RubyGems - alberich - Versions diffs - 0.2.0 - Mend

alberich 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (242) hide show

data/Gemfile +18 -0
data/MIT-LICENSE +20 -0
data/README.rdoc +37 -0
data/Rakefile +34 -0
data/alberich.gemspec +34 -0
data/app/assets/javascripts/alberich/application.js +15 -0
data/app/assets/javascripts/alberich/permissions.js +2 -0
data/app/assets/javascripts/alberich/privileges.js +2 -0
data/app/assets/javascripts/alberich/roles.js +2 -0
data/app/assets/stylesheets/alberich/application.css +13 -0
data/app/assets/stylesheets/alberich/permissions.css +4 -0
data/app/assets/stylesheets/alberich/privileges.css +4 -0
data/app/assets/stylesheets/alberich/roles.css +4 -0
data/app/assets/stylesheets/scaffold.css +56 -0
data/app/controllers/alberich/application_controller.rb +4 -0
data/app/controllers/alberich/application_controller_helper.rb +118 -0
data/app/controllers/alberich/permissions_controller.rb +211 -0
data/app/controllers/alberich/privileges_controller.rb +105 -0
data/app/controllers/alberich/roles_controller.rb +97 -0
data/app/helpers/alberich/application_helper.rb +4 -0
data/app/helpers/alberich/permissions_helper.rb +4 -0
data/app/helpers/alberich/privileges_helper.rb +4 -0
data/app/helpers/alberich/roles_helper.rb +4 -0
data/app/models/alberich/base_permission_object.rb +42 -0
data/app/models/alberich/derived_permission.rb +25 -0
data/app/models/alberich/entity.rb +27 -0
data/app/models/alberich/entity_target_observer.rb +16 -0
data/app/models/alberich/permission.rb +59 -0
data/app/models/alberich/permission_session.rb +33 -0
data/app/models/alberich/permissioned_object.rb +139 -0
data/app/models/alberich/privilege.rb +29 -0
data/app/models/alberich/role.rb +37 -0
data/app/models/alberich/session_entity.rb +15 -0
data/app/views/alberich/permissions/_form.html.haml +27 -0
data/app/views/alberich/permissions/_list.html.haml +1 -0
data/app/views/alberich/permissions/_objects.html.haml +38 -0
data/app/views/alberich/permissions/_permissions.html.haml +45 -0
data/app/views/alberich/permissions/index.html.haml +2 -0
data/app/views/alberich/permissions/new.html.haml +5 -0
data/app/views/alberich/permissions/show.html.haml +12 -0
data/app/views/alberich/privileges/_form.html.haml +19 -0
data/app/views/alberich/privileges/_list.html.haml +17 -0
data/app/views/alberich/privileges/create.html.haml +2 -0
data/app/views/alberich/privileges/destroy.html.haml +2 -0
data/app/views/alberich/privileges/edit.html.haml +5 -0
data/app/views/alberich/privileges/index.html.haml +5 -0
data/app/views/alberich/privileges/new.html.haml +5 -0
data/app/views/alberich/privileges/show.html.haml +12 -0
data/app/views/alberich/privileges/update.html.haml +2 -0
data/app/views/alberich/roles/_form.html.haml +24 -0
data/app/views/alberich/roles/edit.html.haml +7 -0
data/app/views/alberich/roles/index.html.haml +23 -0
data/app/views/alberich/roles/new.html.haml +5 -0
data/app/views/alberich/roles/show.html.haml +16 -0
data/app/views/layouts/alberich/application.html.erb +14 -0
data/config/initializers/haml.rb +1 -0
data/config/routes.rb +17 -0
data/db/migrate/20120925162242_create_alberich_roles.rb +12 -0
data/db/migrate/20121022223626_create_alberich_privileges.rb +12 -0
data/db/migrate/20121023051301_create_alberich_base_permission_objects.rb +9 -0
data/db/migrate/20121023233648_create_alberich_permission_sessions.rb +11 -0
data/db/migrate/20121027023136_create_alberich_entities.rb +34 -0
