knitkit 2.1.11 → 2.1.12

data/spec/dummy/db/migrate/20130107153233_base_tech_services.erp_tech_svcs.rb

@@ -0,0 +1,271 @@
+# This migration comes from erp_tech_svcs (originally 20080805000010)
+class BaseTechServices < ActiveRecord::Migration
+  def self.up
+    unless table_exists?(:users)
+      # Create the users table
+      create_table :users do |t|
+        t.string :username
+        t.string :email
+        t.references :party
+        t.string :type
+        t.string :salt, :default => nil
+        t.string :crypted_password, :default => nil
+
+        #activity logging
+        t.datetime :last_login_at, :default => nil
+        t.datetime :last_logout_at, :default => nil
+        t.datetime :last_activity_at, :default => nil
+
+        #brute force protection
+        t.integer :failed_logins_count, :default => 0
+        t.datetime :lock_expires_at, :default => nil
+
+        #remember me
+        t.string :remember_me_token, :default => nil
+        t.datetime :remember_me_token_expires_at, :default => nil
+
+        #reset password
+        t.string :reset_password_token, :default => nil
+        t.datetime :reset_password_token_expires_at, :default => nil
+        t.datetime :reset_password_email_sent_at, :default => nil
+      
+        #user activation
+        t.string :activation_state, :default => nil
+        t.string :activation_token, :default => nil
+        t.datetime :activation_token_expires_at, :default => nil
+
+        t.string :security_question_1
+        t.string :security_answer_1
+        t.string :security_question_2
+        t.string :security_answer_2
+
+        t.timestamps
+      end
+      add_index :users, :email, :unique => true
+      add_index :users, :username, :unique => true
+      add_index :users, [:last_logout_at, :last_activity_at], :name => 'activity_idx'
+      add_index :users, :remember_me_token
+      add_index :users, :reset_password_token
+      add_index :users, :activation_token
+    
+    end
+
+    unless table_exists?(:groups)
+      create_table :groups do |t|
+        t.column :description, :string
+        t.timestamps
+      end
+    end
+
+    unless table_exists?(:security_roles)
+      # create the roles table
+      create_table :security_roles do |t|
+        t.column :description, :string
+        t.column :internal_identifier, :string
+        t.column :external_identifier, :string
+        t.column :external_id_source, :string
+        
+        t.timestamps
+      end
+    end
+
+    unless table_exists?(:sessions)
+      # Create sessions table
+      create_table :sessions do |t|
+        t.string :session_id, :null => false
+        t.text :data
+        t.timestamps
+      end
+      add_index :sessions,      :session_id
+      add_index :sessions,      :updated_at
+    end
+
+    unless table_exists?(:audit_logs)
+      # Create audit_logs
+      create_table   :audit_logs do |t|
+        t.string     :application
+        t.string     :description
+        t.integer    :party_id
+        t.text       :additional_info
+        t.references :audit_log_type
+
+        #polymorphic columns
+        t.references :event_record, :polymorphic => true
+
+        t.timestamps
+      end
+      add_index :audit_logs, :party_id
+      add_index :audit_logs, [:event_record_id, :event_record_type], :name => 'event_record_index'
+    end
+
+    unless table_exists?(:audit_log_types)
+      # Create audit_logs
+      create_table :audit_log_types do |t|
+        t.string :description
+        t.string :error_code
+        t.string :comments
+        t.string :internal_identifier
+        t.string :external_identifier
+        t.string :external_id_source
+
+        #better nested set columns
+        t.integer :parent_id
+        t.integer :lft
+        t.integer :rgt
+
+        t.timestamps
+      end
+    end
+
+    unless table_exists?(:audit_log_items)
+      # Create audit_log_items
+      create_table   :audit_log_items do |t|
+        t.references :audit_log
+        t.references :audit_log_item_type
+        t.string     :audit_log_item_value
+        t.string     :description
+
+        t.timestamps
+      end
+    end
+
+    unless table_exists?(:audit_log_item_types)
+      # Create audit_log_item_types
+      create_table   :audit_log_item_types do |t|
+        t.string :internal_identifier
+        t.string :external_identifier
+        t.string :external_id_source
