ixtlan 0.4.0.pre5 → 0.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (38) hide show
  1. data/History.txt +49 -0
  2. data/MIT-LICENSE +20 -0
  3. data/README.txt +86 -0
  4. data/Rakefile +59 -0
  5. data/lib/dm-serializer/to_xml.rb +10 -4
  6. data/lib/ixtlan/controllers/audits_controller.rb +6 -1
  7. data/lib/ixtlan/controllers/authentications_controller.rb +5 -1
  8. data/lib/ixtlan/controllers/domains_controller.rb +11 -7
  9. data/lib/ixtlan/controllers/groups_controller.rb +28 -7
  10. data/lib/ixtlan/controllers/locales_controller.rb +11 -7
  11. data/lib/ixtlan/controllers/search_query.rb +28 -12
  12. data/lib/ixtlan/controllers/users_controller.rb +1 -1
  13. data/lib/ixtlan/controllers/word_bundles_controller.rb +9 -3
  14. data/lib/ixtlan/guard.rb +17 -4
  15. data/lib/ixtlan/models/authentication.rb +8 -2
  16. data/lib/ixtlan/models/configuration.rb +14 -1
  17. data/lib/ixtlan/models/group.rb +14 -1
  18. data/lib/ixtlan/models/i18n_text.rb +6 -2
  19. data/lib/ixtlan/models/phrase.rb +11 -6
  20. data/lib/ixtlan/models/translation.rb +6 -2
  21. data/lib/ixtlan/models/user.rb +29 -2
  22. data/lib/ixtlan/modified_by.rb +1 -2
  23. data/lib/ixtlan/rails/error_handling.rb +1 -1
  24. data/lib/ixtlan/version.rb +1 -1
  25. data/lib/ixtlan/version.rb.errors +0 -0
  26. data/spec/authentication_spec.rb +16 -9
  27. data/spec/guard_spec.rb +8 -7
  28. data/spec/modified_by_spec.rb +9 -8
  29. data/spec/optimistic_persistence_spec.rb +2 -2
  30. data/spec/phrase_spec.rb +45 -49
  31. data/spec/session_timeout_spec.rb +1 -1
  32. data/spec/spec_helper.rb +66 -24
  33. data/spec/text_collection_spec.rb +23 -25
  34. data/spec/text_spec.rb +8 -8
  35. data/spec/unrestful_authentication_spec.rb +2 -2
  36. data/spec/user_logger_spec.rb +1 -0
  37. data/spec/user_spec.rb +5 -8
  38. metadata +37 -19
data/History.txt ADDED
@@ -0,0 +1,49 @@
1
+ === 0.3.0 / 2010-05-24
2
+
3
+ * allow model with to_log to have nice log output
4
+
5
+ * made all controllers nice modules including before_filters
6
+
7
+ * domains/locales work with guard
8
+
9
+ * added migration class for ixtlan models
10
+
11
+ * all models have an ID now
12
+
13
+ * helper for n-m-relations
14
+
15
+ * added search module with helper methods
16
+
17
+ * better audit log
18
+
19
+ === 0.2.4 / 2010-02-22
20
+
21
+ * fixed phrases controller to work
22
+
23
+ === 0.2.3 / 2010-02-03
24
+
25
+ * little fixes to use ixtlan with MRI rails !
26
+
27
+ * adjust generator to new packages of the restful-gwt jars
28
+
29
+ === 0.2.2 / 2010-01-29
30
+
31
+ * symbolize internal map of guard
32
+
33
+ * gwt generator: parametrizied package generated java classes - find client directory and use this as base package
34
+
35
+ * make phrases to work
36
+
37
+ * added code to add screen and testcase for gwt_scaffolding
38
+
39
+ === 0.2.1 / 2009-12-07
40
+
41
+ * stay logged in when deleting a resource
42
+
43
+ * lot's of work to get restful-gwt version 0.2.1 working with login, and basic i18n = dictonory gets loaded after login or in case the a i18n entry is missing a new one gets created if the permissions allow it
44
+
45
+ * the rails template had a lot of version problems after a major refactoring, so lot's of little fixes there
46
+
47
+ === 0.2.0 / 2009-12-07
48
+
49
+ * intial import
data/MIT-LICENSE ADDED
@@ -0,0 +1,20 @@
1
+ Copyright (c) 2008 Kristian Meier
2
+
3
+ Permission is hereby granted, free of charge, to any person obtaining
4
+ a copy of this software and associated documentation files (the
5
+ "Software"), to deal in the Software without restriction, including
6
+ without limitation the rights to use, copy, modify, merge, publish,
7
+ distribute, sublicense, and/or sell copies of the Software, and to
8
+ permit persons to whom the Software is furnished to do so, subject to
9
+ the following conditions:
10
+
11
+ The above copyright notice and this permission notice shall be
12
+ included in all copies or substantial portions of the Software.
13
+
14
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
15
+ EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
16
+ MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
17
+ NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
18
+ LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
19
+ OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
20
+ WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
data/README.txt ADDED
@@ -0,0 +1,86 @@
1
+ = ixtlan core
2
+
3
+ * http://github.com/mkristian/ixtlan-core
4
+
5
+ == DESCRIPTION:
6
+
7
+ this is set of rails and datamapper plugins for setting up a little more advanced rails application then the default rails generator does. the focus is on security and privacy as well a complete restful xml support.
8
+
9
+ === features
10
+
11
+ * usermanagement: user, group, locale
12
+
13
+ * authentication: session based authentication for both html as well restful xml
14
+
15
+ * authorization: each controller/action pair has a set of allowed roles
16
+
17
+ * privacy: configurable duration for logfiles carrying user specific data. error logs are dumped (complete environment including user specific data as well) and the file location is sent as notification
18
+
19
+ * session idle timeout: configurable server side session idle timeout
20
+
21
+ * audit: a simple log file which documents the action of a user - one action per line
22
+
23
+ * optimistic transaction: through an exception on modification of stale resources
24
+
25
+ * easy add modified_by attributes to a resource and ensure the user gets set before saving such a resource
26
+
27
+ * logger configuration tries to unify logging
28
+
29
+ * basic scaffold like html interface for user,group,locale
30
+
31
