authpds 0.1.2 → 0.2.0

data/MIT-LICENSE

@@ -1,4 +1,4 @@
-Copyright 2012 YOURNAME
+Copyright 2012 Scot Dalton
 
 Permission is hereby granted, free of charge, to any person obtaining
 a copy of this software and associated documentation files (the

data/README.rdoc

@@ -1,14 +1,17 @@
 = Authpds
+{<img src="https://secure.travis-ci.org/scotdalton/authpds.png?branch=master" alt="Build Status" />}[https://travis-ci.org/scotdalton/authpds]
+{<img src="https://gemnasium.com/scotdalton/authpds.png" alt="Dependency Status" />}[https://gemnasium.com/scotdalton/authpds]
+{<img src="https://codeclimate.com/badge.png" alt="Code Climage" />}[https://codeclimate.com/github/scotdalton/authpds]
 
 This gem provides a mechanism for authenticating via Ex Libris' Patron Directory Services (PDS) and provides hooks for making authorization decisions based on the user information provided by PDS.  It leverages the authlogic gem and depends on a User-like model.
 
 == Basics
 === Generate User-like model
   $ rails generate model User username:string email:string firstname:string \
-  	lastname:string mobile_phone:string crypted_password:string password_salt:string \
-  	session_id:string persistence_token:string login_count:integer last_request_at:string \
-  	current_login_at:string last_login_at:string last_login_ip:string current_login_ip:string \
-  	user_attributes:text refreshed_at:datetime
+    lastname:string mobile_phone:string crypted_password:string password_salt:string \
+    session_id:string persistence_token:string login_count:integer last_request_at:string \
+    current_login_at:string last_login_at:string last_login_ip:string current_login_ip:string \
+    user_attributes:text refreshed_at:datetime
 
 === Configure User-like model
   class User < ActiveRecord::Base
@@ -72,11 +75,27 @@ You can create multiple institution listings as follows:
 
 The two separate institutions above share a link_code in this example. The link_code attribute determines the institute parameter in the PDS url.
 
+==== Institution fields
+:name:: Institution name
+:display_name:: Name to display to users.
+:default:: Boolean indicating whether this is a default Institution.  Alternatively, an Institution can be named 'default'.
+:parent_institution:: A parent Institution from which this child will inherit fields.
+:ip_addresses:: IP addresses associated with the Institution.
+:login:: Login configurations associated with the Institution.
+:layouts:: Layout configurations associated with the Institution.
+:views:: View configurations associated with the Institution.
+:controllers:: Controller configurations associated with the Institution.
+:models:: Model configurations associated with the Institution.
+  
+
 ==== Create institution initializer
 
-If you have your institutions.yml file in another location make sure to change the line below accordingly.
+Most likely it will just work if you put the config file in 
+  "#{Rails.root}/config/institutions.yml"
 
-  InstitutionList.yaml_path= Rails.root + "config/institutions.yml"
+If you have your institutions config file in another location make sure to change the line below accordingly.
+  Institutions.loadpaths << File.join("other", "path")
+  Institutions.filenames << "other_file.yml"
 
 === Mixin authpds methods into UserSessionsController
   class UserSessionsController < ApplicationController
@@ -126,4 +145,6 @@ method, e.g. :before_persisting, :persist, :after_persisting.  We're using the :
 === Access to the controller in Session
 The class that Session extends, Authologic::Session::Base, has an explicit handle to the current controller via the instance method 
 :controller.  This gives our custom instance methods access to cookies, session information, loggers, etc. and also allows them to 
-perform redirects and renders.
+perform redirects and renders.
+
+== Build Status {<img src="https://secure.travis-ci.org/scotdalton/authpds.png"/>}[http://travis-ci.org/scotdalton/authpds]

data/Rakefile

@@ -20,13 +20,9 @@ RDoc::Task.new(:rdoc) do |rdoc|
   rdoc.rdoc_files.include('lib/**/*.rb')
 end
 
-
-
-
 Bundler::GemHelper.install_tasks
 
 require 'rake/testtask'
-
 Rake::TestTask.new(:test) do |t|
   t.libs << 'lib'
   t.libs << 'test'
@@ -34,5 +30,4 @@ Rake::TestTask.new(:test) do |t|
   t.verbose = false
 end
 
