authentasaurus 0.4.14 → 0.5.6
Sign up to get free protection for your applications and to get access to all the features.
- data/CHANGELIST +3 -0
- data/TODO +4 -4
- data/app/controllers/areas_controller.rb +2 -1
- data/app/controllers/groups_controller.rb +2 -1
- data/app/controllers/permissions_controller.rb +2 -1
- data/app/controllers/recoveries_controller.rb +2 -1
- data/app/controllers/registrations_controller.rb +2 -1
- data/app/controllers/sessions_controller.rb +2 -1
- data/app/controllers/user_invitations_controller.rb +2 -1
- data/app/controllers/users_controller.rb +2 -1
- data/app/controllers/validations_controller.rb +2 -1
- data/app/models/area.rb +2 -1
- data/app/models/group.rb +2 -1
- data/app/models/permission.rb +2 -1
- data/app/models/recovery.rb +2 -1
- data/app/models/session.rb +2 -1
- data/app/models/user_invitation.rb +2 -1
- data/app/models/validation.rb +2 -1
- data/lib/authentasaurus/areas_controller.rb +77 -68
- data/lib/authentasaurus/groups_controller.rb +78 -70
- data/lib/authentasaurus/models/area.rb +15 -6
- data/lib/authentasaurus/models/group.rb +15 -6
- data/lib/authentasaurus/models/permission.rb +19 -8
- data/lib/authentasaurus/models/recovery.rb +31 -21
- data/lib/authentasaurus/models/session.rb +59 -50
- data/lib/authentasaurus/models/user_invitation.rb +26 -16
- data/lib/authentasaurus/models/validation.rb +25 -15
- data/lib/authentasaurus/permissions_controller.rb +78 -69
- data/lib/authentasaurus/recoveries_controller.rb +62 -52
- data/lib/authentasaurus/registrations_controller.rb +34 -24
- data/lib/authentasaurus/sessions_controller.rb +42 -33
- data/lib/authentasaurus/user_invitations_controller.rb +36 -27
- data/lib/authentasaurus/users_controller.rb +77 -68
- data/lib/authentasaurus/validations_controller.rb +38 -28
- metadata +7 -6
- data/app/controllers/authentasaurus/authentasaurus_controller.rb +0 -2
@@ -1,8 +1,17 @@
|
|
1
|
-
|
2
|
-
|
3
|
-
|
4
|
-
|
5
|
-
|
6
|
-
|
1
|
+
module Authentasaurus::Models::Group
|
2
|
+
def self.included(base) # :nodoc:
|
3
|
+
base.send :extend, ClassMethods
|
4
|
+
base.send :include, InstanceMethods
|
5
|
+
|
6
|
+
base.send :has_many, :permissions, :dependent => :destroy
|
7
|
+
base.send :has_many, :areas, :through => :permissions
|
8
|
+
|
9
|
+
base.send :validates_presence_of, :name
|
10
|
+
end
|
7
11
|
|
12
|
+
module ClassMethods
|
13
|
+
end
|
14
|
+
|
15
|
+
module InstanceMethods
|
16
|
+
end
|
8
17
|
end
|
@@ -1,9 +1,20 @@
|
|
1
|
-
|
2
|
-
|
3
|
-
|
4
|
-
|
5
|
-
|
6
|
-
|
7
|
-
|
8
|
-
|
1
|
+
module Authentasaurus::Models::Permission
|
2
|
+
def self.included(base) # :nodoc:
|
3
|
+
base.send :extend, ClassMethods
|
4
|
+
base.send :include, InstanceMethods
|
5
|
+
|
6
|
+
base.send :belongs_to, :group
|
7
|
+
base.send :belongs_to, :area
|
8
|
+
|
9
|
+
# Check that everything is there
|
10
|
+
base.send :validates_presence_of, :group_id,:area_id,:read,:write
|
11
|
+
# Check foreign keys
|
12
|
+
base.send :validates_associated, :group, :area
|
13
|
+
end
|
14
|
+
|
15
|
+
module ClassMethods
|
16
|
+
end
|
17
|
+
|
18
|
+
module InstanceMethods
|
19
|
+
end
|
9
20
|
end
|
@@ -1,23 +1,33 @@
|
|
1
|
-
|
2
|
-
|
3
|
-
|
1
|
+
module Authentasaurus::Models::Recovery
|
2
|
+
def self.included(base) # :nodoc:
|
3
|
+
base.send :extend, ClassMethods
|
4
|
+
base.send :include, InstanceMethods
|
5
|
+
|
6
|
+
base.send :require, "digest/sha1"
|
7
|
+
|
8
|
+
base.send :belongs_to, :user
|
4
9
|
|
5
|
-
|
6
|
-
|
7
|
-
|
8
|
-
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
|
10
|
+
base.send :before_validation_on_create, :make_token!
