Direct Access", params.merge(:show_inherited => false, :page => 1), { :class => 'button primary', :id => 'direct_permission_button'}
5
+ - else
6
+ %li= link_to "Inherited Access", params.merge(:show_inherited => true, :page => 1), { :class => 'button primary', :id => 'inherited_permission_button'}
7
+
8
+ = form_tag do
9
+ %div.controls
10
+ %ul.actions
11
+ = yield :permissions_form_header
12
+ %table.flat.checkbox_table{ 'data-none_selected' => "Please make a selection first.", 'data-confirm' => "Are you sure?" }
13
+ %thead
14
+ %tr
15
+ - @permission_list_header.each do |column|
16
+ - if column[:name] == 'checkbox'
17
+ - # checkboxes ignored for engine UI
18
+ -else
19
+ %th{:class => column[:class]}= column[:name]
20
+ - if !@permissions.any?
21
+ %tr
22
+ %td{:colspan => columns.size}= "No matching results"
23
+ - @permissions.each do |permission|
24
+ %tr{:class => cycle('nostripe','stripe')}
25
+ - if permission.permission_object.class == Alberich::BasePermissionObject
26
+ %td Global
27
+ %td
28
+ - else
29
+ %td= permission_object_type
30
+ %td= link_to permission.permission_object.name, permission.permission_object
31
+ %td= permission.role.name
32
+ - if not(@show_inherited) && check_privilege(Alberich::Privilege::PERM_SET)
33
+ %td= link_to 'Destroy', alberich.permission_path(permission), method: :delete, data: { confirm: 'Are you sure?' }
34
+ - if @show_inherited
35
+ - if permission.permission.permission_object.class == Alberich::BasePermissionObject
36
+ %td= t'permissions.global'
37
+ - else
38
+ %td= link_to permission.permission.permission_object.name, permission.permission.permission_object
data/app/views/alberich/permissions/_permissions.html.haml ADDED
@@ -0,0 +1,45 @@
1
+ - has_admin_perms = check_privilege(Alberich::Privilege::PERM_SET)
2
+ - prevent_admin_deletion = has_admin_perms && !(@show_inherited || @show_global) && (@permission_object == Alberich::BasePermissionObject.general_permission_scope) && (Alberich::BasePermissionObject.global_admin_permission_count == 1)
3
+ - content_for :permissions_form_header do
4
+ - if not(@show_inherited or @show_global) && check_privilege(Alberich::Privilege::PERM_SET)
5
+ %li= link_to "Grant Access", new_permission_path(:permission_object_type => @permission_object.class.name, :permission_object_id => @permission_object.id, :path_prefix => @path_prefix, :use_tabs => @use_tabs ? @use_tabs : (@tabs ? 'yes' : 'no')), { :class => 'button primary', :id => 'new_permission_button'}
6
+
7
+ %span{:id => ("tab-container-1-nav" unless @inline)}
8
+ - unless @permission_object == Alberich::BasePermissionObject.general_permission_scope
9
+ - if @show_inherited
10
+ %li= link_to "Direct Access", params.merge(:show_inherited => false, :show_global => false, :page => 1), { :class => 'button', :id => 'direct_permission_button'}
11
+ %li= link_to "Global Access", params.merge(:show_inherited => false, :show_global => true, :page => 1), { :class => 'button', :id => 'global_permission_button'}
12
+ - elsif @show_global
13
+ %li= link_to "Direct Accress", params.merge(:show_inherited => false, :show_global => false, :page => 1), { :class => 'button', :id => 'direct_permission_button'}
14
+ %li= link_to "Inherited Access", params.merge(:show_inherited => true, :show_global => false, :page => 1), { :class => 'button', :id => 'inherited_permission_button'}
15
+ - else
16
+ %li= link_to "Inherited Access", params.merge(:show_inherited => true, :show_global => false, :page => 1), { :class => 'button', :id => 'inherited_permission_button'}
17
+ %li= link_to "Global Access", params.merge(:show_inherited => false, :show_global => true, :page => 1), { :class => 'button', :id => 'global_permission_button'}
18
+
19
+ = form_tag do
20
+ %div.controls
21
+ %ul.actions
22
+ = yield :permissions_form_header
23
+ %table.flat.checkbox_table{ 'data-none_selected' => "Please make a selection first.", 'data-confirm' => "Are you sure?" }
24
+ %thead
25
+ %tr
26
+ - @permission_list_header.each do |column|
27
+ - if column[:name] == 'checkbox'
28
+ - # checkboxes ignored for engine UI
29
+ -else
30
+ %th{:class => column[:class]}= column[:name]
31
+ - if !@permissions.any?
