ixtlan 0.4.0.pre5 → 0.4.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/History.txt +49 -0
- data/MIT-LICENSE +20 -0
- data/README.txt +86 -0
- data/Rakefile +59 -0
- data/lib/dm-serializer/to_xml.rb +10 -4
- data/lib/ixtlan/controllers/audits_controller.rb +6 -1
- data/lib/ixtlan/controllers/authentications_controller.rb +5 -1
- data/lib/ixtlan/controllers/domains_controller.rb +11 -7
- data/lib/ixtlan/controllers/groups_controller.rb +28 -7
- data/lib/ixtlan/controllers/locales_controller.rb +11 -7
- data/lib/ixtlan/controllers/search_query.rb +28 -12
- data/lib/ixtlan/controllers/users_controller.rb +1 -1
- data/lib/ixtlan/controllers/word_bundles_controller.rb +9 -3
- data/lib/ixtlan/guard.rb +17 -4
- data/lib/ixtlan/models/authentication.rb +8 -2
- data/lib/ixtlan/models/configuration.rb +14 -1
- data/lib/ixtlan/models/group.rb +14 -1
- data/lib/ixtlan/models/i18n_text.rb +6 -2
- data/lib/ixtlan/models/phrase.rb +11 -6
- data/lib/ixtlan/models/translation.rb +6 -2
- data/lib/ixtlan/models/user.rb +29 -2
- data/lib/ixtlan/modified_by.rb +1 -2
- data/lib/ixtlan/rails/error_handling.rb +1 -1
- data/lib/ixtlan/version.rb +1 -1
- data/lib/ixtlan/version.rb.errors +0 -0
- data/spec/authentication_spec.rb +16 -9
- data/spec/guard_spec.rb +8 -7
- data/spec/modified_by_spec.rb +9 -8
- data/spec/optimistic_persistence_spec.rb +2 -2
- data/spec/phrase_spec.rb +45 -49
- data/spec/session_timeout_spec.rb +1 -1
- data/spec/spec_helper.rb +66 -24
- data/spec/text_collection_spec.rb +23 -25
- data/spec/text_spec.rb +8 -8
- data/spec/unrestful_authentication_spec.rb +2 -2
- data/spec/user_logger_spec.rb +1 -0
- data/spec/user_spec.rb +5 -8
- metadata +37 -19
data/History.txt
ADDED
@@ -0,0 +1,49 @@
|
|
1
|
+
=== 0.3.0 / 2010-05-24
|
2
|
+
|
3
|
+
* allow model with to_log to have nice log output
|
4
|
+
|
5
|
+
* made all controllers nice modules including before_filters
|
6
|
+
|
7
|
+
* domains/locales work with guard
|
8
|
+
|
9
|
+
* added migration class for ixtlan models
|
10
|
+
|
11
|
+
* all models have an ID now
|
12
|
+
|
13
|
+
* helper for n-m-relations
|
14
|
+
|
15
|
+
* added search module with helper methods
|
16
|
+
|
17
|
+
* better audit log
|
18
|
+
|
19
|
+
=== 0.2.4 / 2010-02-22
|
20
|
+
|
21
|
+
* fixed phrases controller to work
|
22
|
+
|
23
|
+
=== 0.2.3 / 2010-02-03
|
24
|
+
|
25
|
+
* little fixes to use ixtlan with MRI rails !
