ixtlan 0.4.0.pre5 → 0.4.0

data/History.txt

@@ -0,0 +1,49 @@
+=== 0.3.0 / 2010-05-24
+
+* allow model with to_log to have nice log output
+
+* made all controllers nice modules including before_filters
+
+* domains/locales work with guard
+
+* added migration class for ixtlan models
+
+* all models have an ID now
+
+* helper for n-m-relations
+
+* added search module with helper methods
+
+* better audit log
+
+=== 0.2.4 / 2010-02-22
+
+* fixed phrases controller to work
+
+=== 0.2.3 / 2010-02-03
+
+* little fixes to use ixtlan with MRI rails !
+
+* adjust generator to new packages of the restful-gwt jars
+
+=== 0.2.2 / 2010-01-29
+
+* symbolize internal map of guard
+
+* gwt generator: parametrizied package generated java classes - find client directory and use this as base package
+
+* make phrases to work
+
+* added code to add screen and testcase for gwt_scaffolding
+
+=== 0.2.1 / 2009-12-07
+
+* stay logged in when deleting a resource
+
+* lot's of work to get restful-gwt version 0.2.1 working with login, and basic i18n = dictonory gets loaded after login or in case the a i18n entry is missing a new one gets created if the permissions allow it
+
+* the rails template had a lot of version problems after a major refactoring, so lot's of little fixes there
+
+=== 0.2.0 / 2009-12-07
+
+* intial import

data/MIT-LICENSE

@@ -0,0 +1,20 @@
+Copyright (c) 2008 Kristian Meier
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.txt

@@ -0,0 +1,86 @@
+= ixtlan core
+
+* http://github.com/mkristian/ixtlan-core
+
+== DESCRIPTION:
+
+this is set of rails and datamapper plugins for setting up a little more advanced rails application then the default rails generator does. the focus is on security and privacy as well a complete restful xml support.
+
+=== features
+
+* usermanagement: user, group, locale
+
+* authentication: session based authentication for both html as well restful xml
+
+* authorization: each controller/action pair has a set of allowed roles
+
+* privacy: configurable duration for logfiles carrying user specific data. error logs are dumped (complete environment including user specific data as well) and the file location is sent as notification
+
+* session idle timeout: configurable server side session idle timeout
+
+* audit: a simple log file which documents the action of a user - one action per line
+
+* optimistic transaction: through an exception on modification of stale resources
+
+* easy add modified_by attributes to a resource and ensure the user gets set before saving such a resource
+
+* logger configuration tries to unify logging
+
+* basic scaffold like html interface for user,group,locale
+
+* rails template setting up such an application - works for both ruby as well jruby
+
+* http cache headers so that no data gets save on any proxy or filesystem (as long the user is logged in)
+
+* global config: extra configuration file which can carry the all the production passwords and can be left out from the (public) version control system: config/preinitializer.rb for rails and config/global.yml
+
+=== TODOs
+
+* session timeout on html pages so the browser displays the login page after timetout (little modification of the layout.html.erb)
+
+* user, group, locale to work also with ldap
+
+* html interface for configuration, user profile
+
+* setup database specific logger for data_objects - each driver has its own logger
+
+* maintanance mode: allow only users who belong to the superuser group
+
+* change the db config to have #{RAILS_ROOT} in front of relative filenames to work inside an servlet engine (ixtlan_rails_templates.rb)
+
+* locale binding to user/group
+
+== user management and authorization
+
+each user can belong to one or more groups, each user/group pair can belong to one or more locales. this part can be configured by an admin by changing resource relationships.
+
+=== authorization
+
+each controller/action pair has a set of allowed roles. authorization is granted if on of roles match with one of the groups of the current user (logged in user). this is done by a before filter in rails: guard. the user interface can introspect the guard to allow the user only the actions which s/he actually can be performe. in case some actions needs to verify the locale binding a specialized before filter needs to be implemented.
+
+the roles are currently hardcoded in app/guards/XYZ_guard.rb - one guard for each controller.
+
+== LICENSE:
+
+(The MIT License)
+
+Copyright (c) 2009 Kristian Meier
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+'Software'), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
+CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
+TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
+SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/Rakefile

