ioquatix-account_engine 0.1.0

data/rails/app/views/users/index.rhtml

@@ -0,0 +1,38 @@
+<h1>Listing Users</h1>
+
+<table id="user_list" class="listing">
+	<thead>
+		<tr>
+			<th>Login</th>
+			<th> </th>
+			<th>Email</th>
+			<th>Created</th>
+			<th>Logged In</th>
+			<th>Roles</th>
+			<th> </th>
+		</tr>
+	</thead>
+	<tfoot>
+		<tr>
+			<td colspan="7">
+				<%= link_if_authorized icon_tag(:create) + ' New User', new_user_path %>
+			</td>
+		</tr>
+	</tfoot>
+	<tbody>
+	<% for user in @users %>
+		<tr>
+			<td><%= link_if_authorized user.fullname, :action => 'show', :id => user.id %></td>
+			<td><%= link_if_authorized icon_tag(:edit), {:action => 'edit', :id => user} %></td>
+			<td><%= mail_to user.email, user.email %></td>
+			<td><%= user.created_at.strftime("%H:%I %Z, %d %b %Y") if user.created_at %></td>
+			<td><%= (user.logged_in_at.strftime("%H:%I %Z, %d %b %Y") if user.logged_in_at) || '-' %></td>
+			<td><%= user.roles.collect { |r| link_if_authorized r.name, :controller => 'roles', :action => 'show', :id => r.id }.join(", ") %></td>
+			<td><%= link_if_authorized icon_tag('edit', :controller => 'roles'), :action => 'roles', :id => user.id %></td>
+		</tr>
+	<% end %>
+	</tbody>
+</table>
+
+<%= will_paginate @users %>
+

data/rails/app/views/users/new.rhtml

@@ -0,0 +1,5 @@
+<h1>New User</h1>
+
+<% table_form_for :user, :url => {:action => :create} do |f| %>
+	<%= f.render_form %>
+<% end %>

data/rails/app/views/users/roles.rhtml

@@ -0,0 +1,42 @@
+<h1>Roles for User: <%= @user.fullname %></h1>
+
+<table class="listing">
+	<thead>
+		<tr>
+			<th>Role</th>
+			<th>Granted</th>
+			<th>Revoke</th>
+			<th>Description</th>
+		</tr>
+	</thead>
+	<tfoot>
+		<tr>
+			<td colspan="4">
+				<%= link_to icon_tag('create', :controller => 'roles') + " New Role", :controller => 'roles', :action => 'new' %>
+			</td>
+		</tr>
+	</tfoot>
+	<% @roles.each do |r| %>
+	<tr>
+		<td><%= link_if_authorized r.name, :controller => 'roles', :action => 'show', :id => r.id %></td>
+		<% if @user.roles.include? r %>
+		<td>
+			<b>Granted</b>
+		</td>
+		<td>
+			<%= link_to "Revoke", {:action => 'remove_role', :id => @user.id, :role => r.id}, :post => true %>
+		</td>
+		<% else %>
+		<td>
+			<%= link_to "Grant", {:action => 'add_role', :id => @user.id, :role => r.id}, :post => true %>
+		</td>
+		<td>
+		</td>
+		<% end %>
+		<td>
+			<%= r.description %>
+		</td>
+	</tr>
+	<% end %>
+</table>
+

data/rails/app/views/users/show.rhtml

@@ -0,0 +1,36 @@
+<h1>User <%= @user.login %></h1>
+
+<h2>Account Details</h2>
+
+<dl>
+	<dt>User ID</dt>
+	<dd><%= @user.id %></dd>
+	<dt>Login</dt>
+	<dd><%= @user.login %></dd>
+	<dt>Email</dt>
+	<dd><%= @user.email %></dd>
+</dl>
+
+<dl>
+	<dt>Account created</dt>
+	<dd><%= @user.created_at %></dd>
+	<dt>Updated at</dt>
+	<dd><%= @user.updated_at %></dd>
+	<dt>Last logged in at</dt>
+	<dd><%= @user.logged_in_at %></dd>
+</dl>
+
+<h2>Account Status</h2>
+
+<dl>
+	<dt>Verified?</dt>
+	<dd><%= @user.verified? ? "Yes" : "No" %></dd>
+	<dt>Deleted?</dt>
+	<dd><%= @user.deleted? ? "Yes" : "No" %></dd>
+<% if @user.security_token != nil %>
+	<dt>Security Token</dt>
+	<dd><%= @user.security_token %></dd>
+	<dt>Token Expiry</dt>
+	<dd><%= @user.token_expiry %></dd>
+<% end %>
+</dl>

