esp-auth 1.0.0

data/app/assets/stylesheets/esp_auth/pagination.sass

@@ -0,0 +1,19 @@
+@import "compass/utilities"
+@import "compass/css3"
+
+.pagination
+  span
+    +inline-block
+    border: 1px solid #ccc
+    +border-radius
+    margin: 0 2px
+    &.current,
+    &.gap,
+    a
+      +inline-block
+      padding: 5px 10px
+    &.current,
+    &.gap
+      cursor: default
+    &.current
+      background: #bbb

data/app/assets/stylesheets/esp_auth/permissions.sass

@@ -0,0 +1,150 @@
+@import "compass/utilities"
+@import "compass/reset"
+@import "compass/css3"
+
+body
+  background: #73351F image_url('esp_auth/wood.jpg') no-repeat center top fixed
+  color: #333
+  font-family: Helvetica, Verdana, sans-serif
+  font-size: 13px
+  line-height: 16px
+
+  a
+    color: #484B51
+    outline: none
+    text-decoration: none
+
+    &:active, &:hover
+      color: #484B51
+      text-decoration: underline
+
+  h1
+    +single-text-shadow(#555, 1px, 1px, 3px)
+    color: whitesmoke
+    font-size: 28px
+    text-align: center
+    padding: 15px 0
+    width: 100%
+
+  h3
+    font-size: 14px
+
+    span
+      font-weight: bold
+
+  .container
+    +border-radius(4px)
+    +single-box-shadow(#555, 0px, 0px, 20px)
+    background: #EEF1F8
+    margin: 5px auto 0
+    padding: 25px 30px
+    width: 960px
+
+    .new_permission
+      display: block
+      margin: 0 0 15px 0
+      text-align: right
+
+    .permission_list
+      display: none
+
+    .collection_list
+
+      li
+        +clearfix
+        border: 1px solid #A17345
+        margin: 0 0 15px 0
+        padding: 15px 20px
+
+      li.user
+        +border-radius(4px)
+
+        ul
+          +clearfix
+          width: 100%
+
+          li
+            border: none
+            margin: 5px 0
+            padding: 0
+
+            ul
+              margin: 0 0 0 15px
+
+      .name, .email, h4
+        float: left
+        font-size: 14px
+        line-height: 26px
+        margin: 0 10px 0 0
+
+      .name
+        font-weight: bold
+
+      .button-group
+        float: right
+
+      .remove
+        margin: 0 0 0 10px
+
+      .show_permissions
+        float: right
+        text-decoration: none
+
+      .links
+        +clearfix
+        line-height: 26px
+
+    .formtastic
+      .inline-errors
+        background: transparent image_url("esp_auth/inline_error_arrow.png") no-repeat left center
+        font-size: 12px
+        color: #933
+        padding: 0 0 0 18px
+
+      .inputs
+        li
+          margin: 15px 0
+
+        .label
+          display: block
+          margin: 0 0 5px 0
+
+        select
+          font-size: 14px
+          height: 26px
+          padding: 2px 3px
+          width: 954px
+
+        input
+          font-size: 14px
+          height: 20px
+          padding: 3px 4px
+          width: 868px
+
+        #permission_user_search
+          width: 942px
+
+
+      .button-group
+        margin: 15px 0
+
+    .user_search
+      +clearfix
+
+      .inputs
+        +clearfix
+        float: left
+        margin: 0 10px 15px 0
+
+        li
+          margin: 0
+
+        input
+          font-size: 14px
+          height: 20px
+          padding: 3px 4px
+          width: 868px
+
+      .buttons
+        +clearfix
+        margin: 2px 0 0 0

data/app/assets/stylesheets/esp_auth/shared.sass

@@ -0,0 +1,84 @@
+@import 'compass/utilities'
+@import 'compass/css3'
+
+$esp_auth_body_margin_top: 35px !default
+$esp_auth_body_margin_bottom: 40px !default
+
+$esp_auth_font_size: 11px !default
+$esp_auth_font_family: Arial, Verdana, sans-serif !default
+
+$esp_auth_text_color: #000 !default
+$esp_auth_background_color: window !default
+$esp_auth_link_color: #031074 !default
+$esp_auth_underline_link: true !default
+$esp_auth_hover_link_color: #000055 !default
+$esp_auth_underline_hover_link: false !default
+
+body
+  margin-top: $esp_auth_body_margin_top
+  margin-bottom: $esp_auth_body_margin_bottom
+
+=fixed_block
+  +nested-reset
+  +single-box-shadow
+  font-size: $esp_auth_font_size
+  font-family: $esp_auth_font_family
+  background-color: $esp_auth_background_color
+  line-height: 1.5
+  color: $esp_auth_text_color
+  position: fixed
+  width: 100%
+  z-index: 99999
+  a
+    color: $esp_auth_link_color
+    @if $esp_auth_underline_link
+      text-decoration: underline
+    @else
+      text-decoration: none
+    &:hover
+      color: $esp_auth_hover_link_color
+      @if $esp_auth_underline_hover_link
+        text-decoration: underline
+      @else
+        text-decoration: none
+    &.selected
+      color: $esp_auth_text_color
+      @if $esp_auth_underline_link
+        text-decoration: none
+      @else
+        text-decoration: underline
+
+.esp_auth_header_wrapper
+  +fixed_block
+  top: 0
+  left: 0
+  border-bottom: 1px solid #999
+
+  .esp_auth_header
+    +clearfix
+    margin: 5px 10px
+    .navigation
+      float: left
+      a
+        margin-right: 5px
+    .auth
+      float: right
+      .current_user
+        margin-right: 5px
+
+
+.esp_auth_footer_wrapper
+  +fixed_block
+  bottom: 0
+  left: 0
+  border-top: 1px solid #999
+
+  .esp_auth_footer
+    +clearfix
+    margin: 5px 10px
+    .info
+      float: left
+    .developer
+      float: right
+      .range
+        margin-right: 5px