@@ -0,0 +1,59 @@
+# -*- ruby -*-
+
+require 'rubygems'
+
+require 'spec'
+require 'spec/rake/spectask'
+#require 'yard'
+
+BUILD_DIR = 'target'
+
+desc 'clean up'
+task :clean do
+  FileUtils.rm_rf(BUILD_DIR)
+end
+
+desc 'Package as a gem.'
+task :package do
+  require 'fileutils'
+  gemspec = Dir['*.gemspec'].first
+  Kernel.system("#{RUBY} -S gem build #{gemspec}")
+  FileUtils.mkdir_p(BUILD_DIR)
+  gem = Dir['*.gem'].first
+  FileUtils.mv(gem, File.join(BUILD_DIR,"#{gem}"))
+  puts File.join(BUILD_DIR,"#{gem}")
+end
+
+desc 'Install the package as a gem.'
+task :install => [:package] do
+  gem = Dir[File.join(BUILD_DIR, '*.gem')].first
+  extra = ENV['GEM_HOME'].nil? && ENV['GEM_PATH'].nil? ? "--user-install" : ""
+  Kernel.system("#{RUBY} -S gem install --local #{gem} --no-ri --no-rdoc #{extra}")
+end
+
+desc 'Run specifications'
+Spec::Rake::SpecTask.new(:spec) do |t|
+  if File.exists?(File.join('spec','spec.opts'))
+    t.spec_opts << '--options' << File.join('spec','spec.opts')
+  end
+  t.spec_files = Dir.glob(File.join('spec','**','*_spec.rb'))
+end
+
+desc 'generate rails using all generators and run the specs'
+task :integration_tests => [:spec, :install] do
+  require 'datamapper4rails/integration_test'
+  tests = Datamapper4Rails::IntegrationTest.new do |t|
+    t.directory = 'temp'
+    ENV['GWT'] = "true"
+    t.rails_template = 'ixtlan_rails_templates.rb'
+    t.generate "ixtlan_datamapper_model name name:string"
+    t.generate "ixtlan_datamapper_rspec_model domain name:string"
+    t.generate "ixtlan_datamapper_rspec_scaffold player name:string"
+    t.generate "gwt_ixtlan_datamapper_rspec_scaffold word name:string"
+   end
+   tests.command("mvn clean integration-test")
+end
+
+#YARD::Rake::YardocTask.new
+
+# vim: syntax=Ruby

data/lib/dm-serializer/to_xml.rb

@@ -26,9 +26,9 @@ module DataMapper
       root = xml.root_node(doc, opts[:element_name] || default_xml_element_name[])
       properties_to_serialize(opts).each do |property|
         value = __send__(property.name)
-        attrs = (property.class == DataMapper::Property::String) ? {} : {'type' => property.class.to_s.downcase}
+        attrs = opts[:skip_types] ? {} : (property.class == DataMapper::Property::String) ? {} : {'type' => property.class.to_s.downcase}
         value = value.to_s(:xml) if property.class == DataMapper::Property::DateTime rescue value
-        xml.add_node(root, property.name.to_s, value.frozen? ? value.to_s.dup: value, attrs)
+        xml.add_node(root, property.name.to_s, value.frozen? ? value.to_s.dup: value, attrs) unless value.blank? && opts[:skip_empty_tags]
       end
 
       (opts[:methods] || []).each do |meth|
@@ -38,8 +38,10 @@ module DataMapper
           unless value.nil?
             if value.respond_to?(:to_xml_document)
               options = value.is_a?(DataMapper::Collection) ? {:collection_element_name => xml_name} : {:element_name => xml_name}
+              options[:skip_types] = opts[:skip_types]
+              options[:skip_empty_tags] = opts[:skip_empty_tags]
               options.merge!(opts[meth] || {})
-              xml.add_xml(root, value.__send__(:to_xml_document, options))
+              xml.add_xml(root, value.__send__(:to_xml_document, options)) unless value.is_a?(DataMapper::Collection) && opts[:skip_empty_tags] == true && value.size == 0 
             else
               xml.add_node(root, xml_name, value.to_s)
             end
@@ -61,8 +63,12 @@ module DataMapper
       xml = DataMapper::Serialize::XMLSerializers::SERIALIZER
       doc = xml.new_document
       default_collection_element_name = lambda {Extlib::Inflection.underscore(self.model.storage_name).tr("/", "-")}
-      root = xml.root_node(doc, opts[:collection_element_name] || default_collection_element_name[], {'type' => 'array'})
+      root = xml.root_node(doc, opts[:collection_element_name] || default_collection_element_name[], opts[:skip_types] ? {} : {'type' => 'array'})
+      items = []
       self.each do |item|
+        items << item
+      end
+      items.each do |item|
         item.__send__(:to_xml_document, opts, doc)
       end
       doc

data/lib/ixtlan/controllers/audits_controller.rb

@@ -8,12 +8,17 @@ module Ixtlan
         base.cache_headers :protected, false #no_store == false
       end
 
