RubyGems - challah - Versions diffs - 0.5.3 → 0.5.4 - Mend

challah 0.5.3 → 0.5.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

data/CHANGELOG.md +4 -0
data/db/seeds.rb +9 -9
data/lib/challah/authable/permission.rb +15 -13
data/lib/challah/authable/role.rb +22 -20
data/lib/challah/authable/user.rb +66 -62
data/lib/challah/version.rb +1 -1
data/lib/tasks/crud.rake +23 -16
data/test/permission_test.rb +1 -3
metadata +10 -10

data/CHANGELOG.md CHANGED Viewed

@@ -1,3 +1,7 @@
+## Challah 0.5.4
+* Bug fixes for Rails v3.2.3 mass assignment defaults.
 ## Challah 0.5.3
 * Updated tests to conform with Factory Girl 3.0

data/db/seeds.rb CHANGED Viewed

@@ -1,12 +1,12 @@
 # Add default admin permission and role and normal user with no permissions
 if Permission.count.zero? and Role.count.zero?
-  admin_permission = Permission.create!(:name => 'Administrator', :key => 'admin', :description => 'Administrative users have unrestricted access to all components within the application.', :locked => true)
-  manage_users_permission = Permission.create!(:name => 'Manage Users', :key => 'manage_users', :description => 'Access to add, edit and remove application users.', :locked => true)
-  admin_role = Role.create!(:name => 'Administrator', :description => 'Administrative users have unrestricted access to all components within the application.', :default_path => '/', :locked => true)
-  PermissionRole.create!(:role_id => admin_role.id, :permission_id => admin_permission.id)
-  PermissionRole.create!(:role_id => admin_role.id, :permission_id => manage_users_permission.id)
-  normal_role = Role.create!(:name => 'Default', :description => 'Default users can log in to the application.', :default_path => '/')
+  admin_permission = Permission.create!({ :name => 'Administrator', :key => 'admin', :description => 'Administrative users have unrestricted access to all components within the application.', :locked => true }, :without_protection => true)
+  manage_users_permission = Permission.create!({ :name => 'Manage Users', :key => 'manage_users', :description => 'Access to add, edit and remove application users.', :locked => true }, :without_protection => true)
+  admin_role = Role.create!({ :name => 'Administrator', :description => 'Administrative users have unrestricted access to all components within the application.', :default_path => '/', :locked => true }, :without_protection => true)
+  PermissionRole.create!({ :role_id => admin_role.id, :permission_id => admin_permission.id }, :without_protection => true)
+  PermissionRole.create!({ :role_id => admin_role.id, :permission_id => manage_users_permission.id }, :without_protection => true)
+  normal_role = Role.create!({ :name => 'Default', :description => 'Default users can log in to the application.', :default_path => '/' }, :without_protection => true)
 end

