RubyGems - erp_tech_svcs - Versions diffs - 3.0.0 - Mend

erp_tech_svcs 3.0.0

Files changed (109) hide show

data/GPL-3-LICENSE +674 -0
data/README.rdoc +2 -0
data/Rakefile +30 -0
data/app/assets/javascripts/erp_tech_svcs/application.js +9 -0
data/app/assets/stylesheets/erp_tech_svcs/application.css +7 -0
data/app/controllers/erp_tech_svcs/session_controller.rb +19 -0
data/app/controllers/erp_tech_svcs/user_controller.rb +40 -0
data/app/helpers/erp_tech_svcs/application_helper.rb +4 -0
data/app/mailers/user_mailer.rb +16 -0
data/app/models/audit_log.rb +60 -0
data/app/models/audit_log_item.rb +4 -0
data/app/models/audit_log_item_type.rb +6 -0
data/app/models/audit_log_type.rb +24 -0
data/app/models/capability.rb +8 -0
data/app/models/capability_type.rb +3 -0
data/app/models/capable_model.rb +4 -0
data/app/models/encryption_key.rb +9 -0
data/app/models/extensions/contact_purpose.rb +3 -0
data/app/models/extensions/contact_type.rb +3 -0
data/app/models/extensions/note.rb +6 -0
data/app/models/extensions/note_type.rb +3 -0
data/app/models/extensions/party.rb +3 -0
data/app/models/extensions/relationship_type.rb +3 -0
data/app/models/extensions/role_type.rb +3 -0
data/app/models/file_asset.rb +178 -0
data/app/models/role.rb +17 -0
data/app/models/secured_model.rb +13 -0
data/app/models/user.rb +33 -0
data/app/views/layouts/application.html.erb +14 -0
data/app/views/layouts/erp_tech_svcs/application.html.erb +14 -0
data/app/views/user_mailer/activation_needed_email.html.erb +14 -0
data/app/views/user_mailer/reset_password_email.html.erb +14 -0
data/config/initializers/erp_tech_svcs.rb +7 -0
data/config/initializers/file_support.rb +1 -0
data/config/initializers/pdfkit.rb +18 -0
data/config/initializers/sorcery.rb +199 -0
data/config/routes.rb +9 -0
data/db/data_migrations/20110802200222_schedule_delete_expired_sessions_job.rb +15 -0
data/db/data_migrations/20111111144706_setup_audit_log_types.rb +21 -0
data/db/migrate/20080805000010_base_tech_services.rb +247 -0
data/db/migrate/20111109161549_add_capabilites.rb +56 -0
data/db/migrate/upgrade/20111109161550_update_roles.rb +33 -0
data/db/migrate/upgrade/20111109161551_update_user.rb +88 -0
data/lib/erp_tech_svcs/application_installer.rb +102 -0
data/lib/erp_tech_svcs/config.rb +27 -0
data/lib/erp_tech_svcs/engine.rb +14 -0
data/lib/erp_tech_svcs/extensions/active_record/acts_as_versioned.rb +494 -0
data/lib/erp_tech_svcs/extensions/active_record/has_capabilities.rb +139 -0
data/lib/erp_tech_svcs/extensions/active_record/has_file_assets.rb +40 -0
data/lib/erp_tech_svcs/extensions/active_record/has_roles.rb +126 -0
data/lib/erp_tech_svcs/extensions.rb +5 -0
data/lib/erp_tech_svcs/file_support/aws_s3_patch.rb +3 -0
data/lib/erp_tech_svcs/file_support/base.rb +30 -0
data/lib/erp_tech_svcs/file_support/file_manipulator.rb +37 -0
data/lib/erp_tech_svcs/file_support/file_system_manager.rb +167 -0
data/lib/erp_tech_svcs/file_support/manager.rb +147 -0
data/lib/erp_tech_svcs/file_support/paperclip_patch.rb +28 -0
data/lib/erp_tech_svcs/file_support/railties/s3_resolver.rb +79 -0
data/lib/erp_tech_svcs/file_support/s3_manager.rb +211 -0
data/lib/erp_tech_svcs/file_support.rb +10 -0
data/lib/erp_tech_svcs/sessions/delete_expired_sessions_job.rb +40 -0
data/lib/erp_tech_svcs/sessions/delete_expired_sessions_service.rb +15 -0
data/lib/erp_tech_svcs/utils/attachment_fu_patch.rb +15 -0
data/lib/erp_tech_svcs/utils/compass_access_negotiator.rb +57 -0
data/lib/erp_tech_svcs/utils/compass_logger.rb +94 -0
data/lib/erp_tech_svcs/utils/compass_pdf.rb +72 -0
data/lib/erp_tech_svcs/utils/default_nested_set_methods.rb +33 -0
data/lib/erp_tech_svcs/utils/pdf_processor.rb +106 -0
data/lib/erp_tech_svcs/version.rb +3 -0
data/lib/erp_tech_svcs.rb +20 -0
data/lib/tasks/erp_tech_svcs_tasks.rake +42 -0
data/spec/dummy/Rakefile +7 -0
data/spec/dummy/app/assets/javascripts/application.js +9 -0
data/spec/dummy/app/assets/stylesheets/application.css +7 -0
data/spec/dummy/app/controllers/application_controller.rb +3 -0
data/spec/dummy/app/helpers/application_helper.rb +2 -0
data/spec/dummy/app/views/layouts/application.html.erb +14 -0
data/spec/dummy/config/application.rb +43 -0
data/spec/dummy/config/boot.rb +10 -0
data/spec/dummy/config/database.yml +8 -0
data/spec/dummy/config/environment.rb +5 -0
data/spec/dummy/config/environments/spec.rb +27 -0
data/spec/dummy/config/initializers/backtrace_silencers.rb +7 -0
data/spec/dummy/config/initializers/inflections.rb +10 -0
data/spec/dummy/config/initializers/mime_types.rb +5 -0
data/spec/dummy/config/initializers/secret_token.rb +7 -0
data/spec/dummy/config/initializers/session_store.rb +8 -0
data/spec/dummy/config/initializers/wrap_parameters.rb +12 -0
data/spec/dummy/config/locales/en.yml +5 -0
data/spec/dummy/config/routes.rb +3 -0
data/spec/dummy/config.ru +4 -0
data/spec/dummy/db/schema.rb +571 -0
data/spec/dummy/db/spec.sqlite3 +0 -0
data/spec/dummy/log/spec.log +2862 -0
data/spec/dummy/public/404.html +26 -0
data/spec/dummy/public/422.html +26 -0
data/spec/dummy/public/500.html +26 -0
data/spec/dummy/public/favicon.ico +0 -0
data/spec/dummy/script/rails +6 -0
data/spec/factories/capability_type.rb +5 -0
data/spec/factories/role.rb +5 -0
data/spec/factories/users.rb +9 -0
data/spec/lib/erp_tech_svcs/extensions/active_record/has_roles_spec.rb +68 -0
data/spec/models/audit_log_spec.rb +48 -0
data/spec/models/audit_log_type_spec.rb +9 -0
data/spec/models/role_spec.rb +17 -0
data/spec/models/user_spec.rb +27 -0
data/spec/spec_helper.rb +61 -0
metadata +273 -0

