ixtlan 0.4.0.pre5 → 0.4.0
Sign up to get free protection for your applications and to get access to all the features.
- data/History.txt +49 -0
- data/MIT-LICENSE +20 -0
- data/README.txt +86 -0
- data/Rakefile +59 -0
- data/lib/dm-serializer/to_xml.rb +10 -4
- data/lib/ixtlan/controllers/audits_controller.rb +6 -1
- data/lib/ixtlan/controllers/authentications_controller.rb +5 -1
- data/lib/ixtlan/controllers/domains_controller.rb +11 -7
- data/lib/ixtlan/controllers/groups_controller.rb +28 -7
- data/lib/ixtlan/controllers/locales_controller.rb +11 -7
- data/lib/ixtlan/controllers/search_query.rb +28 -12
- data/lib/ixtlan/controllers/users_controller.rb +1 -1
- data/lib/ixtlan/controllers/word_bundles_controller.rb +9 -3
- data/lib/ixtlan/guard.rb +17 -4
- data/lib/ixtlan/models/authentication.rb +8 -2
- data/lib/ixtlan/models/configuration.rb +14 -1
- data/lib/ixtlan/models/group.rb +14 -1
- data/lib/ixtlan/models/i18n_text.rb +6 -2
- data/lib/ixtlan/models/phrase.rb +11 -6
- data/lib/ixtlan/models/translation.rb +6 -2
- data/lib/ixtlan/models/user.rb +29 -2
- data/lib/ixtlan/modified_by.rb +1 -2
- data/lib/ixtlan/rails/error_handling.rb +1 -1
- data/lib/ixtlan/version.rb +1 -1
- data/lib/ixtlan/version.rb.errors +0 -0
- data/spec/authentication_spec.rb +16 -9
- data/spec/guard_spec.rb +8 -7
- data/spec/modified_by_spec.rb +9 -8
- data/spec/optimistic_persistence_spec.rb +2 -2
- data/spec/phrase_spec.rb +45 -49
- data/spec/session_timeout_spec.rb +1 -1
- data/spec/spec_helper.rb +66 -24
- data/spec/text_collection_spec.rb +23 -25
- data/spec/text_spec.rb +8 -8
- data/spec/unrestful_authentication_spec.rb +2 -2
- data/spec/user_logger_spec.rb +1 -0
- data/spec/user_spec.rb +5 -8
- metadata +37 -19
data/History.txt
ADDED
@@ -0,0 +1,49 @@
|
|
1
|
+
=== 0.3.0 / 2010-05-24
|
2
|
+
|
3
|
+
* allow model with to_log to have nice log output
|
4
|
+
|
5
|
+
* made all controllers nice modules including before_filters
|
6
|
+
|
7
|
+
* domains/locales work with guard
|
8
|
+
|
9
|
+
* added migration class for ixtlan models
|
10
|
+
|
11
|
+
* all models have an ID now
|
12
|
+
|
13
|
+
* helper for n-m-relations
|
14
|
+
|
15
|
+
* added search module with helper methods
|
16
|
+
|
17
|
+
* better audit log
|
18
|
+
|
19
|
+
=== 0.2.4 / 2010-02-22
|
20
|
+
|
21
|
+
* fixed phrases controller to work
|
22
|
+
|
23
|
+
=== 0.2.3 / 2010-02-03
|
24
|
+
|
25
|
+
* little fixes to use ixtlan with MRI rails !