data/lib/challah/authable/permission.rb CHANGED Viewed

@@ -1,10 +1,10 @@
 module Challah
-  # AuthablePermission is used to extend functionality to a model in your app named Permission.
+  # AuthablePermission is used to extend functionality to a model in your app named Permission.
   # By default, this model already exists within the challah engine.
   #
   # The Permission model is used to store every granular level of restriction for your application.
   # If there is anything within your app that may need to be restricted in any way, you'll likely
-  # want to create a permission for it.
+  # want to create a permission for it.
   #
   # Permission can be as granular as necessary. For example, you may have a permission called
   # +:people_admin+. Or, you could specify each action taken within an admin section, and add permissions
@@ -25,7 +25,7 @@ module Challah
   #
   # The join tables (permission_roles and permission_users) are also included, but likely do not
   # need to be accessed directly.
-  #
+  #
   # == Scopes
   #
   # By default, the following scopes are included for this model:
@@ -34,10 +34,10 @@ module Challah
   #
   # == Customizing the Permission model
   #
-  # By default, the Permission model is included within the gem engine. However, if you wish to
-  # include it within your app for any customizations, you can do so by creating a model
+  # By default, the Permission model is included within the gem engine. However, if you wish to
+  # include it within your app for any customizations, you can do so by creating a model
   # file named +permission.rb+ and adding the +authable_permission+ line near the top of the class.
-  #
+  #
   # @example app/models/permission.rb
   #   class Permission < ActiveRecord::Base
   #     # Set up all permission methods from challah gem
@@ -57,7 +57,7 @@ module Challah
         include InstanceMethods
         extend ClassMethods
       end
       class_eval do
         validates_presence_of :name, :key
         validates_uniqueness_of :name, :key
@@ -69,11 +69,13 @@ module Challah
         has_many :users, :through => :permission_users, :order => 'users.last_name, users.first_name'
         default_scope order('permissions.name')
+        attr_accessible :name, :description, :key, :locked
         after_create :add_to_admin_role
       end
     end
     module ClassMethods
       # Quickly access a +Permission+ instance by the provided key. If no +Permission+
       # is found with that key, +nil+ is returned.
@@ -89,8 +91,8 @@ module Challah
         self.find_by_key(key.to_s.strip.downcase.gsub(' ', '_'))
       end
     end
-    # @private
+    # @private
     module InstanceMethods
       # @private
       #
@@ -98,13 +100,13 @@ module Challah
       def key=(value)
         write_attribute(:key, value.to_s.downcase.strip)
       end
       protected
         # @private
         # After a new permission level is added, automatically add it to the admin user role
         def add_to_admin_role
           admin_role = ::Role.admin
           # if there is an admin role, add this permission to it.
           if admin_role
             admin_role.permission_keys = admin_role.permission_keys + [ self.key ]

data/lib/challah/authable/role.rb CHANGED Viewed

@@ -1,11 +1,11 @@
 module Challah
-  # AuthableRole is used to extend functionality to a model in your app named Role. By default,
+  # AuthableRole is used to extend functionality to a model in your app named Role. By default,
   # this model already exists within the challah engine.
   #
   # The Role model is used to group together sets of permissions that can be assigned
-  # to users.
+  # to users.
   #
-  # Roles are not used to detect features or options for a user. Instead, you should