data/config/initializers/sorcery.rb ADDED Viewed

@@ -0,0 +1,199 @@
+# The first thing you need to configure is which modules you need in your app.
+# The default is nothing which will include only core features (password encryption, login/logout).
+# Available submodules are: :user_activation, :http_basic_auth, :remember_me,
+# :reset_password, :session_timeout, :brute_force_protection, :activity_logging, :external
+Rails.application.config.sorcery.submodules = [:user_activation,:remember_me,:reset_password,:brute_force_protection,:activity_logging]
+# Here you can configure each submodule's features.
+Rails.application.config.sorcery.configure do |config|
+  # -- core --
+  # config.not_authenticated_action = :not_authenticated              # what controller action to call for
+                                                                      # non-authenticated users.
+                                                                      # You can also override 'not_authenticated'
+                                                                      # instead.
+  # config.save_return_to_url = true                                  # when a non logged in user tries to enter
+                                                                      # a page that requires login,
+                                                                      # save the URL he wanted to reach,
+                                                                      # and send him there after login, using
+                                                                      # 'redirect_back_or_to'.
+  # config.cookie_domain = nil                                        # set domain option for cookies
+                                                                      # Useful for remember_me submodule
+  # -- session timeout --
+  # config.session_timeout = 3600                                     # how long in seconds to keep the session alive.
+  # config.session_timeout_from_last_action = false                   # use the last action as the beginning of
+                                                                      # session timeout.
+  # -- http_basic_auth --
+  # config.controller_to_realm_map = {"application" => "Application"} # What realm to display for which controller name.
+                                                                      # For example {"My App" => "Application"}
+  # -- activity logging --
+  # config.register_login_time = true                                 # will register the time of last user login, every login.
+  # config.register_logout_time = true                                # will register the time of last user logout, every logout.
+  # config.register_last_activity_time = true                         # will register the time of last user action, every action.
+  # -- external --
+  # config.external_providers = []                                    # What providers are supported by this app,
+                                                                      # i.e. [:twitter, :facebook, :github] .
+  # config.ca_file = 'path/to/ca_file'                                # Path to ca_file. By default use a internal ca-bundle.crt.
+                                                                      # You can change it by your local ca_file.
+                                                                      # i.e. '/etc/pki/tls/certs/ca-bundle.crt'
+  # config.twitter.key = "eYVNBjBDi33aa9GkA3w"
+  # config.twitter.secret = "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8"
+  # config.twitter.callback_url = "http://0.0.0.0:3000/oauth/callback?provider=twitter"
+  # config.twitter.user_info_mapping = {:email => "screen_name"}
+  #
+  # config.facebook.key = "34cebc81c08a521bc66e212f947d73ec"
+  # config.facebook.secret = "5b458d179f61d4f036ee66a497ffbcd0"
+  # config.facebook.callback_url = "http://0.0.0.0:3000/oauth/callback?provider=facebook"
+  # config.facebook.user_info_mapping = {:email => "name"}
+  #
+  # config.github.key = ""
+  # config.github.secret = ""
+  # config.github.callback_url = "http://0.0.0.0:3000/oauth/callback?provider=github"
+  # config.github.user_info_mapping = {:email => "name"}
+  # --- user config ---
+  config.user_config do |user|
+    # -- core --
+    user.username_attribute_names = [:username, :email]                               # specify username
+                                                                                      # attributes, for example:
+                                                                                      # [:username, :email].
+    user.password_attribute_name = :password                                          # change *virtual* password
+                                                                                      # attribute, the one which is used
+                                                                                      # until an encrypted one is
+                                                                                      # generated.
+    # user.email_attribute_name = :email                                              # change default email attribute.
+    # user.crypted_password_attribute_name =  :crypted_password                       # change default crypted_password
+                                                                                      # attribute.
+    # user.salt_join_token = ""                                                       # what pattern to use to join the
+                                                                                      # password with the salt
+    # user.salt_attribute_name = :salt                                                # change default salt attribute.
+    # user.stretches = nil                                                            # how many times to apply
+                                                                                      # encryption to the password.
+    # user.encryption_key = nil                                                       # encryption key used to encrypt
+                                                                                      # reversible encryptions such as
+                                                                                      # AES256.
+                                                                                      #
+                                                                                      # WARNING:
+                                                                                      #
+                                                                                      # If used for users' passwords, changing this key
+                                                                                      # will leave passwords undecryptable!
+    # user.custom_encryption_provider = nil                                           # use an external encryption
+                                                                                      # class.
+    # user.encryption_algorithm = :bcrypt                                             # encryption algorithm name. See
+                                                                                      # 'encryption_algorithm=' for
+                                                                                      # available options.
+    # user.subclasses_inherit_config = false                                          # make this configuration
+                                                                                      # inheritable for subclasses.