|
26
|
+
|
27
|
+
* adjust generator to new packages of the restful-gwt jars
|
28
|
+
|
29
|
+
=== 0.2.2 / 2010-01-29
|
30
|
+
|
31
|
+
* symbolize internal map of guard
|
32
|
+
|
33
|
+
* gwt generator: parametrizied package generated java classes - find client directory and use this as base package
|
34
|
+
|
35
|
+
* make phrases to work
|
36
|
+
|
37
|
+
* added code to add screen and testcase for gwt_scaffolding
|
38
|
+
|
39
|
+
=== 0.2.1 / 2009-12-07
|
40
|
+
|
41
|
+
* stay logged in when deleting a resource
|
42
|
+
|
43
|
+
* lot's of work to get restful-gwt version 0.2.1 working with login, and basic i18n = dictonory gets loaded after login or in case the a i18n entry is missing a new one gets created if the permissions allow it
|
44
|
+
|
45
|
+
* the rails template had a lot of version problems after a major refactoring, so lot's of little fixes there
|
46
|
+
|
47
|
+
=== 0.2.0 / 2009-12-07
|
48
|
+
|
49
|
+
* intial import
|
data/MIT-LICENSE
ADDED
@@ -0,0 +1,20 @@
|
|
1
|
+
Copyright (c) 2008 Kristian Meier
|
2
|
+
|
3
|
+
Permission is hereby granted, free of charge, to any person obtaining
|
4
|
+
a copy of this software and associated documentation files (the
|
5
|
+
"Software"), to deal in the Software without restriction, including
|
6
|
+
without limitation the rights to use, copy, modify, merge, publish,
|
7
|
+
distribute, sublicense, and/or sell copies of the Software, and to
|
8
|
+
permit persons to whom the Software is furnished to do so, subject to
|
9
|
+
the following conditions:
|
10
|
+
|
11
|
+
The above copyright notice and this permission notice shall be
|
12
|
+
included in all copies or substantial portions of the Software.
|
13
|
+
|
14
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
|
15
|
+
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
16
|
+
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
|
17
|
+
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
|
18
|
+
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
|
19
|
+
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
|
20
|
+
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
data/README.txt
ADDED
@@ -0,0 +1,86 @@
|
|
1
|
+
= ixtlan core
|
2
|
+
|
3
|
+
* http://github.com/mkristian/ixtlan-core
|
4
|
+
|
5
|
+
== DESCRIPTION:
|
6
|
+
|
7
|
+
this is set of rails and datamapper plugins for setting up a little more advanced rails application then the default rails generator does. the focus is on security and privacy as well a complete restful xml support.
|
8
|
+
|
9
|
+
=== features
|
10
|
+
|
11
|
+
* usermanagement: user, group, locale
|
12
|
+
|
13
|
+
* authentication: session based authentication for both html as well restful xml
|
14
|
+
|
15
|
+
* authorization: each controller/action pair has a set of allowed roles
|
16
|
+
|
17
|
+
* privacy: configurable duration for logfiles carrying user specific data. error logs are dumped (complete environment including user specific data as well) and the file location is sent as notification
|
18
|
+
|
19
|
+
* session idle timeout: configurable server side session idle timeout
|
20
|
+
|
21
|
+
* audit: a simple log file which documents the action of a user - one action per line
|
22
|
+
|
23
|
+
* optimistic transaction: through an exception on modification of stale resources
|
24
|
+
|
25
|
+
* easy add modified_by attributes to a resource and ensure the user gets set before saving such a resource
|
26
|
+
|
27
|
+
* logger configuration tries to unify logging
|
28
|
+
|
29
|
+
* basic scaffold like html interface for user,group,locale
|
30
|
+
|
31
|
+
* rails template setting up such an application - works for both ruby as well jruby
|
32
|
+
|
33
|
+
* http cache headers so that no data gets save on any proxy or filesystem (as long the user is logged in)
|
34
|
+
|
35
|
+
* global config: extra configuration file which can carry the all the production passwords and can be left out from the (public) version control system: config/preinitializer.rb for rails and config/global.yml
|
36
|
+
|
37
|
+
=== TODOs
|
38
|
+
|
39
|
+
* session timeout on html pages so the browser displays the login page after timetout (little modification of the layout.html.erb)
|
40
|
+
|
41
|
+
* user, group, locale to work also with ldap
|
42
|
+
|
43
|
+
* html interface for configuration, user profile
|
44
|
+
|
45
|
+
* setup database specific logger for data_objects - each driver has its own logger
|
46
|
+
|
47
|
+
* maintanance mode: allow only users who belong to the superuser group
|
48
|
+
|
49
|
+
* change the db config to have #{RAILS_ROOT} in front of relative filenames to work inside an servlet engine (ixtlan_rails_templates.rb)
|
50
|
+
|
51
|
+
* locale binding to user/group
|
52
|
+
|
53
|
+
== user management and authorization
|
54
|
+
|
55
|
+
each user can belong to one or more groups, each user/group pair can belong to one or more locales. this part can be configured by an admin by changing resource relationships.