+  # Roles are not used to detect features or options for a user. Instead, you should
   # always use permissions as the most granular level of detail within your app.
   #
   # For example, to restrict a piece of your application to a certain user, you should create
@@ -21,9 +21,9 @@ module Challah
   # to the administrator role.
   #
   # == Validations
-  #
+  #
   # A role requires that a unique name be provided.
-  #
+  #
   # == Associations
   #
   # The following associations are set on this model by default:
@@ -36,14 +36,14 @@ module Challah
   #
   # == Customizing the Role model
   #
-  # By default, the Role model is included within the gem engine. However, if you wish to
-  # include it within your app for any customizations, you can do so by creating a model
+  # By default, the Role model is included within the gem engine. However, if you wish to
+  # include it within your app for any customizations, you can do so by creating a model
   # file named +role.rb+ and adding the +authable_role+ line near the top of the class.
-  #
+  #
   # @example app/models/role.rb
   #   class Role < ActiveRecord::Base
   #     # Set up all role methods from challah gem
-  #     authable_role
+  #     authable_role
   #
   #     # Your customizations here..
   #   end
@@ -59,21 +59,23 @@ module Challah
         include InstanceMethods
         extend ClassMethods
       end
       class_eval do
         validates_presence_of :name
         validates_uniqueness_of :name
         has_many :users, :order => 'users.first_name, users.last_name'
         has_many :permission_roles, :dependent => :destroy
         has_many :permissions, :through => :permission_roles, :order => 'permissions.name'
         default_scope order('roles.name')
+        attr_accessible :name, :description, :default_path, :locked
         after_save :save_permission_keys
       end
     end
     module ClassMethods
       # Quickly access a +Role+ instance by the provided name. If no +Role+
       # is found with that key, +nil+ is returned.
@@ -88,7 +90,7 @@ module Challah
       def [](name)
         self.find_by_name(name.to_s.strip.downcase.gsub(' ', '_').titleize)
       end
       # Shortcut for finding the Role named 'Administrator'
       #
       # @return [Role, nil]
@@ -99,7 +101,7 @@ module Challah
         @admin ||= self.find_by_name('Administrator')
       end
     end
     module InstanceMethods
       # Grab all permission keys for this +Role+
       #
@@ -113,7 +115,7 @@ module Challah
       end
       # Set the permission keys that this role can access. This temporarily updates
-      # the permission keys for the +Role+ instance, but changes are not saved until
+      # the permission keys for the +Role+ instance, but changes are not saved until
       # the model has been saved.
       #
       # @param [Array] keys An array of permission keys to set for this role.
@@ -124,7 +126,7 @@ module Challah
         @permission_keys = keys
         @permission_keys
       end
       # Does this role have the given +Permission+? Pass in a Permission instance, or
       # a permission key to check for its existance.
       #
@@ -150,7 +152,7 @@ module Challah
         return has(sym.to_s.gsub(/\?/, '')) if sym.to_s =~ /^[a-z0-9_]*\?$/
         super(sym, *args, &block)
       end
       protected
         # @private
         #
@@ -161,9 +163,9 @@ module Challah
             @permission_keys.uniq.each do |key|
               permission = ::Permission.find_by_key(key)
               if permission
-                self.permission_roles.create(:permission_id => permission.id, :role_id => self.id)
+                self.permission_roles.create({ :permission_id => permission.id, :role_id => self.id }, :without_protection => true)
               end
             end

