card 1.16.12 → 1.16.13

data/db/seed/test/seed.rb

@@ -2,19 +2,17 @@
 require 'timecop'
 
 class SharedData
-  #attr_accessor :users
   USERS = [
-            'Joe User', 'Joe Admin', 'Joe Camel', 'Sample User', 'No count',
-            'u1', 'u2', 'u3',
-            'Big Brother', 'Optic fan', 'Sunglasses fan', 'Narcissist'
-           ]
+    'Joe User', 'Joe Admin', 'Joe Camel', 'Sample User', 'No count',
+    'u1', 'u2', 'u3',
+    'Big Brother', 'Optic fan', 'Sunglasses fan', 'Narcissist'
+  ]
 
   def self.account_args hash
-    { "+*account" => { "+*password" =>'joe_pass' }.merge( hash ) }
+    { "+*account" => { "+*password" => 'joe_pass' }.merge(hash) }
   end
 
   def self.add_test_data
-
     Card::Cache.reset_global
     Card::Env.reset
     Card::Auth.as_bot
@@ -52,13 +50,12 @@ class SharedData
     #above still necessary?  try commenting out above and 'Sign up' below
     Card::Auth.current_id = Card::WagnBotID # need to reset after creating sign up, which changes current_id for extend phase
 
+    no_samples = %( user sign_up set number list listed_by )
     Card::Auth.createable_types.each do |type|
-      next if ['User', 'Sign up', 'Set', 'Number', 'List', 'Listed by'].include? type
+      next if no_samples.include? type.to_name.key
       Card.create! type: type, name: "Sample #{type}"
     end
 
-
-
     # data for role_test.rb
 
     Card.create! name: 'u1', type_code: 'user', subcards: account_args('+*email'=>'u1@user.com', '+*password'=>'u1_pass')

data/db/version_core_cards.txt

@@ -1 +1 @@
-20150910085603
+20151120180631

data/lib/card/auth.rb

@@ -13,33 +13,67 @@ class Card
     class << self
       # Authenticates a user by their login name and unencrypted password.
       def authenticate email, password
-        accounted = Auth[email]
-        return unless accounted && (account = accounted.account) &&
-                      account.active?
-        if Card.config.no_authentication ||
-           password_authenticated?(account, password.strip)
-          accounted.id
+        account = Auth[email]
+        case
+        when !account                                 then nil
+        when !account.active?                         then nil
+        when Card.config.no_authentication            then account
+        when password_valid?(account, password.strip) then account
         end
       end
 
-      def password_authenticated? account, password
+      def password_valid? account, password
         account.password == encrypt(password, account.salt)
       end
 
+      def set_current_from_token token, current=nil
+        account = find_by_token token
+        if account && account.validate_token!(token)
+          unless current && always_ok_usr_id?(account.left_id)
+            current = account.left_id
+          end
+          set_current_from_mark current
+        elsif Env.params[:live_token]
+          true
+          # Used for activations and resets.
+          # Continue as anonymous and address problem later
+        else
+          false
+        end
+      end
+
+      def set_current_from_mark mark
+        self.current_id =
+          if mark.to_s =~ /@/
+            account = Auth[mark.downcase]
+            account && account.active? ? account.left_id : Card::AnonymousID
+          else
+            mark
+          end
+      end
+
+      def find_by_token token
+        Auth.as_bot do
+          Card.search(
+            right_id: Card::AccountID,
+            right_plus: [{ id: Card::TokenID }, { content: token.strip }]
+          ).first
+        end
+      end
+
       # Encrypts some data with the salt.
       def encrypt password, salt
         Digest::SHA1.hexdigest "#{salt}--#{password}--"
       end
 
-      # find accounted by email
+      # find account by email
       def [] email
+        email = email.strip.downcase
         Auth.as_bot do
-          Card.search(right_plus: [
-            { id: Card::AccountID },
-            { right_plus: [
-              { id: Card::EmailID }, { content: email.strip.downcase }
-            ] }
-          ]).first
+          Card.search(
+            right_id: Card::AccountID,
+            right_plus: [{ id: Card::EmailID }, { content: email }]
+          ).first
         end
       end
 