32
+ %tr
33
+ %td{:colspan => columns.size}= "No matching results"
34
+ - @permissions.each do |permission|
35
+ %tr{:class => cycle('nostripe','stripe')}
36
+ %td= permission.entity.entity_target.class.model_name.human
37
+ %td= link_to permission.entity.name, main_app.url_for(permission.entity.entity_target)
38
+ %td= permission.role.name
39
+ - if !(@show_inherited || @show_global) && has_admin_perms && !(prevent_admin_deletion && Alberich::BasePermissionObject.is_global_admin_perm(permission))
40
+ %td= link_to 'Destroy', permission, method: :delete, data: { confirm: 'Are you sure?' }
41
+ - if @show_inherited
42
+ %td= permission.permission.permission_object.name
43
+
44
+ - if @permissions.respond_to?(:total_pages)
45
+ = render_pagination(@permissions)
data/app/views/alberich/permissions/index.html.haml ADDED
@@ -0,0 +1,2 @@
1
+ %h1 Listing permissions
2
+ = render :partial => 'permissions'
data/app/views/alberich/permissions/new.html.haml ADDED
@@ -0,0 +1,5 @@
1
+ %h1 New permission
2
+
3
+ = render 'form'
4
+
5
+ = link_to 'Back', permissions_path
data/app/views/alberich/permissions/show.html.haml ADDED
@@ -0,0 +1,12 @@
1
+ %p#notice= notice
2
+
3
+ %p
4
+ %b Role:
5
+ = @permission.role_id
6
+ %p
7
+ %b Entity:
8
+ = @permission.entity_id
9
+
10
+ = link_to 'Edit', edit_permission_path(@permission)
11
+ \|
12
+ = link_to 'Back', permissions_path
data/app/views/alberich/privileges/_form.html.haml ADDED
@@ -0,0 +1,19 @@
1
+ = form_for @privilege do |f|
2
+ - if @privilege.errors.any?
3
+ #error_explanation
4
+ %h2= "#{pluralize(@privilege.errors.count, "error")} prohibited this privilege from being saved:"
5
+ %ul
6
+ - @privilege.errors.full_messages.each do |msg|
7
+ %li= msg
8
+
9
+ = f.hidden_field :role_id
10
+ .field
11
+ = f.label :target_type
12
+ .input
13
+ = f.select :target_type, @target_type_list
14
+ .field
15
+ = f.label :action
16
+ .input
17
+ = f.select :action, @action_list
18
+ .actions
19
+ = f.submit 'Save'
data/app/views/alberich/privileges/_list.html.haml ADDED
@@ -0,0 +1,17 @@
1
+ %table
2
+ %tr
3
+ %th Target type
4
+ %th Action
5
+ %th
6
+ %th
7
+ %th
8
+
9
+ - privileges.each do |privilege|
10
+ %tr
11
+ %td= privilege.target_type
12
+ %td= privilege.action
13
+ %td= link_to 'Show', privilege
14
+ %td= link_to 'Edit', edit_privilege_path(privilege)
15
+ %td= link_to 'Destroy', privilege, method: :delete, data: { confirm: 'Are you sure?' }
16
+
17
+ %br
data/app/views/alberich/privileges/create.html.haml ADDED
@@ -0,0 +1,2 @@
1
+ %h1 Privileges#create
2
+ %p Find me in app/views/alberich/privileges/create.html.haml
data/app/views/alberich/privileges/destroy.html.haml ADDED
@@ -0,0 +1,2 @@
1
+ %h1 Privileges#destroy
2
+ %p Find me in app/views/alberich/privileges/destroy.html.haml
data/app/views/alberich/privileges/edit.html.haml ADDED
@@ -0,0 +1,5 @@
1
+ %h1 Editing privilege
2
+
3
+ = render 'form'
4
+
5
+ = link_to 'Back', role_path(@privilege.role)
data/app/views/alberich/privileges/index.html.haml ADDED
@@ -0,0 +1,5 @@
1
+ %h1 Listing privileges
2
+
3
+ = render :partial => 'list', :locals => { :privileges => @privileges }
4
+
5
+ = link_to 'New Privilege', new_privilege_path
data/app/views/alberich/privileges/new.html.haml ADDED
@@ -0,0 +1,5 @@
1
+ %h1= "New privilege for #{@privilege.role.name}"
2
+
3
+ = render 'form'
4
+
5
+ = link_to 'Back', role_path(@privilege.role)
data/app/views/alberich/privileges/show.html.haml ADDED
@@ -0,0 +1,12 @@
1
+ %p#notice= notice
2
+
3
+ %p
4
+ %b Target type:
5
+ = @privilege.target_type
6
+ %p
7
+ %b Action:
8
+ = @privilege.action
9
+
10
+ = link_to 'Edit', edit_privilege_path(@privilege)
11
+ \|
12
+ = link_to 'Back', privileges_path
data/app/views/alberich/privileges/update.html.haml ADDED
@@ -0,0 +1,2 @@
1
+ %h1 Privileges#update
2
+ %p Find me in app/views/alberich/privileges/update.html.haml
data/app/views/alberich/roles/_form.html.haml ADDED
@@ -0,0 +1,24 @@
1
+ = form_for(@role) do |f|
2
+ - if @role.errors.any?
