devisable 0.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/Devisable.gemspec +117 -0
- data/Gemfile +13 -0
- data/LICENSE.txt +20 -0
- data/README.rdoc +111 -0
- data/Rakefile +56 -0
- data/VERSION +1 -0
- data/lib/generators/devisable/USAGE +57 -0
- data/lib/generators/devisable/devisable_generator.rb +484 -0
- data/lib/generators/devisable/templates/app/controllers/registrations_controller.erb +19 -0
- data/lib/generators/devisable/templates/app/controllers/users_controller.erb +152 -0
- data/lib/generators/devisable/templates/app/controllers/welcome_controller.erb +11 -0
- data/lib/generators/devisable/templates/app/helpers/roles_helper.erb +63 -0
- data/lib/generators/devisable/templates/app/models/permission.erb +12 -0
- data/lib/generators/devisable/templates/app/models/role.erb +5 -0
- data/lib/generators/devisable/templates/app/views/roles/_form.erb +29 -0
- data/lib/generators/devisable/templates/app/views/roles/edit.erb +6 -0
- data/lib/generators/devisable/templates/app/views/roles/index.erb +28 -0
- data/lib/generators/devisable/templates/app/views/roles/new.erb +5 -0
- data/lib/generators/devisable/templates/app/views/roles/show.erb +10 -0
- data/lib/generators/devisable/templates/app/views/shared/_admin_nav.erb +7 -0
- data/lib/generators/devisable/templates/app/views/users/_form.erb +23 -0
- data/lib/generators/devisable/templates/app/views/users/edit.erb +6 -0
- data/lib/generators/devisable/templates/app/views/users/index.erb +27 -0
- data/lib/generators/devisable/templates/app/views/users/new.erb +5 -0
- data/lib/generators/devisable/templates/app/views/users/show.erb +55 -0
- data/lib/generators/devisable/templates/app/views/welcome/welcome_index.erb +3 -0
- data/lib/generators/devisable/templates/config/initializers/devise_initializer.erb +239 -0
- data/lib/generators/devisable/templates/cucumber/_rake_partial.rb +19 -0
- data/lib/generators/devisable/templates/cucumber/devise.feature +78 -0
- data/lib/generators/devisable/templates/cucumber/role.feature +79 -0
- data/lib/generators/devisable/templates/cucumber/step_definitions/authentication_steps.rb +33 -0
- data/lib/generators/devisable/templates/cucumber/step_definitions/generic_steps.rb +23 -0
- data/lib/generators/devisable/templates/cucumber/step_definitions/role_steps.rb +32 -0
- data/lib/generators/devisable/templates/cucumber/step_definitions/user_steps.rb +30 -0
- data/lib/generators/devisable/templates/cucumber/support/_env_partial.rb +57 -0
- data/lib/generators/devisable/templates/cucumber/support/_paths_partial.rb +20 -0
- data/lib/generators/devisable/templates/cucumber/user.feature +45 -0
- data/lib/generators/devisable/templates/partials/_ability_class.rb +53 -0
- data/lib/generators/devisable/templates/partials/_access_denied_flash.rb +4 -0
- data/lib/generators/devisable/templates/partials/_accessible_permissions_controller.rb +8 -0