+ * rails template setting up such an application - works for both ruby as well jruby
32
+
33
+ * http cache headers so that no data gets save on any proxy or filesystem (as long the user is logged in)
34
+
35
+ * global config: extra configuration file which can carry the all the production passwords and can be left out from the (public) version control system: config/preinitializer.rb for rails and config/global.yml
36
+
37
+ === TODOs
38
+
39
+ * session timeout on html pages so the browser displays the login page after timetout (little modification of the layout.html.erb)
40
+
41
+ * user, group, locale to work also with ldap
42
+
43
+ * html interface for configuration, user profile
44
+
45
+ * setup database specific logger for data_objects - each driver has its own logger
46
+
47
+ * maintanance mode: allow only users who belong to the superuser group
48
+
49
+ * change the db config to have #{RAILS_ROOT} in front of relative filenames to work inside an servlet engine (ixtlan_rails_templates.rb)
50
+
51
+ * locale binding to user/group
52
+
53
+ == user management and authorization
54
+
55
+ each user can belong to one or more groups, each user/group pair can belong to one or more locales. this part can be configured by an admin by changing resource relationships.
56
+
57
+ === authorization
58
+
59
+ each controller/action pair has a set of allowed roles. authorization is granted if on of roles match with one of the groups of the current user (logged in user). this is done by a before filter in rails: guard. the user interface can introspect the guard to allow the user only the actions which s/he actually can be performe. in case some actions needs to verify the locale binding a specialized before filter needs to be implemented.
60
+
61
+ the roles are currently hardcoded in app/guards/XYZ_guard.rb - one guard for each controller.
62
+
63
+ == LICENSE:
64
+
65
+ (The MIT License)
66
+
67
+ Copyright (c) 2009 Kristian Meier
68
+
69
+ Permission is hereby granted, free of charge, to any person obtaining
70
+ a copy of this software and associated documentation files (the
71
+ 'Software'), to deal in the Software without restriction, including
72
+ without limitation the rights to use, copy, modify, merge, publish,
73
+ distribute, sublicense, and/or sell copies of the Software, and to
74
+ permit persons to whom the Software is furnished to do so, subject to
75
+ the following conditions:
76
+
77
+ The above copyright notice and this permission notice shall be
78
+ included in all copies or substantial portions of the Software.
79
+
80
+ THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND,
81
+ EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
82
+ MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
83
+ IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
84
+ CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
85
+ TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
86
+ SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
data/Rakefile ADDED
@@ -0,0 +1,59 @@
1
+ # -*- ruby -*-
2
+
3
+ require 'rubygems'
4
+
5
+ require 'spec'
6
+ require 'spec/rake/spectask'
7
+ #require 'yard'
8
+
9
+ BUILD_DIR = 'target'
10
+
11
+ desc 'clean up'
12
+ task :clean do
13
+ FileUtils.rm_rf(BUILD_DIR)
14
+ end
15
+
16
+ desc 'Package as a gem.'
17
+ task :package do
18
+ require 'fileutils'
19
+ gemspec = Dir['*.gemspec'].first
20
+ Kernel.system("#{RUBY} -S gem build #{gemspec}")
21
+ FileUtils.mkdir_p(BUILD_DIR)
22
+ gem = Dir['*.gem'].first
23
+ FileUtils.mv(gem, File.join(BUILD_DIR,"#{gem}"))
24
+ puts File.join(BUILD_DIR,"#{gem}")
25
+ end
26
+
27
+ desc 'Install the package as a gem.'
28
+ task :install => [:package] do
29
+ gem = Dir[File.join(BUILD_DIR, '*.gem')].first
30
+ extra = ENV['GEM_HOME'].nil? && ENV['GEM_PATH'].nil? ? "--user-install" : ""
31
+ Kernel.system("#{RUBY} -S gem install --local #{gem} --no-ri --no-rdoc #{extra}")
32
+ end
33
+
34
+ desc 'Run specifications'
35
+ Spec::Rake::SpecTask.new(:spec) do |t|
36
+ if File.exists?(File.join('spec','spec.opts'))
37
+ t.spec_opts << '--options' << File.join('spec','spec.opts')
38
+ end
39
+ t.spec_files = Dir.glob(File.join('spec','**','*_spec.rb'))
40
+ end
41
+
42
+ desc 'generate rails using all generators and run the specs'
43
+ task :integration_tests => [:spec, :install] do
44
+ require 'datamapper4rails/integration_test'
45
+ tests = Datamapper4Rails::IntegrationTest.new do |t|
46
+ t.directory = 'temp'
47
+ ENV['GWT'] = "true"
48
+ t.rails_template = 'ixtlan_rails_templates.rb'
49
+ t.generate "ixtlan_datamapper_model name name:string"
50
+ t.generate "ixtlan_datamapper_rspec_model domain name:string"
51
+ t.generate "ixtlan_datamapper_rspec_scaffold player name:string"
52
+ t.generate "gwt_ixtlan_datamapper_rspec_scaffold word name:string"
53
+ end
54
+ tests.command("mvn clean integration-test")
55
+ end
56
+
57
+ #YARD::Rake::YardocTask.new
58
+
59
+ # vim: syntax=Ruby
@@ -26,9 +26,9 @@ module DataMapper
26
26
  root = xml.root_node(doc, opts[:element_name] || default_xml_element_name[])
27
27
  properties_to_serialize(opts).each do |property|
28
28
  value = __send__(property.name)
29
- attrs = (property.class == DataMapper::Property::String) ? {} : {'type' => property.class.to_s.downcase}
29
+ attrs = opts[:skip_types] ? {} : (property.class == DataMapper::Property::String) ? {} : {'type' => property.class.to_s.downcase}
30
30
  value = value.to_s(:xml) if property.class == DataMapper::Property::DateTime rescue value
31
- xml.add_node(root, property.name.to_s, value.frozen? ? value.to_s.dup: value, attrs)
31
+ xml.add_node(root, property.name.to_s, value.frozen? ? value.to_s.dup: value, attrs) unless value.blank? && opts[:skip_empty_tags]
32
32
  end
33
33
 
