jakewendt-documents 0.2.0

data/README.rdoc

@@ -0,0 +1,72 @@
+= Documents
+
+== ToDo
+
+
+
+== Required Gem Sources
+
+ gem sources -a http://rubygems.org
+ gem sources -a http://gems.github.com
+
+
+== Required Gems
+
+* {assert_this_and_that}[http://github.com/jakewendt/assert_this_and_that]
+* {ruby_extension}[http://github.com/jakewendt/ruby_extension] - modifications, updates and patches for ruby.
+* rails ~> 2
+* i18n =0.3.7
+* chronic
+* ruby-hmac
+* aws-s3
+* ssl_requirement
+* ryanb-acts-as-list
+* RedCloth
+* paperclip
+* thoughtbot-factory_girl
+* jakewendt-rails_helpers
+* jakewendt-ruby_extension
+* jakewendt-assert_this_and_that
+* jakewendt-calnet_authenticated
+
+
+== Installation and Usage
+
+ cp config/s3.yml.example config/s3.yml
+ # Add your own s3 access keys.  Leave 'test' as it is.
+
+ 
+ config.gem 'jakewendt-documents',
+    :lib => 'documents',
+    :source => 'http://rubygems.org'
+
+
+ class User (or whatever)
+    document_owner
+ end
+
+
+== Testing (as an app)
+
+ rake db:migrate
+ rake db:fixtures:load
+ rake test
+ script/server
+
+
+== Gemified with Jeweler
+
+ vi Rakefile
+ rake version:write
+
+ rake version:bump:patch
+ rake version:bump:minor
+ rake version:bump:major
+
+ rake gemspec
+
+ rake install
+ rake release
+
+
+Copyright (c) 2010 [Jake Wendt], released under the MIT license

data/app/controllers/documents_controller.rb

@@ -0,0 +1,97 @@
+class DocumentsController < ApplicationController
+
+	before_filter :may_maintain_pages_required
+	before_filter :document_required, :only => :show
+	before_filter :id_required, 
+		:only => [ :edit, :update, :destroy, :preview ]
+
+	def show
+		if @document.document.path.blank?
+			flash[:error] = "Does not contain a document"
+			redirect_to preview_document_path(@document)
+		elsif @document.document.exists?
+			#puts "Document exists!"
+			if @document.document.options[:storage] == :filesystem #	&&
+#				File.exists?(@document.document.path)
+				#	basically development or non-s3 setup
+				send_file @document.document.path
+			else
+				#puts "Storage is S3?"
+
+#	Privacy filters are still not active
+				#	basically a private s3 file
+#				redirect_to @document.s3_url
+				redirect_to @document.document.expiring_url
+
+			end
+		else
+			flash[:error] = "Document does not exist at the expected location."
+			redirect_to preview_document_path(@document)
+		end
+	end
+
+	def preview
+#		#	otherwise looks for template for pdf, jpg or whatever
+#		params[:format] = 'html'
+	end
+
+	def index
+		@documents = Document.all
+	end
+
+	def new
+		@document = Document.new
+	end
+
+	def create
+		@document = Document.new(params[:document])
+		@document.save!
+		redirect_to preview_document_path(@document)
+	rescue ActiveRecord::RecordInvalid
+		flash.now[:error] = "Error"
+		render :action => 'new'
+	end
+
+	def update
+		@document.update_attributes!(params[:document])
+		redirect_to preview_document_path(@document)
+	rescue ActiveRecord::RecordInvalid
+		flash.now[:error] = "Error"
+		render :action => 'edit'
+	end
+
+	def destroy
+		@document.destroy
+		redirect_to documents_path
+	end
+
+protected
+
+	def id_required
+		if !params[:id].blank? and Document.exists?(params[:id])
+			@document = Document.find(params[:id])
+		else
+			access_denied("Valid document id required!", documents_path)
+		end
+	end
+
+	def document_required
+		if !params[:id].blank? and Document.exists?(params[:id])
+			@document = Document.find(params[:id])
+		elsif !params[:id].blank? and Document.exists?(
+			:document_file_name => "#{params[:id]}.#{params[:format]}")
+			documents = Document.find(:all, :conditions => {
+			:document_file_name => "#{params[:id]}.#{params[:format]}"})
+#	Due to the unique index, there can be only one!
+#			if documents.length > 1
+#				access_denied("More than one document matches #{params[:id]}!", 
+#					documents_path)
+#			else
+				@document=documents[0]
+#			end
+		else
+			access_denied("Valid document id required!", documents_path)
+		end
+	end
+
+end

