graph_starter 0.0.1

data/app/views/graph_starter/groups/_list.html.slim

@@ -0,0 +1,19 @@
+- groups.each do |group|
+  tr
+    td style="padding-left: #{indentation * 10}px"
+      i.caret.right.icon
+      = group.name
+    td = link_to action: :new, parent_id: group do
+      i.sitemap.large.icon
+      | Create Subgroup
+    td = link_to group do
+      i.unhide.large.icon
+      | Show
+    td = link_to edit_group_path(group) do
+      i.edit.large.icon
+      | Edit
+    td = link_to group, data: {:confirm => 'Are you sure?'}, :method => :delete do
+      i.remove.large.icon
+      | Delete
+
+  = render partial: 'list', locals: {groups: group.sub_groups, indentation: indentation + 1}

data/app/views/graph_starter/groups/edit.html.slim

@@ -0,0 +1,8 @@
+h1 Editing group
+
+== render 'form'
+
+= link_to 'Show', @group
+'|
+= link_to 'Back', groups_path
+

data/app/views/graph_starter/groups/index.html.slim

@@ -0,0 +1,18 @@
+h1 Listing groups
+
+table.ui.padded.table
+  thead
+    tr
+      th Name
+      th
+      th
+      th
+      th
+
+  tbody
+    = render partial: 'list', locals: {groups: @groups, indentation: 1}
+
+
+br
+
+= link_to 'New Group', new_group_path

data/app/views/graph_starter/groups/index.json.jbuilder

@@ -0,0 +1,4 @@
+json.array!(@groups) do |group|
+  json.extract! group, :id
+  json.url group_url(group, format: :json)
+end

data/app/views/graph_starter/groups/new.html.slim

@@ -0,0 +1,5 @@
+h1 New group
+
+== render 'form'
+
+= link_to 'Back', groups_path

data/app/views/graph_starter/groups/show.html.slim

@@ -0,0 +1,16 @@
+p#notice = notice
+
+h1 Viewing group:
+
+h2 = @group.name
+
+h3 Members
+
+.ui.segments
+  - @group.members.each do |member|
+    .ui.segment
+      = link_to member.name, member
+
+= link_to 'Edit', edit_group_path(@group)
+'|
+= link_to 'Back', groups_path

data/app/views/graph_starter/groups/show.json.jbuilder

@@ -0,0 +1 @@
+json.extract! @group, :id, :created_at, :updated_at

data/app/views/graph_starter/models/index.html.slim

@@ -0,0 +1,10 @@
+
+.ui.list
+  - @models.each do |model|
+    .item
+      = model.name
+      .content
+        .list
+          = model.authorized_properties(current_user).each do |property|
+            i.tag.icon
+            = property.name

data/app/views/graph_starter/properties/_property.html.slim

@@ -0,0 +1,34 @@
+- can_write = (level == 'write') && !form.nil?
+
+- ruby_type = property.ruby_type.to_s
+- case ruby_type
+- when 'Integer'
+  - if can_write
+    = form.number_field property.name
+  - else
+    = asset.read_attribute(property.name)
+- when 'DateTime', 'Date'
+  - if can_write
+    i.calendar.icon
+    - if ruby_type == 'DateTime'
+      i.wait.icon 
+    - strftime_format = {'DateTime' => '%Y-%m-%d %H:%M', 'Date' => '%Y-%m-%d'}[ruby_type]
+
+    - id = SecureRandom.uuid
+    - value = asset.read_attribute(property.name)
+
+    = form.text_field property.name, value: value && value.strftime(strftime_format), id: id
+
+    - js_options = {'DateTime' => "format:'Y-m-d H:i'", 'Date' => "timepicker:false,format:'Y-m-d'"}[ruby_type]
+    javascript:
+      $(function(){
+        $('##{id}').datetimepicker({#{js_options.html_safe}});
+      });
+  - else
+    = asset.read_attribute(property.name)
+
+- else
+  - if can_write
+    = form.text_field property.name
+  - else
+    = asset.read_attribute(property.name)

