ddr-core 0.2.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/LICENSE.txt +12 -0
- data/README.md +27 -0
- data/Rakefile +30 -0
- data/app/assets/config/ddr_core_manifest.js +0 -0
- data/app/controllers/users/omniauth_callbacks_controller.rb +11 -0
- data/app/controllers/users/sessions_controller.rb +15 -0
- data/app/models/concerns/ddr/captionable.rb +25 -0
- data/app/models/concerns/ddr/describable.rb +108 -0
- data/app/models/concerns/ddr/governable.rb +25 -0
- data/app/models/concerns/ddr/has_admin_metadata.rb +141 -0
- data/app/models/concerns/ddr/has_attachments.rb +10 -0
- data/app/models/concerns/ddr/has_children.rb +10 -0
- data/app/models/concerns/ddr/has_content.rb +132 -0
- data/app/models/concerns/ddr/has_extracted_text.rb +10 -0
- data/app/models/concerns/ddr/has_intermediate_file.rb +25 -0
- data/app/models/concerns/ddr/has_multires_image.rb +14 -0
- data/app/models/concerns/ddr/has_parent.rb +18 -0
- data/app/models/concerns/ddr/has_struct_metadata.rb +21 -0
- data/app/models/concerns/ddr/has_thumbnail.rb +33 -0
- data/app/models/concerns/ddr/solr_document_behavior.rb +429 -0
- data/app/models/concerns/ddr/streamable.rb +25 -0
- data/app/models/ddr/admin_set.rb +28 -0
- data/app/models/ddr/attachment.rb +14 -0
- data/app/models/ddr/collection.rb +28 -0
- data/app/models/ddr/component.rb +31 -0
- data/app/models/ddr/contact.rb +23 -0
- data/app/models/ddr/digest.rb +8 -0
- data/app/models/ddr/file.rb +40 -0
- data/app/models/ddr/item.rb +36 -0
- data/app/models/ddr/language.rb +31 -0
- data/app/models/ddr/media_type.rb +22 -0
- data/app/models/ddr/resource.rb +94 -0
- data/app/models/ddr/rights_statement.rb +25 -0
- data/app/models/ddr/target.rb +17 -0
- data/config/initializers/devise.rb +262 -0
- data/config/locales/ddr-core.en.yml +85 -0
- data/config/routes.rb +3 -0
- data/db/migrate/20141104181418_create_users.rb +34 -0
- data/db/migrate/20141107124012_add_columns_to_user.rb +46 -0
- data/lib/ddr-core.rb +1 -0
- data/lib/ddr/auth.rb +80 -0
- data/lib/ddr/auth/ability.rb +18 -0
- data/lib/ddr/auth/ability_definitions.rb +26 -0
- data/lib/ddr/auth/ability_definitions/admin_set_ability_definitions.rb +9 -0
- data/lib/ddr/auth/ability_definitions/alias_ability_definitions.rb +23 -0
- data/lib/ddr/auth/ability_definitions/attachment_ability_definitions.rb +13 -0
- data/lib/ddr/auth/ability_definitions/collection_ability_definitions.rb +28 -0
- data/lib/ddr/auth/ability_definitions/component_ability_definitions.rb +13 -0
- data/lib/ddr/auth/ability_definitions/item_ability_definitions.rb +13 -0
- data/lib/ddr/auth/ability_definitions/lock_ability_definitions.rb +13 -0
- data/lib/ddr/auth/ability_definitions/publication_ability_definitions.rb +16 -0
- data/lib/ddr/auth/ability_definitions/role_based_ability_definitions.rb +39 -0
- data/lib/ddr/auth/ability_definitions/superuser_ability_definitions.rb +9 -0
- data/lib/ddr/auth/ability_factory.rb +10 -0
- data/lib/ddr/auth/abstract_ability.rb +48 -0
- data/lib/ddr/auth/affiliation.rb +14 -0
- data/lib/ddr/auth/affiliation_groups.rb +20 -0
- data/lib/ddr/auth/anonymous_ability.rb +7 -0
- data/lib/ddr/auth/auth_context.rb +109 -0
- data/lib/ddr/auth/auth_context_factory.rb +13 -0
- data/lib/ddr/auth/detached_auth_context.rb +19 -0
- data/lib/ddr/auth/dynamic_groups.rb +13 -0
- data/lib/ddr/auth/effective_permissions.rb +12 -0
- data/lib/ddr/auth/effective_roles.rb +9 -0
- data/lib/ddr/auth/failure_app.rb +16 -0
- data/lib/ddr/auth/group.rb +40 -0
- data/lib/ddr/auth/grouper_gateway.rb +70 -0
- data/lib/ddr/auth/groups.rb +32 -0
- data/lib/ddr/auth/ldap_gateway.rb +74 -0
- data/lib/ddr/auth/permissions.rb +18 -0