data/db/migrate/20121204205213_create_alberich_session_entities.rb +12 -0
data/db/migrate/20121205180518_create_alberich_permissions.rb +13 -0
data/db/migrate/20130107043252_create_alberich_derived_permissions.rb +18 -0
data/lib/alberich.rb +10 -0
data/lib/alberich/#version.rb# +3 -0
data/lib/alberich/engine.rb +10 -0
data/lib/alberich/version.rb +3 -0
data/lib/generators/alberich/install_generator.rb +15 -0
data/lib/generators/alberich/templates/README +6 -0
data/lib/generators/alberich/templates/alberich.rb +11 -0
data/lib/tasks/alberich_tasks.rake +4 -0
data/spec/controllers/alberich/permissions_controller_spec.rb +112 -0
data/spec/controllers/alberich/privileges_controller_spec.rb +131 -0
data/spec/controllers/alberich/roles_controller_spec.rb +130 -0
data/spec/factories/alberich/permission.rb +51 -0
data/spec/factories/alberich/permission_session.rb +7 -0
data/spec/factories/alberich/privilege.rb +6 -0
data/spec/factories/alberich/role.rb +103 -0
data/spec/factories/child_resource.rb +14 -0
data/spec/factories/child_resource.rb~ +7 -0
data/spec/factories/global_resource.rb +11 -0
data/spec/factories/global_resource.rb~ +25 -0
data/spec/factories/parent_resource.rb +12 -0
data/spec/factories/parent_resource.rb~ +7 -0
data/spec/factories/standalone_resource.rb +7 -0
data/spec/factories/standalone_resource.rb~ +11 -0
data/spec/factories/user.rb +30 -0
data/spec/factories/user_group.rb +8 -0
data/spec/models/alberich/derived_permission_spec.rb +34 -0
data/spec/models/alberich/entity_spec.rb +15 -0
data/spec/models/alberich/permission_spec.rb +133 -0
data/spec/models/alberich/privilege_spec.rb +39 -0
data/spec/models/alberich/role_spec.rb +33 -0
data/spec/models/alberich/session_entity_spec.rb +24 -0
data/spec/spec_helper.rb +81 -0
data/spec/support/routes.rb +41 -0
data/test/dummy/README.rdoc +261 -0
data/test/dummy/Rakefile +7 -0
data/test/dummy/app/assets/javascripts/application.js +15 -0
data/test/dummy/app/assets/javascripts/child_resources.js +2 -0
data/test/dummy/app/assets/javascripts/global_resources.js +2 -0
data/test/dummy/app/assets/javascripts/parent_resources.js +2 -0
data/test/dummy/app/assets/javascripts/standalone_resources.js +2 -0
data/test/dummy/app/assets/javascripts/user_groups.js +2 -0
data/test/dummy/app/assets/javascripts/users.js +2 -0
data/test/dummy/app/assets/stylesheets/application.css +13 -0
data/test/dummy/app/assets/stylesheets/child_resources.css +4 -0
data/test/dummy/app/assets/stylesheets/global_resources.css +4 -0
data/test/dummy/app/assets/stylesheets/parent_resources.css +4 -0
data/test/dummy/app/assets/stylesheets/scaffold.css +56 -0
data/test/dummy/app/assets/stylesheets/standalone_resources.css +4 -0
data/test/dummy/app/assets/stylesheets/user_groups.css +4 -0
data/test/dummy/app/assets/stylesheets/users.css +4 -0
data/test/dummy/app/controllers/application_controller.rb +73 -0
data/test/dummy/app/controllers/child_resources_controller.rb +99 -0
data/test/dummy/app/controllers/child_resources_controller.rb~ +83 -0
data/test/dummy/app/controllers/global_resources_controller.rb +95 -0
data/test/dummy/app/controllers/global_resources_controller.rb~ +83 -0
data/test/dummy/app/controllers/parent_resources_controller.rb +101 -0
data/test/dummy/app/controllers/parent_resources_controller.rb~ +83 -0
data/test/dummy/app/controllers/standalone_resources_controller.rb +101 -0
data/test/dummy/app/controllers/standalone_resources_controller.rb~ +83 -0
