infopark_reactor 1.5.1

data/lib/reactor/attributes/link_list_extender.rb

@@ -0,0 +1,50 @@
+require 'reactor/link/temporary_link'
+
+module Reactor
+  module Attributes
+    module LinkListExtender
+      def self.extend_linklist!
+        # this will trigger rails autoload
+        extend_given_linklist!(RailsConnector::LinkList)
+      end
+
+      def self.extend_given_linklist!(klass)
+        unless klass.instance_methods(false).include?("changed?")
+          klass.class_eval do
+            def <<(link_data)
+              super(transform_into_link(link_data))
+            end
+
+            # install #size_changed callback
+            Array.instance_methods(false).each do |meth|
+              old = instance_method(meth)
+              define_method(meth) do |*args, &block|
+                old_size = size
+                ret = old.bind(self).call(*args, &block)
+                size_changed(old_size, size) if old_size != size
+                ret
+              end if meth.to_sym != :size
+            end
+
+            def changed?
+              @changed == true
+            end
+
+            protected
+            def size_changed(old_size, size)
+              @changed = true
+            end
+
+            def transform_into_link(link_data)
+              if (link_data.respond_to?(:external?) && link_data.respond_to?(:internal?))
+                link_data
+              else
+                Reactor::Link::TemporaryLink.new(link_data)
+              end
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/reactor/attributes/link_list_serializer.rb

@@ -0,0 +1,27 @@
+require 'reactor/link/temporary_link'
+require 'infopark_rails_connector'
+
+module Reactor
+  module Attributes
+    class LinkListSerializer
+      def initialize(attr, value)
+        @attr, @value = attr, value
+      end
+
+      def serialize
+        linklist = RailsConnector::LinkList.new([])
+        enumerate(@value).each do |link_data|
+          linklist << link_data
+        end
+        linklist
+      end
+
+      private
+      def enumerate(value)
+        return [] if value.nil? || value.blank?
+        return [value] unless value.kind_of?(Array)
+        return value
+      end
+    end
+  end
+end

data/lib/reactor/cache/permission.rb

@@ -0,0 +1,36 @@
+require 'singleton'
+
+module Reactor
+  module Cache
+    class Permission
+      include Singleton
+
+      def lookup(user, key, &block)
+        set(user, key, yield) unless set?(user, key)
+        get(user, key)
+      end
+
+      def initialize
+        @cache = {}
+      end
+
+      def invalidate(user)
+        @cache[user] = {}
+      end
+
+      protected
+      def set?(user, key)
+        @cache.key?(user) && @cache[user].include?(key)
+      end
+
+      def set(user, key, value)
+        @cache[user] ||= {}
+        @cache[user][key] = value
+      end
+
+      def get(user, key)
+        @cache[user][key]
+      end
+    end
+  end
+end

data/lib/reactor/cache/user.rb

@@ -0,0 +1,37 @@
+require 'singleton'
+
+module Reactor
+  module Cache
+    class User
+      include Singleton
+
+      def get(user_name)
+        @cache ||= {}
+        # Rails.logger.debug "User:Cache hit: #{hit?(user_name.to_s)} [#{@cache[user_name.to_s].inspect}]"
+
+        key = user_name.to_s
+        if hit?(key)
+          @cache[key]
+        else
+          @cache[key] = Reactor::Session::User.new(key)
+        end
+      end
+
+      def set(user_name, user)
+        @cache ||= {}
+        @cache[user_name.to_s] = user
+      end
+
+      def invalidate(user_name)
+        @cache ||= {}
+        @cache[user_name.to_s] = nil
+      end
+
+      private
+      def hit?(user_name)
+        key = user_name.to_s
+        @cache.key?(key) && !@cache[key].nil?
+      end
+    end
+  end
+end