- data/lib/generators/devisable/templates/partials/_accessible_permissions_model.rb +43 -0
- data/lib/generators/devisable/templates/partials/_application_controller_methods.erb +3 -0
- data/lib/generators/devisable/templates/partials/_application_controller_methods2.erb +11 -0
- data/lib/generators/devisable/templates/partials/_application_current_tab.rb +8 -0
- data/lib/generators/devisable/templates/partials/_application_flash.html.erb +4 -0
- data/lib/generators/devisable/templates/partials/_environments_development.erb +10 -0
- data/lib/generators/devisable/templates/partials/_login_links.erb +18 -0
- data/lib/generators/devisable/templates/partials/_migration_down.rb +2 -0
- data/lib/generators/devisable/templates/partials/_migration_up.rb +7 -0
- data/lib/generators/devisable/templates/partials/_oauth_user_table_fields.erb +1 -0
- data/lib/generators/devisable/templates/partials/_permission_equals.rb +8 -0
- data/lib/generators/devisable/templates/partials/_permission_manage.js +18 -0
- data/lib/generators/devisable/templates/partials/_role_permission.rb +72 -0
- data/lib/generators/devisable/templates/partials/_roles_index_delete.erb +7 -0
- data/lib/generators/devisable/templates/partials/_user_model_methods.erb +21 -0
- data/lib/generators/devisable/templates/partials/_user_role.rb +7 -0
- data/lib/generators/devisable/templates/spec/helpers/roles_helper_spec.erb +50 -0
- data/lib/generators/devisable/templates/spec/models/ability_spec.erb +69 -0
- data/lib/generators/devisable/templates/spec/models/permission_spec.erb +22 -0
- data/lib/generators/devisable/templates/spec/models/role_spec.erb +45 -0
- data/lib/generators/devisable/templates/spec/models/user_spec.erb +65 -0
- data/pkg/devisable-0.1.0.gem +0 -0
- data/pkg/devise_generator-0.1.0.gem +0 -0
- data/test/helper.rb +18 -0
- data/test/test_devise_generator.rb +7 -0
- metadata +169 -0
@@ -0,0 +1,23 @@
|
|
1
|
+
When(/^I sleep for ([^"]*) second[s]?$/) do |time|
|
2
|
+
sleep(time.to_i)
|
3
|
+
end
|
4
|
+
|
5
|
+
When(/^I output the page source$/) do
|
6
|
+
puts source
|
7
|
+
end
|
8
|
+
|
9
|
+
When(/^I fill in the following checkboxes with categories:$/) do |permissions_table|
|
10
|
+
permissions_table.hashes.each do |perm|
|
11
|
+
And %{I check "permission_#{perm['category']}_#{perm['permission']}"}
|
12
|
+
end
|
13
|
+
end
|
14
|
+
|
15
|
+
When(/^I debug$/) do
|
16
|
+
# only works if you include the ruby-debug gem
|
17
|
+
debugger
|
18
|
+
end
|
19
|
+
|
20
|
+
Then /^I should see a span with the title "([^"]*)"$/ do |title|
|
21
|
+
page.should have_xpath("//span[@title='#{title}']")
|
22
|
+
end
|
23
|
+
|
@@ -0,0 +1,32 @@
|
|
1
|
+
Given /^there are no roles in the system$/ do
|
2
|
+
@roles = Role.all
|
3
|
+
@roles.each { |role| role.delete }
|
4
|
+
end
|
5
|
+
|
6
|
+
Given /^there is only the "([^"]*)" role in the system$/ do |role_name|
|
7
|
+
@roles = Role.all
|
8
|
+
@roles.each { |role| role.delete unless role.name == role_name }