|
56
|
+
|
57
|
+
=== authorization
|
58
|
+
|
59
|
+
each controller/action pair has a set of allowed roles. authorization is granted if on of roles match with one of the groups of the current user (logged in user). this is done by a before filter in rails: guard. the user interface can introspect the guard to allow the user only the actions which s/he actually can be performe. in case some actions needs to verify the locale binding a specialized before filter needs to be implemented.
|
60
|
+
|
61
|
+
the roles are currently hardcoded in app/guards/XYZ_guard.rb - one guard for each controller.
|
62
|
+
|
63
|
+
== LICENSE:
|
64
|
+
|
65
|
+
(The MIT License)
|
66
|
+
|
67
|
+
Copyright (c) 2009 Kristian Meier
|
68
|
+
|
69
|
+
Permission is hereby granted, free of charge, to any person obtaining
|
70
|
+
a copy of this software and associated documentation files (the
|
71
|
+
'Software'), to deal in the Software without restriction, including
|
72
|
+
without limitation the rights to use, copy, modify, merge, publish,
|
73
|
+
distribute, sublicense, and/or sell copies of the Software, and to
|
74
|
+
permit persons to whom the Software is furnished to do so, subject to
|
75
|
+
the following conditions:
|
76
|
+
|
77
|
+
The above copyright notice and this permission notice shall be
|
78
|
+
included in all copies or substantial portions of the Software.
|
79
|
+
|
80
|
+
THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND,
|
81
|
+
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
82
|
+
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
|
83
|
+
IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
|
84
|
+
CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
|
85
|
+
TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
|
86
|
+
SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
data/Rakefile
ADDED
@@ -0,0 +1,59 @@
|
|
1
|
+
# -*- ruby -*-
|
2
|
+
|
3
|
+
require 'rubygems'
|
4
|
+
|
5
|
+
require 'spec'
|
6
|
+
require 'spec/rake/spectask'
|
7
|
+
#require 'yard'
|
8
|
+
|
9
|
+
BUILD_DIR = 'target'
|
10
|
+
|
11
|
+
desc 'clean up'
|
12
|
+
task :clean do
|
13
|
+
FileUtils.rm_rf(BUILD_DIR)
|
14
|
+
end
|
15
|
+
|
16
|
+
desc 'Package as a gem.'
|
17
|
+
task :package do
|
18
|
+
require 'fileutils'
|
19
|
+
gemspec = Dir['*.gemspec'].first
|
20
|
+
Kernel.system("#{RUBY} -S gem build #{gemspec}")
|
21
|
+
FileUtils.mkdir_p(BUILD_DIR)
|
22
|
+
gem = Dir['*.gem'].first
|
23
|
+
FileUtils.mv(gem, File.join(BUILD_DIR,"#{gem}"))
|
24
|
+
puts File.join(BUILD_DIR,"#{gem}")
|
25
|
+
end
|
26
|
+
|
27
|
+
desc 'Install the package as a gem.'
|
28
|
+
task :install => [:package] do
|
29
|
+
gem = Dir[File.join(BUILD_DIR, '*.gem')].first
|
30
|
+
extra = ENV['GEM_HOME'].nil? && ENV['GEM_PATH'].nil? ? "--user-install" : ""
|
31
|
+
Kernel.system("#{RUBY} -S gem install --local #{gem} --no-ri --no-rdoc #{extra}")
|
32
|
+
end
|
33
|
+
|
34
|
+
desc 'Run specifications'
|
35
|
+
Spec::Rake::SpecTask.new(:spec) do |t|
|
36
|
+
