emergent-core 0.1.0

data/rails_generators/emergent_config/templates/db/migrate/create_content_assignments.rb

@@ -0,0 +1,26 @@
+class CreateContentAssignments < ActiveRecord::Migration
+  def self.up
+    create_table :content_assignments do |t|
+      t.string  :title
+      t.integer :ancestor_id # parent_id
+      t.integer :target_id # content_id
+      t.string  :ancestor_as
+      t.string  :target_as
+      t.integer :lft
+      t.integer :rgt
+      t.integer :position
+      t.boolean :directed
+      t.references :user
+      t.references :site
+      t.references :section
+      t.integer    :approved, :null => false, :default => 0
+      t.string  :content_template
+
+      t.timestamps
+    end
+  end
+
+  def self.down
+    drop_table :content_assignments
+  end
+end

data/rails_generators/emergent_config/templates/db/migrate/create_contents.rb

@@ -0,0 +1,21 @@
+class CreateContents < ActiveRecord::Migration
+  def self.up
+    create_table :contents do |t|
+      t.string     :title
+      t.text       :abstract
+      t.string     :menu_title
+      t.string     :sub_title
+      t.text       :body      
+      t.string     :type # Single Table Inheritance
+      t.integer    :approved, :null => false, :default => 0
+
+      t.references :user
+      
+      t.timestamps
+    end
+  end
+
+  def self.down
+    drop_table :contents
+  end
+end

data/rails_generators/emergent_config/templates/db/migrate/create_sessions.rb

@@ -0,0 +1,16 @@
+class CreateSessions < ActiveRecord::Migration
+  def self.up
+    create_table :sessions do |t|
+      t.string :session_id, :null => false
+      t.text :data
+      t.timestamps
+    end
+
+    add_index :sessions, :session_id
+    add_index :sessions, :updated_at
+  end
+
+  def self.down
+    drop_table :sessions
+  end
+end

data/rails_generators/emergent_config/templates/db/migrate/create_sites.rb

@@ -0,0 +1,27 @@
+class CreateSitesTable < ActiveRecord::Migration
+  def self.up
+    create_table :sites do |t|
+      t.string  :name
+      t.string  :host
+      t.string  :title
+      t.string  :subtitle
+      t.string  :email
+      t.string  :timezone
+      t.text    :ping_urls
+      t.string  :akismet_key, :limit => 100
+      t.string  :akismet_url
+      t.boolean :approve_comments
+      t.integer :comment_age
+      t.string  :comment_filter
+      t.string  :search_path
+      t.string  :tag_path
+      t.string  :tag_layout
+      t.string  :permalink_style
+      t.text    :permissions
+    end
+  end
+
+  def self.down
+    drop_table :sites
+  end
+end

data/rails_generators/emergent_config/templates/db/migrate/create_users.rb

@@ -0,0 +1,15 @@
+class CreateUsers < ActiveRecord::Migration
+  def self.up
+    create_table :users do |t|
+      t.string :title
+      t.references :account
+      t.references :address
+
+      t.timestamps
+    end
+  end
+
+  def self.down
+    drop_table :users
+  end
+end

data/rails_generators/emergent_config/templates/lib/app_controller.rb.erb

@@ -0,0 +1,26 @@
+# Filters added to this controller apply to all controllers in the application.
+# Likewise, all the methods added will be available for all controllers.
+
+class ApplicationController < ActionController::Base
+  helper :all # include all helpers, all the time
+
+  include AuthenticatedSystem
+
+  before_filter :login_required
+  
+  before_filter :set_current_account
+  
+  # See ActionController::RequestForgeryProtection for details
+  # Uncomment the :secret if you're not using the cookie session store
+  protect_from_forgery # :secret => '3f6014c50e2266aa27431c8e0022ea3f'
+  
+  # See ActionController::Base for details 
+  # Uncomment this to filter the contents of submitted sensitive data parameters
+  # from your application log (in this case, all fields with names like "password"). 
+  # filter_parameter_logging :password
+  
+  protected
+    def set_current_account
+      Account.current_account = self.current_account
+    end
+end

