ixtlan-generators 0.1.1 → 0.1.2

data/README.md

@@ -0,0 +1,64 @@
+# Ixtlan #
+
+this gem adds more security related headers to the response for a rails3 application. mainly inspired by
+[google-gets-a-1-for-browser-security](http://www.barracudalabs.com/wordpress/index.php/2011/07/21/google-gets-a-1-for-browser-security-3/)
+and
+[HttpCaching](http://code.google.com/p/doctype/wiki/ArticleHttpCaching).
+and
+[Clickjacking](http://www.owasp.org/index.php/Clickjacking)
+
+the extra headers are
+
+* x-frame headers
+* x-content-type headers
+* x-xss-protection headers
+* caching headers
+
+the main idea is to set the default as strict as possible and the application might relax the setup here and there.
+
+## rails configuration ##
+
+in _config/application.rb_ or in one of the _config/environments/*rb_ files or in an initializer. all three x-headers can be configured here, for example
+
+    config.x_content_type_headers = :nosniff
+
+## controller configuration ##
+
+just add in your controller something like
+
+    x_xss_protection :block
+    
+## option for each *render*, *send\_file*, *send\_data* methods
+
+an example for an inline render
+
+    render :inline => 'behappy', :x_frame_headers => :deny
+    
+## possible values ##
+
+* x\_frame\_headers : `:deny, :sameorigin, :off` default `:deny`
+
+* x\_content\_type\_headers : `:nosniff, :off` default `:nosniff`
+
+* x\_xss\_protection\_headers : `:block, :disabled, :off` default `:block`
+
+## cache headers
+
+the cache headers needs to have a **current\_user**, i.e. the current\_user method of the controller needs to return a non-nil value. further the the method needs to `:get` and the response status an "ok" status,
+
+then you can use the controller configuration or the options with *render*, *send\_file* and *send\_data*.
+
+## possible values ##
+
+* `:private` : which tells not to cache or store any data except the browser memory: [no caching](http://code.google.com/p/doctype/wiki/ArticleHttpCaching#No_caching)
+
+* `:protected` : no caching but the browser: [Only the end user's browser is allowed to cache](http://code.google.com/p/doctype/wiki/ArticleHttpCaching#Only_the_end_user%27s_browser_is_allowed_to_cache)
+
+* `:public` : caching is allowed: [Both browser and proxy allowed to cache](http://code.google.com/p/doctype/wiki/ArticleHttpCaching#Both_browser_and_proxy_allowed_to_cache)
+
+* `:my_headers` : custom header method like 
+
+>     def my_headers
+        no_store = false
+        no_caching(no_store)
+      end

data/features/generators.feature

@@ -0,0 +1,6 @@
+Feature: Generators for Ixtlan
+
+  Scenario: Create a rails application and adding 'ixtlan-generators' gem will provide the ixtlan generators
+    Given I create new rails application with template "generators.template"
+    And I execute "rails generate"
+    Then the output should contain "ixtlan:setup" and "ixtlan:configuration_model" and "ixtlan:configuration_scaffold"

data/features/step_definitions/simple_steps.rb

@@ -0,0 +1 @@
+require 'maven/cucumber_steps'

data/lib/generators/ixtlan/base.rb~

@@ -0,0 +1,44 @@
+require 'rails/generators/named_base'
+module Ixtlan
+  module Generators
+    class Base < Rails::Generators::Base
+
+      argument :name, :type => :string, :required => false
+
+      protected
+      def generator_name
+        raise "please overwrite generator_name"
+      end
+
+      public
+      def create
+        args = []
+        if name
+          args << ARGV.shift
+        else
+          args << "configuration"
+        end
+
+        if defined? ::Ixtlan::Errors
+          args << "errors_dir:string"
+          args << "errors_from:string"
+          args << "errors_to:string"
+        end
+
+        if defined? ::Ixtlan::Sessions
+          args << "idle_session_timeout:integer"
+        end
+
+        if defined? ::Ixtlan::Audit
+          args << "audit_keep_log:integer"
+        end
+        
+        args << "--singleton"
+
+        args += ARGV[0, 10000] || []
+
+        generate generator_name, *args
+      end
+    end
+  end
+end

