lockdown 0.3.1 → 0.3.2

data/History.txt

@@ -1,3 +1,6 @@
+== 0.3.2 2008-04-29
+* Management screens looking good.  Now moving on to testing with starter application.
+
 == 0.3.1 2008-04-29
 * Some initital testing done.  
 

data/lib/lockdown/system.rb

@@ -65,7 +65,18 @@ module Lockdown
 			#
 			def create_user_group(str_sym)
 				return unless @options[:use_db_models]
-				UserGroup.create(:name => string_name(str_sym))
+				ug = UserGroup.create(:name => string_name(str_sym))
+				#
+				# No need to create permissions records for administrators
+				#
+				ug_sym = symbol_name(ug.name)
+				return if ug_sym == administrator_group_symbol
+
+				if self.has_user_group?(ug)
+					@user_groups[ug_sym].collect do |perm|
+						Permission.create(:name => string_name(perm))
+					end
+				end
 			end
 
 			def create_administrator_user_group
@@ -73,6 +84,17 @@ module Lockdown
 				Lockdown::System.create_user_group administrator_group_symbol
   		end
 
+			#
+			# Determine if the user group is defined in init.rb
+			#
+			def has_user_group?(ug)
+				return true if symbol_name(ug.name) == administrator_group_symbol
+				@user_groups.each do |key,value|
+					return true if key == symbol_name(ug.name)
+				end
+				return false
+			end
+
 			#
 			# Delete a user group record from the database
 			#
@@ -124,6 +146,21 @@ module Lockdown
 				end
 			end
 
+			#
+			# Similar to user_groups_assignable_for_user, this method should be
+      # used to restrict users from creating a user group with more power than
+      # they have been allowed.
+			#
+			def permissions_assignable_for_user(usr)
+				return [] if usr.nil?
+				if administrator?(usr)
+					@permissions.keys.collect{|k| Permission.find_by_name(string_name(k)) }.compact
+				else
+					groups = user_groups_assignable_for_user(usr)
+					groups.collect{|g| g.permissions}.flatten.compact
+				end
+			end
+
 			def make_user_administrator(usr)
 				usr.user_groups << UserGroup.find_or_create_by_name(administrator_group_string)
 			end

data/lib/lockdown/version.rb

@@ -2,7 +2,7 @@ module Lockdown #:nodoc:
   module VERSION #:nodoc:
     MAJOR = 0
     MINOR = 3
-    TINY  = 1
+    TINY  = 2
 
     STRING = [MAJOR, MINOR, TINY].join('.')
   end

data/rails_generators/lockdown_all/lockdown_all_generator.rb

@@ -41,22 +41,6 @@ class LockdownAllGenerator < Rails::Generator::Base
 
 
 
-      #Migrations
-      m.migration_template "db/migrate/create_profiles.rb", "db/migrate", 
-														:migration_file_name => "create_profiles"
-
-      m.migration_template "db/migrate/create_users.rb", "db/migrate", 
-														:migration_file_name => "create_users"
-
-      m.migration_template "db/migrate/create_user_groups.rb", "db/migrate", 
-														:migration_file_name => "create_user_groups"
-
-      m.migration_template "db/migrate/create_permissions.rb", "db/migrate", 
-														:migration_file_name => "create_permissions"
-
-      m.migration_template "db/migrate/create_admin_user_and_user_group.rb", 
-														"db/migrate", 
-														:migration_file_name => "create_admin_user_and_user_group"
 
       #Route file (i like having them on individual lines)
       m.route_resources "permissions"
@@ -93,6 +77,47 @@ class LockdownAllGenerator < Rails::Generator::Base
 
       m.file "app/views/sessions/new.html.erb",
 							"app/views/sessions/new.html.erb"
+
+      #Migrations
+			begin
+				m.migration_template "db/migrate/create_profiles.rb", "db/migrate", 
+															:migration_file_name => "create_profiles"
+			rescue 
+				puts "Profiles migration exists"
+			end
+
+			begin
+      m.migration_template "db/migrate/create_users.rb", "db/migrate", 
+														:migration_file_name => "create_users"
+
+			rescue
+				puts "Users migration exists"
+			end
+
+			begin
+      m.migration_template "db/migrate/create_user_groups.rb", "db/migrate", 
+														:migration_file_name => "create_user_groups"
+
+			rescue 
+				puts "User Groups migration exists"
+			end
+
+			begin
+      m.migration_template "db/migrate/create_permissions.rb", "db/migrate", 
+														:migration_file_name => "create_permissions"
+
+			rescue
+				puts "Permissions migration exists"
+			end
+
+			begin
+      m.migration_template "db/migrate/create_admin_user_and_user_group.rb", 
+														"db/migrate", 
+														:migration_file_name => "create_admin_user_and_user_group"
+
+			rescue
+				puts "Admin User Group... migration exists"
+			end
     end
   end
 

data/rails_generators/lockdown_all/templates/app/controllers/user_groups_controller.rb