@@ -78,6 +112,7 @@ class Card
 
       def current_id= card_id
         @@current = @@as_id = @@as_card = nil
+        card_id = card_id.to_i if card_id.present?
         @@current_id = card_id
       end
 
@@ -90,15 +125,21 @@ class Card
       end
 
       def as given_user
-        tmp_id, tmp_card = @@as_id, @@as_card
+        tmp_id   = @@as_id
+        tmp_card = @@as_card
+
+        @@as_id   = get_user_id(given_user)
+        @@as_card = nil
         # we could go ahead and set as_card if given a card...
-        @@as_id, @@as_card = get_user_id(given_user), nil
 
         @@current_id = @@as_id if @@current_id.nil?
 
         return unless block_given?
         value = yield
-        @@as_id, @@as_card = tmp_id, tmp_card
+
+        @@as_id   = tmp_id
+        @@as_card = tmp_card
+
         value
       end
 
@@ -146,8 +187,12 @@ class Card
       end
 
       def always_ok?
-        # warn Rails.logger.warn("aok? #{as_id}, #{as_id&&Card[as_id].id}")
-        return false unless (usr_id = as_id)
+        usr_id = as_id
+        return false if !usr_id
+        always_ok_usr_id? usr_id
+      end
+
+      def always_ok_usr_id? usr_id
         return true if usr_id == Card::WagnBotID # cannot disable
 
         always = Card.cache.read('ALWAYS') || {}
@@ -163,6 +208,7 @@ class Card
         # warn Rails.logger.warn("aok? #{usr_id}, #{always[usr_id]}")
         always[usr_id]
       end
+
       # PERMISSIONS
 
       def createable_types

data/lib/card/cache.rb

@@ -54,11 +54,13 @@ class Card
       end
 
       def generate_cache_id
-        ((Time.now.to_f * 100).to_i).to_s + ('a'..'z').to_a[rand(26)] + ('a'..'z').to_a[rand(26)]
+        ((Time.now.to_f * 100).to_i).to_s +
+          ('a'..'z').to_a[rand(26)] +
+          ('a'..'z').to_a[rand(26)]
       end
 
       def reset_global
-        cache_by_class.each do |klass, cache|
+        cache_by_class.each do |_klass, cache|
           cache.reset hard=true
         end
         Card::Codename.reset_cache
@@ -67,9 +69,11 @@ class Card
 
       def reset_local
         cache_by_class.each do |cc, cache|
-          if Card::Cache===cache
+          if Card::Cache === cache
             cache.reset_local
-          else warn "reset class #{cc}, #{cache.class} #{caller[0..8]*"\n"} ???" end
+          else
+            warn "reset class #{cc}, #{cache.class} #{caller[0..8] * "\n"} ???"
+          end
         end
       end
 
@@ -91,20 +95,16 @@ class Card
       private
 
       def prepopulate
-        if @@prepopulating
-          @@rule_cache      ||= Card.rule_cache
-          @@read_rule_cache ||= Card.read_rule_cache
-          @@user_ids_cache  ||= Card.user_ids_cache
-          @@rule_keys_cache ||= Card.rule_keys_cache
-          Card.cache.write_local 'RULES', @@rule_cache
-          Card.cache.write_local 'READRULES', @@read_rule_cache
-          Card.cache.write_local 'USER_IDS', @@user_ids_cache
-          Card.cache.write_local 'RULE_KEYS', @@rule_keys_cache
-        end
+        return unless @@prepopulating
+        @@rule_cache ||= Card.rule_cache
+        @@user_ids_cache ||= Card.user_ids_cache
+        @@read_rule_cache ||= Card.read_rule_cache
+        @@rule_keys_cache ||= Card.rule_keys_cache
+        Card.cache.write_local 'RULES', @@rule_cache
+        Card.cache.write_local 'READRULES', @@read_rule_cache
+        Card.cache.write_local 'USER_IDS', @@user_ids_cache
+        Card.cache.write_local 'RULE_KEYS', @@rule_keys_cache
       end
-
-
-
     end
 