data/lib/generators/ixtlan/base_configuration.rb~

@@ -0,0 +1,40 @@
+require 'rails/generators/named_base'
+module Ixtlan
+  class ConfigurationModelGenerator < Rails::Generators::Base
+
+    source_root File.expand_path('../../templates', __FILE__)
+
+    argument :name, :type => :string, :required => false
+
+    def create
+      args = []
+      if name
+        args << ARGV.shift
+      else
+        args << "configuration"
+      end
+
+      if defined? Ixtlan::Errors
+        args << "errors_dir:string"
+        args << "errors_from:string"
+        args << "errors_to:string"
+      end
+
+      if defined? Ixtlan::Sessions
+        args << "idle_session_timeout:integer"
+      end
+
+      if defined? Ixtlan::Audit
+        args << "audit_keep_log:integer"
+      end
+
+      args += ARGV[0, 10000] || []
+
+      generate "model", *args
+
+      log "\n"
+      log "please make sure '#{args[0]}' becomes a singleton resource"
+      log "\n"
+    end
+  end
+end

data/lib/generators/ixtlan/configuration_base.rb~

@@ -0,0 +1,44 @@
+require 'rails/generators/named_base'
+module Ixtlan
+  class ConfigurationBase < Rails::Generators::Base
+
+    argument :name, :type => :string, :required => false
+
+    protected
+    def generator_name
+      raise "please overwrite generator_name"
+    end
+
+    public
+    def create
+      args = []
+      if name
+        args << ARGV.shift
+      else
+        args << "configuration"
+      end
+
+      if defined? ::Ixtlan::Errors
+        args << "errors_dir:string"
+        args << "errors_from:string"
+        args << "errors_to:string"
+      end
+
+      if defined? ::Ixtlan::Sessions
+        args << "idle_session_timeout:integer"
+      end
+
+      if defined? ::Ixtlan::Audit
+        args << "audit_keep_log:integer"
+      end
+
+      args += ARGV[0, 10000] || []
+
+      generate generator_name, *args
+
+      log "\n"
+      log "please make sure '#{args[0]}' becomes a singleton resource"
+      log "\n"
+    end
+  end
+end

data/lib/generators/ixtlan/configuration_model/configuration_generator.rb~

@@ -0,0 +1,40 @@
+require 'rails/generators/named_base'
+module Ixtlan
+  class ConfigurationGenerator < Rails::Generators::Base
+
+    source_root File.expand_path('../../templates', __FILE__)
+
+    argument :name, :type => :string, :required => false
+
+    def create
+      args = []
+      if name
+        args << ARGV.shift
+      else
+        args << "configuration"
+      end
+
+      if defined? Ixtlan::Errors
+        args << "errors_dir:string"
+        args << "errors_from:string"
+        args << "errors_to:string"
+      end
+
+      if defined? Ixtlan::Sessions
+        args << "idle_session_timeout:integer"
+      end
+
+      if defined? Ixtlan::Audit
+        args << "audit_keep_log:integer"
+      end
+
+      args += ARGV[0, 10000] || []
+
+      generate "scaffold", *args
+
+      log "\n"
+      log "please make sure '#{args[0]}' becomes a singleton resource"
+      log "\n"
+    end
+  end
+end

data/lib/generators/ixtlan/configuration_model/configuration_model_generator.rb~

@@ -0,0 +1,10 @@
+require 'generators/ixtlan/configuration_base'
+module Ixtlan
+  class ConfigurationModelGenerator < ConfigurationBase
+
+    protected
+    def generator_name
+      "model"
+    end
+  end
+end

data/lib/generators/ixtlan/configuration_model/setup_controller.rb~

@@ -0,0 +1,5 @@
+module Ixtlan
+  class SetupGenerator < Rails::Generators::NamedBase
+
+  end
+end