-
-task :default => :test
+task :default => :test

data/lib/authpds.rb

@@ -4,8 +4,6 @@ AUTHPDS_PATH = File.dirname(__FILE__) + "/authpds/"
 [ 
   'acts_as_authentic',
   'session',
-  'institution',
-  'institution_list',
   'exlibris/pds',
   'controllers/authpds_controller',
   'controllers/authpds_sessions_controller'

data/lib/authpds/acts_as_authentic.rb

@@ -2,6 +2,7 @@ module Authpds
   module ActsAsAuthentic
     def self.included(klass)
       klass.class_eval do
+        require 'institutions'
         add_acts_as_authentic_module(InstanceMethods, :prepend)
       end
     end
@@ -14,7 +15,6 @@ module Authpds
         end
       end
 
-      public
       # Setting the username field also resets the persistence_token if the value changes.
       def username=(value)
         write_attribute(:username, value)
@@ -22,29 +22,26 @@ module Authpds
       end
 
       def primary_institution
-        return nil unless InstitutionList.institutions_defined?
-        InstitutionList.instance.get(user_attributes[:primary_institution]) unless user_attributes.nil?
+        all_institutions[user_attributes[:primary_institution]] unless user_attributes.nil?
       end
 
-      def primary_institution=(primary_institution)
-        primary_institution = primary_institution.name if primary_institution.is_a?(Institution)
-        self.user_attributes=({:primary_institution => primary_institution})
+      def primary_institution=(new_primary_institution)
+        new_primary_institution = new_primary_institution.code if new_primary_institution.is_a?(Institutions::Institution)
+        self.user_attributes=({:primary_institution => new_primary_institution.to_sym})
       end
 
       def institutions
-        return nil unless InstitutionList.institutions_defined?
         user_attributes[:institutions].collect { |institution|
-          InstitutionList.instance.get(institution) } unless user_attributes.nil?
+          all_institutions[institution] } unless user_attributes.nil?
       end
 
-      def institutions=(institutions)
-        raise ArgumentError.new(
-          "Institutions input should be an array.") unless institutions.is_a?(Array)
-        filtered_institutions = institutions.collect { |institution|
-          institution = institution.name if institution.is_a?(Institution)
-          institution unless InstitutionList.instance.get(institution).nil?
+      def institutions=(new_institutions)
+        raise ArgumentError.new("Institutions input should be an array.") unless new_institutions.is_a?(Array)
+        new_institutions.collect! { |institution| institution.to_sym }
+        new_institutions.select! { |institution|
+          all_institutions[ new_institutions.is_a?(Institutions::Institution) ? institution.code : institution.to_sym]
         }
-        self.user_attributes=({:institutions => filtered_institutions})
+        self.user_attributes=({:institutions => new_institutions}) unless new_institutions.empty?
       end
 
       # "Smart" updating of user_attributes.  Maintains user_attributes that are not explicity overwritten.
@@ -54,13 +51,18 @@ module Authpds
         write_attribute(:user_attributes, (user_attributes || {}).merge(new_attributes))
       end
 
-      # Returns a boolean based on whether the User has been refreshed recently.  
+      # Returns a boolean based on whether the User has been refreshed recently.
       # If User#refreshed_at is older than User#expiration_date, the User is expired and the data
       # may need to be refreshed.
       def expired?
         # If the record is older than the expiration date, it is expired.
-        (refreshed_at.nil?) ? true : refreshed_at < expiration_date 
+        (refreshed_at.nil?) ? true : refreshed_at < expiration_date
       end
+
+      def all_institutions
+        Institutions.institutions
+      end
+      private :all_institutions
     end
   end
 end

data/lib/authpds/controllers/authpds_controller.rb

@@ -2,73 +2,70 @@ module Authpds
   module Controllers
     module AuthpdsController
 
+      # Set helper methods when this module is included.
       def self.included(klass)
         klass.class_eval do
-          include InstanceMethods
           helper_method :current_user_session, :current_user, :current_primary_institution
         end
       end
-    
-      module InstanceMethods
 
-        # Get the current UserSession if it exists
-        def current_user_session
-          @current_user_session ||= UserSession.find
-        end
+      # Get the current UserSession if it exists
+      def current_user_session
+        @current_user_session ||= UserSession.find
+      end
 
-        # Get the current User if there is a UserSession
-        def current_user
-          @current_user ||= current_user_session.record unless current_user_session.nil?
-        end
+      # Get the current User if there is a UserSession
+      def current_user
+        @current_user ||= current_user_session.record unless current_user_session.nil?
+      end
 
