lockdown 0.1.0

data/History.txt

@@ -0,0 +1,4 @@
+== 0.0.1 2008-04-18
+
+* 1 major enhancement:
+  * Initial release

data/License.txt

@@ -0,0 +1,20 @@
+Copyright (c) 2008 FIXME full name
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/Manifest.txt

@@ -0,0 +1,39 @@
+History.txt
+License.txt
+Manifest.txt
+PostInstall.txt
+README
+README.txt
+Rakefile
+app_generators/lockdown/USAGE
+app_generators/lockdown/lockdown_generator.rb
+app_generators/lockdown/lockdown_generator.rb.orig
+app_generators/lockdown/templates/access.rb
+app_generators/lockdown/templates/session.rb
+bin/lockdown
+config/hoe.rb
+config/requirements.rb
+lib/lockdown.rb
+lib/lockdown/controller.rb
+lib/lockdown/controller_inspector.rb
+lib/lockdown/helper.rb
+lib/lockdown/model.rb
+lib/lockdown/version.rb
+lib/lockdown/view.rb
+script/console
+script/destroy
+script/generate
+script/txt2html
+setup.rb
+tasks/deployment.rake
+tasks/environment.rake
+tasks/website.rake
+test/test_generator_helper.rb
+test/test_helper.rb
+test/test_lockdown.rb
+test/test_lockdown_generator.rb
+website/index.html
+website/index.txt
+website/javascripts/rounded_corners_lite.inc.js
+website/stylesheets/screen.css
+website/template.html.erb

data/PostInstall.txt

@@ -0,0 +1,3 @@
+
+For more information on lockdown, see http://lockdown.rubyforge.org
+

data/README.txt

@@ -0,0 +1,60 @@
+= lockdown
+
+http://lockdown.rubyforge.org
+
+== DESCRIPTION:
+
+Lockdown is a authentication/authorization system for RubyOnRails and Merb. 
+
+For more information please visit the rubyforge site.
+
+== REQUIREMENTS:
+
+Lockdown currently supports:
+
+Frameworks: RubyOnRails or Merb
+
+ORMs: ActiveRecord or DataMapper
+
+== INSTALL:
+
+# Install the gem
+
+sudo gem install lockdown
+
+# Go to your application root directory
+
+cd <your application>
+
+# Install lockdown to your application
+
+lockdown .
+
+# Modify lib/lockdown/access.rb to grant access to your application
+
+# Modify lib/lockdown/session.rb to add/remove session information
+
+== LICENSE:
+
+(The MIT License)
+
+Copyright (c) 2008 Andrew Stone
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+'Software'), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
+CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
+TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
+SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/Rakefile

@@ -0,0 +1,4 @@
+require 'config/requirements'
+require 'config/hoe' # setup Hoe + all gem configuration
+
+Dir['tasks/**/*.rake'].each { |rake| load rake }

data/app_generators/lockdown/USAGE

@@ -0,0 +1,5 @@
+Description:
+  
+  
+Usage:
+  

data/app_generators/lockdown/lockdown_generator.rb

@@ -0,0 +1,25 @@
+class LockdownGenerator < RubiGen::Base
+  
+  DEFAULT_SHEBANG = File.join(Config::CONFIG['bindir'],
+                              Config::CONFIG['ruby_install_name'])
+  
+  default_options :author => "Andrew Stone"
+  
+  attr_reader :name, :framework
+  
+  def initialize(runtime_args, runtime_options = {})
+    super
+    usage if args.empty?
+    @destination_root = File.expand_path(args.shift)
+    @name = base_name
+    @framework = runtime_options[:framework]
+  end
+
+  def manifest
+    record do |m|
+      m.directory "lib/lockdown"
+      m.template "session.rb", "lib/lockdown/session.rb"
+      m.file "access.rb", "lib/lockdown/access.rb"
+    end
+  end
+end