34
34
  (opts[:methods] || []).each do |meth|
@@ -38,8 +38,10 @@ module DataMapper
38
38
  unless value.nil?
39
39
  if value.respond_to?(:to_xml_document)
40
40
  options = value.is_a?(DataMapper::Collection) ? {:collection_element_name => xml_name} : {:element_name => xml_name}
41
+ options[:skip_types] = opts[:skip_types]
42
+ options[:skip_empty_tags] = opts[:skip_empty_tags]
41
43
  options.merge!(opts[meth] || {})
42
- xml.add_xml(root, value.__send__(:to_xml_document, options))
44
+ xml.add_xml(root, value.__send__(:to_xml_document, options)) unless value.is_a?(DataMapper::Collection) && opts[:skip_empty_tags] == true && value.size == 0
43
45
  else
44
46
  xml.add_node(root, xml_name, value.to_s)
45
47
  end
@@ -61,8 +63,12 @@ module DataMapper
61
63
  xml = DataMapper::Serialize::XMLSerializers::SERIALIZER
62
64
  doc = xml.new_document
63
65
  default_collection_element_name = lambda {Extlib::Inflection.underscore(self.model.storage_name).tr("/", "-")}
64
- root = xml.root_node(doc, opts[:collection_element_name] || default_collection_element_name[], {'type' => 'array'})
66
+ root = xml.root_node(doc, opts[:collection_element_name] || default_collection_element_name[], opts[:skip_types] ? {} : {'type' => 'array'})
67
+ items = []
65
68
  self.each do |item|
69
+ items << item
70
+ end
71
+ items.each do |item|
66
72
  item.__send__(:to_xml_document, opts, doc)
67
73
  end
68
74
  doc
@@ -8,12 +8,17 @@ module Ixtlan
8
8
  base.cache_headers :protected, false #no_store == false
9
9
  end
10
10
 