|
9
|
+
end
|
10
|
+
|
11
|
+
|
12
|
+
Given /^the "([^"]*)" role has been added to the system$/ do |arg1|
|
13
|
+
r = Role.create(:name => arg1)
|
14
|
+
r.save
|
15
|
+
end
|
16
|
+
|
17
|
+
Given /^I have the default roles$/ do
|
18
|
+
Given "the \"SuperAdmin\" role has been added to the system"
|
19
|
+
Given "the \"Admin\" role has been added to the system"
|
20
|
+
Given "the \"GeneralUser\" role has been added to the system"
|
21
|
+
end
|
22
|
+
|
23
|
+
|
24
|
+
|
25
|
+
# step specificlly for deleting a unique feature
|
26
|
+
# could theoretically also be used for any role and any controller action
|
27
|
+
# but the code will get messy
|
28
|
+
# the user steps has a similar function
|
29
|
+
When /^I follow "Destroy" for "([^"]*)"$/ do |name|
|
30
|
+
id = Role.first(:conditions => {:name => name}).id
|
31
|
+
find(:xpath, "//table/tr/td/a[@href = '/roles/#{id}' and @data-method='delete']").click
|
32
|
+
end
|
@@ -0,0 +1,30 @@
|
|
1
|
+
Given /^there are no users in the system$/ do
|
2
|
+
@users = User.all
|
3
|
+
@users.each { |user| user.delete! }
|
4
|
+
end
|
5
|
+
|
6
|
+
When /^I delete the other user$/ do
|
7
|
+
id = User.last.id
|
8
|
+
find(:xpath, "//table/tr/td/a[@href='/users/#{id}' and @data-method='delete']").click
|
9
|
+
#find("table tr td a[@href = '/users/#{id}']").click
|
10
|
+
end
|
11
|
+
|
12
|
+
Given /^there are users in the system$/ do
|
13
|
+
@generated_user = User.create!(
|
14
|
+
:email => 'generated_user@cloudspace.com',
|
15
|
+
:password => 'password',
|
16
|
+
:password_confirmation => 'password'
|
17
|
+
)
|
18
|
+
@generated_user.save
|
19
|
+
end
|
20
|
+
|
21
|
+
|
22
|
+
Then /^I should have the role "([^"]*)"$/ do |role|
|
23
|
+
unless @current_user
|
24
|
+
@current_user = User.last
|
25
|
+
end
|
26
|
+
@current_user.role?(role)
|
27
|
+
end
|
28
|
+
|
29
|
+
|
30
|
+
|
@@ -0,0 +1,57 @@
|
|
1
|
+
# IMPORTANT: This file is generated by cucumber-rails - edit at your own peril.
|
2
|
+
# It is recommended to regenerate this file in the future when you upgrade to a
|
3
|
+
# newer version of cucumber-rails. Consider adding your own code to a new file
|
4
|
+
# instead of editing this one. Cucumber will automatically load all features/**/*.rb
|
5
|
+
# files.
|
6
|
+
|
7
|
+
ENV["RAILS_ENV"] ||= "test"
|
8
|
+
require File.expand_path(File.dirname(__FILE__) + '/../../config/environment')
|
9
|
+
|
10
|
+
require 'cucumber/formatter/unicode' # Remove this line if you don't want Cucumber Unicode support
|
11
|
+
require 'cucumber/rails/world'
|
12
|
+
require 'cucumber/rails/active_record'
|
13
|
+
require 'cucumber/web/tableish'
|
14
|
+
|
15
|
+
require 'capybara/rails'
|
16
|
+
require 'capybara/cucumber'
|
17
|
+
require 'capybara/session'
|
18
|
+
#require 'cucumber/rails/capybara_javascript_emulation' # Lets you click links with onclick javascript handlers without using @culerity or @javascript