data/lib/generators/ixtlan/configuration_model/setup_generator.rb~

@@ -0,0 +1,15 @@
+require 'rails/generators/named_base'
+module Ixtlan
+  class SetupGenerator < Rails::Generators::NamedBase
+
+
+    def create_preinitializer_file
+      template 'preinitializer.rb', File.join('config', "preinitializer.rb")
+    end
+
+    def create_initializer_file
+      template 'initializer.rb', File.join('config', "initializers", "ixtlan.rb")
+    end
+
+  end
+end

data/lib/generators/ixtlan/configuration_scaffold/configuration_generator.rb~

@@ -0,0 +1,40 @@
+require 'rails/generators/named_base'
+module Ixtlan
+  class ConfigurationGenerator < Rails::Generators::Base
+
+    source_root File.expand_path('../../templates', __FILE__)
+
+    argument :name, :type => :string, :required => false
+
+    def create
+      args = []
+      if name
+        args << ARGV.shift
+      else
+        args << "configuration"
+      end
+
+      if defined? Ixtlan::Errors
+        args << "errors_dir:string"
+        args << "errors_from:string"
+        args << "errors_to:string"
+      end
+
+      if defined? Ixtlan::Sessions
+        args << "idle_session_timeout:integer"
+      end
+
+      if defined? Ixtlan::Audit
+        args << "audit_keep_log:integer"
+      end
+
+      args += ARGV[0, 10000] || []
+
+      generate "scaffold", *args
+
+      log "\n"
+      log "please make sure '#{args[0]}' becomes a singleton resource"
+      log "\n"
+    end
+  end
+end

data/lib/generators/ixtlan/configuration_scaffold/configuration_model_generator.rb~

@@ -0,0 +1,40 @@
+require 'rails/generators/named_base'
+module Ixtlan
+  class ConfigurationModelGenerator < Rails::Generators::Base
+
+    source_root File.expand_path('../../templates', __FILE__)
+
+    argument :name, :type => :string, :required => false
+
+    def create
+      args = []
+      if name
+        args << ARGV.shift
+      else
+        args << "configuration"
+      end
+
+      if defined? Ixtlan::Errors
+        args << "errors_dir:string"
+        args << "errors_from:string"
+        args << "errors_to:string"
+      end
+
+      if defined? Ixtlan::Sessions
+        args << "idle_session_timeout:integer"
+      end
+
+      if defined? Ixtlan::Audit
+        args << "audit_keep_log:integer"
+      end
+
+      args += ARGV[0, 10000] || []
+
+      generate "model", *args
+
+      log "\n"
+      log "please make sure '#{args[0]}' becomes a singleton resource"
+      log "\n"
+    end
+  end
+end

data/lib/generators/ixtlan/configuration_scaffold/configuration_scaffold_generator.rb~

@@ -0,0 +1,13 @@
+require 'generators/ixtlan/configuration_base'
+module Ixtlan
+  class ConfigurationModelGenerator < ConfigurationBase
+
+    protected
+    def generator_name
+      "scaffold"
+    end
+
+    public
+
+  end
+end

data/lib/generators/ixtlan/configuration_scaffold/setup_controller.rb~

@@ -0,0 +1,5 @@
+module Ixtlan
+  class SetupGenerator < Rails::Generators::NamedBase
+
+  end
+end

data/lib/generators/ixtlan/configuration_scaffold/setup_generator.rb~

@@ -0,0 +1,15 @@
+require 'rails/generators/named_base'
+module Ixtlan
+  class SetupGenerator < Rails::Generators::NamedBase
+
+
+    def create_preinitializer_file
+      template 'preinitializer.rb', File.join('config', "preinitializer.rb")
+    end
+
+    def create_initializer_file
+      template 'initializer.rb', File.join('config', "initializers", "ixtlan.rb")
+    end
+
+  end
+end