data/lib/challah/authable/user.rb CHANGED Viewed

@@ -5,107 +5,109 @@ module Challah
         include InstanceMethods
         extend ClassMethods
       end
       class_eval do
         cattr_accessor :protected_attributes
         validates_presence_of :first_name, :last_name, :email, :role_id, :username
         validates_uniqueness_of :email, :username
         validate :validate_new_password
         before_save :before_save_password
         belongs_to :role, :touch => true
         has_many :permission_users, :dependent => :destroy
         has_many :permissions, :through => :permission_users, :order => 'permissions.name'
         scope :active, where(:active => true).order('users.first_name, users.last_name')
         scope :inactive, where(:active => false).order('users.first_name, users.last_name')
         scope :with_role, lambda { |role| where([ "users.role_id = ?", role ]) }
         scope :search, lambda { |q| where([ 'users.first_name like ? OR users.last_name like ? OR users.email like ? OR users.username LIKE ?', "%#{q}%", "%#{q}%", "%#{q}%", "%#{q}%" ]) }
         after_save :save_permission_keys
-        protect_attributes :api_key, :created_by, :crypted_password, :failed_login_count, :id, :last_login_at, :login_count, :permissions, :permissions_attributes, :permission_users, :permission_users_attributes, :persistence_token, :role_id, :updated_by
+        attr_accessible :first_name, :last_name, :username, :email, :password, :password_confirmation
+        protect_attributes :api_key, :created_by, :crypted_password, :failed_login_count, :id, :last_session_at, :last_login_at, :last_session_ip, :login_count, :permissions, :permissions_attributes, :permission_users, :permission_users_attributes, :persistence_token, :role_id, :session_count, :updated_by
       end
     end
     module ClassMethods
       # Find a user instance by username first, or email address if needed.
       # If no user is found matching, return nil
       def find_for_session(username_or_email)
         return nil if username_or_email.to_s.blank?
         result = nil
         result = find_by_username(username_or_email)
         unless result
           if username_or_email.to_s.include?('@')
             result = find_by_email(username_or_email)
-          end
-        end
+          end
+        end
         result
       end
-      def protect_attributes(*args)
+      def protect_attributes(*args)
         self.protected_attributes ||= []
         self.protected_attributes << args.collect(&:to_s)
       end
     end
     # Instance methods to be included once authable_user is set up.
     module InstanceMethods
-      # Returns true if this user is active, and should be able to log in. If
+      # Returns true if this user is active, and should be able to log in. If
       # the active column is false, the user will not be able to authenticate
       def active?
         !!self.active
       end
       # Generic authentication method. By default, this just checks to see if the password
-      # given matches this user. You can also pass in the first parameter as the method
+      # given matches this user. You can also pass in the first parameter as the method
       # to use for a different type of authentication.
       def authenticate(*args)
         return false unless active?
         if args.length > 1
           method = args.shift
           if respond_to?("authenticate_with_#{method}")
             return self.send("authenticate_with_#{method}", *args)
           end
-          false
+          false
         else
           authenticate_with_password(args[0])
         end
       end
       # Pass in an api_key, and if it matches this user account, return true.
       def authenticate_with_api_key(api_key)
         self.api_key == api_key
       end
       # Pass in a password, and if it matches this user's account, return true.
       def authenticate_with_password(plain_password)
         ::Challah::Encrypter.compare(self.crypted_password, plain_password)
       end
       # The default url where this user should be redirected to after logging in. Also can be used as the main link
       # at the top of navigation.
       def default_path
         role ? role.default_path : '/'
       end
       def failed_authentication!
         self.increment!(:failed_auth_count)
       end
       # full name
       def name
         "#{first_name} #{last_name}"
       end
       # Get the value of the current password, only can be used right after setting a new password.
       def password
         @password
@@ -126,37 +128,37 @@ module Challah
       def password_confirmation=(value)
         @password_confirmation = value
       end
       # Returns the permission keys in an array for exactly what this user can access. This includes all role based permission keys, and any specifically given to this user through permissions_users
       def permission_keys
         return @permission_keys if @permission_keys
         role_keys = if role(true)
           role_key = "#{role.cache_key}/permissions"