- data/lib/ddr/auth/remote_groups.rb +14 -0
- data/lib/ddr/auth/role_based_access_controls_enforcement.rb +56 -0
- data/lib/ddr/auth/roles.rb +28 -0
- data/lib/ddr/auth/roles/role.rb +121 -0
- data/lib/ddr/auth/roles/role_type.rb +23 -0
- data/lib/ddr/auth/roles/role_types.rb +52 -0
- data/lib/ddr/auth/superuser_ability.rb +7 -0
- data/lib/ddr/auth/test_helpers.rb +22 -0
- data/lib/ddr/auth/user.rb +54 -0
- data/lib/ddr/auth/web_auth_context.rb +29 -0
- data/lib/ddr/core.rb +110 -0
- data/lib/ddr/core/engine.rb +8 -0
- data/lib/ddr/core/version.rb +5 -0
- data/lib/ddr/error.rb +16 -0
- data/lib/ddr/files.rb +13 -0
- data/lib/ddr/fits.rb +189 -0
- data/lib/ddr/index.rb +29 -0
- data/lib/ddr/index/abstract_query_result.rb +22 -0
- data/lib/ddr/index/connection.rb +38 -0
- data/lib/ddr/index/csv_query_result.rb +84 -0
- data/lib/ddr/index/document_builder.rb +9 -0
- data/lib/ddr/index/field.rb +35 -0
- data/lib/ddr/index/field_attribute.rb +22 -0
- data/lib/ddr/index/fields.rb +154 -0
- data/lib/ddr/index/filter.rb +139 -0
- data/lib/ddr/index/query.rb +82 -0
- data/lib/ddr/index/query_builder.rb +185 -0
- data/lib/ddr/index/query_clause.rb +112 -0
- data/lib/ddr/index/query_params.rb +40 -0
- data/lib/ddr/index/query_result.rb +102 -0
- data/lib/ddr/index/response.rb +30 -0
- data/lib/ddr/index/sort_order.rb +28 -0
- data/lib/ddr/index/unique_key_field.rb +12 -0
- data/lib/ddr/managers.rb +9 -0
- data/lib/ddr/managers/manager.rb +13 -0
- data/lib/ddr/managers/technical_metadata_manager.rb +141 -0
- data/lib/ddr/structure.rb +188 -0
- data/lib/ddr/structures/agent.rb +49 -0
- data/lib/ddr/structures/component_type_term.rb +29 -0
- data/lib/ddr/structures/div.rb +64 -0
- data/lib/ddr/structures/f_locat.rb +54 -0
- data/lib/ddr/structures/file.rb +52 -0
- data/lib/ddr/structures/file_grp.rb +35 -0
- data/lib/ddr/structures/file_sec.rb +22 -0
- data/lib/ddr/structures/fptr.rb +31 -0
- data/lib/ddr/structures/mets_hdr.rb +37 -0
- data/lib/ddr/structures/mptr.rb +49 -0
- data/lib/ddr/structures/struct_map.rb +40 -0
- data/lib/ddr/utils.rb +185 -0
- data/lib/ddr/vocab.rb +22 -0
- data/lib/ddr/vocab/asset.rb +51 -0
- data/lib/ddr/vocab/contact.rb +9 -0
- data/lib/ddr/vocab/display.rb +9 -0
- data/lib/ddr/vocab/duke_terms.rb +13 -0
- data/lib/ddr/vocab/rdf_vocabulary_parser.rb +43 -0
- data/lib/ddr/vocab/roles.rb +25 -0
- data/lib/ddr/vocab/sources/duketerms.rdf +870 -0
- data/lib/ddr/vocab/vocabulary.rb +37 -0
- data/lib/ddr/workflow.rb +8 -0
- data/lib/tasks/ddr/core_tasks.rake +4 -0
- metadata +428 -0
@@ -0,0 +1,25 @@
|
|
1
|
+
module Ddr
|
2
|
+
module Streamable
|
3
|
+
extend ActiveSupport::Concern
|
4
|
+
|
5
|
+
included do
|
6
|
+
attribute :streamable_media, Ddr::File.optional
|
7
|
+
end
|
8
|
+
|
9
|
+
def streamable_media_type
|
10
|
+
streamable_media&.media_type
|
11
|
+
end
|
12
|
+
|
13
|
+
# This method is used in dul-hydra 'ComponentsController' and ddr-public 'StreamController'
|
14
|
+
def streamable_media_extension
|
15
|
+
if filename = streamable_media&.original_filename
|
16
|
+
::File.extname(filename)
|
17
|
+
end
|
18
|
+
end
|
19
|
+
|
20
|
+
def streamable_media_path
|
21
|
+
streamable_media&.file&.disk_path
|
22
|
+
end
|
23
|
+
|
24
|
+
end
|
25
|
+
end
|
@@ -0,0 +1,28 @@
|
|
1
|
+
require "active_resource"
|
2
|
+
|
3
|
+
module Ddr
|
4
|
+
class AdminSet < ActiveResource::Base
|
5
|
+
|
6
|
+
self.site = ENV["DDR_AUX_API_URL"]
|
7
|
+
|
8
|
+
def self.call(obj)
|
9
|
+
find_by_code(obj.admin_set)
|
10
|
+
rescue ActiveResource::ResourceNotFound => e
|
11
|
+
raise Ddr::NotFoundError, e
|
12
|
+
end
|
13
|
+
|
14