|
26
|
+
|
27
|
+
* adjust generator to new packages of the restful-gwt jars
|
28
|
+
|
29
|
+
=== 0.2.2 / 2010-01-29
|
30
|
+
|
31
|
+
* symbolize internal map of guard
|
32
|
+
|
33
|
+
* gwt generator: parametrizied package generated java classes - find client directory and use this as base package
|
34
|
+
|
35
|
+
* make phrases to work
|
36
|
+
|
37
|
+
* added code to add screen and testcase for gwt_scaffolding
|
38
|
+
|
39
|
+
=== 0.2.1 / 2009-12-07
|
40
|
+
|
41
|
+
* stay logged in when deleting a resource
|
42
|
+
|
43
|
+
* lot's of work to get restful-gwt version 0.2.1 working with login, and basic i18n = dictonory gets loaded after login or in case the a i18n entry is missing a new one gets created if the permissions allow it
|
44
|
+
|
45
|
+
* the rails template had a lot of version problems after a major refactoring, so lot's of little fixes there
|
46
|
+
|
47
|
+
=== 0.2.0 / 2009-12-07
|
48
|
+
|
49
|
+
* intial import
|
data/MIT-LICENSE
ADDED
@@ -0,0 +1,20 @@
|
|
1
|
+
Copyright (c) 2008 Kristian Meier
|
2
|
+
|
3
|
+
Permission is hereby granted, free of charge, to any person obtaining
|
4
|
+
a copy of this software and associated documentation files (the
|
5
|
+
"Software"), to deal in the Software without restriction, including
|
6
|
+
without limitation the rights to use, copy, modify, merge, publish,
|
7
|
+
distribute, sublicense, and/or sell copies of the Software, and to
|
8
|
+
permit persons to whom the Software is furnished to do so, subject to
|
9
|
+
the following conditions:
|
10
|
+
|
11
|
+
The above copyright notice and this permission notice shall be
|
12
|
+
included in all copies or substantial portions of the Software.
|
13
|
+
|
14
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
|
15
|
+
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
16
|
+
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
|
17
|
+
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
|
18
|
+
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
|
19
|
+
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
|
20
|
+
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
data/README.txt
ADDED
@@ -0,0 +1,86 @@
|
|
1
|
+
= ixtlan core
|
2
|
+
|
3
|
+
* http://github.com/mkristian/ixtlan-core
|
4
|
+
|
5
|
+
== DESCRIPTION:
|
6
|
+
|
7
|
+
this is set of rails and datamapper plugins for setting up a little more advanced rails application then the default rails generator does. the focus is on security and privacy as well a complete restful xml support.
|
8
|
+
|
9
|
+
=== features
|
10
|
+
|
11
|
+
* usermanagement: user, group, locale
|
12
|
+
|
13
|
+
* authentication: session based authentication for both html as well restful xml
|
14
|
+
|
15
|
+
* authorization: each controller/action pair has a set of allowed roles
|
16
|
+
|
17
|
+
* privacy: configurable duration for logfiles carrying user specific data. error logs are dumped (complete environment including user specific data as well) and the file location is sent as notification
|
18
|
+
|
19
|
+
* session idle timeout: configurable server side session idle timeout
|
20
|
+
|
21
|
+
* audit: a simple log file which documents the action of a user - one action per line
|
22
|
+
|
23
|
+
* optimistic transaction: through an exception on modification of stale resources
|
24
|
+
|
25
|
+
* easy add modified_by attributes to a resource and ensure the user gets set before saving such a resource
|
26
|
+
|
27
|
+
* logger configuration tries to unify logging
|
28
|
+
|
29
|
+
* basic scaffold like html interface for user,group,locale
|
30
|
+
|
31
|
+
* rails template setting up such an application - works for both ruby as well jruby
|
32
|
+
|
33
|
+
* http cache headers so that no data gets save on any proxy or filesystem (as long the user is logged in)
|
34
|
+
|
35
|
+
* global config: extra configuration file which can carry the all the production passwords and can be left out from the (public) version control system: config/preinitializer.rb for rails and config/global.yml
|
36
|
+
|
37
|
+
=== TODOs
|
38
|
+
|
39
|
+
* session timeout on html pages so the browser displays the login page after timetout (little modification of the layout.html.erb)
|
40
|
+
|
41
|
+
* user, group, locale to work also with ldap
|
42
|
+
|
43
|
+
* html interface for configuration, user profile
|
44
|
+
|
45
|
+
* setup database specific logger for data_objects - each driver has its own logger
|
46
|
+
|
47
|
+
* maintanance mode: allow only users who belong to the superuser group
|
48
|
+
|
49
|
+
* change the db config to have #{RAILS_ROOT} in front of relative filenames to work inside an servlet engine (ixtlan_rails_templates.rb)
|
50
|
+
|
51
|
+
* locale binding to user/group
|
52
|
+
|
53
|
+
== user management and authorization
|
54
|
+
|
55
|
+
each user can belong to one or more groups, each user/group pair can belong to one or more locales. this part can be configured by an admin by changing resource relationships.