if File.exists?(File.join('spec','spec.opts'))
|
37
|
+
t.spec_opts << '--options' << File.join('spec','spec.opts')
|
38
|
+
end
|
39
|
+
t.spec_files = Dir.glob(File.join('spec','**','*_spec.rb'))
|
40
|
+
end
|
41
|
+
|
42
|
+
desc 'generate rails using all generators and run the specs'
|
43
|
+
task :integration_tests => [:spec, :install] do
|
44
|
+
require 'datamapper4rails/integration_test'
|
45
|
+
tests = Datamapper4Rails::IntegrationTest.new do |t|
|
46
|
+
t.directory = 'temp'
|
47
|
+
ENV['GWT'] = "true"
|
48
|
+
t.rails_template = 'ixtlan_rails_templates.rb'
|
49
|
+
t.generate "ixtlan_datamapper_model name name:string"
|
50
|
+
t.generate "ixtlan_datamapper_rspec_model domain name:string"
|
51
|
+
t.generate "ixtlan_datamapper_rspec_scaffold player name:string"
|
52
|
+
t.generate "gwt_ixtlan_datamapper_rspec_scaffold word name:string"
|
53
|
+
end
|
54
|
+
tests.command("mvn clean integration-test")
|
55
|
+
end
|
56
|
+
|
57
|
+
#YARD::Rake::YardocTask.new
|
58
|
+
|
59
|
+
# vim: syntax=Ruby
|
data/lib/dm-serializer/to_xml.rb
CHANGED
@@ -26,9 +26,9 @@ module DataMapper
|
|
26
26
|
root = xml.root_node(doc, opts[:element_name] || default_xml_element_name[])
|
27
27
|
properties_to_serialize(opts).each do |property|
|
28
28
|
value = __send__(property.name)
|
29
|
-
attrs = (property.class == DataMapper::Property::String) ? {} : {'type' => property.class.to_s.downcase}
|
29
|
+
attrs = opts[:skip_types] ? {} : (property.class == DataMapper::Property::String) ? {} : {'type' => property.class.to_s.downcase}
|
30
30
|
value = value.to_s(:xml) if property.class == DataMapper::Property::DateTime rescue value
|
31
|
-
xml.add_node(root, property.name.to_s, value.frozen? ? value.to_s.dup: value, attrs)
|
31
|
+
xml.add_node(root, property.name.to_s, value.frozen? ? value.to_s.dup: value, attrs) unless value.blank? && opts[:skip_empty_tags]
|
32
32
|
end
|
33
33
|
|
34
34
|
(opts[:methods] || []).each do |meth|
|
@@ -38,8 +38,10 @@ module DataMapper
|
|
38
38
|
unless value.nil?
|
39
39
|
if value.respond_to?(:to_xml_document)
|
40
40
|
options = value.is_a?(DataMapper::Collection) ? {:collection_element_name => xml_name} : {:element_name => xml_name}
|
41
|
+
options[:skip_types] = opts[:skip_types]
|
42
|
+
options[:skip_empty_tags] = opts[:skip_empty_tags]
|
41
43
|
options.merge!(opts[meth] || {})
|
42
|
-
xml.add_xml(root, value.__send__(:to_xml_document, options))
|
44
|
+
xml.add_xml(root, value.__send__(:to_xml_document, options)) unless value.is_a?(DataMapper::Collection) && opts[:skip_empty_tags] == true && value.size == 0
|
43
45
|
else
|
44
46
|
xml.add_node(root, xml_name, value.to_s)
|
45
47
|
end
|
@@ -61,8 +63,12 @@ module DataMapper
|
|
61
63
|
xml = DataMapper::Serialize::XMLSerializers::SERIALIZER
|
62
64
|
doc = xml.new_document
|
63
65
|
default_collection_element_name = lambda {Extlib::Inflection.underscore(self.model.storage_name).tr("/", "-")}
|
64
|
-
root = xml.root_node(doc, opts[:collection_element_name] || default_collection_element_name[], {'type' => 'array'})
