curupira 0.1.0

data/app/views/curupira/sessions/new.html.erb

@@ -0,0 +1,17 @@
+<h1>Entrar</h1>
+
+<%= form_for @user, url: session_path do |f| %>
+  <div class="field">
+    <%= f.label :username, "Email ou Nome de usuário" %><br>
+    <%= f.text_field :username %>
+  </div>
+
+  <div class="field">
+    <%= f.label :password, "Senha" %><br>
+    <%= f.password_field :password %>
+  </div>
+
+  <%= f.submit "Entrar" %>
+<% end %>
+
+<%= link_to "Esqueci minha senha", new_password_path %>

data/app/views/curupira/shared/_model_links.html.erb

@@ -0,0 +1,7 @@
+<% if current_user %>
+  <div id="curupira-model-links">
+    <%= link_to "Usuários", users_path %><br>
+    <%= link_to "Grupos de Usuário", groups_path %><br>
+    <%= link_to "Perfis", roles_path %>
+  </div>
+<% end %>

data/app/views/curupira/shared/_session_links.html.erb

@@ -0,0 +1,7 @@
+<div id="curupira-session-links">
+  <% if current_user %>
+    <%= link_to "Sair", destroy_session_path %>
+  <% else %>
+    <%= link_to "Entrar", new_session_path %>
+  <% end %>
+</div>

data/app/views/curupira/users/_form.html.erb

@@ -0,0 +1,43 @@
+<%= form_for @user do |f| %>
+  <div class="field">
+    <%= f.label :email, "Email" %><br>
+    <%= f.email_field :email %>
+  </div>
+
+  <div class="field">
+    <%= f.label :name, "Nome" %><br>
+    <%= f.text_field :name %>
+  </div>
+
+  <div class="field">
+    <%= f.label :username, "Nome de usuário" %><br>
+    <%= f.text_field :username %>
+  </div>
+
+  <div class="field">
+    <%= f.label :password, "Senha" %><br>
+    <%= f.password_field :password %>
+  </div>
+
+  <div class="field">
+    <%= f.label :active, "Ativo" %><br>
+    <%= f.check_box :active %>
+  </div>
+
+  <div class="group_users">
+    <h3>Grupos</h3>
+
+    <%= f.fields_for :group_users do |b| %>
+      <%= render 'group_user_fields', f: b %>
+    <% end %>
+
+    <div class="links">
+      <%= link_to_add_association 'Adicionar grupo', f, :group_users %>
+    </div>
+  </div>
+
+  <div class="actions">
+    <%= f.submit %><br>
+    or <%= link_to :cancel, users_path %>
+  </div>
+<% end %>

data/app/views/curupira/users/_group_user_fields.html.erb

@@ -0,0 +1,20 @@
+<div class="nested-fields">
+  <% if f.object.group.blank? || f.object.group.active? %>
+    <%= f.select :group_id, active_user_groups_select_options(current_user) %>
+  <% else %>
+    <%= f.object.user_group.name %>
+  <% end %>
+
+  <div style="margin: 50px">
+    <h4>Perfis</h4>
+    <%= f.fields_for :role_group_users do |role_group_user| %>
+      <%= render "role_group_user_fields", f: role_group_user %>
+    <% end %>
+  
+    <div class="links">
+      <%= link_to_add_association 'Adicionar Permissão', f, :role_group_users %>
+    </div>
+
+    <%= link_to_remove_association "Remover", f %>
+  </div>
+</div>

data/app/views/curupira/users/_role_group_user_fields.html.erb

@@ -0,0 +1,10 @@
+<div class="nested-fields">
+  <% if f.object.role.blank? || f.object.role.active? %>
+
+    <%= f.select :role_id, active_roles_select_options %>
+  <% else %>
+    <%= f.object.role.name %>
+  <% end %>
+
+  <%= link_to_remove_association "Remover", f %>
+</div>

