lockdown 0.4.0 → 0.4.1

data/History.txt

@@ -1,3 +1,6 @@
+== 0.4.1 2008-05-06
+* Just some minor tabs-to-spaces formatting and removed unnecessary helper included into the user model.
+
 == 0.4.0 2008-05-04
 * Added: Automatically sync definitions in init.rb with database to remove migrations requirement 
 * Added: Improved notification if invalid user group or permission is referenced in init.rb

data/lib/lockdown/controller.rb

@@ -7,7 +7,7 @@ module Lockdown
       def self.included(base)
         base.send :include, Lockdown::Controller::Core::InstanceMethods
       end
-
+      
       module InstanceMethods
         def configure_lock_down
           check_session_expiry
@@ -209,8 +209,6 @@ module Lockdown
         
       end # InstanceMethods
     end # Rails
-
-    
   end # Controller
 end # Lockdown
 

data/lib/lockdown/controller_inspector.rb

@@ -64,7 +64,7 @@ module Lockdown
         end
         methods.collect{|meth| ctr_path(str) + "/" + meth.to_s }
       end
-    
+      
       def ctr_path(str)
         str.gsub("__","\/")
       end

data/lib/lockdown/helper.rb

@@ -48,7 +48,7 @@ module Lockdown
 		def administrator_group_symbol
 			:administrators
     end
-
+    
     private
 
     def titleize(str)

data/lib/lockdown/model.rb

@@ -18,7 +18,6 @@ module Lockdown
         Thread.current[:profile_id]
       end
 
-
       def create_with_stamps
         profile_id = current_profile_id || Profile::SYSTEM
         self[:created_by] = profile_id if self.respond_to?(:created_by) 

data/lib/lockdown/system.rb

@@ -1,10 +1,10 @@
 module Lockdown
   class System
     class << self
-			include Lockdown::ControllerInspector
+      include Lockdown::ControllerInspector
 
       attr_accessor :options #:nodoc:
-
+      
       attr_accessor :permissions #:nodoc:
       attr_accessor :user_groups #:nodoc:
 
@@ -20,7 +20,7 @@ module Lockdown
       attr_accessor :controller_classes #:nodoc:
 
       def configure(&block)
-				set_defaults
+        set_defaults
         instance_eval(&block)
         if options[:use_db_models] && options[:sync_init_rb_with_db]
           sync_with_db
@@ -30,7 +30,7 @@ module Lockdown
       def [](key)
         (@options||={})[key]
       end
-
+      
 			def []=(key,val)
         @options[key] = val
       end
@@ -39,9 +39,9 @@ module Lockdown
         @permissions[name] ||= []
         method_arrays.each{|ary| @permissions[name] += ary}
       end
-
-			def get_permissions
-				@permissions.keys
+      
+      def get_permissions
+        @permissions.keys
       end
 
       def permission_exists?(perm)
@@ -58,13 +58,13 @@ module Lockdown
         end
       end
 
-			def get_user_groups
-				@user_groups.keys
+      def get_user_groups
+        @user_groups.keys
       end
 
       def permissions_for_user_group(ug)
         sym = lockdown_symbol(ug)
-
+        
         if has_user_group?(sym)
           @user_groups[sym].each do |perm|
             unless permission_exists?(perm)
@@ -88,143 +88,143 @@ module Lockdown
 
       def access_rights_for_permission(perm)
         sym = lockdown_symbol(perm)
-
+        
         unless permission_exists?(sym)
           raise SecurityError, "Permission requested is not defined: #{sym}"
         end
         @permissions[sym]
       end
-
+      
       def public_access?(perm)
         @public_access.include?(perm)
       end
 