+                                                                                      # Useful for ActiveRecord's STI.
+    # -- user_activation --
+    # user.activation_state_attribute_name = :activation_state                        # the attribute name to hold
+                                                                                      # activation state
+                                                                                      # (active/pending).
+    # user.activation_token_attribute_name = :activation_token                        # the attribute name to hold
+                                                                                      # activation code (sent by email).
+    # user.activation_token_expires_at_attribute_name = :activation_token_expires_at  # the attribute name to hold
+                                                                                      # activation code expiration date.
+    # user.activation_token_expiration_period =  nil                                  # how many seconds before the
+                                                                                      # activation code expires. nil for
+                                                                                      # never expires.
+    user.user_activation_mailer = UserMailer                                          # your mailer class. Required.
+    # user.activation_needed_email_method_name = :activation_needed_email             # activation needed email method
+                                                                                      # on your mailer class.
+    user.activation_success_email_method_name = nil                                   # activation success email method
+                                                                                      # on your mailer class.
+    # user.prevent_non_active_users_to_login = true                                   # do you want to prevent or allow
+                                                                                      # users that did not activate by
+                                                                                      # email to login?
+    # -- reset_password --
+    # user.reset_password_token_attribute_name = :reset_password_token                          # reset password code
+                                                                                                # attribute name.
+    # user.reset_password_token_expires_at_attribute_name = :reset_password_token_expires_at    # expires at attribute
+                                                                                                # name.
+    # user.reset_password_email_sent_at_attribute_name = :reset_password_email_sent_at          # when was email sent,
+                                                                                                # used for hammering
+                                                                                                # protection.
+    user.reset_password_mailer = UserMailer                                                     # mailer class. Needed.
+    # user.reset_password_email_method_name = :reset_password_email                             # reset password email
+                                                                                                # method on your mailer
+                                                                                                # class.
+    # user.reset_password_expiration_period = nil                                               # how many seconds
+                                                                                                # before the reset
+                                                                                                # request expires. nil
+                                                                                                # for never expires.
+    # user.reset_password_time_between_emails = 5 * 60                                          # hammering protection,
+                                                                                                # how long to wait
+                                                                                                # before allowing
+                                                                                                # another email to be
+                                                                                                # sent.
+    # -- brute_force_protection --
+    # user.failed_logins_count_attribute_name = :failed_logins_count                  # failed logins attribute name.
+    # user.lock_expires_at_attribute_name = :lock_expires_at                          # this field indicates whether
+                                                                                      # user is banned and when it will
+                                                                                      # be active again.
+    user.consecutive_login_retries_amount_limit = 5                                   # how many failed logins allowed.
+    # user.login_lock_time_period = 60 * 60                                           # how long the user should be
+                                                                                      # banned. in seconds. 0 for
+                                                                                      # permanent.
+    # -- activity logging --
+    #user.last_login_at_attribute_name = :last_sign_in_at                             # last login attribute name.
+    # user.last_logout_at_attribute_name = :last_logout_at                            # last logout attribute name.
+    # user.last_activity_at_attribute_name = :last_activity_at                        # last activity attribute name.
+    # user.activity_timeout = 10 * 60                                                 # how long since last activity is
+                                                                                      # the user defined logged out?
+    # -- external --
+    # user.authentications_class = nil                                                # class which holds the various
+                                                                                      # external provider data for this
+                                                                                      # user.
+    # user.authentications_user_id_attribute_name = :user_id                          # user's identifier in
+                                                                                      # authentications class.
+    # user.provider_attribute_name = :provider                                        # provider's identifier in
+                                                                                      # authentications class.
+    # user.provider_uid_attribute_name = :uid                                         # user's external unique
+                                                                                      # identifier in authentications
+                                                                                      # class.
+  end
+  # This line must come after the 'user config' block.
+  config.user_class = "User"                                                          # define which model authenticates
+                                                                                      # with sorcery.
+end

