ixtlan-guard 0.1.0 → 0.4.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/MIT-LICENSE +20 -0
- data/lib/generators/active_record/templates/flavor_migration.rb +13 -0
- data/lib/generators/active_record/templates/flavor_model.rb +8 -0
- data/lib/generators/active_record/templates/group_model.rb +43 -0
- data/lib/generators/active_record/templates/group_user_migration.rb +13 -0
- data/lib/generators/active_record/templates/user_model.rb +124 -0
- data/lib/generators/active_record/user_management_models_generator.rb +202 -0
- data/lib/generators/erb/user_management_controller_generator.rb +10 -0
- data/lib/generators/{ixtlan → guard}/controller/USAGE +0 -0
- data/lib/generators/{ixtlan → guard}/controller/controller_generator.rb +2 -2
- data/lib/generators/{ixtlan → guard}/scaffold/USAGE +0 -0
- data/lib/generators/{ixtlan → guard}/scaffold/scaffold_generator.rb +4 -6
- data/lib/generators/guard/scaffold/templates/guard.rb +20 -0
- data/lib/generators/guard/templates/guard.rb +20 -0
- data/lib/generators/ixtlan/maintenance_scaffold/USAGE +8 -0
- data/lib/generators/ixtlan/maintenance_scaffold/maintenance_scaffold_generator.rb +40 -0
- data/lib/generators/ixtlan/permissions_scaffold/USAGE +8 -0
- data/lib/generators/ixtlan/permissions_scaffold/permissions_scaffold_generator.rb +33 -0
- data/lib/generators/ixtlan/user_management_controller/USAGE +8 -0
- data/lib/generators/ixtlan/user_management_controller/user_management_controller_generator.rb +23 -0
- data/lib/generators/ixtlan/user_management_models/USAGE +8 -0
- data/lib/generators/ixtlan/user_management_models/user_management_models_generator.rb +19 -0
- data/lib/generators/ixtlan/user_management_scaffold/user_management_scaffold_generator.rb +13 -0
- data/lib/ixtlan-guard.rb +2 -2
- data/lib/ixtlan/guard.rb +1 -159
- data/lib/ixtlan/guard/controllers/maintenance_controller.rb +45 -0
- data/lib/ixtlan/guard/controllers/permissions_controller.rb +41 -0
- data/lib/ixtlan/guard/guard.rb +245 -0
- data/lib/ixtlan/guard/models/maintenance.rb +55 -0
- data/lib/ixtlan/guard/models/user_update_manager.rb +95 -0
- data/lib/ixtlan/guard/rails_integration.rb +88 -0
- data/lib/ixtlan/guard/railtie.rb +33 -0
- data/lib/ixtlan/guard/spec/user_management_models_spec.rb +193 -0
- data/spec/guard_spec.rb +48 -12
- data/spec/railtie_spec.rb +1 -1
- metadata +75 -52
- data/lib/generators/ixtlan/templates/edit.html.erb +0 -10
- data/lib/generators/ixtlan/templates/guard.rb +0 -13
- data/lib/generators/ixtlan/templates/index.html.erb +0 -35
- data/lib/generators/ixtlan/templates/new.html.erb +0 -7
- data/lib/generators/ixtlan/templates/show.html.erb +0 -16
- data/lib/generators/scaffold/scaffold/scaffold_generator.rb +0 -23
- data/lib/ixtlan/guard_railtie.rb +0 -43
- data/lib/ixtlan/rails_integration.rb +0 -55
|
@@ -1,11 +1,11 @@
|
|
|
1
|
-
module
|
|
1
|
+
module Guard
|
|
2
2
|