|
11
|
+
base.send :before_save, :send_recovery
|
12
|
+
|
13
|
+
base.send :named_scope, :valid, lambda { { :conditions => ["updated_at <= ?", AUTHENTASAURUS[:modules][:recoverable][:token_expires_after].days.from_now] } }
|
14
|
+
|
15
|
+
base.send :validates_uniqueness_of, :user_id
|
16
|
+
base.send :validates_presence_of, :email
|
17
|
+
base.send :validates_presence_of, :user_id, :message => :"recovery.user_id.blank"
|
18
|
+
base.send :validates_format_of, :email, :with => %r{[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,4}}
|
19
|
+
end
|
20
|
+
|
21
|
+
module ClassMethods
|
22
|
+
end
|
23
|
+
|
24
|
+
module InstanceMethods
|
25
|
+
def make_token!
|
26
|
+
self.token = Digest::SHA1.hexdigest "#{Time.now.to_i} #{rand} #{self.email}"
|
27
|
+
end
|
28
|
+
|
29
|
+
def send_recovery
|
30
|
+
AuthentasaurusEmailer.deliver_recovery_mail(self.user, self.token) if AUTHENTASAURUS[:modules][:recoverable][:send_email]
|
31
|
+
end
|
32
|
+
end
|
23
33
|
end
|
@@ -1,63 +1,72 @@
|
|
1
1
|
# This class represents a session model, a session authenticates a username and a password.
|
2
2
|
#
|
3
3
|
# A session behaves just like an ActiveRecord model
|
4
|
-
|
5
|
-
|
6
|
-
|
7
|
-
|
4
|
+
module Authentasaurus::Models::Session
|
5
|
+
def self.included(base) # :nodoc:
|
6
|
+
base.send :extend, ClassMethods
|
7
|
+
base.send :include, InstanceMethods
|
8
|
+
|
9
|
+
base.send :attr_accessor, :username, :password, :remember
|
10
|
+
base.send :attr_accessor, :errors
|
11
|
+
base.send :attr_reader, :user
|
12
|
+
end
|
8
13
|
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
attributes
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
14
|
+
module ClassMethods
|
15
|
+
# Takes a hash of attributes keys and values just like new and authenticates the information.
|
16
|
+
# Returns true or false
|
17
|
+
def create(*attrs)
|
18
|
+
attributes = attrs.extract_options!
|
19
|
+
attrs = attrs.flatten
|
20
|
+
self_obj = self.new attributes
|
21
|
+
self_obj.save(attrs)
|
22
|
+
return self_obj
|
23
|
+
end
|
24
|
+
|
25
|
+
# Takes an id (usually from an ActiveController session) and returns a User object
|
26
|
+
def current_user(id, session_type = :user)
|
27
|
+
session_type.to_s.camelize.constantize.find id
|
18
28
|
end
|
19
29
|
end
|
20
30
|
|
21
|
-
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
|
27
|
-
|
31
|
+
module InstanceMethods
|
32
|
+
# Takes a hash of attributes keys and values just like ActiveRecord models
|
33
|
+
def initialize(attributes = nil)
|
34
|
+
self.errors = ActiveRecord::Errors.new(self)
|
35
|
+
if attributes
|
36
|
+
attributes.each do |key,value|
|
37
|
+
send(key.to_s + '=', value)
|
38
|
+
end
|
39
|
+
else
|
40
|
+
self.remember = false
|
41
|
+
end
|
28
42
|
end
|
29
43
|
|
30
|
-
|
31
|
-
|
32
|
-
|
33
|
-
|
34
|
-
|
35
|
-
|
36
|
-
|
37
|
-
@user.create_remember_me_token if self.remember == "1"
|
38
|
-
ret = true
|
39
|
-
break
|
44
|
+
# Authenticates the information saved in the attributes
|
45
|
+
# Returns true or false
|
46
|
+
def save(*session_types)
|
47
|
+
session_types = session_types.flatten
|
48
|
+
|
49
|
+
if session_types.empty?
|
50
|
+
session_types = [:user]
|
40
51
|
end
|
52
|
+
|
53
|
+
ret = true
|
54
|
+
session_types.each do |type|
|
55
|
+
@user = type.to_s.camelize.constantize.authenticate(self.username, self.password)
|
56
|
+
if @user.nil?
