bpluser 0.0.3

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 71b514669c4cda23e927e192539a04751fccf195
+  data.tar.gz: 674482be6c1eb831d6e563e480410bf1aec5fc65
+SHA512:
+  metadata.gz: f810437e8fe0eabf46acc3b62b0094859b3dd42f677e25c95951071b10699c1a42b3a7361eb335db4235c45a08cdd726f1f9835599a9fec433333ca1872082fc
+  data.tar.gz: bd65bb29bca8a56f4347c732fa95709b7391b56aada53c9a1e15a7bd6b6ce050dce08389d20dada05900ff128e41c6ceddda663c8d2592f20a7707f87bc307fa

data/MIT-LICENSE

@@ -0,0 +1,21 @@
+Copyright 2013 Boston Public Library
+         git a
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.rdoc

@@ -0,0 +1,3 @@
+= Bpluser
+
+This project rocks.

data/Rakefile

@@ -0,0 +1,16 @@
+# encoding: UTF-8
+require 'rubygems'
+begin
+  require 'bundler/setup'
+rescue LoadError
+  puts 'You must `gem install bundler` and `bundle install` to run rake tasks'
+end
+
+require 'rake'
+Bundler::GemHelper.install_tasks
+
+# load rake tasks defined in lib/tasks that are not loaded in lib/active_fedora.rb
+load "tasks/bpluser_tasks.rake"
+
+
+task :default => :test

data/app/assets/javascripts/bpluser/application.js

@@ -0,0 +1,15 @@
+// This is a manifest file that'll be compiled into application.js, which will include all the files
+// listed below.
+//
+// Any JavaScript/Coffee file within this directory, lib/assets/javascripts, vendor/assets/javascripts,
+// or vendor/assets/javascripts of plugins, if any, can be referenced here using a relative path.
+//
+// It's not advisable to add code directly here, but if you do, it'll appear at the bottom of the
+// the compiled file.
+//
+// WARNING: THE FIRST BLANK LINE MARKS THE END OF WHAT'S TO BE PROCESSED, ANY BLANK LINE SHOULD
+// GO AFTER THE REQUIRES BELOW.
+//
+//= require jquery
+//= require jquery_ujs
+//= require_tree .

data/app/assets/stylesheets/bpluser/application.css

@@ -0,0 +1,13 @@
+/*
+ * This is a manifest file that'll be compiled into application.css, which will include all the files
+ * listed below.
+ *
+ * Any CSS and SCSS file within this directory, lib/assets/stylesheets, vendor/assets/stylesheets,
+ * or vendor/assets/stylesheets of plugins, if any, can be referenced here using a relative path.
+ *
+ * You're free to add application-wide styles to this file and they'll appear at the top of the
+ * compiled file, but it's generally better to create a new file per style scope.
+ *
+ *= require_self
+ *= require_tree .
+ */

data/app/controllers/bpluser/application_controller.rb

@@ -0,0 +1,4 @@
+module Bpluser
+  class ApplicationController < ActionController::Base
+  end
+end

data/app/controllers/bpluser/users/omniauth_callbacks_controller.rb

@@ -0,0 +1,56 @@
+module Bpluser::Users::OmniauthCallbacksController
+
+
+  def self.included(base)
+    base.send :include, InstanceMethods
+  end
+
+  module InstanceMethods
+
+
+    def ldap
+
+      puts request.env["omniauth.auth"]
+
+
+      @user = User.find_for_ldap_oauth(request.env["omniauth.auth"], current_user)
+
+      if @user.persisted?
+        puts 'persisted'
+        flash[:notice] = I18n.t "devise.omniauth_callbacks.success", :kind => "Ldap"
+        sign_in_and_redirect @user, :event => :authentication
+      else
+        session["devise.ldap_data"] = request.env["omniauth.auth"]
+        redirect_to new_user_registration_url
+      end
+    end
+
+    def polaris
+      @user = User.find_for_polaris_oauth(request.env["omniauth.auth"], current_user)
+      if @user.persisted?
+        flash[:notice] = I18n.t "devise.omniauth_callbacks.success", :kind => "Polaris"
+        sign_in_and_redirect @user, :event => :authentication
+      else
+        session["devise.polaris_data"] = request.env["omniauth.auth"]
+        redirect_to new_user_registration_url
+      end
+    end
+
+    def password
+      puts "here in local authentication!"
+    end
+
+    def facebook
+      # You need to implement the method below in your model (e.g. app/models/user.rb)
+      @user = User.find_for_facebook_oauth(request.env["omniauth.auth"], current_user)
+
+      if @user.persisted?
+        sign_in_and_redirect @user, :event => :authentication #this will throw if @user is not activated
+        set_flash_message(:notice, :success, :kind => "Facebook") if is_navigational_format?
+      else
+        session["devise.facebook_data"] = request.env["omniauth.auth"]
+        redirect_to new_user_registration_url
+      end
+    end
+  end
+end