data/rails_generators/emergent_config/templates/lib/authenticated_system.rb

@@ -0,0 +1,189 @@
+module AuthenticatedSystem
+  protected
+    # Returns true or false if the account is logged in.
+    # Preloads @current_account with the account model if they're logged in.
+    def logged_in?
+      !!current_account
+    end
+
+    # Accesses the current account from the session.
+    # Future calls avoid the database because nil is not equal to false.
+    def current_account
+      @current_account ||= (login_from_session || login_from_basic_auth || login_from_cookie) unless @current_account == false
+    end
+
+    # Store the given account id in the session.
+    def current_account=(new_account)
+      session[:account_id] = new_account ? new_account.id : nil
+      @current_account = new_account || false
+    end
+
+    # Check if the account is authorized
+    #
+    # Override this method in your controllers if you want to restrict access
+    # to only a few actions or if you want to check if the account
+    # has the correct rights.
+    #
+    # Example:
+    #
+    #  # only allow nonbobs
+    #  def authorized?
+    #    current_account.login != "bob"
+    #  end
+    #
+    def authorized?(action = action_name, resource = nil)
+      logged_in?
+    end
+
+    # Filter method to enforce a login requirement.
+    #
+    # To require logins for all actions, use this in your controllers:
+    #
+    #   before_filter :login_required
+    #
+    # To require logins for specific actions, use this in your controllers:
+    #
+    #   before_filter :login_required, :only => [ :edit, :update ]
+    #
+    # To skip this in a subclassed controller:
+    #
+    #   skip_before_filter :login_required
+    #
+    def login_required
+      authorized? || access_denied
+    end
+
+    # Redirect as appropriate when an access request fails.
+    #
+    # The default action is to redirect to the login screen.
+    #
+    # Override this method in your controllers if you want to have special
+    # behavior in case the account is not authorized
+    # to access the requested action.  For example, a popup window might
+    # simply close itself.
+    def access_denied
+      respond_to do |format|
+        format.html do
+          store_location
+          redirect_to new_session_path
+        end
+        # format.any doesn't work in rails version < http://dev.rubyonrails.org/changeset/8987
+        # Add any other API formats here.  (Some browsers, notably IE6, send Accept: */* and trigger 
+        # the 'format.any' block incorrectly. See http://bit.ly/ie6_borken or http://bit.ly/ie6_borken2
+        # for a workaround.)
+        format.any(:json, :xml) do
+          request_http_basic_authentication 'Web Password'
+        end
+      end
+    end
+
+    # Store the URI of the current request in the session.
+    #
+    # We can return to this location by calling #redirect_back_or_default.
+    def store_location
+      session[:return_to] = request.request_uri
+    end
+
+    # Redirect to the URI stored by the most recent store_location call or
+    # to the passed default.  Set an appropriately modified
+    #   after_filter :store_location, :only => [:index, :new, :show, :edit]
+    # for any controller you want to be bounce-backable.
+    def redirect_back_or_default(default)
+      redirect_to(session[:return_to] || default)
+      session[:return_to] = nil
+    end
+
+    # Inclusion hook to make #current_account and #logged_in?
+    # available as ActionView helper methods.
+    def self.included(base)
+      base.send :helper_method, :current_account, :logged_in?, :authorized? if base.respond_to? :helper_method
+    end
+
+    #
+    # Login
+    #
+
+    # Called from #current_account.  First attempt to login by the account id stored in the session.
+    def login_from_session
+      self.current_account = Account.find_by_id(session[:account_id]) if session[:account_id]
+    end
+
+    # Called from #current_account.  Now, attempt to login by basic authentication information.
+    def login_from_basic_auth
+      authenticate_with_http_basic do |login, password|
+        self.current_account = Account.authenticate(login, password)
+      end
+    end
+    
+    #
+    # Logout
+    #
+
+    # Called from #current_account.  Finaly, attempt to login by an expiring token in the cookie.
+    # for the paranoid: we _should_ be storing account_token = hash(cookie_token, request IP)
+    def login_from_cookie
+      account = cookies[:auth_token] && Account.find_by_remember_token(cookies[:auth_token])
+      if account && account.remember_token?
+        self.current_account = account
+        handle_remember_cookie! false # freshen cookie token (keeping date)
+        self.current_account
+      end
+    end
+
+    # This is ususally what you want; resetting the session willy-nilly wreaks
+    # havoc with forgery protection, and is only strictly necessary on login.
+    # However, **all session state variables should be unset here**.
+    def logout_keeping_session!
+      # Kill server-side auth cookie
+      @current_account.forget_me if @current_account.is_a? Account
+      @current_account = false     # not logged in, and don't do it for me
+      kill_remember_cookie!     # Kill client-side auth cookie
+      session[:account_id] = nil   # keeps the session but kill our variable
+      # explicitly kill any other session variables you set
+    end
+
+    # The session should only be reset at the tail end of a form POST --
+    # otherwise the request forgery protection fails. It's only really necessary
+    # when you cross quarantine (logged-out to logged-in).
+    def logout_killing_session!
+      logout_keeping_session!
+      reset_session
+    end
+    
+    #
+    # Remember_me Tokens
+    #
+    # Cookies shouldn't be allowed to persist past their freshness date,
+    # and they should be changed at each login
+
+    # Cookies shouldn't be allowed to persist past their freshness date,
+    # and they should be changed at each login
+
+    def valid_remember_cookie?
+      return nil unless @current_account
+      (@current_account.remember_token?) && 
+        (cookies[:auth_token] == @current_account.remember_token)
+    end
+    
+    # Refresh the cookie auth token if it exists, create it otherwise
+    def handle_remember_cookie!(new_cookie_flag)
+      return unless @current_account
+      case
+      when valid_remember_cookie? then @current_account.refresh_token # keeping same expiry date
+      when new_cookie_flag        then @current_account.remember_me 
+      else                             @current_account.forget_me
+      end
+      send_remember_cookie!
+    end
+  
+    def kill_remember_cookie!
+      cookies.delete :auth_token
+    end
+    
+    def send_remember_cookie!
+      cookies[:auth_token] = {
+        :value   => @current_account.remember_token,
+        :expires => @current_account.remember_token_expires_at }
+    end
+
+end

