ccls-calnet_authenticated 1.3.2
Sign up to get free protection for your applications and to get access to all the features.
- data/README.rdoc +59 -0
- data/generators/calnet_authenticated/USAGE +15 -0
- data/generators/calnet_authenticated/calnet_authenticated_generator.rb +118 -0
- data/generators/calnet_authenticated/templates/autotest_calnet_authenticated.rb +3 -0
- data/generators/calnet_authenticated/templates/calnet_authenticated.rake +6 -0
- data/generators/calnet_authenticated/templates/controllers/sessions_controller.rb +8 -0
- data/generators/calnet_authenticated/templates/controllers/users_controller.rb +40 -0
- data/generators/calnet_authenticated/templates/functional/sessions_controller_test.rb +68 -0
- data/generators/calnet_authenticated/templates/functional/users_controller_test.rb +94 -0
- data/generators/calnet_authenticated/templates/migration.rb +41 -0
- data/generators/calnet_authenticated/templates/views/users/_form.html.erb +27 -0
- data/generators/calnet_authenticated/templates/views/users/edit.html.erb +1 -0
- data/generators/calnet_authenticated/templates/views/users/index.html.erb +26 -0
- data/generators/calnet_authenticated/templates/views/users/menu.js.erb +4 -0
- data/generators/calnet_authenticated/templates/views/users/new.html.erb +1 -0
- data/generators/calnet_authenticated/templates/views/users/show.html.erb +19 -0
- data/lib/calnet_authenticated.rb +83 -0
- data/lib/calnet_authenticated/autotest.rb +54 -0
- data/lib/calnet_authenticated/calnet_user.rb +89 -0
- data/lib/calnet_authenticated/controller.rb +94 -0
- data/lib/calnet_authenticated/test_helper.rb +100 -0
- data/lib/calnet_authenticated/test_tasks.rb +42 -0
- data/lib/ccls-calnet_authenticated.rb +1 -0
- data/rails/init.rb +4 -0
- data/test/unit/calnet/user_test.rb +137 -0
- metadata +222 -0
data/README.rdoc
ADDED
@@ -0,0 +1,59 @@
|
|
1
|
+
= CalNet Authenticated
|
2
|
+
|
3
|
+
In Heavy Development ...
|
4
|
+
|
5
|
+
This is a "rails" gem, so much of the code will
|
6
|
+
be for testing in a rails app, but will not be
|
7
|
+
included in the actual gem.
|
8
|
+
|
9
|
+
== ToDo
|
10
|
+
|
11
|
+
* Include migrations with an rsync or a generator
|
12
|
+
* preferably a generator, but they are diff in rails 3
|
13
|
+
* rake task require mods to the Rakefile
|
14
|
+
* append requirement to Rakefile ?
|
15
|
+
* perhaps add initializer (don't know how rails 3 does it)
|
16
|
+
* import some tests
|
17
|
+
* include any test helpers for users
|
18
|
+
* Cleanup code. Isolate requirements
|
19
|
+
* Too many quirks to keep controllers and views in gem so install them in app with generator.
|
20
|
+
|
21
|
+
== Installation / Usage
|
22
|
+
|
23
|
+
config.gem 'ccls-calnet_authenticated',
|
24
|
+
:source => 'http://rubygems.org'
|
25
|
+
|
26
|
+
class User
|
27
|
+
calnet_authenticated
|
28
|
+
end
|
29
|
+
|
30
|
+
# Generates a db migration
|
31
|
+
script/generate calnet_authenticated User
|
32
|
+
|
33
|
+
As some methods, like current_user, are flexible
|
34
|
+
and dependent upon the developer's choice of user
|
35
|
+
model, eager loading isn't good enough.
|
36
|
+
The developer will need to ensure that the model
|
37
|
+
is always around. I chose to simply add ...
|
38
|
+
|
39
|
+
require 'user' <- or whatever your user model is
|
40
|
+
|
41
|
+
to the bottom of my config/environment.rb outside
|
42
|
+
of the initializer block.
