erp_tech_svcs 3.0.12 → 3.1.0

data/app/controllers/erp_tech_svcs/session_controller.rb

@@ -22,7 +22,7 @@ module ErpTechSvcs
     end
 
     def destroy
-      message = "You have successfully logged out."
+      message = "You have logged out."
       logged_out_user_id = current_user.id unless current_user === false
       logout_to          = session[:logout_to]
 

data/app/models/attribute_type.rb

@@ -1,4 +1,6 @@
 class AttributeType < ActiveRecord::Base
+  attr_protected :created_at, :updated_at
+
   has_many :attribute_values, :dependent => :destroy
 
   validates_uniqueness_of :internal_identifier, :case_sensitive => false

data/app/models/attribute_value.rb

@@ -1,4 +1,6 @@
 class AttributeValue < ActiveRecord::Base
+  attr_protected :created_at, :updated_at
+
   belongs_to :attributed_record, :polymorphic => true
   belongs_to :attribute_type
 

data/app/models/audit_log.rb

@@ -1,4 +1,7 @@
 class AuditLog < ActiveRecord::Base
+  attr_protected :created_at, :updated_at
+
+  attr_protected :created_at, :updated_at
 
   validates :party_id, :presence => {:message => 'cannot be blank'}
   validates :description, :presence => {:message => 'cannot be blank'}
@@ -18,7 +21,7 @@ class AuditLog < ActiveRecord::Base
   end
 
   #allow items to be looked up by method calls
-  def respond_to?(m)
+  def respond_to?(m, include_private_methods = false)
     (super ? true : get_item_by_item_type_internal_identifier(m.to_s)) rescue super
   end
 

data/app/models/audit_log_item.rb

@@ -1,4 +1,6 @@
 class AuditLogItem < ActiveRecord::Base
+  attr_protected :created_at, :updated_at
+
   belongs_to :audit_log_item_type
   belongs_to :audit_log
 

data/app/models/audit_log_item_type.rb

@@ -1,4 +1,6 @@
 class AuditLogItemType < ActiveRecord::Base
+  attr_protected :created_at, :updated_at
+  
   acts_as_nested_set
   acts_as_erp_type
 

data/app/models/audit_log_type.rb

@@ -1,4 +1,6 @@
 class AuditLogType < ActiveRecord::Base
+  attr_protected :created_at, :updated_at
+  
   acts_as_nested_set
   include ErpTechSvcs::Utils::DefaultNestedSetMethods
   acts_as_erp_type

data/app/models/capability.rb

@@ -1,5 +1,6 @@
 class Capability < ActiveRecord::Base
-
+  attr_protected :created_at, :updated_at
+  
   belongs_to :scope_type
   belongs_to :capability_type
   belongs_to :capability_resource, :polymorphic => true

data/app/models/capability_type.rb

@@ -1,3 +1,5 @@
 class CapabilityType < ActiveRecord::Base
+  attr_protected :created_at, :updated_at
+  attr_accessible :description, :internal_identifier
   has_many :capabilities
 end

data/app/models/extensions/category.rb

@@ -0,0 +1,3 @@
+Category.instance_eval do
+  include ErpTechSvcs::Utils::DefaultNestedSetMethods
+end

data/app/models/extensions/compass_ae_instance.rb

@@ -0,0 +1,3 @@
+CompassAeInstance.instance_eval do
+  has_file_assets
+end

data/app/models/file_asset.rb

@@ -28,6 +28,8 @@ Paperclip.interpolates(:file_url){|data, style|
 }
 
 class FileAsset < ActiveRecord::Base
+  attr_protected :created_at, :updated_at
+
   if respond_to?(:class_attribute)
     class_attribute :file_type
     class_attribute :valid_extensions
@@ -272,7 +274,7 @@ class Pdf < TextFile
   self.valid_extensions = %w(.pdf .PDF)
 end
 
