RubyGems - ixtlan-generators - Versions diffs - 0.1.1 → 0.1.2 - Mend

ixtlan-generators 0.1.1 → 0.1.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (41) hide show

data/README.md ADDED Viewed

@@ -0,0 +1,64 @@
+# Ixtlan #
+this gem adds more security related headers to the response for a rails3 application. mainly inspired by
+[google-gets-a-1-for-browser-security](http://www.barracudalabs.com/wordpress/index.php/2011/07/21/google-gets-a-1-for-browser-security-3/)
+and
+[HttpCaching](http://code.google.com/p/doctype/wiki/ArticleHttpCaching).
+and
+[Clickjacking](http://www.owasp.org/index.php/Clickjacking)
+the extra headers are
+* x-frame headers
+* x-content-type headers
+* x-xss-protection headers
+* caching headers
+the main idea is to set the default as strict as possible and the application might relax the setup here and there.
+## rails configuration ##
+in _config/application.rb_ or in one of the _config/environments/*rb_ files or in an initializer. all three x-headers can be configured here, for example
+    config.x_content_type_headers = :nosniff
+## controller configuration ##
+just add in your controller something like
+    x_xss_protection :block
+## option for each *render*, *send\_file*, *send\_data* methods
+an example for an inline render
+    render :inline => 'behappy', :x_frame_headers => :deny
+## possible values ##
+* x\_frame\_headers : `:deny, :sameorigin, :off` default `:deny`
+* x\_content\_type\_headers : `:nosniff, :off` default `:nosniff`
+* x\_xss\_protection\_headers : `:block, :disabled, :off` default `:block`
+## cache headers
+the cache headers needs to have a **current\_user**, i.e. the current\_user method of the controller needs to return a non-nil value. further the the method needs to `:get` and the response status an "ok" status,
+then you can use the controller configuration or the options with *render*, *send\_file* and *send\_data*.
+## possible values ##
+* `:private` : which tells not to cache or store any data except the browser memory: [no caching](http://code.google.com/p/doctype/wiki/ArticleHttpCaching#No_caching)
+* `:protected` : no caching but the browser: [Only the end user's browser is allowed to cache](http://code.google.com/p/doctype/wiki/ArticleHttpCaching#Only_the_end_user%27s_browser_is_allowed_to_cache)
+* `:public` : caching is allowed: [Both browser and proxy allowed to cache](http://code.google.com/p/doctype/wiki/ArticleHttpCaching#Both_browser_and_proxy_allowed_to_cache)
+* `:my_headers` : custom header method like
+>     def my_headers
+        no_store = false
+        no_caching(no_store)
+      end

data/features/generators.feature ADDED Viewed

@@ -0,0 +1,6 @@
+Feature: Generators for Ixtlan
+  Scenario: Create a rails application and adding 'ixtlan-generators' gem will provide the ixtlan generators
+    Given I create new rails application with template "generators.template"
+    And I execute "rails generate"
+    Then the output should contain "ixtlan:setup" and "ixtlan:configuration_model" and "ixtlan:configuration_scaffold"

data/features/step_definitions/simple_steps.rb ADDED Viewed

	@@ -0,0 +1 @@
1	+ require 'maven/cucumber_steps'

data/lib/generators/ixtlan/base.rb~ ADDED Viewed

@@ -0,0 +1,44 @@
+require 'rails/generators/named_base'
+module Ixtlan
+  module Generators
+    class Base < Rails::Generators::Base
+      argument :name, :type => :string, :required => false
+      protected
+      def generator_name
+        raise "please overwrite generator_name"
+      end
+      public
+      def create
+        args = []
+        if name
+          args << ARGV.shift
+        else
+          args << "configuration"
+        end
+        if defined? ::Ixtlan::Errors
+          args << "errors_dir:string"
+          args << "errors_from:string"
+          args << "errors_to:string"
+        end
+        if defined? ::Ixtlan::Sessions
+          args << "idle_session_timeout:integer"
+        end
+        if defined? ::Ixtlan::Audit
+          args << "audit_keep_log:integer"
+        end
+        args << "--singleton"
+        args += ARGV[0, 10000] || []
+        generate generator_name, *args
+      end
+    end
+  end
+end

