hone-lockdown 1.2.1

data/rails_generators/lockdown/templates/app/views/user_groups/edit.html.erb

@@ -0,0 +1,33 @@
+<h1>Editing User Group</h1>
+
+<%% form_for(<%= namespace.blank? ? '@user_group' : "[:#{namespace}, @user_group]"  %>) do |f| %>
+  <%%= f.error_messages %>
+  <p>
+    <b>Name</b><br />
+    <%%= f.text_field :name %>
+  </p>
+  <p>
+    <b>Permissions</b><br />
+    <ul style="list-style: none;">
+      <%% 
+        @all_permissions.each_with_index do |perm,i|
+          input_id = "perm_#{perm.id}"
+          checked = (@user_group.permission_ids.include?(perm.id) ? "checked" : "")
+      %>
+          <li id="li_<%%= input_id %>">
+            <label for="<%%= input_id %>">
+            <input id="<%%= input_id %>" name="<%%= input_id %>" type="checkbox" <%%= checked %>/>&nbsp;&nbsp;<%%= perm.name %>
+            </label>
+          </li>
+      <%% 
+        end
+      %>
+    </ul>
+  </p>
+
+  <p> <%%= f.submit "Update" %> </p>
+<%% end %>
+
+
+<%%= link_to 'Show', <%= namespace.blank? ? '@user_group' : "#{namespace}_user_group_path(@user_group)" %> %> |
+<%%= link_to 'Back', <%= namespace.blank? ? 'user_groups_path' : "#{namespace}_user_groups_path" %> %>

data/rails_generators/lockdown/templates/app/views/user_groups/index.html.erb

@@ -0,0 +1,20 @@
+<h1>Listing User Groups</h1>
+
+<table>
+  <tr>
+    <th>Name</th>
+  </tr>
+
+<%% for user_group in @user_groups %>
+  <tr>
+    <td><%%=h user_group.name %></td>
+    <td><%%= link_to 'Show', <%= namespace.blank? ? "user_group_path(user_group)" : "#{namespace}_user_group_path(user_group)" %> %></td>
+    <td><%%= link_to('Edit', <%= namespace.blank? ? "edit_user_group_path(user_group)" : "edit_#{namespace}_user_group_path(user_group)" %>) unless Lockdown::System.has_user_group?(user_group) %></td>
+    <td><%%= link_to('Destroy',<%= namespace.blank? ? "user_group_path(user_group)" : "#{namespace}_user_group_path(user_group)" %>, :confirm => 'Are you sure?', :method => :delete) unless Lockdown::System.has_user_group?(user_group) %></td>
+  </tr>
+<%% end %>
+</table>
+
+<br />
+
+<%%= link_to 'New User Group', <%= namespace.blank? ? "new_user_group_path" : "new_#{namespace}_user_group_path" %> %>

data/rails_generators/lockdown/templates/app/views/user_groups/new.html.erb

@@ -0,0 +1,31 @@
+<h1>New User Group</h1>
+
+<%% form_for(<%= namespace.blank? ? '@user_group' : "[:#{namespace}, @user_group]"  %>) do |f| %>
+  <%%= f.error_messages %>
+  <p>
+    <b>Name</b><br />
+    <%%= f.text_field :name %>
+  </p>
+  <p>
+    <b>Permissions</b><br />
+    <ul style="list-style: none;">
+      <%% 
+        @all_permissions.each_with_index do |perm,i|
+          input_id = "perm_#{perm.id}"
+          checked = (@user_group.permission_ids.include?(perm.id) ? "checked" : "")          
+      %>
+          <li id="li_<%%= input_id %>">
+            <label for="<%%= input_id %>">
+              <input id="<%%= input_id %>" name="<%%= input_id %>" type="checkbox" <%%= checked %>/>&nbsp;&nbsp;<%%= perm.name %>
+            </label>
+          </li>
+      <%% 
+        end
+      %>
+    </ul>
+  </p>
+
+  <p> <%%= f.submit "Create" %> </p>
+<%% end %>
+
+<%%= link_to 'Back', <%= namespace.blank? ? 'user_groups_path' : "#{namespace}_user_groups_path" %> %>