|
66
|
+
root = xml.root_node(doc, opts[:collection_element_name] || default_collection_element_name[], opts[:skip_types] ? {} : {'type' => 'array'})
|
67
|
+
items = []
|
65
68
|
self.each do |item|
|
69
|
+
items << item
|
70
|
+
end
|
71
|
+
items.each do |item|
|
66
72
|
item.__send__(:to_xml_document, opts, doc)
|
67
73
|
end
|
68
74
|
doc
|
@@ -8,12 +8,17 @@ module Ixtlan
|
|
8
8
|
base.cache_headers :protected, false #no_store == false
|
9
9
|
end
|
10
10
|
|
11
|
+
private
|
12
|
+
|
13
|
+
AUDIT = Object.full_const_get(::Ixtlan::Models::AUDIT)
|
14
|
+
|
11
15
|
public
|
12
16
|
|
13
17
|
# GET /audits
|
14
18
|
# GET /audits.xml
|
15
19
|
def index
|
16
|
-
|
20
|
+
# limit all queries
|
21
|
+
@audits = query_limit_all(AUDIT, :login, :message).reverse
|
17
22
|
|
18
23
|
respond_to do |format|
|
19
24
|
format.html
|
@@ -10,10 +10,14 @@ module Ixtlan
|
|
10
10
|
base.cache_headers :private
|
11
11
|
end
|
12
12
|
|
13
|
+
private
|
14
|
+
|
15
|
+
USER = Object.full_const_get(::Ixtlan::Models::USER)
|
16
|
+
|
13
17
|
protected
|
14
18
|
def login_from_params
|
15
19
|
auth = params[:authentication]
|
16
|
-
|
20
|
+
USER.authenticate(auth[:login], auth[:password]) if auth
|
17
21
|
end
|
18
22
|
|
19
23
|
public
|
@@ -7,12 +7,16 @@ module Ixtlan
|
|
7
7
|
base.cache_headers :protected
|
8
8
|
end
|
9
9
|
|
10
|
+
private
|
11
|
+
|
12
|
+
DOMAIN = Object.full_const_get(::Ixtlan::Models::DOMAIN)
|
13
|
+
|
10
14
|
public
|
11
15
|
|
12
16
|
# GET /domains
|
13
17
|
# GET /domains.xml
|
14
18
|
def index
|
15
|
-
@domains =
|
19
|
+
@domains = query(DOMAIN, :name)
|
16
20
|
|
17
21
|
respond_to do |format|
|
18
22
|
format.html
|
@@ -23,7 +27,7 @@ module Ixtlan
|
|
23
27
|
# GET /domains/1
|
24
28
|
# GET /domains/1.xml
|
25
29
|
def show
|
26
|
-
@domain =
|
30
|
+
@domain = DOMAIN.first_or_get!(params[:id])
|
27
31
|
|
28
32
|
respond_to do |format|
|
29
33
|
format.html # show.html.erb
|
@@ -34,7 +38,7 @@ module Ixtlan
|
|
34
38
|
# GET /domains/new
|
35
39
|
# GET /domains/new.xml
|
36
40
|
def new
|
37
|
-
@domain =
|
41
|
+
@domain = DOMAIN.new
|
38
42
|
|
39
43
|
respond_to do |format|
|
40
44
|
format.html # new.html.erb
|
@@ -44,13 +48,13 @@ module Ixtlan
|
|
44
48
|
|
45
49
|
# GET /domains/1/edit
|
46
50
|
def edit
|
47
|
-
@domain =
|
51
|
+
@domain = DOMAIN.first_or_get!(params[:id])
|
48
52
|
end
|
49
53
|
|
50
54
|
# POST /domains
|
51
55
|
# POST /domains.xml
|
52
56
|
def create
|
53
|
-
@domain =
|
57
|
+
@domain = DOMAIN.new(params[:domain])
|
54
58
|
@domain.current_user = current_user
|
55
59
|
|
56
60
|
respond_to do |format|
|
@@ -68,7 +72,7 @@ module Ixtlan
|
|
68
72
|
# PUT /domains/1
|
69
73
|
# PUT /domains/1.xml
|
70
74
|
def update
|
71
|
-
@domain =
|
75
|
+
@domain = DOMAIN.first_or_get!(params[:id])
|
72
76
|
@domain.current_user = current_user
|
73
77
|
|
74
78
|
respond_to do |format|
|
@@ -86,7 +90,7 @@ module Ixtlan
|
|
86
90
|
# DELETE /domains/1
|
87
91
|
# DELETE /domains/1.xml
|
88
92
|
def destroy
|
89