data/lib/generators/ixtlan/setup/setup_controller.rb~

@@ -0,0 +1,5 @@
+module Ixtlan
+  class SetupGenerator < Rails::Generators::NamedBase
+
+  end
+end

data/lib/generators/ixtlan/setup/setup_generator.rb~

@@ -0,0 +1,25 @@
+require 'rails/generators/base'
+module Ixtlan
+  module Generators
+    class SetupGenerator < Rails::Generators::Base
+
+      def create_preinitializer_files
+        template 'preinitializer.rb', File.join('config', "preinitializer.rb")
+        template 'gitignore', File.join('config', ".gitignore")
+        template 'production.yml.example', File.join('config', "production.yml.example")
+        template 'database.yml.example', File.join('config', "database.yml.example")
+      end
+      
+      def create_initializer_file
+        template 'initializer.rb', File.join('config', "initializers", "ixtlan.rb")
+      end
+      
+      def create_application_layout_file
+        if defined? Ixtlan::Sessions
+          layout = File.join('app', 'views', 'layouts', 'application.html.erb')
+          template 'application_layout.html.erb', layout
+        end
+      end
+    end
+  end
+end

data/lib/generators/ixtlan/setup/templates/error.html.erb~

@@ -0,0 +1 @@
+<h1><%= @notice %></h1>

data/lib/generators/ixtlan/setup/templates/error_with_session.html.erb~

@@ -0,0 +1 @@
+<h1><%= @notice %></h1>

data/lib/generators/ixtlan/setup/templates/initializer.rb~

@@ -0,0 +1,54 @@
+# dynamic configuration through a Configuration singleton model
+
+# configuration model
+# -------------------
+# CONFIGURATION = Configuration
+# config.configuration_model = CONFIGURATION
+<% if defined? DataMapper -%>
+# config_instance = CONFIGURATION.get(1) || CONFIGURATION.new
+<% else -%>
+# config_instance = CONFIGURATION.find(1) || CONFIGURATION.new
+<%end -%>
+
+# notification email on errors and dump directory for the system dump
+# -------------------------------------------------------------------
+# config_instance.register("error_dumper") do |config|
+#   Rails.configuration.error_dumper.errors_dir = config.errors_dir
+#   Rails.configuration.error_dumper.notifications = config.errors_from, config.errors_to
+# end
+
+# idle session timeout configuration (in minutes)
+# -----------------------------------------------
+# config_instance.register("idle_session_timeout") do |config|
+#   Rails.configuration.idle_session_timeout = config.idle_session_timeout
+# end
+
+# audit log manager
+# -----------------
+
+# config.audit_manager.model = MyAudit # default: Audit
+# config.audit_manager.username_method = :username # default: :login
+
+# config_instance.register("audit_manager") do |config|
+#   Rails.configuration.audit_manager.keep_log = config.keep_log # days
+# end
+
+# --------------------
+# static configuration
+# --------------------
+
+# error dumper
+# ------------
+# notification email on errors and dump directory for the system dump
+# config.error_dumper.errors_dir = Rails.root + "/errors" # default: logs/errors
+# config.error_dumper.notifications = "no-reply@example.com", "developer1@example.com,developer2@example.com" # default: none - i.e. no email notifications
+
+# idle session timeout configuration
+# ----------------------------------
+# config.idle_session_timeout = 30 #minutes
+
+# audit log manager
+# -----------------
+# config.audit_manager.model = MyAudit # default: Audit
+# config.audit_manager.username_method = :username # default: :login
+# config.audit_manager.keep_log = 30 # days

data/lib/generators/model/model_generator.rb~

@@ -0,0 +1,12 @@
+module RRails
+  module Generators
+    class ModelGenerator < NamedBase #metagenerator
+      argument :attributes, :type => :array, :default => [], :banner => "field:type field:type"
+      hook_for :orm, :required => true
+
+      if defined? Resty
+        hook_for :resty, :type => :boolean, :default => true
+      end
+    end
+  end
+end