data/lib/reactor/legacy.rb

@@ -0,0 +1,60 @@
+module Reactor
+  # This is a collection of legacy method,s that have not found any better place to live.
+  module Legacy
+    module Base
+      def self.included(base)
+        base.extend(ClassMethods)
+      end
+
+      # removes CMS objects underneath current object
+      # @option options :no_children if true prevents deletion unless there are no children
+      # @option options :img_children_only if true prevents deletion unless there are exclusively img children
+      # @option options [Array] :children if true prevents deletion if there are other children besides the specified ones (array of names)
+      def delete_children!(options={})
+        # TODO: provide better discrimination mechanisms (blocks?)
+        f_nochild   = options.delete(:no_children)
+        f_imgchild  = options.delete(:img_children_only)
+        f_children  = options.delete(:children)
+
+        mychildren  = self.children
+        image_children, other_children = mychildren.partition {|obj| obj.obj_class == 'Image'}
+
+        # are there any links pointing to this container
+        return false if has_super_links?
+        # is the flag set and are there any children
+        return false if f_nochild && !mychildren.empty?
+        # is the flag set and are there any children besides images
+        return false if f_imgchild && !other_children.empty?
+        # is the flag set and are there any children besides the specified ones
+        return false if f_children && !((mychildren.map(&:name) - f_children).empty?)
+
+        # check children for any links pointing to them
+        return false if mychildren.detect(&:has_super_links?)
+        # check if there are any grandchildren
+        return false if mychildren.detect {|child| !child.children.empty?}
+
+        # delete children
+        mychildren.each(&:destroy)
+        return true
+      end
+    end
+    module ClassMethods
+      def path_from_anything(anything)
+        obj_from_anything(anything).try(:path)
+      end
+
+      def obj_from_anything(anything)
+        case anything
+        when Fixnum then Obj.find(anything)
+        when String then Obj.find_by_path(anything)
+        when Obj then anything
+        else raise ArgumentError, "Link target must Fixnum, String or Obj, but was #{anything.class}."
+        end
+      end
+
+      def obj_id_from_anything(anything)
+        obj_from_anything(anything).try(:obj_id)
+      end
+    end
+  end
+end

data/lib/reactor/link/external.rb

@@ -0,0 +1,19 @@
+module Reactor
+  module Link
+    class External
+      attr_accessor :url
+
+      def external? ; true  ; end
+      def internal? ; false ; end
+
+      def initialize(url)
+        raise TypeError, "#{self.class.name} is deprecated!"
+        self.url = url
+      end
+
+      def id
+        nil
+      end
+    end
+  end
+end

data/lib/reactor/link/internal.rb

@@ -0,0 +1,19 @@
+module Reactor
+  module Link
+    class Internal
+      attr_accessor :destination_object
+
+      def external? ; false ; end
+      def internal? ; true  ; end
+
+      def initialize(anything)
+        raise TypeError, "#{self.class.name} is deprecated!"
+        self.destination_object = Obj.obj_from_anything(anything)
+      end
+
+      def id
+        nil
+      end
+    end
+  end
+end

data/lib/reactor/link/temporary_link.rb

@@ -0,0 +1,43 @@
+module Reactor
+  module Link
+    class TemporaryLink
+      attr_reader   :url
+      attr_accessor :title
+
+      def external? ; raise TypeError, "This link needs to be persisted to gain any meaningful information" ; end
+      def internal? ; false ; end
+
+      def initialize(anything)
+        link_data = {}
+        
+        case anything
+        when Hash
+          link_data = anything
+        else
+          link_data[:target] = anything
+        end
+
+        self.url    = link_data[:target] || link_data[:url] || link_data[:destination_object]
+        self.title  = link_data[:title] if link_data.key?(:title)
+      end
+
+      def url=(some_target)
+        @url = case some_target
+        when Obj
+          @destination_object = some_target
+          some_target.path
+        else
+          some_target
+        end
+      end
+
+      def destination_object
+        @destination_object ||= Obj.find_by_path(url)
+      end
+
+      def id
+        nil
+      end
+    end
+  end
+end