data/app/views/curupira/users/edit.html.erb

@@ -0,0 +1,3 @@
+<h1>Editar Usuário</h1>
+
+<%= render "form" %>

data/app/views/curupira/users/index.html.erb

@@ -0,0 +1,28 @@
+<h1>Usuários</h1>
+
+<div class="actions">
+  <%= link_to "Novo", new_user_path %>
+</div>
+
+<table>
+  <thead>
+    <tr>
+      <th>Nome</th>
+      <th>Email</th>
+      <th>Nome de usuário</th>
+      <th>Ativo</th>
+      <th></th>
+    </tr>
+  </thead>
+  <tbody>
+    <% @users.each do |user| %>
+      <tr>
+        <td><%= link_to user.name, user %></td>
+        <td><%= link_to user.email, user %></td>
+        <td><%= link_to user.username, user %></td>
+        <td><%= user.active %></td>
+        <td><%= link_to "Editar", edit_user_path(user) %></td>
+      </tr>
+    <% end %>
+  </tbody>
+</table>

data/app/views/curupira/users/new.html.erb

@@ -0,0 +1,3 @@
+<h1>Novo Usuário</h1>
+
+<%= render "form" %>

data/app/views/curupira/users/show.html.erb

@@ -0,0 +1,28 @@
+<h1>Usuário</h1>
+
+<div class="actions">
+  <%= link_to "Editar", edit_user_path(@user) %>
+</div>
+
+<ul>
+  <li>Name: <%= @user.name %></li>
+  <li>Email: <%= @user.email %></li>
+  <li>Username: <%= @user.username %></li>
+  <li>Active: <%= @user.active %></li>
+</ul>
+
+<div id="user_groups">
+  <h3>Grupos</h3>
+
+  <ul>
+    <% @user.group_users.each do |group_user| %>
+      <li><%= group_user.group.name %>
+        <% group_user.role_group_users.each do |role_group_user|%>
+          <p><%= role_group_user.role.name %></p>
+        <% end %>
+      </li>
+    <% end %>
+  </ul>
+</div>
+
+<%= link_to "Voltar", users_path %>

data/curupira.gemspec

@@ -0,0 +1,28 @@
+$:.push File.expand_path("../lib", __FILE__)
+
+require "curupira/version"
+
+Gem::Specification.new do |s|
+  s.name        = "curupira"
+  s.version     = Curupira::VERSION
+  s.platform    = Gem::Platform::RUBY
+  s.authors     = ["Paulo Moura", "Felipe Iketani", "Ricardo Casseb", "Luiz Sanches"]
+  s.email       = ["paulociecomp@gmail.com", "felipeiketani@gmail.com", "rcasseb@gmail.com", "luizgrsanches@gmail.com"]
+  s.homepage    = "https://rubygems.org/gems/curupira"
+  s.summary     = "Curupira!"
+  s.description = "Easy way to authentication and authorization"
+  s.license     = "MIT"
+
+  s.files         = `git ls-files`.split("\n")
+  s.test_files    = Dir["spec/**/*"]
+  s.require_paths = ["lib"]
+
+  s.add_dependency "rails", "~> 4.2.0"
+  s.add_dependency "sorcery"
+  s.add_dependency "cocoon"
+  s.add_dependency "jquery-rails"
+
+  s.add_development_dependency 'rspec-rails'
+  s.add_development_dependency 'capybara'
+  s.add_development_dependency 'factory_girl_rails'
+end

data/lib/curupira.rb

@@ -0,0 +1,16 @@
+require "sorcery"
+require "active_support/dependencies"
+require 'rails'
+require 'curupira/authorizer'
+
+module Curupira
+  mattr_accessor :app_root
+
+  def self.setup
+    yield self
+  end
+end
+
+require "curupira/rails"
+require 'cocoon'
+require 'jquery-rails'

data/lib/curupira/authorizer.rb

@@ -0,0 +1,43 @@
+module Curupira
+  module Authorizer
+    extend ActiveSupport::Concern
+
+    def authorize_for_group
+      unless has_authorization_for_group?
+        deny_access
+      end
+    end
+
+    def authorize
+      unless has_authorization?
+        deny_access
+      end
+    end
+
+    def has_authorization?
+      return true if current_user.admin?
+      query(params).present?
+    end
+
+    def has_authorization_for(params)
+      query(params).present?
+    end
+
+    private
+
+    def deny_access
+      redirect_to "/", notice: "Sem autorização"
+    end
+
+    def query(params)
+      User.joins(
+        role_group_users: { role: { features: [:action_labels] } } 
+      )
+      .where(
+        features: { controller: params[:controller] },
+        action_labels: { name: params[:action] },
+        id: current_user
+      )
+    end
+  end
+end