data/lib/generators/ixtlan/base_configuration.rb~ ADDED Viewed

@@ -0,0 +1,40 @@
+require 'rails/generators/named_base'
+module Ixtlan
+  class ConfigurationModelGenerator < Rails::Generators::Base
+    source_root File.expand_path('../../templates', __FILE__)
+    argument :name, :type => :string, :required => false
+    def create
+      args = []
+      if name
+        args << ARGV.shift
+      else
+        args << "configuration"
+      end
+      if defined? Ixtlan::Errors
+        args << "errors_dir:string"
+        args << "errors_from:string"
+        args << "errors_to:string"
+      end
+      if defined? Ixtlan::Sessions
+        args << "idle_session_timeout:integer"
+      end
+      if defined? Ixtlan::Audit
+        args << "audit_keep_log:integer"
+      end
+      args += ARGV[0, 10000] || []
+      generate "model", *args
+      log "\n"
+      log "please make sure '#{args[0]}' becomes a singleton resource"
+      log "\n"
+    end
+  end
+end

data/lib/generators/ixtlan/configuration_base.rb~ ADDED Viewed

@@ -0,0 +1,44 @@
+require 'rails/generators/named_base'
+module Ixtlan
+  class ConfigurationBase < Rails::Generators::Base
+    argument :name, :type => :string, :required => false
+    protected
+    def generator_name
+      raise "please overwrite generator_name"
+    end
+    public
+    def create
+      args = []
+      if name
+        args << ARGV.shift
+      else
+        args << "configuration"
+      end
+      if defined? ::Ixtlan::Errors
+        args << "errors_dir:string"
+        args << "errors_from:string"
+        args << "errors_to:string"
+      end
+      if defined? ::Ixtlan::Sessions
+        args << "idle_session_timeout:integer"
+      end
+      if defined? ::Ixtlan::Audit
+        args << "audit_keep_log:integer"
+      end
+      args += ARGV[0, 10000] || []
+      generate generator_name, *args
+      log "\n"
+      log "please make sure '#{args[0]}' becomes a singleton resource"
+      log "\n"
+    end
+  end
+end

data/lib/generators/ixtlan/configuration_model/configuration_generator.rb~ ADDED Viewed

@@ -0,0 +1,40 @@
+require 'rails/generators/named_base'
+module Ixtlan
+  class ConfigurationGenerator < Rails::Generators::Base
+    source_root File.expand_path('../../templates', __FILE__)
+    argument :name, :type => :string, :required => false
+    def create
+      args = []
+      if name
+        args << ARGV.shift
+      else
+        args << "configuration"
+      end
+      if defined? Ixtlan::Errors
+        args << "errors_dir:string"
+        args << "errors_from:string"
+        args << "errors_to:string"
+      end
+      if defined? Ixtlan::Sessions
+        args << "idle_session_timeout:integer"
+      end
+      if defined? Ixtlan::Audit
+        args << "audit_keep_log:integer"
+      end
+      args += ARGV[0, 10000] || []
+      generate "scaffold", *args
+      log "\n"
+      log "please make sure '#{args[0]}' becomes a singleton resource"
+      log "\n"
+    end
+  end
+end

data/lib/generators/ixtlan/configuration_model/configuration_model_generator.rb~ ADDED Viewed

