authengine 0.0.2

data/app/views/authengine/users/_user.html.haml

@@ -0,0 +1,19 @@
+%tr{:class => "#{cycle('odd', 'even')}"}
+  %td= user.firstName
+  %td= user.lastName
+  %td= user.roles.map(&:name).join(', ')
+  %td= user.enabled ? 'yes' : 'no'
+  %td
+    - unless user == current_user
+      - if user.enabled
+        = link_to('disable', disable_authengine_user_path(user.id), :method => :put)
+      - else
+        = link_to('enable', enable_authengine_user_path(user.id), :method => :put)
+  %td= link_to "show", authengine_user_path(user)
+  %td
+    - unless user == current_user
+      = link_to "delete", [:authengine, user], :data => {:confirm => "are you sure you want to delete #{user.first_last_name} ?"}, :method => :delete
+  %td
+    - unless user == current_user
+      = link_to 'edit roles', authengine_user_user_roles_path(user)
+  %td= link_to 'edit profile', edit_authengine_user_path(user)

data/app/views/authengine/users/edit.html.haml

@@ -0,0 +1,24 @@
+%h2>Edit Profile
+- if @user.errors.any?
+  %ul
+    - @user.errors.full_messages.each do |msg|
+      %li=msg 
+
+= form_for @user, :url => requested_user_or_self, :html => { :method => :put } do |f|
+  %p 
+    First Name:
+    %br/
+    = f.text_field :firstName, :size => 60
+  %p 
+    Last Name:
+    %br/ 
+    = f.text_field :lastName, :size => 60
+  %p 
+    Email:
+    %br/
+    = f.text_field :email, :size => 60
+
+  - submit_or_return_to authengine_users_path
+
+%script{:type=>'text/javascript'}
+  document.getElementById('user_email').focus()

data/app/views/authengine/users/index.html.haml

@@ -0,0 +1,10 @@
+%h1 Database Users
+%table
+  %tr
+    %th First Name
+    %th Last Name
+    %th Role(s)
+    %th{:colspan=>"2"}Enabled?
+    %th{:colspan=>"4"}Manage
+  = render :partial => 'user', :collection => @users
+%p= link_to "New User", new_authengine_user_path

data/app/views/authengine/users/new.html.haml

@@ -0,0 +1,31 @@
+= message_block :on => [:user]
+
+%h1 Create a new user account:
+
+=form_for [:authengine, @user] do |f|
+  %table
+    %tr
+      %td
+        %label{:for=>"firstName"} First Name
+      %td= f.text_field :firstName
+
+    %tr
+      %td
+        %label{:for=>"lastName"} Last Name
+      %td= f.text_field :lastName
+
+    %tr
+      %td
+        %label{:for=>"email"} Email
+      %td= f.text_field :email
+
+    %tr
+      %td
+        %label{:for => "role_id"} Database access role
+      %td
+        = f.fields_for :user_roles do |role_form|
+          = role_form.collection_select(:role_id, @roles, :id, :name)
+
+  - submit_or_return_to(authengine_users_path)
+%script{:type=>'text/javascript'}
+  document.getElementById('user_firstName').focus()

data/app/views/authengine/users/show.html.haml

@@ -0,0 +1,19 @@
+%h2
+%table
+  %tr
+    %td User:
+    %td= @user.firstName+" "+@user.lastName
+  %tr
+    %td Login name:
+    %td= @user.login
+  %tr
+    %td email:
+    %td= @user.email
+  %tr
+    %td Joined on:
+    %td= @user.created_at.to_s(:long)
+  %tr
+    %td Role(s):
+    %td= @user.roles.map(&:name).join(", ")
+%br/
+= link_to "Back", :back