+        t.string :description
+        t.string :comments
+
+        #better nested set columns
+        t.integer :parent_id
+        t.integer :lft
+        t.integer :rgt
+
+        t.timestamps
+      end
+    end
+    
+    unless table_exists?(:file_assets)
+      create_table :file_assets do |t|
+        t.references :file_asset_holder, :polymorphic => true
+        t.string :type
+        t.string :name
+        t.string :directory
+        t.string :data_file_name
+        t.string :data_content_type
+        t.integer :data_file_size
+        t.datetime :data_updated_at
+        t.string :width
+        t.string :height
+
+        t.timestamps
+      end
+      add_index :file_assets, :type
+      add_index :file_assets, [:file_asset_holder_id, :file_asset_holder_type], :name => 'file_asset_holder_idx'
+      add_index :file_assets, :name
+      add_index :file_assets, :directory
+    end
+	
+    unless table_exists?(:delayed_jobs)
+      create_table :delayed_jobs, :force => true do |table|
+        table.integer  :priority, :default => 0      # Allows some jobs to jump to the front of the queue
+        table.integer  :attempts, :default => 0      # Provides for retries, but still fail eventually.
+        table.text     :handler                      # YAML-encoded string of the object that will do work
+        table.text     :last_error                   # reason for last failure (See Note below)
+        table.datetime :run_at                       # When to run. Could be Time.zone.now for immediately, or sometime in the future.
+        table.datetime :locked_at                    # Set when a client is working on this object
+        table.datetime :failed_at                    # Set when all retries have failed (actually, by default, the record is deleted instead)
+        table.string   :locked_by                    # Who is working on this object (if locked)
+        table.string   :queue
+        table.timestamps
+      end
+      add_index :delayed_jobs, [:priority, :run_at], :name => 'delayed_jobs_priority'
+    end
+
+    unless table_exists?(:capable_models)
+      # create the roles table
+      create_table :capable_models do |t|
+        t.references :capable_model_record, :polymorphic => true
+
+        t.timestamps
+      end
+
+      add_index :capable_models, [:capable_model_record_id, :capable_model_record_type], :name => 'capable_model_record_idx'
+    end
+
+    unless table_exists?(:capability_types)
+      # create the roles table
+      create_table :capability_types do |t|
+        t.string :internal_identifier
+        t.string :description
+        t.timestamps
+      end
+    end
+
+    unless table_exists?(:capabilities)
+      # create the roles table
+      create_table :capabilities do |t|
+        t.string :description
+        t.references :capability_type
+        t.string :capability_resource_type
+        t.integer :capability_resource_id
+        t.integer :scope_type_id
+        t.text :scope_query  
+        t.timestamps
+      end
+
+      add_index :capabilities, :capability_type_id
+      add_index :capabilities, :scope_type_id
+      add_index :capabilities, [:capability_resource_id, :capability_resource_type], :name => 'capability_resource_index'
+    end
+
+    unless table_exists?(:capability_accessors)
+      create_table :capability_accessors do |t|
+        t.string :capability_accessor_record_type
+        t.integer :capability_accessor_record_id
+        t.integer :capability_id
+        t.timestamps
+      end
+
+      add_index :capability_accessors, :capability_id
+      add_index :capability_accessors, [:capability_accessor_record_id, :capability_accessor_record_type], :name => 'capability_accessor_record_index'
+    end
+
+    unless table_exists?(:scope_types)
+      create_table :scope_types do |t|
+        t.string :description
+        t.string :internal_identifier
+        t.timestamps
+      end
+
+      add_index :scope_types, :internal_identifier
+    end
+
+    unless table_exists?(:parties_security_roles)
+      create_table :parties_security_roles, :id => false do |t|
+        t.integer :party_id
+        t.integer :security_role_id
+      end
+
+      add_index :parties_security_roles, :party_id
+      add_index :parties_security_roles, :security_role_id
+    end
+
+  end
+
+  def self.down
+    # check that each table exists before trying to delete it.