@@ -0,0 +1,10 @@
+require 'generators/ixtlan/configuration_base'
+module Ixtlan
+  class ConfigurationModelGenerator < ConfigurationBase
+    protected
+    def generator_name
+      "model"
+    end
+  end
+end

data/lib/generators/ixtlan/configuration_model/setup_controller.rb~ ADDED Viewed

@@ -0,0 +1,5 @@
+module Ixtlan
+  class SetupGenerator < Rails::Generators::NamedBase
+  end
+end

data/lib/generators/ixtlan/configuration_model/setup_generator.rb~ ADDED Viewed

@@ -0,0 +1,15 @@
+require 'rails/generators/named_base'
+module Ixtlan
+  class SetupGenerator < Rails::Generators::NamedBase
+    def create_preinitializer_file
+      template 'preinitializer.rb', File.join('config', "preinitializer.rb")
+    end
+    def create_initializer_file
+      template 'initializer.rb', File.join('config', "initializers", "ixtlan.rb")
+    end
+  end
+end

data/lib/generators/ixtlan/configuration_scaffold/configuration_generator.rb~ ADDED Viewed

@@ -0,0 +1,40 @@
+require 'rails/generators/named_base'
+module Ixtlan
+  class ConfigurationGenerator < Rails::Generators::Base
+    source_root File.expand_path('../../templates', __FILE__)
+    argument :name, :type => :string, :required => false
+    def create
+      args = []
+      if name
+        args << ARGV.shift
+      else
+        args << "configuration"
+      end
+      if defined? Ixtlan::Errors
+        args << "errors_dir:string"
+        args << "errors_from:string"
+        args << "errors_to:string"
+      end
+      if defined? Ixtlan::Sessions
+        args << "idle_session_timeout:integer"
+      end
+      if defined? Ixtlan::Audit
+        args << "audit_keep_log:integer"
+      end
+      args += ARGV[0, 10000] || []
+      generate "scaffold", *args
+      log "\n"
+      log "please make sure '#{args[0]}' becomes a singleton resource"
+      log "\n"
+    end
+  end
+end

data/lib/generators/ixtlan/configuration_scaffold/configuration_model_generator.rb~ ADDED Viewed

@@ -0,0 +1,40 @@
+require 'rails/generators/named_base'
+module Ixtlan
+  class ConfigurationModelGenerator < Rails::Generators::Base
+    source_root File.expand_path('../../templates', __FILE__)
+    argument :name, :type => :string, :required => false
+    def create
+      args = []
+      if name
+        args << ARGV.shift
+      else
+        args << "configuration"
+      end
+      if defined? Ixtlan::Errors
+        args << "errors_dir:string"
+        args << "errors_from:string"
+        args << "errors_to:string"
+      end
+      if defined? Ixtlan::Sessions
+        args << "idle_session_timeout:integer"
+      end
+      if defined? Ixtlan::Audit
+        args << "audit_keep_log:integer"
+      end
+      args += ARGV[0, 10000] || []
+      generate "model", *args
+      log "\n"
+      log "please make sure '#{args[0]}' becomes a singleton resource"
+      log "\n"
+    end
+  end
+end

data/lib/generators/ixtlan/configuration_scaffold/configuration_scaffold_generator.rb~ ADDED Viewed

@@ -0,0 +1,13 @@
+require 'generators/ixtlan/configuration_base'
+module Ixtlan
+  class ConfigurationModelGenerator < ConfigurationBase
+    protected
+    def generator_name
+      "scaffold"
+    end
+    public
+  end
+end

data/lib/generators/ixtlan/configuration_scaffold/setup_controller.rb~ ADDED Viewed

@@ -0,0 +1,5 @@
+module Ixtlan
+  class SetupGenerator < Rails::Generators::NamedBase
+  end
+end

data/lib/generators/ixtlan/configuration_scaffold/setup_generator.rb~ ADDED Viewed