data/app/controllers/esp_auth/application_controller.rb

@@ -0,0 +1,11 @@
+class EspAuth::ApplicationController < ApplicationController
+  esp_load_and_authorize_resource
+
+  before_filter :authorize_user_can_manage_permissions!
+
+  protected
+
+    def authorize_user_can_manage_permissions!
+      authorize! :manage, :permissions
+    end
+end

data/app/controllers/esp_auth/omniauth_callbacks_controller.rb

@@ -0,0 +1,11 @@
+class EspAuth::OmniauthCallbacksController < Devise::OmniauthCallbacksController
+  def identity
+    user = User.find_or_initialize_by_uid(request.env['omniauth.auth']['uid']).tap do |user|
+      user.update_attributes request.env['omniauth.auth']['info']
+    end
+
+    flash[:notice] = I18n.t "devise.omniauth_callbacks.success", :kind => "Identity"
+    sign_in user, :event => :authentication
+    redirect_to stored_location_for(:user) || main_app.root_path
+  end
+end

data/app/controllers/esp_auth/permissions_controller.rb

@@ -0,0 +1,13 @@
+class EspAuth::PermissionsController < EspAuth::ApplicationController
+  belongs_to :user, :optional => true
+  actions :new, :create, :destroy
+
+  def create
+    create!{ esp_auth.users_path }
+  end
+
+  def destroy
+    destroy!{ esp_auth.users_path }
+  end
+
+end

data/app/controllers/esp_auth/sessions_controller.rb

@@ -0,0 +1,16 @@
+class EspAuth::SessionsController < ApplicationController
+  def destroy
+    reset_session
+    redirect_to "#{Settings['sso.url']}/users/sign_out?redirect_uri=#{CGI.escape(redirect_uri)}"
+  end
+
+  protected
+
+    def redirect_uri
+      URI.parse(request.url).tap do | uri |
+        uri.path = main_app.root_path
+        uri.query = nil
+      end.to_s
+    end
+
+end

data/app/controllers/esp_auth/users_controller.rb

@@ -0,0 +1,24 @@
+class EspAuth::UsersController < EspAuth::ApplicationController
+  has_searcher
+
+  actions :index, :search
+
+  has_scope :page, :default => 1
+
+  def search
+    render :json => JSON.parse(Curl::Easy.http_get("#{Settings['sso.url']}/users.json?user_search[keywords]=#{URI.escape(params[:term])}").body_str) and return
+  end
+
+  protected
+    def collection
+      get_collection_ivar || set_collection_ivar(search_and_paginate_collection)
+    end
+
+    def search_and_paginate_collection
+      search_object = searcher_for(resource_instance_name)
+      search_object.permissions_count_gt = 1
+      search_object.pagination = {:page => params[:page], :per_page => 10}
+      search_object.order_by = 'uid' if search_object.term.blank?
+      search_object.results
+    end
+end

data/app/models/user_search.rb

@@ -0,0 +1,13 @@
+class UserSearch < Search
+  column :order_by, :string
+  column :term, :text
+  column :permissions_count_gt, :integer
+end
+
+# == Schema Information
+#
+# Table name: searches
+#
+#  keywords :text
+#
+

data/app/views/esp_auth/permissions/new.html.erb

@@ -0,0 +1,23 @@
+<h3>
+  <%= "#{t('permissions.You are adding role to')}  #{@user.try(:name)}" %>
+</h3>
+
+<%= semantic_form_for resource,
+                      :url => (@user ? esp_auth.user_permissions_path(@user) : esp_auth.permissions_path) do |form| %>
+  <%= form.inputs do  %>
+    <%= form.input :user_uid, :as => :hidden %>
+    <%= form.input :user_name, :as => :hidden %>
+    <%= form.input :user_email, :as => :hidden %>
+    <%= form.input :user_search, :as => :string unless @user %>
+    <%= form.input :polimorphic_context,  :as => :select,
+                                          :collection => current_user.contexts_tree,
+                                          :member_value => ->(c) { [c.class.model_name.underscore, c.id].join('_') },
+                                          :member_label => ->(c) { ('&nbsp;' * 2 * c.depth + c.title).html_safe },
+                                          :include_blank => t('permissions.not_selected') %>
+    <%= form.input :role, :as => :select, :collection => Permission.human_enums[:role].invert, :include_blank => t('permissions.not_selected') %>
+  <% end %>
+  <%= form.buttons :class => 'button-group' do %>
+    <li><%= button_tag t('permissions.create'), :class => 'button icon approve' %></li>
+    <li><%= link_to t('permissions.cancel'), esp_auth.users_path, :class => 'button icon arrowleft'  %></li>
+  <% end %>
+<% end %>