data/rails_generators/lockdown/templates/app/views/user_groups/show.html.erb

@@ -0,0 +1,29 @@
+<p>
+  <b>Name</b><br />
+  <%%= h @user_group.name %>
+</p>
+<p>
+  <b>Permissions</b><br />
+  <%%
+    @user_group.permissions.each do |perm| 
+  %>
+      <%%= perm.name %><br/>
+  <%%
+    end
+  %>
+</p>
+<p>
+	<b>Users in user group:</b><br />
+	<%%
+	  @user_group.all_users.each do |user| 
+	%>
+	    <%%= link_to_or_show(user.full_name, <%= namespace.blank? ? 'user' : "#{namespace}_user_path(user)" %>) %><br/>
+	<%%
+    end
+	%>
+</p>
+
+<%% unless Lockdown::System.has_user_group?(@user_group) %>
+  <%%= link_to 'Edit', <%= namespace.blank? ? 'edit_user_group_path(@user_group)' : "edit_#{namespace}_user_group_path(@user_group)" %> %> |
+<%% end %>
+<%%= link_to 'Back', <%= namespace.blank? ? 'user_groups_path' : "#{namespace}_user_groups_path" %> %>

data/rails_generators/lockdown/templates/app/views/users/edit.html.erb

@@ -0,0 +1,51 @@
+<h1>Editing User</h1>
+
+<%% form_for(<%= namespace.blank? ? "@user" : "[:#{namespace}, @user]" %>) do |f| %>
+  <%%= f.error_messages %>
+  <p>
+    <b>First name</b><br />
+    <%%= f.text_field :first_name %>
+  </p>
+  <p>
+    <b>Last name</b><br />
+    <%%= f.text_field :last_name %>
+  </p>
+  <p>
+    <b>Email</b><br />
+    <%%= f.text_field :email %>
+  </p>
+  <p>
+  	<b>Login</b><br />
+    <%%= f.text_field :login %>
+  </p>
+  <p>
+    <b>Password</b><br />
+    <%%= f.password_field :password %>
+  </p>
+  <p>
+    <b>Password confirmation</b><br />
+    <%%= f.password_field :password_confirmation %>
+  </p>
+  <p>
+    <b>User Groups</b><br />
+    <ul style="list-style: none;">
+      <%% 
+        @user_groups_for_user.each_with_index do |ug,i|
+          input_id = "ug_#{ug.id}"
+          checked = (@user.user_group_ids.include?(ug.id) ? "checked" : "")          
+      %>
+          <li id="li_<%%= input_id %>">
+            <label for="<%%= input_id %>">
+            <input id="<%%= input_id %>" name="<%%= input_id %>" type="checkbox" <%%= checked %>/>&nbsp;&nbsp;<%%= ug.name %>
+            </label>
+          </li>
+      <%% 
+        end
+      %>
+    </ul>
+  </p>
+  <p> <%%= f.submit "Update" %> </p>
+<%% end %>
+
+<%%= link_to 'Show', <%= namespace.blank? ? "user_path(@user)" : "#{namespace}_user_path(@user)" %> %> |
+<%%= link_to 'Back', <%= namespace.blank? ? "users_path" : "#{namespace}_users_path" %> %>

data/rails_generators/lockdown/templates/app/views/users/index.html.erb

@@ -0,0 +1,22 @@
+<h1>Listing Users</h1>
+
+<table>
+  <tr>
+    <th>Login</th>
+    <th>Name</th>
+  </tr>
+
+<%% @users.each do |user| %>
+  <tr>
+    <td><%%=h user.login %></td>
+    <td><%%=h user.full_name %></td>
+    <td><%%= link_to 'Show', <%= namespace.blank? ? "user_path(user)" : "#{namespace}_user_path(user)" %> %></td>
+    <td><%%= link_to 'Edit', <%= namespace.blank? ? "edit_user_path(user)" : "edit_#{namespace}_user_path(user)" %> %></td>
+    <td><%%= link_to 'Destroy', <%= namespace.blank? ? "user_path(user)" : "#{namespace}_user_path(user)" %>, :confirm => 'Are you sure?', :method => :delete %></td>
+  </tr>
+<%% end %>
+</table>
+
+<br />
+
+<%%= link_to 'New User', <%= namespace.blank? ? "new_user_path" : "new_#{namespace}_user_path" %> %>

