ixtlan 0.4.0.pre4 → 0.4.0.pre5

data/lib/ixtlan/configurator.rb

@@ -0,0 +1,25 @@
+require 'yaml'
+require 'erb'
+module Ixtlan
+  class Configurator
+
+    def self.symbolize_keys(h)
+      result = {}
+
+      h.each do |k, v|
+        v = ' ' if v.nil?
+        if v.is_a?(Hash)
+          result[k.to_sym] = symbolize_keys(v) unless v.size == 0
+        else
+          result[k.to_sym] = v unless k.to_sym == v.to_sym
+        end
+      end
+
+      result
+    end
+
+    def self.load(file)
+      symbolize_keys(YAML::load(ERB.new(IO.read(file)).result)) if File.exists?(file)
+    end
+  end
+end

data/lib/ixtlan/controllers/audits_controller.rb

@@ -4,6 +4,8 @@ module Ixtlan
       
       def self.included(base)
         base.send(:include, Ixtlan::Controllers::SearchQuery)
+
+        base.cache_headers :protected, false #no_store == false
       end
 
       public
@@ -11,7 +13,7 @@ module Ixtlan
       # GET /audits
       # GET /audits.xml
       def index
-        @audits = Audit.all(query(:login, params[:query])) + Audit.all(query(:message, params[:query]))
+        @audits = Audit.all(query(:login, params[:query])).reverse + Audit.all(query(:message, params[:query])).reverse
 
         respond_to do |format|
           format.html

data/lib/ixtlan/controllers/authentications_controller.rb

@@ -5,15 +5,22 @@ module Ixtlan
       def self.included(base)
         base.skip_before_filter :guard
         base.skip_before_filter :authenticate, :only => :destroy
+
+        # do not want to expose permissions settings on filesystem cache
+        base.cache_headers :private
       end
 
       protected
       def login_from_params
         auth = params[:authentication]
-        User.authenticate(auth[:login], auth[:password])
+        User.authenticate(auth[:login], auth[:password]) if auth
       end
 
       public
+      def show
+        render_successful_login
+      end
+
       def create
         render_successful_login
       end

data/lib/ixtlan/controllers/configurations_controller.rb

@@ -2,6 +2,10 @@ module Ixtlan
   module Controllers
     module ConfigurationsController
 
+      def self.included(base)
+        base.cache_headers :protected
+      end
+
       private
 
       CONFIGURATION = Object.full_const_get(::Ixtlan::Models::CONFIGURATION)

data/lib/ixtlan/controllers/domains_controller.rb

@@ -4,6 +4,7 @@ module Ixtlan
 
       def self.included(base)
         base.send(:include, Ixtlan::Controllers::SearchQuery)
+        base.cache_headers :protected
       end
 
       public

data/lib/ixtlan/controllers/groups_controller.rb

@@ -4,6 +4,8 @@ module Ixtlan
       
       def self.included(base)
         base.send(:include, Ixtlan::Controllers::SearchQuery)
+        # do not want to expose groups on filesystem cache
+        base.cache_headers :private
       end
 
       public

data/lib/ixtlan/controllers/locales_controller.rb

@@ -5,6 +5,7 @@ module Ixtlan
       def self.included(base)
         base.send(:include, Ixtlan::Controllers::SearchQuery)
         base.skip_before_filter :authenticate, :guard, :only => [:index,:show]
+        base.cache_headers :public, true # no_store == true
       end
 
       public

data/lib/ixtlan/controllers/permissions_controller.rb

@@ -3,8 +3,10 @@ module Ixtlan
     module PermissionsController
 
       def self.included(base)
-        # TODO the authenticate should NOT be there, i.e. it leaks too much info
-        base.skip_before_filter :authenticate, :guard
+        base.skip_before_filter :guard
+
+        # do not want to expose permissions settings on filesystem cache
+        base.cache_headers :private
       end
 
       def index

data/lib/ixtlan/controllers/phrases_controller.rb

@@ -2,6 +2,10 @@ module Ixtlan
   module Controllers
     module PhrasesController
 
+      def self.included(base)
+        base.cache_headers :protected
+      end
+
       private
 