|
19
|
+
# Capybara defaults to XPath selectors rather than Webrat's default of CSS3. In
|
20
|
+
# order to ease the transition to Capybara we set the default here. If you'd
|
21
|
+
# prefer to use XPath just remove this line and adjust any selectors in your
|
22
|
+
# steps to use the XPath syntax.
|
23
|
+
Capybara.default_selector = :css
|
24
|
+
|
25
|
+
# If you set this to false, any error raised from within your app will bubble
|
26
|
+
# up to your step definition and out to cucumber unless you catch it somewhere
|
27
|
+
# on the way. You can make Rails rescue errors and render error pages on a
|
28
|
+
# per-scenario basis by tagging a scenario or feature with the @allow-rescue tag.
|
29
|
+
#
|
30
|
+
# If you set this to true, Rails will rescue all errors and render error
|
31
|
+
# pages, more or less in the same way your application would behave in the
|
32
|
+
# default production environment. It's not recommended to do this for all
|
33
|
+
# of your scenarios, as this makes it hard to discover errors in your application.
|
34
|
+
ActionController::Base.allow_rescue = false
|
35
|
+
|
36
|
+
# If you set this to true, each scenario will run in a database transaction.
|
37
|
+
# You can still turn off transactions on a per-scenario basis, simply tagging
|
38
|
+
# a feature or scenario with the @no-txn tag. If you are using Capybara,
|
39
|
+
# tagging with @culerity or @javascript will also turn transactions off.
|
40
|
+
#
|
41
|
+
# If you set this to false, transactions will be off for all scenarios,
|
42
|
+
# regardless of whether you use @no-txn or not.
|
43
|
+
#
|
44
|
+
# Beware that turning transactions off will leave data in your database
|
45
|
+
# after each scenario, which can lead to hard-to-debug failures in
|
46
|
+
# subsequent scenarios. If you do this, we recommend you create a Before
|
47
|
+
# block that will explicitly put your database in a known state.
|
48
|
+
Cucumber::Rails::World.use_transactional_fixtures = true
|
49
|
+
# How to clean your database when transactions are turned off. See
|
50
|
+
# http://github.com/bmabey/database_cleaner for more info.
|
51
|
+
if defined?(ActiveRecord::Base)
|
52
|
+
begin
|
53
|
+
require 'database_cleaner'
|
54
|
+
DatabaseCleaner.strategy = :truncation
|
55
|
+
rescue LoadError => ignore_if_database_cleaner_not_present
|
56
|
+
end
|
57
|
+
end
|
@@ -0,0 +1,20 @@
|
|
1
|
+
when /the sign up page/
|
2
|
+
new_user_registration_path
|
3
|
+
when /the sign in page/
|
4
|
+
new_user_session_path
|
5
|
+
when /the sign out page/
|
6
|
+
#should be destory_user_session_path
|
7
|
+
'/users/sign_out'
|
8
|
+
when /the forgot password page/
|
9
|
+
'/users/password/new'
|
10
|
+
when /the forgot password submitted page/
|
11
|
+
'/users/password'
|
12
|
+
when /the users page/
|
13
|
+
users_path
|
14
|
+
when /the other user's edit page/
|
15
|
+
edit_user_path(User.last)
|
16
|
+
when /that role's view page/
|
17
|
+
role_path(Role.last)
|
18
|
+
when /that user's view page/
|
19
|
+
user_path(User.last)
|
20
|
+
|
@@ -0,0 +1,45 @@
|
|
1
|
+
Feature: Manage users
|
2
|
+
|
3
|
+
Scenario: Managing Users as a SuperAdmin
|
4
|
+
Given I am signed in as "user@cloudspace.com"
|
5
|
+
And I only have the role "SuperAdmin"
|
6
|
+
When I go to the users page
|
7
|
+
Then I should see "user@cloudspace.com"
|
8
|
+
And I should see "SuperAdmin"
|
9
|
+
And I should see "Edit"
|
10
|
+
And I should see "Delete"
|
11
|
+
|
12
|
+
Scenario: Managing Users as a GenericUser
|
13
|
+
Given I am signed in as "user@cloudspace.com"
|
14
|
+
And I only have the role "GeneralUser"
|
15
|
+
When I go to the users page
|
16
|
+
When I should be on the home page
|
17
|
+
And I should see "You are not authorized to access this page."