|
+
def self.find_by_code(code)
|
15
|
+
return unless code
|
16
|
+
new get(:find, code: code)
|
17
|
+
end
|
18
|
+
|
19
|
+
def self.keys
|
20
|
+
all.map(&:code)
|
21
|
+
end
|
22
|
+
|
23
|
+
def to_s
|
24
|
+
title
|
25
|
+
end
|
26
|
+
|
27
|
+
end
|
28
|
+
end
|
@@ -0,0 +1,14 @@
|
|
1
|
+
module Ddr
|
2
|
+
class Attachment < Resource
|
3
|
+
|
4
|
+
include HasContent
|
5
|
+
include HasExtractedText
|
6
|
+
|
7
|
+
attribute :attached_to_id, Valkyrie::Types::ID.optional
|
8
|
+
|
9
|
+
def attached_to
|
10
|
+
Ddr.query_service.find_by(id: attached_to_id) if attached_to_id
|
11
|
+
end
|
12
|
+
|
13
|
+
end
|
14
|
+
end
|
@@ -0,0 +1,28 @@
|
|
1
|
+
module Ddr
|
2
|
+
class Collection < Resource
|
3
|
+
|
4
|
+
include HasAttachments
|
5
|
+
include HasChildren
|
6
|
+
include HasStructMetadata
|
7
|
+
|
8
|
+
alias_method :items, :children
|
9
|
+
|
10
|
+
def components_from_solr
|
11
|
+
coll_id = id.id
|
12
|
+
query = Ddr::Index::Query.new do
|
13
|
+
where collection_id: coll_id
|
14
|
+
model 'Ddr::Component'
|
15
|
+
end
|
16
|
+
query.docs
|
17
|
+
end
|
18
|
+
|
19
|
+
def targets
|
20
|
+
Ddr.query_service.find_inverse_references_by(resource: self, property: 'for_collection_id')
|
21
|
+
end
|
22
|
+
|
23
|
+
def publishable?
|
24
|
+
true
|
25
|
+
end
|
26
|
+
|
27
|
+
end
|
28
|
+
end
|
@@ -0,0 +1,31 @@
|
|
1
|
+
module Ddr
|
2
|
+
class Component < Resource
|
3
|
+
|
4
|
+
include Captionable
|
5
|
+
include HasContent
|
6
|
+
include HasExtractedText
|
7
|
+
include HasIntermediateFile
|
8
|
+
include HasMultiresImage
|
9
|
+
include HasParent
|
10
|
+
include HasStructMetadata
|
11
|
+
include Streamable
|
12
|
+
|
13
|
+
alias_method :item_id, :parent_id
|
14
|
+
alias_method :item, :parent
|
15
|
+
|
16
|
+
attribute :target_id, Valkyrie::Types::ID.optional
|
17
|
+
|
18
|
+
def collection
|
19
|
+
self.parent.parent rescue nil
|
20
|
+
end
|
21
|
+
|
22
|
+
def collection_id
|
23
|
+
self.collection.id rescue nil
|
24
|
+
end
|
25
|
+
|
26
|
+
def target
|
27
|
+
Ddr.query_service.find_by(id: target_id) if target_id
|
28
|
+
end
|
29
|
+
|
30
|
+
end
|
31
|
+
end
|
@@ -0,0 +1,23 @@
|
|
1
|
+
require 'activeresource'
|
2
|
+
|
3
|
+
module Ddr
|
4
|
+
class Contact < ActiveResource::Base
|
5
|
+
|
6
|
+
self.site = ENV["DDR_AUX_API_URL"]
|
7
|
+
|
8
|
+
def self.call(slug)
|
9
|
+
new get(:find, slug: slug)
|
10
|
+
rescue ActiveResource::ResourceNotFound => e
|
11
|
+
raise Ddr::NotFoundError, e
|
12
|
+
end
|
13
|
+
|
14
|
+
def self.keys
|
15
|
+
all.map(&:slug)
|
16
|
+
end
|
17
|
+
|
18
|
+
def to_s
|
19
|
+
name
|
20
|
+
end
|
21
|
+
|
22
|
+
end
|
23
|
+
end
|
@@ -0,0 +1,40 @@
|
|
1
|
+
module Ddr
|
2
|
+
class File < Valkyrie::Resource
|
3
|
+
|
4
|
+
attribute :digest, Valkyrie::Types::Set.of(Ddr::Digest)
|
5
|
+
attribute :file_identifier, Valkyrie::Types::ID
|
6
|
+
attribute :media_type, Valkyrie::Types::Strict::String.optional
|
7
|
+
attribute :original_filename, Valkyrie::Types::Strict::String
|
8
|
+
|
9
|
+
DEFAULT_FILE_EXTENSION = 'bin'
|
10
|
+
|
11
|
+
def content
|
12
|
+
file.read
|
13
|
+
end
|
14
|
+
|
15
|
+
def file
|
16
|
+
Ddr.storage_adapter.find_by(id: file_identifier)
|
17
|
+
end
|
18
|
+
|
19
|
+
def file_created_at
|
20
|
+
::File::Stat.new(Ddr.storage_adapter.file_path(file_identifier)).ctime
|
21
|
+
end
|
22
|
+
|
23
|
+
def file_size
|
24
|
+
file.size
|
25
|
+
end
|
26
|
+
|
27
|
+
# Return default file extension for file based on MIME type
|
28
|
+
def default_file_extension
|
29
|
+
mimetypes = MIME::Types[media_type]
|
30
|
+
return mimetypes.first.extensions.first unless mimetypes.empty?