data/lib/curupira/rails.rb

@@ -0,0 +1,30 @@
+require 'curupira/rails/routes'
+
+module Curupira
+  class Engine < Rails::Engine
+    config.generators do |g|
+      g.test_framework      :rspec,        :fixture => false
+      g.fixture_replacement :factory_girl, :dir => 'spec/factories'
+      g.assets false
+      g.helper false
+    end
+
+    initializer "curupira.load_app_instance_data" do |app|
+      Curupira.setup do |config|
+        config.app_root = app.root
+      end
+    end
+
+    initializer "curupira.load_static_assets" do |app|
+      app.middleware.use ::ActionDispatch::Static, "#{root}/public"
+    end
+
+    initializer 'curupira.action_controller' do |app|
+      ActiveSupport.on_load :action_controller do
+        helper Curupira::RelationshipSelectOptionsHelper
+        include Curupira::Authorizer
+        helper_method :has_authorization_for
+      end
+    end
+  end
+end

data/lib/curupira/rails/routes.rb

@@ -0,0 +1,15 @@
+module ActionDispatch::Routing
+  class Mapper
+    def curupira_routes
+      scope module: 'curupira' do
+        resources :users, except: :destroy
+        resources :groups, except: :destroy
+        resources :roles, except: :destroy
+        resource :session, only: [:new, :create] do
+          get :destroy, as: :destroy
+        end
+        resources :passwords, only: [:new, :create, :edit, :update]
+      end
+    end
+  end
+end

data/lib/curupira/version.rb

@@ -0,0 +1,3 @@
+module Curupira
+  VERSION = "0.1.0"
+end

data/lib/generators/curupira/controllers/controllers_generator.rb

@@ -0,0 +1,27 @@
+module Curupira
+  module Generators
+    class ControllersGenerator < Rails::Generators::Base
+      source_root File.expand_path("../" * 5, __FILE__)
+
+      def create_role_controller
+        controllers.each do |controller|
+          copy_file controller
+        end
+      end
+
+      def controllers
+        files_within_root('.', 'app/controllers/**/*.*')
+      end
+
+      private
+
+      def files_within_root(prefix, glob)
+        root = "#{self.class.source_root}/#{prefix}"
+        
+        Dir["#{root}/#{glob}"].sort.map do |full_path|
+          full_path.sub(root, '.').gsub('/./', '/')
+        end
+      end
+    end
+  end
+end

data/lib/generators/curupira/install/install_generator.rb

@@ -0,0 +1,80 @@
+require 'rails/generators/active_record'
+require 'generators/curupira/install/model_generators_helper'
+
+module Curupira
+  module Generators
+    class InstallGenerator < Rails::Generators::Base
+      include Rails::Generators::Migration
+      include Curupira::Generators::ModelGeneratorsHelper
+
+      source_root File.expand_path('../../templates', __FILE__)
+
+      def create_routes
+        invoke "curupira:routes"
+      end
+
+      def copy_initializer
+        copy_file 'sorcery.rb', 'config/initializers/sorcery.rb'
+      end
+
+      def create_role_group_user
+        create_model "role_group_user"
+        create_migration_to("role_group_user")
+      end
+
+      def create_authorization
+        create_model "authorization"
+        create_migration_to("authorization")
+      end
+
+      def create_feature
+        create_model "feature"
+        create_migration_to("feature")
+      end
+
+      def create_groups
+        create_model "group"
+        create_migration_to("group")
+      end
+
+      def create_role
+        create_model "role"
+        create_migration_to("role")
+      end
+
+      def create_user_model
+        create_model "user"
+      end
+
+      def create_user_migration
+        if table_exists?("user")
+          create_add_columns_migration_to("user")    
+        else
+          copy_migration 'sorcery_core.rb'
+        end
+      end
+
+      def create_group_user
+        create_model "group_user"
+        create_migration_to("group_user")
+      end
+
+      def create_role_group
+        create_model "role_group"
+        create_migration_to("role_group")
+      end
+
+      def create_action_label
+        create_model "action_label"
+        create_migration_to("action_label")
+      end
+
+      private
+
+      def self.next_migration_number(dir)
+        ActiveRecord::Generators::Base.next_migration_number(dir)
+      end
+
+    end
+  end
+end