|
-
@domain =
|
93
|
+
@domain = DOMAIN.first_or_get(params[:id])
|
90
94
|
@domain.destroy if @domain
|
91
95
|
|
92
96
|
respond_to do |format|
|
@@ -8,12 +8,26 @@ module Ixtlan
|
|
8
8
|
base.cache_headers :private
|
9
9
|
end
|
10
10
|
|
11
|
+
private
|
12
|
+
|
13
|
+
GROUP = Object.full_const_get(::Ixtlan::Models::GROUP)
|
14
|
+
|
11
15
|
public
|
12
16
|
|
13
17
|
# GET /groups
|
14
18
|
# GET /groups.xml
|
15
19
|
def index
|
16
|
-
@groups =
|
20
|
+
@groups = query(GROUP, :name)
|
21
|
+
|
22
|
+
# restrict the groups to the groups of the current user
|
23
|
+
# unless the current user is allowed to create groups
|
24
|
+
# and need to see all
|
25
|
+
unless allowed(:create)
|
26
|
+
allowed_group_ids = current_user.groups.collect {|g| g.id }
|
27
|
+
@groups.delete_if do |g|
|
28
|
+
! allowed_group_ids.member?(g.id)
|
29
|
+
end
|
30
|
+
end
|
17
31
|
|
18
32
|
respond_to do |format|
|
19
33
|
format.html
|
@@ -24,7 +38,14 @@ module Ixtlan
|
|
24
38
|
# GET /groups/1
|
25
39
|
# GET /groups/1.xml
|
26
40
|
def show
|
27
|
-
@group =
|
41
|
+
@group = GROUP.first_or_get!(params[:id])
|
42
|
+
|
43
|
+
# restrict the groups to the groups of the current user
|
44
|
+
# unless the current user is allowed to create groups
|
45
|
+
# and need to see all
|
46
|
+
unless allowed(:create)
|
47
|
+
allowed_groups = current_user.groups
|
48
|
+
end
|
28
49
|
|
29
50
|
respond_to do |format|
|
30
51
|
format.html # show.html.erb
|
@@ -35,7 +56,7 @@ module Ixtlan
|
|
35
56
|
# GET /groups/new
|
36
57
|
# GET /groups/new.xml
|
37
58
|
def new
|
38
|
-
@group =
|
59
|
+
@group = GROUP.new
|
39
60
|
|
40
61
|
respond_to do |format|
|
41
62
|
format.html # new.html.erb
|
@@ -45,7 +66,7 @@ module Ixtlan
|
|
45
66
|
|
46
67
|
# GET /groups/1/edit
|
47
68
|
def edit
|
48
|
-
@group =
|
69
|
+
@group = GROUP.first_or_get!(params[:id])
|
49
70
|
end
|
50
71
|
|
51
72
|
# POST /groups
|
@@ -54,7 +75,7 @@ module Ixtlan
|
|
54
75
|
group = params[:group] || {}
|
55
76
|
group.delete(:locales)
|
56
77
|
group.delete(:domains)
|
57
|
-
@group =
|
78
|
+
@group = GROUP.new(group)
|
58
79
|
@group.current_user = current_user
|
59
80
|
|
60
81
|
respond_to do |format|
|
@@ -72,7 +93,7 @@ module Ixtlan
|
|
72
93
|
# PUT /groups/1
|
73
94
|
# PUT /groups/1.xml
|
74
95
|
def update
|
75
|
-
@group =
|
96
|
+
@group = GROUP.first_or_get!(params[:id])
|
76
97
|
@group.current_user = current_user
|
77
98
|
|
78
99
|
@group.update_children((params[:group] || {}).delete(:locales), :locale)
|
@@ -92,7 +113,7 @@ module Ixtlan
|
|
92
113
|
# DELETE /groups/1
|
93
114
|
# DELETE /groups/1.xml
|
94
115
|
def destroy
|
95
|
-
@group =
|
116
|
+
@group = GROUP.first_or_get(params[:id])
|
96
117
|
@group.current_user = current_user
|
97
118
|
@group.destroy if @group
|
98
119
|
|
@@ -8,12 +8,16 @@ module Ixtlan
|
|
8
8
|
base.cache_headers :public, true # no_store == true
|
9
9
|
end
|
10
10
|
|
11
|
+
private
|
12
|
+
|
13
|
+
LOCALE = Object.full_const_get(::Ixtlan::Models::LOCALE)
|
14
|
+
|