-class Swf < TextFile
+class Swf < FileAsset
   self.file_type = :swf
   self.content_type = 'application/x-shockwave-flash'
   self.valid_extensions = %w(.swf .SWF)

data/app/models/group.rb

@@ -8,6 +8,7 @@ class Group < ActiveRecord::Base
   
   has_one :party, :as => :business_party
 
+  attr_accessible :description
   validates_uniqueness_of :description, :case_sensitive => false
 
   def self.add(description)
@@ -26,7 +27,7 @@ class Group < ActiveRecord::Base
 
   def has_role?(role)
     role = role.is_a?(SecurityRole) ? role : SecurityRole.find_by_internal_identifier(role.to_s)
-    all_roles.include?(role)
+    roles.include?(role)
   end
 
   def add_role(role)
@@ -139,29 +140,15 @@ class Group < ActiveRecord::Base
   end
 
   def role_class_capabilities
-    scope_type = ScopeType.find_by_internal_identifier('class')
-    Capability.joins(:capability_type).joins(:capability_accessors).
-          where(:capability_accessors => { :capability_accessor_record_type => "SecurityRole" }).
-          where("capability_accessor_record_id IN (#{roles.select('security_roles.id').to_sql})").
-          where(:scope_type_id => scope_type.id)
+    roles.collect{|r| r.class_capabilities }.flatten.uniq.compact
   end
 
   def all_class_capabilities
-    scope_type = ScopeType.find_by_internal_identifier('class')
-    Capability.joins(:capability_type).joins(:capability_accessors).
-          where("(capability_accessors.capability_accessor_record_type = 'Group' AND
-                  capability_accessor_record_id = (#{self.id})) OR
-                 (capability_accessors.capability_accessor_record_type = 'SecurityRole' AND
-                  capability_accessor_record_id IN (#{roles.select('security_roles.id').to_sql}))").
-          where(:scope_type_id => scope_type.id)
-  end
-
-  def all_uniq_class_capabilities
-    all_class_capabilities.all.uniq
+    (role_class_capabilities + class_capabilities).uniq
   end
 
   def class_capabilities_to_hash
-    all_uniq_class_capabilities.map {|capability| 
+    all_class_capabilities.map {|capability| 
       { :capability_type_iid => capability.capability_type.internal_identifier, 
         :capability_resource_type => capability.capability_resource_type 
       }

data/app/models/scope_type.rb

@@ -1,4 +1,5 @@
 class ScopeType < ActiveRecord::Base
+  attr_accessible :description, :internal_identifier
 
   has_many :capabilities
 

data/app/models/security_role.rb

@@ -8,6 +8,8 @@ class SecurityRole < ActiveRecord::Base
   validates_uniqueness_of :internal_identifier, :case_sensitive => false
   validates_length_of     :internal_identifier, :within => 3..100
 
+  attr_accessible :description, :internal_identifier
+
 	def to_xml(options = {})
 		default_only = []
   	options[:only] = (options[:only] || []) + default_only

data/app/models/user.rb

@@ -41,15 +41,32 @@ class User < ActiveRecord::Base
     party.security_roles
   end
 
-  def has_role?(role)
-    role = role.is_a?(SecurityRole) ? role : SecurityRole.find_by_internal_identifier(role.to_s)
-    all_roles.include?(role)
+  def has_role?(*passed_roles)
+    result = false
+    passed_roles.flatten!
+    passed_roles.each do |role|
+      role_iid = role.is_a?(SecurityRole) ?  role.internal_identifier : role.to_s
+      all_roles.each do |this_role|
+        result = true if (this_role.internal_identifier == role_iid)
+        break if result
+      end
+      break if result
+    end
+    result
   end
 
   def add_role(role)
     party.add_role(role)
   end
 
+  def add_roles(*passed_roles)
+    party.add_roles(*passed_roles)
+  end
+
+  def remove_roles(*passed_roles)
+    party.remove_roles(*passed_roles)
+  end
+
   def remove_role(role)
     party.remove_role(role)
   end
@@ -86,70 +103,40 @@ class User < ActiveRecord::Base
 
   # roles assigned to the groups this user belongs to
   def group_roles
-    SecurityRole.joins(:parties).
-      where(:parties => {:business_party_type => 'Group'}).
-      where("parties.business_party_id IN (#{groups.select('groups.id').to_sql})")
+    groups.collect{|g| g.roles }.flatten.uniq
   end
 
