ixtlan-remote 0.1.0

data/lib/ixtlan/user_management/session_cuba.rb

@@ -0,0 +1,47 @@
+# -*- Coding: utf-8 -*-
+require 'ixtlan/user_management/session_plugin'
+
+module Ixtlan
+  module UserManagement
+  
+    class SessionCuba < CubaAPI
+
+      plugin SessionPlugin
+
+      define do
+        on post, :reset_password do
+          if msg = self.class.authenticator.reset_password( login_and_password[ 0 ] )
+            log msg
+            head 200
+          else
+            log "user/email not found"
+            head 404
+          end
+        end
+
+        on post do
+          user = self.class.authenticator.login( *login_and_password )
+          if user      
+            current_user( user )
+            # be compliant with rack-protection and rack-csrf
+            csrf = session[ :csrf ] || session[ "csrf.token" ]
+            res[ 'X-CSRF-TOKEN' ] = csrf if csrf
+            write self.class.sessions.create( user )
+          else
+            log "access denied"
+            head 403
+          end
+        end
+        
+        on get, :ping do
+          head 200
+        end
+        
+        on delete do
+          log "logout"
+          reset_current_user
+        end
+      end
+    end
+  end
+end

data/lib/ixtlan/user_management/session_cuba.rb~

@@ -0,0 +1,44 @@
+# -*- Coding: utf-8 -*-
+require 'session_plugin'
+
+module Ixtlan
+  module UserManagement
+  
+    class SessionCuba < CubaAPI
+
+      plugin SessionPlugin
+
+      define do
+        on post, :reset_password do
+          if msg = self.class.authenticator.reset_password( login_and_password[ 0 ] )
+            log msg
+            head 200
+          else
+            log "user/email not found"
+            head 404
+          end
+        end
+
+        on post do
+          user = self.class.authenticator.login( *login_and_password )
+          if user      
+            current_user( user )
+            write self.class.sessions.create( user )
+          else
+            log "access denied"
+            head 403
+          end
+        end
+        
+        on get, :ping do
+          head 200
+        end
+        
+        on delete do
+          log "logout"
+          reset_current_user
+        end
+      end
+    end
+  end
+end

data/lib/ixtlan/user_management/session_manager.rb

@@ -0,0 +1,38 @@
+# -*- Coding: utf-8 -*-
+require 'ixtlan/user_management/user_model'
+require 'ixtlan/user_management/user_serializer'
+require 'ixtlan/user_management/session_model'
+require 'ixtlan/user_management/session_serializer'
+
+module Ixtlan
+  module UserManagement
+    class SessionManager
+
+      attr_accessor :idle_session_timeout, :block
+
+      def initialize( &block )
+        @block = block || lambda { [] }
+      end
+      
+      def serializer( user )
+        UserSerializer.new( user )
+      end
+
+      def to_session( user )
+        serializer( user ).use( :session ).to_hash
+      end
+
+      def from_session( data ) 
+        if data
+          User.new( data )
+        end
+      end
+
+      def create( user )
+        Session.new( 'user' => user,
+                     'permissions' => block.call( user.groups ),
+                     'idle_session_timeout' => idle_session_timeout )
+      end
+    end
+  end
+end

data/lib/ixtlan/user_management/session_model.rb

@@ -0,0 +1,36 @@
+#
+# ixtlan-remote - helper sync data between miniapps or communicate wth realtime
+# rest-services
+# Copyright (C) 2012 Christian Meier
+#
+# This file is part of ixtlan-remote.
+#
+# ixtlan-remote is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as
+# published by the Free Software Foundation, either version 3 of the
+# License, or (at your option) any later version.
+#
+# ixtlan-remote is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Affero General Public License for more details.
+#
+# You should have received a copy of the GNU Affero General Public License
+# along with ixtlan-remote.  If not, see <http://www.gnu.org/licenses/>.
+#
+require 'virtus'
+module Ixtlan
+  module UserManagement
+    class Session
+      include Virtus
+
+      attribute :idle_session_timeout, Integer
+      attribute :user, User
+      attribute :permissions, Array[Object]
+
+      def to_s
+        "Session( #{user.name}<#{user.login}> groups[ #{user.groups.collect { |g| g.name }.join ',' } ] #{idle_session_timeout} )"
+      end
+    end
+  end
+end

data/lib/ixtlan/user_management/session_model.rb~

@@ -0,0 +1,10 @@
+module Ixtlan
+  module UserManagement
+    class Session
+      include Virtus
+
+      attribute :name, String
+      attribute :url, String
+    end
+  end
+end

data/lib/ixtlan/user_management/session_plugin.rb

@@ -0,0 +1,32 @@
+# -*- Coding: utf-8 -*-
+require 'ixtlan/user_management/authenticator'
+
+module Ixtlan
+  module UserManagement
+    module SessionPlugin
+
+      module ClassMethods
+        def authenticator
+          self[ :authenticator ] ||= Authenticator.new( self[ :rest ] )
+        end
+      end
+
+      def log( msg )
+        if self.respond_to? :audit
+          audit( msg, { :username => login } )
+        else
+          warn( "[#{login}] #{msg}" )
+        end
+      end
+  
+      def login_and_password
+        auth = req[:authentication] || req
+        [ auth[:login] || auth[:email], auth[:password] ]
+      end
+      
+      def login
+        login_and_password[ 0 ]
+      end
+    end
+  end
+end

data/lib/ixtlan/user_management/session_serializer.rb

@@ -0,0 +1,21 @@
+require 'ixtlan/babel/serializer'
+module Ixtlan
+  module UserManagement
+    class SessionSerializer < Ixtlan::Babel::Serializer
+
+      root 'session'
+
+      add_context(:single,
+                  :only => [:idle_session_timeout],
+                  :include => { 
+                    :user => {
+                    },
+                    :permissions => {
+                      :include => [:actions, :associations]
+                    }
+                  }
+                  )
+      
+    end
+  end
+end