@@ -0,0 +1,15 @@
+require 'rails/generators/named_base'
+module Ixtlan
+  class SetupGenerator < Rails::Generators::NamedBase
+    def create_preinitializer_file
+      template 'preinitializer.rb', File.join('config', "preinitializer.rb")
+    end
+    def create_initializer_file
+      template 'initializer.rb', File.join('config', "initializers", "ixtlan.rb")
+    end
+  end
+end

data/lib/generators/ixtlan/setup/setup_controller.rb~ ADDED Viewed

@@ -0,0 +1,5 @@
+module Ixtlan
+  class SetupGenerator < Rails::Generators::NamedBase
+  end
+end

data/lib/generators/ixtlan/setup/setup_generator.rb~ ADDED Viewed

@@ -0,0 +1,25 @@
+require 'rails/generators/base'
+module Ixtlan
+  module Generators
+    class SetupGenerator < Rails::Generators::Base
+      def create_preinitializer_files
+        template 'preinitializer.rb', File.join('config', "preinitializer.rb")
+        template 'gitignore', File.join('config', ".gitignore")
+        template 'production.yml.example', File.join('config', "production.yml.example")
+        template 'database.yml.example', File.join('config', "database.yml.example")
+      end
+      def create_initializer_file
+        template 'initializer.rb', File.join('config', "initializers", "ixtlan.rb")
+      end
+      def create_application_layout_file
+        if defined? Ixtlan::Sessions
+          layout = File.join('app', 'views', 'layouts', 'application.html.erb')
+          template 'application_layout.html.erb', layout
+        end
+      end
+    end
+  end
+end

data/lib/generators/ixtlan/setup/templates/error.html.erb~ ADDED Viewed

	@@ -0,0 +1 @@
1	+ <h1><%= @notice %></h1>

data/lib/generators/ixtlan/setup/templates/error_with_session.html.erb~ ADDED Viewed

	@@ -0,0 +1 @@
1	+ <h1><%= @notice %></h1>

data/lib/generators/ixtlan/setup/templates/initializer.rb~ ADDED Viewed

@@ -0,0 +1,54 @@
+# dynamic configuration through a Configuration singleton model
+# configuration model
+# -------------------
+# CONFIGURATION = Configuration
+# config.configuration_model = CONFIGURATION
+<% if defined? DataMapper -%>
+# config_instance = CONFIGURATION.get(1) || CONFIGURATION.new
+<% else -%>
+# config_instance = CONFIGURATION.find(1) || CONFIGURATION.new
+<%end -%>
+# notification email on errors and dump directory for the system dump
+# -------------------------------------------------------------------
+# config_instance.register("error_dumper") do |config|
+#   Rails.configuration.error_dumper.errors_dir = config.errors_dir
+#   Rails.configuration.error_dumper.notifications = config.errors_from, config.errors_to
+# end
+# idle session timeout configuration (in minutes)
+# -----------------------------------------------
+# config_instance.register("idle_session_timeout") do |config|
+#   Rails.configuration.idle_session_timeout = config.idle_session_timeout
+# end
+# audit log manager
+# -----------------
+# config.audit_manager.model = MyAudit # default: Audit
+# config.audit_manager.username_method = :username # default: :login
+# config_instance.register("audit_manager") do |config|
+#   Rails.configuration.audit_manager.keep_log = config.keep_log # days
+# end
+# --------------------
+# static configuration
+# --------------------
+# error dumper
+# ------------
+# notification email on errors and dump directory for the system dump
+# config.error_dumper.errors_dir = Rails.root + "/errors" # default: logs/errors
+# config.error_dumper.notifications = "no-reply@example.com", "developer1@example.com,developer2@example.com" # default: none - i.e. no email notifications
+# idle session timeout configuration
+# ----------------------------------
+# config.idle_session_timeout = 30 #minutes
+# audit log manager
+# -----------------
+# config.audit_manager.model = MyAudit # default: Audit
+# config.audit_manager.username_method = :username # default: :login
+# config.audit_manager.keep_log = 30 # days

data/lib/generators/model/model_generator.rb~ ADDED Viewed

@@ -0,0 +1,12 @@
+module RRails
+  module Generators
+    class ModelGenerator < NamedBase #metagenerator
+      argument :attributes, :type => :array, :default => [], :banner => "field:type field:type"
+      hook_for :orm, :required => true
+      if defined? Resty
+        hook_for :resty, :type => :boolean, :default => true
+      end
+    end
+  end
+end

data/lib/generators/rails/active_record/active_record_generator.rb CHANGED Viewed