11
+ private
12
+
13
+ AUDIT = Object.full_const_get(::Ixtlan::Models::AUDIT)
14
+
11
15
  public
12
16
 
13
17
  # GET /audits
14
18
  # GET /audits.xml
15
19
  def index
16
- @audits = Audit.all(query(:login, params[:query])).reverse + Audit.all(query(:message, params[:query])).reverse
20
+ # limit all queries
21
+ @audits = query_limit_all(AUDIT, :login, :message).reverse
17
22
 
18
23
  respond_to do |format|
19
24
  format.html
@@ -10,10 +10,14 @@ module Ixtlan
10
10
  base.cache_headers :private
11
11
  end
12
12
 
13
+ private
14
+
15
+ USER = Object.full_const_get(::Ixtlan::Models::USER)
16
+
13
17
  protected
14
18
  def login_from_params
15
19
  auth = params[:authentication]
16
- User.authenticate(auth[:login], auth[:password]) if auth
20
+ USER.authenticate(auth[:login], auth[:password]) if auth
17
21
  end
18
22
 
19
23
  public
@@ -7,12 +7,16 @@ module Ixtlan
7
7
  base.cache_headers :protected
8
8
  end
9
9
 
10
+ private
11
+
12
+ DOMAIN = Object.full_const_get(::Ixtlan::Models::DOMAIN)
13
+
10
14
  public
11
15
 
12
16
  # GET /domains
13
17
  # GET /domains.xml
14
18
  def index
15
- @domains = Domain.all(simple_query(:name))
19
+ @domains = query(DOMAIN, :name)
16
20
 
17
21
  respond_to do |format|
18
22
  format.html
@@ -23,7 +27,7 @@ module Ixtlan
23
27
  # GET /domains/1
24
28
  # GET /domains/1.xml
25
29
  def show
26
- @domain = Domain.first_or_get!(params[:id])
30
+ @domain = DOMAIN.first_or_get!(params[:id])
27
31
 
28
32
  respond_to do |format|
29
33
  format.html # show.html.erb
@@ -34,7 +38,7 @@ module Ixtlan
34
38
  # GET /domains/new
35
39
  # GET /domains/new.xml
36
40
  def new
37
- @domain = Domain.new
41
+ @domain = DOMAIN.new
38
42
 
39
43
  respond_to do |format|
40
44
  format.html # new.html.erb
@@ -44,13 +48,13 @@ module Ixtlan
44
48
 
45
49
  # GET /domains/1/edit
46
50
  def edit
47
- @domain = Domain.first_or_get!(params[:id])
51
+ @domain = DOMAIN.first_or_get!(params[:id])
48
52
  end
49
53
 
50
54
  # POST /domains
51
55
  # POST /domains.xml
52
56
  def create
53
- @domain = Domain.new(params[:domain])
57
+ @domain = DOMAIN.new(params[:domain])
54
58
  @domain.current_user = current_user
55
59
 