+    [ :groups,
+      :audit_logs, :sessions, :simple_captcha_data,
+      :capability_accessors, :capability_types, :capabilities,:scope_types,
+      :parties_security_roles, :roles, :audit_log_items, :audit_log_item_types,
+      :users, :file_assets, :delayed_jobs
+    ].each do |tbl|
+      if table_exists?(tbl)
+        drop_table tbl
+      end
+    end
+  end
+end

data/spec/dummy/db/migrate/20130107153234_create_has_attribute_tables.erp_tech_svcs.rb

@@ -0,0 +1,39 @@
+# This migration comes from erp_tech_svcs (originally 20111117183144)
+class CreateHasAttributeTables < ActiveRecord::Migration
+  def up
+    unless table_exists?(:attribute_types)
+      create_table :attribute_types do |t|
+        t.string :internal_identifier
+        t.string :description
+        t.string :data_type
+
+        t.timestamps
+      end
+
+      add_index :attribute_types, :internal_identifier,  :name => ':attribute_types_iid_idx'
+    end
+    unless table_exists?(:attribute_values)
+      create_table :attribute_values do |t|
+        t.integer :attributed_record_id
+        t.string :attributed_record_type
+        t.references :attribute_type
+        t.string  :value
+
+        t.timestamps
+      end
+
+      add_index :attribute_values, [:attributed_record_id, :attributed_record_type], :name => 'attribute_values_attributed_record_idx'
+      add_index :attribute_values, :attribute_type_id,  :name => 'attribute_values_attributed_type_idx'
+      add_index :attribute_values, :value,  :name => 'attribute_values_value_idx'
+    end
+  end
+
+  def down
+    if table_exists?(:attribute_types)
+      drop_table :attribute_types
+    end
+    if table_exists?(:attribute_values)
+      drop_table :attribute_values
+    end
+  end
+end

data/spec/dummy/db/migrate/20130107153235_create_groups.erp_tech_svcs.rb

@@ -0,0 +1,19 @@
+# This migration comes from erp_tech_svcs (originally 20121116151510)
+class CreateGroups < ActiveRecord::Migration
+  def self.up
+    unless table_exists?(:groups)
+      create_table :groups do |t|
+        t.column :description, :string
+        t.timestamps
+      end
+    end
+  end
+
+  def self.down
+    [ :groups ].each do |tbl|
+      if table_exists?(tbl)
+        drop_table tbl
+      end
+    end
+  end
+end

data/spec/dummy/db/migrate/20130107153236_upgrade_security.erp_tech_svcs.rb

@@ -0,0 +1,54 @@
+# This migration comes from erp_tech_svcs (originally 20121126171612)
+class UpgradeSecurity < ActiveRecord::Migration
+
+  def self.up
+    unless table_exists?(:capability_accessors)
+      create_table :capability_accessors do |t|
+        t.string :capability_accessor_record_type
+        t.integer :capability_accessor_record_id
+        t.integer :capability_id
+        t.timestamps
+      end
+
+      add_index :capability_accessors, :capability_id
+      add_index :capability_accessors, [:capability_accessor_record_id, :capability_accessor_record_type], :name => 'capability_accessor_record_index'
+    end
+
+    unless columns(:capabilities).collect {|c| c.name}.include?('scope_query')
+      add_column :capabilities, :description, :string
+      add_column :capabilities, :capability_resource_type, :string
+      add_column :capabilities, :capability_resource_id, :integer
+      add_column :capabilities, :scope_type_id, :integer
+      add_column :capabilities, :scope_query, :text
+
+      add_index :capabilities, :scope_type_id
+      add_index :capabilities, [:capability_resource_id, :capability_resource_type], :name => 'capability_resource_index'
+    end
+
+    unless table_exists?(:scope_types)
+      create_table :scope_types do |t|
+        t.string :description
+        t.string :internal_identifier
+        t.timestamps
+      end
+
+      add_index :scope_types, :internal_identifier
+    end
+
+    unless table_exists?(:parties_security_roles)
+      create_table :parties_security_roles, :id => false do |t|
+        t.integer :party_id
+        t.integer :security_role_id
+      end
+
+      add_index :parties_security_roles, :party_id
+      add_index :parties_security_roles, :security_role_id
+    end
+
+    rename_table :roles, :security_roles unless table_exists?(:security_roles)
+
+  end
+
+  def self.down
+  end
+end

data/spec/dummy/db/migrate/20130107153237_upgrade_security2.erp_tech_svcs.rb

@@ -0,0 +1,270 @@
+# This migration comes from erp_tech_svcs (originally 20121126173506)
+class UpgradeSecurity2 < ActiveRecord::Migration
+  def self.up
+    if table_exists?(:secured_models)
+      Website.all.each do |w|
+        old_role_iid = "website_#{w.name.underscore.gsub("'","").gsub(",","")}_access"
+
+        r = SecurityRole.find_by_internal_identifier(old_role_iid)
+        unless r.nil?