   # composite roles for this user
   def all_roles
-    SecurityRole.joins(:parties).joins("LEFT JOIN users ON parties.id=users.party_id").
-      where("(parties.business_party_type='Group' AND 
-              parties.business_party_id IN (#{groups.select('groups.id').to_sql})) OR 
-             (users.id=#{self.id})")
-  end
-
-  def all_uniq_roles
-    all_roles.all.uniq
+    (group_roles + roles).uniq
   end
 
   def group_capabilities
-    Capability.joins(:capability_type).joins(:capability_accessors).
-          where(:capability_accessors => { :capability_accessor_record_type => "Group" }).
-          where("capability_accessor_record_id IN (#{groups.select('groups.id').to_sql})")
+    groups.collect{|r| r.capabilities }.flatten.uniq.compact
   end
 
   def role_capabilities
-    Capability.joins(:capability_type).joins(:capability_accessors).
-          where(:capability_accessors => { :capability_accessor_record_type => "SecurityRole" }).
-          where("capability_accessor_record_id IN (#{all_roles.select('security_roles.id').to_sql})")
+    all_roles.collect{|r| r.capabilities }.flatten.compact
   end
 
   def all_capabilities
-    Capability.joins(:capability_type).joins(:capability_accessors).
-          where("(capability_accessors.capability_accessor_record_type = 'Group' AND
-                  capability_accessor_record_id IN (#{groups.select('groups.id').to_sql})) OR
-                 (capability_accessors.capability_accessor_record_type = 'SecurityRole' AND
-                  capability_accessor_record_id IN (#{all_roles.select('security_roles.id').to_sql})) OR
-                 (capability_accessors.capability_accessor_record_type = 'User' AND
-                  capability_accessor_record_id = #{self.id})")
-  end
-
-  def all_uniq_capabilities
-    all_capabilities.all.uniq
+    (role_capabilities + group_capabilities + capabilities).uniq
   end
 
   def group_class_capabilities
-    scope_type = ScopeType.find_by_internal_identifier('class')
-    group_capabilities.where(:scope_type_id => scope_type.id)
+    groups.collect{|g| g.class_capabilities }.flatten.uniq.compact
   end
 
   def role_class_capabilities
-    scope_type = ScopeType.find_by_internal_identifier('class')
-    role_capabilities.where(:scope_type_id => scope_type.id)
+    all_roles.collect{|r| r.class_capabilities }.flatten.uniq.compact
   end
 
   def all_class_capabilities
-    scope_type = ScopeType.find_by_internal_identifier('class')
-    all_capabilities.where(:scope_type_id => scope_type.id)
-  end
-
-  def all_uniq_class_capabilities
-    all_class_capabilities.all.uniq
+    (role_class_capabilities + group_class_capabilities + class_capabilities).uniq
   end
 
   def class_capabilities_to_hash
-    all_uniq_class_capabilities.map {|capability| 
+    all_class_capabilities.map {|capability| 
       { :capability_type_iid => capability.capability_type.internal_identifier, 
         :capability_resource_type => capability.capability_resource_type 
       }

data/app/views/user_mailer/activation_needed_email.html.erb

@@ -6,7 +6,7 @@
   <body>
     <h1>Welcome <%= @user.username %></h1>
     <p>
-      You have successfully registered, to activate your account follow this link: <a href="<%= @url %>"><%= @url %></a>.
+      You have successfully registered, to activate your account follow this link: <a href="<%= @url %>"><%= @url %></a>
     </p>
     <p>Your username is <%=@user.username%>, use the password you set during registration to login.</p>
     <p>Thanks for joining and have a great day!!</p>

data/app/views/user_mailer/reset_password_email.html.erb

@@ -7,7 +7,7 @@
     <h1>We have reset the password for, <%= @user.username %></h1>
     <p>
       The new password is <%= @user.password_confirmation  %>.
-      To login and update your password follow this link: <a href="<%= @url %>"><%= @url %></a>.
+      To login and update your password follow this link: <a href="<%= @url %>"><%= @url %></a>
     </p>
     <p>Thanks for being a member and have a great day!</p>
   </body>