data/lib/generators/curupira/install/model_generators_helper.rb

@@ -0,0 +1,266 @@
+module Curupira
+  module Generators
+    module ModelGeneratorsHelper
+      include Rails::Generators::Migration
+
+      def table_exists?(table_name)
+        ActiveRecord::Base.connection.table_exists?(table_name)
+      end
+
+      def create_add_columns_migration_to(model_name)
+        if migration_needed?(model_name)
+          config = {
+            columns: columns_by(model_name),
+            indexes: indexes_by(model_name)
+          }
+          
+          copy_migration("add_curupira_to_#{model_name.pluralize}.rb", config)
+        end
+      end
+
+      def copy_migration(migration_name, config = {})
+        unless migration_exists?(migration_name)
+          migration_template(
+            "db/migrate/#{migration_name}",
+            "db/migrate/#{migration_name}",
+            config
+          )
+        end
+      end
+
+      def create_migration_to(model_name)
+        if table_exists?(model_name)
+          create_add_columns_migration_to(model_name)    
+        else
+          copy_migration "create_#{model_name.pluralize}.rb"
+        end
+      end
+
+      def migration_exists?(name)
+        existing_migrations.include?(name)
+      end
+
+      def existing_migrations
+        @existing_migrations ||= Dir.glob("db/migrate/*.rb").map do |file|
+          migration_name_without_timestamp(file)
+        end
+      end
+
+      def migration_name_without_timestamp(file)
+        file.sub(%r{^.*(db/migrate/)(?:\d+_)?}, '')
+      end
+
+      def migration_needed?(model_name)
+        columns_by(model_name).any? || indexes_by(model_name).any?
+      end
+
+      def user_columns
+        @user_columns ||= {
+          email: 't.string :email, null: false',
+          name: 't.string :name, null: false',
+          active: 't.boolean :active, null: false',
+          username: 't.string',
+          crypted_password: 't.string :crypted_password',
+          salt: 't.string :salt, default: nil',
+          reset_password_token: 't.string :reset_password_token, default: nil',
+          reset_password_token_expires_at: 't.datetime :reset_password_token_expires_at, default: nil',
+          reset_password_email_sent_at: 't.datetime :reset_password_email_sent_at, default: nil',
+          last_login_at: 't.datetime :last_login_at, default: nil',
+          last_logout_at: 't.datetime :last_logout_at, default: nil',
+          last_activity_at: 't.datetime :last_activity_at, default: nil',
+          last_login_from_ip_address: 't.string :last_login_from_ip_address, default: nil',
+          admin: 't.boolean :admin, default: false'
+        }.reject { |column| existing_columns_to("user").include?(column.to_s) }
+      end
+
+      def role_columns
+        @role_columns ||= {}
+      end
+
+      def role_indexes
+        @role_indexes ||= {}
+      end
+
+      def group_columns
+        @group_columns ||= {}
+      end
+
+      def group_indexes
+        @group_indexes ||= {}
+      end
+
+      def feature_columns
+        @feature_columns ||= {}
+      end
+
+      def feature_indexes
+        @feature_indexes ||= {}
+      end
+
+      def authorization_columns
+        @authorization_columns ||= {}
+      end
+
+      def authorization_indexes
+        @authorization_indexes ||= {}
+      end
+
+      def role_group_user_columns
+        @role_group_user_columns ||= {}
+      end
+
+      def role_group_user_indexes
+        @role_group_user_indexes ||= {}
+      end
+
+      def role_group_columns
+        @role_group_columns ||= {}
+      end
+
+      def role_group_indexes
+        @role_group_indexes ||= {}
+      end
+
+      def user_indexes
+        @user_indexes ||= {
+          index_users_on_username: 'add_index :users, :username, unique: true',
+          index_users_on_reset_password_token: 'add_index :users, :reset_password_token',
+          index_users_on_last_logout_at: 'add_index :users, :last_logout_at',
+          index_users_on_last_activity_at: 'add_index :users, :last_activity_at'
+        }.reject { |index| existing_indexes_to("user").include?(index.to_s) }
