chaltron 0.1.1 → 0.1.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: eccb480a5d936096ddff513c7c11e4af8c82f2be
-  data.tar.gz: ed20e2f670863ebaa5ec19818efca7264f85dcdb
+  metadata.gz: 9930da7720c0e4d19aeca6675e60a013d323e421
+  data.tar.gz: fd940fbb766e2a37932a1ac5fc6b4a641d91e508
 SHA512:
-  metadata.gz: cafa97cf3c55d3b2b4b26fc4c5bb4559953fadc8bdc4fcd0345d4b1936d0c9a200db373615749d7827cb3689f321859c4258c2218ccfc9d2f5d648bd4d6f1466
-  data.tar.gz: cc7fdd2bb5167dc222be3fce9cd56dd7fca628dee23ca7c89018403983473c621295fc0157c3be4e495b525ce088b6e1f1e3a5431a37564c25d618cb9cb6a1bd
+  metadata.gz: d0bc22a40c751d9eeca5ffd89cafd22cf5aebe730b5d8063250e2ffbfcdd2dd53f203915f5e2b64d17dd1459cb4894824a39516ff25d41b2854586e8570529cc
+  data.tar.gz: 0bc5262f0db91a51303c6b179dd316e8d1fb4704cc0f47dc2f9c2b18f528b004c2ce427db284a0283533493f62cd0d79d9cc77f677f4b28f034c8eeb61242053

data/README.md

@@ -1,7 +1,7 @@
 # Chaltron [![Gem Version](https://badge.fury.io/rb/chaltron.svg)](http://badge.fury.io/rb/chaltron)
 
 [![Build Status](https://api.travis-ci.org/vicvega/chaltron.png?branch=master)](http://travis-ci.org/vicvega/chaltron)
-[![Coverage Status](https://coveralls.io/repos/vicvega/chaltron/badge.png?branch=master)](https://coveralls.io/r/vicvega/chaltron?branch=master)
+[![Coverage Status](https://coveralls.io/repos/vicvega/chaltron/badge.svg?branch=master&service=github)](https://coveralls.io/github/vicvega/chaltron?branch=master)
 [![Code Climate](https://codeclimate.com/github/vicvega/chaltron/badges/gpa.svg)](https://codeclimate.com/github/vicvega/chaltron)
 [![Dependency Status](https://gemnasium.com/vicvega/chaltron.png)](https://gemnasium.com/vicvega/chaltron)
 [![PullReview stats](https://www.pullreview.com/github/vicvega/chaltron/badges/master.svg?)](https://www.pullreview.com/github/vicvega/chaltron/reviews/master)

data/app/assets/stylesheets/chaltron/layout.scss~

@@ -0,0 +1,68 @@
+body {
+//  background-color: #E1E1E1;
+}
+
+div#content {
+  margin-top: 40px;
+}
+
+/**
+ * Flash messages
+ *
+ */
+.flash-container {
+  cursor: pointer;
+  margin: 0;
+  text-align: center;
+  position: fixed;
+  top: 40px;
+  width: 100%;
+  opacity: 0.8;
+  z-index: 100;
+  .alert {
+    margin: 0;
+    border-radius: 0;
+  }
+}
+
+/**
+ * Login
+ *
+ */
+.login-box{
+  margin-top: 100px;
+  @include form-box(650px);
+}
+
+/**
+ * Navbar tabs
+ *
+ */
+ .nav-tabs {
+    margin-bottom: 15px;
+}
+
+#nprogress .spinner {
+  display: block;
+  position: fixed;
+  z-index: 1031;
+  top: 12px;
+  right: 5px;
+}
+
+/**
+ * Scaffold
+ *
+ */
+.side-filters fieldset {
+  margin-bottom: 15px;
+}
+
+.form-actions {
+  background-color: whitesmoke;
+  border-top: 1px solid #e5e5e5;
+  margin-bottom: 18px;
+  margin-top: 18px;
+  padding-bottom: 18px;
+  padding-top: 18px;
+}

data/app/controllers/chaltron/omniauth_callbacks_controller.rb

@@ -15,7 +15,7 @@ module Chaltron
       if user.nil?
         redirect_to root_url, alert: I18n.t('chaltron.not_allowed_to_sign_in')
       else
-        user.remember_me = true if user.persisted?
+        user.remember_me = params[:remember_me] if user.persisted?
         flash[:notice] = I18n.t('devise.sessions.signed_in')
 
         info I18n.t('chaltron.logs.login_via', user: user.display_name, provider: 'ldap')

data/app/controllers/chaltron/omniauth_callbacks_controller.rb~

@@ -0,0 +1,34 @@
+require 'chaltron/ldap/user'
+
+module Chaltron
+  class OmniauthCallbacksController < Devise::OmniauthCallbacksController
+
+  default_log_category :login
+
+    def ldap
+      puts '##########################################'
+      puts oauth.inspect
+      puts '##########################################'
+      puts params.inspect
+      puts '##########################################'
+      # We only find ourselves here
+      # if the authentication to LDAP was successful.
+      user = Chaltron::LDAP::User.find_or_create(oauth, Chaltron.ldap_allow_all)
+      if user.nil?
+        redirect_to root_url, alert: I18n.t('chaltron.not_allowed_to_sign_in')
+      else
+        user.remember_me = params[:remember_me] if user.persisted?
+        flash[:notice] = I18n.t('devise.sessions.signed_in')
+
+        info I18n.t('chaltron.logs.login_via', user: user.display_name, provider: 'ldap')
+        sign_in_and_redirect(user)
+      end
+    end
+
+    private
+
+    def oauth
+      @oauth ||= request.env['omniauth.auth']
+    end
+  end
+end