|
18
|
+
|
19
|
+
Scenario: Editing a User
|
20
|
+
Given I am signed in as "user@cloudspace.com"
|
21
|
+
And I have the role "SuperAdmin"
|
22
|
+
And there are users in the system
|
23
|
+
When I go to the other user's edit page
|
24
|
+
And I check "GeneralUser"
|
25
|
+
And I fill in "password" for "Password"
|
26
|
+
And I fill in "password" for "Password confirmation"
|
27
|
+
And I press "Submit"
|
28
|
+
Then I should be on that user's view page
|
29
|
+
And I should see "The account has been updated"
|
30
|
+
|
31
|
+
Scenario: Deleting a User
|
32
|
+
Given I am signed in as "user@cloudspace.com"
|
33
|
+
And I have the role "SuperAdmin"
|
34
|
+
And there are users in the system
|
35
|
+
And I am on the users page
|
36
|
+
When I delete the other user
|
37
|
+
Then I should be on the users page
|
38
|
+
And I should see "The account has been deleted"
|
39
|
+
|
40
|
+
Scenario: Deleting Self
|
41
|
+
Given I am signed in as "user@cloudspace.com"
|
42
|
+
And there is only the "SuperAdmin" role in the system
|
43
|
+
And I have the role "SuperAdmin"
|
44
|
+
And I am on the users page
|
45
|
+
Then I should see a span with the title "Can NOT delete the last SuperAdmin user"
|
@@ -0,0 +1,53 @@
|
|
1
|
+
# Model for storing cancan permissions
|
2
|
+
class Ability
|
3
|
+
include CanCan::Ability
|
4
|
+
|
5
|
+
# When a user is created, setup permissions based on the role and permission models
|
6
|
+
# If the user has the super admin role, give access to all actions on all controllers
|
7
|
+
#
|
8
|
+
# @param user Optionally pass the user. A new user is created if no user is supplied
|
9
|
+
def initialize(user)
|
10
|
+
user ||= User.new # guest user
|
11
|
+
user.roles.each do |role|
|
12
|
+
role.permissions.each do |permission|
|
13
|
+
can permission.ability.downcase.to_sym, Object::const_get(permission.model)
|
14
|
+
if permission.ability.to_s == 'manage'
|
15
|
+
['view','edit','delete','add'].each do |action|
|
16
|
+
can action.to_sym, Object::const_get(permission.model)
|
17
|
+
end
|
18
|
+
end
|
19
|
+
end
|
20
|
+
end
|
21
|
+
|
22
|
+
if user.role? :super_admin
|
23
|
+
can :manage, :all
|
24
|
+
end
|
25
|
+
#examples of some ways to have certain roles manage certain controllers
|
26
|
+
#please see the user views on how to check for the permissions
|
27
|
+
#if user.role? :super_admin
|
28
|
+
# can :manage, :all
|
29
|
+
#elsif user.role? :product_admin
|
30
|
+
# can [:read, :update, :create, :destroy], [Product, Asset, Issue]
|
31
|
+
#elsif user.role? :product_team
|
32
|
+
# can :read, [Product, Asset]
|
33
|
+
# # manage products, assets he owns
|
34
|
+
# can :manage, Product do |product|
|
35
|
+
# can :read, Product, :active => true, :user_id => user.id
|
36
|
+
# can :read, Project, :category => { :visible => true }
|
37
|
+
# can :read, Project, :priority => 1..3
|
38
|
+
#end
|
39
|
+
#can :manage, Asset do |asset|
|
40
|
+
# asset.assetable.try(:owner) == user
|
41
|
+
#end
|
42
|
+
#end
|
43
|
+
##If you want to add a permissions scaffold to replace the roles_users
|
44
|
+
#def initialize(user)
|
45
|
+
# can do |action, subject_class, subject|
|
46
|
+
# user.permissions.find_all_by_action(action).any do |permission|
|