data/app/views/layouts/graph_starter/_change_permissions_modal.html.slim

@@ -0,0 +1,90 @@
+script type="text/x-handlebars"
+  .ui.modal
+    i.close.icon
+
+    .header Change permissions for {{object.name}}
+    .image.content
+      | {{#if object.image_url}}
+      .ui.medium.image
+        img src="{{object.image_url}}"
+      | {{/if}}
+
+      .description
+
+        <div class="ui search {{if searching 'loading' ''}}">
+          .ui.icon.input
+            | {{input type="text" placeholder="User or group" class="prompt" value=user_and_group_search}}
+            i.add.circle.icon
+
+          <div id="modal-search-results" class="results transition {{if user_and_group_results_present 'visible' ''}}">
+            .ui.two.column.grid
+              - %w(user group).each do |result_type|
+                | {{#if #{result_type}_results.length}}
+                .eight.wide.column
+                  table.ui.celled.striped.table
+                    tr
+                      th colspan="3"
+                        h2
+                          i class="#{result_type == 'user' ? 'user' : 'users'} icon"
+                          = result_type.humanize.pluralize                         
+                    | {{#each #{result_type}_results as |result|}}
+                    tr
+                      td
+                        | {{result.name}}
+                      td
+                        .ui.large.buttons
+                          <button {{action "add_#{result_type}" result 'read'}} class="ui button green icon">Read</button>
+                          .or
+                          <button {{action "add_#{result_type}" result 'write'}} class="ui button red icon">Write</button>
+                    | {{/each}}
+                | {{/if}}
+
+          </div>
+        </div>
+
+          .inline.field
+            .ui.checkbox
+              | {{input type="checkbox" name="private" checked=object.private}}
+              label Private?
+          - %w(user group).each do |entity_type|
+            | {{#if #{entity_type}_permissions}}
+            .ui.segment.padded
+              .ui.form
+                .ui.header
+                  i class="#{entity_type == 'user' ? 'user' : 'users'} icon"
+                  | #{entity_type.humanize.pluralize} allowed access
+                table.ui.definition.table
+                  | {{#each object.#{entity_type}_permissions as |#{entity_type}_permission|}}
+                  tr
+                    td
+                      label
+                        | {{#{entity_type}_permission.#{entity_type}.name}}
+                    td
+                      .field
+                        .ui.radio.checkbox
+                          | {{ radio-button name=#{entity_type}_permission.#{entity_type}.id value='read' groupValue=#{entity_type}_permission.level }}
+                          label Read
+                    td
+                      .field
+                        .ui.radio.checkbox
+                          | {{ radio-button name=#{entity_type}_permission.#{entity_type}.id value='write' groupValue=#{entity_type}_permission.level }}
+                          label Write
+                    td
+                      <button {{action "remove_#{entity_type}_permission" #{entity_type}_permission}} class="ui circular red button"><i class="remove user icon"/></button>
+                  | {{/each}}
+
+            | {{/if}}
+
+          <button {{action "update_permissions" target="controller"}} class="ui button positive icon {{if saving 'loading' ''}}"><i class="write icon"/>Update Permissions</button>
+
+    .actions
+      .ui.positive.right.labeled.icon.button.done
+        | Done
+        i.checkmark.icon
+
+  scss:
+    .ui.search > #modal-search-results {
+      width: 600px;
+      padding: 1em;
+    }
+

data/app/views/layouts/graph_starter/_menu.html.slim

@@ -0,0 +1,7 @@
+#menu.ui.secondary.pointing.menu
+  - GraphStarter::Asset.descendants.each do |model_class|
+    - path = graph_starter.assets_path(model_slug: model_class.model_slug)
+    = link_to model_class.name.pluralize.humanize, path, class: "item #{'active' if request.path.match(/^#{path}/)}"
+
+  - engine_view do
+    = render 'layouts/graph_starter/custom_menu'