|
57
|
+
self.errors.add_to_base I18n.t(:invalid_login, :scope => [:authentasaurus, :messages, :sessions])
|
58
|
+
ret &= false
|
59
|
+
else
|
60
|
+
@user.create_remember_me_token if self.remember == "1"
|
61
|
+
ret = true
|
62
|
+
break
|
63
|
+
end
|
64
|
+
end
|
65
|
+
ret
|
66
|
+
end
|
67
|
+
|
68
|
+
def new_record? #:nodoc:
|
69
|
+
true
|
41
70
|
end
|
42
|
-
ret
|
43
|
-
end
|
44
|
-
|
45
|
-
# Takes a hash of attributes keys and values just like new and authenticates the information.
|
46
|
-
# Returns true or false
|
47
|
-
def self.create(*attrs)
|
48
|
-
attributes = attrs.extract_options!
|
49
|
-
attrs = attrs.flatten
|
50
|
-
self_obj = self.new attributes
|
51
|
-
self_obj.save(attrs)
|
52
|
-
return self_obj
|
53
|
-
end
|
54
|
-
|
55
|
-
def new_record? #:nodoc:
|
56
|
-
true
|
57
|
-
end
|
58
|
-
|
59
|
-
# Takes an id (usually from an ActiveController session) and returns a User object
|
60
|
-
def self.current_user(id, session_type = :user)
|
61
|
-
session_type.to_s.camelize.constantize.find id
|
62
71
|
end
|
63
72
|
end
|
@@ -1,21 +1,31 @@
|
|
1
|
-
|
2
|
-
|
3
|
-
|
4
|
-
|
5
|
-
|
1
|
+
module Authentasaurus::Models::UserInvitation
|
2
|
+
def self.included(base) # :nodoc:
|
3
|
+
base.send :extend, ClassMethods
|
4
|
+
base.send :include, InstanceMethods
|
5
|
+
|
6
|
+
base.send :require, 'digest/sha1'
|
7
|
+
base.send :validates_presence_of, :email
|
8
|
+
base.send :validates_uniqueness_of, :email, :scope => :token
|
9
|
+
base.send :validates_format_of, :email, :with => %r{[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,4}}
|
10
|
+
|
11
|
+
base.send :before_validation, :create_token
|
12
|
+
#send email
|
13
|
+
base.send :after_create, :send_invitation
|
14
|
+
end
|
6
15
|
|
7
|
-
|
8
|
-
#send email
|
9
|
-
after_create :send_invitation
|
10
|
-
|
11
|
-
def send_invitation
|
12
|
-
AuthentasaurusEmailer.deliver_invitation_mail(self.email, self.token) if AUTHENTASAURUS[:modules][:invitable][:send_email]
|
16
|
+
module ClassMethods
|
13
17
|
end
|
14
18
|
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
|
19
|
+
module InstanceMethods
|
20
|
+
def send_invitation
|
21
|
+
AuthentasaurusEmailer.deliver_invitation_mail(self.email, self.token) if AUTHENTASAURUS[:modules][:invitable][:send_email]
|
22
|
+
end
|
23
|
+
|
24
|
+
private
|
25
|
+
def create_token
|
26
|
+
return if self.email.nil? || self.email.blank?