data/config/routes.rb ADDED Viewed

@@ -0,0 +1,9 @@
+Rails.application.routes.draw do
+  #handle login / logout
+  match "/session/sign_in" => 'erp_tech_svcs/session#create'
+  match "/session/sign_out" => 'erp_tech_svcs/session#destroy'
+  #handle activation
+  get "/users/activate/:activation_token" => 'erp_tech_svcs/user#activate'
+  post "/users/reset_password" => 'erp_tech_svcs/user#reset_password'
+end

data/db/data_migrations/20110802200222_schedule_delete_expired_sessions_job.rb ADDED Viewed

@@ -0,0 +1,15 @@
+class ScheduleDeleteExpiredSessionsJob
+  def self.up
+    #insert data here
+    date = Date.tomorrow
+    start_time = DateTime.civil(date.year, date.month, date.day, 2, 0, 1, -(5.0/24.0))
+    ErpTechSvcs::Sessions::DeleteExpiredSessionsJob.schedule_job(start_time)
+  end
+  def self.down
+    #remove data here
+  end
+end

data/db/data_migrations/20111111144706_setup_audit_log_types.rb ADDED Viewed

@@ -0,0 +1,21 @@
+class SetupAuditLogTypes
+  def self.up
+    application_alt = AuditLogType.create(:description => 'Application', :internal_identifier => 'application')
+    [
+      {:description => 'Custom Message', :internal_identifier => 'custom_message'},
+      {:description => 'Successful Logout', :internal_identifier => 'successful_logout'},
+      {:description => 'Successful Login', :internal_identifier => 'successful_login'},
+      {:description => 'Accessed Area', :internal_identifier => 'accessed_area'},
+      {:description => 'Session Timeout', :internal_identifier => 'session_timeout'}
+    ].each do |alt_hash|
+        AuditLogType.create(alt_hash).move_to_child_of(application_alt)
+    end
+  end
+  def self.down
+    AuditLogType.destroy_all
+  end
+end