data/app_generators/lockdown/lockdown_generator.rb.orig

@@ -0,0 +1,69 @@
+class LockdownGenerator < RubiGen::Base
+  
+  DEFAULT_SHEBANG = File.join(Config::CONFIG['bindir'],
+                              Config::CONFIG['ruby_install_name'])
+  
+  default_options :author => nil
+  
+  attr_reader :name
+  
+  def initialize(runtime_args, runtime_options = {})
+    super
+    usage if args.empty?
+    @destination_root = File.expand_path(args.shift)
+    @name = base_name
+    extract_options
+  end
+
+  def manifest
+    record do |m|
+      # Ensure appropriate folder(s) exists
+      m.directory ''
+      BASEDIRS.each { |path| m.directory path }
+
+      # Create stubs
+      # m.template "template.rb",  "some_file_after_erb.rb"
+      # m.file     "file",         "some_file_copied"
+      
+      m.dependency "install_rubigen_scripts", [destination_root, 'lockdown'], 
+        :shebang => options[:shebang], :collision => :force
+    end
+  end
+
+  protected
+    def banner
+      <<-EOS
+Creates a ...
+
+USAGE: #{spec.name} name
+EOS
+    end
+
+    def add_options!(opts)
+      opts.separator ''
+      opts.separator 'Options:'
+      # For each option below, place the default
+      # at the top of the file next to "default_options"
+      # opts.on("-a", "--author=\"Your Name\"", String,
+      #         "Some comment about this option",
+      #         "Default: none") { |options[:author]| }
+      opts.on("-v", "--version", "Show the #{File.basename($0)} version number and quit.")
+    end
+    
+    def extract_options
+      # for each option, extract it into a local variable (and create an "attr_reader :author" at the top)
+      # Templates can access these value via the attr_reader-generated methods, but not the
+      # raw instance variable value.
+      # @author = options[:author]
+    end
+
+    # Installation skeleton.  Intermediate directories are automatically
+    # created so don't sweat their absence here.
+    BASEDIRS = %w(
+      lib
+      log
+      script
+      test
+      tmp
+    )
+end

data/app_generators/lockdown/templates/access.rb

@@ -0,0 +1,108 @@
+require "lockdown"
+
+module Lockdown
+  #
+  #
+  # Permissions are used to group access rights into logical components.
+  # Each method defined in the Permissions module represents an array
+  # of methods from a controller (or multiple controllers.)
+  # 
+  # Controller methods available are: 
+  #
+  #   # Returns all methods from all controllers
+  #   all_controllers
+  #  
+  #   # Returns all methods from all controllers listed
+  #   all_methods :controller1, controller2, ...
+  #  
+  #   # For a single controller, returns only methods listed
+  #   only_methods :controller1, :method1, :method2, ...
+  #  
+  #   # For a single controller, returns all methods except the methods listed
+  #   all_except_methods :controller1, :method1, :method2, ...
+  #
+  #   They all return an array of controller/action.  For example, if you had a
+  #   standard REST controller called products this would be the result:
+  #
+  #
+  #     all_methods :products  => [ "products/index , "products/show",
+  #                                 "products/new", "products/edit",
+  #                                 "products/create", "products/update",
+  #                                 "products/destroy"]
+  #
+  module Permissions
+    class << self      
+            
+      def sessions_management
+       # all_methods :sessions
+      end
+      
+    end # end class block
+  end # end Permissions module
+  
+  #
+  # UserGroups are used to group Permissions together to define role type
+  # functionality. Users may belong to multiple groups.
+  # 
+  module UserGroups
+    class << self
+      #
+      # This method defines which UserGroups cannot be managed
+      # via the management screens. 
+      # 
+      # Users can still be assigned to these groups.
+      #
+      def private_records
+        [:administrators]
+      end
+      #
+      # This method defines which UserGroups have limited access
+      # via the management screens. Deletion is not allowed.
+      # 
+      # Users can still be assigned to these groups.
+      #
+      def protected_records
+        [:public_access, :registered_users]
+      end
+      
+      # ** The administrator method is "special", please don't rename.
+      #     If you remove/rename, etc... YOU WILL BREAK STUFF
+      #
+      # Standard administrator user group.
+      # Please don't alter without careful consideration.
+      #
+      def administrators
+        [:all]
+      end
+      
+      # ** The public_access method is "special", please don't rename.
+      #     If you remove/rename, etc... YOU WILL BREAK STUFF
+      #
+      # Standard public_access user group.  
+      #
+      # Feel free to add Permissions to the array without issue.
+      #
+      # **Notice:  All permissions added to this public_access group will not be
+      #             restricted to logged in users.
+      #             So be careful what you add here!
+      #
+      def public_access
+        [:sessions_management] 
+      end
+      
+      # ** The registered_users method is "special", please don't rename.
+      #     Not as special as the others, but still...
+      #
+      # All newly created users are assigned to this User Group by default
+      #
+      def registered_users
+        #[:my_account]
+      end
+
+      #
+      # Define your own user groups below
+      #
+      
+    end # end class block
+  end # end UserGroups module
+end # end Lockdown module

