ixtlan 0.2.0

data/lib/dm-serializer/common.rb

@@ -0,0 +1,28 @@
+module DataMapper
+  module Serialize
+    # Returns propreties to serialize based on :only or :exclude arrays, if provided
+    # :only takes precendence over :exclude
+    #
+    # @return <Array> properties that need to be serialized
+    def properties_to_serialize(options)
+      only_properties     = Array(options[:only])
+      excluded_properties = Array(options[:exclude])
+
+      model.properties(repository.name).reject do |p|
+        if only_properties.include? p.name
+          false
+        else
+          excluded_properties.include?(p.name) || !(only_properties.empty? || only_properties.include?(p.name))
+        end
+      end
+    end
+
+    Model.append_inclusions self
+
+    class Support
+      def self.dm_validations_loaded?
+        DataMapper.const_defined?("Validate")
+      end
+    end
+  end
+end

data/lib/dm-serializer/to_xml.rb

@@ -0,0 +1,99 @@
+require 'dm-serializer/common'
+require 'dm-serializer/xml_serializers'
+require 'rexml/document'
+
+module DataMapper
+  module Serialize
+    # Serialize a Resource to XML
+    #
+    # @return <REXML::Document> an XML representation of this Resource
+    def to_xml(opts = {})
+      xml = XMLSerializers::SERIALIZER
+      xml.output(to_xml_document(opts)).to_s
+    end
+
+    protected
+    # This method requires certain methods to be implemented in the individual
+    # serializer library subclasses:
+    # new_document
+    # root_node
+    # add_property_node
+    # add_node
+    def to_xml_document(opts={}, doc = nil)
+      xml = XMLSerializers::SERIALIZER
+      doc ||= xml.new_document
+      default_xml_element_name = lambda { Extlib::Inflection.underscore(model.storage_name.singular).tr("/", "-") }
+      root = xml.root_node(doc, opts[:element_name] || default_xml_element_name[])
+      properties_to_serialize(opts).each do |property|
+        value = __send__(property.name)
+        attrs = (property.type == String) ? {} : {'type' => property.type.to_s.downcase}
+        value = value.to_s(:xml) if property.type == DateTime rescue value
+        xml.add_node(root, property.name.to_s, value.frozen? ? value.to_s.dup: value, attrs)
+      end
+
+      (opts[:methods] || []).each do |meth|
+        if self.respond_to?(meth)
+          xml_name = meth.to_s.gsub(/[^a-z0-9_]/, '')
+          value = __send__(meth)
+          unless value.nil?
+            if value.respond_to?(:to_xml_document)
+              xml.add_xml(root, value.__send__(:to_xml_document, value.is_a?(DataMapper::Collection) ? {:collection_element_name => xml_name} : {:element_name => xml_name}))
+            else
+              xml.add_node(root, xml_name, value.to_s)
+            end
+          end
+        end
+      end
+      doc
+    end
+  end
+
+  class Collection
+    def to_xml(opts = {})
+      to_xml_document(opts).to_s
+    end
+
+    protected
+
+    def to_xml_document(opts = {})
+      xml = DataMapper::Serialize::XMLSerializers::SERIALIZER
+      doc = xml.new_document
+      default_collection_element_name = lambda {Extlib::Inflection.underscore(self.model.storage_name).tr("/", "-")}
+      root = xml.root_node(doc, opts[:collection_element_name] || default_collection_element_name[], {'type' => 'array'})
+      self.each do |item|
+        item.__send__(:to_xml_document, opts, doc)
+      end
+      doc
+    end
+  end
+
+  if Serialize::Support.dm_validations_loaded?
+
+    module Validate
+      class ValidationErrors
+        def to_xml(opts = {})
+          to_xml_document(opts).to_s
+        end
+
+        protected
+
+        def to_xml_document(opts = {})
+          xml = DataMapper::Serialize::XMLSerializers::SERIALIZER
+          doc = xml.new_document
+          root = xml.root_node(doc, "errors", {'type' => 'hash'})
+
+          errors.each do |key, value|
+            property = xml.add_node(root, key.to_s, nil, {'type' => 'array'})
+            property.attributes["type"] = 'array'
+            value.each do |error|
+              xml.add_node(property, "error", error)
+            end
+          end
+
+          doc
+        end
+      end
+    end
+
+  end
+end

