RubyGems - challah - Versions diffs - 0.5.3 → 0.5.4 - Mend

challah 0.5.3 → 0.5.4

Files changed (9) hide show

data/CHANGELOG.md +4 -0
data/db/seeds.rb +9 -9
data/lib/challah/authable/permission.rb +15 -13
data/lib/challah/authable/role.rb +22 -20
data/lib/challah/authable/user.rb +66 -62
data/lib/challah/version.rb +1 -1
data/lib/tasks/crud.rake +23 -16
data/test/permission_test.rb +1 -3
metadata +10 -10

data/CHANGELOG.md CHANGED Viewed

@@ -1,3 +1,7 @@
+## Challah 0.5.4
+* Bug fixes for Rails v3.2.3 mass assignment defaults.
 ## Challah 0.5.3
 * Updated tests to conform with Factory Girl 3.0

data/db/seeds.rb CHANGED Viewed

@@ -1,12 +1,12 @@
 # Add default admin permission and role and normal user with no permissions
 if Permission.count.zero? and Role.count.zero?
-  admin_permission = Permission.create!(:name => 'Administrator', :key => 'admin', :description => 'Administrative users have unrestricted access to all components within the application.', :locked => true)
-  manage_users_permission = Permission.create!(:name => 'Manage Users', :key => 'manage_users', :description => 'Access to add, edit and remove application users.', :locked => true)
-  admin_role = Role.create!(:name => 'Administrator', :description => 'Administrative users have unrestricted access to all components within the application.', :default_path => '/', :locked => true)
-  PermissionRole.create!(:role_id => admin_role.id, :permission_id => admin_permission.id)
-  PermissionRole.create!(:role_id => admin_role.id, :permission_id => manage_users_permission.id)
-  normal_role = Role.create!(:name => 'Default', :description => 'Default users can log in to the application.', :default_path => '/')
+  admin_permission = Permission.create!({ :name => 'Administrator', :key => 'admin', :description => 'Administrative users have unrestricted access to all components within the application.', :locked => true }, :without_protection => true)
+  manage_users_permission = Permission.create!({ :name => 'Manage Users', :key => 'manage_users', :description => 'Access to add, edit and remove application users.', :locked => true }, :without_protection => true)
+  admin_role = Role.create!({ :name => 'Administrator', :description => 'Administrative users have unrestricted access to all components within the application.', :default_path => '/', :locked => true }, :without_protection => true)
+  PermissionRole.create!({ :role_id => admin_role.id, :permission_id => admin_permission.id }, :without_protection => true)
+  PermissionRole.create!({ :role_id => admin_role.id, :permission_id => manage_users_permission.id }, :without_protection => true)
+  normal_role = Role.create!({ :name => 'Default', :description => 'Default users can log in to the application.', :default_path => '/' }, :without_protection => true)
 end

