esp-auth 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (51) hide show
  1. data/MIT-LICENSE +20 -0
  2. data/README.rdoc +28 -0
  3. data/Rakefile +28 -0
  4. data/app/assets/images/esp_auth/gh_icons.png +0 -0
  5. data/app/assets/images/esp_auth/inline_error_arrow.png +0 -0
  6. data/app/assets/images/esp_auth/wood.jpg +0 -0
  7. data/app/assets/javascripts/esp_auth/application.js +4 -0
  8. data/app/assets/javascripts/esp_auth/jquery.noisy.min.js +3 -0
  9. data/app/assets/javascripts/esp_auth/permissions.js +62 -0
  10. data/app/assets/stylesheets/esp_auth/application.css +11 -0
  11. data/app/assets/stylesheets/esp_auth/buttons.sass +300 -0
  12. data/app/assets/stylesheets/esp_auth/jquery_ui.sass +1493 -0
  13. data/app/assets/stylesheets/esp_auth/pagination.sass +19 -0
  14. data/app/assets/stylesheets/esp_auth/permissions.sass +150 -0
  15. data/app/assets/stylesheets/esp_auth/shared.sass +84 -0
  16. data/app/controllers/esp_auth/application_controller.rb +11 -0
  17. data/app/controllers/esp_auth/omniauth_callbacks_controller.rb +11 -0
  18. data/app/controllers/esp_auth/permissions_controller.rb +13 -0
  19. data/app/controllers/esp_auth/sessions_controller.rb +16 -0
  20. data/app/controllers/esp_auth/users_controller.rb +24 -0
  21. data/app/models/user_search.rb +13 -0
  22. data/app/views/esp_auth/permissions/new.html.erb +23 -0
  23. data/app/views/esp_auth/shared/_footer.html.erb +12 -0
  24. data/app/views/esp_auth/shared/_header.html.erb +24 -0
  25. data/app/views/esp_auth/users/index.html.erb +53 -0
  26. data/app/views/layouts/esp_auth/application.html.erb +18 -0
  27. data/config/initializers/devise.rb +223 -0
  28. data/config/locales/ru.yml +35 -0
  29. data/config/routes.rb +25 -0
  30. data/lib/esp-auth.rb +19 -0
  31. data/lib/esp_auth/engine.rb +41 -0
  32. data/lib/esp_auth/spec_helper.rb +68 -0
  33. data/lib/esp_auth/version.rb +3 -0
  34. data/lib/generators/esp_auth/install/install_generator.rb +49 -0
  35. data/lib/generators/esp_auth/install/templates/app/controllers/manage/application_controller.rb +3 -0
  36. data/lib/generators/esp_auth/install/templates/app/models/ability.rb +41 -0
  37. data/lib/generators/esp_auth/install/templates/app/models/context.rb +27 -0
  38. data/lib/generators/esp_auth/install/templates/app/models/permission.rb +69 -0
  39. data/lib/generators/esp_auth/install/templates/app/models/subcontext.rb +21 -0
  40. data/lib/generators/esp_auth/install/templates/app/models/user.rb +67 -0
  41. data/lib/generators/esp_auth/install/templates/config/locales/permissions_enum.ru.yml +6 -0
  42. data/lib/generators/esp_auth/install/templates/config/schedule.rb +5 -0
  43. data/lib/generators/esp_auth/install/templates/db/migrate/esp_auth_create_contexts.rb +12 -0
  44. data/lib/generators/esp_auth/install/templates/db/migrate/esp_auth_create_permissions.rb +11 -0
  45. data/lib/generators/esp_auth/install/templates/db/migrate/esp_auth_create_subcontexts.rb +9 -0
  46. data/lib/generators/esp_auth/install/templates/db/migrate/esp_auth_create_users.rb +29 -0
  47. data/lib/generators/esp_auth/install/templates/db/seeds.rb +4 -0
  48. data/lib/generators/esp_auth/install/templates/spec/models/ability_spec.rb +83 -0
  49. data/lib/omniauth/strategies/identity.rb +15 -0
  50. data/lib/tasks/sync.rake +17 -0
  51. metadata +453 -0
@@ -0,0 +1,67 @@
1
+ class User < ActiveRecord::Base
2
+ attr_accessible :name, :email, :nickname, :name, :first_name, :last_name, :location, :description, :image, :phone, :urls, :raw_info, :uid
3
+
4
+ validates_presence_of :uid
5
+
6
+ has_many :permissions
7
+
8
+ default_value_for :sign_in_count, 0
9
+
10
+ devise :omniauthable, :trackable, :timeoutable
11
+
12
+ searchable do
13
+ integer :uid
14
+ text :term do [name, email, nickname].join(' ') end
15
+ integer :permissions_count do permissions.count end
16
+ end
17
+
18
+ Permission.enums[:role].each do | role |
19
+ define_method "#{role}_of?" do |context|
20
+ permissions.for_role(role).for_context_and_ancestors(context).exists?