     attr_reader :prefix, :store, :klass
@@ -179,7 +179,7 @@ class Card
 
     def delete key
       @store.delete(@prefix + key) if @store
-      @local.delete key
+      delete_local key
     end
 
     def delete_local key

data/lib/card/env.rb

@@ -66,29 +66,29 @@ class Card
       #include Card::Location
 
       def location_history
-        #warn "sess #{session.class}, #{session.object_id}"
         session[:history] ||= [Card::Location.card_path('')]
-        if session[:history]
-          session[:history].shift if session[:history].size > 5
-          session[:history]
-        end
+        session[:history].shift if session[:history].size > 5
+        session[:history]
       end
 
       def save_location card
-        return if Env.ajax? || !Env.html? || !card.known? || (card.codename == 'signin')
+        return if Env.ajax? || !Env.html? || !card.known? ||
+                  (card.codename == 'signin')
         discard_locations_for card
-        session[:previous_location] = Card::Location.card_path card.cardname.url_key
+        session[:previous_location] =
+          Card::Location.card_path card.cardname.url_key
         location_history.push previous_location
       end
 
       def previous_location
-        session[:previous_location] ||= location_history.last if location_history
+        return unless location_history
+        session[:previous_location] ||= location_history.last
       end
 
-      def discard_locations_for(card)
+      def discard_locations_for card
         # quoting necessary because cards have things like "+*" in the names..
         session[:history] = location_history.reject do |loc|
-          if url_key = url_key_for_location(loc)
+          if (url_key = url_key_for_location(loc))
             url_key.to_name.key == card.key
           end
         end.compact

data/lib/card/format.rb

@@ -443,8 +443,9 @@ class Card
     end
 
     def nest nested_card, opts={}
-      #ActiveSupport::Notifications.instrument('card', message: "nest: #{nested_card.name}, #{opts}") do
-      opts.delete_if { |k,v| v.nil? }
+      # ActiveSupport::Notifications.instrument('card', message:
+      # "nest: #{nested_card.name}, #{opts}") do
+      opts.delete_if { |_k, v| v.nil? }
       opts.reverse_merge! inclusion_defaults(nested_card)
 
       sub = nil
@@ -455,37 +456,48 @@ class Card
         sub.inclusion_opts = opts[:items] ? opts[:items].clone : {}
       end
 
-
       view = canonicalize_view opts.delete :view
       opts[:home_view] = [:closed, :edit].member?(view) ? :open : view
       # FIXME: special views should be represented in view definitions
 
-      view = case @mode
-      when :edit
-        not_ready_for_form = @@perms[view]==:none || nested_card.structure || nested_card.key.blank? # eg {{_self|type}} on new cards
-        not_ready_for_form ? :blank : :edit_in_form
-      when :template
-        :template_rule
-      when :closed
-        case
-        when @@closed_views[view] == true || @@error_codes[view] ; view
-        when specified_view = @@closed_views[view]               ; specified_view
-        when !nested_card.known?                                 ; :closed_missing
-        else                                                     ; :closed_content
+      view =
+        case @mode
+        when :edit     then view_in_edit_mode(view, nested_card)
+        when :template then :template_rule
+        when :closed   then view_in_closed_mode(view, nested_card)
+        else                view
         end
-      else
-        view
-      end
 
       sub.optional_render view, opts
-      #end
+      # end
+    end
+
+    def view_in_edit_mode homeview, nested_card
+      not_in_form =
+        @@perms[homeview] == :none || # view configured not to keep in form
+        nested_card.structure || #      not yet nesting structures
+        nested_card.key.blank? #        eg {{_self|type}} on new cards
+
+      not_in_form ? :blank : :edit_in_form
+    end
+
+    def view_in_closed_mode homeview, nested_card
+      approved_view = @@closed_views[homeview]
+      case
+      when approved_view == true   then homeview
+      when @@error_codes[homeview] then homeview
+      when approved_view           then approved_view
+      when !nested_card.known?     then :closed_missing
+      else                              :closed_content
+      end
     end
 
     def get_inclusion_content cardname
-      content = params[cardname.to_s.gsub(/\+/,'_')]
+      content = params[cardname.to_s.tr('+', '_')]
 