@@ -1,6 +1,5 @@
 class UserGroupsController < ApplicationController
 	before_filter :find_user_group, :only => [:show, :edit, :update, :destroy]
-	before_filter :protect_private, :only => [:edit, :update]
 	after_filter :update_permissions, :only => [:create, :update]
 
   # GET /user_groups
@@ -27,7 +26,7 @@ class UserGroupsController < ApplicationController
   # GET /user_groups/new.xml
   def new
     @user_group = UserGroup.new
-		@all_permissions = Lockdown::System.get_permissions
+		@all_permissions = Lockdown::System.permissions_assignable_for_user(current_user)
 
     respond_to do |format|
       format.html # new.html.erb
@@ -37,7 +36,7 @@ class UserGroupsController < ApplicationController
 
   # GET /user_groups/1/edit
   def edit
-		@all_permissions = Lockdown::System.get_permissions
+		@all_permissions = Lockdown::System.permissions_assignable_for_user(current_user)
   end
 
   # POST /user_groups
@@ -51,6 +50,7 @@ class UserGroupsController < ApplicationController
         format.html { redirect_to(@user_group) }
         format.xml  { render :xml => @user_group, :status => :created, :location => @user_group }
       else
+				@all_permissions = Lockdown::System.permissions_assignable_for_user(current_user)
         format.html { render :action => "new" }
         format.xml  { render :xml => @user_group.errors, :status => :unprocessable_entity }
       end
@@ -89,10 +89,6 @@ class UserGroupsController < ApplicationController
     @user_group = UserGroup.find(params[:id])
   end
 
-	def protect_private
-		@user_group.protect_private
-  end
-
 	def update_permissions
 		new_perm_ids = params.collect{|p| p[0].split("_")[1].to_i if p[0] =~ /^perm_/}.compact
 		#

data/rails_generators/lockdown_all/templates/app/controllers/users_controller.rb

@@ -48,6 +48,7 @@ class UsersController < ApplicationController
 			flash[:notice] = "Thanks for signing up!"
 			redirect_to(users_path)
 		else
+			@user_groups_for_user = Lockdown::System.user_groups_assignable_for_user(current_user)
 			flash[:error] = "Please correct the following issues"
 			render :action => "new" 
     end

data/rails_generators/lockdown_all/templates/app/views/user_groups/index.html.erb

@@ -9,8 +9,8 @@
   <tr>
     <td><%=h user_group.name %></td>
     <td><%= link_to 'Show', user_group %></td>
-    <td><%= link_to('Edit', edit_user_group_path(user_group)) unless user_group.private_record? %></td>
-    <td><%= link_to('Destroy', user_group, :confirm => 'Are you sure?', :method => :delete) unless user_group.system_assigned? %></td>
+    <td><%= link_to('Edit', edit_user_group_path(user_group)) unless Lockdown::System.has_user_group?(user_group) %></td>
+    <td><%= link_to('Destroy', user_group, :confirm => 'Are you sure?', :method => :delete) unless Lockdown::System.has_user_group?(user_group) %></td>
   </tr>
 <% end %>
 </table>

data/rails_generators/lockdown_all/templates/app/views/user_groups/show.html.erb

@@ -1,6 +1,6 @@
 <%= render :partial => "data",  :locals => {:f => nil} %>
 
-<% unless @user_group.system_assigned? %>
+<% unless Lockdown::System.has_user_group?(@user_group) %>
   <%= link_to 'Edit', edit_user_group_path(@user_group) %> |
 <% end %>
 <%= link_to 'Back', user_groups_path %>

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification 
 name: lockdown
 version: !ruby/object:Gem::Version 
-  version: 0.3.1
+  version: 0.3.2
 platform: ruby
 authors: 
 - Andrew Stone