@@ -1,40 +1,48 @@
-require 'rails/generators/active_record'
-module ActiveRecord
-  module Generators
-    class ModelGenerator < Base
-      include ::Ixtlan::Generators::Singleton
-      argument :attributes, :type => :array, :default => [], :banner => "field:type field:type"
-      check_class_collision
-      class_option :migration,  :type => :boolean
-      class_option :timestamps, :type => :boolean
-      class_option :parent,     :type => :string, :desc => "The parent class for the generated model"
-      def create_migration_file
-        return unless options[:migration] && options[:parent].nil?
-        migration_template "migration.rb", "db/migrate/create_#{table_name}.rb"
-      end
-      def create_model_file
-        template 'model.rb', File.join('app/models', class_path, "#{file_name}.rb")
-      end
-      def create_module_file
-        return if class_path.empty?
-        template 'module.rb', File.join('app/models', "#{class_path.join('/')}.rb") if behavior == :invoke
-      end
-      hook_for :test_framework
-      protected
+# just definde the class if it comes from the rails model generator
+if defined?(Rails::Generators::ModelGenerator) && defined?(ActiveRecord)
+  require 'rails/generators/active_record/model/model_generator'
+  module ActiveRecord
+    module Generators
+      class ModelGenerator < Base
+        include ::Ixtlan::Generators::Singleton
+        argument :attributes, :type => :array, :default => [], :banner => "field:type field:type"
+        check_class_collision
+        class_option :migration,   :type => :boolean
+        class_option :timestamps,  :type => :boolean
+        class_option :modified_by, :type => :boolean, :default => false
+        class_option :singleton,   :type => :boolean, :default => false
+        class_option :parent,      :type => :string, :desc => "The parent class for the generated model"
+        def create_migration_file
+          return unless options[:migration] && options[:parent].nil?
+          migration_template "migration.rb", "db/migrate/create_#{table_name}.rb"
+        end
+        def create_model_file
+          template 'model.rb', File.join('app/models', class_path, "#{file_name}.rb")
+        end
+        def create_module_file
+          return if class_path.empty?
+          template 'module.rb', File.join('app/models', "#{class_path.join('/')}.rb") if behavior == :invoke
+        end
+        hook_for :test_framework
+        protected
         def parent_class_name
           options[:parent] || "ActiveRecord::Base"
         end
+      end
     end
   end
+else
+  raise LoadError.new "ignore this file #{__FILE__.sub(/.rb$/, '')}"
 end

data/lib/generators/rails/active_record/active_record_generator.rb~ ADDED Viewed

@@ -0,0 +1,43 @@
+if defined? ActiveRecord && !defined? Rake
+require 'rails/generators/active_record'
+module ActiveRecord
+  module Generators
+    class ModelGenerator < Base
+      include ::Ixtlan::Generators::Singleton
+      argument :attributes, :type => :array, :default => [], :banner => "field:type field:type"
+      check_class_collision
+      class_option :migration,  :type => :boolean
+      class_option :timestamps, :type => :boolean
+      class_option :parent,     :type => :string, :desc => "The parent class for the generated model"
+      def create_migration_file
+        return unless options[:migration] && options[:parent].nil?
+        migration_template "migration.rb", "db/migrate/create_#{table_name}.rb"
+      end
+      def create_model_file
+        template 'model.rb', File.join('app/models', class_path, "#{file_name}.rb")
+      end
+      def create_module_file
+        return if class_path.empty?
+        template 'module.rb', File.join('app/models', "#{class_path.join('/')}.rb") if behavior == :invoke
+      end
+      hook_for :test_framework
+      protected
+        def parent_class_name
+          options[:parent] || "ActiveRecord::Base"
+        end
+    end
+  end
+end
+end