|
43
|
+
|
44
|
+
|
45
|
+
== Gemified with Jeweler
|
46
|
+
|
47
|
+
vi Rakefile
|
48
|
+
rake version:write
|
49
|
+
|
50
|
+
rake version:bump:patch
|
51
|
+
rake version:bump:minor
|
52
|
+
rake version:bump:major
|
53
|
+
|
54
|
+
rake gemspec
|
55
|
+
|
56
|
+
rake install
|
57
|
+
rake release
|
58
|
+
|
59
|
+
Copyright (c) 2010 [George 'Jake' Wendt], released under the MIT license
|
@@ -0,0 +1,118 @@
|
|
1
|
+
#class CalnetAuthenticatedGenerator < Rails::Generator::NamedBase
|
2
|
+
class CalnetAuthenticatedGenerator < Rails::Generator::Base
|
3
|
+
|
4
|
+
def manifest
|
5
|
+
record do |m|
|
6
|
+
# The autotest file will require that the app actually
|
7
|
+
# looks for autotest files.
|
8
|
+
m.directory('config/autotest')
|
9
|
+
m.file('autotest_calnet_authenticated.rb', 'config/autotest/calnet_authenticated.rb')
|
10
|
+
|
11
|
+
# *.rake files in the lib/tasks/ directory are automatically
|
12
|
+
# loaded so nothing is required to include this.
|
13
|
+
m.directory('lib/tasks')
|
14
|
+
m.file('calnet_authenticated.rake', 'lib/tasks/calnet_authenticated.rake')
|
15
|
+
|
16
|
+
# may want to consider installing roles.yml ( actually have in simply_authorized )
|
17
|
+
|
18
|
+
m.migration_template 'migration.rb', 'db/migrate',
|
19
|
+
:migration_file_name => "add_calnet_authenticated_columns_to_users"
|
20
|
+
# :migration_file_name => "add_calnet_authenticated_columns_to_#{file_path.gsub(/\//, '_').pluralize}"
|
21
|
+
|
22
|
+
dot = File.dirname(__FILE__)
|
23
|
+
|
24
|
+
m.directory('public/javascripts')
|
25
|
+
Dir["#{dot}/templates/javascripts/*js"].each{|file|
|
26
|
+
f = file.split('/').slice(-2,2).join('/')
|
27
|
+
m.file(f, "public/javascripts/#{File.basename(file)}")
|
28
|
+
}
|
29
|
+
m.directory('public/stylesheets')
|
30
|
+
Dir["#{dot}/templates/stylesheets/*css"].each{|file|
|
31
|
+
f = file.split('/').slice(-2,2).join('/')
|
32
|
+
m.file(f, "public/stylesheets/#{File.basename(file)}")
|
33
|
+
}
|
34
|
+
|
35
|
+
|
36
|
+
|
37
|
+
# Due to the ApplicationController errors, don't use
|
38
|
+
# controllers in the gem. Models and unit tests
|
39
|
+
# seem to work just fine as they are subclasses of
|
40
|
+
# ActiveRecord::Base. Controllers are subclasses of
|
41
|
+
# ApplicationController, which is in the application.
|
42
|
+
#
|
43
|
+
# TODO copy routes maybe? How to copy in the complex route?
|
44
|
+
# Simple, restful route is simple.
|
45
|
+
# Probably have to do this manually.
|
46
|
+
#
|
47
|
+
# TODO copy controllers, views and functional tests.
|
48
|
+
# there are no views
|
49
|
+
|
50
|
+
# m.directory('app/views/photos')
|
51
|
+
# Dir["#{dot}/templates/views/photos/*rb"].each{|file|
|
52
|
+
# f = file.split('/').slice(-3,3).join('/')
|
53
|
+
# has an extra directory in path which is needed in m.file(f
|
54
|
+
# which is relative to templates/
|
55
|
+
# m.file(f, "app/views/photos/#{File.basename(file)}")
|
56
|
+
# }
|
57
|
+
#
|
58
|
+
# more generic way (not yet actually tested)
|
59
|
+
|
60
|
+
Dir["#{dot}/templates/views/*/**/"].each do |dir|
|
61
|
+
last_dir = dir.split('/').last
|
62
|
+
m.directory("app/views/#{last_dir}")
|
63
|
+
Dir["#{dot}/templates/views/#{last_dir}/*rb"].each do |file|
|
64
|
+
f = file.split('/').slice(-3,3).join('/')
|
65
|
+
m.file(f, "app/views/#{last_dir}/#{File.basename(file)}")
|
66
|
+
end
|
67
|
+
end