data/rails_generators/lockdown/templates/app/views/users/new.html.erb

@@ -0,0 +1,50 @@
+<h1>New User</h1>
+
+<%% form_for(<%= namespace.blank? ? "@user" : "[:#{namespace}, @user]" %>) do |f| %>
+  <%%= f.error_messages %>
+  <p>
+    <b>First name</b><br />
+    <%%= f.text_field :first_name %>
+  </p>
+  <p>
+    <b>Last name</b><br />
+    <%%= f.text_field :last_name %>
+  </p>
+  <p>
+    <b>Email</b><br />
+    <%%= f.text_field :email %>
+  </p>
+  <p>
+  	<b>Login</b><br />
+    <%%= f.text_field :login %>
+  </p>
+  <p>
+    <b>Password</b><br />
+    <%%= f.password_field :password %>
+  </p>
+  <p>
+    <b>Password confirmation</b><br />
+    <%%= f.password_field :password_confirmation %>
+  </p>
+  <p>
+    <b>User Groups</b><br />
+    <ul style="list-style: none;">
+      <%% 
+        @user_groups_for_user.each_with_index do |ug,i|
+          input_id = "ug_#{ug.id}"
+          checked = (@user.user_group_ids.include?(ug.id) ? "checked" : "")                    
+      %>
+          <li id="li_<%%= input_id %>">
+            <label for="<%%= input_id %>">
+            <input id="<%%= input_id %>" name="<%%= input_id %>" type="checkbox" <%%= checked %>/>&nbsp;&nbsp;<%%= ug.name %>
+            </label>
+          </li>
+      <%% 
+        end
+      %>
+    </ul>
+  </p>
+  <p> <%%= f.submit "Create" %> </p>
+<%% end %>
+
+<%%= link_to 'Back', <%= namespace.blank? ? "users_path" : "#{namespace}_users_path" %> %>

data/rails_generators/lockdown/templates/app/views/users/show.html.erb

@@ -0,0 +1,33 @@
+<h1>Showing User</h1>
+
+<p>
+  <b>First name</b><br />
+  <%%= h @user.first_name %>
+</p>
+<p>
+  <b>Last name</b><br />
+  <%%= h @user.last_name %>
+</p>
+<p>
+  <b>Email</b><br />
+  <%%= h @user.email %>
+</p>
+<p>
+	<b><span>L</span>ogin</b><br />
+  <%%= h @user.login %>
+</p>
+<p>
+  <b>User Groups</b><br />
+  <ul style="list-style: none;">
+    <%% 
+      @user.user_groups.each do |ug| 
+    %>
+       <%%= h ug.name %> <br/>
+    <%% 
+      end
+    %>
+  </ul>
+</p>
+
+<%%= link_to 'Edit', <%= namespace.blank? ? "edit_user_path(@user)" : "edit_#{namespace}_user_path(@user)" %> %> |
+<%%= link_to 'Back', <%= namespace.blank? ? "users_path" : "#{namespace}_users_path" %> %>

data/rails_generators/lockdown/templates/config/initializers/lockit.rb

@@ -0,0 +1 @@
+require 'lockdown'

data/rails_generators/lockdown/templates/db/migrate/create_admin_user.rb

@@ -0,0 +1,17 @@
+class CreateAdminUser < ActiveRecord::Migration
+  def self.up
+		# TODO: Change the password
+    u = User.create(:password => "password", 
+                    :password_confirmation => "password", 
+                    :first_name => "Administrator",
+                    :last_name => "User",
+                    :email => "administrator@a.com",
+                    :login => "admin")
+
+		Lockdown::System.make_user_administrator(u)
+  end
+	 
+  def self.down
+    #Nothing to see here...
+	end
+end