           keys = Rails.cache.fetch(role_key) do
             role.permission_keys.clone
           end
-          Rails.cache.write(role_key, keys)
+          Rails.cache.write(role_key, keys)
           keys
         else
           []
         end
         user_key = "#{self.cache_key}/permissions"
         user_keys = Rails.cache.fetch(user_key) do
           user_permission_keys.clone
         end
         user_keys = [] unless user_keys
         Rails.cache.write(user_key, keys) unless new_record?
-        @permission_keys = (role_keys + user_keys).uniq
+        @permission_keys = (role_keys + user_keys).uniq
       end
       # Returns true if this user has permission to the provided permission key
       def has(permission_key)
         self.permission_keys.include?(permission_key.to_s)
@@ -166,46 +168,48 @@ module Challah
       # Set the permission keys that this role can access
       def permission_keys=(value)
         Rails.cache.delete("#{self.cache_key}/permissions")
         @permission_keys = value
         @permission_keys
       end
       # When a role is set, reset the permission_keys
       def role_id=(value)
         @permission_keys = nil
         @user_permission_keys = nil
         self[:role_id] = value
       end
       # shortened name, just includes the first name and last initial
       def small_name
         "#{first_name.to_s.titleize} #{last_name.to_s.first.upcase}."
       end
-      # Called when a +Session+ validation is successful, and this user has
+      # Called when a +Session+ validation is successful, and this user has
       # been authenticated.
       def successful_authentication!(ip_address = nil)
-        self.update_attributes(:last_session_at => Time.now, :last_session_ip => ip_address)
+        self.last_session_at = Time.now
+        self.last_session_ip = ip_address
+        self.save
         self.increment!(:session_count, 1)
       end
       # Update a user's own account. This differsfrom User#update_attributes because it won't let
-      # a user update their own role and other protected elements.
+      # a user update their own role and other protected elements.
       #
       # All attributes on the user model can be updated, except for the ones listed below.
       def update_account_attributes(attributes_to_update = {})
-        protected_attributes = self.class.protected_attributes.clone.flatten
-        attributes_to_update.keys.each { |key| attributes_to_update.delete(key) if protected_attributes.include?(key.to_s) }
+        protected_attributes = self.class.protected_attributes.clone.flatten
+        attributes_to_update.keys.each { |key| attributes_to_update.delete(key) if protected_attributes.include?(key.to_s) }
         self.update_attributes(attributes_to_update)
       end
-      # Returns the permission keys used by this specific user, does not include any role-based permissions.
+      # Returns the permission keys used by this specific user, does not include any role-based permissions.
       def user_permission_keys
         new_record? ? [] : self.permissions(true).collect(&:key)
       end
       # Is this user valid and ready for a user session?
       #
       # Override this method if you need to check for a particular configuration on each page request.
@@ -214,7 +218,7 @@ module Challah
       end
       # Allow dynamic checking for permissions
-      #
+      #
       # +admin?+ is shorthand for:
       #
       #   def admin?
@@ -224,7 +228,7 @@ module Challah
         return has(sym.to_s.gsub(/\?/, '')) if sym.to_s =~ /^[a-z_]*\?$/
         super(sym, *args, &block)
       end
       protected
         # called before_save on the User model, actually encrypts the password with a new generated salt
         def before_save_password
@@ -238,10 +242,10 @@ module Challah
           self.persistence_token = ::Challah::Random.token(125) if self.persistence_token.to_s.blank?
           self.api_key = ::Challah::Random.token(50) if self.api_key.to_s.blank?
         end
-        # Saves any updated permission keys to the database for this user.
-        # Any permission keys that are specifically given to this user and are also in the
-        # user's role will be removed. So, the only permission keys added here will be those
+        # Saves any updated permission keys to the database for this user.
+        # Any permission keys that are specifically given to this user and are also in the
+        # user's role will be removed. So, the only permission keys added here will be those
         # in addition to the user's role.
         def save_permission_keys
           if @permission_keys and Array === @permission_keys
@@ -253,7 +257,7 @@ module Challah
               permission = ::Permission[key]
               if permission
-                self.permission_users.create(:permission_id => permission.id, :user_id => self.id)
+                self.permission_users.create({ :permission_id => permission.id, :user_id => self.id }, :without_protection => true)
               end
             end