56
60
  respond_to do |format|
@@ -68,7 +72,7 @@ module Ixtlan
68
72
  # PUT /domains/1
69
73
  # PUT /domains/1.xml
70
74
  def update
71
- @domain = Domain.first_or_get!(params[:id])
75
+ @domain = DOMAIN.first_or_get!(params[:id])
72
76
  @domain.current_user = current_user
73
77
 
74
78
  respond_to do |format|
@@ -86,7 +90,7 @@ module Ixtlan
86
90
  # DELETE /domains/1
87
91
  # DELETE /domains/1.xml
88
92
  def destroy
89
- @domain = Domain.first_or_get(params[:id])
93
+ @domain = DOMAIN.first_or_get(params[:id])
90
94
  @domain.destroy if @domain
91
95
 
92
96
  respond_to do |format|
@@ -8,12 +8,26 @@ module Ixtlan
8
8
  base.cache_headers :private
9
9
  end
10
10
 
11
+ private
12
+
13
+ GROUP = Object.full_const_get(::Ixtlan::Models::GROUP)
14
+
11
15
  public
12
16
 
13
17
  # GET /groups
14
18
  # GET /groups.xml
15
19
  def index
16
- @groups = Group.all(simple_query(:name))
20
+ @groups = query(GROUP, :name)
21
+
22
+ # restrict the groups to the groups of the current user
23
+ # unless the current user is allowed to create groups
24
+ # and need to see all
25
+ unless allowed(:create)
26
+ allowed_group_ids = current_user.groups.collect {|g| g.id }
27
+ @groups.delete_if do |g|
28
+ ! allowed_group_ids.member?(g.id)
29
+ end
30
+ end
17
31
 
18
32
  respond_to do |format|
19
33
  format.html
@@ -24,7 +38,14 @@ module Ixtlan
24
38
  # GET /groups/1
25
39
  # GET /groups/1.xml
26
40
  def show
27
- @group = Group.first_or_get!(params[:id])
41
+ @group = GROUP.first_or_get!(params[:id])
42
+
43
+ # restrict the groups to the groups of the current user
44
+ # unless the current user is allowed to create groups
45
+ # and need to see all
46
+ unless allowed(:create)
47
+ allowed_groups = current_user.groups
48
+ end
28
49
 
29
50
  respond_to do |format|
30
51
  format.html # show.html.erb
@@ -35,7 +56,7 @@ module Ixtlan
35
56
  # GET /groups/new
36
57
  # GET /groups/new.xml
37
58
  def new
38
- @group = Group.new
59
+ @group = GROUP.new
39
60
 
40
61
  respond_to do |format|
41
62
  format.html # new.html.erb
@@ -45,7 +66,7 @@ module Ixtlan
45
66
 
46
67
  # GET /groups/1/edit
47
68
  def edit
48
- @group = Group.first_or_get!(params[:id])
69
+ @group = GROUP.first_or_get!(params[:id])
49
70
  end
50
71
 
51
72
  # POST /groups
@@ -54,7 +75,7 @@ module Ixtlan
54
75
  group = params[:group] || {}
55
76
  group.delete(:locales)
56
77
  group.delete(:domains)
57
- @group = Group.new(group)
78
+ @group = GROUP.new(group)
58
79
  @group.current_user = current_user
59
80
 
60
81
  respond_to do |format|
@@ -72,7 +93,7 @@ module Ixtlan
72
93
  # PUT /groups/1
73
94
  # PUT /groups/1.xml
74
95
  def update
75
- @group = Group.first_or_get!(params[:id])
96
+ @group = GROUP.first_or_get!(params[:id])
76
97
  @group.current_user = current_user
77
98
 
78
99
  @group.update_children((params[:group] || {}).delete(:locales), :locale)
@@ -92,7 +113,7 @@ module Ixtlan
92
113
  # DELETE /groups/1
93
114
  # DELETE /groups/1.xml
94
115
  def destroy
95
- @group = Group.first_or_get(params[:id])
116
+ @group = GROUP.first_or_get(params[:id])
96
117
  @group.current_user = current_user
97
118
  @group.destroy if @group
98
119
 