+          r.internal_identifier = w.website_role_iid
+          r.save      
+        end
+      end
+      instance = ScopeType.create(:description => 'Instance', :internal_identifier => 'instance')
+      class_scope_type = ScopeType.create(:description => 'Class', :internal_identifier => 'class')
+      ScopeType.create(:description => 'Query', :internal_identifier => 'query')
+
+      execute('BEGIN TRANSACTION') 
+      puts "populating parties_security_roles"
+      sql = 
+        "INSERT INTO parties_security_roles (
+          party_id,
+          security_role_id
+        )
+        SELECT
+          u.party_id AS party_id,
+          rsm.role_id AS security_role_id
+        FROM secured_models sm 
+        JOIN roles_secured_models rsm ON sm.id=rsm.secured_model_id
+        JOIN users u ON sm.secured_record_id=u.id
+        WHERE sm.secured_record_type='User'"
+        
+      execute(sql)
+      execute('COMMIT')
+
+      execute('BEGIN TRANSACTION') 
+      puts "populating capabilities with secure File Assets"
+      sql = 
+        "INSERT INTO capabilities (
+          capability_type_id,
+          capability_resource_type,
+          capability_resource_id,
+          scope_type_id
+        )
+        SELECT
+          c.capability_type_id AS capability_type_id,
+          'FileAsset' AS capability_resource_type,
+          cm.capable_model_record_id AS capability_resource_id,
+          #{instance.id} AS scope_type_id
+        FROM capable_models AS cm
+        JOIN capabilities_capable_models AS ccm ON ccm.capable_model_id = cm.id
+        JOIN capabilities AS c ON ccm.capability_id = c.id
+        JOIN secured_models AS sm ON sm.secured_record_id = c.id AND sm.secured_record_type = 'Capability'
+        JOIN roles_secured_models AS rsm ON rsm.secured_model_id = sm.id
+        JOIN security_roles AS r ON r.id = rsm.role_id
+        WHERE cm.capable_model_record_type = 'FileAsset'"
+        
+      execute(sql)
+      execute('COMMIT')
+
+      view = CapabilityType.find_by_internal_identifier('view')
+
+      execute('BEGIN TRANSACTION') 
+      puts "populating capabilities with secure Website Sections"
+      sql = 
+        "INSERT INTO capabilities (
+          capability_type_id,
+          capability_resource_type,
+          capability_resource_id,
+          scope_type_id
+        )
+        SELECT
+          #{view.id} AS capability_type_id,
+          'WebsiteSection' AS capability_resource_type,
+          ws.id AS capability_resource_id,
+          #{instance.id} AS scope_type_id
+        FROM secured_models sm 
+        JOIN roles_secured_models rsm ON sm.id=rsm.secured_model_id
+        JOIN website_sections ws ON sm.secured_record_id=ws.id
+        WHERE sm.secured_record_type='WebsiteSection'"
+        
+      execute(sql)
+      execute('COMMIT')
+
+      execute('BEGIN TRANSACTION') 
+      puts "populating capabilities with secure Website Nav Items"
+      sql = 
+        "INSERT INTO capabilities (
+          capability_type_id,
+          capability_resource_type,
+          capability_resource_id,
+          scope_type_id
+        )
+        SELECT
+          #{view.id} AS capability_type_id,
+          'WebsiteNavItem' AS capability_resource_type,
+          ws.id AS capability_resource_id,
+          #{instance.id} AS scope_type_id
+        FROM secured_models sm 
+        JOIN roles_secured_models rsm ON sm.id=rsm.secured_model_id
+        JOIN website_sections ws ON sm.secured_record_id=ws.id
+        WHERE sm.secured_record_type='WebsiteNavItem'"
+        
+      execute(sql)
+      execute('COMMIT')
+
+      # delete obsolete records: Application, Widget, dupes?