data/app/controllers/chaltron/users_controller.rb~

@@ -0,0 +1,94 @@
+class Chaltron::UsersController < ApplicationController
+  before_action :authenticate_user!
+  load_and_authorize_resource except: [:self_show, :self_edit, :self_update]
+
+  respond_to :html
+  default_log_category :user_admin
+
+  def index
+
+    puts 'USER controller index START'
+
+    @filters = params[:filters] || {}
+
+    # apply provider filter
+    @users = @users.where(provider: nil) if @filters[:provider] == 'local'
+    @users = @users.where(provider: :ldap) if @filters[:provider] == 'ldap'
+    # apply activity filter
+    @users = @users.where(sign_in_count: 0) if @filters[:activity] == 'no_login'
+
+
+    puts 'USER controller index STOP'
+  end
+
+  def show
+  end
+
+  def new
+  end
+
+  def edit
+  end
+
+  def self_show
+  end
+
+  def self_edit
+  end
+
+  def create
+    if @user.save
+      flash[:notice] = I18n.t('chaltron.users.created')
+      info I18n.t('chaltron.logs.users.created',
+        current: current_user.display_name, user: @user.display_name)
+    end
+    respond_with(@user)
+  end
+
+  def update
+    flash[:notice] = I18n.t('chaltron.users.updated') if @user.update(update_params)
+    respond_with(@user)
+  end
+
+  def self_update
+    user_params_with_pass = self_update_params.dup
+    if params[:user][:password].present?
+      user_params_with_pass.merge!(
+        password: params[:user][:password],
+        password_confirmation: params[:user][:password_confirmation],
+      )
+    end
+    if current_user.update(user_params_with_pass)
+      flash[:notice] = I18n.t('chaltron.users.self_updated')
+      render :self_show
+    else
+      render :self_edit
+    end
+  end
+
+  def destroy
+    if current_user == @user
+      redirect_to({ action: :index }, alert: I18n.t('chaltron.users.cannot_self_destroy'))
+    else
+      info I18n.t('chaltron.logs.users.destroyed',
+        current: current_user.display_name, user: @user.display_name)
+      @user.destroy
+      respond_with(@user)
+    end
+  end
+
+  private
+  def create_params
+    params.require(:user).permit(:username, :email, :fullname,
+      :password, :password_confirmation, roles: [])
+  end
+
+  def update_params
+    params.require(:user).permit(roles: [])
+  end
+
+  def self_update_params
+    params.require(:user).permit(:email, :fullname)
+  end
+
+end

data/app/models/user.rb

@@ -3,13 +3,27 @@ class User < ActiveRecord::Base
   # Include default devise modules. Others available are:
   # :registerable, :confirmable, :lockable and :omniauthable
 
+  # Virtual attribute for authenticating by either username or email
+  attr_accessor :login
+
   devise :database_authenticatable, :recoverable, :rememberable, :trackable, :validatable,
          :timeoutable, :omniauthable
 
-  validates :username, presence: true, uniqueness: { scope: :provider }
+  validates :username, presence: true, uniqueness: { scope: :provider, case_sensitive: false }
 
   def display_name
     fullname.presence || username
   end
 
+  # Devise method overridden to allow sign in with email or username
+  def self.find_for_database_authentication(warden_conditions)
+    conditions = warden_conditions.dup
+    login = conditions.delete(:login)
+    if login
+      where(conditions).where(['lower(username) = :value OR lower(email) = :value', { value: login.downcase }]).first
+    else
+      where(conditions).first
+    end
+  end
+
 end

data/app/models/user.rb~

@@ -0,0 +1,28 @@
+class User < ActiveRecord::Base
+  include Authorizable
+  # Include default devise modules. Others available are:
+  # :registerable, :confirmable, :lockable and :omniauthable
+
+  # Virtual attribute for authenticating by either username or email
+  attr_accessor :login
+
+  devise :database_authenticatable, :recoverable, :rememberable, :trackable, :validatable,
+         :timeoutable, :omniauthable
+
+  validates :username, presence: true, uniqueness: { scope: :provider, case_sensitive: false }
+
+  def display_name
+    fullname.presence || username
+  end
+
+  # Devise method overridden to allow sign in with email or username
+  def self.find_for_database_authentication(warden_conditions)
+    conditions = warden_conditions.dup
+    if login = conditions.delete(:login)
+      where(conditions).where(['lower(username) = :value OR lower(email) = :value', { value: login.downcase }]).first
+    else
+      where(conditions).first
+    end
+  end
+
+end

data/app/views/chaltron/users/index.html.erb~

@@ -0,0 +1,48 @@
+<% puts 'USER INDEX VIEW DEBUG 1' %>
+
+<div class='container-fluid'>
+  <h3 class='page-header'><%= t '.title' %></h3>
+  <div class='row'>
+    <div class='col-md-3 side-filters'>
+      <%= render partial: 'side_filters', locals: { filters: @filters } %>
+      <hr>
+
+      <div class='btn-group pull-right'>
+        <%= content_tag :button, type: 'button', class: 'btn btn-primary dropdown-toggle',
+          data: {toggle: 'dropdown'}, aria: {expanded: false} do %>
+          <%= icon :plus, t('.new_user') %> <span class="caret"></span>
+        <% end %>
+      <ul class='dropdown-menu' role='menu'>
+        <li><%= link_to t('.new_ldap_user'), ldap_search_url %></li>
+        <li><%= link_to t('.new_local_user'), new_user_url %></li>
+      </ul>
+    </div>
+    </div>
+    <div class='col-md-9'>
+      <div class='panel panel-default'>
+        <div class='panel-body'>
+          <%= content_tag 'table', id: 'users', class: 'table table-striped' do %>
+            <thead>
+              <tr>
+                <th class='username'>
+                  <%= User.human_attribute_name(:username) %>
+                </th>
+                <th class='fullname'>
+                  <%= User.human_attribute_name(:fullname) %>
+                </th>
+                <th class='email'>
+                  <%= User.human_attribute_name(:email) %>
+                </th>
+              </tr>
+            </thead>
+            <tbody>
+              <%= render @users %>
+            </tbody>
+          <% end %>
+        </div>
+      </div>
+    </div>
+  </div>
+</div>
+
+<% puts 'USER INDEX VIEW DEBUG 2' %>