data/test/dummy/app/controllers/user_groups_controller.rb +131 -0
data/test/dummy/app/controllers/user_sessions_controller.rb +38 -0
data/test/dummy/app/controllers/users_controller.rb +87 -0
data/test/dummy/app/helpers/application_helper.rb +2 -0
data/test/dummy/app/helpers/child_resources_helper.rb +2 -0
data/test/dummy/app/helpers/global_resources_helper.rb +2 -0
data/test/dummy/app/helpers/parent_resources_helper.rb +2 -0
data/test/dummy/app/helpers/standalone_resources_helper.rb +2 -0
data/test/dummy/app/helpers/user_groups_helper.rb +2 -0
data/test/dummy/app/helpers/users_helper.rb +2 -0
data/test/dummy/app/models/child_resource.rb +25 -0
data/test/dummy/app/models/child_resource.rb~ +4 -0
data/test/dummy/app/models/global_resource.rb +3 -0
data/test/dummy/app/models/parent_resource.rb +32 -0
data/test/dummy/app/models/parent_resource.rb~ +3 -0
data/test/dummy/app/models/standalone_resource.rb +22 -0
data/test/dummy/app/models/standalone_resource.rb~ +3 -0
data/test/dummy/app/models/user.rb +80 -0
data/test/dummy/app/models/user_group.rb +12 -0
data/test/dummy/app/views/child_resources/_form.html.erb +30 -0
data/test/dummy/app/views/child_resources/_form.html.erb~ +29 -0
data/test/dummy/app/views/child_resources/edit.html.erb +6 -0
data/test/dummy/app/views/child_resources/index.html.erb +25 -0
data/test/dummy/app/views/child_resources/index.html.erb~ +27 -0
data/test/dummy/app/views/child_resources/new.html.erb +5 -0
data/test/dummy/app/views/child_resources/show.html.erb +20 -0
data/test/dummy/app/views/child_resources/show.html.erb~ +20 -0
data/test/dummy/app/views/global_resources/_form.html.erb +25 -0
data/test/dummy/app/views/global_resources/edit.html.erb +6 -0
data/test/dummy/app/views/global_resources/index.html.erb +25 -0
data/test/dummy/app/views/global_resources/new.html.erb +5 -0
data/test/dummy/app/views/global_resources/show.html.erb +15 -0
data/test/dummy/app/views/layouts/application.html.erb +14 -0
data/test/dummy/app/views/parent_resources/_form.html.erb +25 -0
data/test/dummy/app/views/parent_resources/edit.html.erb +6 -0
data/test/dummy/app/views/parent_resources/index.html.erb +25 -0
data/test/dummy/app/views/parent_resources/index.html.erb~ +25 -0
data/test/dummy/app/views/parent_resources/new.html.erb +5 -0
data/test/dummy/app/views/parent_resources/show.html.erb +44 -0
data/test/dummy/app/views/parent_resources/show.html.erb~ +15 -0
data/test/dummy/app/views/standalone_resources/_form.html.erb +25 -0
data/test/dummy/app/views/standalone_resources/edit.html.erb +6 -0
data/test/dummy/app/views/standalone_resources/index.html.erb +25 -0
data/test/dummy/app/views/standalone_resources/new.html.erb +5 -0
data/test/dummy/app/views/standalone_resources/show.html.erb +15 -0
data/test/dummy/app/views/user_groups/_form.html.haml +9 -0
data/test/dummy/app/views/user_groups/add_members.html.haml +18 -0
data/test/dummy/app/views/user_groups/edit.html.haml +13 -0
data/test/dummy/app/views/user_groups/index.html.haml +20 -0
data/test/dummy/app/views/user_groups/new.html.haml +11 -0
data/test/dummy/app/views/user_groups/show.html.haml +42 -0
data/test/dummy/app/views/user_sessions/new.html.haml +26 -0
data/test/dummy/app/views/users/_form.html.haml +25 -0
data/test/dummy/app/views/users/edit.html.haml +14 -0
data/test/dummy/app/views/users/index.html.haml +26 -0
data/test/dummy/app/views/users/new.html.haml +11 -0
data/test/dummy/app/views/users/show.html.haml +56 -0