data/app/views/esp_auth/shared/_footer.html.erb

@@ -0,0 +1,12 @@
+<div class='esp_auth_footer_wrapper'>
+  <div class='esp_auth_footer'>
+    <div class='info'>
+      <%= [request.remote_addr, request.remote_ip].join(', ').split(', ').uniq.join(', ') %>
+      <%= request.env['HTTP_USER_AGENT'] %>
+    </div>
+    <div class='developer'>
+      <span class='range'>2011&ndash;<%= Date.today.year %></span>
+      <a href='http://openteam.ru/' title='Сделано с любовью в OpenTeam'>OpenTeam</a>
+    </div>
+  </div>
+</div>

data/app/views/esp_auth/shared/_header.html.erb

@@ -0,0 +1,24 @@
+<div class='esp_auth_header_wrapper'>
+  <div class='esp_auth_header'>
+    <% if current_user %>
+      <% current = controller_path.match(/^([a-z_]+)/)[0].inquiry %>
+      <div class='navigation'>
+        <% if can? :manage, :application %>
+          <%= link_to 'Публичный вид', '/', :class => current.manage? || current.esp_auth? ? nil : 'selected' %>
+          <%= link_to 'Система управления', '/manage', :class => current.manage? ? 'selected' : nil %>
+        <% end %>
+        <% if can? :manage, :permissions %>
+          <%= link_to 'Права доступа', esp_auth.root_path, :class => current.esp_auth? ? 'selected' : nil %>
+        <% end %>
+      </div>
+      <div class='auth'>
+        <span class='current_user'><%= current_user.name %></span>
+        <%= link_to('Выход', esp_auth.destroy_user_session_path) %>
+      </div>
+    <% else %>
+      <div class='auth'>
+        <%= link_to 'Вход в систему', user_omniauth_authorize_path(:identity)  %>
+      </div>
+    <% end %>
+  </div>
+</div>

data/app/views/esp_auth/users/index.html.erb

@@ -0,0 +1,53 @@
+<%= semantic_search_form_for :user, :url => esp_auth.users_path do |form| %>
+  <%= form.inputs do %>
+    <%= form.input :term, :as => :string, :label => false %>
+  <% end %>
+  <%= form.buttons do %>
+    <li><%= button_tag t('permissions.search'), :class => 'button icon search' %></li>
+  <% end %>
+<% end %>
+
+<%= link_to "&#43;#{t('permissions.create_permission')}".html_safe,
+            esp_auth.new_permission_path,
+            :class => 'new_permission' %>
+
+<ul class='collection_list'>
+  <% collection.each do |user| %>
+    <li class='user'>
+      <div class="name">
+        <%= user.name %>
+      </div>
+      <div class="email">
+        &lt;<%= mail_to user.email, user.email %>&gt;
+      </div>
+
+      <div class="links">
+        <%= link_to "&darr;&nbsp;#{t('permissions.show_permissions')}".html_safe, '#', :class => 'show_permissions' %>
+        <%= link_to "&#43;#{t('permissions.new')}".html_safe, esp_auth.new_user_permission_path(user), :class => 'add' %>
+      </div>
+
+      <ul class='permission_list'>
+        <% user.permissions.group_by(&:role).each do |role, permissions| %>
+          <li>
+            <h4><%= permissions.first.human_role %></h4>
+            <ul>
+              <% permissions.each do |permission| %>
+                <li>
+                  <%= permission.context %>
+                  <%= link_to t('permissions.delete'),
+                    esp_auth.permission_path(permission),
+                    :method => :delete,
+                    :confirm => t('permissions.Are you sure?'),
+                    :class => 'buttton icon remove danger' if can?(:destroy, permission) %>
+                </li>
+              <% end %>
+            </ul>
+          </li>
+        <% end %>
+      </ul>
+
+    </li>
+  <% end %>
+</ul>
+
+<%= paginate collection %>

data/app/views/layouts/esp_auth/application.html.erb

@@ -0,0 +1,18 @@
+<!DOCTYPE HTML>
+<html lang="ru">
+<head>
+  <meta charset="UTF-8">
+  <title><%= t('permissions.title') %></title>
+  <%= stylesheet_link_tag 'esp_auth/application' %>
+  <%= javascript_include_tag 'esp_auth/application' %>
+  <%= csrf_meta_tags %>
+</head>
+<body>
+  <%= render :partial => "esp_auth/shared/header" %>
+  <h1><%= t('permissions.title') %></h1>
+  <div class="container">
+    <%= yield %>
+  </div>
+  <%= render :partial => "esp_auth/shared/footer" %>
+</body>
+</html>