       LOCALE = Object.full_const_get(::Ixtlan::Models::LOCALE)

data/lib/ixtlan/controllers/search_query.rb

@@ -10,7 +10,7 @@ module Ixtlan
 
       def query(parameter, value)
         args = {}
-        args[:limit] = params[:limit].to_i + 1 if params[:limit]
+        args[:limit] = (params[:limit] || 10).to_i + 1 #if params[:limit]
         args[:offset] = params[:offset].to_i if params[:offset]
 
         if value

data/lib/ixtlan/controllers/texts_controller.rb

@@ -2,6 +2,10 @@ module Ixtlan
   module Controllers
     module TextsController
 
+      def self.included(base)
+        base.cache_headers :protected
+      end
+
       private
 
       LOCALE = Object.full_const_get(::Ixtlan::Models::LOCALE)

data/lib/ixtlan/controllers/users_controller.rb

@@ -4,6 +4,10 @@ module Ixtlan
 
       include SearchQuery
 
+      def self.included(base)
+        base.cache_headers :protected, false # no_store == false
+      end
+
       private
 
       USER = Object.full_const_get(::Ixtlan::Models::USER)

data/lib/ixtlan/controllers/word_bundles_controller.rb

@@ -5,6 +5,8 @@ module Ixtlan
       def self.included(base)
         # no guard since everyone needs to load the bundles
         base.skip_before_filter :guard
+
+        base.cache_headers :protected
       end
 
       def index

data/lib/ixtlan/guard.rb

@@ -86,26 +86,33 @@ module Ixtlan
       @@map[controller.to_sym] = symbolize(map)
     end
 
+    ROLE = Models::Role
+    PERMISSION = Models::Permission
+
     def self.export_xml
+      xml = permissions.to_xml
+      repository(:guard_memory) do
+        PERMISSION.all.destroy!
+        ROLE.all.destroy!
+      end
+      xml
+    end
+
+    def self.permissions(user = nil)
       repository(:guard_memory) do
-        role_const = Models::Role
-        permission_const = Models::Permission
-        root = role_const.create(:name => @@superuser)
+        root = ROLE.create(:name => @@superuser)
         @@map.each do |controller, actions|
           actions.each do |action, roles|
-            permission = permission_const.create(:resource => controller, :action => action)
+            permission = PERMISSION.create(:resource => controller, :action => action)
             permission.roles << root
             roles.each do |role|
-              r = role_const.create(:name => role)
+              r = ROLE.create(:name => role)
               permission.roles << r unless permission.roles.member? r
             end
             permission.save
           end
         end
-        xml = permission_const.all.to_xml
-        permission_const.all.destroy!
-        role_const.all.destroy!
-        xml
+        PERMISSION.all
       end
     end
 

data/lib/ixtlan/models/authentication.rb

@@ -19,9 +19,13 @@ module Ixtlan
 
             protected
 
+            def permissions
+              Guard.permissions(user)
+            end
+
             alias :to_x :to_xml_document
             def to_xml_document(opts, doc = nil)
-              opts.merge!({:exclude => [:password,:user_id], :methods => [:user]})
+              opts.merge!({:exclude => [:password,:user_id], :methods => [:user, :permissions]})
               to_x(opts, doc)
             end
           end

data/lib/ixtlan/optimistic_persistence_validation.rb

@@ -1,8 +1,7 @@
 require 'ixtlan/optimistic_persistence_module'
+require 'ixtlan/stale_resource_error'
 