-        # Determine current primary institution based on:
-        #   0. institutions are not being used (returns nil)
-        #   1. institution query string parameter in URL
-        #   2. institution associated with the client IP
-        #   3. primary institution for the current user
-        #   4. first default institution
-        def current_primary_institution
-            @current_primary_institution ||= 
-              (InstitutionList.institutions_defined?) ?
-                (params["#{institution_param_key}"].nil? or InstitutionList.instance.get(params["#{institution_param_key}"]).nil?) ?
-                  (primary_institution_from_ip.nil?) ?
-                    (current_user.nil? or current_user.primary_institution.nil?) ?
-                      InstitutionList.instance.defaults.first :
-                        current_user.primary_institution :
-                          primary_institution_from_ip :
-                            InstitutionList.instance.get(params["#{institution_param_key}"]) :
-                              nil
-        end
+      # Determine current primary institution based on:
+      #   0. institutions are not being used (returns nil)
+      #   1. institution query string parameter in URL
+      #   2. institution associated with the client IP
+      #   3. primary institution for the current user
+      #   4. first default institution
+      def current_primary_institution
+        @current_primary_institution ||=
+          (institution_param.nil? or all_institutions[institution_param].nil?) ?
+            (primary_institution_from_ip.nil?) ?
+              (current_user.nil? or current_user.primary_institution.nil?) ?
+                Institutions.defaults.first :
+                  current_user.primary_institution :
+                    primary_institution_from_ip :
+                      all_institutions[institution_param]
+      end
 
-        # Grab the first institution that matches the client IP
-        def primary_institution_from_ip
-          InstitutionList.instance.institutions_with_ip(request.remote_ip).first unless request.nil?
-        end
+      # Override to add institution.
+      def url_for(options={})
+        options[institution_param_key] ||= institution_param unless institution_param.nil?
+        super options
+      end
 
-        # Determine institution layout based on:
-        #   1. primary institution's resolve_layout
-        #   2. default - views/layouts/application
-        def institution_layout
-          (current_primary_institution.nil? or current_primary_institution.application_layout.nil?) ? 
-            :application : current_primary_institution.application_layout
-        end
+      def user_session_redirect_url(url)
+        (url.nil?) ? (request.referer.nil?) ? root_url : request.referer : url
+      end
 
-        # Override to add institution.
-        def url_for(options={})
-          options["#{institution_param_key}"] = 
-            params["#{institution_param_key}"] unless params["#{institution_param_key}"].nil? or 
-              options["#{institution_param_key}"]
-          super(options)          
-        end
+      # Grab the first institution that matches the client IP
+      def primary_institution_from_ip
+        Institutions.with_ip(request.remote_ip).first unless request.nil?
+      end
+      private :primary_institution_from_ip
 
-        def user_session_redirect_url(url)
-          (url.nil?) ? (request.referer.nil?) ? root_url : request.referer : url
-        end
-        
-        def institution_param_key
-          @institution_param_key ||= UserSession.institution_param_key
-        end
+      def institution_param_key
+        @institution_param_key ||= UserSession.institution_param_key
+      end
+      private :institution_param_key
+
+      def institution_param
+        params["#{institution_param_key}"].to_sym unless params["#{institution_param_key}"].nil?
+      end
+      private :institution_param
+
+      def all_institutions
+        Institutions.institutions
       end
+      private :all_institutions
     end
   end
 end

data/lib/authpds/controllers/authpds_sessions_controller.rb

@@ -2,28 +2,28 @@ module Authpds
   module Controllers
     module AuthpdsSessionsController
 
-    	# GET /user_sessions/new
-    	# GET /login
-    	def new
-    		@user_session = UserSession.new(params)
-    		redirect_to @user_session.login_url(params) unless @user_session.login_url.nil?
-    		raise RuntimeError.new( "Error in #{self.class}.\nNo login url defined") if @user_session.login_url.nil?
-    	end
+      # GET /user_sessions/new
+      # GET /login
+      def new
+        @user_session = UserSession.new(params)
+        redirect_to @user_session.login_url(params) unless @user_session.login_url.nil?
+        raise RuntimeError.new( "Error in #{self.class}.\nNo login url defined") if @user_session.login_url.nil?
+      end
 