data/lib/reactor/no_working_version.rb

@@ -0,0 +1 @@
+class Reactor::NoWorkingVersion < StandardError ; end

data/lib/reactor/not_permitted.rb

@@ -0,0 +1 @@
+class Reactor::NotPermitted < StandardError ; end

data/lib/reactor/permission.rb

@@ -0,0 +1,262 @@
+require 'reactor/session'
+require 'reactor/cache/permission'
+require 'reactor/cache/user'
+
+module Reactor
+
+  # This module adds #permission method to obj that act as a gateway for permission checking,
+  # see documentation for [Permission::PermissionProxy] for more details.
+  # @see [Permission::PermissionProxy]
+  #
+  # Including this module also alters typical ActiveRecord call chain, so that it becomes:
+  # 1. permission checking
+  # 2. validations (if [Reactor::Validations] is included)
+  # 3. callbacks (before_*, around_*, after_*)
+  #
+  # Therefore if the user lacks permissions no futher actions are executed.
+  module Permission
+
+    module Base
+
+      # @see [PermissionProxy]
+      def permission
+        @permission ||= PermissionProxy.new(self)
+      end
+
+      # Wraps around Reactor::Persistence::Base#release! and ensures
+      # that current user has required permissions to release the object
+      # @raise [Reactor::NotPermitted] user lacks neccessary permission
+      def release!
+        ensure_permission_granted(:release)
+        return super
+      end
+
+      # Wraps around Reactor::Persistence::Base#take! and ensures
+      # that current user has required permissions to take the object
+      # @raise [Reactor::NotPermitted] user lacks neccessary permission
+      def take!
+        ensure_permission_granted(:take)
+        return super
+      end
+
+      # Wraps around Reactor::Persistence::Base#edit! and ensures
+      # that current user has required permissions to edit the object
+      # @raise [Reactor::NotPermitted] user lacks neccessary permission
+      def edit!
+        ensure_permission_granted(:edit)
+        return super
+      end
+
+      # Wraps around ActiveRecord::Persistence#save and ensures
+      # that current user has required permissions to save the object
+      # @raise [Reactor::NotPermitted] user lacks neccessary permission
+      def save
+        if persisted?
+          ensure_permission_granted(:write)
+        else
+          ensure_create_permission_granted(self.parent_obj_id)
+        end
+        return super
+      rescue Reactor::NotPermitted
+        return false
+      end
+
+      # Wraps around ActiveRecord::Persistence#save! and ensures
+      # that current user has required permissions to save the object
+      # @raise [Reactor::NotPermitted] user lacks neccessary permission
+      def save!
+        if persisted?
+          ensure_permission_granted(:write)
+        else
+          ensure_create_permission_granted(self.parent_obj_id)
+        end
+        return super
+      end
+
+      # Wraps around Reactor::Persistence::Base#resolve_refs! and ensures
+      # that current user has required permissions to call resolve refs on the object
+      # @raise [Reactor::NotPermitted] user lacks neccessary permission
+      def resolve_refs!
+        ensure_permission_granted(:write)
+        return super
+      end
+
+      private
+
+      def ensure_permission_granted(type)
+        raise Reactor::NotPermitted, "#{self.path} lacks neccessary permissions for #{type}" unless self.permission.send("#{type}?")
+        return true
+      end
+
+      def ensure_create_permission_granted(obj_id)
+        raise Reactor::NotPermitted, 'Obj lacks neccessary permissions for creation' unless Obj.find(obj_id).permission.create_children?
+        return true
+      end
+
+    end
+
+    # This class acts as a proxy to underlying permission checking classes.
+    # There are three possible cases for each permission type (live, read, write, root, create_children):
+    # 1. Given user is SuperUser - all permissions granted
+    # 2. Given user has the permission
+    # 3. Given user doesn't have the permission
+    class PermissionProxy
+
+      def initialize(obj) #:nodoc:
+        @obj = obj
+        @cache = Reactor::Cache::Permission.instance
+        @lookup = PermissionLookup.new(obj)
+      end
+