data/rails/assets/javascripts/account_engine.js

@@ -0,0 +1,166 @@
+
+function updatePasswordStatus (okay) {
+	var passwordChangeButton = $("passwordChangeButton");
+	var errorImage = $("passwordErrorStatus");
+	
+	if (okay) {
+		if (errorImage) {
+			errorImage.removeClassName("okay");
+			errorImage.addClassName("error");
+		}
+		
+		passwordChangeButton.disabled = 1;
+	} else {
+		if (errorImage) {
+			errorImage.removeClassName("error");
+			errorImage.addClassName("okay");
+		}
+		
+		passwordChangeButton.disabled = null;
+	}
+}
+
+function checkPasswords () {
+	var password = $F("password");
+	var passwordCopy = $F("passwordCopy");
+	
+	if (password == "") {
+		updatePasswordStatus(false);
+	}
+	
+	updatePasswordStatus(password != passwordCopy)
+}
+
+// http://www.movable-type.co.uk/scripts/sha1.html
+function sha1Hash(msg)
+{
+    // constants [§4.2.1]
+    var K = [0x5a827999, 0x6ed9eba1, 0x8f1bbcdc, 0xca62c1d6];
+
+
+    // PREPROCESSING 
+ 
+    msg += String.fromCharCode(0x80); // add trailing '1' bit to string [§5.1.1]
+
+    // convert string msg into 512-bit/16-integer blocks arrays of ints [§5.2.1]
+    var l = Math.ceil(msg.length/4) + 2;  // long enough to contain msg plus 2-word length
+    var N = Math.ceil(l/16);              // in N 16-int blocks
+    var M = new Array(N);
+    for (var i=0; i<N; i++) {
+        M[i] = new Array(16);
+        for (var j=0; j<16; j++) {  // encode 4 chars per integer, big-endian encoding
+            M[i][j] = (msg.charCodeAt(i*64+j*4)<<24) | (msg.charCodeAt(i*64+j*4+1)<<16) | 
+                      (msg.charCodeAt(i*64+j*4+2)<<8) | (msg.charCodeAt(i*64+j*4+3));
+        }
+    }
+    // add length (in bits) into final pair of 32-bit integers (big-endian) [5.1.1]
+    // note: most significant word would be ((len-1)*8 >>> 32, but since JS converts
+    // bitwise-op args to 32 bits, we need to simulate this by arithmetic operators
+    M[N-1][14] = ((msg.length-1)*8) / Math.pow(2, 32); M[N-1][14] = Math.floor(M[N-1][14])
+    M[N-1][15] = ((msg.length-1)*8) & 0xffffffff;
+
+    // set initial hash value [§5.3.1]
+    var H0 = 0x67452301;
+    var H1 = 0xefcdab89;
+    var H2 = 0x98badcfe;
+    var H3 = 0x10325476;
+    var H4 = 0xc3d2e1f0;
+
+    // HASH COMPUTATION [§6.1.2]
+
+    var W = new Array(80); var a, b, c, d, e;
+    for (var i=0; i<N; i++) {
+
+        // 1 - prepare message schedule 'W'
+        for (var t=0;  t<16; t++) W[t] = M[i][t];
+        for (var t=16; t<80; t++) W[t] = ROTL(W[t-3] ^ W[t-8] ^ W[t-14] ^ W[t-16], 1);
+
+        // 2 - initialise five working variables a, b, c, d, e with previous hash value
+        a = H0; b = H1; c = H2; d = H3; e = H4;
+
+        // 3 - main loop
+        for (var t=0; t<80; t++) {
+            var s = Math.floor(t/20); // seq for blocks of 'f' functions and 'K' constants
+            var T = (ROTL(a,5) + f(s,b,c,d) + e + K[s] + W[t]) & 0xffffffff;
+            e = d;
+            d = c;
+            c = ROTL(b, 30);
+            b = a;
+            a = T;
+        }
+
+        // 4 - compute the new intermediate hash value
+        H0 = (H0+a) & 0xffffffff;  // note 'addition modulo 2^32'
+        H1 = (H1+b) & 0xffffffff; 
+        H2 = (H2+c) & 0xffffffff; 
+        H3 = (H3+d) & 0xffffffff; 
+        H4 = (H4+e) & 0xffffffff;
+    }
+
+    return H0.toHexStr() + H1.toHexStr() + H2.toHexStr() + H3.toHexStr() + H4.toHexStr();
+}
+
+//
+// function 'f' [§4.1.1]
+//
+function f(s, x, y, z) 
+{
+    switch (s) {
+    case 0: return (x & y) ^ (~x & z);           // Ch()
+    case 1: return x ^ y ^ z;                    // Parity()
+    case 2: return (x & y) ^ (x & z) ^ (y & z);  // Maj()
+    case 3: return x ^ y ^ z;                    // Parity()
+    }
+}
+
+//
+// rotate left (circular left shift) value x by n positions [§3.2.5]
+//
+function ROTL(x, n)
+{
+    return (x<<n) | (x>>>(32-n));
+}
+
+//
+// extend Number class with a tailored hex-string method 
+//   (note toString(16) is implementation-dependant, and 
+//   in IE returns signed numbers when used on full words)
+//
+Number.prototype.toHexStr = function()
+{
+    var s="", v;
+    for (var i=7; i>=0; i--) { v = (this>>>(i*4)) & 0xf; s += v.toString(16); }
+    return s;
+}
+
+def self.hashed(str)
+  # check if a salt has been set...
+  if AccountEngine.salt == nil
+    raise "You must define a :salt value in the configuration for the AccountEngine module."
+  end
+
+  return Digest::SHA1.hexdigest("#{AccountEngine.salt}-#{str}}")[0..39]
+end
+
+var siteSalt = "...";
+var userSalt = "...";
+var challenge = "...";
+
+function hashed(s) {
+	return sha1Hash(siteSalt + s)
+}
+
+// Challenge-response JS..
+function computeResponse(password, challenge) {
+	hashedPassword = hashed(userSalt + password);
+	
+	hashedChallenge = hashed(challenge + hashedPassword);
+	
+	return hashedChallenge;
+}
+
+function processForm() {
+	currentPassword = $F("password");
+	
+	$F("password") = computeResponse(currentPassword);
+}