+      private
+
+      AUDIT = Object.full_const_get(::Ixtlan::Models::AUDIT)
+
       public
 
       # GET /audits
       # GET /audits.xml
       def index
-        @audits = Audit.all(query(:login, params[:query])).reverse + Audit.all(query(:message, params[:query])).reverse
+        # limit all queries
+        @audits = query_limit_all(AUDIT, :login, :message).reverse
 
         respond_to do |format|
           format.html

data/lib/ixtlan/controllers/authentications_controller.rb

@@ -10,10 +10,14 @@ module Ixtlan
         base.cache_headers :private
       end
 
+      private
+
+      USER = Object.full_const_get(::Ixtlan::Models::USER)
+
       protected
       def login_from_params
         auth = params[:authentication]
-        User.authenticate(auth[:login], auth[:password]) if auth
+        USER.authenticate(auth[:login], auth[:password]) if auth
       end
 
       public

data/lib/ixtlan/controllers/domains_controller.rb

@@ -7,12 +7,16 @@ module Ixtlan
         base.cache_headers :protected
       end
 
+      private
+
+      DOMAIN = Object.full_const_get(::Ixtlan::Models::DOMAIN)
+
       public
 
       # GET /domains
       # GET /domains.xml
       def index
-        @domains = Domain.all(simple_query(:name))
+        @domains = query(DOMAIN, :name)
 
         respond_to do |format|
           format.html
@@ -23,7 +27,7 @@ module Ixtlan
       # GET /domains/1
       # GET /domains/1.xml
       def show
-        @domain = Domain.first_or_get!(params[:id])
+        @domain = DOMAIN.first_or_get!(params[:id])
 
         respond_to do |format|
           format.html # show.html.erb
@@ -34,7 +38,7 @@ module Ixtlan
       # GET /domains/new
       # GET /domains/new.xml
       def new
-        @domain = Domain.new
+        @domain = DOMAIN.new
 
         respond_to do |format|
           format.html # new.html.erb
@@ -44,13 +48,13 @@ module Ixtlan
 
       # GET /domains/1/edit
       def edit
-        @domain = Domain.first_or_get!(params[:id])
+        @domain = DOMAIN.first_or_get!(params[:id])
       end
 
       # POST /domains
       # POST /domains.xml
       def create
-        @domain = Domain.new(params[:domain])
+        @domain = DOMAIN.new(params[:domain])
         @domain.current_user = current_user
 
         respond_to do |format|
@@ -68,7 +72,7 @@ module Ixtlan
       # PUT /domains/1
       # PUT /domains/1.xml
       def update
-        @domain = Domain.first_or_get!(params[:id])
+        @domain = DOMAIN.first_or_get!(params[:id])
         @domain.current_user = current_user
 
         respond_to do |format|
@@ -86,7 +90,7 @@ module Ixtlan
       # DELETE /domains/1
       # DELETE /domains/1.xml
       def destroy
-        @domain = Domain.first_or_get(params[:id])
+        @domain = DOMAIN.first_or_get(params[:id])
         @domain.destroy if @domain
 
         respond_to do |format|

data/lib/ixtlan/controllers/groups_controller.rb

@@ -8,12 +8,26 @@ module Ixtlan
         base.cache_headers :private
       end
 
+      private
+
+      GROUP = Object.full_const_get(::Ixtlan::Models::GROUP)
+      
       public
 
       # GET /groups
       # GET /groups.xml
       def index
-        @groups = Group.all(simple_query(:name))
+        @groups = query(GROUP, :name)
+
+        # restrict the groups to the groups of the current user
+        # unless the current user is allowed to create groups
+        # and need to see all
+        unless allowed(:create)
+          allowed_group_ids = current_user.groups.collect {|g| g.id }
+          @groups.delete_if do |g|
+            ! allowed_group_ids.member?(g.id)
+          end
+        end
 
         respond_to do |format|
           format.html
@@ -24,7 +38,14 @@ module Ixtlan
       # GET /groups/1
       # GET /groups/1.xml
       def show
-        @group = Group.first_or_get!(params[:id])
+        @group = GROUP.first_or_get!(params[:id])
+
+        # restrict the groups to the groups of the current user
+        # unless the current user is allowed to create groups
+        # and need to see all
+        unless allowed(:create)
+          allowed_groups = current_user.groups
+        end
 
         respond_to do |format|
           format.html # show.html.erb
@@ -35,7 +56,7 @@ module Ixtlan
       # GET /groups/new
       # GET /groups/new.xml
       def new
-        @group = Group.new
+        @group = GROUP.new
 
         respond_to do |format|
           format.html # new.html.erb
@@ -45,7 +66,7 @@ module Ixtlan
 