data/config/initializers/erp_tech_svcs.rb

@@ -2,7 +2,9 @@ Rails.application.config.erp_tech_svcs.configure do |config|
   config.installation_domain = 'localhost:3000'
   config.login_url = '/erp_app/login'
   config.email_notifications_from = 'notifications@noreply.com'
+  config.email_regex = "^[a-zA-Z0-9._-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,6}$"
   config.max_file_size_in_mb = 5
+  config.file_upload_types = 'txt,pdf,zip,tgz,gz,rar,jpg,jpeg,gif,png,tif,tiff,bmp,csv,xls,xlsx,doc,docx,ppt,pptx,psd,ai,css,js,mp3,mp4,m4a,m4v,mov,wav,wmv'
   config.file_assets_location = 'file_assets' # relative to Rails.root/
   config.s3_url_expires_in_seconds = 60 
   config.s3_protocol = 'https' # Can be either 'http' or 'https'

data/db/data_migrations/20121130212146_note_capabilities.rb

@@ -2,8 +2,8 @@ class NoteCapabilities
   
   def self.up
     #insert data here
-    admin = SecurityRole.find_by_internal_identifier('admin')
-    employee = SecurityRole.find_by_internal_identifier('employee')
+    admin = SecurityRole.find_or_create_by_description_and_internal_identifier(:description => 'Admin', :internal_identifier => 'admin')
+    employee = SecurityRole.find_or_create_by_description_and_internal_identifier(:description => 'Employee', :internal_identifier => 'employee')
 
     admin.add_capability('create', 'Note')
     admin.add_capability('delete', 'Note')

data/db/migrate/20080805000010_base_tech_services.rb

@@ -258,9 +258,9 @@ class BaseTechServices < ActiveRecord::Migration
     # check that each table exists before trying to delete it.
     [ :groups,
       :audit_logs, :sessions, :simple_captcha_data,
-      :capable_models, :capability_types, :capabilities,:capabilities_capable_models,
-      :roles_users, :roles, :audit_log_items, :audit_log_item_types,
-      :users, :secured_models, :roles_secured_models, :file_assets, :delayed_jobs
+      :capability_accessors, :capability_types, :capabilities,:scope_types,
+      :parties_security_roles, :roles, :audit_log_items, :audit_log_item_types,
+      :users, :file_assets, :delayed_jobs
     ].each do |tbl|
       if table_exists?(tbl)
         drop_table tbl

data/lib/erp_tech_svcs/config.rb

@@ -3,9 +3,11 @@ module ErpTechSvcs
     class << self
 
       attr_accessor :max_file_size_in_mb,
+                    :file_upload_types,
                     :installation_domain, 
                     :login_url,
                     :email_notifications_from, 
+                    :email_regex,
                     :file_assets_location, 
                     :s3_url_expires_in_seconds,
                     :s3_protocol,
@@ -17,9 +19,11 @@ module ErpTechSvcs
       def init!
         @defaults = {
           :@max_file_size_in_mb => 5,
+          :@file_upload_types => 'txt,pdf,zip,tgz,gz,rar,jpg,jpeg,gif,png,tif,tiff,bmp,csv,xls,xlsx,doc,docx,ppt,pptx,psd,ai,css,js,mp3,mp4,m4a,m4v,mov,wav,wmv',
           :@installation_domain => 'localhost:3000',
           :@login_url => '/erp_app/login',
           :@email_notifications_from => 'notifications@noreply.com',
+          :@email_regex => "^[a-zA-Z0-9._-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,6}$",
           :@file_assets_location => 'file_assets', # relative to Rails.root/
           :@s3_url_expires_in_seconds => 60,
           :@s3_protocol => 'https', # Can be either 'http' or 'https'

data/lib/erp_tech_svcs/extensions/active_record/acts_as_versioned.rb

@@ -249,7 +249,7 @@ module ActiveRecord #:nodoc:
 
         versioned_class.cattr_accessor :original_class
         versioned_class.original_class = self
-        versioned_class.set_table_name versioned_table_name
+        versioned_class.table_name = versioned_table_name
         versioned_class.belongs_to self.to_s.demodulize.underscore.to_sym,
                                    :class_name  => "::#{self.to_s}",
                                    :foreign_key => versioned_foreign_key
@@ -268,134 +268,133 @@ module ActiveRecord #:nodoc:
           after_save :clear_old_versions
         end
 
