auth-assistant 0.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (64) hide show
  1. data/.DS_Store +0 -0
  2. data/.document +5 -0
  3. data/.gitignore +39 -0
  4. data/Changelog.txt +30 -0
  5. data/LICENSE +20 -0
  6. data/README.markdown +308 -0
  7. data/Rakefile +20 -0
  8. data/VERSION +1 -0
  9. data/app/.DS_Store +0 -0
  10. data/app/views/.DS_Store +0 -0
  11. data/app/views/auth_assist/menu/_admin_login_items.html.erb +11 -0
  12. data/app/views/auth_assist/menu/_login_items.html.erb +11 -0
  13. data/app/views/auth_assist/menu/_registration_items.html.erb +10 -0
  14. data/auth-assistant.gemspec +115 -0
  15. data/config/locales/en.yml +14 -0
  16. data/init.rb +1 -0
  17. data/lib/.DS_Store +0 -0
  18. data/lib/auth-assistant.rb +24 -0
  19. data/lib/auth_assistant/configure.rb +16 -0
  20. data/lib/auth_assistant/helpers/admin_role.rb +59 -0
  21. data/lib/auth_assistant/helpers/all.rb +4 -0
  22. data/lib/auth_assistant/helpers/localhost.rb +22 -0
  23. data/lib/auth_assistant/helpers/roles.rb +52 -0
  24. data/lib/auth_assistant/helpers/user_role.rb +47 -0
  25. data/lib/auth_assistant/model/user_config.rb +42 -0
  26. data/lib/auth_assistant/role_strategies/admin_field.rb +37 -0
  27. data/lib/auth_assistant/role_strategies/all.rb +7 -0
  28. data/lib/auth_assistant/role_strategies/multi_role_assignment.rb +34 -0
  29. data/lib/auth_assistant/role_strategies/role_assignment.rb +41 -0
  30. data/lib/auth_assistant/role_strategies/role_field.rb +32 -0
  31. data/lib/auth_assistant/role_strategies/roles_field.rb +31 -0
  32. data/lib/auth_assistant/role_strategies/roles_mask.rb +35 -0
  33. data/lib/auth_assistant/role_strategies/shared.rb +25 -0
  34. data/lib/auth_assistant/translate/authlabels.rb +23 -0
  35. data/lib/auth_assistant/view/all.rb +4 -0
  36. data/lib/auth_assistant/view/auth_menu_item.rb +27 -0
  37. data/lib/auth_assistant/view/registration_link.rb +30 -0
  38. data/lib/auth_assistant/view/rest_link.rb +70 -0
  39. data/lib/auth_assistant/view/session_link.rb +31 -0
  40. data/lib/generators/.DS_Store +0 -0
  41. data/lib/generators/auth_assist/.DS_Store +0 -0
  42. data/lib/generators/auth_assist/clear/clear_generator.rb +30 -0
  43. data/lib/generators/auth_assist/config/.DS_Store +0 -0
  44. data/lib/generators/auth_assist/config/config_generator.rb +72 -0
  45. data/lib/generators/auth_assist/templates/ability.rb +22 -0
  46. data/lib/generators/auth_assist/templates/auth_assistant.rb +6 -0
  47. data/lib/generators/auth_assist/templates/permits.rb +91 -0
  48. data/lib/generators/auth_assist/templates/remove_multi_role_assignments_migration.rb +24 -0
  49. data/lib/generators/auth_assist/templates/remove_role_assignments_migration.rb +17 -0
  50. data/lib/generators/auth_assist/templates/role_assignments_migration.rb +14 -0
  51. data/lib/generators/auth_assist/templates/roles_migration.rb +13 -0
  52. data/lib/generators/auth_assist/test.rb +40 -0
  53. data/lib/generators/auth_assist/views/views_generator.rb +66 -0
  54. data/lib/generators/auth_code_refactor.rb +71 -0
  55. data/lib/generators/migration_helper.rb +81 -0
  56. data/lib/generators/reverse_migrations.rb +48 -0
  57. data/lib/generators/role_migrations.rb +167 -0
  58. data/lib/permits.rb +92 -0
  59. data/spec/auth-assistant_spec.rb +7 -0
  60. data/spec/generators/ability_gen_spec.rb +9 -0
  61. data/spec/sandbox.rb +9 -0
  62. data/spec/spec.opts +1 -0
  63. data/spec/spec_helper.rb +11 -0
  64. metadata +167 -0
@@ -0,0 +1,72 @@
1
+ require 'generators/migration_helper'
2
+ require 'generators/role_migrations'
3
+ require 'auth_assistant/model/user_config'
4
+
5
+ module AuthAssist
6
+ module Generators
7
+ class ConfigGenerator < Rails::Generators::NamedBase
8
+ desc "Generates user role migration and matching auth configuration initializer"
9
+
10
+ class_option :devise, :type => :boolean, :aliases => "-d", :default => false,
11
+ :desc => "Initialize devise."