data/app/views/devise/sessions/_new_ldap.html.erb

@@ -2,16 +2,27 @@
   <div class='form-group'>
     <%= label_tag 'username', 'Username', class: 'col-sm-3   control-label' %>
     <div class='col-sm-9'>
-      <%= text_field_tag :username, nil, {class: 'form-control', autofocus: 'autofocus'} %>
+      <%= text_field_tag :username, nil, {class: 'form-control', autofocus: 'autofocus', placeholder: 'LDAP username'} %>
     </div>
   </div>
   <div class='form-group'>
     <%= label_tag 'password', 'Password', class: 'col-sm-3   control-label' %>
     <div class='col-sm-9'>
-      <%= password_field_tag :password, nil, {class: 'form-control bottom'} %>
+      <%= password_field_tag :password, nil, {class: 'form-control bottom', placeholder: 'Password'} %>
     </div>
   </div>
-
+  <% if devise_mapping.rememberable? %>
+    <div class='form-group'>
+      <div class='col-sm-offset-3 col-sm-9'>
+        <div class='checkbox'>
+          <%= label_tag :remember_me do %>
+            <%= check_box_tag :remember_me, 1, false %>
+            <%= t('.remember_me') %>
+          <% end %>
+        </div>
+      </div>
+    </div>
+  <% end %>
   <div class='form-group'>
     <div class='col-sm-offset-3 col-sm-9'>
       <%= submit_tag t('.submit_text'), class: 'btn btn-primary' %>

data/app/views/devise/sessions/_new_ldap.html.erb~

@@ -0,0 +1,31 @@
+<%= form_tag(user_omniauth_callback_path(:ldap), class: 'form-horizontal', role: 'form') do %>
+  <div class='form-group'>
+    <%= label_tag 'username', 'Username', class: 'col-sm-3   control-label' %>
+    <div class='col-sm-9'>
+      <%= text_field_tag :username, nil, {class: 'form-control', autofocus: 'autofocus'} %>
+    </div>
+  </div>
+  <div class='form-group'>
+    <%= label_tag 'password', 'Password', class: 'col-sm-3   control-label' %>
+    <div class='col-sm-9'>
+      <%= password_field_tag :password, nil, {class: 'form-control bottom', placeholder: 'Password'} %>
+    </div>
+  </div>
+  <% if devise_mapping.rememberable? %>
+    <div class='form-group'>
+      <div class='col-sm-offset-3 col-sm-9'>
+        <div class='checkbox'>
+          <%= label_tag :remember_me do %>
+            <%= check_box_tag :remember_me, 1, false %>
+            <%= t('.remember_me') %>
+          <% end %>
+        </div>
+      </div>
+    </div>
+  <% end %>
+  <div class='form-group'>
+    <div class='col-sm-offset-3 col-sm-9'>
+      <%= submit_tag t('.submit_text'), class: 'btn btn-primary' %>
+    </div>
+  </div>
+<% end %>

data/app/views/devise/sessions/_new_local.html.erb

@@ -1,10 +1,10 @@
-<%= bootstrap_form_for(resource, as: resource_name, url: session_path(resource_name), layout: :horizontal, label_col: "col-sm-3", control_col: "col-sm-9") do |f| %>
-  <%= f.text_field :username %>
-  <%= f.password_field :password %>
+<%= bootstrap_form_for(resource, as: resource_name, url: session_path(resource_name), layout: :horizontal, label_col: 'col-sm-3', control_col: 'col-sm-9') do |f| %>
+  <%= f.text_field :login, placeholder: t('.login_placeholder') %>
+  <%= f.password_field :password, placeholder: 'Password' %>
   <% if devise_mapping.rememberable? %>
     <div class='form-group'>
       <div class='col-sm-offset-3 col-sm-9'>
-        <%= f.check_box :remember_me, label: t('.remember_me'), control_col: "col-sm-3" %>
+        <%= f.check_box :remember_me, label: t('.remember_me'), control_col: 'col-sm-3' %>
       </div>
     </div>
   <% end %>

data/app/views/devise/sessions/_new_local.html.erb~

@@ -0,0 +1,20 @@
+<%= bootstrap_form_for(resource, as: resource_name, url: session_path(resource_name), layout: :horizontal, label_col: 'col-sm-3', control_col: 'col-sm-9') do |f| %>
+  <%= f.text_field :login, placeholder: t('.username_placeholder') %>
+  <%= f.password_field :password, placeholder: 'Password' %>
+  <% if devise_mapping.rememberable? %>
+    <div class='form-group'>
+      <div class='col-sm-offset-3 col-sm-9'>
+        <%= f.check_box :remember_me, label: t('.remember_me'), control_col: 'col-sm-3' %>
+      </div>
+    </div>
+  <% end %>
+    <div class='form-group'>
+      <div class='col-sm-offset-3 col-sm-9'>
+        <%= f.submit t('.submit_text'), class: 'btn btn-primary' %>
+      </div>
+    </div>
+  <hr>
+  <p>
+    <strong><%= link_to t('.link_text'), new_password_path(resource_name) %> </strong>
+  </p>
+<% end %>