|
68
|
+
|
69
|
+
m.directory('app/controllers')
|
70
|
+
Dir["#{dot}/templates/controllers/*rb"].each{|file|
|
71
|
+
f = file.split('/').slice(-2,2).join('/')
|
72
|
+
m.file(f, "app/controllers/#{File.basename(file)}")
|
73
|
+
}
|
74
|
+
m.directory('test/functional/calnet_authenticated')
|
75
|
+
Dir["#{dot}/templates/functional/*rb"].each{|file|
|
76
|
+
f = file.split('/').slice(-2,2).join('/')
|
77
|
+
m.file(f, "test/functional/calnet_authenticated/#{File.basename(file)}")
|
78
|
+
}
|
79
|
+
|
80
|
+
# m.directory('test/unit/authorized')
|
81
|
+
# Dir["#{dot}/templates/unit/*rb"].each{|file|
|
82
|
+
# f = file.split('/').slice(-2,2).join('/')
|
83
|
+
# m.file(f, "test/unit/authorized/#{File.basename(file)}")
|
84
|
+
# }
|
85
|
+
|
86
|
+
end
|
87
|
+
end
|
88
|
+
|
89
|
+
end
|
90
|
+
module Rails::Generator::Commands
|
91
|
+
class Create
|
92
|
+
def migration_template(relative_source,
|
93
|
+
relative_destination, template_options = {})
|
94
|
+
migration_directory relative_destination
|
95
|
+
migration_file_name = template_options[
|
96
|
+
:migration_file_name] || file_name
|
97
|
+
if migration_exists?(migration_file_name)
|
98
|
+
puts "Another migration is already named #{migration_file_name}: #{existing_migrations(migration_file_name).first}: Skipping"
|
99
|
+
else
|
100
|
+
template(relative_source, "#{relative_destination}/#{next_migration_string}_#{migration_file_name}.rb", template_options)
|
101
|
+
end
|
102
|
+
end
|
103
|
+
end # Create
|
104
|
+
class Base
|
105
|
+
protected
|
106
|
+
# the loop through migrations happens so fast
|
107
|
+
# that they all have the same timestamp which
|
108
|
+
# won't work when you actually try to migrate.
|
109
|
+
# All the timestamps MUST be unique.
|
110
|
+
def next_migration_string(padding = 3)
|
111
|
+
@s = (!@s.nil?)? @s.to_i + 1 : if ActiveRecord::Base.timestamped_migrations
|
112
|
+
Time.now.utc.strftime("%Y%m%d%H%M%S")
|
113
|
+
else
|
114
|
+
"%.#{padding}d" % next_migration_number
|
115
|
+
end
|
116
|
+
end
|
117
|
+
end # Base
|
118
|
+
end
|
@@ -0,0 +1,40 @@
|
|
1
|
+
class UsersController < ApplicationController
|
2
|
+
|
3
|
+
skip_before_filter :login_required, :only => :menu
|
4
|
+
|
5
|
+
before_filter :id_required, :only => [:edit, :show, :update, :destroy]
|
6
|
+
before_filter :may_view_user_required, :except => [:index,:menu]
|
7
|
+
before_filter :may_view_users_required, :only => :index
|
8
|
+
|
9
|
+
ssl_allowed :menu
|
10
|
+
|
11
|
+
def menu
|
12
|
+
respond_to do |format|
|
13
|
+
format.js {}
|
14
|
+
end
|
15
|
+
end
|
16
|
+
|
17
|
+
def show
|
18
|
+
@roles = Role.all
|
19
|
+
end
|
20
|
+
|
21
|
+
def index
|
22
|
+
@users = User.search(params)
|
23
|
+
end
|
24
|
+
|
25
|
+
def destroy
|
26
|
+
@user.destroy
|
27
|
+
redirect_to users_path
|
28
|
+
end
|
29
|
+
|
30
|
+
protected
|
31
|
+
|
32
|
+
def id_required
|
33
|
+
if !params[:id].blank? and User.exists?(params[:id])
|
34
|
+
@user = User.find(params[:id])
|
35
|
+
else
|
36
|
+
access_denied("user id required!", users_path)
|
37
|
+
end
|
38
|
+
end
|
39
|
+
|
40
|
+
end
|
@@ -0,0 +1,68 @@
|
|
1
|
+
require 'test_helper'
|
2
|
+
|
3
|
+
class CalnetAuthenticated::SessionsControllerTest < ActionController::TestCase
|
4
|
+
tests SessionsController
|
5
|
+
|
6
|
+
test "should logout if authenticated" do
|
7
|
+
login_as Factory(:user)