data/app/views/authengine/users/signup.html.haml

@@ -0,0 +1,52 @@
+:javascript
+  function check_policy(){
+    cb_count = 0
+    for(var i = 1; i<10; i++){
+      cb = document.getElementById("user_cb_cb"+i)
+      if(cb.checked){cb_count++}
+    }
+    if (cb_count == 9){return true}
+    else{alert("Please check all the checkboxes to signify your agreement to comply with the #{ORGANIZATION_NAME} Privacy Policy"); return false}
+  }
+  
+  function check_user_info(){
+    if(document.getElementById('user_login').value.length < 5){alert('Please enter a login name longer than 5 letters')}
+    else if(document.getElementById('user_email').value.length < 9 ){alert('Please enter a legitimate email address')}
+    else if(document.getElementById('user_password').value.length < 6){alert('Please select a password longer than 6 characters')}
+    else if(document.getElementById('user_password_confirmation').value != document.getElementById('user_password').value){alert('The two password fields don\'t match')}
+    else{
+      $(".user_info").css("display", "none")
+      $("#privacy_policy").css("display", "block")
+      }
+  }
+
+= message_block :on => :user
+= form_for :user, :url => {:action=>:activate, :activation_code=>session[:activation_code], :method=>:post}, :html=>{:onsubmit=>"return check_policy()"} do |f| 
+  .user_info
+    %h1 
+      Welcome #{@user.firstName} #{@user.lastName} to the #{APPLICATION_NAME || "database"}
+    %table
+      %tr
+        %td
+          %label{:for => "login" } Select a login name:
+        %td= f.text_field :login
+      %tr
+        %td
+          %label{:for => "email" } Your email address:
+        %td= f.text_field :email
+      %tr
+        %td
+          %label{:for => "password" } Select a login password:
+        %td= f.password_field :password
+      %tr
+        %td
+          %label{:for => "password_confirmation" } Re-enter your password to confirm:
+        %td= f.password_field :password_confirmation
+
+    %p
+  - begin
+    = render 'privacy_policy'
+  - rescue ActionView::MissingTemplate
+    = render 'no_privacy_policy'
+%script{:type=>'text/javascript'}
+  document.getElementById('user_login').focus()

data/authengine.gemspec

@@ -0,0 +1,44 @@
+# -*- encoding: utf-8 -*-
+$:.push File.expand_path("../lib", __FILE__)
+require "authengine/version"
+
+Gem::Specification.new do |s|
+  s.name        = "authengine"
+  s.version     = Authengine::VERSION
+  s.platform    = Gem::Platform::RUBY
+  s.authors     = ["Les Nightingill"]
+  s.email       = ["codehacker@comcast.net"]
+  s.homepage    = ""
+  s.summary     = %q{Unobtrusive authentication and authorization engine}
+  s.description = %q{A rails authentication and authorization engine that
+                    reduces clutter in your controllers and views.
+                    Includes aliased link_to and button_to helpers that return an empty string
+                    if the current user is not permitted to follow the link.
+                    Authorization configuration is removed from the controllers and instead
+                    is stored in the database and configured through html views.}
+
+  s.rubyforge_project = "authengine"
+
+  s.files         = `git ls-files`.split("\n")
+  s.test_files    = `git ls-files -- {test,spec,features}/*`.split("\n")
+  s.executables   = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
+  s.require_paths = ["lib"]
+
+  # one would think that these were development dependencies,
+  # but they are only installed when calling bundle from the
+  # host application if they are runtime dependencies! (bug?
+  # or misunderstanding?)
+  s.add_dependency 'rspec', '>= 2.0.0'
+  s.add_dependency 'rails', '~>3.2.5'
+  s.add_dependency 'sqlite3-ruby'
+  s.add_dependency 'capybara'
+  s.add_dependency 'rspec-rails', ">= 2.0.0"
+  s.add_dependency 'flexmock'
+  s.add_dependency 'faker'
+  s.add_dependency 'message_block'
+  s.add_dependency 'haml'
+  s.add_dependency 'factory_girl_rails'
+  s.add_dependency 'database_cleaner'
+  s.add_dependency 'jasmine'
+  s.add_dependency 'jasminerice'
+end