data/lib/challah/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module Challah
-  VERSION = "0.5.3" unless defined?(::Challah::VERSION)
+  VERSION = "0.5.4" unless defined?(::Challah::VERSION)
 end

data/lib/tasks/crud.rake CHANGED Viewed

@@ -1,6 +1,6 @@
 require 'highline/import'
-namespace :challah do
+namespace :challah do
   namespace :permissions do
     desc "Create a new permission"
     task :create => :environment do
@@ -9,25 +9,25 @@ namespace :challah do
       banner('Creating a permission')
-      # Grab the required fields.
+      # Grab the required fields.
       name = ask('Permission name: ')
       key = name.to_s.parameterize.underscore
-      key = ask('Key: ') { |q| q.default = key }
+      key = ask('Key: ') { |q| q.default = key }
       description = ask('Description (optional): ')
-      permission = Permission.new(:name => name, :key => key, :description => description)
+      permission = Permission.new({ :name => name, :key => key, :description => description }, :without_protection => true)
       puts "\n"
       if permission.save
-        puts "Role has been created successfully! [ID: #{permission.id}]"
+        puts "Permission has been created successfully! [ID: #{permission.id}]"
       else
-        puts "Role could not be added for the following errors:"
+        puts "Permission could not be added for the following errors:"
         permission.errors.full_messages.each { |m| puts "  - #{m}" }
       end
     end
   end
   namespace :roles do
     desc "Create a new role"
     task :create => :environment do
@@ -36,11 +36,11 @@ namespace :challah do
       banner('Creating a role')
-      # Grab the required fields.
+      # Grab the required fields.
       name = ask('Name: ')
       description = ask('Description (optional): ')
-      role = Role.new(:name => name, :description => description)
+      role = Role.new({ :name => name, :description => description }, :without_protection => true)
       puts "\n"
@@ -52,7 +52,7 @@ namespace :challah do
       end
     end
   end
   namespace :users do
     desc "Create a new user"
     task :create => :environment do
@@ -65,9 +65,9 @@ namespace :challah do
       if first_user
         puts "Please answer the following questions to create your first admin user.\n\n"
-      end
+      end
-      # Grab the required fields.
+      # Grab the required fields.
       first_name = ask('First name: ')
       last_name = ask('Last name: ')
       email = ask('Email: ')
@@ -81,14 +81,21 @@ namespace :challah do
       unless first_user
         choose do |menu|
           menu.prompt = 'Choose a role for this user: '
           Role.all.each do |role|
             menu.choice(role.name) { role_id = role.id }
           end
         end
       end
-      user = User.new(:first_name => first_name, :last_name => last_name, :email => email, :username => username, :role_id => role_id, :password => password, :password_confirmation => password)
+      user = User.new({
+        :first_name => first_name,
+        :last_name => last_name,
+        :email => email,
+        :username => username,
+        :role_id => role_id,
+        :password => password,
+        :password_confirmation => password }, :without_protection => true)
       puts "\n"

data/test/permission_test.rb CHANGED Viewed

@@ -36,9 +36,7 @@ class PermissionTest < ActiveSupport::TestCase
       admin_role = create(:role, :name => 'Administrator')
       assert_equal nil, admin_role.permission_keys.index('new_permission')
-      #Role.stubs(:admin).returns(admin_role)
-      permission = Permission.new(:name => 'New Permission', :key => 'new_permission', :description => 'This is just a test.')
+      permission = Permission.new({ :name => 'New Permission', :key => 'new_permission', :description => 'This is just a test.' }, :without_protection => true)
       assert_difference [ 'Permission.count', 'PermissionRole.count' ], 1 do
         assert permission.save

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: challah
 version: !ruby/object:Gem::Version
-  version: 0.5.3
+  version: 0.5.4
   prerelease:
 platform: ruby
 authors:
@@ -9,11 +9,11 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2012-03-26 00:00:00.000000000Z
+date: 2012-04-06 00:00:00.000000000Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: highline
-  requirement: &70216822663460 !ruby/object:Gem::Requirement
+  requirement: &70222396826020 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -21,10 +21,10 @@ dependencies:
         version: '0'
   type: :runtime
   prerelease: false
-  version_requirements: *70216822663460
+  version_requirements: *70222396826020
 - !ruby/object:Gem::Dependency
   name: rails
-  requirement: &70216831469680 !ruby/object:Gem::Requirement
+  requirement: &70222397669900 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -32,10 +32,10 @@ dependencies:
         version: '3.1'
   type: :runtime
   prerelease: false
-  version_requirements: *70216831469680
+  version_requirements: *70222397669900
 - !ruby/object:Gem::Dependency
   name: rake
-  requirement: &70216831483320 !ruby/object:Gem::Requirement
+  requirement: &70222397682260 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -43,10 +43,10 @@ dependencies:
         version: 0.9.2
   type: :runtime
   prerelease: false
-  version_requirements: *70216831483320
+  version_requirements: *70222397682260
 - !ruby/object:Gem::Dependency
   name: bcrypt-ruby
-  requirement: &70216831500660 !ruby/object:Gem::Requirement
+  requirement: &70222397727080 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -54,7 +54,7 @@ dependencies:
         version: '0'
   type: :runtime
   prerelease: false
-  version_requirements: *70216831500660
+  version_requirements: *70222397727080
 description: A simple ruby gem for authentication, users, roles and permissions.
 email:
 - john@johntornow.com