data/app/views/locales/en.yml

@@ -17,8 +17,10 @@ en:
         remember_me: Remember me
         link_text: Forgot your password?
         submit_text: Login
+        login_placeholder: Username or email
       new_ldap:
-        submit_text: Login
+        remember_me: Remember me
+        submit_text: LDAP login
   chaltron:
     logs:
       index:

data/app/views/locales/en.yml~

@@ -0,0 +1,91 @@
+en:
+  devise:
+    passwords:
+      new:
+        title: Forgot your password?
+        par1: Send us your email to receive instrucions for password reset
+        par2_html: Already got valid credentials? <strong><a href="/users/sign_in">Login</a></strong>
+        submit_text: Submit
+      edit:
+        title: Change password
+        submit_text: Change password
+        par_html: Never mind! <strong><a href="/users/sign_in">Login</a></strong>
+    sessions:
+      new:
+        title: Login
+      new_local:
+        remember_me: Remember me
+        link_text: Forgot your password?
+        submit_text: Login
+        username_placeholder: Username or email
+      new_ldap:
+        remember_me: Remember me
+        submit_text: LDAP login
+  chaltron:
+    logs:
+      index:
+        title: Log list
+      show:
+        headers:
+          details: Details
+    users:
+      index:
+        title: User list
+        new_user: New user
+        new_local_user: New local user
+        new_ldap_user: New LDAP user
+      side_filters:
+          provider:
+            all: All
+            local: Local
+            ldap: LDAP
+          activity:
+            inactive: Inactive
+            no_login: Never logged
+      new:
+        title: New local user
+        submit_text: Create local user
+      edit:
+        title: Edit %{user}
+      self_edit:
+        title: Edit account data
+      form:
+        cancel_text: Cancel
+      show:
+        headers:
+          activity: Activity
+          details: Details
+        edit: Edit
+        destroy: Destroy
+        destroy_confirm: Are you sure you want to destroy %{user}?
+      self_show:
+        title: Account data
+        headers:
+          activity: Activity
+          details: Details
+        edit: Edit account data
+    ldap:
+      search:
+        title: Search for LDAP sers
+        submit_text: Search
+        name_label: User
+        name_help: Search for user-id (exact match)
+        fullname_label: Fullname
+        fullname_help: Search for first name or surname (also partial match)
+        department_label: Department
+        department_help: Search for department (also partial match)
+        limit_label: Limit
+        limit_help: Max shown results
+      multi_new:
+        title: New LDAP users
+        submit_text: Create LDAP users
+        par: Select users by clicking row table
+      multi_create:
+        title: Create LDAP users
+        result: Results
+        created:
+          one:   A new user has been successfully created
+          other: "%{count} users have been successfully created"
+        error:
+          one:   A user has not been crated
+          other: "%{count} users have not been created"

data/app/views/locales/it.yml

@@ -17,8 +17,10 @@ it:
         remember_me: Ricordami
         link_text: Hai dimenticato la password?
         submit_text: Login
+        login_placeholder: Username o email
       new_ldap:
-        submit_text: Login
+        remember_me: Ricordami
+        submit_text: LDAP login
   chaltron:
     logs:
       index:

data/app/views/locales/it.yml~

@@ -0,0 +1,91 @@
+it:
+  devise:
+    passwords:
+      new:
+        title: Password dimenticata?
+        par1: Inserisci la tua email per ricevere instruzioni su come resettare la password
+        submit_text: Invia
+        par2_html: Hai già delle credenziali valide? <strong><a href="/users/sign_in">Login</a></strong>
+      edit:
+        title: Cambio password
+        submit_text: Cambia password
+        par_html: Come non detto! <strong><a href="/users/sign_in">Login</a></strong>
+    sessions:
+      new:
+        title: Login
+      new_local:
+        remember_me: Ricordami
+        link_text: Hai dimenticato la password?
+        submit_text: Login
+        username_placeholder: Username o email
+      new_ldap:
+        remember_me: Ricordami
+        submit_text: LDAP login
+  chaltron:
+    logs:
+      index:
+        title: Elenco dei log
+      show:
+        headers:
+          details: Dettagli
+    users:
+      index:
+        title: Elenco degli utenti
+        new_user: Nuovo utente
+        new_local_user: Nuovo utente locale
+        new_ldap_user: Nuovo utente LDAP
+      side_filters:
+          provider:
+            all: Tutti
+            local: Locali
+            ldap: LDAP
+          activity:
+            inactive: Inattivi
+            no_login: Mai loggati
+      new:
+        title: Nuovo utente locale
+        submit_text: Crea utente locale
+      edit:
+        title: Modifica %{user}
+      self_edit:
+        title: Modifica dati personali
+      form:
+        cancel_text: Annulla
+      show:
+        headers:
+          activity: Attività
+          details: Dettagli
+        edit: Modifica
+        destroy: Cancella
+        destroy_confirm: Sei sicuro di voler cancellare %{user}?
+      self_show:
+        title: Dati personali
+        headers:
+          activity: Attività
+          details: Dettagli
+        edit: Modifica dati personali
+    ldap:
+      search:
+        title: Ricerca utenti LDAP
+        submit_text: Cerca
+        name_label: Utente
+        name_help: Ricerca per user-id (match esatto)
+        fullname_label: Nome
+        fullname_help: Ricerca per nome o cognome (anche match parziale)
+        department_label: Funzione
+        department_help: Ricerca per sigla di funzione (anche match parziale)
+        limit_label: Limite
+        limit_help: Massimo numero di risultati visualizzati
+      multi_new:
+        title: Nuovi utenti LDAP
+        submit_text: Crea utenti LDAP
+        par: Selezione gli utenti facendo un click sulla riga della tabella
+      multi_create:
+        title: Creazione utenti LDAP
+        result: Risultati
+        created:
+          one:   È stato creato un nuovo utente
+          other: Sono stati creati %{count} nuovi utenti
+        error:
+          one:   Un utente non è stato creato
+          other: "%{count} utenti non sono stati creati"

data/config/initializers/devise.rb

@@ -29,7 +29,7 @@ Devise.setup do |config|
   # session. If you need permissions, you should implement that in a before filter.
   # You can also supply a hash where the value is a boolean determining whether
   # or not authentication should be aborted when the value is not present.
-  config.authentication_keys = [:username]
+  config.authentication_keys = [:login]
 