-        module InstanceMethods
-          # Saves a version of the model in the versioned table.  This is called in the after_save callback by default
-          def save_version
-            if @saving_version
-              @saving_version = nil
-              rev = self.class.versioned_class.new
-              clone_versioned_model(self, rev)
-              rev.send("#{self.class.version_column}=", send(self.class.version_column))
-              rev.send("#{self.class.versioned_foreign_key}=", id)
-              rev.save
-            end
+        # INSTANCE METHODS
+        # Saves a version of the model in the versioned table.  This is called in the after_save callback by default
+        def save_version
+          if @saving_version
+            @saving_version = nil
+            rev = self.class.versioned_class.new
+            clone_versioned_model(self, rev)
+            rev.send("#{self.class.version_column}=", send(self.class.version_column))
+            rev.send("#{self.class.versioned_foreign_key}=", id)
+            rev.save
           end
+        end
 
-          # Clears old revisions if a limit is set with the :limit option in <tt>acts_as_versioned</tt>.
-          # Override this method to set your own criteria for clearing old versions.
-          def clear_old_versions
-            return if self.class.max_version_limit == 0
-            excess_baggage = send(self.class.version_column).to_i - self.class.max_version_limit
-            if excess_baggage > 0
-              self.class.versioned_class.delete_all ["#{self.class.version_column} <= ? and #{self.class.versioned_foreign_key} = ?", excess_baggage, id]
-            end
+        # Clears old revisions if a limit is set with the :limit option in <tt>acts_as_versioned</tt>.
+        # Override this method to set your own criteria for clearing old versions.
+        def clear_old_versions
+          return if self.class.max_version_limit == 0
+          excess_baggage = send(self.class.version_column).to_i - self.class.max_version_limit
+          if excess_baggage > 0
+            self.class.versioned_class.delete_all ["#{self.class.version_column} <= ? and #{self.class.versioned_foreign_key} = ?", excess_baggage, id]
           end
+        end
 
-          # Reverts a model to a given version.  Takes either a version number or an instance of the versioned model
-          def revert_to(version)
-            if version.is_a?(self.class.versioned_class)
-              return false unless version.send(self.class.versioned_foreign_key) == id and !version.new_record?
-            else
-              return false unless version = versions.where(self.class.version_column => version).first
-            end
-            self.clone_versioned_model(version, self)
-            send("#{self.class.version_column}=", version.send(self.class.version_column))
-            true
+        # Reverts a model to a given version.  Takes either a version number or an instance of the versioned model
+        def revert_to(version)
+          if version.is_a?(self.class.versioned_class)
+            return false unless version.send(self.class.versioned_foreign_key) == id and !version.new_record?
+          else
+            return false unless version = versions.where(self.class.version_column => version).first
           end
+          self.clone_versioned_model(version, self)
+          send("#{self.class.version_column}=", version.send(self.class.version_column))
+          true
+        end
 
-          # Reverts a model to a given version and saves the model.
-          # Takes either a version number or an instance of the versioned model
-          def revert_to!(version)
-            revert_to(version) ? save_without_revision : false
-          end
+        # Reverts a model to a given version and saves the model.
+        # Takes either a version number or an instance of the versioned model
+        def revert_to!(version)
+          revert_to(version) ? save_without_revision : false
+        end
 
-          # Temporarily turns off Optimistic Locking while saving.  Used when reverting so that a new version is not created.
-          def save_without_revision
-            save_without_revision!
-            true
-          rescue
-            false
-          end
+        # Temporarily turns off Optimistic Locking while saving.  Used when reverting so that a new version is not created.
+        def save_without_revision
+          save_without_revision!
+          true
+        rescue
+          false
+        end
 
-          def save_without_revision!
-            without_locking do
-              without_revision do
-                save!
-              end
+        def save_without_revision!
+          without_locking do
+            without_revision do
+              save!
             end
           end
+        end
 
-          def altered?
-            track_altered_attributes ? (version_if_changed - changed).length < version_if_changed.length : changed?
-          end
-
-          # Clones a model.  Used when saving a new version or reverting a model's version.
-          def clone_versioned_model(orig_model, new_model)
-            self.class.versioned_columns.each do |col|
-              new_model[col.name] = orig_model.send(col.name) if orig_model.has_attribute?(col.name)
-            end
+        def altered?
+          track_altered_attributes ? (version_if_changed - changed).length < version_if_changed.length : changed?
+        end
 