47
|
+
# permission.subject_class == subject_class.to_s &&
|
48
|
+
# (subject.nil? || permission.subject_id.nil? || permission.subject_id == subject.id)
|
49
|
+
# end
|
50
|
+
# end
|
51
|
+
#end
|
52
|
+
end
|
53
|
+
end
|
@@ -0,0 +1,8 @@
|
|
1
|
+
# Get roles accessible by the current user #----------------------------------------------------
|
2
|
+
# Role.reflect_on_all_associations(:has_and_belongs_to_many).first.class_name
|
3
|
+
# => "User"
|
4
|
+
#ruby-1.8.7-p302 > Role.reflect_on_all_associations(:has_many).first.class_name
|
5
|
+
def accessible_permissions
|
6
|
+
@accessible_permissions = Role.accessible_permissions
|
7
|
+
end
|
8
|
+
end
|
@@ -0,0 +1,43 @@
|
|
1
|
+
# Get roles accessible by the current user
|
2
|
+
# Usage:
|
3
|
+
# Role.reflect_on_all_associations(:has_and_belongs_to_many).first.class_name => "User"
|
4
|
+
# Role.reflect_on_all_associations(:has_many).first.class_name
|
5
|
+
# @return [Array] Array of permissions for the current user
|
6
|
+
def self.accessible_permissions
|
7
|
+
@accessible_permissions = []
|
8
|
+
controllers = Dir.new("#{RAILS_ROOT}/app/controllers").entries
|
9
|
+
controllers = controllers.map { |controller| controller.downcase.gsub("_controller.rb","").singularize if controller =~ /_controller/ }.compact
|
10
|
+
models = Dir.new("#{RAILS_ROOT}/app/models").entries
|
11
|
+
models.each do |model|
|
12
|
+
mod = model.downcase.gsub(".rb","")
|
13
|
+
if controllers.include?(mod)
|
14
|
+
@accessible_permissions << mod.camelize.pluralize
|
15
|
+
end
|
16
|
+
end
|
17
|
+
@accessible_permissions
|
18
|
+
end
|
19
|
+
|
20
|
+
# Save permissions all permissions for a single role
|
21
|
+
# First deletes all permissions for the role, then loops through the input and saves new permissions
|
22
|
+
#
|
23
|
+
# @param role Role To reset permisisons on
|
24
|
+
# @param role_ids A list of permissions to apply to the role
|
25
|
+
def save_permissions(role_ids)
|
26
|
+
permissions.map{|perm| perm.delete } unless permissions.nil?
|
27
|
+
unless role_ids.nil?
|
28
|
+
role_ids.each do |permission|
|
29
|
+
p = Permission.new(JSON.parse(permission))
|
30
|
+
(p.class.reflect_on_all_associations(:has_many) & p.class.reflect_on_all_associations(:has_and_belongs_to_many)).each { |association|
|
31
|
+
permissions << Permission.new(
|
32
|
+
:role_id => id,
|
33
|
+
:controller => association.class_name.singularize,
|
34
|
+
:ability => p.ability
|
35
|
+
)
|
36
|
+
}
|
37
|
+
permissions << p
|
38
|
+
end
|
39
|
+
end
|
40
|
+
end
|
41
|
+
|
42
|
+
end
|
43
|
+
|
@@ -0,0 +1,11 @@
|
|
1
|
+
# Redirect user to root unless the return to attribute is set
|
2
|
+
# @param resource takes the model through which the sign in is occuring
|
3
|
+
def after_sign_in_path_for(resource)
|
4
|
+
(session[:"user.return_to"].nil?) ? "/" : session[:"user.return_to"].to_s
|
5
|
+
end
|
6
|
+
|
7
|
+
# When a user doesn't have permission to the page, redirect to root and display error message
|
8
|
+
rescue_from CanCan::AccessDenied do |exception|
|
9
|
+
flash[:notice] = exception.message
|
10
|
+
redirect_to root_url
|
11
|
+
end
|
@@ -0,0 +1,8 @@
|
|
1
|
+
# Determines whether the given controller is the current controller
|