data/db/migrate/20080805000010_base_tech_services.rb ADDED Viewed

@@ -0,0 +1,247 @@
+class BaseTechServices < ActiveRecord::Migration
+  def self.up
+    unless table_exists?(:users)
+      # Create the users table
+      create_table :users do |t|
+        t.string :username
+        t.string :email
+        t.references :party
+        t.string :type
+        t.string :salt, :default => nil
+        t.string :crypted_password, :default => nil
+        #activity logging
+        t.datetime :last_login_at, :default => nil
+        t.datetime :last_logout_at, :default => nil
+        t.datetime :last_activity_at, :default => nil
+        #brute force protection
+        t.integer :failed_logins_count, :default => 0
+        t.datetime :lock_expires_at, :default => nil
+        #remember me
+        t.string :remember_me_token, :default => nil
+        t.datetime :remember_me_token_expires_at, :default => nil
+        #reset password
+        t.string :reset_password_token, :default => nil
+        t.datetime :reset_password_token_expires_at, :default => nil
+        t.datetime :reset_password_email_sent_at, :default => nil
+        #user activation
+        t.string :activation_state, :default => nil
+        t.string :activation_token, :default => nil
+        t.datetime :activation_token_expires_at, :default => nil
+        t.timestamps
+      end
+      add_index :users, :email, :unique => true
+      add_index :users, :username, :unique => true
+      add_index :users, [:last_logout_at, :last_activity_at], :name => 'activity_idx', :unique => true
+      add_index :users, :remember_me_token, :unique => true
+      add_index :users, :reset_password_token, :unique => true
+      add_index :users, :activation_token, :unique => true
+    end
+    unless table_exists?(:roles)
+      # create the roles table
+      create_table :roles do |t|
+        t.column :description, :string
+        t.column :internal_identifier, :string
+        t.column :external_identifier, :string
+        t.column :external_id_source, :string
+        t.timestamps
+      end
+    end
+    unless table_exists?(:sessions)
+      # Create sessions table
+      create_table :sessions do |t|
+        t.string :session_id, :null => false
+        t.text :data
+        t.timestamps
+      end
+      add_index :sessions,      :session_id
+      add_index :sessions,      :updated_at
+    end
+    unless table_exists?(:audit_logs)
+      # Create audit_logs
+      create_table   :audit_logs do |t|
+        t.string     :application
+        t.string     :description
+        t.integer    :party_id
+        t.text       :additional_info
+        t.references :audit_log_type
+        #polymorphic columns
+        t.references :event_record, :polymorphic => true
+        t.timestamps
+      end
+      add_index :audit_logs, :party_id
+      add_index :audit_logs, [:event_record_id, :event_record_type], :name => 'event_record_index'
+    end
+    unless table_exists?(:audit_log_types)
+      # Create audit_logs
+      create_table :audit_log_types do |t|
+        t.string :description
+        t.string :error_code
+        t.string :comments
+        t.string :internal_identifier
+        t.string :external_identifier
+        t.string :external_id_source
+        #better nested set columns
+        t.integer :parent_id
+        t.integer :lft
+        t.integer :rgt
+        t.timestamps
+      end
+    end
+    unless table_exists?(:audit_log_items)
+      # Create audit_log_items
+      create_table   :audit_log_items do |t|
+        t.references :audit_log
+        t.references :audit_log_item_type
+        t.string     :audit_log_item_value
+        t.string     :description
+        t.timestamps
+      end
+    end
+    unless table_exists?(:audit_log_item_types)
+      # Create audit_log_item_types
+      create_table   :audit_log_item_types do |t|
+        t.string :internal_identifier
+        t.string :external_identifier
+        t.string :external_id_source
+        t.string :description
+        t.string :comments
+        #better nested set columns
+        t.integer :parent_id