-    	# GET /validate
-    	def validate
-    		@user_session = UserSession.create(params[:user_session])
-  	    redirect_to (params[:return_url].nil?) ? root_url : params[:return_url]
-    	end
+      # GET /validate
+      def validate
+        @user_session = UserSession.create(params[:user_session])
+        redirect_to (params[:return_url].nil?) ? root_url : params[:return_url]
+      end
 
-    	# DELETE /user_sessions/1
-    	# GET /logout
-    	def destroy
-    		user_session = UserSession.find
-    		logout_url = user_session.logout_url(params) unless user_session.nil?
-    		user_session.destroy unless user_session.nil?
-    		redirect_to user_session_redirect_url(logout_url)
-    	end
+      # DELETE /user_sessions/1
+      # GET /logout
+      def destroy
+        user_session = UserSession.find
+        logout_url = user_session.logout_url(params) unless user_session.nil?
+        user_session.destroy unless user_session.nil?
+        redirect_to user_session_redirect_url(logout_url)
+      end
     end
   end
 end

data/lib/authpds/exlibris/pds.rb

@@ -4,6 +4,7 @@ module Authpds
       require 'nokogiri'
       require 'uri'
       require 'net/http'
+      require 'net/https'
 
       # Makes a call to the PDS get-attribute API.
       # Defaults attribute equal to "bor_info".
@@ -40,7 +41,6 @@ module Authpds
       # Makes a call get-attribute with attribute "bor_info".
       # Raises an exception if there is an unexpected response.
       class BorInfo < GetAttribute
-
         protected
         def initialize(pds_url, calling_system, pds_handle)
           super(pds_url, calling_system, pds_handle, "bor_info")
@@ -53,12 +53,6 @@ module Authpds
             self.class.send(:attr_reader, pds_attr)
             instance_variable_set("@#{pds_attr}".to_sym, xml_element.inner_text) unless xml_element.inner_text.nil?
           }
-          # bor_info_attributes.each_value { |xml_element|
-          #   pds_attr = xml_element.gsub("-", "_")
-          #   self.class.send(:attr_reader, pds_attr)
-          #   instance_variable_set("@#{pds_attr}".to_sym, 
-          #     @response.at("#{xml_element}").inner_text) unless @response.at("//bor-info/#{xml_element}").nil?
-          # }
         end
       end
     end

data/lib/authpds/session.rb

@@ -1,12 +1,12 @@
 module Authpds
   # == Overview
   # The Authpds gem mixes in callbacks to Authlogic for persisting
-  # sessions based on a valid PDS handle.  
+  # sessions based on a valid PDS handle.
   # The module extends Authlogic and should be compatible with Authlogic configuation.
   # It also provides hooks for custom functionality.
   # The documentation below describes the hooks available, PDS config methods
   # and further details about the module.
-  # 
+  #
   # == Config Options Available
   # :pds_url:: Base pds url
   # :calling_system:: Name of the system (authpds)
@@ -17,7 +17,7 @@ module Authpds
   # :pds_record_identifier:: PDS user method to call to identify record
   # :institution_param_key:: Querystring parameter key for the institution value in this system
   # :validate_url_name:: URL name for validation action in routes (validate_url)
-  # 
+  #
   # == Hooks Available
   # :pds_record_identifier:: Allows for more complex logic in determining what should be used as the record identifier. Defaults to what was set in the pds_record_identifier config.  Returns a Symbol.
   # :valid_sso_session?:: If there is no PDS handle, can we redirect to PDS to establish a SSO session based on some other information?  Returns a Boolean.
@@ -25,15 +25,15 @@ module Authpds
   # :additional_attributes:: Allows for additional attributes to be stored in the record.  Returns a Hash.
   # :expiration_date:: Indicates when the record information should be refreshed.  Defaults to one week ago.  Returns a Date or Time.
   #
-  # == Further Implementation Details 
+  # == Further Implementation Details
   # === Persisting a Session in AuthLogic
-  # When persisting a Session, Authlogic attempts to create the Session based on information available 
+  # When persisting a Session, Authlogic attempts to create the Session based on information available
   # without having to perform an actual login by calling the :persisting? method. Authologic provides several callbacks from the :persisting?
   # method, e.g. :before_persisting, :persist, :after_persisting.  We're using the :persist callback and setting it to :persist_session.
-  # 
+  #
   # === Access to the controller in Session
-  # The class that Session extends, Authologic::Session::Base, has an explicit handle to the current controller via the instance method 
-  # :controller.  This gives our custom instance methods access to cookies, session information, loggers, etc. and also allows them to 
+  # The class that Session extends, Authologic::Session::Base, has an explicit handle to the current controller via the instance method
+  # :controller.  This gives our custom instance methods access to cookies, session information, loggers, etc. and also allows them to
   # perform redirects and renders.
   #
   # === :before_login vs. :login_url
@@ -43,6 +43,7 @@ module Authpds
   module Session
     def self.included(klass)
       klass.class_eval do
+        require 'institutions'
         extend Config
         include AuthpdsCallbackMethods
         include InstanceMethods
@@ -50,7 +51,7 @@ module Authpds
         persist :persist_session
       end
     end
-    
+
     module Config
       # Base pds url
       def pds_url(value = nil)
@@ -106,8 +107,8 @@ module Authpds
         rw_config(:validate_url_name, value, "validate_url")
       end
       alias_method :validate_url_name=, :validate_url_name
-    end 
-    
+    end
+
     module AuthpdsCallbackMethods
       # Hook for more complicated logic to determine PDS user record identifier
       def pds_record_identifier
@@ -118,7 +119,7 @@ module Authpds
       def valid_sso_session?
         return false
       end
-      
+
       # Hook to provide additional authorization requirements
       def additional_authorization
         return true
@@ -128,13 +129,13 @@ module Authpds
       def additional_attributes
         {}
       end
-      
+
       # Hook to update expiration date if necessary
       def expiration_date
         1.week.ago
       end
-    end 
-    
+    end
+
     module InstanceMethods
       require "cgi"
 