data/lib/ixtlan/user_management/session_serializer.rb~

@@ -0,0 +1,21 @@
+require 'ixtlan/babel/serializer'
+module Ixtlan
+  module UserManagement
+    class SessionSerializer < Ixtlan::Babel::Serializer
+
+      root 'session'
+
+      add_context(:single,
+                  :only => [:permissions, :idle_session_timeout],
+                  :include=> { 
+                    :user => {
+                    },
+                    :permissions => {
+                      :include => [:actions, :associations]
+                    }
+                  }
+                  )
+      
+    end
+  end
+end

data/lib/ixtlan/user_management/user.rb~

@@ -0,0 +1,16 @@
+class User
+
+  include DataMapper::Resource
+
+  property :id, Serial, :auto_validation => false
+  
+  property :login, String, :required => true, :unique => true, :length => 32
+  property :name, String, :required => true, :length => 128
+  property :updated_at, DateTime, :required => true
+
+  attr_accessor :groups, :applications
+
+  # do not record timestamps since they are set from outside
+  def set_timestamps_on_save
+  end
+end

data/lib/ixtlan/user_management/user_model.rb

@@ -0,0 +1,36 @@
+#
+# ixtlan-remote - helper sync data between miniapps or communicate wth realtime
+# rest-services
+# Copyright (C) 2012 Christian Meier
+#
+# This file is part of ixtlan-remote.
+#
+# ixtlan-remote is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as
+# published by the Free Software Foundation, either version 3 of the
+# License, or (at your option) any later version.
+#
+# ixtlan-remote is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Affero General Public License for more details.
+#
+# You should have received a copy of the GNU Affero General Public License
+# along with ixtlan-remote.  If not, see <http://www.gnu.org/licenses/>.
+#
+require 'ixtlan/user_management/group_model'
+module Ixtlan
+  module UserManagement
+    class User
+      include Virtus
+
+      attribute :login, String
+      attribute :name, String
+      attribute :groups, Array[Group]
+
+      def initialize( params = {} )
+        super params[ 'user' ] || params
+      end
+    end
+  end
+end

data/lib/ixtlan/user_management/user_model.rb~

@@ -0,0 +1,33 @@
+#
+# ixtlan-remote - helper sync data between miniapps or communicate wth realtime
+# rest-services
+# Copyright (C) 2012 Christian Meier
+#
+# This file is part of ixtlan-remote.
+#
+# ixtlan-remote is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as
+# published by the Free Software Foundation, either version 3 of the
+# License, or (at your option) any later version.
+#
+# ixtlan-remote is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Affero General Public License for more details.
+#
+# You should have received a copy of the GNU Affero General Public License
+# along with ixtlan-remote.  If not, see <http://www.gnu.org/licenses/>.
+#
+require 'ixtlan/user_management/group_model'
+module Ixtlan
+  module UserManagement
+    class User
+      include Virtus
+
+      attribute :login, String
+      attribute :name, String
+      attribute :groups, Array[Group]
+
+    end
+  end
+end

data/lib/ixtlan/user_management/user_resource.rb

@@ -0,0 +1,55 @@
+#
+# ixtlan-remote - helper sync data between miniapps or communicate wth realtime
+# rest-services
+# Copyright (C) 2012 Christian Meier
+#
+# This file is part of ixtlan-remote.
+#
+# ixtlan-remote is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as
+# published by the Free Software Foundation, either version 3 of the
+# License, or (at your option) any later version.
+#
+# ixtlan-remote is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Affero General Public License for more details.
+#
+# You should have received a copy of the GNU Affero General Public License
+# along with ixtlan-remote.  If not, see <http://www.gnu.org/licenses/>.
+#
+module Ixtlan
+  module UserManagement
+    class User
+
+      include DataMapper::Resource
+
+      def self.storage_name(arg)
+        'ixtlan_users'
+      end
+
+      # key for selectng the IdentityMap should remain this class if
+      # there is no single table inheritance with Discriminator in place
+      # i.e. the subclass used as key for the IdentityMap
+      def self.base_model
+        self
+      end
+
+      property :id, Serial, :auto_validation => false
+      
+      property :login, String, :required => true, :unique => true, :length => 32
+      property :name, String, :required => true, :length => 128
+      property :updated_at, DateTime, :required => true
+
+      attr_accessor :groups, :applications
+
+      # do not record timestamps since they are set from outside
+      def set_timestamps_on_save
+      end
+
+      def initialize(params = {})
+        super
+      end
+    end
+  end
+end

data/lib/ixtlan/user_management/user_resource.rb~

@@ -0,0 +1,24 @@
+module Ixtlan
+  module UserManagement
+    class User
+
+      include DataMapper::Resource
+
+      def self.storage_name(arg)
+        'ixtlan_users'
+      end
+
+      property :id, Serial, :auto_validation => false
+      
+      property :login, String, :required => true, :unique => true, :length => 32
+      property :name, String, :required => true, :length => 128
+      property :updated_at, DateTime, :required => true
+
+      attr_accessor :groups, :applications, :domains, :locales
+
+      # do not record timestamps since they are set from outside
+      def set_timestamps_on_save
+      end
+    end
+  end
+end

data/lib/ixtlan/user_management/user_serializer.rb

@@ -0,0 +1,15 @@
+require 'ixtlan/babel/serializer'
+module Ixtlan
+  module UserManagement
+    class UserSerializer < Ixtlan::Babel::Serializer
+
+      add_context(:session,
+                  :only => [:login, :name],
+                  :include=> { 
+                    :groups => {
+                      :only => [:name]
+                    }
+                  })
+    end
+  end
+end