data/lib/challah/authable/permission.rb CHANGED Viewed

@@ -1,10 +1,10 @@
 module Challah
-  # AuthablePermission is used to extend functionality to a model in your app named Permission.
+  # AuthablePermission is used to extend functionality to a model in your app named Permission.
   # By default, this model already exists within the challah engine.
   #
   # The Permission model is used to store every granular level of restriction for your application.
   # If there is anything within your app that may need to be restricted in any way, you'll likely
-  # want to create a permission for it.
+  # want to create a permission for it.
   #
   # Permission can be as granular as necessary. For example, you may have a permission called
   # +:people_admin+. Or, you could specify each action taken within an admin section, and add permissions
@@ -25,7 +25,7 @@ module Challah
   #
   # The join tables (permission_roles and permission_users) are also included, but likely do not
   # need to be accessed directly.
-  #
+  #
   # == Scopes
   #
   # By default, the following scopes are included for this model:
@@ -34,10 +34,10 @@ module Challah
   #
   # == Customizing the Permission model
   #
-  # By default, the Permission model is included within the gem engine. However, if you wish to
-  # include it within your app for any customizations, you can do so by creating a model
+  # By default, the Permission model is included within the gem engine. However, if you wish to
+  # include it within your app for any customizations, you can do so by creating a model
   # file named +permission.rb+ and adding the +authable_permission+ line near the top of the class.
-  #
+  #
   # @example app/models/permission.rb
   #   class Permission < ActiveRecord::Base
   #     # Set up all permission methods from challah gem
@@ -57,7 +57,7 @@ module Challah
         include InstanceMethods
         extend ClassMethods
       end
       class_eval do
         validates_presence_of :name, :key
         validates_uniqueness_of :name, :key
@@ -69,11 +69,13 @@ module Challah
         has_many :users, :through => :permission_users, :order => 'users.last_name, users.first_name'
         default_scope order('permissions.name')
+        attr_accessible :name, :description, :key, :locked
         after_create :add_to_admin_role
       end
     end
     module ClassMethods
       # Quickly access a +Permission+ instance by the provided key. If no +Permission+
       # is found with that key, +nil+ is returned.
@@ -89,8 +91,8 @@ module Challah
         self.find_by_key(key.to_s.strip.downcase.gsub(' ', '_'))
       end
     end
-    # @private
+    # @private
     module InstanceMethods
       # @private
       #
@@ -98,13 +100,13 @@ module Challah
       def key=(value)
         write_attribute(:key, value.to_s.downcase.strip)
       end
       protected
         # @private
         # After a new permission level is added, automatically add it to the admin user role
         def add_to_admin_role
           admin_role = ::Role.admin
           # if there is an admin role, add this permission to it.
           if admin_role
             admin_role.permission_keys = admin_role.permission_keys + [ self.key ]

data/lib/challah/authable/role.rb CHANGED Viewed

@@ -1,11 +1,11 @@
 module Challah
-  # AuthableRole is used to extend functionality to a model in your app named Role. By default,
+  # AuthableRole is used to extend functionality to a model in your app named Role. By default,
   # this model already exists within the challah engine.
   #
   # The Role model is used to group together sets of permissions that can be assigned
-  # to users.
+  # to users.
   #
-  # Roles are not used to detect features or options for a user. Instead, you should