-            if orig_model.is_a?(self.class.versioned_class)
-              new_model[new_model.class.inheritance_column] = orig_model[self.class.versioned_inheritance_column]
-            elsif new_model.is_a?(self.class.versioned_class)
-              new_model[self.class.versioned_inheritance_column] = orig_model[orig_model.class.inheritance_column]
-            end
+        # Clones a model.  Used when saving a new version or reverting a model's version.
+        def clone_versioned_model(orig_model, new_model)
+          self.class.versioned_columns.each do |col|
+            new_model[col.name] = orig_model.send(col.name) if orig_model.has_attribute?(col.name)
           end
 
-          # Checks whether a new version shall be saved or not.  Calls <tt>version_condition_met?</tt> and <tt>changed?</tt>.
-          def save_version?
-            version_condition_met? && altered?
+          if orig_model.is_a?(self.class.versioned_class)
+            new_model[new_model.class.inheritance_column] = orig_model[self.class.versioned_inheritance_column]
+          elsif new_model.is_a?(self.class.versioned_class)
+            new_model[self.class.versioned_inheritance_column] = orig_model[orig_model.class.inheritance_column]
           end
+        end
 
-          # Checks condition set in the :if option to check whether a revision should be created or not.  Override this for
-          # custom version condition checking.
-          def version_condition_met?
-            case
-              when version_condition.is_a?(Symbol)
-                send(version_condition)
-              when version_condition.respond_to?(:call) && (version_condition.arity == 1 || version_condition.arity == -1)
-                version_condition.call(self)
-              else
-                version_condition
-            end
-          end
+        # Checks whether a new version shall be saved or not.  Calls <tt>version_condition_met?</tt> and <tt>changed?</tt>.
+        def save_version?
+          version_condition_met? && altered?
+        end
 
-          # Executes the block with the versioning callbacks disabled.
-          #
-          #   @foo.without_revision do
-          #     @foo.save
-          #   end
-          #
-          def without_revision(&block)
-            self.class.without_revision(&block)
+        # Checks condition set in the :if option to check whether a revision should be created or not.  Override this for
+        # custom version condition checking.
+        def version_condition_met?
+          case
+            when version_condition.is_a?(Symbol)
+              send(version_condition)
+            when version_condition.respond_to?(:call) && (version_condition.arity == 1 || version_condition.arity == -1)
+              version_condition.call(self)
+            else
+              version_condition
           end
+        end
 
-          # Turns off optimistic locking for the duration of the block
-          #
-          #   @foo.without_locking do
-          #     @foo.save
-          #   end
-          #
-          def without_locking(&block)
-            self.class.without_locking(&block)
-          end
+        # Executes the block with the versioning callbacks disabled.
+        #
+        #   @foo.without_revision do
+        #     @foo.save
+        #   end
+        #
+        def without_revision(&block)
+          self.class.without_revision(&block)
+        end
 
-          def empty_callback()
-          end
+        # Turns off optimistic locking for the duration of the block
+        #
+        #   @foo.without_locking do
+        #     @foo.save
+        #   end
+        #
+        def without_locking(&block)
+          self.class.without_locking(&block)
+        end
 
-          #:nodoc:
+        def empty_callback()
+        end
 
-          protected
-          # sets the new version before saving, unless you're using optimistic locking.  In that case, let it take care of the version.
-          def set_new_version
-            @saving_version = new_record? || save_version?
-            self.send("#{self.class.version_column}=", next_version) if new_record? || (!locking_enabled? && save_version?)
-          end
+        #:nodoc:
 
-          # Gets the next available version for the current record, or 1 for a new record
-          def next_version
-            (new_record? ? 0 : versions.calculate(:maximum, version_column).to_i) + 1
-          end
+        protected
+        # sets the new version before saving, unless you're using optimistic locking.  In that case, let it take care of the version.
+        def set_new_version
+          @saving_version = new_record? || save_version?
+          self.send("#{self.class.version_column}=", next_version) if new_record? || (!locking_enabled? && save_version?)
+        end
+
+        # Gets the next available version for the current record, or 1 for a new record
+        def next_version
+          (new_record? ? 0 : versions.calculate(:maximum, version_column).to_i) + 1
         end
 
         module ClassMethods