+        t.integer :lft
+        t.integer :rgt
+        t.timestamps
+      end
+    end
+    unless table_exists?(:secured_models)
+      create_table :secured_models do |t|
+        t.references :secured_record, :polymorphic => true
+        t.timestamps
+      end
+      add_index :secured_models, [:secured_record_id, :secured_record_type], :name => 'secured_record_idx'
+    end
+    unless table_exists?(:roles_secured_models)
+      create_table :roles_secured_models, :id => false do |t|
+        t.references :secured_model
+        t.references :role
+        t.timestamps
+      end
+      add_index :roles_secured_models, :secured_model_id
+      add_index :roles_secured_models, :role_id
+    end
+    unless table_exists?(:file_assets)
+      create_table :file_assets do |t|
+        t.references :file_asset_holder, :polymorphic => true
+        t.string :type
+        t.string :name
+        t.string :directory
+        t.string :data_file_name
+        t.string :data_content_type
+        t.integer :data_file_size
+        t.datetime :data_updated_at
+        t.timestamps
+      end
+      add_index :file_assets, :type
+      add_index :file_assets, [:file_asset_holder_id, :file_asset_holder_type], :name => 'file_asset_holder_idx'
+    end
+    unless table_exists?(:delayed_jobs)
+      create_table :delayed_jobs, :force => true do |table|
+        table.integer  :priority, :default => 0      # Allows some jobs to jump to the front of the queue
+        table.integer  :attempts, :default => 0      # Provides for retries, but still fail eventually.
+        table.text     :handler                      # YAML-encoded string of the object that will do work
+        table.text     :last_error                   # reason for last failure (See Note below)
+        table.datetime :run_at                       # When to run. Could be Time.zone.now for immediately, or sometime in the future.
+        table.datetime :locked_at                    # Set when a client is working on this object
+        table.datetime :failed_at                    # Set when all retries have failed (actually, by default, the record is deleted instead)
+        table.string   :locked_by                    # Who is working on this object (if locked)
+        table.timestamps
+      end
+      add_index :delayed_jobs, [:priority, :run_at], :name => 'delayed_jobs_priority'
+    end
+    unless table_exists?(:capable_models)
+      # create the roles table
+      create_table :capable_models do |t|
+        t.references :capable_model_record, :polymorphic => true
+        t.timestamps
+      end
+      add_index :capable_models, [:capable_model_record_id, :capable_model_record_type], :name => 'capable_model_record_idx'
+    end
+    unless table_exists?(:capability_types)
+      # create the roles table
+      create_table :capability_types do |t|
+        t.string :internal_identifier
+        t.string :description
+        t.timestamps
+      end
+    end
+    unless table_exists?(:capabilities)
+      # create the roles table
+      create_table :capabilities do |t|
+        t.string :resource
+        t.references :capability_type
+        t.timestamps
+      end
+      add_index :capabilities, :capability_type_id
+    end
+    unless table_exists?(:capabilities_capable_models)
+      # create the roles table
+      create_table :capabilities_capable_models, :id => false do |t|
+        t.references :capable_model
+        t.references :capability
+        t.timestamps
+      end
+      add_index :capabilities_capable_models, :capable_model_id
+      add_index :capabilities_capable_models, :capability_id
+    end
+  end
+  def self.down
+    # check that each table exists before trying to delete it.
+    [
+      :audit_logs, :sessions, :simple_captcha_data,
+      :capable_models, :capability_types, :capabilities,:capabilities_capable_models,
+      :roles_users, :roles, :audit_log_items, :audit_log_item_types,
+      :users, :secured_models, :roles_secured_models, :file_assets, :delayed_jobs
+    ].each do |tbl|
+      if table_exists?(tbl)
+        drop_table tbl
+      end
+    end
+  end
+end