   # Configure parameters from the request object used for authentication. Each entry
   # given should be a request method and it will automatically be passed to the

data/config/initializers/devise.rb~

@@ -0,0 +1,256 @@
+# Use this hook to configure devise mailer, warden hooks and so forth.
+# Many of these configuration options can be set straight in your model.
+Devise.setup do |config|
+  # The secret key used by Devise. Devise uses this key to generate
+  # random tokens. Changing this key will render invalid all existing
+  # confirmation, reset password and unlock tokens in the database.
+  # config.secret_key = 'b329892371e2344d4ac2ca83059d9e4edee312765f952accfd5794570204e34d83bcdaf6fdcb9aa707d70a707f04695d6a88cf00693852533e913c26b658b455'
+
+  # ==> Mailer Configuration
+  # Configure the e-mail address which will be shown in Devise::Mailer,
+  # note that it will be overwritten if you use your own mailer class
+  # with default "from" parameter.
+  config.mailer_sender = 'please-change-me-at-config-initializers-devise@example.com'
+
+  # Configure the class responsible to send e-mails.
+  # config.mailer = 'Devise::Mailer'
+
+  # ==> ORM configuration
+  # Load and configure the ORM. Supports :active_record (default) and
+  # :mongoid (bson_ext recommended) by default. Other ORMs may be
+  # available as additional gems.
+  require 'devise/orm/active_record'
+
+  # ==> Configuration for any authentication mechanism
+  # Configure which keys are used when authenticating a user. The default is
+  # just :email. You can configure it to use [:username, :subdomain], so for
+  # authenticating a user, both parameters are required. Remember that those
+  # parameters are used only when authenticating and not when retrieving from
+  # session. If you need permissions, you should implement that in a before filter.
+  # You can also supply a hash where the value is a boolean determining whether
+  # or not authentication should be aborted when the value is not present.
+  config.authentication_keys = [:username]
+
+  # Configure parameters from the request object used for authentication. Each entry
+  # given should be a request method and it will automatically be passed to the
+  # find_for_authentication method and considered in your model lookup. For instance,
+  # if you set :request_keys to [:subdomain], :subdomain will be used on authentication.
+  # The same considerations mentioned for authentication_keys also apply to request_keys.
+  # config.request_keys = []
+
+  # Configure which authentication keys should be case-insensitive.
+  # These keys will be downcased upon creating or modifying a user and when used
+  # to authenticate or find a user. Default is :email.
+  config.case_insensitive_keys = [:username, :email]
+
+  # Configure which authentication keys should have whitespace stripped.
+  # These keys will have whitespace before and after removed upon creating or
+  # modifying a user and when used to authenticate or find a user. Default is :email.
+  config.strip_whitespace_keys = [:username, :email]
+
+  # Tell if authentication through request.params is enabled. True by default.
+  # It can be set to an array that will enable params authentication only for the
+  # given strategies, for example, `config.params_authenticatable = [:database]` will
+  # enable it only for database (email + password) authentication.
+  # config.params_authenticatable = true
+
+  # Tell if authentication through HTTP Auth is enabled. False by default.
+  # It can be set to an array that will enable http authentication only for the
+  # given strategies, for example, `config.http_authenticatable = [:database]` will
+  # enable it only for database authentication. The supported strategies are:
+  # :database      = Support basic authentication with authentication key + password
+  # config.http_authenticatable = false
+
+  # If http headers should be returned for AJAX requests. True by default.
+  # config.http_authenticatable_on_xhr = true
+
+  # The realm used in Http Basic Authentication. 'Application' by default.
+  # config.http_authentication_realm = 'Application'
+
+  # It will change confirmation, password recovery and other workflows
+  # to behave the same regardless if the e-mail provided was right or wrong.
+  # Does not affect registerable.
+  # config.paranoid = true
+
+  # By default Devise will store the user in session. You can skip storage for
+  # particular strategies by setting this option.
+  # Notice that if you are skipping storage for all authentication paths, you
+  # may want to disable generating routes to Devise's sessions controller by
+  # passing skip: :sessions to `devise_for` in your config/routes.rb
+  config.skip_session_storage = [:http_auth]
+
+  # By default, Devise cleans up the CSRF token on authentication to
+  # avoid CSRF token fixation attacks. This means that, when using AJAX
+  # requests for sign in and sign up, you need to get a new CSRF token
+  # from the server. You can disable this option at your own risk.
+  # config.clean_up_csrf_token_on_authentication = true
+
+  # ==> Configuration for :database_authenticatable
+  # For bcrypt, this is the cost for hashing the password and defaults to 10. If
+  # using other encryptors, it sets how many times you want the password re-encrypted.
+  #
+  # Limiting the stretches to just one in testing will increase the performance of
+  # your test suite dramatically. However, it is STRONGLY RECOMMENDED to not use
+  # a value less than 10 in other environments. Note that, for bcrypt (the default
+  # encryptor), the cost increases exponentially with the number of stretches (e.g.
+  # a value of 20 is already extremely slow: approx. 60 seconds for 1 calculation).
+  config.stretches = Rails.env.test? ? 1 : 10
+
+  # Setup a pepper to generate the encrypted password.
+  # config.pepper = '2b12b15c7b15b7205f776f689afe0892252ab7273f8be6e46c0bd98b96790f1a930f0587db5a60e768ba79370513cae7c6b11e4babab1a0adabdd9f424f57291'
+
+  # ==> Configuration for :confirmable
+  # A period that the user is allowed to access the website even without
+  # confirming their account. For instance, if set to 2.days, the user will be
+  # able to access the website for two days without confirming their account,
+  # access will be blocked just in the third day. Default is 0.days, meaning
+  # the user cannot access the website without confirming their account.
+  # config.allow_unconfirmed_access_for = 2.days
+
+  # A period that the user is allowed to confirm their account before their