12
+
13
+ class_option :admin, :type => :boolean, :aliases => "-a", :default => false,
14
+ :desc => "Creae admin user."
15
+
16
+
17
+ class_option :migration, :type => :boolean, :aliases => "-m", :default => true,
18
+ :desc => "To generate a user role migration."
19
+
20
+ def self.source_root
21
+ @source_root ||= File.expand_path("../../templates", __FILE__)
22
+ end
23
+
24
+ def init_devise
25
+ return if !options[:devise]
26
+ run 'rails g devise_install'
27
+ run 'rails g devise User'
28
+ end
29
+
30
+ def create_initializer
31
+ # prefixing with x should make sure it is run after devise initializer
32
+ template "auth_assistant.rb", "config/initializers/x_auth_assistant.rb"
33
+ end
34
+
35
+ def create_ability_model
36
+ copy_file 'ability.rb', 'app/models/ability.rb'
37
+ copy_file 'permits.rb', 'lib/permits.rb'
38
+ end
39
+
40
+ def create_admin_user
41
+ return if !options[:admin]
42
+ run 'rails g devise Admin' if options[:admin]
43
+ # use STI
44
+ gsub_file 'app/models/admin.rb', /ActiveRecord::Base/, 'User'
45
+ end
46
+
47
+ def copy_locale
48
+ locale_file = File.expand_path("../../../../../config/locales/en.yml", __FILE__)
49
+ puts locale_file
50
+ copy_file locale_file, "config/locales/auth_assist.en.yml"
51
+ end
52
+
53
+ def run_migration
54
+ clear_user_relations
55
+ return nil if !options[:migration]
56
+ clazz = AuthAssist::RoleMigrations.clazz(name)
57
+ mig_obj = clazz.new(self)
58
+ mig_obj.run_migration
59
+ mig_obj.configure
60
+ end
61
+
62
+ def self.banner
63
+ "#{$0} auth_assist:config strategy [admin_field, role_field, roles_field, roles_mask, role_assignment, multi_role_assignment]"
64
+ end
65
+
66
+ protected
67
+ include ::AuthAssist::MigrationHelper
68
+ include ::AuthAssist::RoleMigrations
69
+
70
+ end
71
+ end
72
+ end
@@ -0,0 +1,22 @@
1
+ class Ability
2
+ include CanCan::Ability
3
+
4
+ def self.role_permits
5
+ @role_permits if @role_permits
6
+
7
+ # use inject ?
8
+ @role_permits ||= []
9
+ ['Admin', 'User', 'Author'].each do |role|
10
+ # set up each RolePermit instance to share this same Ability so that the can and cannot operations work on the same permission collection!
11
+ @role_permits << Kernel.const_get("RolePermit::#{role}").new(self)
12
+ end
13
+ @role_permits
14
+ end
15
+
16
+ def initialize(user, request)
17
+ # put ability logic here!