data/test/dummy/config.ru +4 -0
data/test/dummy/config/application.rb +59 -0
data/test/dummy/config/boot.rb +10 -0
data/test/dummy/config/database.yml +25 -0
data/test/dummy/config/environment.rb +5 -0
data/test/dummy/config/environments/development.rb +37 -0
data/test/dummy/config/environments/production.rb +67 -0
data/test/dummy/config/environments/test.rb +37 -0
data/test/dummy/config/initializers/alberich.rb +13 -0
data/test/dummy/config/initializers/backtrace_silencers.rb +7 -0
data/test/dummy/config/initializers/inflections.rb +15 -0
data/test/dummy/config/initializers/mime_types.rb +5 -0
data/test/dummy/config/initializers/secret_token.rb +7 -0
data/test/dummy/config/initializers/session_store.rb +8 -0
data/test/dummy/config/initializers/warden.rb +79 -0
data/test/dummy/config/initializers/wrap_parameters.rb +14 -0
data/test/dummy/config/locales/en.yml +5 -0
data/test/dummy/config/routes.rb +33 -0
data/test/dummy/db/migrate/20120801010101_create_users.rb +20 -0
data/test/dummy/db/migrate/20121121054319_create_user_groups.rb +16 -0
data/test/dummy/db/migrate/20130220160811_create_global_resources.rb +10 -0
data/test/dummy/db/migrate/20130220175258_create_standalone_resources.rb +10 -0
data/test/dummy/db/migrate/20130226145412_create_parent_resources.rb +10 -0
data/test/dummy/db/migrate/20130226151256_create_child_resources.rb +12 -0
data/test/dummy/db/migrate/20130226151256_create_child_resources.rb~ +12 -0
data/test/dummy/db/schema.rb +151 -0
data/test/dummy/db/seeds.rb +65 -0
data/test/dummy/lib/password.rb +58 -0
data/test/dummy/public/404.html +26 -0
data/test/dummy/public/422.html +26 -0
data/test/dummy/public/500.html +25 -0
data/test/dummy/public/favicon.ico +0 -0
data/test/dummy/script/rails +6 -0
data/test/dummy/test/fixtures/child_resources.yml +11 -0
data/test/dummy/test/fixtures/global_resources.yml +9 -0
data/test/dummy/test/fixtures/parent_resources.yml +9 -0
data/test/dummy/test/fixtures/standalone_resources.yml +9 -0
data/test/dummy/test/fixtures/user_groups.yml +9 -0
data/test/dummy/test/fixtures/users.yml +37 -0
data/test/dummy/test/functional/child_resources_controller_test.rb +49 -0
data/test/dummy/test/functional/global_resources_controller_test.rb +49 -0
data/test/dummy/test/functional/parent_resources_controller_test.rb +49 -0
data/test/dummy/test/functional/standalone_resources_controller_test.rb +49 -0
data/test/dummy/test/functional/user_groups_controller_test.rb +49 -0
data/test/dummy/test/functional/users_controller_test.rb +39 -0
data/test/dummy/test/unit/child_resource_test.rb +7 -0
data/test/dummy/test/unit/global_resource_test.rb +7 -0
data/test/dummy/test/unit/helpers/child_resources_helper_test.rb +4 -0
data/test/dummy/test/unit/helpers/global_resources_helper_test.rb +4 -0
data/test/dummy/test/unit/helpers/parent_resources_helper_test.rb +4 -0
data/test/dummy/test/unit/helpers/standalone_resources_helper_test.rb +4 -0
data/test/dummy/test/unit/helpers/user_groups_helper_test.rb +4 -0
data/test/dummy/test/unit/helpers/users_helper_test.rb +4 -0
data/test/dummy/test/unit/parent_resource_test.rb +7 -0
data/test/dummy/test/unit/standalone_resource_test.rb +7 -0
data/test/dummy/test/unit/user_group_test.rb +7 -0
data/test/dummy/test/unit/user_test.rb +7 -0
data/test/integration/alberich/permission_test.rb +7 -0
data/test/integration/alberich/privilege_test.rb +7 -0
data/test/integration/alberich/role_test.rb +7 -0
metadata +639 -0