11
15
|
public
|
12
16
|
|
13
17
|
# GET /locales
|
14
18
|
# GET /locales.xml
|
15
19
|
def index
|
16
|
-
@locales =
|
20
|
+
@locales = query(LOCALE, :code)
|
17
21
|
|
18
22
|
respond_to do |format|
|
19
23
|
format.html
|
@@ -24,7 +28,7 @@ module Ixtlan
|
|
24
28
|
# GET /locales/1
|
25
29
|
# GET /locales/1.xml
|
26
30
|
def show
|
27
|
-
@locale =
|
31
|
+
@locale = LOCALE.first_or_get!(params[:id])
|
28
32
|
|
29
33
|
respond_to do |format|
|
30
34
|
format.html # show.html.erb
|
@@ -35,7 +39,7 @@ module Ixtlan
|
|
35
39
|
# GET /locales/new
|
36
40
|
# GET /locales/new.xml
|
37
41
|
def new
|
38
|
-
@locale =
|
42
|
+
@locale = LOCALE.new
|
39
43
|
|
40
44
|
respond_to do |format|
|
41
45
|
format.html # new.html.erb
|
@@ -45,13 +49,13 @@ module Ixtlan
|
|
45
49
|
|
46
50
|
# GET /locales/1/edit
|
47
51
|
def edit
|
48
|
-
@locale =
|
52
|
+
@locale = LOCALE.first_or_get!(params[:id])
|
49
53
|
end
|
50
54
|
|
51
55
|
# POST /locales
|
52
56
|
# POST /locales.xml
|
53
57
|
def create
|
54
|
-
@locale =
|
58
|
+
@locale = LOCALE.new(params[:locale])
|
55
59
|
@locale.current_user = current_user
|
56
60
|
|
57
61
|
respond_to do |format|
|
@@ -69,7 +73,7 @@ module Ixtlan
|
|
69
73
|
# PUT /locales/1
|
70
74
|
# PUT /locales/1.xml
|
71
75
|
def update
|
72
|
-
@locale =
|
76
|
+
@locale = LOCALE.first_or_get!(params[:id])
|
73
77
|
@locale.current_user = current_user
|
74
78
|
|
75
79
|
respond_to do |format|
|
@@ -87,7 +91,7 @@ module Ixtlan
|
|
87
91
|
# DELETE /locales/1
|
88
92
|
# DELETE /locales/1.xml
|
89
93
|
def destroy
|
90
|
-
@locale =
|
94
|
+
@locale = LOCALE.first_or_get(params[:id])
|
91
95
|
@locale.destroy if @locale
|
92
96
|
|
93
97
|
respond_to do |format|
|
@@ -3,24 +3,40 @@ module Ixtlan
|
|
3
3
|
module SearchQuery
|
4
4
|
|
5
5
|
private
|
6
|
-
|
7
|
-
|
8
|
-
query(search_parameter, params[search_parameter])
|
6
|
+
def query(model, *parameters)
|
7
|
+
_query(model, false, *parameters)
|
9
8
|
end
|
10
9
|
|
11
|
-
def
|
12
|
-
|
13
|
-
|
14
|
-
args[:offset] = params[:offset].to_i if params[:offset]
|
10
|
+
def query_limit_all(model, *parameters)
|
11
|
+
_query(model, true, *parameters)
|
12
|
+
end
|
15
13
|
|
14
|
+
def _query(model, limit_all, *parameters)
|
15
|
+
result = nil
|
16
|
+
value = parameters[0].is_a?(String) ? parameters.shift : params[:query]
|
16
17
|
if value
|
17
|
-
|
18
|
-
args
|
19
|
-
|
20
|
-
|
18
|
+
parameters.each do |p|
|
19
|
+
args = {}
|
20
|
+
if "false" == params[:fuzzy]
|
21
|
+
args[p] = value
|
22
|
+
else
|
23
|
+
args[p.like] = "%" + value.to_s + "%"
|
24
|
+
end
|
25
|
+
if result
|
26
|
+
result = result + model.all(args)
|
27
|
+
else
|
28
|
+
result = model.all(args)
|
29
|
+
end
|
21
30
|
end
|
22
31
|
end
|
23
|
-
|
32
|
+
if limit_all || value
|
33
|
+
limit = (params[:limit] || 10).to_i + 1
|
34
|
+
offset = (params[:offset] || 0).to_i
|
35
|
+
|
36
|
+
(result || model.all)[offset, offset + limit]
|
37
|
+
else
|
38
|
+
model.all
|
39
|
+
end
|
24
40
|
end
|
25
41
|
end
|
26
42
|