data/app/controllers/bpluser/users/registrations_controller.rb

@@ -0,0 +1,30 @@
+module Bpluser::Users::RegistrationsController
+#< Devise::RegistrationsController
+  def self.included(base)
+    base.send :before_filter, :update_sanitized_params, :if => :devise_controller?
+    base.send :include, InstanceMethods
+  end
+
+  module InstanceMethods
+    def update_sanitized_params
+      devise_parameter_sanitizer.for(:sign_up) {|u| u.permit(:provider, :username, :email, :password, :password_confirmation, :remember_me, :first_name, :last_name, :display_name, :uid)}
+      devise_parameter_sanitizer.for(:account_update) {|u| u.permit(:provider, :username, :email, :password, :password_confirmation, :remember_me, :first_name, :last_name, :display_name, :uid)}
+    end
+
+    # POST /resource
+    def create
+      #devise_parameter_sanitizer.for(:sign_up) { |u| u.permit(:username, :email, :first_name, :last_name, :provider, :display_name, :password, :password_confirmation, :uid) }
+      params[:user][:provider] = "local"
+      params[:user][:uid] = params[:user][:email]
+      params[:user][:username] = params[:user][:uid]
+      params[:user][:display_name] = params[:user][:first_name] + " " + params[:user][:last_name]
+      super
+    end
+
+
+    def resource_params
+      params.require(:user).permit(:username, :email, :first_name, :last_name, :provider, :display_name, :password, :password_confirmation, :uid)
+    end
+
+  end
+end

data/app/controllers/bpluser/users/sessions_controller.rb

@@ -0,0 +1,23 @@
+module Bpluser::Users::SessionsController
+#< Devise::RegistrationsController
+  def self.included(base)
+    base.send :include, InstanceMethods
+  end
+
+  module InstanceMethods
+    # GET /resource/sign_in
+    def new
+      if params[:user]
+        #TODO: FIX THIS
+        params[:user][:provider] = "local"
+      end
+
+      super
+    end
+
+    def resource_params
+      params.require(:user).permit(:username, :email, :first_name, :last_name, :provider, :display_name, :password, :password_confirmation, :uid)
+    end
+
+  end
+end

data/app/helpers/bpluser/application_helper.rb

@@ -0,0 +1,4 @@
+module Bpluser
+  module ApplicationHelper
+  end
+end

data/app/models/bpluser/ability.rb

@@ -0,0 +1,19 @@
+module Bpluser::Ability
+
+  def self.included(base)
+    base.send :include, InstanceMethods
+  end
+
+  module InstanceMethods
+    def initialize(user)
+      #can :read, :all
+      if user.superuser?
+        can [:create, :show, :add_user, :edit, :remove_user, :index], Role
+        can [:create, :show, :add_user, :edit, :remove_user, :index], Institution
+      end
+
+
+    end
+  end
+
+end

data/app/models/bpluser/folder.rb

@@ -0,0 +1,21 @@
+module Bpluser
+  class Folder < ActiveRecord::Base
+
+    belongs_to :user
+    has_many :folder_items, :dependent => :destroy, :class_name => "Bpluser::FolderItem"
+
+    validates :user_id, :presence => true
+    validates :title, :presence => true, :length => {:maximum => 40}
+    validates :description, :length => {:maximum => 250}
+    validates :visibility, :inclusion  => {:in => %w(public private)}
+
+    #attr_accessible :id, :title, :description, :visibility
+
+    def has_folder_item (document_id)
+      self.folder_items.find do |fldr_itm|
+        return fldr_itm if fldr_itm.document_id == document_id
+      end
+    end
+
+  end
+end