data/rails_generators/lockdown/templates/db/migrate/create_permissions.rb

@@ -0,0 +1,19 @@
+class CreatePermissions < ActiveRecord::Migration
+  def self.up
+    create_table :permissions do |t|
+      t.string :name
+
+      t.timestamps
+    end
+
+		create_table :permissions_user_groups, :id => false do |t|
+      t.integer :permission_id
+      t.integer :user_group_id
+    end
+  end
+
+  def self.down
+		drop_table :permissions_user_groups
+    drop_table :permissions
+  end
+end

data/rails_generators/lockdown/templates/db/migrate/create_profiles.rb

@@ -0,0 +1,26 @@
+class CreateProfiles < ActiveRecord::Migration
+  def self.up
+    create_table :profiles do |t|
+      t.string :first_name
+      t.string :last_name
+      t.string :email
+      t.integer :updated_by
+      t.boolean :is_disabled
+
+      t.timestamps
+    end
+
+		# The System profile is used as the updated_by reference when records 
+    # are created programatically and the responsible user cannot be determined 
+    # or is simply not available.
+		# TODO: Change email address
+		Profile.create(:first_name => "System",
+										:last_name => "User",
+										:email => "system@a.com")
+
+  end
+
+  def self.down
+    drop_table :profiles
+  end
+end

data/rails_generators/lockdown/templates/db/migrate/create_user_groups.rb

@@ -0,0 +1,19 @@
+class CreateUserGroups < ActiveRecord::Migration
+  def self.up
+    create_table :user_groups do |t|
+      t.string :name
+
+      t.timestamps
+    end
+
+    create_table :user_groups_users, :id => false do |t|
+      t.integer :user_group_id
+      t.integer :user_id
+    end
+  end
+
+  def self.down
+		drop_table :user_groups_users
+    drop_table :user_groups
+  end
+end

data/rails_generators/lockdown/templates/db/migrate/create_users.rb

@@ -0,0 +1,17 @@
+class CreateUsers < ActiveRecord::Migration
+  def self.up
+    create_table :users do |t|
+      t.string :login
+      t.string :crypted_password
+      t.string :salt
+      t.integer :profile_id
+      t.integer :updated_by
+
+      t.timestamps
+    end
+  end
+
+  def self.down
+    drop_table :users
+  end
+end

data/rails_generators/lockdown/templates/lib/lockdown/README

@@ -0,0 +1,42 @@
+#
+#                           !!!!IMPORTANT!!!!
+#
+#*** MUST define a current_user method that will return the current user object
+#
+#*** MUST add call to add_lockdown_session_values to your login method
+#
+#*** MAY NEED to add call to reset_lockdown_session to your logout method. 
+# ** Not needed if your authentication system resets the session
+#   
+# Definitely need to use the user_group and permission models.  The lockdown 
+# generator will provide those for you.  Just add the following to your user
+# model:
+#   has_and_belongs_to_many :user_groups
+#
+# That's it! 
+#
+#
+#                       ~~~~Method Descriptions~~~~
+
+# The Lockdown gem defines these session methods:
+#
+# current_user_id: returns the id of the current_user
+#
+# logged_in? : returns true if current_user_id > 0
+#
+# current_user_is_admin?: returns true if user is assigned 
+# administrator rights.
+#
+# reset_lockdown_session: This will nil the following session values:
+#   current_user_id
+#   access_rights
+#   expiry_time
+#
+# current_user_access_in_group?(grp):  grp is a symbol referencing a 
+# Lockdown::UserGroups method such as :registered_users
+# Will return true if the session[:access_rights] contain at 
+# least one match to the access_right list associated to the group
+#
+# If you want access to any of these methods in your view, just add them 
+# as helpers in your controller (application controller for global use).
+#