-module DataMapper
-
-  class StaleResource < StandardError; end
+module Ixtlan
 
   module OptimisticPersistenceValidation
 

data/lib/ixtlan/passwords.rb

@@ -1,21 +1,60 @@
+begin
+  require 'securerandom'
+rescue LoadError
+end
+
 module Ixtlan
   class Passwords
+    SecureRandom =
+      if defined?(::SecureRandom)
+        # Use Ruby's SecureRandom library if available.
+        ::SecureRandom
+      else
+        begin
+          # try if there is active support around ;-)
+          require 'active_supportt'
+          ::ActiveSupport::SecureRandom
+        rescue LoadError
+          warn 'could not find secure random implementation, fall back to rand()'
+          class Random
+            def self.random_number(n)
+              (rand * n).to_i
+            end
+          end
+          Random
+        end
+      end
+
     def self.generate(length=64)
       if length > 0
         # A-Z starting with 97 and having 26 characters
         # a-z starting with 65 and having 26 characters
         # 0-9 starting with 48 and lies inside range starting with 33 and having 26 characters
         offset=[97, 65, 33]
-
-        # collect random characters from the either of the above ranges
         begin
-          pwd = (0..(length - 1)).collect do
-            j = ActiveSupport::SecureRandom.random_number(78)
-            (offset[j / 26] + (j % 26)).chr
-          end.join
+          # collect random characters from the either of the above ranges
+          pwd = password(length, offset, 26)
         end while !((pwd =~ /[a-z]/) && (pwd =~ /[A-Z]/) && (pwd =~ /[!-;]/))
         pwd
       end
     end
+
+    def self.generate_numeric(length=64)
+      if length > 0
+        # 0-9 starting with 48 with range of 10 characters
+        offset=[48]
+        # collect random characters from the either of the above ranges
+        password(length, offset, 10)
+      end
+    end
+
+    private
+
+    def self.password(length, offset, max_range)
+      pwd = (0..(length - 1)).collect do
+        j = SecureRandom.random_number(offset.size * max_range)
+        (offset[j / max_range] + (j % max_range)).chr
+      end.join
+    end
   end
 end

data/lib/ixtlan/rails.rb

@@ -0,0 +1,13 @@
+require 'ixtlan/models'
+require 'ixtlan/modified_by'
+if ENV['RAILS_ENV']
+  require 'ixtlan/rails/error_handling'
+  require 'ixtlan/rails/cache_headers'
+  require 'ixtlan/rails/audit'
+  require 'ixtlan/rails/session_timeout'
+  require 'ixtlan/rails/unrestful_authentication'
+  require 'ixtlan/rails/guard'
+  require 'ixtlan/rails/timestamps_modified_by_filter'
+  require 'ixtlan/optimistic_persistence'
+  require 'ixtlan/rails/rescue_module'
+end

data/lib/ixtlan/rails/cache_headers.rb

@@ -0,0 +1,88 @@
+module Ixtlan
+  module Rails
+    module CacheHeaders
+
+      protected
+
+      # Date: <ServercurrentDate>
+      # Expires: Fri, 01 Jan 1990 00:00:00 GMT
+      # Pragma: no-cache
+      # Cache-control: no-cache, must-revalidate
+      def no_caching(no_store = true)
+        if cachable_response?
+          response.headers["Date"] = timestamp
+          response.headers["Expires"] = "Fri, 01 Jan 1990 00:00:00 GMT"
+          response.headers["Pragma"] = "no-cache"
+          response.headers["Cache-Control"] = "no-cache, must-revalidate" + (", no-store" if no_store).to_s
+        end
+      end
+
+      # Date: <ServercurrentDate>
+      # Expires: Fri, 01 Jan 1990 00:00:00 GMT
+      # Cache-control: private, max-age=<1dayInSeconds>
+      def only_browser_can_cache(no_store = false, max_age_in_seconds = 0)
+        if cachable_response?
+          response.headers["Date"] = timestamp
+          response.headers["Expires"] = "Fri, 01 Jan 1990 00:00:00 UTC"
+          response.headers["Cache-Control"] = "private, max-age=#{max_age_in_seconds}" + (", no-store" if no_store).to_s
+        end
+      end
+
+      # Date: <ServercurrentDate>
+      # Expires: <ServerCurrentDate + 1month>
+      # Cache-control: public, max-age=<1month>
+      def allow_browser_and_proxy_to_cache(no_store = false, max_age_in_seconds = 0)
+        if cachable_response?
+          now = Time.now
+          response.headers["Date"] = timestamp(now)
+          response.headers["Expires"] = timestamp(now + max_age_in_seconds)
+          response.headers["Cache-Control"] = "public, max-age=#{max_age_in_seconds}" + (", no-store" if no_store).to_s
+        end
+      end
+
+      def cache_headers
+        if(current_user)
+          case self.class.instance_variable_get(:@mode)
+          when :private
+            no_caching(self.class.instance_variable_get(:@no_store))
+          when :protected
+            only_browser_can_cache(self.class.instance_variable_get(:@no_store))
+          when :public
+            allow_browser_and_proxy_to_cache(self.class.instance_variable_get(:@no_store))
+          end
+        else
+          allow_browser_and_proxy_to_cache(self.class.instance_variable_get(:@no_store))
+        end
+      end
+
+      def self.included(base)
+        base.class_eval <<-EOS, __FILE__, __LINE__
+          def self.cache_headers(mode = nil, no_store = true)
+            if(mode)
+              raise "supported modi are :private, :protected and :public" unless [:private, :protected, :public].member? mode
+              @mode = mode
+            end
+            @no_store = no_store
+          end
+          alias :render_old :render
+          def render(*args)
+            cache_headers
+            render_old(*args)
+          end
+EOS
+      end
+
+      private
+      def cachable_response?
+        request.method == :get &&
+          [200, 203, 206, 300, 301].member?(response.status)
+      end
+
+      def timestamp(now = Time.now)
+        now.utc.strftime "%a, %d %b %Y %H:%M:%S %Z"
+      end
+    end
+  end
+end
+
+ActionController::Base.send(:include, Ixtlan::Rails::CacheHeaders)