+  # token becomes invalid. For example, if set to 3.days, the user can confirm
+  # their account within 3 days after the mail was sent, but on the fourth day
+  # their account can't be confirmed with the token any more.
+  # Default is nil, meaning there is no restriction on how long a user can take
+  # before confirming their account.
+  # config.confirm_within = 3.days
+
+  # If true, requires any email changes to be confirmed (exactly the same way as
+  # initial account confirmation) to be applied. Requires additional unconfirmed_email
+  # db field (see migrations). Until confirmed, new email is stored in
+  # unconfirmed_email column, and copied to email column on successful confirmation.
+  config.reconfirmable = true
+
+  # Defines which key will be used when confirming an account
+  # config.confirmation_keys = [ :email ]
+
+  # ==> Configuration for :rememberable
+  # The time the user will be remembered without asking for credentials again.
+  # config.remember_for = 2.weeks
+
+  # If true, extends the user's remember period when remembered via cookie.
+  # config.extend_remember_period = false
+
+  # Options to be passed to the created cookie. For instance, you can set
+  # secure: true in order to force SSL only cookies.
+  # config.rememberable_options = {}
+
+  # ==> Configuration for :validatable
+  # Range for password length.
+  config.password_length = 8..128
+
+  # Email regex used to validate email formats. It simply asserts that
+  # one (and only one) @ exists in the given string. This is mainly
+  # to give user feedback and not to assert the e-mail validity.
+  # config.email_regexp = /\A[^@]+@[^@]+\z/
+
+  # ==> Configuration for :timeoutable
+  # The time you want to timeout the user session without activity. After this
+  # time the user will be asked for credentials again. Default is 30 minutes.
+  # config.timeout_in = 30.minutes
+
+  # If true, expires auth token on session timeout.
+  # config.expire_auth_token_on_timeout = false
+
+  # ==> Configuration for :lockable
+  # Defines which strategy will be used to lock an account.
+  # :failed_attempts = Locks an account after a number of failed attempts to sign in.
+  # :none            = No lock strategy. You should handle locking by yourself.
+  # config.lock_strategy = :failed_attempts
+
+  # Defines which key will be used when locking and unlocking an account
+  # config.unlock_keys = [ :email ]
+
+  # Defines which strategy will be used to unlock an account.
+  # :email = Sends an unlock link to the user email
+  # :time  = Re-enables login after a certain amount of time (see :unlock_in below)
+  # :both  = Enables both strategies
+  # :none  = No unlock strategy. You should handle unlocking by yourself.
+  # config.unlock_strategy = :both
+
+  # Number of authentication tries before locking an account if lock_strategy
+  # is failed attempts.
+  # config.maximum_attempts = 20
+
+  # Time interval to unlock the account if :time is enabled as unlock_strategy.
+  # config.unlock_in = 1.hour
+
+  # Warn on the last attempt before the account is locked.
+  # config.last_attempt_warning = false
+
+  # ==> Configuration for :recoverable
+  #
+  # Defines which key will be used when recovering the password for an account
+  # config.reset_password_keys = [ :email ]
+
+  # Time interval you can reset your password with a reset password key.
+  # Don't put a too small interval or your users won't have the time to
+  # change their passwords.
+  config.reset_password_within = 6.hours
+
+  # ==> Configuration for :encryptable
+  # Allow you to use another encryption algorithm besides bcrypt (default). You can use
+  # :sha1, :sha512 or encryptors from others authentication tools as :clearance_sha1,
+  # :authlogic_sha512 (then you should set stretches above to 20 for default behavior)
+  # and :restful_authentication_sha1 (then you should set stretches to 10, and copy
+  # REST_AUTH_SITE_KEY to pepper).
+  #
+  # Require the `devise-encryptable` gem when using anything other than bcrypt
+  # config.encryptor = :sha512
+
+  # ==> Scopes configuration
+  # Turn scoped views on. Before rendering "sessions/new", it will first check for
+  # "users/sessions/new". It's turned off by default because it's slower if you
+  # are using only default views.
+  # config.scoped_views = false
+
+  # Configure the default scope given to Warden. By default it's the first
+  # devise role declared in your routes (usually :user).
+  # config.default_scope = :user
+
+  # Set this configuration to false if you want /users/sign_out to sign out
+  # only the current scope. By default, Devise signs out all scopes.
+  # config.sign_out_all_scopes = true
+
+  # ==> Navigation configuration
+  # Lists the formats that should be treated as navigational. Formats like
+  # :html, should redirect to the sign in page when the user does not have
+  # access, but formats like :xml or :json, should return 401.
+  #
+  # If you have any extra navigational formats, like :iphone or :mobile, you
+  # should add them to the navigational formats lists.
+  #
+  # The "*/*" below is required to match Internet Explorer requests.
+  # config.navigational_formats = ['*/*', :html]
+
+  # The default HTTP method used to sign out a resource. Default is :delete.
+  config.sign_out_via = :delete
+
+  # ==> OmniAuth
+  # Add a new OmniAuth provider. Check the wiki for more information on setting
+  # up on your models and hooks.
+  # config.omniauth :github, 'APP_ID', 'APP_SECRET', scope: 'user,public_repo'
+
+  # ==> Warden configuration
+  # If you want to use other strategies, that are not supported by Devise, or
+  # change the failure app, you can configure them inside the config.warden block.
+  #
+  # config.warden do |manager|
+  #   manager.intercept_401 = false
+  #   manager.default_strategies(scope: :user).unshift :some_external_strategy
+  # end
+
+  # ==> Mountable engine configurations
+  # When using Devise inside an engine, let's call it `MyEngine`, and this engine
+  # is mountable, there are some extra configurations to be taken into account.
+  # The following options are available, assuming the engine is mounted as:
+  #
+  #     mount MyEngine, at: '/my_engine'
+  #
+  # The router that invoked `devise_for`, in the example above, would be:
+  # config.router_name = :my_engine
+  #
+  # When using omniauth, Devise cannot automatically set Omniauth path,
+  # so you need to do it manually. For the users scope, it would be:
+  # config.omniauth_path_prefix = '/my_engine/users/auth'
+end