data/app/models/alberich/privilege.rb ADDED

@@ -0,0 +1,29 @@
+module Alberich
+  class Privilege < ActiveRecord::Base
+    attr_accessible :action, :role, :role_id, :target_type
+    PERM_SET  = "set_perms"    # can create/modify/delete permission
+                               # records on this object
+    PERM_VIEW = "view_perms"   # can view permission records on this
+                               # object
+    CREATE    = "create"       # can create objects of this type here
+    MODIFY    = "modify"       # can modify objects of this type here
+    VIEW      = "view"         # can view objects of this type here
+    USE       = "use"          # can use objects of this type here
+    ACTIONS = [ CREATE, MODIFY, USE, VIEW,
+                PERM_SET, PERM_VIEW]
+    TARGET_TYPES = ["Alberich::BasePermissionObject"] +
+      Alberich.permissioned_object_classes +
+      Alberich.additional_privilege_scopes
+    belongs_to :role
+    validates_presence_of :role_id
+    validates_presence_of :target_type
+    validates_presence_of :action
+    validates_uniqueness_of :action, :scope => [:target_type, :role_id]
+    validates_inclusion_of :target_type, :in => TARGET_TYPES
+    validates_inclusion_of :action, :in => ACTIONS
+  end
+end

data/app/models/alberich/role.rb ADDED

@@ -0,0 +1,37 @@
+module Alberich
+  class Role < ActiveRecord::Base
+    VALID_SCOPES = ["Alberich::BasePermissionObject"] + Alberich.permissioned_object_classes
+    has_many :permissions, :dependent => :destroy
+    has_many :derived_permissions, :dependent => :destroy
+    has_many :privileges, :dependent => :destroy
+    attr_accessible :name, :assign_to_owner, :scope
+    validates_presence_of :scope
+    validates_presence_of :name
+    validates_uniqueness_of :name
+    validates_associated :privileges
+    validates_length_of :name, :maximum => 255
+    validates_inclusion_of :scope, :in => VALID_SCOPES
+    def privilege_target_types
+      privileges.collect {|x| x.target_type.constantize}.uniq
+    end
+    def privilege_target_match(obj_type)
+      (privilege_target_types & obj_type.active_privilege_target_types).any?
+    end
+    def self.all_by_scope
+      roles = self.all
+      role_hash = {}
+      roles.each do |role|
+        role_hash[role.scope] ||= []
+        role_hash[role.scope] << role
+      end
+      role_hash
+    end
+  end
+end

data/app/models/alberich/session_entity.rb ADDED

@@ -0,0 +1,15 @@
+module Alberich
+  class SessionEntity < ActiveRecord::Base
+    attr_accessible :entity_id, :permission_session_id, :user_id,
+                    :entity, :user
+    belongs_to :user
+    belongs_to :entity
+    belongs_to :permission_session
+    validates_presence_of :user_id
+    validates_presence_of :permission_session_id
+    validates_presence_of :entity_id
+    validates_uniqueness_of :entity_id, :scope => [:user_id, :permission_session_id]
+  end
+end

data/app/views/alberich/permissions/_form.html.haml ADDED

@@ -0,0 +1,27 @@
+= form_tag({:method => :post, :action => :create}) do
+  %table.flat.checkbox_table{ 'data-none_selected' => "none selected", 'data-confirm' => "are you sure?" }
+    %thead
+      %tr
+        - @header.each do |column|
+          - if column[:name] == 'checkbox'
+            %th{:class => column[:class]}= check_box_tag :select_all, true, false, :class => 'select_all'
+          -else
+            %th{:class => column[:class]}= column[:name]
+      - if !@entities.any?
+        %tr
+          %td{:colspan => @header.size}= "nothing here"
+    - @entities.each do |entity|
+      %tr{:class => cycle('nostripe','stripe')}
+        %td
+          -# - selected = params[:select] == 'all'
+          -#  = check_box_tag "entity_selected[]", entity.id, selected, :id => "entity_checkbox_#{entity.id}"
+        %td= link_to entity.name, main_app.url_for(entity.entity_target)
+        %td= select_tag "entity_role_selected[]", options_for_select([['', "#{entity.id},"]] + @roles.map {|r| [t(r.name, :scope=> :role_defs, :default => r.name), "#{entity.id},#{r.id}" ] }, :disabled => @permission_object.permissions.where(:entity_id=>entity.id).collect {|p| "#{entity.id},#{p.role.id}"}), :id => "entity_role_selected_#{entity.id}"
+  %fieldset.options
+    = hidden_field_tag :permission_object_type, @permission_object.class.name
+    = hidden_field_tag :permission_object_id, @permission_object.id
+    = hidden_field_tag :path_prefix, @path_prefix
+    = hidden_field_tag :use_tabs, @use_tabs
+    = submit_tag "Grant Access"
+    = link_to 'Cancel', @return_path, :class => 'button danger'

data/app/views/alberich/permissions/_list.html.haml ADDED

	@@ -0,0 +1 @@
1	+ = render :partial => 'permissions'