data/rails_generators/lockdown/templates/lib/lockdown/init.rb

@@ -0,0 +1,131 @@
+Lockdown::System.configure do
+
+  #~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+  # Configuration Options
+  #~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+  # Options with defaults:
+  #
+  #
+  # Set User model:
+  #      # make sure you use the string "User", not the constant
+  #      options[:user_model] = "User"
+  #
+  # Set UserGroup model:
+  #      # make sure you use the string "UserGroup", not the constant
+  #      options[:user_group_model] = "UserGroup"
+  #
+  # Set who_did_it method:
+  #   This method is used in setting the created_by/updated_by fields and
+  #   should be accessible to the controller
+  #      options[:who_did_it] = :current_user_id
+  #
+  # Set default_who_did_it:
+  #   When current_user_id returns nil, this is the value to use
+  #      options[:default_who_did_it] = 1
+  #
+  #   Lockdown version < 0.9.0 set this to:
+  #       options[:default_who_did_it] = Profile::System
+  #
+  #   Should probably be something like:
+  #      options[:default_who_did_it] = User::SystemId
+  #
+  # Set timeout to 1 hour:
+  #       options[:session_timeout] = (60 * 60)
+  #
+  # Call method when timeout occurs (method must be callable by controller):
+  #       options[:session_timeout_method] = :clear_session_values
+  #
+  # Set system to logout if unauthorized access is attempted:
+  #       options[:logout_on_access_violation] = false
+  #
+  # Set redirect to path on unauthorized access attempt:
+  #       options[:access_denied_path] = "/"
+  #
+  # Set redirect to path on successful login:
+  #       options[:successful_login_path] = "/"
+  #
+  # Set separator on links call
+  #       options[:links_separator] = "|"
+  #
+  # If deploying to a subdirectory, set that here. Defaults to nil
+  #       options[:subdirectory] = "blog"
+  #       *Notice: Do not add leading or trailing slashes,
+  #                Lockdown will handle this
+  #
+  #~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+  # Define permissions
+  #~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+  #
+  # set_permission(:product_management).
+  #   with_controller(:products)
+  #
+  # :product_management is the name of the permission which is later
+  # referenced by the set_user_group method
+  #
+  # .with_controller(:products) defaults to all action_methods available on that
+  #  controller.  You can change this behaviour by chaining on except_methods or
+  #  only_methods.  (see examples below)
+  #
+  #  ** To define a namespaced controller use two underscores:
+  #     :admin__products
+  #
+  # if products is your standard RESTful resource you'll get:
+  #   ["products/index , "products/show",
+  #    "products/new", "products/edit",
+  #    "products/create", "products/update",
+  #    "products/destroy"]
+  #
+  # You can chain method calls to restrict the methods for one controller
+  # or you can add multiple controllers to one permission.
+  #      
+  #   set_permission(:security_management).
+  #     with_controller(:users).
+  #     and_controller(:user_groups).
+  #     and_controller(:permissions) 
+  #
+  # In addition to with_controller(:controller) there are:
+  #
+  #   set_permission(:some_nice_permission_name).
+  #     with_controller(:some_controller_name).
+  #       only_methods(:only_method_1, :only_method_2)
+  #
+  #   set_permission(:some_nice_permission_name).
+  #     with_controller(:some_controller_name).
+  #       except_methods(:except_method_1, :except_method_2)
+  #
+  #   set_permission(:some_nice_permission_name).
+  #     with_controller(:some_controller_name).
+  #       except_methods(:except_method_1, :except_method_2).
+  #     and_controller(:another_controller_name).
+  #     and_controller(:yet_another_controller_name)
+  #
+  # Define your permissions here:
+
+  #~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+  # Built-in user groups
+  #~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+  #  You can assign the above permission to one of the built-in user groups
+  #  by using the following:
+  # 
+  #  To allow public access on the permissions :sessions and :home:
+  #    set_public_access :sessions, :home
+  #     
+  #  Restrict :my_account access to only authenticated users:
+  #    set_protected_access :my_account
+  #
+  # Define the built-in user groups here:
+
+  #~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+  # Define user groups
+  #~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+  #
+  #  set_user_group(:catalog_management, :category_management, 
+  #                                      :product_management) 
+  #
+  #  :catalog_management is the name of the user group
+  #  :category_management and :product_management refer to permission names
+  #
+  # 
+  # Define your user groups here:
+
+end