data/rails_generators/emergent_config/templates/lib/authenticated_test_helper.rb

@@ -0,0 +1,11 @@
+module AuthenticatedTestHelper
+  # Sets the current account in the session from the account fixtures.
+  def login_as(account)
+    @request.session[:account_id] = account ? accounts(account).id : nil
+  end
+
+  def authorize_as(account)
+    @request.env["HTTP_AUTHORIZATION"] = account ? ActionController::HttpAuthentication::Basic.encode_credentials(accounts(account).login, 'monkey') : nil
+  end
+  
+end

data/rails_generators/emergent_config/templates/lib/flash_session_hack.rb

@@ -0,0 +1,27 @@
+# Add this to config/initaializers/swfupload_session_hack.rb
+
+# Based on the code from http://seventytwo.co.uk/posts/making-swfupload-and-rails-work-together
+
+# The following code is a work-around for the Flash 8 bug that prevents our multiple file uploader
+# from sending the _session_id.  Here, we hack the Session#initialize method and force the session_id
+# to load from the query string via the request uri. (Tested on Lighttpd, Mongrel, Apache)
+class CGI::Session
+  alias original_initialize initialize
+
+  def initialize(request, option = {})
+    option = scan_for_session_id(request, '_swfupload_session_id', option) unless option['session_id']
+    original_initialize(request, option)
+  end
+
+  def scan_for_session_id(request, session_key = '_session_id', option = {})
+    query_string = if (qs = request.env_table["QUERY_STRING"]) and qs != ""
+      qs
+    elsif (ru = request.env_table["REQUEST_URI"][0..-1]).include?("?")
+      ru[(ru.index("?") + 1)..-1]
+    end
+    if query_string and query_string.include?(session_key)
+      option['session_id'] = query_string.scan(/#{session_key}=(.*?)(&.*?)*$/).flatten.first
+    end
+    return option
+  end
+end

data/rails_generators/emergent_config/templates/lib/site_keys.rb

@@ -0,0 +1,38 @@
+
+# A Site key gives additional protection against a dictionary attack if your
+# DB is ever compromised.  With no site key, we store
+#   DB_password = hash(user_password, DB_user_salt)
+# If your database were to be compromised you'd be vulnerable to a dictionary
+# attack on all your stupid users' passwords.  With a site key, we store
+#   DB_password = hash(user_password, DB_user_salt, Code_site_key)
+# That means an attacker needs access to both your site's code *and* its
+# database to mount an "offline dictionary attack.":http://www.dwheeler.com/secure-programs/Secure-Programs-HOWTO/web-authentication.html
+# 
+# It's probably of minor importance, but recommended by best practices: 'defense
+# in depth'.  Needless to say, if you upload this to github or the youtubes or
+# otherwise place it in public view you'll kinda defeat the point.  Your users'
+# passwords are still secure, and the world won't end, but defense_in_depth -= 1.
+# 
+# Please note: if you change this, all the passwords will be invalidated, so DO
+# keep it someplace secure.  Use the random value given or type in the lyrics to
+# your favorite Jay-Z song or something; any moderately long, unpredictable text.
+REST_AUTH_SITE_KEY         = '3363485a6fe20dfbd725b8b6ce5ba8f4b7bb3a71'
+  
+# Repeated applications of the hash make brute force (even with a compromised
+# database and site key) harder, and scale with Moore's law.
+#
+#   bq. "To squeeze the most security out of a limited-entropy password or
+#   passphrase, we can use two techniques [salting and stretching]... that are
+#   so simple and obvious that they should be used in every password system.
+#   There is really no excuse not to use them." http://tinyurl.com/37lb73
+#   Practical Security (Ferguson & Scheier) p350
+# 
+# A modest 10 foldings (the default here) adds 3ms.  This makes brute forcing 10
+# times harder, while reducing an app that otherwise serves 100 reqs/s to 78 signin
+# reqs/s, an app that does 10reqs/s to 9.7 reqs/s
+# 
+# More:
+# * http://www.owasp.org/index.php/Hashing_Java
+# * "An Illustrated Guide to Cryptographic Hashes":http://www.unixwiz.net/techtips/iguide-crypto-hashes.html
+
+REST_AUTH_DIGEST_STRETCHES = 10