@@ -8,12 +8,16 @@ module Ixtlan
8
8
  base.cache_headers :public, true # no_store == true
9
9
  end
10
10
 
11
+ private
12
+
13
+ LOCALE = Object.full_const_get(::Ixtlan::Models::LOCALE)
14
+
11
15
  public
12
16
 
13
17
  # GET /locales
14
18
  # GET /locales.xml
15
19
  def index
16
- @locales = Locale.all(simple_query(:code))
20
+ @locales = query(LOCALE, :code)
17
21
 
18
22
  respond_to do |format|
19
23
  format.html
@@ -24,7 +28,7 @@ module Ixtlan
24
28
  # GET /locales/1
25
29
  # GET /locales/1.xml
26
30
  def show
27
- @locale = Locale.first_or_get!(params[:id])
31
+ @locale = LOCALE.first_or_get!(params[:id])
28
32
 
29
33
  respond_to do |format|
30
34
  format.html # show.html.erb
@@ -35,7 +39,7 @@ module Ixtlan
35
39
  # GET /locales/new
36
40
  # GET /locales/new.xml
37
41
  def new
38
- @locale = Locale.new
42
+ @locale = LOCALE.new
39
43
 
40
44
  respond_to do |format|
41
45
  format.html # new.html.erb
@@ -45,13 +49,13 @@ module Ixtlan
45
49
 
46
50
  # GET /locales/1/edit
47
51
  def edit
48
- @locale = Locale.first_or_get!(params[:id])
52
+ @locale = LOCALE.first_or_get!(params[:id])
49
53
  end
50
54
 
51
55
  # POST /locales
52
56
  # POST /locales.xml
53
57
  def create
54
- @locale = Locale.new(params[:locale])
58
+ @locale = LOCALE.new(params[:locale])
55
59
  @locale.current_user = current_user
56
60
 
57
61
  respond_to do |format|
@@ -69,7 +73,7 @@ module Ixtlan
69
73
  # PUT /locales/1
70
74
  # PUT /locales/1.xml
71
75
  def update
72
- @locale = Locale.first_or_get!(params[:id])
76
+ @locale = LOCALE.first_or_get!(params[:id])
73
77
  @locale.current_user = current_user
74
78
 
75
79
  respond_to do |format|
@@ -87,7 +91,7 @@ module Ixtlan
87
91
  # DELETE /locales/1
88
92
  # DELETE /locales/1.xml
89
93
  def destroy
90
- @locale = Locale.first_or_get(params[:id])
94
+ @locale = LOCALE.first_or_get(params[:id])
91
95
  @locale.destroy if @locale
92
96
 
93
97
  respond_to do |format|
@@ -3,24 +3,40 @@ module Ixtlan
3
3
  module SearchQuery
4
4
 
5
5
  private
6
-
7
- def simple_query(search_parameter)
8
- query(search_parameter, params[search_parameter])
6
+ def query(model, *parameters)
7
+ _query(model, false, *parameters)
9
8
  end
10
9
 
11
- def query(parameter, value)
12
- args = {}
13
- args[:limit] = (params[:limit] || 10).to_i + 1 #if params[:limit]
14
- args[:offset] = params[:offset].to_i if params[:offset]
10
+ def query_limit_all(model, *parameters)
11
+ _query(model, true, *parameters)
12
+ end
15
13
 
14
+ def _query(model, limit_all, *parameters)
15
+ result = nil
16
+ value = parameters[0].is_a?(String) ? parameters.shift : params[:query]
16
17
  if value
17
- if "false" == params[:fuzzy]
18
- args[parameter] = value
19
- else
20
- args[parameter.like] = "%" + value.to_s + "%"
18
+ parameters.each do |p|
19
+ args = {}
20
+ if "false" == params[:fuzzy]
21
+ args[p] = value
22
+ else
23
+ args[p.like] = "%" + value.to_s + "%"
24
+ end
25
+ if result
26
+ result = result + model.all(args)
27
+ else
28
+ result = model.all(args)
29
+ end
21
30
  end
22
31
  end
23
- args
32
+ if limit_all || value
33
+ limit = (params[:limit] || 10).to_i + 1
34
+ offset = (params[:offset] || 0).to_i
35
+
36
+ (result || model.all)[offset, offset + limit]
37
+ else
38
+ model.all
39
+ end
24
40
  end
25
41
  end
26
42
  end
@@ -25,7 +25,7 @@ module Ixtlan
25
25
  # GET /users
26
26
  # GET /users.xml
27
27
  def index
28
- @users = USER.all(simple_query(:login))
28
+ @users = query(USER, :login, :email)
29
29
 