-      # CLEANME This is a hack to get it so plus cards re-populate on failed signups
-      if p = params['subcards'] and card_params = p[cardname.to_s]
+      # CLEANME This is a hack so plus cards re-populate on failed signups
+      p = params['subcards']
+      if p && card_params = p[cardname.to_s]
         content = card_params['content']
       end
       content if content.present?  # why is this necessary? - efm
@@ -510,26 +522,26 @@ class Card
       :name
     end
 
-
     #
     # ------------ LINKS ---------------
     #
 
     def add_class options, klass
-      options[:class] = [ options[:class], klass ].flatten.compact * ' '
+      options[:class] = [options[:class], klass].flatten.compact * ' '
     end
 
-
     def unique_id
       "#{card.key}-#{Time.now.to_i}-#{rand(3)}"
     end
 
-    def format_date date, include_time = true
-      # Must use DateTime because Time doesn't support %e on at least some platforms
+    def format_date date, include_time=true
+      # using DateTime because Time doesn't support %e on some platforms
       if include_time
-        DateTime.new(date.year, date.mon, date.day, date.hour, date.min, date.sec).strftime("%B %e, %Y %H:%M:%S")
+        DateTime.new(
+          date.year, date.mon, date.day, date.hour, date.min, date.sec
+        ).strftime('%B %e, %Y %H:%M:%S')
       else
-        DateTime.new(date.year, date.mon, date.day).strftime("%B %e, %Y")
+        DateTime.new(date.year, date.mon, date.day).strftime('%B %e, %Y')
       end
     end
 
@@ -538,7 +550,6 @@ class Card
       @context_names += name.to_name.part_names
       @context_names.uniq!
     end
-
   end
 end
 

data/lib/card/location.rb

@@ -1,8 +1,7 @@
 class Card
-
   module Location
-    #
-    # page_path    takes a Card::Name, adds the format and query string to url_key (site-absolute)
+    # page_path    takes a Card::Name, adds the format and query string to
+    #              url_key (site-absolute)
     # card_path    makes a relative path site-absolute (if not already)
     # card_url     makes it a full url (if not already)
 
@@ -34,5 +33,4 @@ class Card
 
     extend Location
   end
-
-end
+end

data/lib/card/subcards.rb

@@ -98,11 +98,8 @@ class Card
 
     def rename old_name, new_name
       return unless @keys.include? old_name.to_name.key
-
     end
 
-
-
     def << value
       add value
     end

data/lib/card/success.rb

@@ -11,9 +11,6 @@ class Card
       case success_params
       when Hash
         apply(success_params)
-      when /^REDIRECT:\s*(.+)/
-        @redirect=true
-        self.target = $1
       when nil  ;  self.name = '_self'
       else      ;  self.target = success_params
       end
@@ -59,14 +56,20 @@ class Card
 
     def target= value
       @id = @name = @card = nil
-      @target =
-        case value
-        when '*previous', :previous ;  :previous
-        when /^(http|\/)/           ;  value
-        when /^TEXT:\s*(.+)/        ;  $1
-        when ''                     ;  ''
-        else                        ;  self.mark = value
-        end
+      @target = process_target value
+    end
+
+    def process_target value
+      case value
+      when ''                     then ''
+      when '*previous', :previous then :previous
+      when /^(http|\/)/           then value
+      when /^TEXT:\s*(.+)/        then  $1
+      when /^REDIRECT:\s*(.+)/
+        @redirect = true
+        process_target $1
+      else self.mark = value
+      end
     end
 
     def apply args