data/lib/dm-serializer/xml_serializers/libxml.rb

@@ -0,0 +1,42 @@
+module DataMapper
+  module Serialize
+    module XMLSerializers
+      module LibXML
+        def self.new_document
+          ::LibXML::XML::Document.new
+        end
+
+        def self.root_node(doc, name, attrs = {})
+          root = ::LibXML::XML::Node.new(name)
+          attrs.each do |attr_name, attr_val|
+            root[attr_name] = attr_val
+          end
+          doc.root.nil? ? doc.root = root : doc.root << root
+          root
+        end
+
+        def self.add_node(parent, name, value, attrs = {})
+          value_str = value.to_s unless value.nil?
+          node = ::LibXML::XML::Node.new(name, value_str)
+          attrs.each do |attr_name, attr_val|
+            node[attr_name] = attr_val
+          end
+          parent << node
+          node
+        end
+
+        def self.add_xml(parent, xml)
+          parent << xml.root.copy(true)
+        end
+
+        def self.add_xml(parent, xml)
+          parent << xml.root.copy(true)
+        end
+
+        def self.output(doc)
+          doc.root.to_s
+        end
+      end
+    end
+  end
+end

data/lib/dm-serializer/xml_serializers/nokogiri.rb

@@ -0,0 +1,36 @@
+module DataMapper
+  module Serialize
+    module XMLSerializers
+      module Nokogiri
+        def self.new_document
+          ::Nokogiri::XML::Document.new
+        end
+
+        def self.root_node(doc, name, attrs = {})
+          root = ::Nokogiri::XML::Node.new(name, doc)
+          attrs.each do |attr_name, attr_val|
+            root[attr_name] = attr_val
+          end
+          doc.root.nil? ? doc.root = root : doc.root << root
+          root
+        end
+
+        def self.add_node(parent, name, value, attrs = {})
+          node = ::Nokogiri::XML::Node.new(name, parent.document)
+          node << ::Nokogiri::XML::Text.new(value.to_s, parent.document) unless value.nil?
+          attrs.each {|attr_name, attr_val| node[attr_name] = attr_val }
+          parent << node
+          node
+        end
+
+        def self.add_xml(parent, xml)
+          parent << xml.root
+        end
+
+        def self.output(doc)
+          doc.root.to_s
+        end
+      end
+    end
+  end
+end

data/lib/dm-serializer/xml_serializers/rexml.rb

@@ -0,0 +1,30 @@
+module DataMapper
+  module Serialize
+    module XMLSerializers
+      module REXML
+        def self.new_document
+          ::REXML::Document.new
+        end
+
+        def self.root_node(document, name, attrs = {})
+          add_node(document.root || document, name, nil, attrs)
+        end
+
+        def self.add_node(parent, name, value, attrs = {})
+          node = parent.add_element(name)
+          attrs.each {|attr_name, attr_val| node.attributes[attr_name] = attr_val}
+          node << ::REXML::Text.new(value.to_s) unless value.nil?
+          node
+        end
+
+        def self.add_xml(parent, xml)
+          parent.add(xml)
+        end
+
+        def self.output(doc)
+          doc.to_s
+        end
+      end
+    end
+  end
+end

data/lib/dm-serializer/xml_serializers.rb

@@ -0,0 +1,17 @@
+require 'dm-serializer/xml_serializers/rexml'
+require 'dm-serializer/xml_serializers/nokogiri'
+require 'dm-serializer/xml_serializers/libxml'
+
+module DataMapper
+  module Serialize
+    module XMLSerializers
+      SERIALIZER = if defined?(::LibXML)
+                     LibXML
+                   elsif defined?(::Nokogiri)
+                     Nokogiri
+                   else
+                     REXML
+                   end
+    end
+  end
+end

data/lib/dm-serializer.rb

@@ -0,0 +1 @@
+require 'dm-serializer/to_xml'

