jakewendt-simply_authorized 1.3.6
Sign up to get free protection for your applications and to get access to all the features.
- data/README.rdoc +52 -0
- data/app/controllers/roles_controller.rb +38 -0
- data/app/models/role.rb +34 -0
- data/config/routes.rb +9 -0
- data/generators/simply_authorized/USAGE +0 -0
- data/generators/simply_authorized/simply_authorized_generator.rb +84 -0
- data/generators/simply_authorized/templates/autotest_simply_authorized.rb +2 -0
- data/generators/simply_authorized/templates/functional/roles_controller_test.rb +143 -0
- data/generators/simply_authorized/templates/migrations/create_roles.rb +14 -0
- data/generators/simply_authorized/templates/migrations/create_roles_users.rb +14 -0
- data/generators/simply_authorized/templates/simply_authorized.rake +8 -0
- data/generators/simply_authorized/templates/stylesheets/authorized.css +0 -0
- data/generators/simply_authorized/templates/unit/role_test.rb +30 -0
- data/lib/jakewendt-simply_authorized.rb +1 -0
- data/lib/simply_authorized.rb +41 -0
- data/lib/simply_authorized/authorization.rb +68 -0
- data/lib/simply_authorized/autotest.rb +26 -0
- data/lib/simply_authorized/controller.rb +87 -0
- data/lib/simply_authorized/core_extension.rb +16 -0
- data/lib/simply_authorized/factories.rb +15 -0
- data/lib/simply_authorized/factory_test_helper.rb +47 -0
- data/lib/simply_authorized/helper.rb +28 -0
- data/lib/simply_authorized/permissive_controller.rb +27 -0
- data/lib/simply_authorized/resourceful_controller.rb +83 -0
- data/lib/simply_authorized/tasks.rb +1 -0
- data/lib/simply_authorized/test_tasks.rb +47 -0
- data/lib/simply_authorized/user_model.rb +161 -0
- data/lib/tasks/application.rake +40 -0
- data/lib/tasks/database.rake +52 -0
- data/lib/tasks/documentation.rake +68 -0
- data/lib/tasks/rcov.rake +44 -0
- data/lib/tasks/simply_sessions.rake +5 -0
- data/rails/init.rb +4 -0
- data/test/app/controllers/application_controller.rb +16 -0
- data/test/app/controllers/home_controller.rb +10 -0
- data/test/app/controllers/users_controller.rb +43 -0
- data/test/app/models/user.rb +3 -0
- data/test/config/routes.rb +11 -0
- data/test/functional/authorized/roles_controller_test.rb +143 -0
- data/test/unit/authorized/role_test.rb +30 -0
- metadata +167 -0
@@ -0,0 +1 @@
|
|
1
|
+
Dir["#{File.dirname(__FILE__)}/../tasks/**/*.rake"].sort.each { |ext| load ext }
|
@@ -0,0 +1,47 @@
|
|
1
|
+
module SimplyAuthorized;end
|
2
|
+
namespace :test do
|
3
|
+
namespace :units do
|
4
|
+
Rake::TestTask.new(:simply_authorized => "db:test:prepare") do |t|
|
5
|
+
t.pattern = File.expand_path(File.join(
|
6
|
+
File.dirname(__FILE__),'/../../test/unit/authorized/*_test.rb'))
|
7
|
+
t.libs << "test"
|
8
|
+
t.verbose = true
|
9
|
+
end
|
10
|
+
end
|
11
|
+
namespace :functionals do
|
12
|
+
Rake::TestTask.new(:simply_authorized => "db:test:prepare") do |t|
|
13
|
+
t.pattern = File.expand_path(File.join(
|
14
|
+
File.dirname(__FILE__),'/../../test/functional/authorized/*_test.rb'))
|
15
|
+
t.libs << "test"
|
16
|
+
t.verbose = true
|
17
|
+
end
|
18
|
+
end
|
19
|
+
end
|
20
|
+
Rake::Task['test:functionals'].prerequisites.unshift(
|
21
|
+
"test:functionals:simply_authorized" )
|
22
|
+
Rake::Task['test:units'].prerequisites.unshift(
|
23
|
+
"test:units:simply_authorized" )