|
31
|
+
case media_type
|
32
|
+
when 'application/n-triples'
|
33
|
+
'txt'
|
34
|
+
else
|
35
|
+
DEFAULT_FILE_EXTENSION
|
36
|
+
end
|
37
|
+
end
|
38
|
+
|
39
|
+
end
|
40
|
+
end
|
@@ -0,0 +1,36 @@
|
|
1
|
+
module Ddr
|
2
|
+
class Item < Resource
|
3
|
+
|
4
|
+
include HasChildren
|
5
|
+
include HasParent
|
6
|
+
include HasStructMetadata
|
7
|
+
|
8
|
+
alias_method :collection_id, :parent_id
|
9
|
+
alias_method :collection, :parent
|
10
|
+
|
11
|
+
alias_method :components, :children
|
12
|
+
|
13
|
+
### DDRevo #####################
|
14
|
+
# TODO: We may want to revisit this alternate implementation once ddr-core is more fully baked
|
15
|
+
# or it may be fine just as it is
|
16
|
+
### DDRevo #####################
|
17
|
+
def children_having_extracted_text
|
18
|
+
# Ddr::Index::Query.build(self) do |item|
|
19
|
+
# is_part_of item
|
20
|
+
# where attached_files_having_content: "extractedText"
|
21
|
+
# fields :id, :extracted_text
|
22
|
+
# end
|
23
|
+
children.select { |child| child.attached_files_having_content.include?(:extracted_text) }
|
24
|
+
end
|
25
|
+
|
26
|
+
### DDRevo #####################
|
27
|
+
# TODO: We may want to revisit this alternate implementation once ddr-core is more fully baked
|
28
|
+
# or it may be fine just as it is
|
29
|
+
### DDRevo #####################
|
30
|
+
def all_text
|
31
|
+
# children_having_extracted_text.docs.map(&:extracted_text).flatten
|
32
|
+
children_having_extracted_text.map { |child| child.extracted_text.content }.to_a.flatten
|
33
|
+
end
|
34
|
+
|
35
|
+
end
|
36
|
+
end
|
@@ -0,0 +1,31 @@
|
|
1
|
+
require "active_resource"
|
2
|
+
|
3
|
+
module Ddr
|
4
|
+
class Language < ActiveResource::Base
|
5
|
+
|
6
|
+
self.site = ENV["DDR_AUX_API_URL"]
|
7
|
+
|
8
|
+
def self.call(obj)
|
9
|
+
obj.language.map do |lang|
|
10
|
+
find_by_code(lang)
|
11
|
+
end
|
12
|
+
rescue ActiveResource::ResourceNotFound => e
|
13
|
+
raise Ddr::NotFoundError, e
|
14
|
+
end
|
15
|
+
|
16
|
+
def self.find_by_code(code)
|
17
|
+
return unless code
|
18
|
+
new get(:find, code: code)
|
19
|
+
end
|
20
|
+
|
21
|
+
def self.codes
|
22
|
+
all.map(&:code)
|
23
|
+
end
|
24
|
+
|
25
|
+
def to_s
|
26
|
+
label
|
27
|
+
end
|
28
|
+
|
29
|
+
end
|
30
|
+
end
|
31
|
+
|
@@ -0,0 +1,22 @@
|
|
1
|
+
module Ddr
|
2
|
+
class MediaType
|
3
|
+
|
4
|
+
def self.call(file_or_path)
|
5
|
+
path = file_or_path.respond_to?(:path) ? file_or_path.path : file_or_path
|
6
|
+
# Use preferred media type, if available
|
7
|
+
media_type = Ddr.preferred_media_types[(::File.extname(path)).downcase]
|
8
|
+
if !media_type
|
9
|
+
if file_or_path.respond_to?(:content_type)
|
10
|
+
# Rails ActionDispatch::Http::UploadedFile
|
11
|
+
media_type = file_or_path.content_type
|
12
|
+
else
|
13
|
+
# Fall back to first MIME type or default
|
14
|
+
mime_types = MIME::Types.of(path)
|
15
|
+
media_type = mime_types.empty? ? Ddr.default_mime_type : mime_types.first.content_type
|
16
|
+
end
|
17
|
+
end
|
18
|
+
media_type
|
19
|
+
end
|
20
|
+
|
21
|
+
end
|
22
|
+
end
|
@@ -0,0 +1,94 @@
|
|
1
|
+
module Ddr
|
2
|
+
class Resource < Valkyrie::Resource
|
3
|
+
|
4
|
+
include Describable
|
5
|
+
include Governable
|
6
|
+
include HasAdminMetadata
|
7
|
+
include HasThumbnail
|
8
|
+
|
9
|
+
FILE_FIELDS = %i( caption
|
10
|
+
content
|
11
|
+
extracted_text
|
12
|
+
fits_file
|
13
|
+
intermediate_file
|
14
|
+
multires_image
|
15
|
+
streamable_media
|
16
|
+
struct_metadata
|
17
|
+
thumbnail
|
18
|
+
)
|
19
|
+
|
20
|
+
FILE_FIELDS.each do |field|
|
21
|
+
# Defines "can_have_<field>?" class method
|
22
|
+
define_singleton_method "can_have_#{field}?" do
|
23
|
+
fields.include?(field)
|
24
|
+
end
|
25
|
+
|
26
|
+
delegate "can_have_#{field}?", to: :class
|
27
|
+
|
28
|
+
# Defines "has_<field>?" instance method
|
29
|
+
define_method "has_#{field}?" do
|
30
|
+
send("can_have_#{field}?") && has_file?(field)
|
31
|
+
end
|
32
|
+
end
|
33
|
+
|
34
|
+
def self.attachable_files
|
35
|
+
@attachable_files ||= FILE_FIELDS.select { |f| fields.include?(f) }
|
36
|
+
end
|
37
|
+
|
38
|
+
def self.governable?