|
8
|
+
assert_logged_in
|
9
|
+
delete :destroy
|
10
|
+
assert_redirected_to_logout
|
11
|
+
end
|
12
|
+
|
13
|
+
test "should NOT logout if NOT authenticated" do
|
14
|
+
assert_not_logged_in
|
15
|
+
delete :destroy
|
16
|
+
assert_redirected_to_login
|
17
|
+
end
|
18
|
+
|
19
|
+
#
|
20
|
+
# A temp testing route :show was created specifically to
|
21
|
+
# test the current_user and logged_in? methods. Without
|
22
|
+
# actually making a request, these methods fail as the
|
23
|
+
# session is nil. When making a :destroy request, it is
|
24
|
+
# destroyed and can't be checked.
|
25
|
+
#
|
26
|
+
# I suppose that I could create a new controller that
|
27
|
+
# doesn't meddle with the session, but ...
|
28
|
+
#
|
29
|
+
|
30
|
+
# test "should not be logged_in? without login" do
|
31
|
+
# assert_not_logged_in
|
32
|
+
# get :show
|
33
|
+
# assert_not_logged_in
|
34
|
+
# assert_equal false, @controller.logged_in?
|
35
|
+
# assert_redirected_to_login
|
36
|
+
# end
|
37
|
+
#
|
38
|
+
# test "should be logged_in? with login" do
|
39
|
+
# assert_not_logged_in
|
40
|
+
# login_as Factory(:user)
|
41
|
+
# assert_logged_in
|
42
|
+
# get :show
|
43
|
+
# assert_logged_in
|
44
|
+
# assert_equal true, @controller.logged_in?
|
45
|
+
# assert_redirected_to '/'
|
46
|
+
# end
|
47
|
+
#
|
48
|
+
# test "should not have current_user without login" do
|
49
|
+
# assert_not_logged_in
|
50
|
+
# get :show
|
51
|
+
# assert_not_logged_in
|
52
|
+
# assert_nil @controller.current_user
|
53
|
+
# assert_redirected_to_login
|
54
|
+
# end
|
55
|
+
#
|
56
|
+
# test "should have a current_user with login" do
|
57
|
+
# assert_not_logged_in
|
58
|
+
# login_as Factory(:user)
|
59
|
+
# assert_logged_in
|
60
|
+
# get :show
|
61
|
+
# assert_logged_in
|
62
|
+
# assert_not_nil @controller.current_user
|
63
|
+
# assert @controller.current_user.is_a?(User)
|
64
|
+
# assert @controller.current_user.is_a?(CalnetAuthenticatedUser())
|
65
|
+
# assert_redirected_to '/'
|
66
|
+
# end
|
67
|
+
|
68
|
+
end
|
@@ -0,0 +1,94 @@
|
|
1
|
+
require 'test_helper'
|
2
|
+
|
3
|
+
class CalnetAuthenticated::UsersControllerTest < ActionController::TestCase
|
4
|
+
tests UsersController
|
5
|
+
|
6
|
+
ASSERT_ACCESS_OPTIONS = {
|
7
|
+
:model => 'User',
|
8
|
+
:actions => [:destroy,:index,:show],
|
9
|
+
:attributes_for_create => :factory_attributes,
|
10
|
+
:method_for_create => :factory_create
|
11
|
+
}
|
12
|
+
|
13
|
+
def factory_attributes
|
14
|
+
Factory.attributes_for(:user)
|
15
|
+
end
|
16
|
+
def factory_create
|
17
|
+
Factory(:user)
|
18
|
+
end
|
19
|
+
|
20
|
+
assert_access_with_login( :logins => site_administrators )
|
21
|
+
assert_no_access_with_login( :logins => non_site_administrators )
|
22
|
+
assert_no_access_without_login
|
23
|
+
assert_access_with_https
|
24
|
+
assert_no_access_with_http
|
25
|
+
|
26
|
+
# use full role names as used in one test method
|
27
|
+
site_administrators.each do |cu|
|
28
|
+
|
29
|
+
test "should filter users index by role with #{cu} login" do
|
30
|
+
some_other_user = send(cu)
|
31
|
+
login_as send(cu)
|
32
|
+
get :index, :role_name => cu
|
33
|
+
assert assigns(:users).length >= 2
|
34
|
+
assigns(:users).each do |u|
|
35
|
+
assert u.role_names.include?(cu)
|
36
|
+
end
|
37
|
+
assert_nil flash[:error]
|
38
|
+
assert_response :success
|
39
|
+
end
|
40
|
+
|
41
|
+
test "should ignore empty role_name with #{cu} login" do
