authengine 0.0.2
Sign up to get free protection for your applications and to get access to all the features.
- data/.gitignore +10 -0
- data/.rspec +1 -0
- data/Gemfile +4 -0
- data/README.md +86 -0
- data/Rakefile +31 -0
- data/app/assets/images/message_block/back.gif +0 -0
- data/app/assets/images/message_block/back_m.gif +0 -0
- data/app/assets/images/message_block/confirmation.gif +0 -0
- data/app/assets/images/message_block/confirmation_m.gif +0 -0
- data/app/assets/images/message_block/error.gif +0 -0
- data/app/assets/images/message_block/error_m.gif +0 -0
- data/app/assets/images/message_block/info.gif +0 -0
- data/app/assets/images/message_block/info_m.gif +0 -0
- data/app/assets/images/message_block/notice.gif +0 -0
- data/app/assets/images/message_block/notice_m.gif +0 -0
- data/app/assets/images/message_block/warn.gif +0 -0
- data/app/assets/images/message_block/warn_m.gif +0 -0
- data/app/assets/stylesheets/authengine.css +3 -0
- data/app/assets/stylesheets/message_block.css +45 -0
- data/app/controllers/authengine/accounts_controller.rb +56 -0
- data/app/controllers/authengine/action_roles_controller.rb +22 -0
- data/app/controllers/authengine/actions_controller.rb +17 -0
- data/app/controllers/authengine/roles_controller.rb +35 -0
- data/app/controllers/authengine/sessions_controller.rb +75 -0
- data/app/controllers/authengine/user_roles_controller.rb +55 -0
- data/app/controllers/authengine/useractions_controller.rb +17 -0
- data/app/controllers/authengine/users_controller.rb +137 -0
- data/app/helpers/application_helper.rb +2 -0
- data/app/helpers/authengine/users_helper.rb +11 -0
- data/app/helpers/roles_helper.rb +2 -0
- data/app/mailers/authengine/user_mailer.rb +53 -0
- data/app/models/action.rb +54 -0
- data/app/models/action_role.rb +29 -0
- data/app/models/authenticated_system.rb +179 -0
- data/app/models/authorized_system.rb +41 -0
- data/app/models/controller.rb +124 -0
- data/app/models/role.rb +71 -0
- data/app/models/session.rb +3 -0
- data/app/models/session_role.rb +17 -0
- data/app/models/user.rb +191 -0
- data/app/models/user_observer.rb +14 -0
- data/app/models/user_role.rb +4 -0
- data/app/models/useraction.rb +56 -0
- data/app/views/authengine/accounts/edit.html.erb +19 -0
- data/app/views/authengine/actions/create.html.erb +2 -0
- data/app/views/authengine/actions/destroy.html.erb +2 -0
- data/app/views/authengine/actions/edit.html.erb +80 -0
- data/app/views/authengine/actions/index.html.haml +26 -0
- data/app/views/authengine/actions/new.html.erb +2 -0
- data/app/views/authengine/actions/show.html.erb +8 -0
- data/app/views/authengine/actions/update.html.erb +11 -0
- data/app/views/authengine/admin/_show.html.haml +5 -0
- data/app/views/authengine/layouts/authengine.html.haml +9 -0
- data/app/views/authengine/roles/index.html.haml +12 -0
- data/app/views/authengine/roles/new.html.haml +15 -0
- data/app/views/authengine/roles/show.html.erb +8 -0
- data/app/views/authengine/sessions/new.html.haml +18 -0
- data/app/views/authengine/user_mailer/activation.html.erb +5 -0
- data/app/views/authengine/user_mailer/forgot_password.html.erb +3 -0