data/rails/assets/stylesheets/account_engine.css

@@ -0,0 +1,7 @@
+.granted {
+	background-color: #cfc;
+}
+
+.unassigned {
+	background-color: #fcc;
+}

data/rails/assets/stylesheets/check_password.css

@@ -0,0 +1,10 @@
+#passwordErrorStatus {
+}
+
+#passwordErrorStatus.okay {
+	border: 1px dashed green;
+}
+
+#passwordErrorStatus.error {
+	border: 1px dashed red;
+}

data/rails/assets/stylesheets/simple.css

@@ -0,0 +1,168 @@
+.granted {
+	background-color: #cfc;
+}
+
+.unassigned {
+	background-color: #fcc;
+}
+
+h1 {
+	border-bottom: 3px solid #bbb;
+	text-shadow: 3px 1px #ccc;
+}
+
+form table {
+	/*border-collapse: collapse;*/
+	width: 80%;
+	margin: auto;
+	
+	font-size: 80%;
+	background-color: #eef;
+	
+	padding: 10px;
+	
+	border: 1px solid #779;
+}
+
+form table tr > :first-child {
+	text-align: right;
+	width: 30%;
+}
+
+form table tr.form_errors td {
+	text-align: left;
+}
+
+form table td[colspan="2"] {
+	border-top: 1px solid #666;
+	background-color: #fafaff;
+	padding: 5px;
+}
+
+textarea, input, table.detail_select {
+	padding: 2px;
+	margin: 2px;
+}
+
+textarea {
+	width: 80%;
+	height: 60px;
+}
+
+table.listing {
+	font-size: 75%;
+	
+	border-collapse: collapse;
+	width: 100%;
+	
+	border: 1px solid black;
+}
+
+table.listing td {
+	padding: 5px;
+}
+
+table.listing tbody .description {
+	width: 25%;
+	font-size: 90%;
+}
+
+table.listing thead {
+	font-weight: bold;
+	background: url(/plugin_assets/account_engine/images/table_background.png);
+}
+
+table.listing .when {
+	width: 80px;
+	text-align: center;
+}
+
+table.listing .total, table.listing .subtotal, table.listing .unitprice, table.listing .quantity, table.listing .tax {
+	text-align: right;
+	width: 9%;
+	border-left: 1px dashed #ccc;
+}
+
+table.listing tfoot {
+	background: url(/plugin_assets/account_engine/images/table_background.png);
+}
+
+table.listing tfoot td {
+	text-align: right;
+	font-weight: bold;
+}
+
+table.listing tr .s {
+	cbackground-color: #aac;
+	ccolor: white;
+}
+
+table.detail_select {
+	background-color: white;
+}
+
+.icon {
+	vertical-align: -20%;
+}
+
+img {
+	border: none;
+}
+
+a {
+	color: #00f;
+	text-decoration: none;
+}
+
+a:hover {
+	color: #99f;
+}
+
+#menu {
+	padding: 2px;
+	border: 1px dashed #333;
+	background-color: #abc;
+	padding-left: 10px;
+}
+
+#menu a {
+	font-size: 15px;
+	margin-right: 5px;
+	padding: 2px 6px 2px 6px;
+	
+	color: #22f;
+	text-decoration: none;
+	
+	text-shadow: 2px 2px 2px #666;
+}
+
+#menu a:hover {
+	border-top: 4px solid black;
+	border-bottom: 4px solid black;
+}
+
+#menu a:active {
+	background-color: #cde;
+}
+
+#messages {
+	margin: 10px;
+}
+
+h2 {
+	font-size: 14px;
+	padding: 2px;
+	background-color: #ececec;
+}
+
+.property_list {
+	border: 1px dashed #ccf;
+	padding: 2px;
+	margin: 10px;
+}
+
+.property_list li {
+	display: inline-block;
+	padding: 2px;
+	background-color: #efefef;
+}