|
56
|
+
|
57
|
+
=== authorization
|
58
|
+
|
59
|
+
each controller/action pair has a set of allowed roles. authorization is granted if on of roles match with one of the groups of the current user (logged in user). this is done by a before filter in rails: guard. the user interface can introspect the guard to allow the user only the actions which s/he actually can be performe. in case some actions needs to verify the locale binding a specialized before filter needs to be implemented.
|
60
|
+
|
61
|
+
the roles are currently hardcoded in app/guards/XYZ_guard.rb - one guard for each controller.
|
62
|
+
|
63
|
+
== LICENSE:
|
64
|
+
|
65
|
+
(The MIT License)
|
66
|
+
|
67
|
+
Copyright (c) 2009 Kristian Meier
|
68
|
+
|
69
|
+
Permission is hereby granted, free of charge, to any person obtaining
|
70
|
+
a copy of this software and associated documentation files (the
|
71
|
+
'Software'), to deal in the Software without restriction, including
|
72
|
+
without limitation the rights to use, copy, modify, merge, publish,
|
73
|
+
distribute, sublicense, and/or sell copies of the Software, and to
|
74
|
+
permit persons to whom the Software is furnished to do so, subject to
|
75
|
+
the following conditions:
|
76
|
+
|
77
|
+
The above copyright notice and this permission notice shall be
|
78
|
+
included in all copies or substantial portions of the Software.
|
79
|
+
|
80
|
+
THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND,
|
81
|
+
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
82
|
+
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
|
83
|
+
IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
|
84
|
+
CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
|
85
|
+
TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
|
86
|
+
SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
data/Rakefile
ADDED
@@ -0,0 +1,59 @@
|
|
1
|
+
# -*- ruby -*-
|
2
|
+
|
3
|
+
require 'rubygems'
|
4
|
+
|
5
|
+
require 'spec'
|
6
|
+
require 'spec/rake/spectask'
|
7
|
+
#require 'yard'
|
8
|
+
|
9
|
+
BUILD_DIR = 'target'
|
10
|
+
|
11
|
+
desc 'clean up'
|
12
|
+
task :clean do
|
13
|
+
FileUtils.rm_rf(BUILD_DIR)
|
14
|
+
end
|
15
|
+
|
16
|
+
desc 'Package as a gem.'
|
17
|
+
task :package do
|
18
|
+
require 'fileutils'
|
19
|
+
gemspec = Dir['*.gemspec'].first
|
20
|
+
Kernel.system("#{RUBY} -S gem build #{gemspec}")
|
21
|
+
FileUtils.mkdir_p(BUILD_DIR)
|
22
|
+
gem = Dir['*.gem'].first
|
23
|
+
FileUtils.mv(gem, File.join(BUILD_DIR,"#{gem}"))
|
24
|
+
puts File.join(BUILD_DIR,"#{gem}")
|
25
|
+
end
|
26
|
+
|
27
|
+
desc 'Install the package as a gem.'
|
28
|
+
task :install => [:package] do
|
29
|
+
gem = Dir[File.join(BUILD_DIR, '*.gem')].first
|
30
|
+
extra = ENV['GEM_HOME'].nil? && ENV['GEM_PATH'].nil? ? "--user-install" : ""
|
31
|
+
Kernel.system("#{RUBY} -S gem install --local #{gem} --no-ri --no-rdoc #{extra}")
|
32
|
+
end
|
33
|
+
|
34
|
+
desc 'Run specifications'
|
35
|
+
Spec::Rake::SpecTask.new(:spec) do |t|
|
36
|
+