class ControllerGenerator < Rails::Generators::NamedBase
|
|
3
3
|
|
|
4
4
|
source_root File.expand_path('../../templates', __FILE__)
|
|
5
5
|
|
|
6
6
|
argument :actions, :type => :array, :default => [], :banner => "action action"
|
|
7
7
|
|
|
8
|
-
check_class_collision :suffix => "Guard"
|
|
8
|
+
# check_class_collision :suffix => "Guard"
|
|
9
9
|
|
|
10
10
|
def create_guard_file
|
|
11
11
|
template 'guard.rb', File.join('app', 'guards', class_path, "#{file_name}_guard.rb")
|
|
File without changes
|
|
@@ -1,14 +1,13 @@
|
|
|
1
1
|
require 'rails/generators/resource_helpers'
|
|
2
|
-
module
|
|
2
|
+
module Guard
|
|
3
3
|
class ScaffoldGenerator < Rails::Generators::NamedBase
|
|
4
4
|
include Rails::Generators::ResourceHelpers
|
|
5
5
|
|
|
6
|
-
source_root File.expand_path('
|
|
6
|
+
source_root File.expand_path('../templates', __FILE__)
|
|
7
7
|
|
|
8
8
|
# check_class_collision :suffix => "Guard"
|
|
9
9
|
|
|
10
10
|
def create_guard_files
|
|
11
|
-
puts "ASD"
|
|
12
11
|
template 'guard.rb', File.join('app', 'guards', class_path, "#{plural_file_name}_guard.rb")
|
|
13
12
|
end
|
|
14
13
|
|
|
@@ -17,12 +16,11 @@ module Ixtlan
|
|
|
17
16
|
end
|
|
18
17
|
|
|
19
18
|
def aliases
|
|
20
|
-
{ :new
|
|
19
|
+
{ :create=>:new, :update=>:edit }
|
|
21
20
|
end
|
|
22
21
|
|
|
23
22
|
def actions
|
|
24
|
-
['index', 'show', '
|
|
23
|
+
['index', 'show', 'new', 'edit', 'destroy']
|
|
25
24
|
end
|
|
26
|
-
|
|
27
25
|
end
|
|
28
26
|
end
|
|
@@ -0,0 +1,20 @@
|
|
|
1
|
+
class <%= guard_class_name %>Guard
|
|
2
|
+
def initialize(guard)
|
|
3
|
+
#guard.name = "<%= plural_file_name %>"
|
|
4
|
+
<% if aliases -%>
|
|
5
|
+
guard.aliases = <%= aliases.inspect %>
|
|
6
|
+
<% end -%>
|
|
7
|
+
guard.action_map= {
|
|
8
|
+
<% case actions
|
|
9
|
+
when Array
|
|
10
|
+
for action in actions -%>
|
|
11
|
+
:<%= action %> => [],
|
|
12
|
+
<% end
|
|
13
|
+
when Hash
|
|
14
|
+
actions.each do |action, groups| -%>
|
|
15
|
+
:<%= action %> => <%= groups.inspect %>,
|
|
16
|
+
<% end
|
|
17
|
+
end -%>
|
|
18
|
+
}
|
|
19
|
+
end
|
|
20
|
+
end
|
|
@@ -0,0 +1,20 @@
|
|
|
1
|
+
class <%= guard_class_name %>Guard
|
|
2
|
+
def initialize(guard)
|
|
3
|
+
#guard.name = "<%= plural_file_name %>"
|
|
4
|
+
<% if aliases -%>
|
|
5
|
+
guard.aliases = <%= aliases.inspect %>
|
|
6
|
+
<% end -%>
|
|
7
|
+
guard.action_map= {
|
|
8
|
+
<% case actions
|
|
9
|
+
when Array
|
|
10
|
+
for action in actions -%>
|
|
11
|
+
:<%= action %> => [],
|
|
12
|
+
<% end
|
|
13
|
+
when Hash
|
|
14
|
+
actions.each do |action, groups| -%>
|
|
15
|
+
:<%= action %> => <%= groups.inspect %>,
|
|
16
|
+
<% end
|
|
17
|
+
end -%>
|
|
18
|
+
}
|
|
19
|
+
end
|
|
20
|
+
end
|
|
@@ -0,0 +1,40 @@
|
|
|
1
|
+
require 'rails/generators/resource_helpers'
|
|
2
|
+
require 'generators/ixtlan/scaffold/scaffold_generator.rb'
|
|
3
|
+
ActiveSupport::Inflector.inflections do |inflect|