data/app/views/layouts/graph_starter/_twitter_meta_tags.html.slim

@@ -0,0 +1,17 @@
+meta name="twitter:site" content="@neo4j"
+meta name="twitter:domain" content="http://neo4j.org"
+
+- if @asset
+  /- if @asset.creators.count > 0
+  /  - # Is this the right one?  Difference between uploader and author
+  /  meta name="twitter:creator" content="@#{@asset.creators[0].twitter_username}"
+
+  - if @asset.title
+    meta name="twitter:title" content="#{@asset.title}"
+
+  meta name="twitter:description" content="#{@asset.summary}"
+
+  - if @asset.class.has_images?
+    meta name="twitter:card" content="#{(@asset.first_image_source ? 'summary_large_image' : 'summary')}"
+
+    meta name="twitter:image:src" content="#{@asset.first_image_source ? @asset.first_image_source.url : '/assets/img/neo4j/neo4j-logo.png'}"

data/app/views/layouts/graph_starter/application.html.slim

@@ -0,0 +1,45 @@
+doctype html
+
+html
+
+  head
+    title AssetPortal
+    = stylesheet_link_tag    'graph_starter/application', media: 'all', 'data-turbolinks-track' => true
+
+    = render partial: 'layouts/graph_starter/twitter_meta_tags'
+
+    - if defined?(current_user)
+      javascript:
+        var current_user = #{current_user.to_json.html_safe}.user;
+
+    = javascript_include_tag 'graph_starter/application', 'data-turbolinks-track' => true
+
+    - controller = params[:controller].to_sym
+
+    - if ![:users, :groups].include?(controller)
+      = javascript_include_tag 'ember_apps/permissions_modal', 'data-turbolinks-track' => true
+
+    = csrf_meta_tags
+
+  body
+
+    = render partial: 'layouts/graph_starter/menu'
+
+    - if notice.present?
+      p.ui.green.message
+        i.close.icon
+        = notice
+    - if alert.present?
+      p.ui.yellow.message
+        i.close.icon
+        = alert
+
+    .ui.container
+
+      = yield
+
+    - if @current_user_is_admin
+      #change-object-permissions
+
+      - if !request.env['HTTP_X_XHR_REFERER']
+        = render partial: 'layouts/graph_starter/change_permissions_modal', locals: {asset: @asset}

data/config/routes.rb

@@ -0,0 +1,24 @@
+GraphStarter::Engine.routes.draw do
+  resources :groups
+  root 'assets#home'
+
+  resources :categories
+  resources :groups do
+    member do
+      get :users_to_add
+    end
+  end
+
+  get 'models' => 'models#index', as: :models
+  get 'models/:name' => 'models#show', as: :model
+
+  get 'authorizables/user_and_group_search.json' => 'authorizables#user_and_group_search'
+  get 'authorizables/:model_slug/:id.:format' => 'authorizables#show'
+  put 'authorizables/:model_slug/:id.:format' => 'authorizables#update'
+
+  get ':model_slug' => 'assets#index', as: :assets
+  get ':model_slug/:id' => 'assets#show', as: :asset
+  get ':model_slug/:id/edit' => 'assets#edit', as: :edit_asset
+  get ':model_slug/search/:query.json' => 'assets#search', as: :search_assets
+  patch ':model_slug/:id' => 'assets#update'  
+end

data/lib/graph_starter.rb

@@ -0,0 +1,4 @@
+require "graph_starter/engine"
+
+module GraphStarter
+end

data/lib/graph_starter/engine.rb

@@ -0,0 +1,25 @@
+require 'neo4jrb_paperclip'
+require 'semantic-ui-sass'
+
+require 'neo4j-core'
+require 'neo4j'
+require 'neo4j/railtie'
+require 'neo4j/rake_tasks'
+require 'slim-rails'
+
+module GraphStarter
+  class Engine < ::Rails::Engine
+    isolate_namespace GraphStarter
+
+    config.autoload_paths << File.expand_path("../../", __FILE__)
+
+    config.neo4j._active_record_destroyed_behavior = true
+
+    config.assets.precompile += %w(
+      missing.png
+
+      ember_apps/permissions_modal.js
+      ember_apps/user_list_dropdown.js
+    )
+  end
+end