-			def set_public_access(*perms)
-				perms.each{|perm| @public_access += @permissions[perm]}
-			end
+      def set_public_access(*perms)
+        perms.each{|perm| @public_access += @permissions[perm]}
+      end
 
       def protected_access?(perm)
         @protected_access.include?(perm)
       end
 
-			def set_protected_access(*perms)
-				perms.each{|perm| @protected_access += @permissions[perm]}
-			end
+      def set_protected_access(*perms)
+        perms.each{|perm| @protected_access += @permissions[perm]}
+      end
 			
       def permission_assigned_automatically?(perm)
         public_access?(perm) || protected_access?(perm)
       end
 
-			def standard_authorized_user_rights
-				Lockdown::System.public_access + Lockdown::System.protected_access 
+      def standard_authorized_user_rights
+        Lockdown::System.public_access + Lockdown::System.protected_access 
       end
 
-			#
-			# Determine if the user group is defined in init.rb
-			#
-			def has_user_group?(ug)
+      #
+      # Determine if the user group is defined in init.rb
+      #
+      def has_user_group?(ug)
         sym = lockdown_symbol(ug)
 
-				return true if sym == administrator_group_symbol
-				get_user_groups.each do |key|
-					return true if key == sym
-				end
-				false
-			end
-
-			#
-			# Delete a user group record from the database
-			#
-			def delete_user_group(str_sym)
-				ug = UserGroup.find(:first, :conditions => ["name = ?",string_name(str_sym)])
-				ug.destroy unless ug.nil?
-			end
-
-			def access_rights_for_user(usr)
-				return unless usr
-				return :all if administrator?(usr)
-
-			  rights = standard_authorized_user_rights
-
-				if @options[:use_db_models]
-					usr.user_groups.each do |grp|
+        return true if sym == administrator_group_symbol
+        get_user_groups.each do |key|
+          return true if key == sym
+        end
+        false
+      end
+
+      #
+      # Delete a user group record from the database
+      #
+      def delete_user_group(str_sym)
+        ug = UserGroup.find(:first, :conditions => ["name = ?",string_name(str_sym)])
+        ug.destroy unless ug.nil?
+      end
+
+      def access_rights_for_user(usr)
+        return unless usr
+        return :all if administrator?(usr)
+
+        rights = standard_authorized_user_rights
+        
+        if @options[:use_db_models]
+          usr.user_groups.each do |grp|
             permissions_for_user_group(grp) do |perm|
               rights += access_rights_for_permission(perm) 
             end
-					end
-				end
-				rights
-			end
-
-			#
-			# Use this for the management screen to restrict user group list to the
-			# user.  This will prevent a user from creating a user with more power than
-			# him/her self.
-			# 
-			#
-			def user_groups_assignable_for_user(usr)
-				return [] if usr.nil?
-
-				if administrator?(usr)
-					UserGroup.find(:all, :order => :name)
-				else
-					UserGroup.find_by_sql <<-SQL
-						select user_groups.* from user_groups, user_groups_users
-						where user_groups.id = user_groups_users.user_group_id
-							and user_groups_users.user_id = #{usr.id}	 
-						order by user_groups.name
-					SQL
-				end
-			end
-
-			#
-			# Similar to user_groups_assignable_for_user, this method should be
+          end
+        end
+        rights
+      end
+
+      #
+      # Use this for the management screen to restrict user group list to the
+      # user.  This will prevent a user from creating a user with more power than
+      # him/her self.
+      # 
+      #
+      def user_groups_assignable_for_user(usr)
+        return [] if usr.nil?
+        
+        if administrator?(usr)
+          UserGroup.find(:all, :order => :name)
+        else
+          UserGroup.find_by_sql <<-SQL
+            select user_groups.* from user_groups, user_groups_users
+             where user_groups.id = user_groups_users.user_group_id
+             and user_groups_users.user_id = #{usr.id}	 
+             order by user_groups.name
+          SQL
+        end
+      end
+
+      #
+      # Similar to user_groups_assignable_for_user, this method should be
       # used to restrict users from creating a user group with more power than
       # they have been allowed.
-			#
-			def permissions_assignable_for_user(usr)
-				return [] if usr.nil?
-				if administrator?(usr)
-					@permissions.keys.collect{|k| Permission.find_by_name(string_name(k)) }.compact
-				else
-					groups = user_groups_assignable_for_user(usr)
-					groups.collect{|g| g.permissions}.flatten.compact
-				end
-			end
-
-			def make_user_administrator(usr)
+      #
+      def permissions_assignable_for_user(usr)
+        return [] if usr.nil?
+        if administrator?(usr)
+          @permissions.keys.collect{|k| Permission.find_by_name(string_name(k)) }.compact
+        else
+          groups = user_groups_assignable_for_user(usr)
+          groups.collect{|g| g.permissions}.flatten.compact
+        end
+      end
+
+      def make_user_administrator(usr)
         unless Lockdown.database_table_exists?(UserGroup)
           create_administrator_user_group 
         end
 