data/app/models/bpluser/folder_item.rb

@@ -0,0 +1,15 @@
+module Bpluser
+  class FolderItem < ActiveRecord::Base
+    #attr_accessible :document_id
+
+    belongs_to :folder, :class_name => "Bpluser::Folder"
+
+    validates :folder_id, :presence => true
+    validates :document_id, :presence => true
+
+    def document
+      SolrDocument.new SolrDocument.unique_key => :document_id
+    end
+
+  end
+end

data/app/models/bpluser/user.rb

@@ -0,0 +1,196 @@
+module Bpluser::User
+
+
+  def self.included(base)
+    base.send :devise, :database_authenticatable, :registerable,
+              :recoverable, :rememberable, :trackable, :validatable, :omniauthable, :omniauth_providers => [:ldap, :polaris, :facebook]
+    #base.send :attr_accessible, :provider, :username, :email, :password, :password_confirmation, :remember_me, :first_name, :last_name, :display_name, :uid
+    base.send :has_many, :user_institutions, :class_name => "Bpluser::UserInstitution"
+    base.send :has_many, :folders, :dependent => :destroy, :class_name => "Bpluser::Folder"
+    base.extend(ClassMethods)
+    base.send :include, InstanceMethods
+
+  end
+
+  module ClassMethods
+    def find_for_ldap_oauth(auth_response, signed_in_resource=nil)
+
+
+      ldap_raw_details = auth_response[:extra][:raw_info]
+      ldap_info_details = auth_response[:info]
+
+      puts 'IN LDAP OAUTH'
+      puts ldap_raw_details.samaccountname[0].downcase
+
+      user = User.where(:provider => auth_response.provider, :uid => ldap_raw_details.samaccountname[0].downcase).first
+
+      #first_name:ldap_info_details.first_name,
+      #last_name:ldap_info_details.last_name,
+      unless user
+        user = User.create(provider:auth_response.provider,
+                           uid:ldap_raw_details.samaccountname[0].downcase,
+                           username:ldap_raw_details.samaccountname[0].downcase,
+                           email:ldap_raw_details.mail[0].to_s.downcase,
+                           password:Devise.friendly_token[0,20],
+                           display_name: ldap_info_details.first_name + " " + ldap_info_details.last_name,
+                           first_name: ldap_info_details.first_name,
+                           last_name: ldap_info_details.last_name
+        )
+      end
+      groups = user.ldap_groups
+      groups.each do |group|
+        if(group == "Repository Administrators")
+          superuser_role = Role.where(:name=>'superuser').first
+          if(superuser_role == nil)
+            superuser_role = Role.create(:name=>"superuser")
+          end
+          user.roles << superuser_role unless user.roles.include?(superuser_role)
+          user.save!
+
+          admin_role = Role.where(:name=>'admin').first
+          if(admin_role == nil)
+            admin_role = Role.create(:name=>"admin")
+          end
+          user.roles << admin_role unless user.roles.include?(admin_role)
+          user.save!
+        end
+
+      end
+
+      user
+    end
+
+    def find_for_polaris_oauth(auth_response, signed_in_resource=nil)
+      polaris_raw_details = auth_response[:extra][:raw_info]
+      polaris_info_details = auth_response[:info]
+
+      user = User.where(:provider => auth_response.provider, :uid => auth_response[:uid]).first
+
+      #first_name:ldap_info_details.first_name,
+      #last_name:ldap_info_details.last_name,
+      unless user
+        user = User.create(provider:auth_response.provider,
+                           uid:auth_response[:uid],
+                           username:polaris_info_details[:first_name],
+                           email:polaris_info_details[:email],
+                           password:Devise.friendly_token[0,20],
+                           display_name:polaris_info_details[:first_name] + " " + polaris_info_details[:last_name],
+                           first_name: polaris_info_details[:first_name],
+                           last_name: polaris_info_details[:last_name]
+
+        )
+
+      end
+      user
+    end
+