|
27
|
+
string_to_hash=self.email + "invitable.olation" + self.email.hash.to_s
|
28
|
+
self.token = Digest::SHA1.hexdigest(string_to_hash)
|
29
|
+
end
|
20
30
|
end
|
21
31
|
end
|
@@ -1,18 +1,28 @@
|
|
1
|
-
|
2
|
-
|
1
|
+
module Authentasaurus::Models::Validation
|
2
|
+
def self.included(base) # :nodoc:
|
3
|
+
base.send :extend, ClassMethods
|
4
|
+
base.send :include, InstanceMethods
|
5
|
+
|
6
|
+
base.send :belongs_to, :user, :polymorphic => true
|
3
7
|
|
4
|
-
|
5
|
-
|
6
|
-
|
7
|
-
|
8
|
-
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
8
|
+
# Check that everything is there
|
9
|
+
base.send :validates_presence_of, :user_id, :validation_code, :user_type, :email
|
10
|
+
# Check foreign keys
|
11
|
+
base.send :validates_associated, :user
|
12
|
+
# Check unique user
|
13
|
+
base.send :validates_uniqueness_of, :user_id, :scope => [:user_type, :email]
|
14
|
+
base.send :validates_uniqueness_of, :validation_code
|
15
|
+
|
16
|
+
#send email
|
17
|
+
base.send :after_create, :send_validation
|
18
|
+
end
|
19
|
+
|
20
|
+
module ClassMethods
|
21
|
+
end
|
22
|
+
|
23
|
+
module InstanceMethods
|
24
|
+
def send_validation
|
25
|
+
AuthentasaurusEmailer.deliver_validation_mail(self.user.name, self.email, self.validation_code) if AUTHENTASAURUS[:modules][:validatable][:send_email]
|
26
|
+
end
|
17
27
|
end
|
18
28
|
end
|
@@ -1,70 +1,79 @@
|
|
1
|
-
|
2
|
-
|
3
|
-
|
4
|
-
|
5
|
-
|
6
|
-
|
7
|
-
|
8
|
-
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
|
27
|
-
|
28
|
-
|
29
|
-
|
30
|
-
|
31
|
-
|
32
|
-
|
33
|
-
|
34
|
-
|
35
|
-
|
36
|
-
|
37
|
-
|
38
|
-
|
39
|
-
|
40
|
-
|
41
|
-
|
42
|
-
|
43
|
-
|
44
|
-
|
45
|
-
|
46
|
-
|
47
|
-
|
48
|
-
|
49
|
-
|
50
|
-
|
51
|
-
|
52
|
-
|
53
|
-
|
54
|
-
|
55
|
-
|
56
|
-
|
57
|
-
|
58
|
-
|
59
|
-
|
60
|
-
|
61
|
-
|
62
|
-
|
63
|
-
|
64
|
-
|
65
|
-
|
66
|
-
|
67
|
-
|
68
|
-
|
69
|
-
|
1
|
+
module Authentasaurus::PermissionsController
|
2
|
+
def self.included(base) # :nodoc:
|
3
|
+
base.send :extend, ClassMethods
|
4
|
+
base.send :include, InstanceMethods
|
5
|
+
end
|
6
|
+
|
7
|
+
module ClassMethods
|
8
|
+
end
|
9
|
+
|
10
|
+
module InstanceMethods
|
11
|
+
def index
|
12
|
+
@permissions = Permission.find :all
|
13
|
+
|
14
|
+
respond_to do |format|
|
15
|
+
format.html
|
16
|
+
end
|
17
|
+
end
|
18
|
+
|
19
|
+
def show
|
20
|
+
@permission = Permission.find params[:id]
|
21
|
+
|
22
|
+
respond_to do |format|
|
23
|
+
format.html
|
24
|
+
end
|
25
|
+
end
|
26
|
+
|
27
|
+
def new
|
28
|
+
@permission = Permission.new
|
29
|
+
|
30
|
+
respond_to do |format|
|
31
|
+
format.html
|
32
|
+
end
|
33
|
+
end
|
34
|
+
|
35
|
+
def create
|
36
|
+
@permission = Permission.new params[:permission]
|
37
|
+
|
38
|
+
respond_to do |format|
|
39
|
+
if @permission.save
|
40
|
+
format.html { redirect_to :action=>:index, :notice => "Permission created" }
|
41
|
+
else
|
42
|
+
flash.now[:alert] = I18n.t(:create_failed, :scope => [:authentasaurus, :messages, :permissions])
|
43
|
+
format.html { render :new }
|
44
|
+
end
|
45
|
+
end
|
46
|
+
end
|
47
|
+
|
48
|
+
def edit
|
49
|
+
@permission = Permission.find params[:id]
|
50
|
+
|
51
|
+
respond_to do |format|
|
52
|
+
format.html
|
53
|
+
end
|
54
|
+
end
|
55
|
+
|
56
|
+
def update
|
57
|
+
@permission = Permission.find params[:id]
|
58
|
+
|
59
|
+
respond_to do |format|
|
60
|
+
if @permission.update_attributes(params[:permission])
|
61
|
+
flash.now[:notice] = "Permission updated"
|
62
|
+
format.html { redirect_to @permission }
|
63
|
+
else
|
64
|
+
flash.now[:alert] = I18n.t(:update_failed, :scope => [:authentasaurus, :messages, :permissions])
|
65
|
+
format.html { render :edit }
|
66
|
+
end
|
67
|
+
end
|
68
|
+
end
|
69
|
+
|
70
|
+
def destroy
|
71
|
+
@permssion = Permission.find params[:id]
|
72
|
+
@permission.destroy()
|
73
|
+
|
74
|
+
respond_to do |format|
|
75
|
+
format.html { redirect_to :action=>:index }
|
76
|
+
end
|
77
|
+
end
|
78
|
+
end
|
70
79
|
end
|