- data/app/views/authengine/user_mailer/message_to_admin.html.erb +2 -0
- data/app/views/authengine/user_mailer/reset_password.html.erb +1 -0
- data/app/views/authengine/user_mailer/signup_notification.html.erb +5 -0
- data/app/views/authengine/user_roles/edit.html.haml +10 -0
- data/app/views/authengine/user_roles/index.html.haml +14 -0
- data/app/views/authengine/user_roles/new.html.haml +8 -0
- data/app/views/authengine/useractions/_useraction.html.erb +6 -0
- data/app/views/authengine/useractions/index.html.erb +13 -0
- data/app/views/authengine/useractions/show.html.haml +14 -0
- data/app/views/authengine/useractions/update.html.erb +2 -0
- data/app/views/authengine/users/_no_privacy_policy.html.haml +1 -0
- data/app/views/authengine/users/_privacy_policy_example.html.haml +36 -0
- data/app/views/authengine/users/_user.html.haml +19 -0
- data/app/views/authengine/users/edit.html.haml +24 -0
- data/app/views/authengine/users/index.html.haml +10 -0
- data/app/views/authengine/users/new.html.haml +31 -0
- data/app/views/authengine/users/show.html.haml +19 -0
- data/app/views/authengine/users/signup.html.haml +52 -0
- data/authengine.gemspec +44 -0
- data/config/application.rb +1 -0
- data/config/routes.rb +43 -0
- data/db/migrate/20110320171029_create_authengine_tables.rb +90 -0
- data/db/migrate/20110924165900_add_parent_id_to_roles_table.rb +5 -0
- data/db/migrate/20110925202800_add_type_field_to_user_roles_table.rb +5 -0
- data/db/migrate/20111003074700_add_indexes_to_several_tables.rb +7 -0
- data/db/seeds.rb +7 -0
- data/lib/application_helper.rb +19 -0
- data/lib/authengine.rb +5 -0
- data/lib/authengine/engine.rb +44 -0
- data/lib/authengine/testing_support/factories/user_factory.rb +13 -0
- data/lib/authengine/version.rb +3 -0
- data/lib/rails/generators/authengine/authengine_generator.rb +160 -0
- data/lib/rails/generators/authengine/templates/initializer.rb +3 -0
- data/lib/rails/generators/authengine/templates/migration.rb +16 -0
- data/lib/rails/generators/authengine/templates/pre_populate_database.rb +20 -0
- data/lib/rails/generators/authengine/templates/schema.rb +69 -0
- data/lib/tasks/bootstrap.rake +29 -0
- data/spec/authengine_spec.rb +7 -0
- data/spec/dummy/.rspec +1 -0
- data/spec/dummy/Gemfile +3 -0
- data/spec/dummy/Rakefile +8 -0
- data/spec/dummy/app/assets/javascripts/jasmine_examples/Player.js +22 -0
- data/spec/dummy/app/assets/javascripts/jasmine_examples/Song.js +7 -0
- data/spec/dummy/app/controllers/application_controller.rb +3 -0
- data/spec/dummy/app/helpers/application_helper.rb +2 -0
- data/spec/dummy/app/views/layouts/application.html.erb +14 -0
- data/spec/dummy/config.ru +4 -0
- data/spec/dummy/config/application.rb +50 -0
- data/spec/dummy/config/boot.rb +10 -0
- data/spec/dummy/config/database.yml +22 -0
- data/spec/dummy/config/environment.rb +5 -0
- data/spec/dummy/config/environments/development.rb +26 -0
- data/spec/dummy/config/environments/production.rb +49 -0
- data/spec/dummy/config/environments/test.rb +35 -0
- data/spec/dummy/config/initializers/application.rb +1 -0
- data/spec/dummy/config/initializers/backtrace_silencers.rb +7 -0