|
39
|
+
fields.include? :admin_policy_id
|
40
|
+
end
|
41
|
+
|
42
|
+
def self.captionable?
|
43
|
+
can_have_caption?
|
44
|
+
end
|
45
|
+
|
46
|
+
def self.can_be_streamable?
|
47
|
+
can_have_streamable_media?
|
48
|
+
end
|
49
|
+
|
50
|
+
def self.common_model_name
|
51
|
+
name.split('::').last
|
52
|
+
end
|
53
|
+
|
54
|
+
def self.metadata_fields
|
55
|
+
fields - FILE_FIELDS - reserved_attributes
|
56
|
+
end
|
57
|
+
|
58
|
+
delegate :attachable_files, :common_model_name, :governable?, :captionable?, :can_be_streamable?, to: :class
|
59
|
+
|
60
|
+
alias_method :new_record?, :new_record
|
61
|
+
|
62
|
+
def title_display
|
63
|
+
return title.first if title.present?
|
64
|
+
return identifier.first if identifier.present?
|
65
|
+
return original_filename if respond_to?(:original_filename) && original_filename.present?
|
66
|
+
"[#{id}]"
|
67
|
+
end
|
68
|
+
|
69
|
+
def attached_files_having_content
|
70
|
+
attachable_files.select { |f| has_file?(f) }
|
71
|
+
end
|
72
|
+
|
73
|
+
def has_file?(f)
|
74
|
+
send(f)&.file_identifier.present?
|
75
|
+
end
|
76
|
+
|
77
|
+
def publishable?
|
78
|
+
false
|
79
|
+
end
|
80
|
+
|
81
|
+
def has_admin_policy?
|
82
|
+
governable? && admin_policy_id.present?
|
83
|
+
end
|
84
|
+
|
85
|
+
alias_method :streamable?, :has_streamable_media?
|
86
|
+
alias_method :captioned?, :has_caption?
|
87
|
+
|
88
|
+
# Convenience method for retrieving values of a metadata term
|
89
|
+
def values(term)
|
90
|
+
self.send(term)
|
91
|
+
end
|
92
|
+
|
93
|
+
end
|
94
|
+
end
|
@@ -0,0 +1,25 @@
|
|
1
|
+
require "active_resource"
|
2
|
+
|
3
|
+
module Ddr
|
4
|
+
class RightsStatement < ActiveResource::Base
|
5
|
+
|
6
|
+
self.site = ENV["DDR_AUX_API_URL"]
|
7
|
+
|
8
|
+
def self.call(obj)
|
9
|
+
if obj.rights.present?
|
10
|
+
new get(:find, url: obj.rights.first)
|
11
|
+
end
|
12
|
+
rescue ActiveResource::ResourceNotFound => e
|
13
|
+
raise Ddr::NotFoundError, e
|
14
|
+
end
|
15
|
+
|
16
|
+
def self.keys
|
17
|
+
all.map(&:url)
|
18
|
+
end
|
19
|
+
|
20
|
+
def to_s
|
21
|
+
title
|
22
|
+
end
|
23
|
+
|
24
|
+
end
|
25
|
+
end
|
@@ -0,0 +1,17 @@
|
|
1
|
+
module Ddr
|
2
|
+
class Target < Resource
|
3
|
+
|
4
|
+
include HasContent
|
5
|
+
|
6
|
+
attribute :for_collection_id, Valkyrie::Types::ID.optional
|
7
|
+
|
8
|
+
def for_collection
|
9
|
+
Ddr.query_service.find_by(id: for_collection_id) if for_collection_id
|
10
|
+
end
|
11
|
+
|
12
|
+
def components
|
13
|
+
Ddr.query_service.find_inverse_references_by(resource: self, property: 'target_id')
|
14
|
+
end
|
15
|
+
|
16
|
+
end
|
17
|
+
end
|
@@ -0,0 +1,262 @@
|
|
1
|
+
require 'devise'