+  # Roles are not used to detect features or options for a user. Instead, you should
   # always use permissions as the most granular level of detail within your app.
   #
   # For example, to restrict a piece of your application to a certain user, you should create
@@ -21,9 +21,9 @@ module Challah
   # to the administrator role.
   #
   # == Validations
-  #
+  #
   # A role requires that a unique name be provided.
-  #
+  #
   # == Associations
   #
   # The following associations are set on this model by default:
@@ -36,14 +36,14 @@ module Challah
   #
   # == Customizing the Role model
   #
-  # By default, the Role model is included within the gem engine. However, if you wish to
-  # include it within your app for any customizations, you can do so by creating a model
+  # By default, the Role model is included within the gem engine. However, if you wish to
+  # include it within your app for any customizations, you can do so by creating a model
   # file named +role.rb+ and adding the +authable_role+ line near the top of the class.
-  #
+  #
   # @example app/models/role.rb
   #   class Role < ActiveRecord::Base
   #     # Set up all role methods from challah gem
-  #     authable_role
+  #     authable_role
   #
   #     # Your customizations here..
   #   end
@@ -59,21 +59,23 @@ module Challah
         include InstanceMethods
         extend ClassMethods
       end
       class_eval do
         validates_presence_of :name
         validates_uniqueness_of :name
         has_many :users, :order => 'users.first_name, users.last_name'
         has_many :permission_roles, :dependent => :destroy
         has_many :permissions, :through => :permission_roles, :order => 'permissions.name'
         default_scope order('roles.name')
+        attr_accessible :name, :description, :default_path, :locked
         after_save :save_permission_keys
       end
     end
     module ClassMethods
       # Quickly access a +Role+ instance by the provided name. If no +Role+
       # is found with that key, +nil+ is returned.
@@ -88,7 +90,7 @@ module Challah
       def [](name)
         self.find_by_name(name.to_s.strip.downcase.gsub(' ', '_').titleize)
       end
       # Shortcut for finding the Role named 'Administrator'
       #
       # @return [Role, nil]
@@ -99,7 +101,7 @@ module Challah
         @admin ||= self.find_by_name('Administrator')
       end
     end
     module InstanceMethods
       # Grab all permission keys for this +Role+
       #
@@ -113,7 +115,7 @@ module Challah
       end
       # Set the permission keys that this role can access. This temporarily updates
-      # the permission keys for the +Role+ instance, but changes are not saved until
+      # the permission keys for the +Role+ instance, but changes are not saved until
       # the model has been saved.
       #
       # @param [Array] keys An array of permission keys to set for this role.
@@ -124,7 +126,7 @@ module Challah
         @permission_keys = keys
         @permission_keys
       end
       # Does this role have the given +Permission+? Pass in a Permission instance, or
       # a permission key to check for its existance.
       #
@@ -150,7 +152,7 @@ module Challah
         return has(sym.to_s.gsub(/\?/, '')) if sym.to_s =~ /^[a-z0-9_]*\?$/
         super(sym, *args, &block)
       end
       protected
         # @private
         #
@@ -161,9 +163,9 @@ module Challah
             @permission_keys.uniq.each do |key|
               permission = ::Permission.find_by_key(key)
               if permission
-                self.permission_roles.create(:permission_id => permission.id, :role_id => self.id)
+                self.permission_roles.create({ :permission_id => permission.id, :role_id => self.id }, :without_protection => true)
               end
             end