21
+ end
22
+ define_method "#{role}?" do
23
+ permissions.for_role(role).exists?
24
+ end
25
+ end
26
+
27
+ def contexts
28
+ permissions.map(&:context).uniq
29
+ end
30
+
31
+ def contexts_tree
32
+ contexts.flat_map{|c| c.respond_to?(:subtree) ? c.subtree : c}
33
+ .uniq
34
+ .flat_map{|c| c.respond_to?(:subcontexts) ? [c] + c.subcontexts : c }
35
+ .uniq
36
+ end
37
+
38
+ end
39
+
40
+
41
+
42
+ # == Schema Information
43
+ #
44
+ # Table name: users
45
+ #
46
+ # id :integer not null, primary key
47
+ # uid :string(255)
48
+ # name :text
49
+ # email :text
50
+ # nickname :text
51
+ # first_name :text
52
+ # last_name :text
53
+ # location :text
54
+ # description :text
55
+ # image :text
56
+ # phone :text
57
+ # urls :text
58
+ # raw_info :text
59
+ # sign_in_count :integer default(0)
60
+ # current_sign_in_at :datetime
61
+ # last_sign_in_at :datetime
62
+ # current_sign_in_ip :string(255)
63
+ # last_sign_in_ip :string(255)
64
+ # created_at :datetime not null
65
+ # updated_at :datetime not null
66
+ #
67
+
@@ -0,0 +1,6 @@
1
+ ru:
2
+ activerecord:
3
+ attributes:
4
+ permission:
5
+ role_enum:
6
+ manager: Менеджер
@@ -0,0 +1,5 @@
1
+ set :job_template, "/usr/local/bin/bash -l -c ':job'" if RUBY_PLATFORM =~ /freebsd/
2
+
3
+ every 1.day, :at => '4:00 am' do
4
+ rake 'esp_auth:sync'
5
+ end
@@ -0,0 +1,12 @@
1
+ class EspAuthCreateContexts < ActiveRecord::Migration
2
+ def change
3
+ create_table :contexts do |t|
4
+ t.string :title
5
+ t.string :ancestry
6
+ t.string :weight
7
+ t.timestamps
8
+ end
9
+ add_index :contexts, :weight
10
+ add_index :contexts, :ancestry
11
+ end
12
+ end
@@ -0,0 +1,11 @@
1
+ class EspAuthCreatePermissions < ActiveRecord::Migration
2
+ def change
3
+ create_table :permissions do |t|
4
+ t.references :user
5
+ t.references :context, :polymorphic => true
6
+ t.string :role
7
+ t.timestamps
8
+ end
9
+ add_index :permissions, [:user_id, :role, :context_id, :context_type], :name => 'by_user_and_role_and_context'
10
+ end
11
+ end
@@ -0,0 +1,9 @@
1
+ class EspAuthCreateSubcontexts < ActiveRecord::Migration
2
+ def change
3
+ create_table :subcontexts do |t|
4
+ t.string :title
5
+ t.references :context
6
+ t.timestamps
7
+ end
8
+ end
9
+ end
@@ -0,0 +1,29 @@
1
+ class EspAuthCreateUsers < ActiveRecord::Migration
2
+ def change
3
+ create_table :users do | t |
4
+ t.string :uid # omniauth[:uid]
5
+ t.text :name, # omniauth[:info]
6
+ :email,
7
+ :nickname,
8
+ :first_name,
9
+ :last_name,
10
+ :location,
11
+ :description,
12
+ :image,
13
+ :phone,
14
+ :urls
15
+ t.text :raw_info # omniauth[:extra]
16
+
17
+ # Trackable
18
+ t.integer :sign_in_count
19
+ t.datetime :current_sign_in_at
20
+ t.datetime :last_sign_in_at
21
+ t.string :current_sign_in_ip
22
+ t.string :last_sign_in_ip
23
+
24
+ t.timestamps
25
+ end
26
+
27
+ add_index :users, :uid
28
+ end
29
+ end
@@ -0,0 +1,4 @@
1
+ User.find_or_initialize_by_uid('1').tap do | user |
2
+ user.save(:validate => false)
3
+ user.permissions.create! :context => Context.first, :role => :manager if user.permissions.empty?