data/app/models/document.rb

@@ -0,0 +1,28 @@
+require 'hmac-sha1'
+#
+#	http://amazon.rubyforge.org/
+#
+class Document < ActiveRecord::Base
+	belongs_to :owner, :polymorphic => true
+
+	validates_presence_of :title
+	validates_length_of :title, :minimum => 4
+
+	validates_uniqueness_of :document_file_name, :allow_nil => true
+
+	before_validation :nullify_blank_document_file_name
+
+	has_attached_file :document,
+		YAML::load(ERB.new(IO.read(File.expand_path(
+			File.join(File.dirname(__FILE__),'../..','config/document.yml')
+		))).result)[Rails.env]
+
+	def nullify_blank_document_file_name
+		self.document_file_name = nil if document_file_name.blank?
+	end
+
+	def to_s
+		title
+	end
+
+end

data/app/views/documents/_document.html.erb

@@ -0,0 +1,15 @@
+<% content_tag_for( :tr, document, :class => 'row' ) do %>
+<td class='title'>
+<%= link_to document.title, preview_document_path(document) %>
+</td>
+<td class='path'>
+<%= document.document_file_name %>
+</td>
+<td class='manage'>
+<%= button_link_to 'Edit', edit_document_path(document) %>&nbsp;
+<% destroy_link_to 'Destroy', document_path(document) do %>
+<%= hidden_field_tag 'confirm', "Destroy document '#{document}'?", 
+	:id => nil %>
+<% end %>
+</td>
+<% end %><!-- class='document row' -->

data/app/views/documents/_form.html.erb

@@ -0,0 +1,19 @@
+<%# stylesheets('document') %>
+
+<% form_for(@document,:html => { :multipart => true }) do |f| %>
+	<%= f.error_messages %>
+
+	<%= f.wrapped_text_field :title %>
+
+	<div>
+	<div class='document'>
+		<%= f.label :document -%>
+		<% unless @document.new_record? -%>
+			(<%= @document.document.url -%>)
+		<% end -%><br />
+		<%= f.file_field :document %>
+	</div>
+	</div>
+	<%= f.wrapped_text_area :abstract %>
+	<p><%= f.submit( (@document.new_record?)? "Create" : "Update" )%></p>
+<% end %>

data/app/views/documents/edit.html.erb

@@ -0,0 +1,4 @@
+<h1>Editing Document</h1>
+<%= render 'form' %>
+<%= link_to 'Show', @document %> |
+<%= link_to 'Back', documents_path %>

data/app/views/documents/index.html.erb

@@ -0,0 +1,11 @@
+<% stylesheets('documents') %>
+
+<% if @documents.length > 0 %>
+<table id='documents'><tbody>
+<%= render :partial => 'document', :collection => @documents %>
+</tbody></table><!-- id='documents' -->
+<% end %>
+
+<p>
+<%= button_link_to 'Create New Document', new_document_path %>
+</p>

data/app/views/documents/new.html.erb

@@ -0,0 +1,3 @@
+<h1>New Document</h1>
+<%= render 'form' %>
+<%= link_to 'Back', documents_path %>

data/app/views/documents/preview.html.erb

@@ -0,0 +1,15 @@
+<%# stylesheets('document') %>
+
+<p>
+  <b>Title:</b>
+  <%=h @document.title %>
+</p>
+
+<p>
+  <b>Abstract:</b>
+  <%=h @document.abstract %>
+</p>
+
+<%= link_to 'Download', document_path(@document) %> |
+<%= link_to 'Edit', edit_document_path(@document) %> |
+<%= link_to 'Back', documents_path %>