2
|
+
#
|
3
|
+
# @param Name of the controller to check against
|
4
|
+
# @return [Boolean] True if the controller_name parameter matches the current controller nam
|
5
|
+
def current_tab?(controller_name)
|
6
|
+
controller.controller_name == controller_name
|
7
|
+
end
|
8
|
+
|
@@ -0,0 +1,10 @@
|
|
1
|
+
TWITTER_CONSUMER_KEY = '<%= @twitter_key %>'
|
2
|
+
TWITTER_CONSUMER_SECRET = '<%= @twitter_secret %>'
|
3
|
+
|
4
|
+
|
5
|
+
FACEBOOK_CONSUMER_KEY = '<%= @facebook_key %>'
|
6
|
+
FACEBOOK_CONSUMER_SECRET = '<%= @facebook_secret %>'
|
7
|
+
FACEBOOK_CLIENT_ID = '<%= @facebook_client_id %>'
|
8
|
+
|
9
|
+
|
10
|
+
BASE_URL = '<%= @url %>'
|
@@ -0,0 +1,18 @@
|
|
1
|
+
<ul id='generated_login_links'>
|
2
|
+
<%% if !current_user %>
|
3
|
+
<% if @has_facebook_oauth %>
|
4
|
+
<li><%%= link_to('Login With Facebook', users_path(:warden_oauth2_provider => 'facebook')) %></li>
|
5
|
+
<% end %>
|
6
|
+
<% if @has_twitter_oauth %>
|
7
|
+
<li><%%= link_to('Login With Twitter', users_path(:warden_oauth_provider => 'twitter')) %></li>
|
8
|
+
<% end %>
|
9
|
+
<% if @has_standard_authentication %>
|
10
|
+
<li><%%= link_to('Login', user_session_path()) %></li>
|
11
|
+
<li><%%= link_to('Register', new_user_registration_path()) %></li>
|
12
|
+
<% end %>
|
13
|
+
<%% else %>
|
14
|
+
<li>Welcome <%%= current_user.display_name %></li>
|
15
|
+
<li><%%= link_to('Logout', destroy_user_session_path()) %></li>
|
16
|
+
<%% end %>
|
17
|
+
</ul>
|
18
|
+
<%%= render 'shared/admin_nav' %>
|
@@ -0,0 +1,7 @@
|
|
1
|
+
create_table :roles_users, :id => false do |t|
|
2
|
+
t.references :role, :user
|
3
|
+
end
|
4
|
+
execute "insert into roles (name) values ('SuperAdmin')"
|
5
|
+
execute "insert into roles (name) values ('Admin')"
|
6
|
+
execute "insert into roles (name) values ('GeneralUser')"
|
7
|
+
execute "insert into roles_users values ('1','1')"
|
@@ -0,0 +1 @@
|
|
1
|
+
t.string "default_provider"
|
@@ -0,0 +1,8 @@
|
|
1
|
+
# Equality check based on the role id, controller, and ability
|
2
|
+
#
|
3
|
+
# @param another_permission The permission to compare against
|
4
|
+
# @return [Boolean] True if the permissions match role id, controller and ability
|
5
|
+
def ==(another_permission)
|
6
|
+
self.role_id == another_permission.role_id && self.model == another_permission.model && self.ability == another_permission.ability ? true : false
|
7
|
+
end
|
8
|
+
|
@@ -0,0 +1,18 @@
|
|
1
|
+
document.observe("dom:loaded", function() {
|
2
|
+
$$('.permission_manage').each(function(pm) {
|
3
|
+
pm.observe('click', function(event) {
|
4
|
+
use_permission_clicked(event.element())
|
5
|
+
});
|
6
|
+
use_permission_clicked(pm)
|
7
|
+
});
|
8
|
+
|
9
|
+
function use_permission_clicked(obj) {
|
10
|
+
var controller = obj.id.split('_')[1]
|
11
|
+
var disabled_val = obj.checked ? 'disabled' : false;
|
12
|
+
$('permission_' + controller + '_read').disabled = disabled_val;
|
13
|
+
$('permission_' + controller + '_create').disabled = disabled_val;
|
14
|
+
$('permission_' + controller + '_update').disabled = disabled_val;
|
15
|
+
$('permission_' + controller + '_destroy').disabled = disabled_val;
|
16
|
+
}
|
17
|
+
});