@@ -154,7 +155,7 @@ module Authpds
       def logout_url(params={})
         return "#{self.class.pds_url}/pds?func=logout&url=#{CGI::escape(controller.user_session_redirect_url(self.class.redirect_logout_url))}"
       end
-      
+
       # URL to redirect to in the case of establishing a SSO session.
       def sso_url(params={})
         return "#{self.class.pds_url}/pds?func=sso&institute=#{institution_attributes["link_code"]}&calling_system=#{self.class.calling_system}&url=#{CGI::escape(validate_url(params))}"
@@ -171,7 +172,7 @@ module Authpds
           return nil
         end
       end
-      
+
       private
       def authenticated?
         authenticate
@@ -199,10 +200,10 @@ module Authpds
         # If PDS user is not nil (PDS session already established), authorize
         !pds_user.nil? && additional_authorization
       end
-      
+
       # Get the record associated with this PDS user.
       def get_record(login)
-    		record = klass.find_by_smart_case_login_field(login)
+        record = klass.find_by_smart_case_login_field(login)
         record = klass.new login_field => login if record.nil?
         return record
       end
@@ -214,7 +215,7 @@ module Authpds
         # Do this part only if user data has expired.
         if self.attempted_record.expired?
           pds_attributes.each do |record_attr, pds_attr|
-            self.attempted_record.send("#{record_attr}=".to_sym, 
+            self.attempted_record.send("#{record_attr}=".to_sym,
               pds_user.send(pds_attr.to_sym)) if self.attempted_record.respond_to?("#{record_attr}=".to_sym)
           end
           pds_user.class.public_instance_methods(false).each do |pds_attr_reader|
@@ -224,10 +225,10 @@ module Authpds
         end
         self.attempted_record.user_attributes= additional_attributes
       end
-      
-    	# Returns the URL for validating a UserSession on return from a remote login system.
-    	def validate_url(params={})
-    		url = controller.send(validate_url_name, :return_url => controller.user_session_redirect_url(params[:return_url]))
+
+      # Returns the URL for validating a UserSession on return from a remote login system.
+      def validate_url(params={})
+        url = controller.send(validate_url_name, :return_url => controller.user_session_redirect_url(params[:return_url]))
         return url if params.nil? or params.empty?
         url << "?" if url.match('\?').nil?
         params.each do |key, value|
@@ -235,18 +236,18 @@ module Authpds
           url << "&#{self.class.calling_system}_#{key}=#{value}"
         end
         return url
-    	end
-    	
+      end
+
       def validate_url_name
         @validate_url_name ||= self.class.validate_url_name
       end
 
       def institution_attributes
-        @institution_attributes = 
+        @institution_attributes =
           (controller.current_primary_institution.nil? or controller.current_primary_institution.login.nil?) ?
             {} : controller.current_primary_institution.login
       end
-      
+
       def pds_attributes
         @pds_attributes ||= self.class.pds_attributes
       end