data/app_generators/lockdown/templates/session.rb

@@ -0,0 +1,72 @@
+module Lockdown
+  # 1 hour
+  SESSION_TIMEOUT = 60 * 60
+  
+  #
+  # The Lockdown gem defines additional Session methods:
+  #
+  #  current_user_is_admin?: returns true if user is assigned 
+  #  administrator rights.
+  #
+  #  nil_lockdown_values:  This will nil all session values starting with 
+  #  user_ or access_ or expiry
+  #
+  #  current_user_access_in_group?(grp):  grp is a symbol referencing a 
+  #  Lockdown::UserGroups method such as :registered_users
+  #  Will return true if the session[:access_rights] contain at 
+  #  least one match to the access_right list associated to the group
+  #
+  module Session
+    protected
+
+    def set_session_user(user)
+      if user.nil?
+        nil_lockdown_values
+        return
+      end
+      session[:user_id] = user.id
+      session[:user_name] =  user.full_name
+      session[:user_profile_id] = user.profile.id
+
+      #
+      # If you remove this method, you will not gain access to any 
+      # protected resources
+      #
+      add_lockdown_session_values(user)
+    end
+      
+    def logged_in?
+      current_user_id > 0
+    end
+
+    def current_user_id
+      return session[:user_id] || -1
+    end
+
+    def current_user_name
+      session[:user_name]
+    end
+      
+    def current_profile_id
+      return session[:user_profile_id] || -1
+    end
+
+    def current_user
+      return User.find(current_user_id, :include => [:profile, :user_groups])
+    end
+  
+  end # Session module
+end # Lockdown module
+
+<% if framework == "merb" -%>
+Merb::Controller.send :include, Lockdown::Session
+<% else %>
+ActionController::Base.send :include, Lockdown::Session
+ActionController::Base.send :helper_method, :logged_in?, 
+                                           :current_user,
+                                           :current_user_name, 
+                                           :current_user_id, 
+                                           :current_profile_id,
+                                           :current_user_is_admin?,
+                                           :current_user_access_in_group?
+<% end -%>

data/bin/lockdown

@@ -0,0 +1,140 @@
+#!/usr/bin/env ruby
+
+require "rubygems"
+require "rubigen"
+require "rubigen/scripts/generate"
+require 'optparse'
+
+#require File.join(File.dirname(__FILE__), "..", "lib", "lockdown_generator")
+
+#
+#  Created on 2008-4-21.
+#  Copyright (c) 2008. All rights reserved.
+
+  MERB_CONFIG = 'config/init.rb'
+  RAILS_CONFIG = 'config/environment.rb'
+
+  if File.exists?(MERB_CONFIG)
+    @framework = "merb"
+  elsif File.exists?(RAILS_CONFIG)
+    @framework = "rails"
+  else
+    raise NotImplementedError, "Configuration file not found.  Looking for init.rb (Merb) or environment.rb (Rails)"
+  end
+
+  def merb_app?
+    @framework == "merb"
+  end
+
+  def rails_app?
+    @framework == "rails"
+  end
+
+  #
+  # Right now we only have the two and we raise an exception
+  # if we don't know prior to getting here..
+  #
+  def config_file
+    if merb_app?
+      MERB_CONFIG
+    else
+      RAILS_CONFIG
+    end
+  end
+
+  begin
+    require 'rubygems'
+  rescue LoadError
+    # no rubygems to load, so we fail silently
+  end
+
+
+  OPTIONS = {
+    :path     => File.expand_path('.')
+  }
+
+  parser = OptionParser.new do |opts|
+    opts.banner = <<-BANNER
+    Lockdown will add access.rb and session.rb to the lib/lockdown directory and require them in #{config_file}.
+
+    Usage: #{File.basename($0)} [options]
+
+    Options are:
+    BANNER
+
+    opts.separator ""
+    opts.on("-p", "--path=PATH", String,
+              "The root path for selecting files",
+              "Default: [current directory]") { |OPTIONS[:path]| }
+    opts.on("-h", "--help",
+              "Show this help message.") { puts opts; exit }
+    opts.parse!(ARGV)
+  end 
+
+  #
+  # Load up the config file contents
+  #
+  @configuration = File.open config_file do |f|
+    f.map {|line| line.chomp}
+  end
+
+  def configuration_file_has?(req)
+    @configuration.include?(req)
+  end
+
+puts <<-MSG
+\n------------------------------------------------------------
+Installing Lockdown
+MSG
+
+begin
+  source = RubiGen::PathSource.new(:application,
+                                   File.join(File.dirname(__FILE__), "../app_generators"))
+  RubiGen::Base.reset_sources
+  RubiGen::Base.append_sources source
+  RubiGen::Scripts::Generate.new.run(ARGV, :generator => 'lockdown', :framework => @framework)
+
+  File.open(config_file, "a") do |f|
+    require_access =  %Q(require "lockdown/access")
+    require_session = %Q(require "lockdown/session")
+
+    f << %Q(\n#{require_access}\n) unless configuration_file_has?(require_access)
+
+    f << %Q(#{require_session}\n\n) unless configuration_file_has?(require_session)
+  end
+rescue Exception => e
+  puts e.backtrace.join("\n")
+  raise e
+end
+
+puts <<-MSG
+------------------------------------------------------------\n
+MSG
+
+puts <<-MSG
+\n------------------------------------------------------------
+Modified #{config_file} by adding:
+    require "lockdown/access"
+    require "lockdown/session"
+------------------------------------------------------------\n
+MSG
+
+puts <<-MSG
+\n------------------------------------------------------------
+You are now locked down.  To open up access to your application 
+please modify lib/lockdown/access.rb.  This is where you'll 
+add permissions and create user groups.
+
+To modify the contents of your session and to add access 
+methods, modify lib/lockdown/session.rb.
+
+If you want to know more, please visit:
+
+http://lockdown.rubyforge.org
+
+If you have any suggestions, comments or issues 
+please visit the Lockdown Google group:
+
+http://groups.google.com/group/stonean_lockdown?hl=en
+------------------------------------------------------------\n
+MSG