data/lib/chaltron/controllers/helpers.rb

@@ -45,6 +45,14 @@ module Chaltron
         )
       end
 
+      #
+      # To allow login with username or email
+      #
+      protected
+      def configure_permitted_parameters
+        devise_parameter_sanitizer.for(:sign_in) { |u| u.permit(:login, :username, :email, :password, :remember_me) }
+      end
+
     end
   end
 end

data/lib/chaltron/controllers/helpers.rb~

@@ -0,0 +1,61 @@
+module Chaltron
+  module Controllers
+    # Those helpers are convenience methods added to ApplicationController.
+    module Helpers
+      extend ActiveSupport::Concern
+      included do
+        rescue_from ::CanCan::AccessDenied do |exception|
+          alert = current_user.nil? ? t('chaltron.access_denied_try_login') : t('chaltron.access_denied')
+          redirect_to root_url, alert: alert
+        end
+      end
+
+      module ClassMethods
+        def log_category
+          defined?(@log_category) ? @log_category : self.to_s.downcase
+        end
+
+        def default_log_category(cat)
+          @log_category = cat.to_s
+        end
+      end
+
+      #
+      # Utilities for logging
+      #
+      def info(message, category = nil)
+        create_log_message(message, category, :info)
+      end
+
+      def debug(message, category = nil)
+        create_log_message(message, category, :debug)
+      end
+
+      def error(message, category = nil)
+        create_log_message(message, category, :error)
+      end
+
+      private
+      def create_log_message(message, category, severity)
+        category ||= self.class.log_category
+        ::Log.create(
+          message: message,
+          category: category.to_s,
+          severity: severity.to_s
+        )
+      end
+
+      #
+      # To allow login with username or email
+      #
+      protected
+      def configure_permitted_parameters
+
+        puts '-------------------------------HERE'
+
+        devise_parameter_sanitizer.for(:sign_in) { |u| u.permit(:login, :username, :email, :password, :remember_me) }
+      end
+
+    end
+  end
+end

data/lib/chaltron/engine.rb

@@ -37,6 +37,7 @@ module Chaltron
     initializer('chaltron.helpers') do |_app|
       ActiveSupport.on_load(:action_controller) do
         include Chaltron::Controllers::Helpers
+        before_action :configure_permitted_parameters, if: :devise_controller?
       end
     end
   end

data/lib/chaltron/engine.rb~

@@ -0,0 +1,47 @@
+require 'devise'
+require 'cancancan'
+require 'omniauth'
+require 'omniauth-ldap'
+require 'bootstrap-sass'
+require 'autoprefixer-rails'
+require 'font-awesome-sass'
+require 'simple-navigation'
+require 'jquery-datatables-rails'
+require 'ajax-datatables-rails'
+require 'bootstrap_form'
+require 'nprogress-rails'
+require 'rails-i18n'
+require 'momentjs-rails'
+
+require 'simple_navigation_renderers'
+SimpleNavigation.config_file_paths << File.expand_path('../../../config', __FILE__)
+
+module Chaltron
+  class Engine < ::Rails::Engine
+    config.generators do |g|
+      g.test_framework :rspec, fixture: false
+      g.fixture_replacement :factory_girl, dir: 'spec/factories'
+      g.assets false
+      g.helper false
+    end
+
+    config.app_generators do |g|
+      g.templates.unshift File::expand_path('../../templates', __FILE__)
+    end
+
+    initializer('chaltron.locales') do |_app|
+      Chaltron::Engine.config.i18n.load_path += Dir[root.join('app/views', 'locales', '*.{rb,yml}')]
+      Chaltron::Engine.config.i18n.load_path += Dir[root.join('app/models', 'locales', '*.{rb,yml}')]
+    end
+
+    initializer('chaltron.helpers') do |_app|
+      ActiveSupport.on_load(:action_controller) do
+        include Chaltron::Controllers::Helpers
+
+        puts '--------------------------DEBUG'
+
+        before_action :configure_permitted_parameters, if: :devise_controller?
+      end
+    end
+  end
+end