|
24
|
+
|
25
|
+
# I thought of possibly just including this file
|
26
|
+
# but that would make __FILE__ different.
|
27
|
+
# Hmmm
|
28
|
+
|
29
|
+
#
|
30
|
+
# used in simply_helpful's rake test:coverage to run gem's
|
31
|
+
# tests in the context of the application
|
32
|
+
#
|
33
|
+
@gem_test_dirs ||= []
|
34
|
+
#@gem_test_dirs << File.expand_path(File.join(File.dirname(__FILE__),
|
35
|
+
# '/../../test/unit/authorized/'))
|
36
|
+
#@gem_test_dirs << File.expand_path(File.join(File.dirname(__FILE__),
|
37
|
+
# '/../../test/functional/authorized/'))
|
38
|
+
|
39
|
+
#
|
40
|
+
# More flexible. Find all test files, pick out their dir, uniq 'em and add.
|
41
|
+
#
|
42
|
+
Dir.glob( File.expand_path(File.join(File.dirname(__FILE__),
|
43
|
+
'/../../test/*/authorized/*_test.rb'))).collect{|f|
|
44
|
+
File.dirname(f)
|
45
|
+
}.uniq.each{ |dir|
|
46
|
+
@gem_test_dirs << dir
|
47
|
+
}
|
@@ -0,0 +1,161 @@
|
|
1
|
+
module SimplyAuthorized
|
2
|
+
module UserModel
|
3
|
+
|
4
|
+
def self.included(base)
|
5
|
+
base.extend(PrepMethod)
|
6
|
+
# base.send(:include, InstanceMethods)
|
7
|
+
# base.class_eval do
|
8
|
+
# alias_method_chain :reset_persistence_token, :uniqueness
|
9
|
+
# end
|
10
|
+
end
|
11
|
+
|
12
|
+
module PrepMethod
|
13
|
+
def simply_authorized(options={})
|
14
|
+
|
15
|
+
include SimplyAuthorized::UserModel::InstanceMethods
|
16
|
+
extend SimplyAuthorized::UserModel::ClassMethods
|
17
|
+
|
18
|
+
has_and_belongs_to_many :roles, :uniq => true,
|
19
|
+
:before_add => :before_add_role,
|
20
|
+
:after_add => :after_add_role,
|
21
|
+
:before_remove => :before_remove_role,
|
22
|
+
:after_remove => :after_remove_role
|
23
|
+
|
24
|
+
end
|
25
|
+
alias_method :authorized, :simply_authorized
|
26
|
+
end
|
27
|
+
|
28
|
+
module ClassMethods
|
29
|
+
|
30
|
+
# def search(options={})
|
31
|
+
# conditions = {}
|
32
|
+
# includes = joins = []
|
33
|
+
# if !options[:role_name].blank?
|
34
|
+
# includes = [:roles]
|
35
|
+
# if Role.all.collect(&:name).include?(options[:role_name])
|
36
|
+
# joins = [:roles]
|
37
|
+
# conditions = ["roles.name = '#{options[:role_name]}'"]
|
38
|
+
# # else
|
39
|
+
# # @errors = "No such role '#{options[:role_name]}'"
|
40
|
+
# end
|
41
|
+
# end
|
42
|
+
# self.all(
|
43
|
+
# :joins => joins,
|
44
|
+
# :include => includes,
|
45
|
+
# :conditions => conditions )
|
46
|
+
# end
|
47
|
+
|
48
|
+
end
|
49
|
+
|
50
|
+
module InstanceMethods
|
51
|
+
|
52
|
+
def before_add_role(role)
|
53
|
+
end
|
54
|
+
|
55
|
+
def after_add_role(role)
|
56
|
+
end
|
57
|
+
|
58
|
+
def before_remove_role(role)
|
59
|
+
end
|
60
|
+
|
61
|
+
def after_remove_role(role)
|
62
|
+
end
|
63
|
+
|
64
|
+
def role_names
|
65
|
+
roles.collect(&:name).uniq
|
66
|
+
end
|
67
|
+
|
68
|
+
def deputize
|
69
|
+
roles << Role.find_or_create_by_name('administrator')