data/rails_generators/emergent_config/templates/shell_script

@@ -0,0 +1,31 @@
+#!/bin/sh
+
+# Freeze edge rails
+rake rails:freeze:edge
+
+# Mailer so you can use gmail to send emails
+sudo gem install tlsmail
+
+# Install plugins we use
+# Rspec
+ruby ./script/plugin install http://rspec.rubyforge.org/svn/trunk/rspec
+
+# RSpec on rails
+ruby ./script/plugin install http://rspec.rubyforge.org/svn/trunk/rspec_on_rails
+
+# Generate spec for this
+ruby ./script/generate rspec
+
+# Install Plugins
+ruby script/plugin install git://github.com/thoughtbot/paperclip.git
+
+ruby script/plugin install git://github.com/collectiveidea/awesome_nested_set.git
+
+ruby script/plugin install git://github.com/technoweenie/restful-authentication.git restful_authentication
+
+# Add emergent project
+git clone git@github.com:viatropos/emergent.git
+
+mv emergent/src/com app/flex
+
+rm -rfv emergent

data/rails_generators/emergent_controller/USAGE

@@ -0,0 +1,5 @@
+Description:
+  
+  
+Usage:
+  

data/rails_generators/emergent_controller/emergent_controller_generator.rb

@@ -0,0 +1,25 @@
+class EmergentControllerGenerator < Rails::Generator::NamedBase
+  include RestfulX::Configuration
+  
+  attr_reader :project_name, 
+              :flex_project_name, 
+              :base_package, 
+              :base_folder, 
+              :command_controller_name,
+              :model_names, 
+              :command_names
+
+  def initialize(runtime_args, runtime_options = {})
+    super
+    @project_name, @flex_project_name, @command_controller_name, @base_package, @base_folder = extract_names
+    
+    @model_names = list_as_files("app/flex/#{base_folder}/models")
+  end
+
+  def manifest
+    record do |m|      
+      m.template 'controller.as.erb', File.join("app/flex/#{base_folder}/controllers", 
+        "#{command_controller_name}.as")
+    end
+  end
+end

data/rails_generators/emergent_controller/templates/controller.as.erb

@@ -0,0 +1,37 @@
+package <%= base_package %>.controllers {
+
+	import <%= base_package %>.models.domain.*;
+
+	import mx.core.Application;		
+	import org.restfulx.Rx;
+	import org.restfulx.controllers.RxApplicationController;
+	import org.restfulx.utils.RxUtils;
+
+	public class <%= command_controller_name %> extends RxApplicationController {
+		private static var controller:<%= command_controller_name %>;
+    
+		public static var models:Array = [Account, Address, Content, ContentAssignment]; /* Models */
+    
+		public static var commands:Array = [<%= command_names %>]; /* Commands */
+    
+		public function <%= command_controller_name %>(enforcer:SingletonEnforcer, extraServices:Array, defaultServiceId:int = -1) {
+			super(commands, models, extraServices, defaultServiceId);
+		}
+    
+		public static function get instance():<%= command_controller_name %> {
+			if (controller == null) initialize();
+			return controller;
+		}
+    
+		public static function initialize(extraServices:Array = null, defaultServiceId:int = -1, airDatabaseName:String = null):void {
+			if (!RxUtils.isEmpty(airDatabaseName)) Rx.airDatabaseName = airDatabaseName;
+			controller = new <%= command_controller_name %>(new SingletonEnforcer, extraServices, defaultServiceId);
+			Rx.sessionToken = Application.application.parameters.session_token;
+			if (Application.application.parameters.authenticity_token) {
+				Rx.defaultMetadata = { authenticity_token : Application.application.parameters.authenticity_token };
+			}
+		}
+	}
+}
+
+class SingletonEnforcer {}

data/rails_generators/emergent_core/USAGE

@@ -0,0 +1,5 @@
+Description:
+  
+  
+Usage:
+