+      Capability.where("capability_resource_type IS NULL").delete_all
+
+      admin = SecurityRole.find_by_internal_identifier('admin')
+      website_author = SecurityRole.find_by_internal_identifier('website_author')
+      layout_author = SecurityRole.find_by_internal_identifier('layout_author')
+      content_author = SecurityRole.find_by_internal_identifier('content_author')
+      designer = SecurityRole.find_by_internal_identifier('designer')
+      publisher = SecurityRole.find_by_internal_identifier('publisher')
+
+      # add instance capabilities to roles
+      instance_capabilities = Capability.where(:scope_type_id => instance.id).all
+      instance_capabilities.each do |c|
+        case c.capability_resource_type
+        when 'FileAsset'
+          admin.add_capability(c)
+          website_author.add_capability(c)
+          content_author.add_capability(c)
+          if c.capability_resource.file_asset_holder_type == 'Website'
+            website_role = c.capability_resource.file_asset_holder.role
+            website_role.add_capability(c)
+          end
+        when 'WebsiteSection'
+          admin.add_capability(c)
+          website_author.add_capability(c)
+          website_role = c.capability_resource.website.role
+          website_role.add_capability(c)
+        when 'WebsiteNavItem'
+          admin.add_capability(c)
+          website_author.add_capability(c)
+          website_role = c.capability_resource.website_nav.website.role
+          website_role.add_capability(c)
+        end
+      end
+
+      # add knitkit class capabilities to roles
+      admin.add_capability('create', 'WebsiteNav')
+      admin.add_capability('delete', 'WebsiteNav')
+      admin.add_capability('edit', 'WebsiteNav')
+
+      website_author.add_capability('create', 'WebsiteNav')
+      website_author.add_capability('delete', 'WebsiteNav')
+      website_author.add_capability('edit', 'WebsiteNav')
+
+      admin.add_capability('create', 'Website')
+      admin.add_capability('delete', 'Website')
+      admin.add_capability('edit', 'Website')
+      admin.add_capability('import', 'Website')
+      admin.add_capability('publish', 'Website')
+      admin.add_capability('activate', 'Website')
+
+      website_author.add_capability('create', 'Website')
+      website_author.add_capability('delete', 'Website')
+      website_author.add_capability('edit', 'Website')
+      website_author.add_capability('import', 'Website')
+      publisher.add_capability('publish', 'Website')
+      publisher.add_capability('activate', 'Website')
+
+      admin.add_capability('create', 'WebsiteHost')
+      admin.add_capability('delete', 'WebsiteHost')
+      admin.add_capability('edit', 'WebsiteHost')
+
+      website_author.add_capability('create', 'WebsiteHost')
+      website_author.add_capability('delete', 'WebsiteHost')
+      website_author.add_capability('edit', 'WebsiteHost')
+
+      admin.add_capability('create', 'WebsiteSection')
+      admin.add_capability('delete', 'WebsiteSection')
+      admin.add_capability('edit', 'WebsiteSection')
+      admin.add_capability('secure', 'WebsiteSection')
+      admin.add_capability('unsecure', 'WebsiteSection')
+
+      website_author.add_capability('create', 'WebsiteSection')
+      website_author.add_capability('delete', 'WebsiteSection')
+      website_author.add_capability('edit', 'WebsiteSection')
+      website_author.add_capability('secure', 'WebsiteSection')
+      website_author.add_capability('unsecure', 'WebsiteSection')
+