+    def find_for_facebook_oauth(auth, signed_in_resource=nil)
+      user = User.where(:provider => auth.provider, :uid => auth.uid).first
+      unless user
+        user = User.create(display_name:auth.extra.raw_info.name,
+                           uid:auth.uid,
+                           provider:auth.provider,
+                           username:auth.info.nickname,
+                           email:auth.info.email,
+                           password:Devise.friendly_token[0,20] ,
+                           first_name:auth.extra.raw_info.first_name,
+                           last_name:auth.extra.raw_info.last_name
+        )
+      end
+      user
+    end
+
+    def find_for_local_auth(auth, signed_in_resource=nil)
+      user = User.where(:provider => auth.provider, :uid => auth.uid).first
+      unless user
+        user = User.create(display_name:auth.extra.raw_info.name,
+                           uid:auth.uid,
+                           provider:auth.provider,
+                           username:auth.info.nickname,
+                           email:auth.info.email,
+                           password:Devise.friendly_token[0,20] ,
+                           first_name:auth.extra.raw_info.first_name,
+                           last_name:auth.extra.raw_info.last_name
+        )
+      end
+      user
+    end
+
+
+    # This method should find User objects using the user_key you've chosen.
+    # By default, uses the unique identifier specified in by devise authentication_keys (ie. find_by_id, or find_by_email).
+    # You must have that find method implemented on your user class, or must override find_by_user_key
+    #def find_by_user_key(key)
+      #self.send("find_by_#{Devise.authentication_keys.first}".to_sym, key)
+    #end
+  end
+
+  #has_and_belongs_to_many :groups
+
+  # Method added by Blacklight; Blacklight uses #to_s on your
+  # user class to get a user-displayable login/identifier for
+  # the account.
+
+  # The following methods will be included in any active model object
+  # that calls "is_blacklight_user"
+  module InstanceMethods
+
+
+    def to_s
+      self.username
+    end
+
+    def name
+      return self.username rescue self.display_name.titleize
+    end
+
+    def user_key
+      send(Devise.authentication_keys.first)
+    end
+
+
+    def ldap_groups
+      #Hydra::LDAP.groups_for_user(username + ",dc=psu,dc=edu")
+      #['archivist', 'admin_policy_object_editor']
+
+      Hydra::LDAP.groups_for_user(Net::LDAP::Filter.eq('samaccountname', self.username), ['memberOf'])  { |result| result.first[:memberOf].select{ |y| y.starts_with? 'CN=' }.map{ |x| x.sub(/^CN=/, '').sub(/,OU=Private Groups,DC=private,DC=bpl,DC=org/, '').sub(/,OU=Distribution Lists/, '').sub(/,OU=Security Groups/, '') } } rescue []
+    end
+
+    def populate_attributes
+
+    end
+
+    def default_user_groups
+      # # everyone is automatically a member of the group 'public'
+      #['public', 'test']
+    end
+
+    def get_uploads_collection
+      query="rightsMetadata_edit_access_machine_person_t:#{uid} AND title_s:Uploads AND has_model_s:info\\:fedora/afmodel\\:DILCollection"
+      ActiveFedora::SolrService.query(query, {:fl=>'id title_t'})
+    end
+
+    def get_details_collection
+      query="rightsMetadata_edit_access_machine_person_t:#{uid} AND title_s:Details AND has_model_s:info\\:fedora/afmodel\\:DILCollection"
+      ActiveFedora::SolrService.query(query, {:fl=>'id title_t'})
+    end
+
+    def collections
+      query="rightsMetadata_edit_access_machine_person_t:#{uid} AND NOT title_t:Uploads AND NOT title_t:Details AND has_model_s:info\\:fedora/afmodel\\:DILCollection"
+      ActiveFedora::SolrService.query(query, {:fl=>'id title_t'})
+    end
+
+    def existing_folder_item_for (document_id)
+      self.folders.find do |fldr|
+        fldr.folder_items.find do |fldr_itm|
+          return fldr_itm if fldr_itm.document_id == document_id
+        end
+      end
+    end
+
+    def superuser?
+      roles.where(name: 'superuser').exists?
+    end
+
+  end
+end