data/lib/ixtlan/audit_config.rb

@@ -0,0 +1,35 @@
+require 'ixtlan/audit'
+
+Logging.init :debug, :info, :warn, :error, :fatal unless Logging.const_defined? 'MAX_LEVEL_LENGTH'
+
+module Ixtlan
+  class AuditConfig
+
+    @logger = Logging::Logger[self]
+
+    def self.configure(keep, file, categories)
+      @@categories = categories
+      reconfigure(keep, file)
+    end
+
+    def self.reconfigure(keep, file)
+      audit_appender = 
+        RollingFile.new('audit', 
+                        { :filename_base => file, 
+                          :keep => keep, 
+                          :safe => true, 
+                          :layout => Logging::Layouts::Pattern.new(:pattern => "%d %m\n") }
+                        )
+
+      @@categories.each do |category|
+        logger = Logging::Logger[category]
+        logger.remove_appenders('audit')
+        logger.add_appenders(audit_appender)
+        @logger.debug("setup logger for #{category}")
+      end
+      @logger.info("initialized audit log . . .")
+    end
+
+  end
+
+end

data/lib/ixtlan/cms_script.rb

@@ -0,0 +1,29 @@
+module Ixtlan
+  class CmsScript
+    def initialize(app, rootpath = "/ixtlan")
+      @app = app
+      @rootpath = rootpath
+    end
+    
+    def call(env)
+      dup._call(env)
+    end
+    
+    def _call(env)
+      if(env['REQUEST_PATH'] =~ /^#{@rootpath}\//)
+        
+        file = Rails.public_path.to_s + env['REQUEST_PATH'].sub(/^#{@rootpath}/, '')
+        @file = File.open(file)
+        [@status, {}, self]
+      else
+        @app.call(env)
+      end
+    end
+    
+    def each(&block)
+      @file.each do |line|
+        block.call(line.sub(/<\/head>/, "<link type='text/css' rel='stylesheet' href='#{@rootpath}/embed.css'></link><script type='text/javascript' language='javascript' src='#{@rootpath}/embed.nocache.js'></script></head>"))
+      end
+    end
+  end
+end

data/lib/ixtlan/controllers/texts_controller.rb

@@ -0,0 +1,65 @@
+module Ixtlan
+  module Controllers
+    module TextsController
+
+      LOCALE = Object.full_const_get(::Ixtlan::Models::LOCALE)
+      TEXT = Object.full_const_get(::Ixtlan::Models::TEXT)
+      
+      private
+      
+      def locale_guard
+
+      end
+
+      public
+
+      def index
+        version = params[:version]
+
+        @texts = TEXT.all(:locale => LOCALE.get!(params[:locale]))
+      end
+
+      def create
+        phrase = params[:phrase]
+
+        locale = LOCALE.get!(phrase.delete(:locale))
+
+        if(TEXT.count(:version => nil, :code => phrase[:code], :locale => locale) == 1)
+          raise "TODO precondition failed"
+        end
+
+        phrase[:text] ||= phrase.delete(:current_text)
+        phrase[:locale] = locale
+
+        @text = TEXT.new(phrase)
+
+        respond_to do |format|
+          if @text.save
+            flash[:notice] = 'Text was successfully created.'
+            format.html { redirect_to(text_url(@text.id)) }
+            format.xml  { render :xml => @text, :status => :created }
+          else
+            format.html { render :action => "new" }
+            format.xml  { render :xml => @text.errors, :status => :unprocessable_entity }
+          end
+        end
+      end
+
+      def update
+        phrase = params[:phrase]
+        phrase[:text] ||= phrase.delete(:current_text)
+        
+        respond_to do |format|
+          if @text.update(phrase)
+            flash[:notice] = phrase[:text].nil? ? 'Text was successfully approved.' : 'Text was successfully updated.'
+            format.html { redirect_to(text_url(@text.id)) }
+            format.xml  { render :xml => @text, :status => :ok }
+          else
+            format.html { render :action => "edit" }
+            format.xml  { render :xml => @text.errors, :status => :unprocessable_entity }
+          end
+        end
+      end
+    end
+  end
+end