data/db/migrate/20111109161549_add_capabilites.rb ADDED Viewed

@@ -0,0 +1,56 @@
+class AddCapabilites < ActiveRecord::Migration
+  def up
+    unless table_exists?(:capable_models)
+      # create the roles table
+      create_table :capable_models do |t|
+        t.references :capable_model_record, :polymorphic => true
+        t.timestamps
+      end
+      add_index :capable_models, [:capable_model_record_id, :capable_model_record_type], :name => 'capable_model_record_idx'
+    end
+    unless table_exists?(:capability_types)
+      # create the roles table
+      create_table :capability_types do |t|
+        t.string :internal_identifier
+        t.string :description
+        t.timestamps
+      end
+    end
+    unless table_exists?(:capabilities)
+      # create the roles table
+      create_table :capabilities do |t|
+        t.string :resource
+        t.references :capability_type
+        t.timestamps
+      end
+      add_index :capabilities, :capability_type_id
+    end
+    unless table_exists?(:capabilities_capable_models)
+      # create the roles table
+      create_table :capabilities_capable_models, :id => false do |t|
+        t.references :capable_model
+        t.references :capability
+        t.timestamps
+      end
+      add_index :capabilities_capable_models, :capable_model_id
+      add_index :capabilities_capable_models, :capability_id
+    end
+  end
+  def down
+    [
+      :capable_models, :capability_types, :capabilities,:capabilities_capable_models
+    ].each do |tbl|
+      if table_exists?(tbl)
+        drop_table tbl
+      end
+    end
+  end
+end