- data/spec/dummy/config/initializers/inflections.rb +10 -0
- data/spec/dummy/config/initializers/mime_types.rb +5 -0
- data/spec/dummy/config/initializers/secret_token.rb +7 -0
- data/spec/dummy/config/initializers/session_store.rb +8 -0
- data/spec/dummy/config/locales/en.yml +5 -0
- data/spec/dummy/config/routes.rb +3 -0
- data/spec/dummy/db/development.sqlite3 +0 -0
- data/spec/dummy/db/schema.rb +87 -0
- data/spec/dummy/lib/constants.rb +5 -0
- data/spec/dummy/log/development.log +117 -0
- data/spec/dummy/log/production.log +0 -0
- data/spec/dummy/log/server.log +0 -0
- data/spec/dummy/public/404.html +26 -0
- data/spec/dummy/public/422.html +26 -0
- data/spec/dummy/public/500.html +26 -0
- data/spec/dummy/public/favicon.ico +0 -0
- data/spec/dummy/public/javascripts/application.js +2 -0
- data/spec/dummy/public/javascripts/controls.js +965 -0
- data/spec/dummy/public/javascripts/dragdrop.js +974 -0
- data/spec/dummy/public/javascripts/effects.js +1123 -0
- data/spec/dummy/public/javascripts/prototype.js +6001 -0
- data/spec/dummy/public/javascripts/rails.js +191 -0
- data/spec/dummy/public/stylesheets/.gitkeep +0 -0
- data/spec/dummy/script/rails +6 -0
- data/spec/dummy/spec/javascripts/helpers/.gitkeep +0 -0
- data/spec/dummy/spec/javascripts/helpers/SpecHelper.js +9 -0
- data/spec/dummy/spec/javascripts/jasmine_examples/PlayerSpec.js +58 -0
- data/spec/dummy/spec/javascripts/support/jasmine.yml +76 -0
- data/spec/generators/authengine_generator_spec.rb +11 -0
- data/spec/integration/navigation_spec.rb +9 -0
- data/spec/javascripts/spec.css +3 -0
- data/spec/javascripts/spec.js.coffee +2 -0
- data/spec/models/action_role_spec.rb +59 -0
- data/spec/models/authenticated_system_spec.rb +109 -0
- data/spec/models/role_spec.rb +38 -0
- data/spec/models/user_factory_spec.rb +7 -0
- data/spec/models/user_spec.rb +16 -0
- data/spec/requests/sessions_spec.rb +11 -0
- data/spec/spec_helper.rb +57 -0
- metadata +405 -0
data/.gitignore
ADDED
data/.rspec
ADDED
@@ -0,0 +1 @@
|
|
1
|
+
--color
|
data/Gemfile
ADDED
data/README.md
ADDED
@@ -0,0 +1,86 @@
|
|
1
|
+
# Usage
|
2
|
+
|
3
|
+
Add authengine to your Gemfile:
|
4
|
+
|
5
|
+
gem 'authengine'
|
6
|
+
|
7
|
+
And in the host application run:
|
8
|
+
|
9
|
+
bundle install
|
10
|
+
|
11
|
+
In config/application.rb, configure the generator for haml by including:
|
12
|
+
|
13
|
+
config.generators do |g|
|
14
|
+
# Configure haml to be the default templating engine for generators
|
15
|
+
g.template_engine :haml
|
16
|
+
end
|
17
|
+
|
18
|
+
Then copy the authengine migrations and initializer to your application and modify your application.html.rb to use the authengine with:
|
19
|
+
|
20
|
+
rails generate authengine
|
21
|
+
|
22
|
+
The database is initialized with the default username: admin and password: password be sure to delete this user once the real administrator has been created.
|
23
|
+
|
24
|
+
When logged in, the preconfigured admin user is assigned to the 'developer' role, which grants permissions to all controllers and actions. Additional users, roles and permissions may then be granted.