data/lib/generators/rails/active_record/active_record_generator.rb

@@ -1,40 +1,48 @@
-require 'rails/generators/active_record'
-
-module ActiveRecord
-  module Generators
-    class ModelGenerator < Base
-      include ::Ixtlan::Generators::Singleton
-
-      argument :attributes, :type => :array, :default => [], :banner => "field:type field:type"
-
-      check_class_collision
-
-      class_option :migration,  :type => :boolean
-      class_option :timestamps, :type => :boolean
-      class_option :parent,     :type => :string, :desc => "The parent class for the generated model"
-
-      def create_migration_file
-        return unless options[:migration] && options[:parent].nil?
-        migration_template "migration.rb", "db/migrate/create_#{table_name}.rb"
-      end
-
-      def create_model_file
-        template 'model.rb', File.join('app/models', class_path, "#{file_name}.rb")
-      end
-
-      def create_module_file
-        return if class_path.empty?
-        template 'module.rb', File.join('app/models', "#{class_path.join('/')}.rb") if behavior == :invoke
-      end
-
-      hook_for :test_framework
-
-      protected
-
+# just definde the class if it comes from the rails model generator
+if defined?(Rails::Generators::ModelGenerator) && defined?(ActiveRecord)
+  require 'rails/generators/active_record/model/model_generator'
+
+  module ActiveRecord
+    module Generators
+      class ModelGenerator < Base
+        include ::Ixtlan::Generators::Singleton
+        
+        argument :attributes, :type => :array, :default => [], :banner => "field:type field:type"
+        
+        check_class_collision
+        
+        class_option :migration,   :type => :boolean
+        class_option :timestamps,  :type => :boolean
+        class_option :modified_by, :type => :boolean, :default => false
+        class_option :singleton,   :type => :boolean, :default => false
+        class_option :parent,      :type => :string, :desc => "The parent class for the generated model"
+        
+        def create_migration_file
+          return unless options[:migration] && options[:parent].nil?
+          migration_template "migration.rb", "db/migrate/create_#{table_name}.rb"
+        end
+        
+        def create_model_file
+          template 'model.rb', File.join('app/models', class_path, "#{file_name}.rb")
+        end
+        
+        def create_module_file
+          return if class_path.empty?
+          template 'module.rb', File.join('app/models', "#{class_path.join('/')}.rb") if behavior == :invoke
+        end
+        
+        hook_for :test_framework
+        
+        protected
+        
         def parent_class_name
           options[:parent] || "ActiveRecord::Base"
         end
-
+        
+      end
     end
   end
+  
+else
+  raise LoadError.new "ignore this file #{__FILE__.sub(/.rb$/, '')}"
 end

data/lib/generators/rails/active_record/active_record_generator.rb~

@@ -0,0 +1,43 @@
+if defined? ActiveRecord && !defined? Rake
+require 'rails/generators/active_record'
+
+module ActiveRecord
+  module Generators
+    class ModelGenerator < Base
+      include ::Ixtlan::Generators::Singleton
+
+      argument :attributes, :type => :array, :default => [], :banner => "field:type field:type"
+
+      check_class_collision
+
+      class_option :migration,  :type => :boolean
+      class_option :timestamps, :type => :boolean
+      class_option :parent,     :type => :string, :desc => "The parent class for the generated model"
+
+      def create_migration_file
+        return unless options[:migration] && options[:parent].nil?
+        migration_template "migration.rb", "db/migrate/create_#{table_name}.rb"
+      end
+
+      def create_model_file
+        template 'model.rb', File.join('app/models', class_path, "#{file_name}.rb")
+      end
+
+      def create_module_file
+        return if class_path.empty?
+        template 'module.rb', File.join('app/models', "#{class_path.join('/')}.rb") if behavior == :invoke
+      end
+
+      hook_for :test_framework
+
+      protected
+
+        def parent_class_name
+          options[:parent] || "ActiveRecord::Base"
+        end
+
+    end
+  end
+end
+
+end