       # GET /groups/1/edit
       def edit
-        @group = Group.first_or_get!(params[:id])
+        @group = GROUP.first_or_get!(params[:id])
       end
 
       # POST /groups
@@ -54,7 +75,7 @@ module Ixtlan
         group = params[:group] || {}
         group.delete(:locales)
         group.delete(:domains)
-        @group = Group.new(group)
+        @group = GROUP.new(group)
         @group.current_user = current_user
 
         respond_to do |format|
@@ -72,7 +93,7 @@ module Ixtlan
       # PUT /groups/1
       # PUT /groups/1.xml
       def update
-        @group = Group.first_or_get!(params[:id])
+        @group = GROUP.first_or_get!(params[:id])
         @group.current_user = current_user
 
         @group.update_children((params[:group] || {}).delete(:locales), :locale)
@@ -92,7 +113,7 @@ module Ixtlan
       # DELETE /groups/1
       # DELETE /groups/1.xml
       def destroy
-        @group = Group.first_or_get(params[:id])
+        @group = GROUP.first_or_get(params[:id])
         @group.current_user = current_user
         @group.destroy if @group
 

data/lib/ixtlan/controllers/locales_controller.rb

@@ -8,12 +8,16 @@ module Ixtlan
         base.cache_headers :public, true # no_store == true
       end
 
+      private
+
+      LOCALE = Object.full_const_get(::Ixtlan::Models::LOCALE)
+
       public
 
       # GET /locales
       # GET /locales.xml
       def index
-        @locales = Locale.all(simple_query(:code))
+        @locales = query(LOCALE, :code)
 
         respond_to do |format|
           format.html
@@ -24,7 +28,7 @@ module Ixtlan
       # GET /locales/1
       # GET /locales/1.xml
       def show
-        @locale = Locale.first_or_get!(params[:id])
+        @locale = LOCALE.first_or_get!(params[:id])
 
         respond_to do |format|
           format.html # show.html.erb
@@ -35,7 +39,7 @@ module Ixtlan
       # GET /locales/new
       # GET /locales/new.xml
       def new
-        @locale = Locale.new
+        @locale = LOCALE.new
 
         respond_to do |format|
           format.html # new.html.erb
@@ -45,13 +49,13 @@ module Ixtlan
 
       # GET /locales/1/edit
       def edit
-        @locale = Locale.first_or_get!(params[:id])
+        @locale = LOCALE.first_or_get!(params[:id])
       end
 
       # POST /locales
       # POST /locales.xml
       def create
-        @locale = Locale.new(params[:locale])
+        @locale = LOCALE.new(params[:locale])
         @locale.current_user = current_user
 
         respond_to do |format|
@@ -69,7 +73,7 @@ module Ixtlan
       # PUT /locales/1
       # PUT /locales/1.xml
       def update
-        @locale = Locale.first_or_get!(params[:id])
+        @locale = LOCALE.first_or_get!(params[:id])
         @locale.current_user = current_user
 
         respond_to do |format|
@@ -87,7 +91,7 @@ module Ixtlan
       # DELETE /locales/1
       # DELETE /locales/1.xml
       def destroy
-        @locale = Locale.first_or_get(params[:id])
+        @locale = LOCALE.first_or_get(params[:id])
         @locale.destroy if @locale
 
         respond_to do |format|

data/lib/ixtlan/controllers/search_query.rb

@@ -3,24 +3,40 @@ module Ixtlan
     module SearchQuery
 
       private 
-
-      def simple_query(search_parameter)
-        query(search_parameter, params[search_parameter])
+      def query(model, *parameters)
+        _query(model, false, *parameters)
       end
 
-      def query(parameter, value)
-        args = {}
-        args[:limit] = (params[:limit] || 10).to_i + 1 #if params[:limit]
-        args[:offset] = params[:offset].to_i if params[:offset]
+      def query_limit_all(model, *parameters)
+        _query(model, true, *parameters)
+      end
 