|
2
|
+
|
3
|
+
# Use this hook to configure devise mailer, warden hooks and so forth.
|
4
|
+
# Many of these configuration options can be set straight in your model.
|
5
|
+
Devise.setup do |config|
|
6
|
+
|
7
|
+
# Given the modules that we implement, this shouldn't be used, but Devise >= 3.1 requires it,
|
8
|
+
# so a random value should suffice.
|
9
|
+
config.secret_key = SecureRandom.hex(64)
|
10
|
+
|
11
|
+
# ==> Mailer Configuration
|
12
|
+
# Configure the e-mail address which will be shown in Devise::Mailer,
|
13
|
+
# note that it will be overwritten if you use your own mailer class with default "from" parameter.
|
14
|
+
config.mailer_sender = "lib-drs@duke.edu"
|
15
|
+
|
16
|
+
# Configure the class responsible to send e-mails.
|
17
|
+
# config.mailer = "Devise::Mailer"
|
18
|
+
|
19
|
+
# ==> ORM configuration
|
20
|
+
# Load and configure the ORM. Supports :active_record (default) and
|
21
|
+
# :mongoid (bson_ext recommended) by default. Other ORMs may be
|
22
|
+
# available as additional gems.
|
23
|
+
require 'devise/orm/active_record'
|
24
|
+
|
25
|
+
# ==> Configuration for any authentication mechanism
|
26
|
+
# Configure which keys are used when authenticating a user. The default is
|
27
|
+
# just :email. You can configure it to use [:username, :subdomain], so for
|
28
|
+
# authenticating a user, both parameters are required. Remember that those
|
29
|
+
# parameters are used only when authenticating and not when retrieving from
|
30
|
+
# session. If you need permissions, you should implement that in a before filter.
|
31
|
+
# You can also supply a hash where the value is a boolean determining whether
|
32
|
+
# or not authentication should be aborted when the value is not present.
|
33
|
+
config.authentication_keys = [ :username ]
|
34
|
+
|
35
|
+
# Configure parameters from the request object used for authentication. Each entry
|
36
|
+
# given should be a request method and it will automatically be passed to the
|
37
|
+
# find_for_authentication method and considered in your model lookup. For instance,
|
38
|
+
# if you set :request_keys to [:subdomain], :subdomain will be used on authentication.
|
39
|
+
# The same considerations mentioned for authentication_keys also apply to request_keys.
|
40
|
+
# config.request_keys = []
|
41
|
+
|
42
|
+
# Configure which authentication keys should be case-insensitive.
|
43
|
+
# These keys will be downcased upon creating or modifying a user and when used
|
44
|
+
# to authenticate or find a user. Default is :email.
|
45
|
+
config.case_insensitive_keys = [ :username ]
|
46
|
+
|
47
|
+
# Configure which authentication keys should have whitespace stripped.
|
48
|
+
# These keys will have whitespace before and after removed upon creating or
|
49
|
+
# modifying a user and when used to authenticate or find a user. Default is :email.
|
50
|
+
config.strip_whitespace_keys = [ :username ]
|
51
|
+
|
52
|
+
# Tell if authentication through request.params is enabled. True by default.
|
53
|
+
# It can be set to an array that will enable params authentication only for the
|
54
|
+
# given strategies, for example, `config.params_authenticatable = [:database]` will
|
55
|
+
# enable it only for database (email + password) authentication.
|
56
|
+
config.params_authenticatable = [:database]
|
57
|
+
|
58
|
+
# Tell if authentication through HTTP Basic Auth is enabled. False by default.
|
59
|
+
# It can be set to an array that will enable http authentication only for the
|
60
|
+
# given strategies, for example, `config.http_authenticatable = [:token]` will
|
61
|
+
# enable it only for token authentication.
|
62
|
+
# config.http_authenticatable = false
|
63
|
+
|
64
|
+
# If http headers should be returned for AJAX requests. True by default.
|
65
|
+
# config.http_authenticatable_on_xhr = true
|
66
|
+
|
67
|
+
# The realm used in Http Basic Authentication. "Application" by default.
|
68
|
+
# config.http_authentication_realm = "Application"
|
69
|
+
|
70
|
+
# It will change confirmation, password recovery and other workflows
|
71
|
+
# to behave the same regardless if the e-mail provided was right or wrong.
|
72
|
+
# Does not affect registerable.
|
73
|
+
# config.paranoid = true
|
74
|
+
|
75
|
+
# By default Devise will store the user in session. You can skip storage for
|
76
|
+
# :http_auth and :token_auth by adding those symbols to the array below.
|
77
|
+
# Notice that if you are skipping storage for all authentication paths, you
|
78
|
+
# may want to disable generating routes to Devise's sessions controller by
|
79
|
+
# passing :skip => :sessions to `devise_for` in your config/routes.rb
|
80
|
+
config.skip_session_storage = [:http_auth]