if File.exists?(File.join('spec','spec.opts'))
|
37
|
+
t.spec_opts << '--options' << File.join('spec','spec.opts')
|
38
|
+
end
|
39
|
+
t.spec_files = Dir.glob(File.join('spec','**','*_spec.rb'))
|
40
|
+
end
|
41
|
+
|
42
|
+
desc 'generate rails using all generators and run the specs'
|
43
|
+
task :integration_tests => [:spec, :install] do
|
44
|
+
require 'datamapper4rails/integration_test'
|
45
|
+
tests = Datamapper4Rails::IntegrationTest.new do |t|
|
46
|
+
t.directory = 'temp'
|
47
|
+
ENV['GWT'] = "true"
|
48
|
+
t.rails_template = 'ixtlan_rails_templates.rb'
|
49
|
+
t.generate "ixtlan_datamapper_model name name:string"
|
50
|
+
t.generate "ixtlan_datamapper_rspec_model domain name:string"
|
51
|
+
t.generate "ixtlan_datamapper_rspec_scaffold player name:string"
|
52
|
+
t.generate "gwt_ixtlan_datamapper_rspec_scaffold word name:string"
|
53
|
+
end
|
54
|
+
tests.command("mvn clean integration-test")
|
55
|
+
end
|
56
|
+
|
57
|
+
#YARD::Rake::YardocTask.new
|
58
|
+
|
59
|
+
# vim: syntax=Ruby
|
data/lib/dm-serializer/to_xml.rb
CHANGED
@@ -26,9 +26,9 @@ module DataMapper
|
|
26
26
|
root = xml.root_node(doc, opts[:element_name] || default_xml_element_name[])
|
27
27
|
properties_to_serialize(opts).each do |property|
|
28
28
|
value = __send__(property.name)
|
29
|
-
attrs = (property.class == DataMapper::Property::String) ? {} : {'type' => property.class.to_s.downcase}
|
29
|
+
attrs = opts[:skip_types] ? {} : (property.class == DataMapper::Property::String) ? {} : {'type' => property.class.to_s.downcase}
|
30
30
|
value = value.to_s(:xml) if property.class == DataMapper::Property::DateTime rescue value
|
31
|
-
xml.add_node(root, property.name.to_s, value.frozen? ? value.to_s.dup: value, attrs)
|
31
|
+
xml.add_node(root, property.name.to_s, value.frozen? ? value.to_s.dup: value, attrs) unless value.blank? && opts[:skip_empty_tags]
|
32
32
|
end
|
33
33
|
|
34
34
|
(opts[:methods] || []).each do |meth|
|
@@ -38,8 +38,10 @@ module DataMapper
|
|
38
38
|
unless value.nil?
|
39
39
|
if value.respond_to?(:to_xml_document)
|
40
40
|
options = value.is_a?(DataMapper::Collection) ? {:collection_element_name => xml_name} : {:element_name => xml_name}
|
41
|
+
options[:skip_types] = opts[:skip_types]
|
42
|
+
options[:skip_empty_tags] = opts[:skip_empty_tags]
|
41
43
|
options.merge!(opts[meth] || {})
|
42
|
-
xml.add_xml(root, value.__send__(:to_xml_document, options))
|
44
|
+
xml.add_xml(root, value.__send__(:to_xml_document, options)) unless value.is_a?(DataMapper::Collection) && opts[:skip_empty_tags] == true && value.size == 0
|
43
45
|
else
|
44
46
|
xml.add_node(root, xml_name, value.to_s)
|
45
47
|
end
|
@@ -61,8 +63,12 @@ module DataMapper
|
|
61
63
|
xml = DataMapper::Serialize::XMLSerializers::SERIALIZER
|
62
64
|
doc = xml.new_document
|
63
65
|
default_collection_element_name = lambda {Extlib::Inflection.underscore(self.model.storage_name).tr("/", "-")}
|
64
|
-
root = xml.root_node(doc, opts[:collection_element_name] || default_collection_element_name[], {'type' => 'array'})