data/app/views/alberich/permissions/_objects.html.haml ADDED

@@ -0,0 +1,38 @@
+- content_for :permissions_form_header do
+  %span{:id => ("tab-container-1-nav" unless @inline)}
+    - if @show_inherited
+      %li= link_to "Direct Access", params.merge(:show_inherited => false, :page => 1), { :class => 'button primary', :id => 'direct_permission_button'}
+    - else
+      %li= link_to "Inherited Access", params.merge(:show_inherited => true, :page => 1), { :class => 'button primary', :id => 'inherited_permission_button'}
+= form_tag do
+  %div.controls
+    %ul.actions
+      = yield :permissions_form_header
+  %table.flat.checkbox_table{ 'data-none_selected' => "Please make a selection first.", 'data-confirm' => "Are you sure?" }
+    %thead
+      %tr
+        - @permission_list_header.each do |column|
+          - if column[:name] == 'checkbox'
+            - # checkboxes ignored for engine UI
+          -else
+            %th{:class => column[:class]}= column[:name]
+      - if !@permissions.any?
+        %tr
+          %td{:colspan => columns.size}= "No matching results"
+    - @permissions.each do |permission|
+      %tr{:class => cycle('nostripe','stripe')}
+        - if permission.permission_object.class == Alberich::BasePermissionObject
+          %td Global
+          %td
+        - else
+          %td= permission_object_type
+          %td= link_to permission.permission_object.name, permission.permission_object
+        %td= permission.role.name
+        - if not(@show_inherited) && check_privilege(Alberich::Privilege::PERM_SET)
+          %td= link_to 'Destroy', alberich.permission_path(permission), method: :delete, data: { confirm: 'Are you sure?' }
+        - if @show_inherited
+          - if permission.permission.permission_object.class == Alberich::BasePermissionObject
+            %td= t'permissions.global'
+          - else
+            %td= link_to permission.permission.permission_object.name, permission.permission.permission_object

data/app/views/alberich/permissions/_permissions.html.haml ADDED

@@ -0,0 +1,45 @@
+- has_admin_perms =  check_privilege(Alberich::Privilege::PERM_SET)
+- prevent_admin_deletion = has_admin_perms && !(@show_inherited || @show_global) && (@permission_object == Alberich::BasePermissionObject.general_permission_scope) && (Alberich::BasePermissionObject.global_admin_permission_count == 1)
+- content_for :permissions_form_header do
+  - if not(@show_inherited or @show_global) && check_privilege(Alberich::Privilege::PERM_SET)
+    %li= link_to "Grant Access", new_permission_path(:permission_object_type => @permission_object.class.name, :permission_object_id => @permission_object.id, :path_prefix => @path_prefix, :use_tabs => @use_tabs ? @use_tabs : (@tabs ? 'yes' : 'no')), { :class => 'button primary', :id => 'new_permission_button'}
+  %span{:id => ("tab-container-1-nav" unless @inline)}
+    - unless @permission_object == Alberich::BasePermissionObject.general_permission_scope
+      - if @show_inherited
+        %li= link_to "Direct Access", params.merge(:show_inherited => false, :show_global => false, :page => 1), { :class => 'button', :id => 'direct_permission_button'}
+        %li= link_to "Global Access", params.merge(:show_inherited => false, :show_global => true, :page => 1), { :class => 'button', :id => 'global_permission_button'}
+      - elsif @show_global
+        %li= link_to "Direct Accress", params.merge(:show_inherited => false, :show_global => false, :page => 1), { :class => 'button', :id => 'direct_permission_button'}
+        %li= link_to "Inherited Access", params.merge(:show_inherited => true, :show_global => false, :page => 1), { :class => 'button', :id => 'inherited_permission_button'}
+      - else
+        %li= link_to "Inherited Access", params.merge(:show_inherited => true, :show_global => false, :page => 1), { :class => 'button', :id => 'inherited_permission_button'}
+        %li= link_to "Global Access", params.merge(:show_inherited => false, :show_global => true, :page => 1), { :class => 'button', :id => 'global_permission_button'}
+= form_tag do
+  %div.controls
+    %ul.actions
+      = yield :permissions_form_header
+  %table.flat.checkbox_table{ 'data-none_selected' => "Please make a selection first.", 'data-confirm' => "Are you sure?" }
+    %thead
+      %tr
+        - @permission_list_header.each do |column|
+          - if column[:name] == 'checkbox'
+            - # checkboxes ignored for engine UI
+          -else
+            %th{:class => column[:class]}= column[:name]
+      - if !@permissions.any?
+        %tr
+          %td{:colspan => columns.size}= "No matching results"
+    - @permissions.each do |permission|
+      %tr{:class => cycle('nostripe','stripe')}
+        %td= permission.entity.entity_target.class.model_name.human
+        %td= link_to permission.entity.name, main_app.url_for(permission.entity.entity_target)
+        %td= permission.role.name
+        - if !(@show_inherited || @show_global) && has_admin_perms && !(prevent_admin_deletion && Alberich::BasePermissionObject.is_global_admin_perm(permission))
+          %td= link_to 'Destroy', permission, method: :delete, data: { confirm: 'Are you sure?' }
+        - if @show_inherited
+          %td= permission.permission.permission_object.name
+- if @permissions.respond_to?(:total_pages)
+  = render_pagination(@permissions)