|
70
|
+
end
|
71
|
+
|
72
|
+
# The 4 common CCLS roles are ....
|
73
|
+
def is_superuser?(*args)
|
74
|
+
self.role_names.include?('superuser')
|
75
|
+
end
|
76
|
+
alias_method :is_super_user?, :is_superuser?
|
77
|
+
|
78
|
+
def is_administrator?(*args)
|
79
|
+
self.role_names.include?('administrator')
|
80
|
+
end
|
81
|
+
|
82
|
+
def is_editor?(*args)
|
83
|
+
self.role_names.include?('editor')
|
84
|
+
end
|
85
|
+
|
86
|
+
def is_interviewer?(*args)
|
87
|
+
self.role_names.include?('interviewer')
|
88
|
+
end
|
89
|
+
|
90
|
+
def is_reader?(*args)
|
91
|
+
self.role_names.include?('reader')
|
92
|
+
end
|
93
|
+
|
94
|
+
def is_user?(user=nil)
|
95
|
+
!user.nil? && self == user
|
96
|
+
end
|
97
|
+
alias_method :may_be_user?, :is_user?
|
98
|
+
|
99
|
+
def may_administrate?(*args)
|
100
|
+
(self.role_names & ['superuser','administrator']).length > 0
|
101
|
+
end
|
102
|
+
alias_method :may_view_permissions?, :may_administrate?
|
103
|
+
alias_method :may_create_user_invitations?, :may_administrate?
|
104
|
+
alias_method :may_view_users?, :may_administrate?
|
105
|
+
alias_method :may_assign_roles?, :may_administrate?
|
106
|
+
|
107
|
+
def may_edit?(*args)
|
108
|
+
(self.role_names &
|
109
|
+
['superuser','administrator','editor']
|
110
|
+
).length > 0
|
111
|
+
end
|
112
|
+
alias_method :may_maintain_pages?, :may_edit?
|
113
|
+
|
114
|
+
|
115
|
+
# Add tests for may_interview and may_read
|
116
|
+
def may_interview?(*args)
|
117
|
+
(self.role_names &
|
118
|
+
['superuser','administrator','editor','interviewer']
|
119
|
+
).length > 0
|
120
|
+
end
|
121
|
+
|
122
|
+
# This is pretty lame as all current roles can read
|
123
|
+
def may_read?(*args)
|
124
|
+
(self.role_names &
|
125
|
+
['superuser','administrator','editor','interviewer','reader']
|
126
|
+
).length > 0
|
127
|
+
end
|
128
|
+
alias_method :may_view?, :may_read?
|
129
|
+
|
130
|
+
|
131
|
+
|
132
|
+
def may_view_user?(user=nil)
|
133
|
+
self.is_user?(user) || self.may_administrate?
|
134
|
+
end
|
135
|
+
|
136
|
+
|
137
|
+
|
138
|
+
|
139
|
+
def may_share_document?(document=nil)
|
140
|
+
document && (
|
141
|
+
self.is_administrator? ||
|
142
|
+
( document.owner && self == document.owner )
|
143
|
+
)
|
144
|
+
end
|
145
|
+
|
146
|
+
def may_view_document?(document=nil)
|
147
|
+
document
|
148
|
+
|
149
|
+
|
150
|
+
|
151
|
+
|
152
|
+
|
153
|
+
end
|
154
|
+
|
155
|
+
protected
|
156
|
+
|
157
|
+
end
|
158
|
+
|
159
|
+
end
|
160
|
+
end
|
161
|
+
ActiveRecord::Base.send( :include, SimplyAuthorized::UserModel )
|
@@ -0,0 +1,40 @@
|
|
1
|
+
namespace :app do
|
2
|
+
|
3
|
+
# task :args_as_array do
|
4
|
+
# args = $*.dup.slice(1..-1)
|
5
|
+
# puts args.collect {|arg| "X:" << arg }.join("\n")
|
6
|
+
# exit
|
7
|
+
# end
|
8
|
+
|
9
|
+
desc "Add some expected users."