|
66
|
+
root = xml.root_node(doc, opts[:collection_element_name] || default_collection_element_name[], opts[:skip_types] ? {} : {'type' => 'array'})
|
67
|
+
items = []
|
65
68
|
self.each do |item|
|
69
|
+
items << item
|
70
|
+
end
|
71
|
+
items.each do |item|
|
66
72
|
item.__send__(:to_xml_document, opts, doc)
|
67
73
|
end
|
68
74
|
doc
|
@@ -8,12 +8,17 @@ module Ixtlan
|
|
8
8
|
base.cache_headers :protected, false #no_store == false
|
9
9
|
end
|
10
10
|
|
11
|
+
private
|
12
|
+
|
13
|
+
AUDIT = Object.full_const_get(::Ixtlan::Models::AUDIT)
|
14
|
+
|
11
15
|
public
|
12
16
|
|
13
17
|
# GET /audits
|
14
18
|
# GET /audits.xml
|
15
19
|
def index
|
16
|
-
|
20
|
+
# limit all queries
|
21
|
+
@audits = query_limit_all(AUDIT, :login, :message).reverse
|
17
22
|
|
18
23
|
respond_to do |format|
|
19
24
|
format.html
|
@@ -10,10 +10,14 @@ module Ixtlan
|
|
10
10
|
base.cache_headers :private
|
11
11
|
end
|
12
12
|
|
13
|
+
private
|
14
|
+
|
15
|
+
USER = Object.full_const_get(::Ixtlan::Models::USER)
|
16
|
+
|
13
17
|
protected
|
14
18
|
def login_from_params
|
15
19
|
auth = params[:authentication]
|
16
|
-
|
20
|
+
USER.authenticate(auth[:login], auth[:password]) if auth
|
17
21
|
end
|
18
22
|
|
19
23
|
public
|
@@ -7,12 +7,16 @@ module Ixtlan
|
|
7
7
|
base.cache_headers :protected
|
8
8
|
end
|
9
9
|
|
10
|
+
private
|
11
|
+
|
12
|
+
DOMAIN = Object.full_const_get(::Ixtlan::Models::DOMAIN)
|
13
|
+
|
10
14
|
public
|
11
15
|
|
12
16
|
# GET /domains
|
13
17
|
# GET /domains.xml
|
14
18
|
def index
|
15
|
-
@domains =
|
19
|
+
@domains = query(DOMAIN, :name)
|
16
20
|
|
17
21
|
respond_to do |format|
|
18
22
|
format.html
|
@@ -23,7 +27,7 @@ module Ixtlan
|
|
23
27
|
# GET /domains/1
|
24
28
|
# GET /domains/1.xml
|
25
29
|
def show
|
26
|
-
@domain =
|
30
|
+
@domain = DOMAIN.first_or_get!(params[:id])
|
27
31
|
|
28
32
|
respond_to do |format|
|
29
33
|
format.html # show.html.erb
|
@@ -34,7 +38,7 @@ module Ixtlan
|
|
34
38
|
# GET /domains/new
|
35
39
|
# GET /domains/new.xml
|
36
40
|
def new
|
37
|
-
@domain =
|
41
|
+
@domain = DOMAIN.new
|
38
42
|
|
39
43
|
respond_to do |format|
|
40
44
|
format.html # new.html.erb
|
@@ -44,13 +48,13 @@ module Ixtlan
|
|
44
48
|
|
45
49
|
# GET /domains/1/edit
|
46
50
|
def edit
|
47
|
-
@domain =
|
51
|
+
@domain = DOMAIN.first_or_get!(params[:id])
|
48
52
|
end
|
49
53
|
|
50
54
|
# POST /domains
|
51
55
|
# POST /domains.xml
|
52
56
|
def create
|
53
|
-
@domain =
|
57
|
+
@domain = DOMAIN.new(params[:domain])
|
54
58
|
@domain.current_user = current_user
|
55
59
|
|
56
60
|
respond_to do |format|
|
@@ -68,7 +72,7 @@ module Ixtlan
|
|
68
72
|
# PUT /domains/1
|
69
73
|
# PUT /domains/1.xml
|
70
74
|
def update
|
71
|
-
@domain =
|
75
|
+
@domain = DOMAIN.first_or_get!(params[:id])
|
72
76
|
@domain.current_user = current_user
|
73
77
|
|
74
78
|
respond_to do |format|
|
@@ -86,7 +90,7 @@ module Ixtlan
|
|
86
90
|
# DELETE /domains/1
|
87
91
|
# DELETE /domains/1.xml
|
88
92
|
def destroy
|
89