|
|
4
|
+
inflect.irregular 'maintenance', 'maintenance'
|
|
5
|
+
end
|
|
6
|
+
module Ixtlan
|
|
7
|
+
class MaintenanceScaffoldGenerator < ScaffoldGenerator
|
|
8
|
+
|
|
9
|
+
source_root File.expand_path('../../templates', __FILE__)
|
|
10
|
+
|
|
11
|
+
arguments.clear # clear name argument from NamedBase
|
|
12
|
+
|
|
13
|
+
def name # set alias so NamedBase uses the model as its name
|
|
14
|
+
"maintenance"
|
|
15
|
+
end
|
|
16
|
+
|
|
17
|
+
def create_controller_files
|
|
18
|
+
template 'simple_controller.rb', File.join('app', 'controllers', class_path, "#{plural_file_name}_controller.rb")
|
|
19
|
+
end
|
|
20
|
+
|
|
21
|
+
def add_routes
|
|
22
|
+
actions.reverse.each do |action|
|
|
23
|
+
if action == 'index'
|
|
24
|
+
route %{get "#{file_name}/#{action}"}
|
|
25
|
+
else
|
|
26
|
+
route %{put "#{file_name}/#{action}"}
|
|
27
|
+
end
|
|
28
|
+
end
|
|
29
|
+
end
|
|
30
|
+
|
|
31
|
+
def aliases
|
|
32
|
+
{}
|
|
33
|
+
end
|
|
34
|
+
|
|
35
|
+
def actions
|
|
36
|
+
['index', 'block', 'resume']
|
|
37
|
+
end
|
|
38
|
+
|
|
39
|
+
end
|
|
40
|
+
end
|
|
@@ -0,0 +1,33 @@
|
|
|
1
|
+
require 'rails/generators/resource_helpers'
|
|
2
|
+
require 'generators/ixtlan/scaffold/scaffold_generator.rb'
|
|
3
|
+
module Ixtlan
|
|
4
|
+
class PermissionsScaffoldGenerator < ScaffoldGenerator
|
|
5
|
+
|
|
6
|
+
source_root File.expand_path('../../templates', __FILE__)
|
|
7
|
+
|
|
8
|
+
arguments.clear # clear name argument from NamedBase
|
|
9
|
+
|
|
10
|
+
def name # set alias so NamedBase uses the model as its name
|
|
11
|
+
"permission"
|
|
12
|
+
end
|
|
13
|
+
|
|
14
|
+
def create_controller_files
|
|
15
|
+
template 'simple_controller.rb', File.join('app', 'controllers', class_path, "#{plural_file_name}_controller.rb")
|
|
16
|
+
end
|
|
17
|
+
|
|
18
|
+
def add_routes
|
|
19
|
+
actions.keys.reverse.each do |action|
|
|
20
|
+
route %{get "#{file_name}/#{action}"}
|
|
21
|
+
end
|
|
22
|
+
end
|
|
23
|
+
|
|
24
|
+
def aliases
|
|
25
|
+
{}
|
|
26
|
+
end
|
|
27
|
+
|
|
28
|
+
def actions
|
|
29
|
+
{'index' => [:*], 'show' => []}
|
|
30
|
+
end
|
|
31
|
+
|
|
32
|
+
end
|
|
33
|
+
end
|
|
@@ -0,0 +1,23 @@
|
|
|
1
|
+
require 'rails/generators/rails/scaffold_controller/scaffold_controller_generator'
|
|
2
|
+
require 'generators/ixtlan/scaffold/scaffold_generator'
|
|
3
|
+
|
|
4
|
+
module Ixtlan
|
|
5
|
+
class UserManagementControllerGenerator < ScaffoldGenerator
|
|
6
|
+
|
|
7
|
+
source_root File.expand_path('../../templates', __FILE__)
|
|
8
|
+
|
|
9
|
+
class_option :orm, :banner => "NAME", :type => :string, :required => true,
|
|
10
|
+
:desc => "ORM to generate the controller for"
|
|
11
|
+
class_option :gwt, :banner => "PACKAGE_NAME", :type => :string,
|
|
12
|
+
:desc => "given gwt package name will generate gwt code"
|
|
13
|
+
|
|
14
|
+
|
|
15
|
+
def create_controller_files
|
|
16
|
+