18
+ user ||= User.new # guest
19
+ Ability.role_permits.each{|rp| rp.permit?(user, request) }
20
+ end
21
+ end
22
+
@@ -0,0 +1,6 @@
1
+ require 'auth-assistant'
2
+ require 'permits'
3
+
4
+ AuthAssistant.configure do
5
+ role_strategy = <%= AuthAssistant::Configuration.instance.strategy(name).to_sym.inspect %>
6
+ end
@@ -0,0 +1,91 @@
1
+ module RolePermit
2
+
3
+ class Base
4
+ attr_accessor :ability
5
+
6
+ def initialize(ability)
7
+ @ability = ability
8
+ end
9
+
10
+ def permit?(user, request)
11
+ user.has ability
12
+ end
13
+
14
+ def can(action, subject, conditions = nil, &block)
15
+ ability.can_definitions << CanDefinition.new(true, action, subject, conditions, block)
16
+ end
17
+
18
+ def cannot(action, subject, conditions = nil, &block)
19
+ ability.can_definitions << CanDefinition.new(false, action, subject, conditions, block)
20
+ end
21
+
22
+ def owns(user, clazz, field = :user_id)
23
+ can :manage, clazz, field => user.id
24
+ end
25
+
26
+ end
27
+
28
+ class Admin < Base
29
+ def initialize(ability)
30
+ super
31
+ end
32
+
33
+ def permit?(user, request)
34
+ super
35
+ return if !user.role? :admin
36
+ can :manage, :all
37
+ end
38
+ end
39
+
40
+ class User < Base
41
+ def initialize(ability)
42
+ super
43
+ end
44
+
45
+ def permit?(user, request)
46
+ super
47
+ return if user.role? :admin
48
+ can :read, :all
49
+
50
+ # user.owns(Comment)
51
+
52
+ # a user can manage comments he/she created
53
+ # can :manage, Comment do |comment|
54
+ # comment.try(:user) == user
55
+ # end
56
+
57
+ # can :create, Comment
58
+ end
59
+ end
60
+
61
+ class Moderator < Base
62
+ def initialize(ability)
63
+ super
64
+ end
65
+
66
+ def permit?(user, request)
67
+ super
68
+ return if !user.role?(:moderator)
69
+ can :read, :all
70
+ # owns(user, Comment)
71
+ end
72
+ end
73
+
74
+
75
+ class Author < Base
76
+ def initialize(ability)
77
+ super
78
+ end
79
+
80
+ def permit?(user)
81
+ super
82
+ return if !user.role? :author
83
+ # can :create, Post
84
+
85
+ # an author can manage posts he/she created
86
+ # can :update, Post do |post|
87
+ # post.try(:user) == user
88
+ # end
89
+ end
90
+ end
91
+ end
@@ -0,0 +1,24 @@
1
+ class CreateMultiRoleAssignments < ActiveRecord::Migration
2
+ def self.down
3
+ create_table :role_assignments do |t|
4
+ t.integer :user_id
5
+ t.integer :role_id
6
+ t.timestamps
7
+ end
8
+
9
+ create_table :roles do |t|
10
+ t.string :name
11
+ t.timestamps
12
+ end
13
+
14
+ add_column :users, :role_assignment_id, :integer
15
+
16
+ end
17
+
18
+ def self.up
19
+ drop_table :role_assignments
20
+ drop_table :roles
21
+ remove_column :users, :role_assignment_id
22
+ end
23
+
24
+ end
@@ -0,0 +1,17 @@
1
+ class CreateRoleAssignments < ActiveRecord::Migration
2
+ def self.down
3
+ create_table :roles do |t|
4
+ t.string :name
5
+ t.timestamps
6
+ end
7
+
8
+ add_column :users, :role_id, :integer
9
+
10
+ end
11
+
12
+ def self.up
13
+ drop_table :roles
14
+ remove_column :users, :role_id
15
+ end
16
+
17
+ end
@@ -0,0 +1,14 @@
1
+ class CreateRoleAssignments < ActiveRecord::Migration
2
+ def self.up
3
+ create_table :role_assignments do |t|
4
+ t.integer :user_id
5
+ t.integer :role_id
6
+
7
+ t.timestamps
8
+ end
9
+ end
10
+
11
+ def self.down
12
+ drop_table :role_assignments
13
+ end
14
+ end
@@ -0,0 +1,13 @@
1
+ class CreateRoles < ActiveRecord::Migration
2
+ def self.up
3
+ create_table :roles do |t|
4
+ t.integer :role_id
5
+
6
+ t.timestamps
7
+ end
8
+ end
9
+
10
+ def self.down
11
+ drop_table :role_assignments
12
+ end
13
+ end
@@ -0,0 +1,40 @@
1
+ module RolePermit
2
+
3
+ class Base
4
+ attr_accessor :ability
5
+
6
+ def initialize(ability)
7
+ @ability = ability
8
+ end
9
+
10
+ def permit?(user)
11
+ puts "Base Permit"
12
+ end
13
+ end
14
+
15
+ class Admin < Base
16
+ def initialize(ability)
17
+ super
18
+ end
19
+
20
+ def permit?(user)
21
+ super
22
+ puts "Admin"
23
+ end
24
+ end
25
+
26
+ class User < Base
27
+ def initialize(ability)
28
+ super
29
+ end
30
+
31
+ def permit?(user)
32
+ super
33
+ puts "User"
34
+ end
35
+ end
36
+ end
37
+
38
+
39
+ RolePermit::Admin.new(0).permit? 0
40
+ RolePermit::User.new(0).permit? 0
@@ -0,0 +1,66 @@
1
+ module AuthAssist
2
+ module Generators
3
+ class ViewsGenerator < Rails::Generators::Base
4
+ desc "Copies all AuthAssist views to your application."