|
-
@domain =
|
93
|
+
@domain = DOMAIN.first_or_get(params[:id])
|
90
94
|
@domain.destroy if @domain
|
91
95
|
|
92
96
|
respond_to do |format|
|
@@ -8,12 +8,26 @@ module Ixtlan
|
|
8
8
|
base.cache_headers :private
|
9
9
|
end
|
10
10
|
|
11
|
+
private
|
12
|
+
|
13
|
+
GROUP = Object.full_const_get(::Ixtlan::Models::GROUP)
|
14
|
+
|
11
15
|
public
|
12
16
|
|
13
17
|
# GET /groups
|
14
18
|
# GET /groups.xml
|
15
19
|
def index
|
16
|
-
@groups =
|
20
|
+
@groups = query(GROUP, :name)
|
21
|
+
|
22
|
+
# restrict the groups to the groups of the current user
|
23
|
+
# unless the current user is allowed to create groups
|
24
|
+
# and need to see all
|
25
|
+
unless allowed(:create)
|
26
|
+
allowed_group_ids = current_user.groups.collect {|g| g.id }
|
27
|
+
@groups.delete_if do |g|
|
28
|
+
! allowed_group_ids.member?(g.id)
|
29
|
+
end
|
30
|
+
end
|
17
31
|
|
18
32
|
respond_to do |format|
|
19
33
|
format.html
|
@@ -24,7 +38,14 @@ module Ixtlan
|
|
24
38
|
# GET /groups/1
|
25
39
|
# GET /groups/1.xml
|
26
40
|
def show
|
27
|
-
@group =
|
41
|
+
@group = GROUP.first_or_get!(params[:id])
|
42
|
+
|
43
|
+
# restrict the groups to the groups of the current user
|
44
|
+
# unless the current user is allowed to create groups
|
45
|
+
# and need to see all
|
46
|
+
unless allowed(:create)
|
47
|
+
allowed_groups = current_user.groups
|
48
|
+
end
|
28
49
|
|
29
50
|
respond_to do |format|
|
30
51
|
format.html # show.html.erb
|
@@ -35,7 +56,7 @@ module Ixtlan
|
|
35
56
|
# GET /groups/new
|
36
57
|
# GET /groups/new.xml
|
37
58
|
def new
|
38
|
-
@group =
|
59
|
+
@group = GROUP.new
|
39
60
|
|
40
61
|
respond_to do |format|
|
41
62
|
format.html # new.html.erb
|
@@ -45,7 +66,7 @@ module Ixtlan
|
|
45
66
|
|
46
67
|
# GET /groups/1/edit
|
47
68
|
def edit
|
48
|
-
@group =
|
69
|
+
@group = GROUP.first_or_get!(params[:id])
|
49
70
|
end
|
50
71
|
|
51
72
|
# POST /groups
|
@@ -54,7 +75,7 @@ module Ixtlan
|
|
54
75
|
group = params[:group] || {}
|
55
76
|
group.delete(:locales)
|
56
77
|
group.delete(:domains)
|
57
|
-
@group =
|
78
|
+
@group = GROUP.new(group)
|
58
79
|
@group.current_user = current_user
|
59
80
|
|
60
81
|
respond_to do |format|
|
@@ -72,7 +93,7 @@ module Ixtlan
|
|
72
93
|
# PUT /groups/1
|
73
94
|
# PUT /groups/1.xml
|
74
95
|
def update
|
75
|
-
@group =
|
96
|
+
@group = GROUP.first_or_get!(params[:id])
|
76
97
|
@group.current_user = current_user
|
77
98
|
|
78
99
|
@group.update_children((params[:group] || {}).delete(:locales), :locale)
|
@@ -92,7 +113,7 @@ module Ixtlan
|
|
92
113
|
# DELETE /groups/1
|
93
114
|
# DELETE /groups/1.xml
|
94
115
|
def destroy
|
95
|
-
@group =
|
116
|
+
@group = GROUP.first_or_get(params[:id])
|
96
117
|
@group.current_user = current_user
|
97
118
|
@group.destroy if @group
|
98
119
|
|
@@ -8,12 +8,16 @@ module Ixtlan
|
|
8
8
|
base.cache_headers :public, true # no_store == true
|
9
9
|
end
|
10
10
|
|
11
|
+
private
|
12
|
+
|
13
|
+
LOCALE = Object.full_const_get(::Ixtlan::Models::LOCALE)
|
14
|
+
|