template 'controller.rb', File.join('app/controllers', class_path, "#{controller_file_name}_controller.rb")
|
|
17
|
+
end
|
|
18
|
+
|
|
19
|
+
hook_for :template_engine
|
|
20
|
+
|
|
21
|
+
end
|
|
22
|
+
end
|
|
23
|
+
|
|
@@ -0,0 +1,19 @@
|
|
|
1
|
+
module Ixtlan
|
|
2
|
+
class UserManagementModelsGenerator < Rails::Generators::NamedBase #metagenerator
|
|
3
|
+
arguments.clear # clear name argument from NamedBase
|
|
4
|
+
argument :params, :type => :array, :default => ['user'], :required => false, :banner => "user_model [field:type ..] [group_model [field:type ..] [flavor_model1 [field:type ..] flavor_model2 [field:type ..]]]", :desc => "group default: group with field name:string"
|
|
5
|
+
|
|
6
|
+
class_option :gwt, :banner => "PACKAGE_NAME", :type => :string,
|
|
7
|
+
:desc => "given gwt package name will generate gwt code"
|
|
8
|
+
|
|
9
|
+
def name # set alias so NamedBase uses the model as its name
|
|
10
|
+
@params[0].sub(/\s+.*/, '').singularize
|
|
11
|
+
end
|
|
12
|
+
|
|
13
|
+
attr_reader :params
|
|
14
|
+
|
|
15
|
+
hook_for :orm, :required => true
|
|
16
|
+
|
|
17
|
+
end
|
|
18
|
+
end
|
|
19
|
+
|
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
require 'generators/ixtlan/user_management_models/user_management_models_generator'
|
|
2
|
+
|
|
3
|
+
module Ixtlan
|
|
4
|
+
class UserManagementScaffoldGenerator < UserManagementModelsGenerator #metagenerator
|
|
5
|
+
|
|
6
|
+
source_root File.expand_path('../../templates', __FILE__)
|
|
7
|
+
|
|
8
|
+
hook_for :user_management_controller, :default => :user_management_controller
|
|
9
|
+
hook_for :stylesheets, :in => :rails
|
|
10
|
+
hook_for :gwt, :type => :boolean, :default => false
|
|
11
|
+
end
|
|
12
|
+
end
|
|
13
|
+
|
data/lib/ixtlan-guard.rb
CHANGED
data/lib/ixtlan/guard.rb
CHANGED
|
@@ -1,159 +1 @@
|
|
|
1
|
-
require '
|
|
2
|
-
module Ixtlan
|
|
3
|
-
class ControllerGuard
|
|
4
|
-
|
|
5
|
-
attr_accessor :name, :action_map, :aliases
|
|
6
|
-
|
|
7
|
-
def initialize(name)
|
|
8
|
-
@name = name.sub(/_guard$/, '').to_sym
|
|
9
|
-
class_name = name.split(/\//).collect { |part| part.split("_").each { |pp| pp.capitalize! }.join }.join("::")
|
|
10
|
-
Object.const_get(class_name).new(self)
|
|
11
|
-
end
|
|
12
|
-
|
|
13
|
-
def name=(name)
|
|
14
|
-
@name = name.to_sym
|
|
15
|
-
end
|
|
16
|
-
|
|
17
|
-
def aliases=(map)
|
|
18
|
-
@aliases = symbolize(map)
|
|
19
|
-
end
|
|
20
|
-
|
|
21
|
-
def action_map=(map)
|
|
22
|
-
@action_map = symbolize(map)
|
|
23
|
-
end
|
|
24
|
-
|
|
25
|
-
private
|
|
26
|
-
|
|
27
|
-
def symbolize(h)
|
|
28
|
-
result = {}
|
|
29
|
-
|
|
30
|
-
h.each do |k, v|
|
|
31
|
-
if v.is_a?(Hash)
|
|
32
|
-
result[k.to_sym] = symbolize_keys(v) unless v.size == 0
|
|
33
|
-
elsif v.is_a?(Array)
|
|
34
|
-
val = []
|
|
35
|
-
v.each {|vv| val << vv.to_sym }
|
|
36
|
-
result[k.to_sym] = val
|
|
37
|
-
else
|
|