|
25
|
+
|
26
|
+
# Layout
|
27
|
+
|
28
|
+
The content for the authengine views is rendered as:
|
29
|
+
|
30
|
+
content_for(:authengine_logout) # for the logout link
|
31
|
+
|
32
|
+
and:
|
33
|
+
|
34
|
+
content_for(:authengine) # for the main page content
|
35
|
+
|
36
|
+
In your layouts/application.html.haml template, include these view components by including:
|
37
|
+
|
38
|
+
= yield(:authengine_logout)
|
39
|
+
|
40
|
+
and to include both the application content and the authengine content:
|
41
|
+
|
42
|
+
= content_for?(authengine) ? yield(:authengine) : yield
|
43
|
+
|
44
|
+
In order to include the Administration and Logout links in pages that are not produced by authengine, include in the head element of your application.html.haml layout file:
|
45
|
+
|
46
|
+
= stylesheet_link_tag "authengine"
|
47
|
+
|
48
|
+
# Admin_logout helper
|
49
|
+
|
50
|
+
A helper is available called admin_logout, which should be included in all views.
|
51
|
+
|
52
|
+
For non administrative users, it renders a logout link. For administrative users, it renders both a link to the admin portal, and also a logout link.
|
53
|
+
|
54
|
+
The admin and logout links are wrapped in a div#authengine_logout to facilitate styling and positioning.
|
55
|
+
|
56
|
+
# Roles
|
57
|
+
|
58
|
+
When a user is logged in with a role that matches (case insensitive) 'admin' (e.g. Administrator, foo_admin), they will be able to see the link to the administration portal, which is a menu of links to other administration pages.
|
59
|
+
|
60
|
+
# Application Name
|
61
|
+
|
62
|
+
The name of the application is used in some views, and particularly in user activation emails, set the constant APPLICATION_NAME to your own application's name.
|
63
|
+
|
64
|
+
# Privacy Policy
|
65
|
+
|
66
|
+
If you wish to have new users read and agree to a privacy policy, then the policy should be included in app/views/authengine/users/_privacy_policy.html.haml of your application. A template is copied into this directory when the authengine generator is run. Delete this template if you do not want the user to see it.
|
67
|
+
|
68
|
+
# Testing
|
69
|
+
|
70
|
+
In the head section of your application's application.html.haml layout file, include
|
71
|
+
|
72
|
+
- content_for :head
|
73
|
+
|
74
|
+
This will include a javascript snippet that facilitates integration testing with cucumber/capybara. The script 'bypasses' any js calls to alert or confirm.
|
75
|
+
|
76
|
+
# Rspec tests
|
77
|
+
|
78
|
+
cd into the root directory of the application and run
|
79
|
+
|
80
|
+
bundle exec rspec
|
81
|
+
|
82
|
+
# TODO
|
83
|
+
|
84
|
+
* describe feature testing
|
85
|
+
* describe application_controller before_filter
|
86
|
+
* copy message_block images in generator
|
data/Rakefile
ADDED
@@ -0,0 +1,31 @@
|
|
1
|
+
#!/usr/bin/env rake
|
2
|
+
|
3
|
+
require 'rubygems'
|
4
|
+
begin
|
5
|
+
require 'bundler/setup'
|
6
|
+
rescue LoadError
|
7
|
+
puts 'You must `gem install bundler` and `bundle install` to run rake tasks'
|
8
|
+
end
|
9
|
+
|
10
|
+
require 'rake'
|
11
|
+
require 'rake/rdoctask'
|
12
|
+
|
13
|
+
require 'rspec/core'
|
14
|
+
require 'rspec/core/rake_task'
|
15
|
+
|
16
|
+
RSpec::Core::RakeTask.new(:spec)
|
17
|
+
|
18
|
+
task :default => :spec
|
19
|
+
|
20
|
+
Rake::RDocTask.new(:rdoc) do |rdoc|
|
21
|
+
rdoc.rdoc_dir = 'rdoc'
|
22
|
+
rdoc.title = 'Authengine'
|
23
|
+
rdoc.options << '--line-numbers' << '--inline-source'
|
24
|
+
rdoc.rdoc_files.include('README.rdoc')
|
25
|
+
rdoc.rdoc_files.include('lib/**/*.rb')