|
10
|
+
task :add_users => :environment do
|
11
|
+
puts "Adding users"
|
12
|
+
%w( 859908 228181 214766 180918 66458 808 768475
|
13
|
+
10883 86094 754783 769067 854720 16647 ).each do |uid|
|
14
|
+
puts " - Adding user with uid:#{uid}:"
|
15
|
+
User.find_create_and_update_by_uid(uid)
|
16
|
+
end
|
17
|
+
end
|
18
|
+
|
19
|
+
desc "Deputize user by UID"
|
20
|
+
task :deputize => :environment do
|
21
|
+
puts
|
22
|
+
if ENV['uid'].blank?
|
23
|
+
puts "User's CalNet UID required."
|
24
|
+
puts "Usage: rake #{$*} uid=INTEGER"
|
25
|
+
puts
|
26
|
+
exit
|
27
|
+
end
|
28
|
+
if !User.exists?(:uid => ENV['uid'])
|
29
|
+
puts "No user found with uid=#{ENV['uid']}."
|
30
|
+
puts
|
31
|
+
exit
|
32
|
+
end
|
33
|
+
user = User.find(:first, :conditions => { :uid => ENV['uid'] })
|
34
|
+
puts "Found user #{user.displayname}. Deputizing..."
|
35
|
+
user.deputize
|
36
|
+
puts "User deputized: #{user.is_administrator?}"
|
37
|
+
puts
|
38
|
+
end
|
39
|
+
|
40
|
+
end
|
@@ -0,0 +1,52 @@
|
|
1
|
+
namespace :db do
|
2
|
+
|
3
|
+
desc "Create yml fixtures for given model in database\n" <<
|
4
|
+
"rake db:extract_fixtures_from pages"
|
5
|
+
task :extract_fixtures_from => :environment do
|
6
|
+
me = $*.shift
|
7
|
+
while( table_name = $*.shift )
|
8
|
+
File.open("#{RAILS_ROOT}/db/#{table_name}.yml", 'w') do |file|
|
9
|
+
data = table_name.singularize.capitalize.constantize.find(
|
10
|
+
:all).collect(&:attributes)
|
11
|
+
file.write data.inject({}) { |hash, record|
|
12
|
+
record.delete('created_at')
|
13
|
+
record.delete('updated_at')
|
14
|
+
hash["#{table_name}_#{record['id']}"] = record
|
15
|
+
hash
|
16
|
+
}.to_yaml
|
17
|
+
end
|
18
|
+
end
|
19
|
+
exit
|
20
|
+
end
|
21
|
+
|
22
|
+
desc "Dump MYSQL table descriptions."
|
23
|
+
task :describe => :environment do
|
24
|
+
puts
|
25
|
+
puts "FYI: This task ONLY works on MYSQL databases."