data/lib/challah/authable/user.rb CHANGED Viewed

@@ -5,107 +5,109 @@ module Challah
         include InstanceMethods
         extend ClassMethods
       end
       class_eval do
         cattr_accessor :protected_attributes
         validates_presence_of :first_name, :last_name, :email, :role_id, :username
         validates_uniqueness_of :email, :username
         validate :validate_new_password
         before_save :before_save_password
         belongs_to :role, :touch => true
         has_many :permission_users, :dependent => :destroy
         has_many :permissions, :through => :permission_users, :order => 'permissions.name'
         scope :active, where(:active => true).order('users.first_name, users.last_name')
         scope :inactive, where(:active => false).order('users.first_name, users.last_name')
         scope :with_role, lambda { |role| where([ "users.role_id = ?", role ]) }
         scope :search, lambda { |q| where([ 'users.first_name like ? OR users.last_name like ? OR users.email like ? OR users.username LIKE ?', "%#{q}%", "%#{q}%", "%#{q}%", "%#{q}%" ]) }
         after_save :save_permission_keys
-        protect_attributes :api_key, :created_by, :crypted_password, :failed_login_count, :id, :last_login_at, :login_count, :permissions, :permissions_attributes, :permission_users, :permission_users_attributes, :persistence_token, :role_id, :updated_by
+        attr_accessible :first_name, :last_name, :username, :email, :password, :password_confirmation
+        protect_attributes :api_key, :created_by, :crypted_password, :failed_login_count, :id, :last_session_at, :last_login_at, :last_session_ip, :login_count, :permissions, :permissions_attributes, :permission_users, :permission_users_attributes, :persistence_token, :role_id, :session_count, :updated_by
       end
     end
     module ClassMethods
       # Find a user instance by username first, or email address if needed.
       # If no user is found matching, return nil
       def find_for_session(username_or_email)
         return nil if username_or_email.to_s.blank?
         result = nil
         result = find_by_username(username_or_email)
         unless result
           if username_or_email.to_s.include?('@')
             result = find_by_email(username_or_email)
-          end
-        end
+          end
+        end
         result
       end
-      def protect_attributes(*args)
+      def protect_attributes(*args)
         self.protected_attributes ||= []
         self.protected_attributes << args.collect(&:to_s)
       end
     end
     # Instance methods to be included once authable_user is set up.
     module InstanceMethods
-      # Returns true if this user is active, and should be able to log in. If
+      # Returns true if this user is active, and should be able to log in. If
       # the active column is false, the user will not be able to authenticate
       def active?
         !!self.active
       end
       # Generic authentication method. By default, this just checks to see if the password
-      # given matches this user. You can also pass in the first parameter as the method
+      # given matches this user. You can also pass in the first parameter as the method
       # to use for a different type of authentication.
       def authenticate(*args)
         return false unless active?
         if args.length > 1
           method = args.shift
           if respond_to?("authenticate_with_#{method}")
             return self.send("authenticate_with_#{method}", *args)
           end
-          false
+          false
         else
           authenticate_with_password(args[0])
         end
       end
       # Pass in an api_key, and if it matches this user account, return true.
       def authenticate_with_api_key(api_key)
         self.api_key == api_key
       end
       # Pass in a password, and if it matches this user's account, return true.
       def authenticate_with_password(plain_password)
         ::Challah::Encrypter.compare(self.crypted_password, plain_password)
       end
       # The default url where this user should be redirected to after logging in. Also can be used as the main link
       # at the top of navigation.
       def default_path
         role ? role.default_path : '/'
       end
       def failed_authentication!
         self.increment!(:failed_auth_count)
       end
       # full name
       def name
         "#{first_name} #{last_name}"
       end
       # Get the value of the current password, only can be used right after setting a new password.
       def password
         @password
@@ -126,37 +128,37 @@ module Challah
       def password_confirmation=(value)
         @password_confirmation = value
       end
       # Returns the permission keys in an array for exactly what this user can access. This includes all role based permission keys, and any specifically given to this user through permissions_users
       def permission_keys
         return @permission_keys if @permission_keys
         role_keys = if role(true)
           role_key = "#{role.cache_key}/permissions"