data/rails/db/migrate/001_initial_schema.rb

@@ -0,0 +1,49 @@
+class InitialSchema < ActiveRecord::Migration
+  def self.up
+    create_table AccountEngine.users_table do |t|
+      t.column "login", :string, :limit => 80, :default => "", :null => false
+      t.column "salted_password", :string, :limit => 40, :default => ""
+      t.column "salt", :string, :limit => 40, :default => ""
+      t.column "verified", :integer, :default => 0
+      t.column "security_token", :string, :limit => 40
+      t.column "token_expiry", :datetime
+      t.column "created_at", :datetime
+      t.column "updated_at", :datetime
+      t.column "logged_in_at", :datetime
+      t.column "deleted", :integer, :default => 0
+      t.column "email", :string, :limit => 60
+    end
+    
+    create_table AccountEngine.permissions_table, :force => true do |t|
+      t.column "controller", :string, :default => "", :null => false
+      t.column "action", :string, :default => "", :null => false
+      t.column "system", :boolean, :default => false, :null => false
+      t.column "description", :string
+    end
+
+    create_table AccountEngine.permissions_roles_table, :id => false, :force => true do |t|
+      t.column "permission_id", :integer, :default => 0, :null => false
+      t.column "role_id", :integer, :default => 0, :null => false
+    end
+
+    create_table AccountEngine.users_roles_table, :id => false, :force => true do |t|
+      t.column "user_id", :integer, :default => 0, :null => false
+      t.column "role_id", :integer, :default => 0, :null => false
+    end
+
+    create_table AccountEngine.roles_table, :force => true do |t|
+      t.column "name", :string, :default => "", :null => false
+      t.column "description", :string
+      t.column "system", :boolean, :default => false, :null => false
+      t.column "omnipotent", :boolean, :default => false, :null => false
+    end
+  end
+
+  def self.down
+    drop_table AccountEngine.permissions_table
+    drop_table AccountEngine.permissions_roles_table
+    drop_table AccountEngine.users_roles_table
+    drop_table AccountEngine.roles_table
+    drop_table AccountEngine.users_table
+  end
+end

data/rails/init.rb

@@ -0,0 +1,21 @@
+#  Copyright (c) 2006 Sammi Williams <sammi@oriontransfer.co.nz>
+#  
+#  The GNU General Public License (GPL)
+#  Version 2, June 1991
+#  
+#  This program is free software; you can redistribute it and/or modify
+#  it under the terms of the GNU General Public License as published by
+#  the Free Software Foundation; either version 2 of the License, or
+#  (at your option) any later version.
+#  
+#  This program is distributed in the hope that it will be useful,
+#  but WITHOUT ANY WARRANTY; without even the implied warranty of
+#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#  GNU General Public License for more details.
+#  
+#  You should have received a copy of the GNU General Public License
+#  along with this program; if not, write to the Free Software
+#  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+
+# load up all the required files we need...
+require 'account_engine'

data/rails/routes.rb

@@ -0,0 +1,5 @@
+
+resource :account, :controller => "account", :collection => { :login => :get, :logout => :get, :home => :get }
+resources :permissions, :collection => { :resync => :get }
+resources :roles, :member => { :add_permission => :post, :remove_permission => :post }
+resources :users