5
+
6
+ argument :scope, :required => false, :default => nil,
7
+ :desc => "The scope to copy views to"
8
+
9
+ class_option :template_engine, :type => :string, :aliases => "-t", :default => "erb",
10
+ :desc => "Template engine for the views. Available options are 'erb' and 'haml'."
11
+
12
+ def self.source_root
13
+ @_devise_source_root ||= File.expand_path("../../../../app/views", __FILE__)
14
+ end
15
+
16
+ def copy_views
17
+ case options[:template_engine]
18
+ when "haml"
19
+ verify_haml_existence
20
+ verify_haml_version
21
+ create_and_copy_haml_views
22
+ else
23
+ directory "auth_assist", "app/views/#{scope || 'devise'}"
24
+ end
25
+ end
26
+
27
+ protected
28
+
29
+ def verify_haml_existence
30
+ begin
31
+ require 'haml'
32
+ rescue LoadError
33
+ say "HAML is not installed, or it is not specified in your Gemfile."
34
+ exit
35
+ end
36
+ end
37
+
38
+ def verify_haml_version
39
+ unless Haml.version[:major] == 2 and Haml.version[:minor] >= 3 or Haml.version[:major] >= 3
40
+ say "To generate HAML templates, you need to install HAML 2.3 or above."
41
+ exit
42
+ end
43
+ end
44
+
45
+ def create_and_copy_haml_views
46
+ require 'tmpdir'
47
+ html_root = "#{self.class.source_root}/auth_assist"
48
+
49
+ Dir.mktmpdir("auth_assist-haml.") do |haml_root|
50
+ Dir["#{html_root}/**/*"].each do |path|
51
+ relative_path = path.sub(html_root, "")
52
+ source_path = (haml_root + relative_path).sub(/erb$/, "haml")
53
+
54
+ if File.directory?(path)
55
+ FileUtils.mkdir_p(source_path)
56
+ else
57
+ `html2haml -r #{path} #{source_path}`
58
+ end
59
+ end
60
+
61
+ directory haml_root, "app/views/#{scope || 'devise'}"
62
+ end
63
+ end
64
+ end
65
+ end
66
+ end
@@ -0,0 +1,71 @@
1
+ module AuthAssist
2
+ module MigrationHelper
3
+ module CodeRefactor
4
+
5
+ # erase
6
+ def clear_user_relations
7
+ erase_in_user(has_roles_through_assignments)
8
+ erase_in_user(has_roles)
9
+ erase_in_user(has_role_assignments)
10
+ end
11
+
12
+ def erase_in_user(txt)
13
+ file = File.new(model_file('user'))
14
+ return if !(file.read =~ /#{txt}/)
15
+ gsub_file model_file('user'), /#{Regexp.escape(txt + "\n")}/, ''
16
+ end
17
+
18
+
19
+ # insert
20
+ def write_model_file(name, content)
21
+ File.open(model_file(name), 'w+') do |f|
22
+ f.write(content)
23
+ end
24
+ end
25
+
26
+ def insert_user_relation(relation)
27
+ file = File.new(model_file('user'))
28
+ return if (file.read =~ /#{relation}/)
29
+ gsub_file model_file('user'), /class User < ActiveRecord::Base/ do |match|
30
+ match << "\n #{relation}"
31
+ end
32
+ end
33
+
34
+ def remove_user_relation(relation)
35
+ erase_in_user(relation)
36
+ end
37
+
38
+
39
+ # refactor code
40
+ def has_role_assignments
41
+ 'has_many :role_assignments'
42
+ end
43
+
44
+ def has_roles_through_assignments
45
+ 'has_many :roles, :through => :role_assignments'
46
+ end
47
+
48
+ def has_roles
49
+ 'has_many :roles'
50
+ end
51
+
52
+ def role_file_content
53
+ %q{
54
+ class Role < ActiveRecord::Base
55
+ has_many :role_assignments
56
+ has_many :users, :through => :role_assignments
57
+ end
58
+ }
59
+ end
60
+
61
+ def role_assignment_file_content
62
+ %q{
63
+ class RoleAssignment < ActiveRecord::Base
64
+ belongs_to :user
65
+ belongs_to :role
66
+ end
67
+ }
68
+ end
69
+ end
70
+ end
71
+ end