+      end
+
+      def group_user_columns
+        @group_user_columns ||= {}
+      end
+
+      def group_user_indexes
+        @group_user_indexes ||= {}
+      end
+
+      def action_label_columns
+        @action_label_columns ||= {}
+      end
+
+      def action_label_indexes
+        @action_label_indexes ||= {}
+      end
+
+      def create_model(model_name)
+        copy_file "models/#{model_name}.rb", "app/models/#{model_name}.rb" unless model_exists?("app/models/#{model_name}.rb")
+        content = self.send("#{model_name}_model_content").split("\n").map { |line| "  " + line.strip! } .join("\n") << "\n"
+        inject_into_class("app/models/#{model_name}.rb", model_name.camelize, content)
+      end
+
+      def role_group_user_model_content
+        <<-CONTENT
+          belongs_to :group_user
+          belongs_to :role
+        CONTENT
+      end
+
+      def authorization_model_content
+        <<-CONTENT
+          belongs_to :feature
+          belongs_to :role
+        CONTENT
+      end
+
+      def user_model_content
+        <<-CONTENT
+          authenticates_with_sorcery!
+          validates_presence_of :email
+          has_many :group_users
+          has_many :groups, through: :group_users
+          has_many :role_group_users, through: :group_users
+          accepts_nested_attributes_for :group_users, reject_if: :all_blank, allow_destroy: :true
+          
+          scope :all_belonging_to, -> (user) { includes(group_users: :group).where(groups: { id: user.groups }) }
+        CONTENT
+      end
+
+      def group_model_content
+        <<-CONTENT
+          has_many :role_groups
+          has_many :roles, through: :role_groups
+          has_many :group_users
+          has_many :users, through: :group_users
+          accepts_nested_attributes_for :role_groups, reject_if: :all_blank, allow_destroy: :true
+          validates_presence_of :name
+          scope :active, -> { where active: true }
+        CONTENT
+      end
+
+      def role_model_content
+        <<-CONTENT
+          has_many :authorizations
+          has_many :features, through: :authorizations
+          has_many :role_group_users
+          has_many :group_users, through: :role_group_users
+          has_many :role_groups
+          has_many :groups, through: :role_groups
+          accepts_nested_attributes_for :authorizations, reject_if: :all_blank, allow_destroy: :true
+          validates_presence_of :name
+        CONTENT
+      end
+
+      def feature_model_content
+        <<-CONTENT
+          validates_presence_of :name
+          has_many :feature_services
+          has_many :services, through: :feature_services
+          has_many :feature_action_labels
+          has_many :action_labels, through: :feature_action_labels
+        CONTENT
+      end
+
+      def group_user_model_content
+        <<-CONTENT
+          belongs_to :group
+          belongs_to :user
+          has_many :role_group_users
+          accepts_nested_attributes_for :role_group_users, reject_if: :all_blank, allow_destroy: :true
+          scope :active, -> { where active: true }
+        CONTENT
+      end
+
+      def role_group_model_content
+        <<-CONTENT
+          belongs_to :role
+          belongs_to :group
+        CONTENT
+      end
+
+      def action_label_model_content
+        <<-CONTENT
+          belongs_to :feature
+        CONTENT
+      end
+
+      def columns_by(model_name)
+        self.send("#{model_name}_columns")
+      end
+
+      def indexes_by(model_name)
+        self.send("#{model_name}_indexes")
+      end
+
+      def model_exists?(model_path)
+        File.exists?(File.join(destination_root, model_path))
+      end
+
+      def table_exists?(model_name)
+        ActiveRecord::Base.connection.table_exists?(model_name.pluralize.to_sym)
+      end
+
+      def existing_columns_to(model_name)
+        ActiveRecord::Base.connection.columns(model_name.pluralize.to_sym).map(&:name)
+      end
+
+      def existing_indexes_to(model_name)
+        ActiveRecord::Base.connection.indexes(model_name.pluralize.to_sym).map(&:name)
+      end
+
+    end
+  end
+end