|
81
|
+
|
82
|
+
# ==> Configuration for :database_authenticatable
|
83
|
+
# For bcrypt, this is the cost for hashing the password and defaults to 10. If
|
84
|
+
# using other encryptors, it sets how many times you want the password re-encrypted.
|
85
|
+
#
|
86
|
+
# Limiting the stretches to just one in testing will increase the performance of
|
87
|
+
# your test suite dramatically. However, it is STRONGLY RECOMMENDED to not use
|
88
|
+
# a value less than 10 in other environments.
|
89
|
+
config.stretches = Rails.env.test? ? 1 : 10
|
90
|
+
|
91
|
+
# Setup a pepper to generate the encrypted password.
|
92
|
+
# config.pepper = "37669e0c50042b93e63f790c4102864bace2ee0a30eecad6fca7d490f3124d855d8bc6d2978e5500fb266aab2b8c8003d9f202a1f23e4c2c8e8f105b7c46a68f"
|
93
|
+
|
94
|
+
# ==> Configuration for :confirmable
|
95
|
+
# A period that the user is allowed to access the website even without
|
96
|
+
# confirming his account. For instance, if set to 2.days, the user will be
|
97
|
+
# able to access the website for two days without confirming his account,
|
98
|
+
# access will be blocked just in the third day. Default is 0.days, meaning
|
99
|
+
# the user cannot access the website without confirming his account.
|
100
|
+
# config.allow_unconfirmed_access_for = 2.days
|
101
|
+
|
102
|
+
# If true, requires any email changes to be confirmed (exactly the same way as
|
103
|
+
# initial account confirmation) to be applied. Requires additional unconfirmed_email
|
104
|
+
# db field (see migrations). Until confirmed new email is stored in
|
105
|
+
# unconfirmed email column, and copied to email column on successful confirmation.
|
106
|
+
config.reconfirmable = true
|
107
|
+
|
108
|
+
# Defines which key will be used when confirming an account
|
109
|
+
config.confirmation_keys = [ :username ]
|
110
|
+
|
111
|
+
# ==> Configuration for :rememberable
|
112
|
+
# The time the user will be remembered without asking for credentials again.
|
113
|
+
# config.remember_for = 2.weeks
|
114
|
+
|
115
|
+
# If true, extends the user's remember period when remembered via cookie.
|
116
|
+
# config.extend_remember_period = false
|
117
|
+
|
118
|
+
# Options to be passed to the created cookie. For instance, you can set
|
119
|
+
# :secure => true in order to force SSL only cookies.
|
120
|
+
# config.rememberable_options = {}
|
121
|
+
|
122
|
+
# ==> Configuration for :validatable
|
123
|
+
# Range for password length. Default is 6..128.
|
124
|
+
# config.password_length = 6..128
|
125
|
+
|
126
|
+
# Email regex used to validate email formats. It simply asserts that
|
127
|
+
# an one (and only one) @ exists in the given string. This is mainly
|
128
|
+
# to give user feedback and not to assert the e-mail validity.
|
129
|
+
# config.email_regexp = /\A[^@]+@[^@]+\z/
|
130
|
+
|
131
|
+
# ==> Configuration for :timeoutable
|
132
|
+
# The time you want to timeout the user session without activity. After this
|
133
|
+
# time the user will be asked for credentials again. Default is 30 minutes.
|
134
|
+
# config.timeout_in = 30.minutes
|
135
|
+
|
136
|
+
# If true, expires auth token on session timeout.
|
137
|
+
# config.expire_auth_token_on_timeout = false
|
138
|
+
|
139
|
+
# ==> Configuration for :lockable
|
140
|
+
# Defines which strategy will be used to lock an account.
|
141
|
+
# :failed_attempts = Locks an account after a number of failed attempts to sign in.
|
142
|
+
# :none = No lock strategy. You should handle locking by yourself.
|
143
|
+
# config.lock_strategy = :failed_attempts
|
144
|
+
|
145
|
+
# Defines which key will be used when locking and unlocking an account
|
146
|
+
config.unlock_keys = [ :username ]
|
147
|
+
|
148
|
+
# Defines which strategy will be used to unlock an account.
|
149
|
+
# :email = Sends an unlock link to the user email
|
150
|
+
# :time = Re-enables login after a certain amount of time (see :unlock_in below)
|
151
|
+
# :both = Enables both strategies
|
152
|
+
# :none = No unlock strategy. You should handle unlocking by yourself.
|
153
|
+
# config.unlock_strategy = :both
|
154
|
+
|
155
|
+
# Number of authentication tries before locking an account if lock_strategy
|
156
|
+
# is failed attempts.
|
157
|
+
# config.maximum_attempts = 20
|
158
|
+
|
159
|
+
# Time interval to unlock the account if :time is enabled as unlock_strategy.
|
160
|
+
# config.unlock_in = 1.hour
|
161
|
+
|
162
|
+
# ==> Configuration for :recoverable
|
163
|
+
#
|
164
|
+
# Defines which key will be used when recovering the password for an account
|
165
|
+
config.reset_password_keys = [ :username ]