|
26
|
+
end
|
27
|
+
# Add your own tasks in files placed in lib/tasks ending in .rake,
|
28
|
+
# for example lib/tasks/capistrano.rake, and they will automatically be available to Rake.
|
29
|
+
APP_RAKEFILE = File.expand_path("../spec/dummy/Rakefile", __FILE__)
|
30
|
+
load 'rails/tasks/engine.rake'
|
31
|
+
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
@@ -0,0 +1,45 @@
|
|
1
|
+
.message_block {
|
2
|
+
clear: both;
|
3
|
+
margin-top: 0.2em;
|
4
|
+
margin-bottom: 0.3em;
|
5
|
+
width: 500px;
|
6
|
+
}
|
7
|
+
|
8
|
+
.message_block ul {
|
9
|
+
margin-bottom: 0;
|
10
|
+
list-style: none;
|
11
|
+
padding: 10px;
|
12
|
+
}
|
13
|
+
.message_block ul li {
|
14
|
+
margin-left: 4em;
|
15
|
+
}
|
16
|
+
|
17
|
+
.message_block ul.error {
|
18
|
+
border-top: 1px solid #ecd757;
|
19
|
+
border-bottom: 1px solid #ecd757;
|
20
|
+
background: #fcf6d0 url(/images/message_block/error_m.gif) 1em 50% no-repeat;
|
21
|
+
}
|
22
|
+
|
23
|
+
.message_block ul.info {
|
24
|
+
border-top: 1px solid #ecd757;
|
25
|
+
border-bottom: 1px solid #ecd757;
|
26
|
+
background: #fcf6d0 url(/images/message_block/info_m.gif) 1em 50% no-repeat;
|
27
|
+
}
|
28
|
+
|
29
|
+
.message_block ul.notice {
|
30
|
+
border-top: 1px solid #ecd757;
|
31
|
+
border-bottom: 1px solid #ecd757;
|
32
|
+
background: #fcf6d0 url(/images/message_block/notice_m.gif) 1em 50% no-repeat;
|
33
|
+
}
|
34
|
+
|
35
|
+
.message_block ul.confirm {
|
36
|
+
border-top: 1px solid #ecd757;
|
37
|
+
border-bottom: 1px solid #ecd757;
|
38
|
+
background: #fcf6d0 url(/images/message_block/confirmation_m.gif) 1em 50% no-repeat;
|
39
|
+
}
|
40
|
+
|
41
|
+
.message_block ul.warn {
|
42
|
+
border-top: 1px solid #ecd757;
|
43
|
+
border-bottom: 1px solid #ecd757;
|
44
|
+
background: #fcf6d0 url(/images/message_block/warn_m.gif) 1em 50% no-repeat;
|
45
|
+
}
|
@@ -0,0 +1,56 @@
|
|
1
|
+
class Authengine::AccountsController < ApplicationController
|
2
|
+
layout 'authengine/layouts/authengine'
|
3
|
+
|
4
|
+
# because a user cannot login until the account is activated
|
5
|
+
skip_before_filter :check_permissions, :only => [:show]
|
6
|
+
|
7
|
+
# Activate action
|
8
|
+
def show
|
9
|
+
# Uncomment and change paths to have user logged in after activation - not recommended
|
10
|
+
# self.current_user = User.find_and_activate!(params[:id])
|
11
|
+
logger.info "accounts show"
|
12
|
+
@user = User.find_with_activation_code(params[:activation_code])
|
13
|
+
session[:activation_code] = params[:activation_code]
|
14
|
+
redirect_to :controller=>:users, :action=>:signup, :id=>@user.id
|
15
|
+
rescue User::ArgumentError
|
16
|
+
flash[:notice] = 'Activation code not found. Please contact database administrator.'
|
17
|
+
redirect_to login_path
|
18
|
+
rescue User::ActivationCodeNotFound
|
19
|
+
flash[:notice] = 'Activation code not found. Please contact database administrator.'