data/lib/graph_starter/query_authorizer.rb

@@ -0,0 +1,81 @@
+module GraphStarter
+  class QueryAuthorizer
+    # Can take:
+    #  * a Query
+    #  * a Proxy object
+    #  * Anything that responds to #query where a `Query` is returned
+    def initialize(query_object)
+      validate_query_object!(query_object)
+
+      @query_object = query_object
+    end
+
+    def authorized_pluck(variable, user)
+      authorized_query(variable, user).pluck(variable)
+    end
+
+    def authorized_query(variables, user)
+      variables = Array(variables)
+
+      result_query = query.with(*variables)
+
+      result_query = authorized_user_query(result_query, user, variables)
+
+      # Collapse 2D array of all possible levels into one column of levels
+      result_query
+        .unwind(level_collection: :level_collections)
+        .unwind(level: :level_collection).break
+        .with(:level, *variables).where_not(level: nil)
+        .with('collect(level) AS levels', *variables)
+        .with("CASE WHEN 'write' IN levels THEN 'write' ELSE 'read' END AS level", *variables)
+    end
+
+    private
+
+    def validate_query_object!(query_object)
+      return if self.class.queryish?(query_object)
+
+      fail ArgumentError, "Expected query_object to be queryish.  Was: #{query_object.inspect}"
+    end
+
+    def self.queryish?(query_object)
+      query_object.is_a?(::Neo4j::Core::Query) ||
+        # Working around these two classes for new.  They should return `true`
+        # for `respond_to(:query)`
+        query_object.is_a?(::Neo4j::ActiveNode::HasN::AssociationProxy) ||
+        query_object.is_a?(::Neo4j::ActiveNode::Query::QueryProxy) ||
+        query_object.respond_to?(:query)
+    end
+
+    def query
+      if @query_object.is_a?(::Neo4j::Core::Query)
+        @query_object
+      else
+        @query_object.query
+      end
+    end
+
+    def authorized_user_query(query, user, variables, user_variable = :user)
+      collect_levels_string = variables.flat_map do |variable|
+        ["CASE WHEN (user.admin OR #{variable}_created_rel IS NOT NULL) THEN 'write' WHEN NOT(#{variable}.private) THEN 'read' END",
+         "#{variable}_direct_access_rel.level",
+         "#{variable}_indirect_can_access_rel.level"]
+      end.compact.join(', ')
+
+      result_query = variables.flat_map { |v| user_authorization_paths(v, user_variable) }
+                     .inject(query.optional_match_nodes(user_variable => user).break) do |result, clause|
+        result.optional_match(clause).break
+      end.with('*')
+
+      result_query
+        .with("collect([#{collect_levels_string}]) AS level_collections", *variables)
+    end
+
+    def user_authorization_paths(variable, user_variable = :user)
+      ["#{variable}<-[#{variable}_created_rel:CREATED]-#{user_variable}",
+       "#{variable}<-[#{variable}_direct_access_rel:CAN_ACCESS]-#{user_variable}",
+       "#{variable}<-[#{variable}_indirect_can_access_rel:CAN_ACCESS]-(:Group)<-[:HAS_SUBGROUP*0..5]-(:Group)<-[:BELONGS_TO]-#{user_variable}"]
+    end
+  end
+end
+

data/lib/graph_starter/version.rb

@@ -0,0 +1,3 @@
+module GraphStarter
+  VERSION = "0.0.1"
+end

data/lib/tasks/graph_starter_tasks.rake

@@ -0,0 +1,4 @@
+# desc "Explaining what the task does"
+# task :graph_starter do
+#   # Task goes here
+# end