|
166
|
+
|
167
|
+
# Time interval you can reset your password with a reset password key.
|
168
|
+
# Don't put a too small interval or your users won't have the time to
|
169
|
+
# change their passwords.
|
170
|
+
config.reset_password_within = 6.hours
|
171
|
+
|
172
|
+
# ==> Configuration for :encryptable
|
173
|
+
# Allow you to use another encryption algorithm besides bcrypt (default). You can use
|
174
|
+
# :sha1, :sha512 or encryptors from others authentication tools as :clearance_sha1,
|
175
|
+
# :authlogic_sha512 (then you should set stretches above to 20 for default behavior)
|
176
|
+
# and :restful_authentication_sha1 (then you should set stretches to 10, and copy
|
177
|
+
# REST_AUTH_SITE_KEY to pepper)
|
178
|
+
# config.encryptor = :sha512
|
179
|
+
|
180
|
+
# ==> Configuration for :token_authenticatable
|
181
|
+
# Defines name of the authentication token params key
|
182
|
+
# config.token_authentication_key = :auth_token
|
183
|
+
|
184
|
+
# ==> Scopes configuration
|
185
|
+
# Turn scoped views on. Before rendering "sessions/new", it will first check for
|
186
|
+
# "users/sessions/new". It's turned off by default because it's slower if you
|
187
|
+
# are using only default views.
|
188
|
+
# config.scoped_views = false
|
189
|
+
|
190
|
+
# Configure the default scope given to Warden. By default it's the first
|
191
|
+
# devise role declared in your routes (usually :user).
|
192
|
+
# config.default_scope = :user
|
193
|
+
|
194
|
+
# Set this configuration to false if you want /users/sign_out to sign out
|
195
|
+
# only the current scope. By default, Devise signs out all scopes.
|
196
|
+
# config.sign_out_all_scopes = true
|
197
|
+
|
198
|
+
# ==> Navigation configuration
|
199
|
+
# Lists the formats that should be treated as navigational. Formats like
|
200
|
+
# :html, should redirect to the sign in page when the user does not have
|
201
|
+
# access, but formats like :xml or :json, should return 401.
|
202
|
+
#
|
203
|
+
# If you have any extra navigational formats, like :iphone or :mobile, you
|
204
|
+
# should add them to the navigational formats lists.
|
205
|
+
#
|
206
|
+
# The "*/*" below is required to match Internet Explorer requests.
|
207
|
+
# config.navigational_formats = ["*/*", :html]
|
208
|
+
|
209
|
+
# The default HTTP method used to sign out a resource. Default is :delete.
|
210
|
+
config.sign_out_via = :get
|
211
|
+
|
212
|
+
# ==> OmniAuth
|
213
|
+
# Add a new OmniAuth provider. Check the wiki for more information on setting
|
214
|
+
# up on your models and hooks.
|
215
|
+
# config.omniauth :github, 'APP_ID', 'APP_SECRET', :scope => 'user,public_repo'
|
216
|
+
|
217
|
+
# Shibboleth
|
218
|
+
# Explicit require is needed here for devise to find strategy
|
219
|
+
require "omniauth-shibboleth"
|
220
|
+
config.omniauth :shibboleth, {
|
221
|
+
request_type: :header,
|
222
|
+
uid_field: lambda { |rpm| rpm.call("eppn") || rpm.call("duDukeID") },
|
223
|
+
name_field: "displayName",
|
224
|
+
info_fields: {
|
225
|
+
email: "mail",
|
226
|
+
first_name: "givenName",
|
227
|
+
last_name: "sn",
|
228
|
+
nickname: "eduPersonNickname"
|
229
|
+
},
|
230
|
+
extra_fields: ["duDukeID"],
|
231
|
+
}
|
232
|
+
|
233
|
+
# ==> Warden configuration
|
234
|
+
# If you want to use other strategies, that are not supported by Devise, or
|
235
|
+
# change the failure app, you can configure them inside the config.warden block.
|
236
|
+
#
|
237
|
+
# config.warden do |manager|
|
238
|
+
# manager.intercept_401 = false
|
239
|
+
# manager.default_strategies(:scope => :user).unshift :remote_user_authenticatable
|
240
|
+
# end
|
241
|
+
|
242
|
+
config.warden do |manager|
|
243
|
+
manager.failure_app = Ddr::Auth::FailureApp
|
244
|
+
# :superuser scope
|
245
|
+
manager.serialize_into_session(:superuser) { |superuser| superuser.id }
|
246
|
+
manager.serialize_from_session(:superuser) { |id| Devise.mappings[:user].to.find(id) }
|
247
|
+
end
|
248
|
+
|
249
|
+
# ==> Mountable engine configurations
|
250
|
+
# When using Devise inside an engine, let's call it `MyEngine`, and this engine
|
251
|
+
# is mountable, there are some extra configurations to be taken into account.
|
252
|
+
# The following options are available, assuming the engine is mounted as:
|
253
|
+
#
|
254
|
+
# mount MyEngine, at: "/my_engine"
|
255
|
+
#
|
256
|
+
# The router that invoked `devise_for`, in the example above, would be:
|
257
|
+
# config.router_name = :my_engine
|
258
|
+
#
|
259
|
+
# When using omniauth, Devise cannot automatically set Omniauth path,
|
260
|
+
# so you need to do it manually. For the users scope, it would be:
|
261
|
+
# config.omniauth_path_prefix = "/my_engine/users/auth"
|
262
|
+
end
|