|
20
|
+
redirect_to login_path
|
21
|
+
rescue User::AlreadyActivated
|
22
|
+
flash[:notice] = 'Your account has already been activated. You can log in below.'
|
23
|
+
redirect_to login_path
|
24
|
+
end
|
25
|
+
|
26
|
+
def edit
|
27
|
+
end
|
28
|
+
|
29
|
+
# Change password action
|
30
|
+
def update
|
31
|
+
# removed to make restful (should actually be put)
|
32
|
+
# return unless request.post?
|
33
|
+
if User.authenticate(current_user.login, params[:old_password])
|
34
|
+
if ((params[:password] == params[:password_confirmation]) && !params[:password_confirmation].blank?)
|
35
|
+
current_user.password_confirmation = params[:password_confirmation]
|
36
|
+
current_user.password = params[:password]
|
37
|
+
if current_user.save
|
38
|
+
flash[:notice] = "Password updated."
|
39
|
+
# redirect_to user_path(current_user)
|
40
|
+
redirect_to :controller=>session[:referer][:controller], :action=>session[:referer][:action]
|
41
|
+
else
|
42
|
+
flash[:error] = "An error occured, your password was not changed."
|
43
|
+
render :action => 'edit'
|
44
|
+
end
|
45
|
+
else
|
46
|
+
flash[:error] = "New password does not match the password confirmation."
|
47
|
+
@old_password = params[:old_password]
|
48
|
+
render :action => 'edit'
|
49
|
+
end
|
50
|
+
else
|
51
|
+
flash[:error] = "Your old password is incorrect."
|
52
|
+
render :action => 'edit'
|
53
|
+
end
|
54
|
+
end
|
55
|
+
|
56
|
+
end
|
@@ -0,0 +1,22 @@
|
|
1
|
+
class Authengine::ActionRolesController < ApplicationController
|
2
|
+
layout 'authengine/layouts/authengine'
|
3
|
+
|
4
|
+
def update_all
|
5
|
+
aa = ActionRole.all.group_by(&:role_id).inject({}){|hash,a| hash[a[0]]=a[1].collect(&:action_id); hash}
|
6
|
+
params[:permission].each do |role_id,permissions| # role is the role name, permissions is a hash of controller/action names
|
7
|
+
role_id = role_id.to_i
|
8
|
+
permissions.each do |action_id, val|
|
9
|
+
action_id = action_id.to_i
|
10
|
+
a = aa[role_id].nil? ? false : aa[role_id].include?(action_id) # because a new role, with no permissions granted, produces nil for aa[role_id.to_i]
|
11
|
+
if val=="1" && !a # a newly-checked checkbox
|
12
|
+
ActionRole.new(:role_id=>role_id,:action_id=>action_id).save
|
13
|
+
elsif val=="0" && a # a newly-unchecked checkbox
|
14
|
+
ActionRole.find_by_role_id_and_action_id(role_id,action_id).delete
|
15
|
+
end
|
16
|
+
end
|
17
|
+
end
|
18
|
+
|
19
|
+
redirect_to authengine_actions_url
|
20
|
+
end
|
21
|
+
|
22
|
+
end
|
@@ -0,0 +1,17 @@
|
|
1
|
+
class Authengine::ActionsController < ApplicationController
|
2
|
+
layout 'authengine/layouts/authengine'
|
3
|
+
|
4
|
+
def index
|
5
|
+
Controller.update_table # make sure the actions table includes all current controllers/actions
|
6
|
+
@actions = Action.all(:include=>:controller).sort
|
7
|
+
@roles = Role.all(:include=>{:actions=>:controller}, :order=>:name) # this eager loading seems to produce a large number of database accesses, and I'm not sure why!!