-				usr.user_groups << UserGroup.find_or_create_by_name(administrator_group_string)
-			end
+        usr.user_groups << UserGroup.find_or_create_by_name(administrator_group_string)
+      end
       
-			def administrator?(usr)
-				user_has_user_group?(usr, administrator_group_symbol)
-			end
-
-			def administrator_rights
-				all_controllers
+      def administrator?(usr)
+        user_has_user_group?(usr, administrator_group_symbol)
       end
 
+      def administrator_rights
+        all_controllers
+      end
+      
       def fetch_controller_class(str)
         @controller_classes[controller_class_name(str)]
       end
-
+      
       protected 
 
       def set_defaults
         load_controller_classes
-
+        
         @permissions = {}
         @user_groups = {}
-
+        
         @public_access = []
         @protected_access = []
         @private_access = []
 
-				@options = {
+        @options = {
           :use_db_models => true,
           :sync_init_rb_with_db => true,
           :session_timeout => (60 * 60),
@@ -234,19 +234,19 @@ module Lockdown
         }
       end
 
-			private
-
-			def create_administrator_user_group
-				return unless @options[:use_db_models]
-				UserGroup.create :name => administrator_group_name
-  		end
-
-			def user_has_user_group?(usr, sym)
-				usr.user_groups.each do |ug|
-					return true if convert_reference_name(ug.name) == sym
-				end
-				false
-			end
+      private
+      
+      def create_administrator_user_group
+        return unless @options[:use_db_models]
+        UserGroup.create :name => administrator_group_name
+      end
+      
+      def user_has_user_group?(usr, sym)
+        usr.user_groups.each do |ug|
+          return true if convert_reference_name(ug.name) == sym
+        end
+        false
+      end
 
       def load_controller_classes
         @controller_classes = {}
@@ -281,7 +281,7 @@ module Lockdown
           load("application.rb") unless const_defined?("Application")
         end
       end
-
+      
       def lockdown_load(file)
         klass = controller_class_name_from_file(file)
         if Lockdown.rails_app?
@@ -365,8 +365,8 @@ module Lockdown
         return unless const_defined?("Permission") && const_defined?("UserGroup")
 
         Lockdown.database_table_exists?(Permission) &&
-                      Lockdown.database_table_exists?(UserGroup)
+          Lockdown.database_table_exists?(UserGroup)
       end
-     end # class block
+    end # class block
   end # System class
 end # Lockdown

data/lib/lockdown/version.rb

@@ -2,7 +2,7 @@ module Lockdown #:nodoc:
   module VERSION #:nodoc:
     MAJOR = 0
     MINOR = 4
-    TINY  = 0
+    TINY  = 1
 