data/app/views/alberich/permissions/index.html.haml ADDED

	@@ -0,0 +1,2 @@
1	+ %h1 Listing permissions
2	+ = render :partial => 'permissions'

data/app/views/alberich/permissions/new.html.haml ADDED

@@ -0,0 +1,5 @@
+%h1 New permission
+= render 'form'
+= link_to 'Back', permissions_path

data/app/views/alberich/permissions/show.html.haml ADDED

@@ -0,0 +1,12 @@
+%p#notice= notice
+%p
+  %b Role:
+  = @permission.role_id
+%p
+  %b Entity:
+  = @permission.entity_id
+= link_to 'Edit', edit_permission_path(@permission)
+\|
+= link_to 'Back', permissions_path

data/app/views/alberich/privileges/_form.html.haml ADDED

@@ -0,0 +1,19 @@
+= form_for @privilege do |f|
+  - if @privilege.errors.any?
+    #error_explanation
+      %h2= "#{pluralize(@privilege.errors.count, "error")} prohibited this privilege from being saved:"
+      %ul
+        - @privilege.errors.full_messages.each do |msg|
+          %li= msg
+  = f.hidden_field :role_id
+  .field
+    = f.label :target_type
+    .input
+      = f.select :target_type, @target_type_list
+  .field
+    = f.label :action
+    .input
+      = f.select :action, @action_list
+  .actions
+    = f.submit 'Save'

data/app/views/alberich/privileges/_list.html.haml ADDED

@@ -0,0 +1,17 @@
+%table
+  %tr
+    %th Target type
+    %th Action
+    %th
+    %th
+    %th
+  - privileges.each do |privilege|
+    %tr
+      %td= privilege.target_type
+      %td= privilege.action
+      %td= link_to 'Show', privilege
+      %td= link_to 'Edit', edit_privilege_path(privilege)
+      %td= link_to 'Destroy', privilege, method: :delete, data: { confirm: 'Are you sure?' }
+%br

data/app/views/alberich/privileges/create.html.haml ADDED

	@@ -0,0 +1,2 @@
1	+ %h1 Privileges#create
2	+ %p Find me in app/views/alberich/privileges/create.html.haml

data/app/views/alberich/privileges/destroy.html.haml ADDED

	@@ -0,0 +1,2 @@
1	+ %h1 Privileges#destroy
2	+ %p Find me in app/views/alberich/privileges/destroy.html.haml

data/app/views/alberich/privileges/edit.html.haml ADDED

@@ -0,0 +1,5 @@
+%h1 Editing privilege
+= render 'form'
+= link_to 'Back', role_path(@privilege.role)

data/app/views/alberich/privileges/index.html.haml ADDED

@@ -0,0 +1,5 @@
+%h1 Listing privileges
+= render :partial => 'list', :locals => { :privileges => @privileges }
+= link_to 'New Privilege', new_privilege_path

data/app/views/alberich/privileges/new.html.haml ADDED

@@ -0,0 +1,5 @@
+%h1= "New privilege for #{@privilege.role.name}"
+= render 'form'
+= link_to 'Back', role_path(@privilege.role)