38
|
-
result[k.to_sym] = v.to_sym
|
|
39
|
-
end
|
|
40
|
-
end
|
|
41
|
-
|
|
42
|
-
result
|
|
43
|
-
end
|
|
44
|
-
|
|
45
|
-
end
|
|
46
|
-
|
|
47
|
-
class Guard
|
|
48
|
-
|
|
49
|
-
attr_accessor :logger, :guard_dir, :superuser, :block
|
|
50
|
-
|
|
51
|
-
def initialize(logger = Logger.new(STDOUT), superuser = :root, guard_dir = File.join("app", "guards"), &block)
|
|
52
|
-
@map = {}
|
|
53
|
-
@aliases = {}
|
|
54
|
-
|
|
55
|
-
@block =
|
|
56
|
-
if block
|
|
57
|
-
block
|
|
58
|
-
else
|
|
59
|
-
Proc.new do |controller|
|
|
60
|
-
# get the groups of the current_user
|
|
61
|
-
user = controller.send(:current_user) if controller.respond_to? :current_user
|
|
62
|
-
user.groups if user
|
|
63
|
-
end
|
|
64
|
-
end
|
|
65
|
-
@logger = logger
|
|
66
|
-
@superuser = superuser
|
|
67
|
-
@guard_dir = guard_dir
|
|
68
|
-
end
|
|
69
|
-
|
|
70
|
-
def setup
|
|
71
|
-
if File.exists?(@guard_dir)
|
|
72
|
-
Dir.new(guard_dir).to_a.each do |f|
|
|
73
|
-
if f.match(".rb$")
|
|
74
|
-
require(File.join(guard_dir, f))
|
|
75
|
-
controller_guard = ControllerGuard.new(f.sub(/.rb$/, ''))
|
|
76
|
-
register(controller_guard)
|
|
77
|
-
end
|
|
78
|
-
end
|
|
79
|
-
logger.debug("initialized guard . . .")
|
|
80
|
-
else
|
|
81
|
-
raise GuardException.new("guard directory #{guard_dir} not found, skip loading")
|
|
82
|
-
end
|
|
83
|
-
end
|
|
84
|
-
|
|
85
|
-
private
|
|
86
|
-
|
|
87
|
-
def register(controller_guard)
|
|
88
|
-
msg = controller_guard.action_map.collect{ |k,v| "\n\t#{k} => [#{v.join(',')}]"}
|
|
89
|
-
@logger.debug("#{controller_guard.name} guard: #{msg}")
|
|
90
|
-
@map[controller_guard.name] = controller_guard.action_map
|
|
91
|
-
@aliases[controller_guard.name] = controller_guard.aliases || {}
|
|
92
|
-
end
|
|
93
|
-
|
|
94
|
-
public
|
|
95
|
-
|
|
96
|
-
def block_groups(groups)
|
|
97
|
-
@blocked = (groups || []).collect { |g| g.to_sym}
|
|
98
|
-
end
|
|
99
|
-
|
|
100
|
-
def blocked
|
|
101
|
-
@blocked ||= []
|
|
102
|
-
end
|
|
103
|
-
|
|
104
|
-
def current_user_restricted?(controller)
|
|
105
|
-
groups = @block.call(controller)
|
|
106
|
-
if groups
|
|
107
|
-
p groups
|
|
108
|
-
p blocked
|
|
109
|
-
p groups.select { |g| !blocked.member?(g.to_sym) }
|
|
110
|
-
groups.select { |g| !blocked.member?(g.to_sym) }.size < groups.size
|
|
111
|
-
else
|
|
112
|
-
nil
|
|
113
|
-
end
|
|
114
|
-
end
|
|
115
|
-
|
|
116
|
-
def check(controller, resource, action, &block)
|
|
117
|
-
groups = @block.call(controller)
|
|
118
|
-
if groups.nil?
|
|
119
|
-
@logger.debug("check #{resource}##{action}: not authenticated")
|
|
120
|
-
return true
|
|
121
|
-
end
|
|
122
|
-
resource = resource.to_sym
|
|
123
|
-
action = action.to_sym
|
|
124
|
-
if (@map.key? resource)
|
|
125
|
-
action = @aliases[resource][action] || action
|
|
126
|
-
allowed = @map[resource][action]
|
|
127
|
-
if (allowed.nil?)