data/config/document.yml

@@ -0,0 +1,54 @@
+#DEFAULTS: &DEFAULTS
+#  :styles:
+#    :full: '900'
+#    :large: '800'
+#    :medium: '600'
+#    :small: '150x50'
+
+#	:attachment is the attachment name NOT the model name
+#	for document they are the same
+
+<% common = "documents/:id/:filename" %>
+
+#>> Rails.root.to_s.split('/')
+#=> ["", "var", "lib", "tomcat5", "webapps", "clic", "WEB-INF"]
+
+#>> Rails.root.to_s.split('/')
+#=> ["", "Users", "jakewendt", "github_repo", "jakewendt", "ucb_ccls_clic"]
+
+<% 
+app_name = ( defined?(RAILS_APP_NAME) ) ? 
+	RAILS_APP_NAME :
+	Rails.root.to_s.split('/').reject{|x|x ==  "WEB-INF"}.last 
+%>
+
+development:
+  :path: <%= "#{Rails.root}/development/#{common}" %>
+#  <<: *DEFAULTS
+
+test:
+  :path: <%= "#{Rails.root}/test/#{common}" %>
+#  <<: *DEFAULTS
+
+#production:
+#  :path: <%= "/home/tomcat/#{app_name}/:attachment/:id/:filename" %>
+##	#  <<: *DEFAULTS
+
+production:
+  #	Set the storage class to RRS which is cheaper than 
+  #	the default of STANDARD
+  :s3_headers:
+    x-amz-storage-class: REDUCED_REDUNDANCY
+  # public_read or private
+  :s3_permissions: :private
+  :storage: :s3
+  :s3_protocol: https
+  :s3_credentials: <%="#{Rails.root}/config/s3.yml" %>
+  :bucket: <%= app_name %>
+  #	common has a : as the first char so it needs special care
+  #	or the string will magically be turned into a symbol
+  #	which isn't what we want 
+  #	Not anymore.
+  :path: <%= common %>
+  # S3 must have a defined path or will generate
+  # "Stack level too deep" errors

data/config/routes.rb

@@ -0,0 +1,5 @@
+ActionController::Routing::Routes.draw do |map|
+
+	map.resources :documents, :member => { :preview => :get }
+
+end

data/generators/documents/documents_generator.rb

@@ -0,0 +1,69 @@
+class DocumentsGenerator < Rails::Generator::Base
+
+	def manifest
+		#	See Rails::Generator::Commands::Create
+		#	rails-2.3.10/lib/rails_generator/commands.rb
+		#	for code methods for record (Manifest)
+		record do |m|
+
+			%w( create_documents
+				add_attachments_document_to_document 
+				polymorphicize_document_owner
+				).each do |migration|
+				m.migration_template "migrations/#{migration}.rb",
+					'db/migrate', :migration_file_name => migration
+			end
+
+			m.directory('public/javascripts')
+			Dir["#{File.dirname(__FILE__)}/templates/javascripts/*js"].each{|file| 
+				f = file.split('/').slice(-2,2).join('/')
+				m.file(f, "public/javascripts/#{File.basename(file)}")
+			}
+			m.directory('public/stylesheets')
+			Dir["#{File.dirname(__FILE__)}/templates/stylesheets/*css"].each{|file| 
+				f = file.split('/').slice(-2,2).join('/')
+				m.file(f, "public/stylesheets/#{File.basename(file)}")
+			}
+			m.directory('test/functional/documents')
+			Dir["#{File.dirname(__FILE__)}/templates/functional/*rb"].each{|file| 
+				f = file.split('/').slice(-2,2).join('/')
+				m.file(f, "test/functional/documents/#{File.basename(file)}")
+			}
+			m.directory('test/unit/documents')
+			Dir["#{File.dirname(__FILE__)}/templates/unit/*rb"].each{|file| 
+				f = file.split('/').slice(-2,2).join('/')
+				m.file(f, "test/unit/documents/#{File.basename(file)}")
+			}
+		end
+	end
+
+end
+module Rails::Generator::Commands
+	class Create
+		def migration_template(relative_source, 
+				relative_destination, template_options = {})
+			migration_directory relative_destination
+			migration_file_name = template_options[
+				:migration_file_name] || file_name
+			if migration_exists?(migration_file_name)
+				puts "Another migration is already named #{migration_file_name}: #{existing_migrations(migration_file_name).first}: Skipping" 
+			else
+				template(relative_source, "#{relative_destination}/#{next_migration_string}_#{migration_file_name}.rb", template_options)
+			end
+		end
+	end #	Create
+	class Base
+	protected
+		#	the loop through migrations happens so fast
+		#	that they all have the same timestamp which
+		#	won't work when you actually try to migrate.
+		#	All the timestamps MUST be unique.
+		def next_migration_string(padding = 3)
+			@s = (!@s.nil?)? @s.to_i + 1 : if ActiveRecord::Base.timestamped_migrations
+				Time.now.utc.strftime("%Y%m%d%H%M%S")
+			else
+				"%.#{padding}d" % next_migration_number
+			end
+		end
+	end	#	Base
+end