4
+ end
@@ -0,0 +1,83 @@
1
+ # encoding: utf-8
2
+
3
+ require 'spec_helper'
4
+
5
+ describe Ability do
6
+ context 'менеджер' do
7
+ context 'корневого контекста' do
8
+ subject { ability_for(manager_of(root)) }
9
+
10
+ context 'управление контекстами' do
11
+ it { should be_able_to(:manage, root) }
12
+ it { should be_able_to(:manage, child_1) }
13
+ it { should be_able_to(:manage, child_1_1) }
14
+ it { should be_able_to(:manage, child_2) }
15
+ end
16
+
17
+ context 'управление подконтекстами' do
18
+ it { should be_able_to(:manage, subcontext(root)) }
19
+ it { should be_able_to(:manage, subcontext(child_1)) }
20
+ it { should be_able_to(:manage, subcontext(child_1_1)) }
21
+ it { should be_able_to(:manage, subcontext(child_2)) }
22
+ end
23
+
24
+ context 'управление правами доступа' do
25
+ it { should be_able_to(:manage, another_manager_of(root).permissions.first) }
26
+ it { should be_able_to(:manage, another_manager_of(child_1).permissions.first) }
27
+ it { should be_able_to(:manage, another_manager_of(child_1_1).permissions.first) }
28
+ it { should be_able_to(:manage, another_manager_of(child_2).permissions.first) }
29
+ end
30
+ end
31
+
32
+ context 'вложенного контекста' do
33
+ subject { ability_for(manager_of(child_1)) }
34
+
35
+ context 'управление контекстами' do
36
+ it { should_not be_able_to(:manage, root) }
37
+ it { should be_able_to(:manage, child_1) }
38
+ it { should be_able_to(:manage, child_1_1) }
39
+ it { should_not be_able_to(:manage, child_2) }
40
+ end
41
+
42
+ context 'управление подконтекстами' do
43
+ it { should_not be_able_to(:manage, subcontext(root)) }
44
+ it { should be_able_to(:manage, subcontext(child_1)) }
45
+ it { should be_able_to(:manage, subcontext(child_1_1)) }
46
+ it { should_not be_able_to(:manage, subcontext(child_2)) }
47
+ end
48
+
49
+ context 'управление правами доступа' do
50
+ it { should_not be_able_to(:manage, another_manager_of(root).permissions.first) }
51
+ it { should be_able_to(:manage, another_manager_of(child_1).permissions.first) }
52
+ it { should be_able_to(:manage, another_manager_of(child_1_1).permissions.first) }
53
+ it { should_not be_able_to(:manage, another_manager_of(child_2).permissions.first) }
54
+ end
55
+ end
56
+
57
+ context 'подконтеста' do
58
+ subject { ability_for(manager_of(subcontext(child_1)))}
59
+
60
+ context 'управление контекстами' do
61
+ it { should_not be_able_to(:manage, root) }
62
+ it { should_not be_able_to(:manage, child_1) }
63
+ it { should_not be_able_to(:manage, child_1_1) }
64
+ it { should_not be_able_to(:manage, child_2) }
65
+ end
66
+
67
+ context 'управление подконтекстами' do
68
+ it { should_not be_able_to(:manage, another_subcontext(root)) }
69
+ it { should_not be_able_to(:manage, another_subcontext(child_1)) }
70
+ it { should_not be_able_to(:manage, another_subcontext(child_1_1)) }
71
+ it { should_not be_able_to(:manage, another_subcontext(child_2)) }
72
+ it { should be_able_to(:manage, subcontext(child_1)) }
73
+ end
74
+
75
+ context 'управление правами доступа' do
76
+ it { should_not be_able_to(:manage, another_manager_of(root).permissions.first) }
77
+ it { should_not be_able_to(:manage, another_manager_of(child_1).permissions.first) }
78
+ it { should_not be_able_to(:manage, another_manager_of(child_1_1).permissions.first) }
79
+ it { should_not be_able_to(:manage, another_manager_of(child_2).permissions.first) }
80
+ end
81
+ end
82
+ end
83
+ end
@@ -0,0 +1,15 @@
1
+ require 'omniauth/strategies/oauth2'
2
+
3
+ module OmniAuth
4
+ module Strategies
5
+ class Identity < OmniAuth::Strategies::OAuth2
6
+ uid { raw_info['uid'] }
7
+ info { raw_info['info'] }
8
+ extra { {:raw_info => raw_info} }
9
+
10
+ def raw_info
11
+ @raw_info ||= access_token.get("/oauth/user.json?oauth_token=#{access_token.token}").parsed
12
+ end
13
+ end
14
+ end
15
+ end
@@ -0,0 +1,17 @@
1
+ require 'curb'
2
+ require 'progress_bar'
3
+
4
+ desc "Syncronize blue-pages tree"
5
+
6
+ namespace :esp_auth do
7
+ task :sync => :environment do
8
+ remotes = JSON.parse(Curl::Easy.http_get("#{Settings['blue-pages.url']}/categories/2.json?sync=true").body_str)
9
+ bar = ProgressBar.new(remotes.count)
10
+ remotes.each do | remote |
11
+ (Context.find_by_id(remote['id']) || Context.new).tap do | context |
12
+ context.update_attributes! remote
13
+ end
14
+ bar.increment!
15
+ end
16
+ end
17
+ end