data/lib/ixtlan/digest.rb

@@ -0,0 +1,15 @@
+module Ixtlan
+  class Digest
+    # method from openldap faq which produces the userPassword attribute
+    # for the ldap
+    # @param secret String the password
+    # @param salt String the salt for the password digester
+    # @return the encoded password/salt
+    def self.ssha(secret, salt)
+      require 'sha1' 
+      require 'base64' 
+      (salt.empty? ? "{SHA}": "{SSHA}") +  
+        Base64.encode64(::Digest::SHA1.digest(secret + salt) + salt).gsub(/\n/, '')
+    end
+  end
+end

data/lib/ixtlan/error_notifier/error_notification.rhtml

@@ -0,0 +1 @@
+<%= @text %>

data/lib/ixtlan/guard.rb

@@ -0,0 +1,125 @@
+module Ixtlan
+  module ActionController #:nodoc:
+    module Guard #:nodoc:
+      def self.included(base)      
+        base.send(:include, InstanceMethods)
+      end
+      module InstanceMethods #:nodoc:
+        
+        protected
+        
+        def guard(locale = nil)
+          guard!(params[:controller], params[:action], locale)
+        end
+
+        def guard!(resource, action, locale = nil)
+          unless ::Ixtlan::Guard.check(self, resource, action, locale)
+            raise ::Ixtlan::PermissionDenied.new("permission denied for '#{resource}##{action}'")
+          end
+          true
+        end
+      end
+    end
+  end
+
+  module Allowed #:nodoc:
+    # Inclusion hook to make #allowed available as method
+    def self.included(base)
+      base.send(:include, InstanceMethods)
+    end
+    
+    module InstanceMethods #:nodoc:
+      def allowed(resource, action, locale = nil)
+        ::Ixtlan::Guard.check(helpers.controller, resource, action, locale)
+      end
+    end
+  end
+
+  class Guard
+    
+    @@map = {}
+
+    def self.load(logger = Logger.new(STDOUT), superuser = :root, guard_dir = "#{RAILS_ROOT}/app/guards", &block)
+      @@block = 
+        if block
+          block
+        else
+          Proc.new do |controller|
+          user = controller.send :current_user
+          user.groups if user
+        end
+      end
+      DataMapper.setup(:guard_memory, :adapter => :in_memory)
+      @@logger = logger
+      @@superuser = superuser
+      if File.exists?(guard_dir) 
+        Dir.new(guard_dir).to_a.each do |f|
+          if f.match(".rb$")
+            require(File.join(guard_dir, f))
+          end
+        end
+        logger.debug("initialized guard . . .")
+      else
+        logger.warn("guard directory #{guard_dir} not found, skip loading")
+      end
+    end
+    
+    def self.initialize(controller, map)
+      msg = map.collect{ |k,v| "\n\t#{k} => [#{v.join(',')}]"}
+      @@logger.debug("#{controller} guard: #{msg}")
+      @@map[controller] = map
+    end
+
+    def self.export_xml
+      repository(:guard_memory) do
+        role_const = Object.full_const_get(Models::ROLE)
+        permission_const = Object.full_const_get(Models::PERMISSION)
+        root = role_const.create(:name => @@superuser)
+        @@map.each do |controller, actions|
+          actions.each do |action, roles|
+            permission = permission_const.create(:resource => controller, :action => action)
+            permission.roles << root
+            roles.each do |role|
+              r = role_const.create(:name => role)
+              permission.roles << r unless permission.roles.member? r
+            end
+            permission.save
+          end
+        end
+        xml = permission_const.all.to_xml
+        permission_const.all.destroy!
+        role_const.all.destroy!
+        xml
+      end   
+    end
+
+    def self.check(controller, resource, action, locale = nil)
+      groups =  @@block.call(controller)
+      return true if groups.nil?
+      resource = resource.to_sym
+      if (@@map.key? resource)
+        action = action.to_sym
+        allowed = @@map[resource][action]
+        if (allowed.nil?)
+          @@logger.warn("unknown action '#{action}' for controller '#{resource}'")
+          raise ::Ixtlan::GuardException.new("unknown action '#{action}' for controller '#{resource}'")
+        else
+          allowed << @@superuser unless allowed.member? @@superuser
+          for group in groups
+             if allowed.member? group.name.to_sym
+               return locale.nil? ? true : (group.locales.member? locale)
+             end
+          end
+          return false
+        end
+      else
+        @@logger.warn("unknown controller '#{resource}'")
+        raise ::Ixtlan::GuardException.new("unknown controller '#{resource}'")
+      end
+    end
+  end
+
+  class GuardException < Exception; end
+  class PermissionDenied < GuardException; end
+end
+