11
15
|
public
|
12
16
|
|
13
17
|
# GET /locales
|
14
18
|
# GET /locales.xml
|
15
19
|
def index
|
16
|
-
@locales =
|
20
|
+
@locales = query(LOCALE, :code)
|
17
21
|
|
18
22
|
respond_to do |format|
|
19
23
|
format.html
|
@@ -24,7 +28,7 @@ module Ixtlan
|
|
24
28
|
# GET /locales/1
|
25
29
|
# GET /locales/1.xml
|
26
30
|
def show
|
27
|
-
@locale =
|
31
|
+
@locale = LOCALE.first_or_get!(params[:id])
|
28
32
|
|
29
33
|
respond_to do |format|
|
30
34
|
format.html # show.html.erb
|
@@ -35,7 +39,7 @@ module Ixtlan
|
|
35
39
|
# GET /locales/new
|
36
40
|
# GET /locales/new.xml
|
37
41
|
def new
|
38
|
-
@locale =
|
42
|
+
@locale = LOCALE.new
|
39
43
|
|
40
44
|
respond_to do |format|
|
41
45
|
format.html # new.html.erb
|
@@ -45,13 +49,13 @@ module Ixtlan
|
|
45
49
|
|
46
50
|
# GET /locales/1/edit
|
47
51
|
def edit
|
48
|
-
@locale =
|
52
|
+
@locale = LOCALE.first_or_get!(params[:id])
|
49
53
|
end
|
50
54
|
|
51
55
|
# POST /locales
|
52
56
|
# POST /locales.xml
|
53
57
|
def create
|
54
|
-
@locale =
|
58
|
+
@locale = LOCALE.new(params[:locale])
|
55
59
|
@locale.current_user = current_user
|
56
60
|
|
57
61
|
respond_to do |format|
|
@@ -69,7 +73,7 @@ module Ixtlan
|
|
69
73
|
# PUT /locales/1
|
70
74
|
# PUT /locales/1.xml
|
71
75
|
def update
|
72
|
-
@locale =
|
76
|
+
@locale = LOCALE.first_or_get!(params[:id])
|
73
77
|
@locale.current_user = current_user
|
74
78
|
|
75
79
|
respond_to do |format|
|
@@ -87,7 +91,7 @@ module Ixtlan
|
|
87
91
|
# DELETE /locales/1
|
88
92
|
# DELETE /locales/1.xml
|
89
93
|
def destroy
|
90
|
-
@locale =
|
94
|
+
@locale = LOCALE.first_or_get(params[:id])
|
91
95
|
@locale.destroy if @locale
|
92
96
|
|
93
97
|
respond_to do |format|
|
@@ -3,24 +3,40 @@ module Ixtlan
|
|
3
3
|
module SearchQuery
|
4
4
|
|
5
5
|
private
|
6
|
-
|
7
|
-
|
8
|
-
query(search_parameter, params[search_parameter])
|
6
|
+
def query(model, *parameters)
|
7
|
+
_query(model, false, *parameters)
|
9
8
|
end
|
10
9
|
|
11
|
-
def
|
12
|
-
|
13
|
-
|
14
|
-
args[:offset] = params[:offset].to_i if params[:offset]
|
10
|
+
def query_limit_all(model, *parameters)
|
11
|
+
_query(model, true, *parameters)
|
12
|
+
end
|
15
13
|
|
14
|
+
def _query(model, limit_all, *parameters)
|
15
|
+
result = nil
|
16
|
+
value = parameters[0].is_a?(String) ? parameters.shift : params[:query]
|
16
17
|
if value
|
17
|
-
|
18
|
-
args
|
19
|
-
|
20
|
-
|
18
|
+
parameters.each do |p|
|
19
|
+
args = {}
|
20
|
+
if "false" == params[:fuzzy]
|
21
|
+
args[p] = value
|
22
|
+
else
|
23
|
+
args[p.like] = "%" + value.to_s + "%"
|
24
|
+
end
|
25
|
+
if result
|
26
|
+
result = result + model.all(args)
|
27
|
+
else
|
28
|
+
result = model.all(args)
|
29
|
+
end
|
21
30
|
end
|
22
31
|
end
|
23
|
-
|
32
|
+
if limit_all || value
|
33
|
+
limit = (params[:limit] || 10).to_i + 1
|
34
|
+
offset = (params[:offset] || 0).to_i
|
35
|
+
|
36
|
+
(result || model.all)[offset, offset + limit]
|
37
|
+
else
|
38
|
+
model.all
|
39
|
+
end
|
24
40
|
end
|
25
41
|
end
|
26
42
|