data/lib/ixtlan/rails/error_handling.rb

@@ -3,6 +3,8 @@ module Ixtlan
   module Rails
     module ErrorHandling
 
+      protected
+
       def log_user_error(exception)
         Ixtlan::UserLogger.new(Ixtlan::Rails::ErrorHandling).log_action(self, " - #{exception.class} - #{exception.message}")
         log_error(exception)
@@ -31,11 +33,11 @@ module Ixtlan
       end
 
       def render_error_page_with_session(status)
-        render :template => "errors/error", :status => status
+        render :template => "errors/error_with_session", :status => status
       end
 
       def render_error_page(status)
-        render :template => "sessions/login", :status => status
+        render :template => "sessions/error", :status => status
       end
 
       def page_not_found(exception)

data/lib/ixtlan/rails/rescue_module.rb

@@ -26,3 +26,5 @@ module Ixtlan
     end
   end
 end
+
+ActionController::Base.send(:include, Ixtlan::Rails::RescueModule)

data/lib/ixtlan/rails/unrestful_authentication.rb

@@ -1,3 +1,4 @@
+
 module Ixtlan
 module Rails
   module UnrestfulAuthentication
@@ -49,15 +50,15 @@ module Rails
           session.clear
           render_login_page
         when :post
-          user = login_from_params
+          user = login_from_params || "no username or password"
           if user.instance_of? String
-            authentication_logger.log_user(params[:login] || params[:authentication][:login], user + " from IP #{request.headers['REMOTE_ADDR']}")
+            authentication_logger.log_user(params[:login] || (params[:authentication] || {})[:login], user + " from IP #{request.headers['REMOTE_ADDR']}")
             session.clear
             render_access_denied
           else
-            authentication_logger.log_user(user.login, "logged in")
+            authentication_logger.log_user(user.nil? ? nil : user.login, "logged in")
             session.clear
-            #  reset_session
+            # reset session
             self.current_user = user
             render_successful_login
           end
@@ -82,7 +83,7 @@ module Rails
         authentication_logger.log_user(current_user.login, "logged out")
         current_user = nil
         session.clear
-        # reset_session
+        # reset session
         render_logout_page
         false
       else

data/lib/ixtlan/session.rb

@@ -5,15 +5,15 @@ module Ixtlan
     def data=(data)
       d = {}
       data.each{|k,v| d[k.to_sym] = v}
-      @user = d.delete(:user)
-      @flash = d.delete(:flash)
-      @expires_at = d.delete(:expires_at)
+      d.delete(:user)
       attribute_set(:raw_data, ::Base64.encode64(Marshal.dump(d)))
     end
 
     def data
-      # user string for flash entry to allow the rails falsh to work properly !
-      Marshal.load(::Base64.decode64(attribute_get(:raw_data))).merge({:user => @user, "flash" => @flash, :expires_at => @expires_at})
+      # use string for flash entry to allow the rails flash to work properly !
+      d = Marshal.load(::Base64.decode64(attribute_get(:raw_data)))
+      d["flash"] = d.delete(:flash)
+      d
     end
   end
 end

data/lib/ixtlan/session_with_cache.rb

@@ -0,0 +1,19 @@
+require 'rack_datamapper/session/abstract/store'
+module Ixtlan
+  class SessionWithCache < DataMapper::Session::Abstract::Session
+
+    def data=(data)
+      d = {}
+      data.each{|k,v| d[k.to_sym] = v}
+      @user = d.delete(:user)
+      @flash = d.delete(:flash)
+      @expires_at = d.delete(:expires_at)
+      attribute_set(:raw_data, ::Base64.encode64(Marshal.dump(d)))
+    end
+
+    def data
+      # use string key for flash entry to allow the rails flash to work properly !
+      Marshal.load(::Base64.decode64(attribute_get(:raw_data))).merge({:user => @user, "flash" => @flash, :expires_at => @expires_at})
+    end
+  end
+end