data/db/migrate/upgrade/20111109161550_update_roles.rb ADDED Viewed

@@ -0,0 +1,33 @@
+class UpdateRoles < ActiveRecord::Migration
+  def up
+    roles_users = ActiveRecord::Base.connection.select_all("select * from roles_users")
+    roles_users.each do |role_user|
+      secured_model = SecuredModel.find_by_secured_record_id_and_secured_record_type(role_user['user_id'], 'User')
+      if secured_model.nil?
+        secured_model = SecuredModel.new
+        secured_model.secured_record = User.find(role_user['user_id'])
+        secured_model.save
+      end
+      secured_model.roles << Role.find(role_user['role_id'])
+    end
+    roles_widgets = ActiveRecord::Base.connection.select_all("select * from roles_widgets")
+    roles_widgets.each do |role_widget|
+      secured_model = SecuredModel.find_by_secured_record_id_and_secured_record_type(role_widget['widget_id'], 'Widget')
+      if secured_model.nil?
+        secured_model = SecuredModel.new
+        secured_model.secured_record = Widget.find(role_widget['widget_id'])
+        secured_model.save
+      end
+      secured_model.roles << Role.find(role_widget['role_id'])
+    end
+    drop_table :roles_users
+    drop_table :roles_widgets
+  end
+  def down
+  end
+end

data/db/migrate/upgrade/20111109161551_update_user.rb ADDED Viewed

@@ -0,0 +1,88 @@
+class UpdateUser < ActiveRecord::Migration
+  def up
+    unless columns(:users).collect {|c| c.name}.include?('activation_state')
+      #have to move over current users
+      current_users = []
+      User.all.each do |user|
+        current_users << {
+          :enabled => user.enabled,
+          :email => user.email
+        }
+      end
+      #change_columns
+      change_column :users, :salt, :string
+      change_column :users, :crypted_password, :string
+      #remove old columns
+      remove_column :users, :name
+      remove_column :users, :activated_at
+      remove_column :users, :enabled
+      remove_column :users, :identity_url
+      remove_column :users, :invitation_id
+      remove_column :users, :invitation_limit
+      remove_column :users, :club_number
+      remove_column :users, :owner_number
+      remove_column :users, :dob
+      remove_column :users, :ssn_last_four
+      remove_column :users, :salutation
+      remove_column :users, :first_name
+      remove_column :users, :last_name
+      remove_column :users, :street_address
+      remove_column :users, :city
+      remove_column :users, :state_province
+      remove_column :users, :postal_code
+      remove_column :users, :country
+      remove_column :users, :phone
+      remove_column :users, :security_question_1
+      remove_column :users, :security_answer_1
+      remove_column :users, :security_question_2
+      remove_column :users, :security_answer_2
+      #rename columns
+      rename_column :users, :remember_token, :remember_me_token
+      rename_column :users, :remember_token_expires_at, :remember_me_token_expires_at
+      rename_column :users, :activation_code, :activation_token
+      rename_column :users, :activation_code_expires_at, :activation_token_expires_at
+      rename_column :users, :password_reset_code, :password_reset_token
+      rename_column :users, :lock_count, :failed_logins_count
+      rename_column :users, :login, :username
+      if columns(:users).collect {|c| c.name}.include?('user_type')
+        rename_column :users, :user_type, :type
+      end
+      #activity logging
+      add_column :users, :last_login_at,     :datetime, :default => nil
+      add_column :users, :last_logout_at,    :datetime, :default => nil
+      add_column :users, :last_activity_at,  :datetime, :default => nil
+      add_index :users, [:last_logout_at, :last_activity_at], :name => 'activity_idx'
+      #brute force protection
+      add_column :users, :lock_expires_at, :datetime, :default => nil
+      #reset password
+      add_column :users, :reset_password_token, :datetime, :default => nil
+      add_column :users, :reset_password_token_expires_at, :datetime, :default => nil
+      add_column :users, :reset_password_email_sent_at, :datetime, :default => nil
+      #user activation
+      add_column :users, :activation_state, :string, :default => nil
+      current_users.each do |user_hash|
+        if user_hash[:enabled]
+          User.reset_column_information
+          user = User.find_by_email(user_hash[:email])
+          user.activate!
+          user.password_confirmation = 'password'
+          user.change_password!('password')
+        end
+      end
+    end
+  end
+  def down
+  end
+end