end
|
@@ -9,6 +9,12 @@ module Ixtlan
|
|
9
9
|
base.cache_headers :protected
|
10
10
|
end
|
11
11
|
|
12
|
+
private
|
13
|
+
|
14
|
+
LOCALE = Object.full_const_get(::Ixtlan::Models::LOCALE)
|
15
|
+
|
16
|
+
public
|
17
|
+
|
12
18
|
def index
|
13
19
|
locale = params[:code]
|
14
20
|
# TODO load in following order and allow to replace findings in the
|
@@ -17,12 +23,12 @@ module Ixtlan
|
|
17
23
|
# * DEFAULT latest_approved
|
18
24
|
# * locale-parent latest_approved
|
19
25
|
# * locale latest_approved
|
20
|
-
l =
|
26
|
+
l = LOCALE.first(:code => locale) || LOCALE.get!(locale)
|
21
27
|
word_bundle = {}
|
22
|
-
Ixtlan::Models::Word.not_approved(:locale =>
|
28
|
+
Ixtlan::Models::Word.not_approved(:locale => LOCALE.default).each do |word|
|
23
29
|
word_bundle[word.code] = word
|
24
30
|
end
|
25
|
-
Ixtlan::Models::Word.approved(:locale =>
|
31
|
+
Ixtlan::Models::Word.approved(:locale => LOCALE.default).each do |word|
|
26
32
|
word_bundle[word.code] = word
|
27
33
|
end
|
28
34
|
|
data/lib/ixtlan/guard.rb
CHANGED
@@ -18,6 +18,10 @@ module Ixtlan
|
|
18
18
|
end
|
19
19
|
true
|
20
20
|
end
|
21
|
+
|
22
|
+
def allowed(action, locale = nil)
|
23
|
+
::Ixtlan::Guard.check(self, params[:controller], action, locale)
|
24
|
+
end
|
21
25
|
end
|
22
26
|
end
|
23
27
|
end
|
@@ -100,6 +104,8 @@ module Ixtlan
|
|
100
104
|
|
101
105
|
def self.permissions(user = nil)
|
102
106
|
repository(:guard_memory) do
|
107
|
+
PERMISSION.all.destroy!
|
108
|
+
ROLE.all.destroy!
|
103
109
|
root = ROLE.create(:name => @@superuser)
|
104
110
|
@@map.each do |controller, actions|
|
105
111
|
actions.each do |action, roles|
|
@@ -128,10 +134,17 @@ module Ixtlan
|
|
128
134
|
raise ::Ixtlan::GuardException.new("unknown action '#{action}' for controller '#{resource}'")
|
129
135
|
else
|
130
136
|
allowed << @@superuser unless allowed.member? @@superuser
|
131
|
-
|
132
|
-
|
133
|
-
|
134
|
-
|
137
|
+
all_groups = allowed.member?(:*)
|
138
|
+
if(all_groups && locale.nil?)
|
139
|
+
return true
|
140
|
+
else
|
141
|
+
for group in groups
|
142
|
+
if all_groups || allowed.member?(group.name.to_sym)
|
143
|
+
if(locale.nil? || group.locales.member?(locale))
|
144
|
+
return true
|
145
|
+
end
|
146
|
+
end
|
147
|
+
end
|
135
148
|
end
|
136
149
|
return false
|
137
150
|
end
|
@@ -1,4 +1,5 @@
|
|
1
1
|
require 'dm-serializer'
|
2
|
+
require 'ixtlan/guard'
|
2
3
|
module Ixtlan
|
3
4
|
module Models
|
4
5
|
module Authentication
|
@@ -20,12 +21,17 @@ module Ixtlan
|
|
20
21
|
protected
|
21
22
|
|
22
23
|
def permissions
|
23
|
-
Guard.permissions(user)
|
24
|
+
::Ixtlan::Guard.permissions(user)
|
24
25
|
end
|
25
26
|
|
26
27
|
alias :to_x :to_xml_document
|
27
28
|
def to_xml_document(opts, doc = nil)
|
28
|
-
opts.merge!({
|
29
|
+
opts.merge!({
|
30
|
+
:skip_types => true,
|
31
|
+
:skip_empty_tags => true,
|
32
|
+
:exclude => [:password, :user_id, :id],
|
33
|
+
:methods => [:user, :permissions]
|
34
|
+
})
|
29
35
|
to_x(opts, doc)
|
30
36
|
end
|
31
37
|
end
|