data/generators/documents/templates/functional/documents_controller_test.rb

@@ -0,0 +1,219 @@
+require File.dirname(__FILE__) + '/../../test_helper'
+
+class Documents::DocumentsControllerTest < ActionController::TestCase
+	tests DocumentsController
+
+	ASSERT_ACCESS_OPTIONS = {
+		:model => 'Document',
+		:actions => [:new,:create,:edit,:update,:destroy,:index],
+		:method_for_create => :factory_create,
+		:attributes_for_create => :factory_attributes
+	}
+
+	def factory_create
+		Factory(:document)
+	end
+	def factory_attributes
+		Factory.attributes_for(:document)
+	end
+
+	assert_access_with_https
+	assert_access_with_login({
+		:logins => [:super_user,:admin,:editor]})
+
+	assert_no_access_with_http 
+	assert_no_access_with_login({ 
+		:logins => [:interviewer,:reader,:active_user] })
+	assert_no_access_without_login
+
+	assert_no_access_with_login(
+		:attributes_for_create => nil,
+		:method_for_create => nil,
+		:actions => nil,
+		:suffix => " and invalid id",
+		:login => :superuser,
+		:redirect => :documents_path,
+		:edit => { :id => 0 },
+		:update => { :id => 0 },
+		:destroy => { :id => 0 }
+	)
+
+%w( super_user admin editor ).each do |cu|
+
+
+##	still only privacy filter is based on "may_maintain_pages"
+##	which isn't really gonna work
+#	test "should get redirect to public s3 document with #{cu} login" do
+#		Document.any_instance.stubs(:s3_public?).returns(true)
+#		document = Factory(:document, :document_file_name => 'bogus_file_name')
+#		assert !File.exists?(document.document.path)
+#		login_as send(cu)
+#		get :show, :id => document.id
+#		assert_redirected_to document.document.url
+#	end
+#
+#	test "should get redirect to private s3 document with #{cu} login" do
+#		Document.any_instance.stubs(:s3_private?).returns(true)
+#		document = Factory(:document, :document_file_name => 'bogus_file_name')
+#		assert !File.exists?(document.document.path)
+#		login_as send(cu)
+#		get :show, :id => document.id
+#		assert_redirected_to document.s3_url
+#	end
+
+#	Add may_download_document
+
+#	test "should get redirect to public s3 document with #{cu} login" do
+#		Document.any_instance.stubs(:s3_public?).returns(true)
+#		document = Factory(:document, :document_file_name => 'bogus_file_name')
+#		assert !File.exists?(document.document.path)
+#		login_as send(cu)
+#		get :show, :id => document.id
+#		assert_redirected_to document.document.url
+#	end
+
+	test "should get redirect to private s3 document with #{cu} login" do
+		Document.has_attached_file :document, {
+			:s3_headers => {
+				'x-amz-storage-class' => 'REDUCED_REDUNDANCY' },
+			:s3_permissions => :private,
+			:storage => :s3,
+			:s3_protocol => 'https',
+			:s3_credentials => "#{Rails.root}/config/s3.yml",
+			:bucket => 'ccls',
+			:path => "documents/:id/:filename"
+		}
+
+		#	Since the REAL S3 credentials are only in production
+		#	Bad credentials make exists? return true????
+		Rails.stubs(:env).returns('production')
+		document = Factory(:document, :document_file_name => 'bogus_file_name')
+		assert !document.document.exists?
+		assert !File.exists?(document.document.path)
+
+		AWS::S3::S3Object.stubs(:exists?).returns(true)
+
+		login_as send(cu)
+		get :show, :id => document.id
+		assert_response :redirect
+		assert_match %r{\Ahttp(s)?://s3.amazonaws.com/ccls/documents/\d+/bogus_file_name\.\?AWSAccessKeyId=\w+&Expires=\d+&Signature=.+\z}, @response.redirected_to
+	end
+
+
+
+