           keys = Rails.cache.fetch(role_key) do
             role.permission_keys.clone
           end
-          Rails.cache.write(role_key, keys)
+          Rails.cache.write(role_key, keys)
           keys
         else
           []
         end
         user_key = "#{self.cache_key}/permissions"
         user_keys = Rails.cache.fetch(user_key) do
           user_permission_keys.clone
         end
         user_keys = [] unless user_keys
         Rails.cache.write(user_key, keys) unless new_record?
-        @permission_keys = (role_keys + user_keys).uniq
+        @permission_keys = (role_keys + user_keys).uniq
       end
       # Returns true if this user has permission to the provided permission key
       def has(permission_key)
         self.permission_keys.include?(permission_key.to_s)
@@ -166,46 +168,48 @@ module Challah
       # Set the permission keys that this role can access
       def permission_keys=(value)
         Rails.cache.delete("#{self.cache_key}/permissions")
         @permission_keys = value
         @permission_keys
       end
       # When a role is set, reset the permission_keys
       def role_id=(value)
         @permission_keys = nil
         @user_permission_keys = nil
         self[:role_id] = value
       end
       # shortened name, just includes the first name and last initial
       def small_name
         "#{first_name.to_s.titleize} #{last_name.to_s.first.upcase}."
       end
-      # Called when a +Session+ validation is successful, and this user has
+      # Called when a +Session+ validation is successful, and this user has
       # been authenticated.
       def successful_authentication!(ip_address = nil)
-        self.update_attributes(:last_session_at => Time.now, :last_session_ip => ip_address)
+        self.last_session_at = Time.now
+        self.last_session_ip = ip_address
+        self.save
         self.increment!(:session_count, 1)
       end
       # Update a user's own account. This differsfrom User#update_attributes because it won't let
-      # a user update their own role and other protected elements.
+      # a user update their own role and other protected elements.
       #
       # All attributes on the user model can be updated, except for the ones listed below.
       def update_account_attributes(attributes_to_update = {})
-        protected_attributes = self.class.protected_attributes.clone.flatten
-        attributes_to_update.keys.each { |key| attributes_to_update.delete(key) if protected_attributes.include?(key.to_s) }
+        protected_attributes = self.class.protected_attributes.clone.flatten
+        attributes_to_update.keys.each { |key| attributes_to_update.delete(key) if protected_attributes.include?(key.to_s) }
         self.update_attributes(attributes_to_update)
       end
-      # Returns the permission keys used by this specific user, does not include any role-based permissions.
+      # Returns the permission keys used by this specific user, does not include any role-based permissions.
       def user_permission_keys
         new_record? ? [] : self.permissions(true).collect(&:key)
       end
       # Is this user valid and ready for a user session?
       #
       # Override this method if you need to check for a particular configuration on each page request.
@@ -214,7 +218,7 @@ module Challah
       end
       # Allow dynamic checking for permissions
-      #
+      #
       # +admin?+ is shorthand for:
       #
       #   def admin?
@@ -224,7 +228,7 @@ module Challah
         return has(sym.to_s.gsub(/\?/, '')) if sym.to_s =~ /^[a-z_]*\?$/
         super(sym, *args, &block)
       end
       protected
         # called before_save on the User model, actually encrypts the password with a new generated salt
         def before_save_password
@@ -238,10 +242,10 @@ module Challah
           self.persistence_token = ::Challah::Random.token(125) if self.persistence_token.to_s.blank?
           self.api_key = ::Challah::Random.token(50) if self.api_key.to_s.blank?
         end
-        # Saves any updated permission keys to the database for this user.
-        # Any permission keys that are specifically given to this user and are also in the
-        # user's role will be removed. So, the only permission keys added here will be those
+        # Saves any updated permission keys to the database for this user.
+        # Any permission keys that are specifically given to this user and are also in the
+        # user's role will be removed. So, the only permission keys added here will be those
         # in addition to the user's role.
         def save_permission_keys
           if @permission_keys and Array === @permission_keys
@@ -253,7 +257,7 @@ module Challah
               permission = ::Permission[key]
               if permission
-                self.permission_users.create(:permission_id => permission.id, :user_id => self.id)
+                self.permission_users.create({ :permission_id => permission.id, :user_id => self.id }, :without_protection => true)
               end
             end