data/config/hoe.rb

@@ -0,0 +1,73 @@
+require 'lockdown/version'
+
+AUTHOR = 'FIXME full name'  # can also be an array of Authors
+EMAIL = "FIXME email"
+DESCRIPTION = "description of gem"
+GEM_NAME = 'lockdown' # what ppl will type to install your gem
+RUBYFORGE_PROJECT = 'lockdown' # The unix name for your project
+HOMEPATH = "http://#{RUBYFORGE_PROJECT}.rubyforge.org"
+DOWNLOAD_PATH = "http://rubyforge.org/projects/#{RUBYFORGE_PROJECT}"
+EXTRA_DEPENDENCIES = [
+#  ['activesupport', '>= 1.3.1']
+]    # An array of rubygem dependencies [name, version]
+
+@config_file = "~/.rubyforge/user-config.yml"
+@config = nil
+RUBYFORGE_USERNAME = "unknown"
+def rubyforge_username
+  unless @config
+    begin
+      @config = YAML.load(File.read(File.expand_path(@config_file)))
+    rescue
+      puts <<-EOS
+ERROR: No rubyforge config file found: #{@config_file}
+Run 'rubyforge setup' to prepare your env for access to Rubyforge
+ - See http://newgem.rubyforge.org/rubyforge.html for more details
+      EOS
+      exit
+    end
+  end
+  RUBYFORGE_USERNAME.replace @config["username"]
+end
+
+
+REV = nil
+# UNCOMMENT IF REQUIRED:
+# REV = YAML.load(`svn info`)['Revision']
+VERS = Lockdown::VERSION::STRING + (REV ? ".#{REV}" : "")
+RDOC_OPTS = ['--quiet', '--title', 'lockdown documentation',
+    "--opname", "index.html",
+    "--line-numbers",
+    "--main", "README",
+    "--inline-source"]
+
+class Hoe
+  def extra_deps
+    @extra_deps.reject! { |x| Array(x).first == 'hoe' }
+    @extra_deps
+  end
+end
+
+# Generate all the Rake tasks
+# Run 'rake -T' to see list of generated tasks (from gem root directory)
+$hoe = Hoe.new(GEM_NAME, VERS) do |p|
+  p.developer(AUTHOR, EMAIL)
+  p.description = DESCRIPTION
+  p.summary = DESCRIPTION
+  p.url = HOMEPATH
+  p.rubyforge_name = RUBYFORGE_PROJECT if RUBYFORGE_PROJECT
+  p.test_globs = ["test/**/test_*.rb"]
+  p.clean_globs |= ['**/.*.sw?', '*.gem', '.config', '**/.DS_Store']  #An array of file patterns to delete on clean.
+
+  # == Optional
+  p.changes = p.paragraphs_of("History.txt", 0..1).join("\n\n")
+  #p.extra_deps = EXTRA_DEPENDENCIES
+
+    #p.spec_extras = {}    # A hash of extra values to set in the gemspec.
+  end
+
+CHANGES = $hoe.paragraphs_of('History.txt', 0..1).join("\\n\\n")
+PATH    = (RUBYFORGE_PROJECT == GEM_NAME) ? RUBYFORGE_PROJECT : "#{RUBYFORGE_PROJECT}/#{GEM_NAME}"
+$hoe.remote_rdoc_dir = File.join(PATH.gsub(/^#{RUBYFORGE_PROJECT}\/?/,''), 'rdoc')
+$hoe.rsync_args = '-av --delete --ignore-errors'
+$hoe.spec.post_install_message = File.open(File.dirname(__FILE__) + "/../PostInstall.txt").read rescue ""

data/config/requirements.rb

@@ -0,0 +1,15 @@
+require 'fileutils'
+include FileUtils
+
+require 'rubygems'
+%w[rake hoe newgem rubigen].each do |req_gem|
+  begin
+    require req_gem
+  rescue LoadError
+    puts "This Rakefile requires the '#{req_gem}' RubyGem."
+    puts "Installation: gem install #{req_gem} -y"
+    exit
+  end
+end
+
+$:.unshift(File.join(File.dirname(__FILE__), %w[.. lib]))