|
26
|
+
puts
|
27
|
+
config = ActiveRecord::Base.connection.instance_variable_get(:@config)
|
28
|
+
#=> {:adapter=>"mysql", :host=>"localhost", :password=>nil, :username=>"root", :database=>"my_development", :encoding=>"utf8"}
|
29
|
+
|
30
|
+
tables = ActiveRecord::Base.connection.execute('show tables;')
|
31
|
+
while( table = tables.fetch_row ) do
|
32
|
+
puts "Table: #{table}"
|
33
|
+
|
34
|
+
# may have to include host and port
|
35
|
+
system("mysql --table=true " <<
|
36
|
+
"--user=#{config[:username]} " <<
|
37
|
+
"--password='#{config[:password]}' " <<
|
38
|
+
"--execute='describe #{table}' " <<
|
39
|
+
config[:database]);
|
40
|
+
|
41
|
+
#
|
42
|
+
# mysql formats the table well so doing it by hand is something that
|
43
|
+
# will have to wait until I feel like wasting my time
|
44
|
+
#
|
45
|
+
# columns = ActiveRecord::Base.connection.execute("describe #{table};")
|
46
|
+
# while( column = columns.fetch_hash ) do
|
47
|
+
# puts column.keys Extra Default Null Type Field Key
|
48
|
+
# end
|
49
|
+
end
|
50
|
+
end
|
51
|
+
|
52
|
+
end
|
@@ -0,0 +1,68 @@
|
|
1
|
+
#
|
2
|
+
# This file has been copied from rails
|
3
|
+
# .../rails-2.3.5/lib/tasks/documentation.rake
|
4
|
+
# so that parts of it could be modified.
|
5
|
+
|
6
|
+
namespace :doc do |doc|
|
7
|
+
|
8
|
+
# Rake::RDocTask.new("app") { |rdoc|
|
9
|
+
#
|
10
|
+
# We cannot overwrite or override an RDoc rake task.
|
11
|
+
# Redefining it here actually creates another
|
12
|
+
# of the same name and both are run when
|
13
|
+
# `rake doc:app` is called. The Rakefile
|
14
|
+
# is modified to handle the modifications.
|
15
|
+
#
|
16
|
+
# Actually, that's not entirely true. This would
|
17
|
+
# add another task, but you can remove and override
|
18
|
+
# a task. The rdoc_rails plugin was overriding my
|
19
|
+
# override, which caused all the frustration!!!
|
20
|
+
#
|
21
|
+
# }
|
22
|
+
|
23
|
+
plugins = FileList['vendor/plugins/**'].collect { |plugin|
|
24
|
+
File.basename(plugin) }
|
25
|
+
|
26
|
+
namespace :plugins do
|
27
|
+
# Define doc tasks for each plugin
|
28
|
+
plugins.each do |plugin|
|
29
|
+
|
30
|
+
# clear rails' Rake::Task of the same name
|
31
|
+
Rake::Task[plugin].clear_actions
|
32
|
+
Rake::Task[plugin].clear_prerequisites
|
33
|
+
|
34
|
+
Rake::RDocTask.new(plugin) { |rdoc|
|
35
|
+
plugin_base = "vendor/plugins/#{plugin}"
|
36
|
+
ENV['format'] ||= 'railsfish'
|
37
|
+
rdoc.rdoc_dir = "doc/plugins/#{plugin}"
|
38
|
+
rdoc.template = ENV['template'] if ENV['template']
|
39
|
+
rdoc.title = "#{plugin.titlecase} Plugin Documentation"
|
40
|
+
rdoc.options << '--line-numbers' << '--inline-source'
|
41
|
+
rdoc.options << '--charset' << 'utf-8'
|
42
|
+
rdoc.options << '--format' << ENV['format']
|
43
|
+
rdoc.rdoc_files.include("#{plugin_base}/lib/**/*.rb")
|
44
|
+
rdoc.rdoc_files.include("#{plugin_base}/app/**/*.rb")
|
45