data/lib/challah/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module Challah
-  VERSION = "0.5.3" unless defined?(::Challah::VERSION)
+  VERSION = "0.5.4" unless defined?(::Challah::VERSION)
 end

data/lib/tasks/crud.rake CHANGED Viewed

@@ -1,6 +1,6 @@
 require 'highline/import'
-namespace :challah do
+namespace :challah do
   namespace :permissions do
     desc "Create a new permission"
     task :create => :environment do
@@ -9,25 +9,25 @@ namespace :challah do
       banner('Creating a permission')
-      # Grab the required fields.
+      # Grab the required fields.
       name = ask('Permission name: ')
       key = name.to_s.parameterize.underscore
-      key = ask('Key: ') { |q| q.default = key }
+      key = ask('Key: ') { |q| q.default = key }
       description = ask('Description (optional): ')
-      permission = Permission.new(:name => name, :key => key, :description => description)
+      permission = Permission.new({ :name => name, :key => key, :description => description }, :without_protection => true)
       puts "\n"
       if permission.save
-        puts "Role has been created successfully! [ID: #{permission.id}]"
+        puts "Permission has been created successfully! [ID: #{permission.id}]"
       else
-        puts "Role could not be added for the following errors:"
+        puts "Permission could not be added for the following errors:"
         permission.errors.full_messages.each { |m| puts "  - #{m}" }
       end
     end
   end
   namespace :roles do
     desc "Create a new role"
     task :create => :environment do
@@ -36,11 +36,11 @@ namespace :challah do
       banner('Creating a role')
-      # Grab the required fields.
+      # Grab the required fields.
       name = ask('Name: ')
       description = ask('Description (optional): ')
-      role = Role.new(:name => name, :description => description)
+      role = Role.new({ :name => name, :description => description }, :without_protection => true)
       puts "\n"
@@ -52,7 +52,7 @@ namespace :challah do
       end
     end
   end
   namespace :users do
     desc "Create a new user"
     task :create => :environment do
@@ -65,9 +65,9 @@ namespace :challah do
       if first_user
         puts "Please answer the following questions to create your first admin user.\n\n"
-      end
+      end
-      # Grab the required fields.
+      # Grab the required fields.
       first_name = ask('First name: ')
       last_name = ask('Last name: ')
       email = ask('Email: ')
@@ -81,14 +81,21 @@ namespace :challah do
       unless first_user
         choose do |menu|
           menu.prompt = 'Choose a role for this user: '
           Role.all.each do |role|
             menu.choice(role.name) { role_id = role.id }
           end
         end
       end
-      user = User.new(:first_name => first_name, :last_name => last_name, :email => email, :username => username, :role_id => role_id, :password => password, :password_confirmation => password)
+      user = User.new({
+        :first_name => first_name,
+        :last_name => last_name,
+        :email => email,
+        :username => username,
+        :role_id => role_id,
+        :password => password,
+        :password_confirmation => password }, :without_protection => true)
       puts "\n"

data/test/permission_test.rb CHANGED Viewed

@@ -36,9 +36,7 @@ class PermissionTest < ActiveSupport::TestCase
       admin_role = create(:role, :name => 'Administrator')
       assert_equal nil, admin_role.permission_keys.index('new_permission')
-      #Role.stubs(:admin).returns(admin_role)
-      permission = Permission.new(:name => 'New Permission', :key => 'new_permission', :description => 'This is just a test.')
+      permission = Permission.new({ :name => 'New Permission', :key => 'new_permission', :description => 'This is just a test.' }, :without_protection => true)
       assert_difference [ 'Permission.count', 'PermissionRole.count' ], 1 do
         assert permission.save

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: challah
 version: !ruby/object:Gem::Version
-  version: 0.5.3
+  version: 0.5.4
   prerelease:
 platform: ruby
 authors:
@@ -9,11 +9,11 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2012-03-26 00:00:00.000000000Z
+date: 2012-04-06 00:00:00.000000000Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: highline
-  requirement: &70216822663460 !ruby/object:Gem::Requirement
+  requirement: &70222396826020 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -21,10 +21,10 @@ dependencies:
         version: '0'
   type: :runtime
   prerelease: false
-  version_requirements: *70216822663460
+  version_requirements: *70222396826020
 - !ruby/object:Gem::Dependency
   name: rails
-  requirement: &70216831469680 !ruby/object:Gem::Requirement
+  requirement: &70222397669900 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -32,10 +32,10 @@ dependencies:
         version: '3.1'
   type: :runtime
   prerelease: false
-  version_requirements: *70216831469680
+  version_requirements: *70222397669900
 - !ruby/object:Gem::Dependency
   name: rake
-  requirement: &70216831483320 !ruby/object:Gem::Requirement
+  requirement: &70222397682260 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -43,10 +43,10 @@ dependencies:
         version: 0.9.2
   type: :runtime
   prerelease: false
-  version_requirements: *70216831483320
+  version_requirements: *70222397682260
 - !ruby/object:Gem::Dependency
   name: bcrypt-ruby
-  requirement: &70216831500660 !ruby/object:Gem::Requirement
+  requirement: &70222397727080 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -54,7 +54,7 @@ dependencies:
         version: '0'
   type: :runtime
   prerelease: false
-  version_requirements: *70216831500660
+  version_requirements: *70222397727080
 description: A simple ruby gem for authentication, users, roles and permissions.
 email:
 - john@johntornow.com