|
18
|
+
|
@@ -0,0 +1,72 @@
|
|
1
|
+
# Creates checkboxes for a has and belongs to many relationship between ?
|
2
|
+
#
|
3
|
+
# @param obj An instance of a model with the specified field
|
4
|
+
# @param column The attribute of the obj parameter used to determine if the assignment_object is assigned to the obj parameter
|
5
|
+
# @param assignment_objects A list of objects with a habtm relationship with the obj parameter
|
6
|
+
# @param assignment_object_display_column The field on the assignment_objects used to create the label for the checkboxes
|
7
|
+
# @return [String] An html string of checkboxes for the relationship between the obj and assignment_objects
|
8
|
+
def habtm_checkboxes(obj, column, assignment_objects, assignment_object_display_column)
|
9
|
+
obj_to_s = obj.class.to_s.split("::").last.underscore
|
10
|
+
field_name = "#{obj_to_s}[#{column}][]"
|
11
|
+
|
12
|
+
html = hidden_field_tag(field_name, "")
|
13
|
+
assignment_objects.each do |assignment_obj|
|
14
|
+
cbx_id = "#{obj_to_s}_#{column}_#{assignment_obj.id}"
|
15
|
+
html += check_box_tag field_name, assignment_obj.id, obj.send(column).include?(assignment_obj.id), :id => cbx_id
|
16
|
+
html += label_tag cbx_id, h(assignment_obj.send(assignment_object_display_column))
|
17
|
+
html += content_tag(:br)
|
18
|
+
end
|
19
|
+
html
|
20
|
+
end
|
21
|
+
|
22
|
+
# Creates permission checkboxes for each type of permission and permission category.
|
23
|
+
# Permission types include manage, read, create, update, and destroy. They are hardcoded in this method.
|
24
|
+
#
|
25
|
+
# @param obj An instance of the Role model or any model with a habtm relationship with Permission
|
26
|
+
# @param column Not used
|
27
|
+
# @param controllers A list of controllers that can have permissions applied to them
|
28
|
+
# @param role_id Id that corresponds to an instance of the role model. Should refer to the same object as the obj parameter.
|
29
|
+
# @return [String] Html safe string of permissions checkboxes for each controller and action
|
30
|
+
def permissions_checkboxes(obj, column, controllers, role_id)
|
31
|
+
perms = obj.permissions
|
32
|
+
html = ""
|
33
|
+
abilities = ['manage','read','create','update','destroy']
|
34
|
+
html += content_tag(:table) do
|
35
|
+
html_table = ""
|
36
|
+
controllers.each do |controller|
|
37
|
+
controller.strip!
|
38
|
+
html_table += content_tag(:tr) do
|
39
|
+
html_tr = ""
|
40
|
+
html_tr += content_tag(:th, controller)
|
41
|
+
html_tr += content_tag(:th, "Use")
|
42
|
+
html_tr += content_tag(:th, "View")
|
43
|
+
html_tr += content_tag(:th, "Add")
|
44
|
+
html_tr += content_tag(:th, "Edit")
|
45
|
+
html_tr += content_tag(:th, "Delete")
|
46
|
+
html_tr.html_safe
|
47
|
+
end
|
48
|
+
html_table += content_tag(:tr) do
|
49
|
+
html_tr = ""
|
50
|
+
html_tr += content_tag(:td," ")
|
51
|
+
abilities.each do |ability|
|
52
|
+
p = {
|
53
|
+
:role_id => role_id,
|
54
|
+
:model => controller.singularize,
|
55
|
+
:ability => ability
|
56
|
+
}
|
57
|
+
|
58
|
+
perm = Permission.new(p)
|
59
|
+
checked = perms.include?(perm)
|
60
|
+
#checked = false
|
61
|
+
html_tr += content_tag(:td) do
|
62
|
+
check_box_tag 'role_ids[]',p.to_json,checked, {:id => "permission_#{controller}_#{ability}", :class => "permission_#{ability}"}
|
63
|
+
end
|
64
|
+
end
|
65
|
+
html_tr.html_safe
|
66
|
+
end
|
67
|
+
end
|
68
|
+
html_table.html_safe
|
69
|
+
end
|
70
|
+
html.html_safe
|
71
|
+
end
|
72
|
+
|