data/lib/ixtlan/version.rb

@@ -1,3 +1,3 @@
-class Ixtlan
-  VERSION = '0.4.0.pre4'.freeze
+module Ixtlan
+  VERSION = '0.4.0.pre5'.freeze
 end

data/spec/passwords_spec.rb

@@ -0,0 +1,21 @@
+require 'rubygems'
+lib_path = (Pathname(__FILE__).dirname.parent.expand_path + 'lib').to_s
+$LOAD_PATH.unshift lib_path unless $LOAD_PATH.include?(lib_path)
+
+require 'ixtlan/passwords'
+
+describe Ixtlan::Passwords do
+
+  it 'should create a password of given length' do
+    pwd = Ixtlan::Passwords.generate(123)
+    ((pwd =~ /[a-z]/) && (pwd =~ /[A-Z]/) && (pwd =~ /[!-;]/)).should be_true
+    pwd.size.should == 123
+  end
+
+  it 'should create a numeric password of given length' do
+    pwd = Ixtlan::Passwords.generate_numeric(321)
+    pwd.should =~ /^[0-9]*$/
+    pwd.size.should == 321
+  end
+
+end

data/spec/spec_helper.rb

@@ -12,6 +12,7 @@ require 'slf4r'
 require 'ixtlan' / 'models'
 require 'ixtlan' / 'user_logger'
 require 'ixtlan' / 'modified_by'
+require 'ixtlan' / 'models' / 'audit'
 require 'ixtlan' / 'models' / 'domain'
 require 'ixtlan' / 'models' / 'locale'
 require 'ixtlan' / 'models' / 'group'

metadata

@@ -6,8 +6,8 @@ version: !ruby/object:Gem::Version
     - 0
     - 4
     - 0
-    - pre4
-  version: 0.4.0.pre4
+    - pre5
+  version: 0.4.0.pre5
 platform: ruby
 authors: 
   - mkristian
@@ -15,7 +15,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2010-07-05 00:00:00 +05:30
+date: 2010-07-19 00:00:00 +05:30
 default_executable: 
 dependencies: 
   - !ruby/object:Gem::Dependency 
@@ -163,6 +163,7 @@ files:
   - lib/dm-serializer/xml_serializers/libxml.rb
   - lib/dm-serializer/xml_serializers/nokogiri.rb
   - lib/dm-serializer/xml_serializers/rexml.rb
+  - lib/ixtlan/rails.rb
   - lib/ixtlan/child_path.rb
   - lib/ixtlan/rolling_file.rb
   - lib/ixtlan/cms_script.rb
@@ -170,6 +171,8 @@ files:
   - lib/ixtlan/logger_config.rb
   - lib/ixtlan/models.rb
   - lib/ixtlan/audit_config.rb
+  - lib/ixtlan/session_with_cache.rb
+  - lib/ixtlan/configurator.rb
   - lib/ixtlan/audit_rack.rb
   - lib/ixtlan/session.rb
   - lib/ixtlan/optimistic_persistence.rb
@@ -218,6 +221,7 @@ files:
   - lib/ixtlan/mailer/password.erb
   - lib/ixtlan/rails/timestamps_modified_by_filter.rb
   - lib/ixtlan/rails/rescue_module.rb
+  - lib/ixtlan/rails/cache_headers.rb
   - lib/ixtlan/rails/audit.rb
   - lib/ixtlan/rails/error_handling.rb
   - lib/ixtlan/rails/migrations.rb
@@ -256,6 +260,7 @@ files:
   - spec/text_spec.rb
   - spec/user_logger_spec.rb
   - spec/unrestful_authentication_spec.rb
+  - spec/passwords_spec.rb
   - spec/guards/samples.rb
 has_rdoc: true
 homepage: http://github.com/mkristian/ixtlan-core
@@ -301,3 +306,4 @@ test_files:
   - spec/text_spec.rb
   - spec/user_logger_spec.rb
   - spec/unrestful_authentication_spec.rb
+  - spec/passwords_spec.rb