|
42
|
+
some_other_user = admin
|
43
|
+
login_as send(cu)
|
44
|
+
get :index, :role_name => ''
|
45
|
+
assert assigns(:users).length >= 2
|
46
|
+
assert_nil flash[:error]
|
47
|
+
assert_response :success
|
48
|
+
end
|
49
|
+
|
50
|
+
test "should ignore invalid role with #{cu} login" do
|
51
|
+
login_as send(cu)
|
52
|
+
get :index, :role_name => 'suffocator'
|
53
|
+
# assert_not_nil flash[:error]
|
54
|
+
assert_response :success
|
55
|
+
end
|
56
|
+
|
57
|
+
test "should get private users menu via js with #{cu} login" do
|
58
|
+
login_as send(cu)
|
59
|
+
@request.accept = "text/javascript"
|
60
|
+
get :menu
|
61
|
+
assert_response :success
|
62
|
+
assert_match /jQuery/, @response.body
|
63
|
+
end
|
64
|
+
|
65
|
+
end
|
66
|
+
|
67
|
+
all_test_roles.each do |cu|
|
68
|
+
|
69
|
+
test "should NOT get user info with invalid id with #{cu} login" do
|
70
|
+
login_as send(cu)
|
71
|
+
get :show, :id => 0
|
72
|
+
assert_not_nil flash[:error]
|
73
|
+
assert_redirected_to users_path
|
74
|
+
end
|
75
|
+
|
76
|
+
test "should get #{cu} info with self login" do
|
77
|
+
u = send(cu)
|
78
|
+
login_as u
|
79
|
+
get :show, :id => u.id
|
80
|
+
assert_response :success
|
81
|
+
assert_not_nil assigns(:user)
|
82
|
+
assert_equal u, assigns(:user)
|
83
|
+
end
|
84
|
+
|
85
|
+
end
|
86
|
+
|
87
|
+
test "should get empty private users menu via js without login" do
|
88
|
+
@request.accept = "text/javascript"
|
89
|
+
get :menu
|
90
|
+
assert_response :success
|
91
|
+
assert_match /\A\s*\z/, @response.body
|
92
|
+
end
|
93
|
+
|
94
|
+
end
|
@@ -0,0 +1,41 @@
|
|
1
|
+
#class AddCalnetAuthenticatedColumnsTo<%= class_name.pluralize.gsub(/::/, '') -%> < ActiveRecord::Migration
|
2
|
+
#class AddCalnetAuthenticatedColumnsToUsers -%> < ActiveRecord::Migration
|
3
|
+
class AddCalnetAuthenticatedColumnsToUsers < ActiveRecord::Migration
|
4
|
+
def self.up
|
5
|
+
# table_name = '<%= file_path.gsub(/\//, '_').pluralize %>'
|
6
|
+
table_name = 'users'
|
7
|
+
create_table table_name do |t|
|
8
|
+
t.timestamps
|
9
|
+
end unless table_exists?(table_name)
|
10
|
+
cols = columns(table_name).map(&:name)
|
11
|
+
add_column( table_name, :uid, :string
|
12
|
+
) unless cols.include?('uid')
|
13
|
+
add_column( table_name, :sn, :string
|
14
|
+
) unless cols.include?('sn')
|
15
|
+
add_column( table_name, :displayname, :string
|
16
|
+
) unless cols.include?('displayname')
|
17
|
+
add_column( table_name, :mail, :string, {
|
18
|
+
:default => '', :null => false }
|
19
|
+
) unless cols.include?('mail')
|
20
|
+
add_column( table_name, :telephonenumber, :string
|
21
|
+
) unless cols.include?('telephonenumber')
|
22
|
+
|
23
|
+
idxs = indexes(table_name).map(&:name)
|
24
|
+
add_index( table_name, :uid, :unique => true
|
25
|
+
) unless idxs.include?("index_#{table_name}_on_uid")
|
26
|
+
add_index( table_name, :sn
|
27
|
+
) unless idxs.include?("index_#{table_name}_on_sn")
|
28
|
+
end
|
29
|
+
|
30
|
+
def self.down
|
31
|
+
# table_name = '<%= file_path.gsub(/\//, '_').pluralize %>'
|
32
|
+
table_name = 'users'
|
33
|
+
remove_index table_name, :uid
|
34
|
+
remove_index table_name, :sn
|
35
|
+
remove_column table_name, :uid
|
36
|
+
remove_column table_name, :sn
|
37
|
+
remove_column table_name, :displayname
|
38
|
+
remove_column table_name, :mail
|
39
|
+
remove_column table_name, :telephonenumber
|
40
|
+
end
|
41
|
+
end
|