data/app/views/alberich/privileges/show.html.haml ADDED

@@ -0,0 +1,12 @@
+%p#notice= notice
+%p
+  %b Target type:
+  = @privilege.target_type
+%p
+  %b Action:
+  = @privilege.action
+= link_to 'Edit', edit_privilege_path(@privilege)
+\|
+= link_to 'Back', privileges_path

data/app/views/alberich/privileges/update.html.haml ADDED

	@@ -0,0 +1,2 @@
1	+ %h1 Privileges#update
2	+ %p Find me in app/views/alberich/privileges/update.html.haml

data/app/views/alberich/roles/_form.html.haml ADDED

@@ -0,0 +1,24 @@
+= form_for(@role) do |f|
+  - if @role.errors.any?
+    %div#error_explanation
+      %h2= "#{pluralize(@role.errors.count, 'error')} prohibited this role from being saved:"
+      %ul
+      - @role.errors.full_messages.each do |msg|
+        %li= msg
+  %fieldset
+    .field
+      = f.label :name, :class => 'em'
+      .input
+        = f.text_field :name, :class => "em long"
+    .field
+      = f.label :scope, :class => 'em'
+      .input
+        = f.select :scope, @scope_list
+    .field
+      = f.label :assign_to_owner, :class => 'checkbox'
+      .input
+        = f.check_box :assign_to_owner
+  %div.actions
+    = f.submit

data/app/views/alberich/roles/edit.html.haml ADDED

@@ -0,0 +1,7 @@
+%h1 Editing role
+= render 'form'
+= link_to 'Show', @role
+|
+= link_to 'Back', roles_path

data/app/views/alberich/roles/index.html.haml ADDED

@@ -0,0 +1,23 @@
+%h1=t "Listing roles"
+%table
+  %tr
+    %th=t "Name"
+    %th=t "Scope"
+    %th=t "assign_to_owner"
+    %th
+    %th
+    %th
+  - @roles.each do |role|
+    %tr
+      %th= link_to role.name, role
+      %th= role.scope
+      %th= role.assign_to_owner
+      %th= link_to 'Show', role
+      %th= link_to 'Edit', edit_role_path(role)
+      %th= link_to 'Destroy', role, method: :delete, data: { confirm: 'Are you sure?' }, :id => "destroy_role_#{role.id}"
+%br
+= link_to 'New Role', new_role_path

data/app/views/alberich/roles/new.html.haml ADDED

@@ -0,0 +1,5 @@
+%h1 New role
+= render 'form'
+= link_to 'Back', roles_path

data/app/views/alberich/roles/show.html.haml ADDED

@@ -0,0 +1,16 @@
+%p#notice= notice
+%h1= @role.name
+%ul
+  %li= "Scope: #{@role.scope}"
+  %li= "Assign to Owner: #{@role.assign_to_owner}"
+  %li
+    %h2 Privileges
+    = render :partial => 'alberich/privileges/list', :locals => { :privileges => @role.privileges }
+    = link_to 'New Privilege', new_role_privilege_path(@role)
+= link_to 'Edit', edit_role_path(@role)
+|
+= link_to 'Back', roles_path

data/app/views/layouts/alberich/application.html.erb ADDED

@@ -0,0 +1,14 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <title>Alberich</title>
+  <%= stylesheet_link_tag    "alberich/application", :media => "all" %>
+  <%= javascript_include_tag "alberich/application" %>
+  <%= csrf_meta_tags %>
+</head>
+<body>
+<%= yield %>
+</body>
+</html>

data/config/initializers/haml.rb ADDED

	@@ -0,0 +1 @@
1	+ require 'haml'

data/config/routes.rb ADDED

@@ -0,0 +1,17 @@
+Alberich::Engine.routes.draw do
+  resources :permissions do
+    collection do
+      get :list
+      delete :multi_destroy
+      post :multi_update
+    end
+  end
+  resources :privileges
+  resources :roles do
+    resources :privileges
+  end
+end

data/db/migrate/20120925162242_create_alberich_roles.rb ADDED

@@ -0,0 +1,12 @@
+class CreateAlberichRoles < ActiveRecord::Migration
+  def change
+    create_table :alberich_roles do |t|
+      t.string  :name, :null => false
+      t.string  :scope, :null => false
+      t.integer :lock_version, :default => 0
+      t.boolean  :assign_to_owner, :default => false
+      t.timestamps
+    end
+  end
+end