+      # Returns true if given user (or current user, if none given) has 'live' permission
+      def live?(user=nil)
+        granted?(user, :live)
+      end
+
+      # Returns true if given user (or current user, if none given) has 'read' permission
+      def read?(user = nil)
+        granted?(user, :read)
+      end
+
+      # Returns true if given user (or current user, if none given) has 'write' permission
+      def write?(user = nil)
+        granted?(user, :write)
+      end
+
+      # Returns true if given user (or current user, if none given) has 'root' permission
+      def root?(user = nil)
+        granted?(user, :root)
+      end
+
+      # Returns true if given user (or current user, if none given) has 'create_children' permission
+      def create_children?(user = nil)
+        granted?(user, :create_children)
+      end
+
+      # @see #root?
+      def delete?(user = nil)
+        root?(user)
+      end
+
+      # @see #write?
+      def take?(user = nil)
+        write?(user)
+      end
+
+      # @see #write?
+      def edit?(user = nil)
+        write?(user)
+      end
+
+      # Returns true if given user has permissions required to release an object (the exact
+      # permissions depend on the state of the object)
+      def release?(user = nil)
+        (has_workflow? && root?(user)) || (!has_workflow? && write?(user))
+      end
+
+      # Setter to overwrite the current groups for the given +permission+ with the
+      # given +groups+.
+      def set(permission, groups)
+        identifier = identifier(permission)
+
+        crul_obj.permission_set(identifier, groups)
+      end
+
+      # Grants the given +groups+ the given +permission+, without effecting
+      # already existing groups.
+      def grant(permission, groups)
+        identifier = identifier(permission)
+
+        crul_obj.permission_grant(identifier, groups)
+      end
+
+      # Takes away the given +permission+ from the given +groups+, without effecting
+      # already existing groups.
+      def revoke(permission, groups)
+        identifier = identifier(permission)
+
+        crul_obj.permission_revoke(identifier, groups)
+      end
+
+      # Takes away the given +permission+ from all groups currently set.
+      def clear(permission)
+        identifier = identifier(permission)
+
+        crul_obj.permission_clear(identifier)
+      end
+
+      protected
+
+      attr_reader :cache, :obj, :lookup
+
+      def crul_obj
+        obj.send(:crul_obj)
+      end
+
+      def default_user
+        Reactor::Session.instance.user_name || Reactor::Configuration.xml_access[:username]
+      end
+
+      def granted?(user, permission)
+        user ||= default_user
+        cache.lookup(user, "#{obj.path}:#{permission}") do
+          lookup.superuser?(user) || lookup.send("#{permission}?", user)
+        end
+      end
+
+      # A table with all available permissions and their identifier.
+      def self.permissions
+        @permissions ||= {
+          :read => 'permissionRead',
+          :root => 'permissionRoot',
+          :live => 'permissionLiveServerRead',
+          :write => 'permissionWrite',
+          :create_children => 'permissionCreateChildren',
+        }
+      end
+
+      def identifier(permission)
+        self.class.permissions[permission]
+      end
+
+      def has_workflow?
+        cache.lookup(:any, "#{obj.path}:workflow") do
+          RailsConnector::ObjectWithMetaData.find_by_object_id(obj.id).try(:workflow_name).present?
+        end
+      end
+    end
+
+    class PermissionLookup
+
+      def initialize(obj)
+        @obj = obj
+        @cache = Reactor::Cache::User.instance
+      end
+
+      Reactor::Permission::PermissionProxy.permissions.keys.each do |permission|
+        define_method "#{permission}?" do |user|
+          user_in_groups(user, obj.permissions.send(permission))
+        end
+      end
+
+      def superuser?(user)
+        cache.get(user).superuser?
+      end
+
+      def groups(user)
+        cache.get(user).groups
+      end
+
+      protected
+
+      attr_reader :cache, :obj
+
+      def user_in_groups(user, groups)
+        groups(user).detect { |user_group| groups.include?(user_group) } != nil
+      end
+
+    end
+
+  end
+
+end