30
30
  respond_to do |format|
31
31
  format.html
@@ -9,6 +9,12 @@ module Ixtlan
9
9
  base.cache_headers :protected
10
10
  end
11
11
 
12
+ private
13
+
14
+ LOCALE = Object.full_const_get(::Ixtlan::Models::LOCALE)
15
+
16
+ public
17
+
12
18
  def index
13
19
  locale = params[:code]
14
20
  # TODO load in following order and allow to replace findings in the
@@ -17,12 +23,12 @@ module Ixtlan
17
23
  # * DEFAULT latest_approved
18
24
  # * locale-parent latest_approved
19
25
  # * locale latest_approved
20
- l = Locale.first(:code => locale) || Locale.get!(locale)
26
+ l = LOCALE.first(:code => locale) || LOCALE.get!(locale)
21
27
  word_bundle = {}
22
- Ixtlan::Models::Word.not_approved(:locale => Locale.default).each do |word|
28
+ Ixtlan::Models::Word.not_approved(:locale => LOCALE.default).each do |word|
23
29
  word_bundle[word.code] = word
24
30
  end
25
- Ixtlan::Models::Word.approved(:locale => Locale.default).each do |word|
31
+ Ixtlan::Models::Word.approved(:locale => LOCALE.default).each do |word|
26
32
  word_bundle[word.code] = word
27
33
  end
28
34
 
data/lib/ixtlan/guard.rb CHANGED
@@ -18,6 +18,10 @@ module Ixtlan
18
18
  end
19
19
  true
20
20
  end
21
+
22
+ def allowed(action, locale = nil)
23
+ ::Ixtlan::Guard.check(self, params[:controller], action, locale)
24
+ end
21
25
  end
22
26
  end
23
27
  end
@@ -100,6 +104,8 @@ module Ixtlan
100
104
 
101
105
  def self.permissions(user = nil)
102
106
  repository(:guard_memory) do
107
+ PERMISSION.all.destroy!
108
+ ROLE.all.destroy!
103
109
  root = ROLE.create(:name => @@superuser)
104
110
  @@map.each do |controller, actions|
105
111
  actions.each do |action, roles|
@@ -128,10 +134,17 @@ module Ixtlan
128
134
  raise ::Ixtlan::GuardException.new("unknown action '#{action}' for controller '#{resource}'")
129
135
  else
130
136
  allowed << @@superuser unless allowed.member? @@superuser
131
- for group in groups
132
- if allowed.member? group.name.to_sym
133
- return locale.nil? ? true : (group.locales.member? locale)
134
- end
137
+ all_groups = allowed.member?(:*)
138
+ if(all_groups && locale.nil?)
139
+ return true
140
+ else
141
+ for group in groups
142
+ if all_groups || allowed.member?(group.name.to_sym)
143
+ if(locale.nil? || group.locales.member?(locale))
144
+ return true
145
+ end
146
+ end
147
+ end
135
148
  end
136
149
  return false
137
150
  end
@@ -1,4 +1,5 @@
1
1
  require 'dm-serializer'
2
+ require 'ixtlan/guard'
2
3
  module Ixtlan
3
4
  module Models
4
5
  module Authentication
@@ -20,12 +21,17 @@ module Ixtlan
20
21
  protected
21
22
 
22
23
  def permissions
23
- Guard.permissions(user)
24
+ ::Ixtlan::Guard.permissions(user)
24
25
  end
25
26
 
26
27
  alias :to_x :to_xml_document
27
28
  def to_xml_document(opts, doc = nil)
28
- opts.merge!({:exclude => [:password,:user_id], :methods => [:user, :permissions]})
29
+ opts.merge!({
30
+ :skip_types => true,
31
+ :skip_empty_tags => true,
32
+ :exclude => [:password, :user_id, :id],
33
+ :methods => [:user, :permissions]
34
+ })
29
35
  to_x(opts, doc)
30
36
  end
31
37
  end