data/config/application.rb

@@ -0,0 +1 @@
+Dir.new(File.join(File.dirname(__FILE__), '../lib')).entries.each { |f| require f }

data/config/routes.rb

@@ -0,0 +1,43 @@
+Rails.application.routes.draw do
+  root :to => "authengine/sessions#new"
+
+  namespace :authengine do
+    resources :accounts
+    resources :actions
+    resources :useractions
+    resources :action_roles do
+      put 'update_all', :on => :collection
+    end
+
+    resources :sessions
+    resources :roles
+    resources :users do
+      resource :account
+      resources :user_roles do
+        collection do
+          get 'edit'
+          put 'update'
+        end
+      end
+
+      member do
+        put 'enable'
+        put 'disable'
+        put 'update_self'
+
+        match 'signup'
+      end
+
+      collection do
+        get 'edit_self'
+
+        match ':activation_code/activate' => 'users#activate', :via => :post
+      end
+    end
+
+    match '/activate(/:activation_code)' => "accounts#show", :as => :activate, :via => :get # actually activation_code is always required, but handling it as optional permits its absence to be communicated to the user as a flash message
+  end
+  match '/login' => "authengine/sessions#new"
+  match '/logout' => "authengine/sessions#destroy"
+
+end

data/db/migrate/20110320171029_create_authengine_tables.rb

@@ -0,0 +1,90 @@
+class CreateAuthengineTables < ActiveRecord::Migration
+  def self.up
+      
+    create_table "useractions", :force => true do |t|
+      t.integer  "user_id"
+      t.integer  "action_id"
+      t.string   "type"
+      t.text     "params"
+      t.timestamps
+    end
+
+    create_table "user_roles", :force => true do |t|
+      t.integer  "role_id",    :limit => 8, :null => false
+      t.integer  "user_id",    :limit => 8, :null => false
+      t.timestamps
+    end
+
+    create_table "roles", :force => true do |t|
+      t.string   "name"
+      t.string   "short_name"
+      t.timestamps
+    end
+
+    create_table "controllers", :force => true do |t|
+      t.string   "controller_name"
+      t.datetime "last_modified"
+      t.timestamps
+    end
+
+    create_table "action_roles", :force => true do |t|
+      t.integer  "role_id",    :limit => 8
+      t.integer  "action_id",  :limit => 8
+      t.timestamps
+    end
+
+    create_table "actions", :force => true do |t|
+      t.string   "action_name"
+      t.integer  "controller_id"
+      t.timestamps
+    end
+
+    create_table "users", :force => true do |t|
+      t.string   "login"
+      t.string   "email"
+      t.string   "crypted_password",          :limit => 40
+      t.string   "salt",                      :limit => 40
+      t.string   "remember_token"
+      t.datetime "remember_token_expires_at"
+      t.string   "activation_code",           :limit => 40
+      t.datetime "activated_at"
+      t.string   "password_reset_code",       :limit => 40
+      t.boolean  "enabled",                                 :default => true
+      t.string   "firstName"
+      t.string   "lastName"
+      t.string   "type"
+      t.string   "status"
+      t.timestamps
+    end
+
+    User.reset_column_information
+    user = User.create(:login => 'admin', 
+                :email => 'user@example.com',
+                :enabled => true,
+                :firstName => 'A',
+                :lastName => 'User')
+    user.update_attribute(:salt, '1641b615ad281759adf85cd5fbf17fcb7a3f7e87')
+    user.update_attribute(:activation_code, '9bb0db48971821563788e316b1fdd53dd99bc8ff')
+    user.update_attribute(:activated_at, DateTime.new(2011,1,1))
+    user.update_attribute(:crypted_password, '660030f1be7289571b0467b9195ff39471c60651')
+
+    # in the bootstrap scenario, give the administrative user enough
+    # access to be able to configure the access tables for admin and other users
+    role = Role.create(:name => 'developer')
+    Controller.update_table
+    Action.all.each { |a| role.actions << a  }
+    user.roles << role
+    user.save
+
+  end
+
+  def self.down
+    drop_table :useractions
+    drop_table :user_roles
+    drop_table :roles
+    drop_table :controllers
+    drop_table :action_roles
+    drop_table :actions
+    drop_table :users
+  end
+end