end
|
@@ -9,6 +9,12 @@ module Ixtlan
|
|
9
9
|
base.cache_headers :protected
|
10
10
|
end
|
11
11
|
|
12
|
+
private
|
13
|
+
|
14
|
+
LOCALE = Object.full_const_get(::Ixtlan::Models::LOCALE)
|
15
|
+
|
16
|
+
public
|
17
|
+
|
12
18
|
def index
|
13
19
|
locale = params[:code]
|
14
20
|
# TODO load in following order and allow to replace findings in the
|
@@ -17,12 +23,12 @@ module Ixtlan
|
|
17
23
|
# * DEFAULT latest_approved
|
18
24
|
# * locale-parent latest_approved
|
19
25
|
# * locale latest_approved
|
20
|
-
l =
|
26
|
+
l = LOCALE.first(:code => locale) || LOCALE.get!(locale)
|
21
27
|
word_bundle = {}
|
22
|
-
Ixtlan::Models::Word.not_approved(:locale =>
|
28
|
+
Ixtlan::Models::Word.not_approved(:locale => LOCALE.default).each do |word|
|
23
29
|
word_bundle[word.code] = word
|
24
30
|
end
|
25
|
-
Ixtlan::Models::Word.approved(:locale =>
|
31
|
+
Ixtlan::Models::Word.approved(:locale => LOCALE.default).each do |word|
|
26
32
|
word_bundle[word.code] = word
|
27
33
|
end
|
28
34
|
|
data/lib/ixtlan/guard.rb
CHANGED
@@ -18,6 +18,10 @@ module Ixtlan
|
|
18
18
|
end
|
19
19
|
true
|
20
20
|
end
|
21
|
+
|
22
|
+
def allowed(action, locale = nil)
|
23
|
+
::Ixtlan::Guard.check(self, params[:controller], action, locale)
|
24
|
+
end
|
21
25
|
end
|
22
26
|
end
|
23
27
|
end
|
@@ -100,6 +104,8 @@ module Ixtlan
|
|
100
104
|
|
101
105
|
def self.permissions(user = nil)
|
102
106
|
repository(:guard_memory) do
|
107
|
+
PERMISSION.all.destroy!
|
108
|
+
ROLE.all.destroy!
|
103
109
|
root = ROLE.create(:name => @@superuser)
|
104
110
|
@@map.each do |controller, actions|
|
105
111
|
actions.each do |action, roles|
|
@@ -128,10 +134,17 @@ module Ixtlan
|
|
128
134
|
raise ::Ixtlan::GuardException.new("unknown action '#{action}' for controller '#{resource}'")
|
129
135
|
else
|
130
136
|
allowed << @@superuser unless allowed.member? @@superuser
|
131
|
-
|
132
|
-
|
133
|
-
|
134
|
-
|
137
|
+
all_groups = allowed.member?(:*)
|
138
|
+
if(all_groups && locale.nil?)
|
139
|
+
return true
|
140
|
+
else
|
141
|
+
for group in groups
|
142
|
+
if all_groups || allowed.member?(group.name.to_sym)
|
143
|
+
if(locale.nil? || group.locales.member?(locale))
|
144
|
+
return true
|
145
|
+
end
|
146
|
+
end
|
147
|
+
end
|
135
148
|
end
|
136
149
|
return false
|
137
150
|
end
|
@@ -1,4 +1,5 @@
|
|
1
1
|
require 'dm-serializer'
|
2
|
+
require 'ixtlan/guard'
|
2
3
|
module Ixtlan
|
3
4
|
module Models
|
4
5
|
module Authentication
|
@@ -20,12 +21,17 @@ module Ixtlan
|
|
20
21
|
protected
|
21
22
|
|
22
23
|
def permissions
|
23
|
-
Guard.permissions(user)
|
24
|
+
::Ixtlan::Guard.permissions(user)
|
24
25
|
end
|
25
26
|
|
26
27
|
alias :to_x :to_xml_document
|
27
28
|
def to_xml_document(opts, doc = nil)
|
28
|
-
opts.merge!({
|
29
|
+
opts.merge!({
|
30
|
+
:skip_types => true,
|
31
|
+
:skip_empty_tags => true,
|
32
|
+
:exclude => [:password, :user_id, :id],
|
33
|
+
:methods => [:user, :permissions]
|
34
|
+
})
|
29
35
|
to_x(opts, doc)
|
30
36
|
end
|
31
37
|
end
|