|
|
128
|
-
@logger.warn("unknown action '#{action}' for controller '#{resource}'")
|
|
129
|
-
raise ::Ixtlan::GuardException.new("unknown action '#{action}' for controller '#{resource}'")
|
|
130
|
-
else
|
|
131
|
-
allowed << @superuser unless allowed.member? @superuser
|
|
132
|
-
allow_all_groups = allowed.member?(:*)
|
|
133
|
-
if(allow_all_groups && block.nil?)
|
|
134
|
-
@logger.debug("check #{resource}##{action}: allowed for all")
|
|
135
|
-
return true
|
|
136
|
-
else
|
|
137
|
-
groups.each do |group|
|
|
138
|
-
if (allow_all_groups || allowed.member?(group.to_sym)) && !blocked.member?(group.to_sym)
|
|
139
|
-
if(block.nil? || block.call(group))
|
|
140
|
-
@logger.debug("check #{resource}##{action}: true")
|
|
141
|
-
return true
|
|
142
|
-
end
|
|
143
|
-
end
|
|
144
|
-
end
|
|
145
|
-
end
|
|
146
|
-
@logger.debug("check #{resource}##{action}: false")
|
|
147
|
-
return false
|
|
148
|
-
end
|
|
149
|
-
else
|
|
150
|
-
@logger.warn("unknown controller for '#{resource}'")
|
|
151
|
-
raise ::Ixtlan::GuardException.new("unknown controller for '#{resource}'")
|
|
152
|
-
end
|
|
153
|
-
end
|
|
154
|
-
end
|
|
155
|
-
|
|
156
|
-
class GuardException < Exception; end
|
|
157
|
-
class PermissionDenied < GuardException; end
|
|
158
|
-
end
|
|
159
|
-
|
|
1
|
+
require 'ixtlan/guard/guard'
|
|
@@ -0,0 +1,45 @@
|
|
|
1
|
+
require 'ixtlan/models/maintenance'
|
|
2
|
+
module Ixtlan
|
|
3
|
+
module Guard
|
|
4
|
+
module Controllers
|
|
5
|
+
module MaintenanceController
|
|
6
|
+
|
|
7
|
+
# GET /maintenance
|
|
8
|
+
# GET /maintenance.xml
|
|
9
|
+
# GET /maintenance.json
|
|
10
|
+
def index
|
|
11
|
+
@maintenance = ::Ixtlan::Guard::Models::Maintenance.new
|
|
12
|
+
@maintenance.groups = guard.blocked_groups
|
|
13
|
+
|
|
14
|
+
respond_to do |format|
|
|
15
|
+
format.html # index.html.erb
|
|
16
|
+
format.xml { render :xml => @maintenance }
|
|
17
|
+
format.json { render :json => @maintenance }
|
|
18
|
+
end
|
|
19
|
+
end
|
|
20
|
+
|
|
21
|
+
# PUT /maintenance/block
|
|
22
|
+
def block
|
|
23
|
+
guard.block_groups(param[:groups])
|
|
24
|
+
|
|
25
|
+
respond_to do |format|
|
|
26
|
+
format.html { redirect_to(maintenance_url) }
|
|
27
|
+
format.xml { head :ok }
|
|
28
|
+
format.json { head :ok }
|
|
29
|
+
end
|
|
30
|
+
end
|
|
31
|
+
|
|
32
|
+
# PUT /maintenance/resume
|
|
33
|
+
def resume
|
|
34
|
+
guard.block_groups([])
|
|
35
|
+
|
|
36
|
+
respond_to do |format|
|
|
37
|
+
format.html { redirect_to(maintenance_url) }
|
|
38
|
+
format.xml { head :ok }
|
|
39
|
+
format.json { head :ok }
|
|
40
|
+
end
|
|
41
|
+
end
|
|
42
|
+
end
|
|
43
|
+
end
|
|
44
|
+
end
|
|
45
|
+
end
|