data/db/migrate/20110924165900_add_parent_id_to_roles_table.rb

@@ -0,0 +1,5 @@
+class AddParentIdToRolesTable < ActiveRecord::Migration
+  def change
+    add_column :roles, :parent_id, :integer, :default => nil
+  end
+end

data/db/migrate/20110925202800_add_type_field_to_user_roles_table.rb

@@ -0,0 +1,5 @@
+class AddTypeFieldToUserRolesTable < ActiveRecord::Migration
+  def change
+    add_column :user_roles, :type, :string, :default => 'PersistentUserRole'
+  end
+end

data/db/migrate/20111003074700_add_indexes_to_several_tables.rb

@@ -0,0 +1,7 @@
+class AddIndexesToSeveralTables < ActiveRecord::Migration
+  def change
+    add_index :actions, :action_name
+    add_index :controllers, :controller_name
+    add_index :users, :login
+  end
+end

data/db/seeds.rb

@@ -0,0 +1,7 @@
+# This file should contain all the record creation needed to seed the database with its default values.
+# The data can then be loaded with the rake db:seed (or created alongside the db with db:setup).
+#
+# Examples:
+#
+#   cities = City.create([{ :name => 'Chicago' }, { :name => 'Copenhagen' }])
+#   Mayor.create(:name => 'Daley', :city => cities.first)

data/lib/application_helper.rb

@@ -0,0 +1,19 @@
+module ApplicationHelper
+  def submit_or_return_to(return_path)
+    haml_tag :table, {:style => 'padding-top:30px'} do
+      haml_tag :tr do
+        haml_tag :td, {:width => '180px'} do
+          haml_tag :input, {:type => 'submit', :value => 'Save'}
+        end
+        haml_tag :td do
+          haml_tag :a, "Cancel", {:href => return_path}
+        end
+      end
+    end
+  end
+
+  def focus(input)
+    haml_tag :script, "$(function(){$('##{input}').focus()})"
+  end
+
+end

data/lib/authengine.rb

@@ -0,0 +1,5 @@
+module Authengine
+  require 'message_block'
+  require 'haml'
+  require 'authengine/engine'
+end

data/lib/authengine/engine.rb

@@ -0,0 +1,44 @@
+require 'authengine'
+require 'rails'
+require 'action_controller'
+require 'application_helper'
+
+module Authengine
+  class Engine < Rails::Engine
+
+    # Config defaults
+    config.widget_factory_name = "default factory name"
+    config.mount_at = '/'
+    config.active_record.observers = :user_observer
+
+    # Load rake tasks
+    #rake_tasks do
+      #load File.join(File.dirname(__FILE__), 'rails/railties/tasks.rake')
+    #end
+
+    # Check the gem config
+    initializer "check config" do |app|
+      # make sure mount_at ends with trailing slash
+      config.mount_at += '/'  unless config.mount_at.last == '/'
+    end
+
+    # serve static assets directly from the engine
+    initializer "static assets" do |app|
+      # need to move ActionDispatch::Static ahead of Rack::Sendfile as the 
+      # mod_xsendfile is apparently not installed on the Apache server
+      # see http://rack.rubyforge.org/doc/classes/Rack/Sendfile.html
+      # this was causing blank css files to be sent.
+      # 'root' here is the full path to the engine root
+      app.middleware.insert_before ::Rack::Lock, ::ActionDispatch::Static, "#{root}/public"
+      #app.middleware.use ::ActionDispatch::Static, "#{root}/public"
+    end
+
+    initializer "authengine.application_controller" do |app|
+      ActiveSupport.on_load(:action_controller) do
+        include AuthenticatedSystem
+        include AuthorizedSystem
+      end
+    end
+
+  end
+end