+
+
+	test "should NOT download document with nil document and #{cu} login" do
+		document = Factory(:document)
+		assert document.document.path.blank?
+		login_as send(cu)
+		get :show, :id => document.id
+		assert_redirected_to preview_document_path(document)
+		assert_not_nil flash[:error]
+	end
+
+	test "should NOT download document with no document and #{cu} login" do
+		document = Factory(:document, :document_file_name => 'bogus_file_name')
+		assert !File.exists?(document.document.path)
+		login_as send(cu)
+		get :show, :id => document.id
+		assert_redirected_to preview_document_path(document)
+		assert_not_nil flash[:error]
+	end
+
+	test "should NOT download nonexistant document with #{cu} login" do
+		assert !File.exists?('some_fake_file_name.doc')
+		login_as send(cu)
+		get :show, :id => 'some_fake_file_name',:format => 'doc'
+		assert_redirected_to documents_path
+		assert_not_nil flash[:error]
+	end
+
+	test "should preview document with document and #{cu} login" do
+		document = Factory(:document)
+		login_as send(cu)
+		get :preview, :id => document.id
+		assert_response :success
+		assert_nil flash[:error]
+	end
+
+	test "should download document by id with document and #{cu} login" do
+		document = Document.create!(Factory.attributes_for(:document, 
+			:document => File.open(File.dirname(__FILE__) + 
+				'/../../assets/edit_save_wireframe.pdf')))
+		login_as send(cu)
+		get :show, :id => document.reload.id
+		assert_nil flash[:error]
+		assert_not_nil @response.headers['Content-disposition'].match(
+			/attachment;.*pdf/)
+		document.destroy
+	end
+
+	test "should download document by name with document and #{cu} login" do
+		document = Document.create!(Factory.attributes_for(:document, 
+			:document => File.open(File.dirname(__FILE__) + 
+				'/../../assets/edit_save_wireframe.pdf')))
+		login_as send(cu)
+		get :show, :id => 'edit_save_wireframe',
+			:format => 'pdf'
+		assert_nil flash[:error]
+		assert_not_nil @response.headers['Content-disposition'].match(
+			/attachment;.*pdf/)
+		document.destroy
+	end
+
+	test "should NOT create invalid document with #{cu} login" do
+		login_as send(cu)
+		assert_no_difference('Document.count') do
+			post :create, :document => {}
+		end
+		assert_not_nil flash[:error]
+		assert_template 'new'
+		assert_response :success
+	end
+
+	test "should NOT update invalid document with #{cu} login" do
+		login_as send(cu)
+		put :update, :id => Factory(:document).id, 
+			:document => { :title => "a" }
+		assert_not_nil flash[:error]
+		assert_template 'edit'
+		assert_response :success
+	end
+
+end
+
+%w( interviewer reader active_user ).each do |cu|
+
+	test "should NOT preview document with #{cu} login" do
+		document = Factory(:document)
+		login_as send(cu)
+		get :preview, :id => document.id
+		assert_redirected_to root_path
+		assert_not_nil flash[:error]
+	end
+
+	test "should NOT download document with #{cu} login" do
+		document = Factory(:document)
+		login_as send(cu)
+		get :show, :id => document.id
+		assert_redirected_to root_path
+		assert_not_nil flash[:error]
+	end
+
+end
+
+	test "should NOT preview document without login" do
+		document = Factory(:document)
+		get :preview, :id => document.id
+		assert_redirected_to_login
+	end
+
+	test "should NOT download document without login" do
+		document = Factory(:document)
+		get :show, :id => document.id
+		assert_redirected_to_login
+	end
+
+end