3
+ %div#error_explanation
4
+ %h2= "#{pluralize(@role.errors.count, 'error')} prohibited this role from being saved:"
5
+
6
+ %ul
7
+ - @role.errors.full_messages.each do |msg|
8
+ %li= msg
9
+ %fieldset
10
+ .field
11
+ = f.label :name, :class => 'em'
12
+ .input
13
+ = f.text_field :name, :class => "em long"
14
+ .field
15
+ = f.label :scope, :class => 'em'
16
+ .input
17
+ = f.select :scope, @scope_list
18
+ .field
19
+ = f.label :assign_to_owner, :class => 'checkbox'
20
+ .input
21
+ = f.check_box :assign_to_owner
22
+
23
+ %div.actions
24
+ = f.submit
data/app/views/alberich/roles/edit.html.haml ADDED
@@ -0,0 +1,7 @@
1
+ %h1 Editing role
2
+
3
+ = render 'form'
4
+
5
+ = link_to 'Show', @role
6
+ |
7
+ = link_to 'Back', roles_path
data/app/views/alberich/roles/index.html.haml ADDED
@@ -0,0 +1,23 @@
1
+ %h1=t "Listing roles"
2
+
3
+ %table
4
+ %tr
5
+ %th=t "Name"
6
+ %th=t "Scope"
7
+ %th=t "assign_to_owner"
8
+ %th
9
+ %th
10
+ %th
11
+
12
+ - @roles.each do |role|
13
+ %tr
14
+ %th= link_to role.name, role
15
+ %th= role.scope
16
+ %th= role.assign_to_owner
17
+ %th= link_to 'Show', role
18
+ %th= link_to 'Edit', edit_role_path(role)
19
+ %th= link_to 'Destroy', role, method: :delete, data: { confirm: 'Are you sure?' }, :id => "destroy_role_#{role.id}"
20
+
21
+ %br
22
+
23
+ = link_to 'New Role', new_role_path
data/app/views/alberich/roles/new.html.haml ADDED
@@ -0,0 +1,5 @@
1
+ %h1 New role
2
+
3
+ = render 'form'
4
+
5
+ = link_to 'Back', roles_path
data/app/views/alberich/roles/show.html.haml ADDED
@@ -0,0 +1,16 @@
1
+ %p#notice= notice
2
+
3
+ %h1= @role.name
4
+
5
+ %ul
6
+ %li= "Scope: #{@role.scope}"
7
+ %li= "Assign to Owner: #{@role.assign_to_owner}"
8
+
9
+ %li
10
+ %h2 Privileges
11
+ = render :partial => 'alberich/privileges/list', :locals => { :privileges => @role.privileges }
12
+ = link_to 'New Privilege', new_role_privilege_path(@role)
13
+
14
+ = link_to 'Edit', edit_role_path(@role)
15
+ |
16
+ = link_to 'Back', roles_path
data/app/views/layouts/alberich/application.html.erb ADDED
@@ -0,0 +1,14 @@
1
+ <!DOCTYPE html>
2
+ <html>
3
+ <head>
4
+ <title>Alberich</title>
5
+ <%= stylesheet_link_tag "alberich/application", :media => "all" %>
6
+ <%= javascript_include_tag "alberich/application" %>
7
+ <%= csrf_meta_tags %>
8
+ </head>
9
+ <body>
10
+
11
+ <%= yield %>
12
+
13
+ </body>
14
+ </html>
data/config/initializers/haml.rb ADDED
@@ -0,0 +1 @@
1
+ require 'haml'
data/config/routes.rb ADDED
@@ -0,0 +1,17 @@
1
+ Alberich::Engine.routes.draw do
2
+ resources :permissions do
3
+ collection do
4
+ get :list
5
+ delete :multi_destroy
6
+ post :multi_update
7
+ end
8
+ end
9
+
10
+
11
+ resources :privileges
12
+
13
+ resources :roles do
14
+ resources :privileges
15
+ end
16
+
17
+ end
data/db/migrate/20120925162242_create_alberich_roles.rb ADDED
@@ -0,0 +1,12 @@
1
+ class CreateAlberichRoles < ActiveRecord::Migration
2
+ def change
3
+ create_table :alberich_roles do |t|
4
+ t.string :name, :null => false
5
+ t.string :scope, :null => false
6
+ t.integer :lock_version, :default => 0
7
+ t.boolean :assign_to_owner, :default => false
8
+
9
+ t.timestamps
10
+ end
11
+ end
12
+ end