|
8
|
+
@allowed = []
|
9
|
+
@roles.each{ |r| @allowed[r.id]= r.name=="developer" ? @actions.map(&:id) : r.actions.map{ |a| a.id unless a.nil? } }
|
10
|
+
end
|
11
|
+
|
12
|
+
def update
|
13
|
+
ActionRole.update_all(params)
|
14
|
+
redirect_to (authengine_actions_url)
|
15
|
+
end
|
16
|
+
|
17
|
+
end
|
@@ -0,0 +1,35 @@
|
|
1
|
+
class Authengine::RolesController < ApplicationController
|
2
|
+
layout 'authengine/layouts/authengine'
|
3
|
+
|
4
|
+
def index
|
5
|
+
@all_roles = Role.find(:all, :order =>:name)
|
6
|
+
@roles = Role.equal_or_lower_than(current_user.roles)
|
7
|
+
end
|
8
|
+
|
9
|
+
def destroy
|
10
|
+
@role = Role.find(params[:id])
|
11
|
+
if @role.destroy # note: model callback applies
|
12
|
+
redirect_to authengine_roles_path
|
13
|
+
else
|
14
|
+
flash[:error] = "Cannot remove a role if users are assigned.<br/>Please reassign or delete users."
|
15
|
+
redirect_to authengine_roles_path
|
16
|
+
end
|
17
|
+
end
|
18
|
+
|
19
|
+
def new
|
20
|
+
@role = Role.new
|
21
|
+
@roles = Role.equal_or_lower_than(current_user.roles)
|
22
|
+
end
|
23
|
+
|
24
|
+
def create
|
25
|
+
@role = Role.new(params[:role])
|
26
|
+
|
27
|
+
if @role.save
|
28
|
+
redirect_to authengine_roles_path
|
29
|
+
else
|
30
|
+
@roles = Role.equal_or_lower_than(current_user.roles)
|
31
|
+
render :action => "new"
|
32
|
+
end
|
33
|
+
end
|
34
|
+
|
35
|
+
end
|
@@ -0,0 +1,75 @@
|
|
1
|
+
# This controller handles the login/logout function of the site.
|
2
|
+
require "date"
|
3
|
+
|
4
|
+
class Authengine::SessionsController < ApplicationController
|
5
|
+
layout 'authengine/layouts/authengine'
|
6
|
+
|
7
|
+
skip_before_filter :check_permissions, :only => [:new, :create, :destroy]
|
8
|
+
|
9
|
+
|
10
|
+
def new
|
11
|
+
end
|
12
|
+
|
13
|
+
# user logs in
|
14
|
+
def create
|
15
|
+
logger.info "session controller: create"
|
16
|
+
authenticate_with_password(params[:login], params[:password])
|
17
|
+
end
|
18
|
+
|
19
|
+
# user logs out
|
20
|
+
def destroy
|
21
|
+
self.current_user.forget_me if logged_in?
|
22
|
+
remove_session_user_roles
|
23
|
+
cookies.delete :auth_token
|
24
|
+
reset_session
|
25
|
+
flash[:notice] = "You have been logged out."
|
26
|
+
redirect_to login_path
|
27
|
+
end
|
28
|
+
|
29
|
+
protected
|
30
|
+
|
31
|
+
def remove_session_user_roles
|
32
|
+
session[:role] = SessionRole.new
|
33
|
+
end
|
34
|
+
|
35
|
+
def authenticate_with_password(login, password)
|
36
|
+
user = User.authenticate(login, password)
|
37
|
+
if user == nil
|
38
|
+
failed_login("Your username or password is incorrect.")
|
39
|
+
elsif user.activated_at.blank?
|
40
|
+
failed_login("Your account is not active, please check your email for the activation code.")
|
41
|
+
elsif user.enabled == false
|
42
|
+
failed_login("Your account has been disabled, please contact administrator.")