+      admin.add_capability('create', 'WebsiteSectionLayout')
+      admin.add_capability('edit', 'WebsiteSectionLayout')
+
+      layout_author.add_capability('create', 'WebsiteSectionLayout')
+      layout_author.add_capability('edit', 'WebsiteSectionLayout')
+
+      admin.add_capability('create', 'Content')
+      admin.add_capability('delete', 'Content')
+      admin.add_capability('edit', 'Content')
+      admin.add_capability('publish', 'Content')
+      admin.add_capability('revert_version', 'Content')
+      admin.add_capability('add_existing', 'Content')
+      admin.add_capability('edit_html', 'Content')
+      admin.add_capability('edit_excerpt', 'Content')
+
+      content_author.add_capability('create', 'Content')
+      content_author.add_capability('delete', 'Content')
+      content_author.add_capability('edit', 'Content')
+      content_author.add_capability('publish', 'Content')
+      content_author.add_capability('revert_version', 'Content')
+      content_author.add_capability('add_existing', 'Content')
+      content_author.add_capability('edit_html', 'Content')
+      content_author.add_capability('edit_excerpt', 'Content')
+
+      admin.add_capability('create', 'WebsiteNavItem')
+      admin.add_capability('delete', 'WebsiteNavItem')
+      admin.add_capability('edit', 'WebsiteNavItem')
+      admin.add_capability('secure', 'WebsiteNavItem')
+      admin.add_capability('unsecure', 'WebsiteNavItem')
+
+      website_author.add_capability('create', 'WebsiteNavItem')
+      website_author.add_capability('delete', 'WebsiteNavItem')
+      website_author.add_capability('edit', 'WebsiteNavItem')
+      website_author.add_capability('secure', 'WebsiteNavItem')
+      website_author.add_capability('unsecure', 'WebsiteNavItem')
+
+      admin.add_capability('view', 'Theme')
+      designer.add_capability('view', 'Theme')
+
+      admin.add_capability('view', 'SiteImageAsset')
+      website_author.add_capability('view', 'SiteImageAsset')
+      content_author.add_capability('view', 'SiteImageAsset')
+
+      content_author.add_capability('view', 'GlobalImageAsset')
+
+      admin.add_capability('view', 'GlobalImageAsset')
+      admin.add_capability('upload', 'GlobalImageAsset')
+      admin.add_capability('delete', 'GlobalImageAsset')
+
+      website_author.add_capability('view', 'GlobalImageAsset')
+      website_author.add_capability('upload', 'GlobalImageAsset')
+      website_author.add_capability('delete', 'GlobalImageAsset')
+
+      admin.add_capability('view', 'SiteFileAsset')
+      website_author.add_capability('view', 'SiteFileAsset')
+      content_author.add_capability('view', 'SiteFileAsset')
+
+      content_author.add_capability('view', 'GlobalFileAsset')
+
+      admin.add_capability('view', 'GlobalFileAsset')
+      admin.add_capability('upload', 'GlobalFileAsset')
+      admin.add_capability('delete', 'GlobalFileAsset')
+
+      website_author.add_capability('view', 'GlobalFileAsset')
+      website_author.add_capability('upload', 'GlobalFileAsset')
+      website_author.add_capability('delete', 'GlobalFileAsset')
+
+      admin.add_capability('drag_item', 'WebsiteTree')
+      website_author.add_capability('drag_item', 'WebsiteTree')
+
+      # update capability descriptions
+      Capability.all.each do |c|
+        c.update_description
+      end
+
+      drop_table :capable_models
+      drop_table :capabilities_capable_models
+      drop_table :secured_models
+      drop_table :roles_secured_models
+      remove_column :capabilities, :resource
+    end
+  end
+
+  def self.down
+  end
+end