|
+
|
46
|
+
%w( README README.rdoc ).each do |readme|
|
47
|
+
if File.exist?("#{plugin_base}/#{readme}")
|
48
|
+
rdoc.main = "#{plugin_base}/#{readme}"
|
49
|
+
break
|
50
|
+
end
|
51
|
+
end
|
52
|
+
%w( TODO.org MIT-LICENSE LICENSE CHANGELOG README README.rdoc ).each do |possible_file|
|
53
|
+
if File.exist?("#{plugin_base}/#{possible_file}")
|
54
|
+
rdoc.rdoc_files.include("#{plugin_base}/#{possible_file}")
|
55
|
+
end
|
56
|
+
end
|
57
|
+
}
|
58
|
+
|
59
|
+
end
|
60
|
+
end
|
61
|
+
|
62
|
+
task :parse_readme => :environment do
|
63
|
+
require 'rdoc/markup/to_html'
|
64
|
+
h = RDoc::Markup::ToHtml.new
|
65
|
+
puts h.convert( File.read('README.rdoc') )
|
66
|
+
end
|
67
|
+
|
68
|
+
end
|
data/lib/tasks/rcov.rake
ADDED
@@ -0,0 +1,44 @@
|
|
1
|
+
#
|
2
|
+
# This is from Advanced Rails Recipes, page 277
|
3
|
+
#
|
4
|
+
|
5
|
+
# TODO use the version in simply_helpful and delete this
|
6
|
+
|
7
|
+
#namespace :test do
|
8
|
+
#
|
9
|
+
# desc 'Tracks test coverage with rcov'
|
10
|
+
# task :coverage do
|
11
|
+
# rm_f "coverage"
|
12
|
+
# rm_f "coverage.data"
|
13
|
+
#
|
14
|
+
# unless PLATFORM['i386-mswin32']
|
15
|
+
# rcov = "rcov --sort coverage --rails --aggregate coverage.data " <<
|
16
|
+
# "--text-summary -Ilib -T " <<
|
17
|
+
# "-x gems/*,db/migrate/*,jrails/*/*" <<
|
18
|
+
# ',\(eval\),\(recognize_optimized\),\(erb\)' << # needed in jruby
|
19
|
+
# ",yaml,yaml/*,lib/tmail/parser.y,jruby.jar!/*" << # needed in jruby
|
20
|
+
# ",html_test/*/*" <<
|
21
|
+
# ",html_test_extension/*/*"
|
22
|
+
# else
|
23
|
+
# rcov = "rcov.cmd --sort coverage --rails --aggregate " <<
|
24
|
+
# "coverage.data --text-summary -Ilib -T"
|
25
|
+
# end
|
26
|
+
#
|
27
|
+
# dirs = Dir.glob("test/**/*_test.rb").collect{|f|File.dirname(f)}.uniq
|
28
|
+
# lastdir = dirs.pop
|
29
|
+
# dirs.each do |dir|
|
30
|
+
# system("#{rcov} --no-html #{dir}/*_test.rb")
|
31
|
+
# end
|
32
|
+
# system("#{rcov} --html #{lastdir}/*_test.rb") unless lastdir.nil?
|
33
|
+
#
|
34
|
+
# unless PLATFORM['i386-mswin32']
|
35
|
+
## jruby-1.5.0.RC1 > PLATFORM
|
36
|
+
## => "java"
|
37
|
+
## system("open coverage/index.html") if PLATFORM['darwin']
|
38
|
+
# system("open coverage/index.html")
|
39
|
+
# else
|
40
|
+
# system("\"C:/Program Files/Mozilla Firefox/firefox.exe\" " +
|
41
|
+
# "coverage/index.html")
|
42
|
+
# end
|
43
|
+
# end
|
44
|
+
#end
|
data/rails/init.rb
ADDED
@@ -0,0 +1,16 @@
|
|
1
|
+
class ApplicationController < ActionController::Base
|
2
|
+
|
3
|
+
helper :all # include all helpers, all the time
|
4
|
+
|
5
|
+
# See ActionController::RequestForgeryProtection for details
|
6
|
+
protect_from_forgery
|
7
|
+
|
8
|
+
def redirections
|
9
|
+
@redirections ||= HashWithIndifferentAccess.new({
|
10
|
+
:not_be_user => {
|
11
|
+
:redirect_to => user_path(current_user)
|
12
|
+
}
|
13
|
+
})
|
14
|
+
end
|
15
|
+
|
16
|
+
end
|