|
43
|
+
else
|
44
|
+
self.current_user = user
|
45
|
+
session[:role] = SessionRole.new
|
46
|
+
session[:role].add_roles(user.role_ids)
|
47
|
+
successful_login
|
48
|
+
end
|
49
|
+
end
|
50
|
+
|
51
|
+
private
|
52
|
+
|
53
|
+
def failed_login(message)
|
54
|
+
logger.info "login failed with message: #{message}"
|
55
|
+
flash[:error] = message
|
56
|
+
render :action => 'new'
|
57
|
+
end
|
58
|
+
|
59
|
+
def successful_login
|
60
|
+
# 'remember me' is not used in this application
|
61
|
+
#if params[:remember_me] == "1"
|
62
|
+
#self.current_user.remember_me
|
63
|
+
#cookies[:auth_token] = { :value => self.current_user.remember_token , :expires => self.current_user.remember_token_expires_at }
|
64
|
+
#end
|
65
|
+
# user is already logged-in
|
66
|
+
flash[:notice] = "Logged in successfully"
|
67
|
+
return_to = session[:return_to]
|
68
|
+
if return_to.nil?
|
69
|
+
redirect_to home_path
|
70
|
+
else
|
71
|
+
redirect_to return_to
|
72
|
+
end
|
73
|
+
end
|
74
|
+
|
75
|
+
end
|
@@ -0,0 +1,55 @@
|
|
1
|
+
class Authengine::UserRolesController < ApplicationController
|
2
|
+
def index
|
3
|
+
@user = User.find(params[:user_id])
|
4
|
+
@all_roles = Role.all(:order => :name)
|
5
|
+
@user_role = UserRole.new(:user_id => @user.id)
|
6
|
+
end
|
7
|
+
|
8
|
+
def create
|
9
|
+
@user = User.find(params[:user_id])
|
10
|
+
# session_user_roles are created by the process of downgrading the role
|
11
|
+
# associated with the current session for the purpose of limiting access
|
12
|
+
# when configuring a session for just one purpose (e.g.) checkout
|
13
|
+
if params[:session_user_role]
|
14
|
+
@user.session_user_roles.create(params[:session_user_role].delete_if{|k,v| k == "type" })
|
15
|
+
role_name = Role.find(params[:session_user_role][:role_id]).name
|
16
|
+
flash[:info] = "Current session now has #{role_name} role"
|
17
|
+
redirect_to home_path
|
18
|
+
else
|
19
|
+
@user.user_roles.create(params[:user_role])
|
20
|
+
redirect_to authengine_user_user_roles_path(@user)
|
21
|
+
end
|
22
|
+
end
|
23
|
+
|
24
|
+
def destroy
|
25
|
+
user_role = UserRole.find_by_role_id_and_user_id(params[:id],params[:user_id])
|
26
|
+
user_role.destroy
|
27
|
+
redirect_to authengine_user_user_roles_path(params[:user_id])
|
28
|
+
end
|
29
|
+
|
30
|
+
def new
|
31
|
+
@user = User.find(params[:user_id])
|
32
|
+
@user_role = UserRole.new(:user_id => @user.id)
|
33
|
+
@roles = Role.lower_than(current_user.user_roles.map(&:role))
|
34
|
+
end
|
35
|
+
|
36
|
+
def edit
|
37
|
+
@user = User.find(params[:user_id])
|
38
|
+
@user_role = UserRole.new(:user_id => @user.id)
|
39
|
+
@roles = Role.lower_than(current_user.user_roles.map(&:role))
|
40
|
+
end
|
41
|
+
|
42
|
+
# session role is being downgraded for the logged-in user
|
43
|
+
def update
|
44
|
+
update_session_role(params[:user_role][:role_id])
|
45
|
+
flash[:notice] = "Current session now has #{Role.find(params[:user_role][:role_id]).name} role"
|
46
|
+
redirect_to new_authengine_session_path
|
47
|
+
end
|
48
|
+
|
49
|
+
protected
|
50
|
+
|
51
|
+
def update_session_role(role_id)
|
52
|
+
session[:role].current_role_ids = []
|
53
|
+
session[:role].create(role_id.to_i)
|
54
|
+
end
|
55
|
+
end
|