data/lib/ixtlan/logger_config.rb

@@ -0,0 +1,65 @@
+# use logging logger for slf4r logger facade
+require 'slf4r/logging_logger'
+
+require 'ixtlan/rolling_file'
+
+module Ixtlan
+  class LoggerConfig
+    def self.rolling_appender(name)
+      appender = Ixtlan::RollingFile.new(name, 
+                                         :filename_base => log_filebase(name), 
+                                         :keep => 2, 
+                                         :date_pattern => '%Y-%m')
+      appender.layout = Logging::Layouts::Pattern.new(:pattern => "%d [%-l] (%c) %m\n")
+      appender
+    end
+
+    def self.logger(appender, category, level = :warn)
+      logger = Logging::Logger.new(category)
+      logger.add_appenders(appender)
+      logger.level = log_level(level)
+      logger
+    end
+
+    def self.log_filebase(name)
+      ::Rails.root.join('log', name).to_s
+    end
+
+    def self.log_level(level = :warn)
+      ENV['RAILS_ENV'] == 'production' ? level : :debug 
+    end
+
+    Logging.init :debug, :info, :warn, :error, :fatal unless Logging.const_defined? 'MAX_LEVEL_LENGTH'
+
+    # setup rails logger
+    rails_appender = Logging::Appenders::File.new('rails', 
+                                            :filename => log_filebase(RAILS_ENV) + ".log")
+    rails_appender.layout = Logging::Layouts::Pattern.new(:pattern => "%-20c\t- %m\n")
+    
+    logger = logger(rails_appender, Rails)
+    logger.info "initialized logger ..."
+    
+    # datamapper + dataobject logger
+    appender = rolling_appender('sql')
+  
+    DataMapper.logger = logger([appender,rails_appender], DataMapper)
+    
+    #TODO better find out which database !!!
+    DataObjects::Sqlite3.logger = logger([appender,rails_appender], DataObjects)
+
+    # configure audit logger
+    Ixtlan::AuditConfig.configure(Ixtlan::Models::Configuration.instance.keep_audit_logs, 
+                                  log_filebase('audit'), 
+                                  [
+                                   Ixtlan::Models::User,
+                                   Ixtlan::Rails::Audit,
+                                   Ixtlan::Rails::SessionTimeout,
+                                   Ixtlan::Rails::UnrestfulAuthentication,
+                                   Ixtlan::Rails::ErrorHandling
+                                  ] )
+
+    # keep the guard messages in a separate file as well
+    logger(rolling_appender('guard'), Ixtlan::Guard, :info)
+  end
+
+end

data/lib/ixtlan/models/authentication.rb

@@ -0,0 +1,30 @@
+module Ixtlan
+  module Models
+    class Authentication 
+      include DataMapper::Resource
+
+      def self.name
+        "Authentication"
+      end
+
+      property :login, String,:format => /^[a-zA-Z0-9\-!=+$%^&*\(\){}|\[\]<>_.]*$/, :key => true
+      
+      property :password, String,:format => /^[a-zA-Z0-9_.]*$/
+      
+      attr_accessor :token
+      
+      belongs_to :user, :model => ::Ixtlan::Models::USER
+
+      if protected_instance_methods.find {|m| m == 'to_x'}.nil?
+       
+        protected
+
+        alias :to_x :to_xml_document
+        def to_xml_document(opts, doc = nil)
+          opts.merge!({:exclude => [:password,:user_id], :methods => [:token, :user]})
+          to_x(opts, doc)
+        end
+      end
+    end
+  end
+end