data/lib/chaltron/ldap/user.rb~

@@ -0,0 +1,88 @@
+# LDAP extension for User ::User
+#
+# * Find or create user from omniauth.auth data
+#
+
+require 'chaltron/ldap/person'
+
+module Chaltron
+  module LDAP
+    class User
+      class << self
+        attr_reader :auth
+
+        def find_or_create(auth, create)
+          @auth = auth
+          if uid.blank? || email.blank? || username.blank?
+            raise_error('Account must provide a dn, uid and email address')
+          end
+          user = find_by_uid_and_provider
+
+          puts "DEBUG user = #{user}"
+
+          entry = Chaltron::LDAP::Person.find_by_uid(username)
+
+
+          puts "DEBUG entry = #{entry}"
+
+
+          if user.nil? and create
+            # create user
+            user = entry.create_user Chaltron.default_roles
+          end
+          update_ldap_attributes(user, entry) unless user.nil?
+          user
+        end
+
+        private
+
+        def update_ldap_attributes(user, entry)
+          user.update_attributes!(
+            email: entry.email,
+            department: entry.department
+          )
+        end
+
+        def find_by_uid_and_provider
+          # LDAP distinguished name is case-insensitive
+          user = ::User.where('provider = ? and lower(extern_uid) = ?', provider, uid.downcase).last
+          if user.nil?
+            # Look for user with same emails
+            #
+            # Possible cases:
+            # * When user already has account and need to link their LDAP account.
+            # * LDAP uid changed for user with same email and we need to update their uid
+            #
+            user = ::User.find_by(email: email)
+            user.update_attributes!(extern_uid: uid, provider: provider) unless user.nil?
+          end
+          user
+        end
+
+        def uid
+          auth.info.uid || auth.uid
+        end
+
+        def email
+          auth.info.email.downcase unless auth.info.email.nil?
+        end
+
+        def name
+          auth.info.name.to_s.force_encoding('utf-8')
+        end
+
+        def username
+          auth.info.nickname.to_s.force_encoding('utf-8')
+        end
+
+        def provider
+          'ldap'
+        end
+
+        def raise_error(message)
+          fail OmniAuth::Error, '(LDAP) ' + message
+        end
+      end
+    end
+  end
+end

data/lib/chaltron/version.rb

@@ -1,3 +1,3 @@
 module Chaltron
-  VERSION = '0.1.1'
+  VERSION = '0.1.2'
 end

data/lib/chaltron/version.rb~

@@ -0,0 +1,3 @@
+module Chaltron
+  VERSION = '0.1.1'
+end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: chaltron
 version: !ruby/object:Gem::Version
-  version: 0.1.1
+  version: 0.1.2
 platform: ruby
 authors:
 - vicvega
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-05-15 00:00:00.000000000 Z
+date: 2015-07-22 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -384,12 +384,15 @@ files:
 - app/assets/stylesheets/chaltron.scss
 - app/assets/stylesheets/chaltron/datatables.scss
 - app/assets/stylesheets/chaltron/layout.scss
+- app/assets/stylesheets/chaltron/layout.scss~
 - app/assets/stylesheets/chaltron/mixins.scss
 - app/controllers/chaltron/ldap_controller.rb
 - app/controllers/chaltron/logs_controller.rb
 - app/controllers/chaltron/omniauth_callbacks_controller.rb
+- app/controllers/chaltron/omniauth_callbacks_controller.rb~
 - app/controllers/chaltron/sessions_controller.rb
 - app/controllers/chaltron/users_controller.rb
+- app/controllers/chaltron/users_controller.rb~
 - app/datatables/log_datatable.rb
 - app/helpers/chaltron/ldap_helper.rb
 - app/helpers/chaltron/logs_helper.rb
@@ -400,6 +403,7 @@ files:
 - app/models/locales/it.yml
 - app/models/log.rb
 - app/models/user.rb
+- app/models/user.rb~
 - app/views/chaltron/ldap/_entry.html.erb
 - app/views/chaltron/ldap/multi_create.html.erb
 - app/views/chaltron/ldap/multi_new.html.erb
@@ -412,6 +416,7 @@ files:
 - app/views/chaltron/users/_user.html.erb
 - app/views/chaltron/users/edit.html.erb
 - app/views/chaltron/users/index.html.erb
+- app/views/chaltron/users/index.html.erb~
 - app/views/chaltron/users/new.html.erb
 - app/views/chaltron/users/self_edit.html.erb
 - app/views/chaltron/users/self_show.html.erb
@@ -421,12 +426,17 @@ files:
 - app/views/devise/passwords/edit.html.erb
 - app/views/devise/passwords/new.html.erb
 - app/views/devise/sessions/_new_ldap.html.erb
+- app/views/devise/sessions/_new_ldap.html.erb~
 - app/views/devise/sessions/_new_local.html.erb
+- app/views/devise/sessions/_new_local.html.erb~
 - app/views/devise/sessions/new.html.erb
 - app/views/locales/en.yml
+- app/views/locales/en.yml~
 - app/views/locales/it.yml
+- app/views/locales/it.yml~
 - config/chaltron_navigation.rb
 - config/initializers/devise.rb
+- config/initializers/devise.rb~
 - config/locales/devise.en.yml
 - config/locales/devise.it.yml
 - config/locales/en.yml
@@ -442,11 +452,15 @@ files:
 - lib/chaltron/banner.rb
 - lib/chaltron/bootstrap_form.rb
 - lib/chaltron/controllers/helpers.rb
+- lib/chaltron/controllers/helpers.rb~
 - lib/chaltron/engine.rb
+- lib/chaltron/engine.rb~
 - lib/chaltron/ldap/connection.rb
 - lib/chaltron/ldap/person.rb
 - lib/chaltron/ldap/user.rb
+- lib/chaltron/ldap/user.rb~
 - lib/chaltron/version.rb
+- lib/chaltron/version.rb~
 - lib/generators/chaltron/install_generator.rb
 - lib/generators/chaltron/templates/app/assets/javascripts/home.js.coffee
 - lib/generators/chaltron/templates/app/assets/stylesheets/home.scss
@@ -489,7 +503,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.4.6
+rubygems_version: 2.4.8
 signing_key: 
 specification_version: 4
 summary: Move faster and break things - revisited for rails 4