+      def _query(model, limit_all, *parameters)
+        result = nil
+        value = parameters[0].is_a?(String) ? parameters.shift : params[:query]
         if value
-          if "false" == params[:fuzzy]
-            args[parameter] = value
-          else
-            args[parameter.like] = "%" + value.to_s + "%"
+          parameters.each do |p|
+            args = {}
+            if "false" == params[:fuzzy]
+              args[p] = value
+            else
+              args[p.like] = "%" + value.to_s + "%"
+            end
+            if result
+              result = result + model.all(args)
+            else
+              result = model.all(args)
+            end
           end
         end
-        args
+        if limit_all || value
+          limit = (params[:limit] || 10).to_i + 1
+          offset = (params[:offset] || 0).to_i
+          
+          (result || model.all)[offset, offset + limit]
+        else
+          model.all
+        end
       end
     end
   end

data/lib/ixtlan/controllers/users_controller.rb

@@ -25,7 +25,7 @@ module Ixtlan
       # GET /users
       # GET /users.xml
       def index
-        @users = USER.all(simple_query(:login))
+        @users = query(USER, :login, :email)
 
         respond_to do |format|
           format.html

data/lib/ixtlan/controllers/word_bundles_controller.rb

@@ -9,6 +9,12 @@ module Ixtlan
         base.cache_headers :protected
       end
 
+      private
+
+      LOCALE = Object.full_const_get(::Ixtlan::Models::LOCALE)
+
+      public
+
       def index
         locale = params[:code]
         # TODO load in following order and allow to replace findings in the
@@ -17,12 +23,12 @@ module Ixtlan
         # * DEFAULT latest_approved
         # * locale-parent latest_approved
         # * locale latest_approved
-        l = Locale.first(:code => locale) || Locale.get!(locale)
+        l = LOCALE.first(:code => locale) || LOCALE.get!(locale)
         word_bundle = {}
-        Ixtlan::Models::Word.not_approved(:locale => Locale.default).each do |word|
+        Ixtlan::Models::Word.not_approved(:locale => LOCALE.default).each do |word|
           word_bundle[word.code] = word
         end
-        Ixtlan::Models::Word.approved(:locale => Locale.default).each do |word|
+        Ixtlan::Models::Word.approved(:locale => LOCALE.default).each do |word|
           word_bundle[word.code] = word
         end
 

data/lib/ixtlan/guard.rb

@@ -18,6 +18,10 @@ module Ixtlan
           end
           true
         end
+
+        def allowed(action, locale = nil)
+          ::Ixtlan::Guard.check(self, params[:controller], action, locale)
+        end
       end
     end
   end
@@ -100,6 +104,8 @@ module Ixtlan
 
     def self.permissions(user = nil)
       repository(:guard_memory) do
+        PERMISSION.all.destroy!
+        ROLE.all.destroy!
         root = ROLE.create(:name => @@superuser)
         @@map.each do |controller, actions|
           actions.each do |action, roles|
@@ -128,10 +134,17 @@ module Ixtlan
           raise ::Ixtlan::GuardException.new("unknown action '#{action}' for controller '#{resource}'")
         else
           allowed << @@superuser unless allowed.member? @@superuser
-          for group in groups
-             if allowed.member? group.name.to_sym
-               return locale.nil? ? true : (group.locales.member? locale)
-             end
+          all_groups = allowed.member?(:*) 
+          if(all_groups && locale.nil?)
+            return true
+          else
+            for group in groups
+              if all_groups || allowed.member?(group.name.to_sym)
+                if(locale.nil? || group.locales.member?(locale))
+                  return true
+                end
+              end
+            end
           end
           return false
         end

data/lib/ixtlan/models/authentication.rb

@@ -1,4 +1,5 @@
 require 'dm-serializer'
+require 'ixtlan/guard'
 module Ixtlan
   module Models
     module Authentication
@@ -20,12 +21,17 @@ module Ixtlan
             protected
 
             def permissions
-              Guard.permissions(user)
+              ::Ixtlan::Guard.permissions(user)
             end
 
             alias :to_x :to_xml_document
             def to_xml_document(opts, doc = nil)
-              opts.merge!({:exclude => [:password,:user_id], :methods => [:user, :permissions]})
+              opts.merge!({
+                            :skip_types => true,
+                            :skip_empty_tags => true,
+                            :exclude => [:password, :user_id, :id], 
+                            :methods => [:user, :permissions]
+                          })
               to_x(opts, doc)
             end
           end