     STRING = [MAJOR, MINOR, TINY].join('.')
   end

data/lib/lockdown/view.rb

@@ -21,17 +21,17 @@ module Lockdown
         return ""
       end
 
-			def link_to_or_show(name, url = '', options = {})
-				lnk = link_to(name, options, html_options)
-				lnk.length == 0  ? name : lnk
+      def link_to_or_show(name, url = '', options = {})
+        lnk = link_to(name, options, html_options)
+        lnk.length == 0  ? name : lnk
       end
     end # Merb
 
     module Rails
       include Lockdown::View::Core
       def self.included(base)
-         base.send :alias_method, :rails_link_to,  :link_to
-         base.send :alias_method, :rails_button_to,  :button_to
+        base.send :alias_method, :rails_link_to,  :link_to
+        base.send :alias_method, :rails_button_to,  :button_to
       end
     
       def ld_link_to(name, options = {}, html_options = nil)
@@ -42,11 +42,10 @@ module Lockdown
         return ""
       end
 
-			def link_to_or_show(name, options = {}, html_options = nil)
-				lnk = link_to(name, options, html_options)
-				lnk.length == 0 ? name : lnk
+      def link_to_or_show(name, options = {}, html_options = nil)
+        lnk = link_to(name, options, html_options)
+        lnk.length == 0 ? name : lnk
       end
-
     
       def button_to(name, options = {}, html_options = nil)
         url = lock_down_url(options, html_options)
@@ -55,19 +54,19 @@ module Lockdown
         end
         return ""
       end
-      
     
       private
-        def lock_down_url(options, html_options = {})
-          return options unless options.respond_to?(:new_record?)
-          p = polymorphic_path(options)
-          if html_options.is_a?(Hash) && html_options[:method] == :delete
-            p += "/destroy"
-          elsif p.split("/").last.to_i > 0
-            p += "/show"
-          end
-          return p
+
+      def lock_down_url(options, html_options = {})
+        return options unless options.respond_to?(:new_record?)
+        p = polymorphic_path(options)
+        if html_options.is_a?(Hash) && html_options[:method] == :delete
+          p += "/destroy"
+        elsif p.split("/").last.to_i > 0
+          p += "/show"
         end
+        return p
+      end
     end # Rails
   end # View
 end # Lockdown

data/rails_generators/lockdown_all/templates/app/controllers/sessions_controller.rb

@@ -16,22 +16,23 @@ class SessionsController < ApplicationController
   end
   
   protected
-		def password_authentication(login, password)
-			set_session_user(User.authenticate(login, password))
-			if logged_in?
-	      successful_login
-	   else
-	     failed_login
-	   end
-	 end
+
+  def password_authentication(login, password)
+    set_session_user(User.authenticate(login, password))
+    if logged_in?
+      successful_login
+    else
+      failed_login
+    end
+  end
   
-	 def failed_login(message = 'Authentication failed.')
-	   flash[:error] = message
-		 redirect_back_or_default login_url
-	 end
+  def failed_login(message = 'Authentication failed.')
+    flash[:error] = message
+    redirect_back_or_default login_url
+  end
 	 
-		def successful_login
-		 flash[:notice] = "Logged in successfully"
-		 redirect_back_or_default "/"
-	 end
+  def successful_login
+    flash[:notice] = "Logged in successfully"
+    redirect_back_or_default "/"
+  end
 end

data/rails_generators/lockdown_all/templates/app/models/user.rb

@@ -1,6 +1,5 @@
 require 'digest/sha1'
 class User < ActiveRecord::Base
-  include Lockdown::Helper
   has_and_belongs_to_many :user_groups
   belongs_to :profile
   
@@ -43,7 +42,7 @@ class User < ActiveRecord::Base
     crypted_password == encrypt(password)
   end
   
-   def email
+  def email
     self.profile.email
   end
   
@@ -53,21 +52,21 @@ class User < ActiveRecord::Base
   
   protected
 
-	def prepare_for_save
-		encrypt_password
-		self.profile.save
-	end
+  def prepare_for_save
+    encrypt_password
+    self.profile.save
+  end
       
-	def encrypt_password
-		return if password.blank?
-		if new_record?
-			self.salt = Digest::SHA1.hexdigest("--#{Time.now.to_s}--#{login}--") 
-		end
-		self.crypted_password = encrypt(password)
-	end
+  def encrypt_password
+    return if password.blank?
+    if new_record?
+      self.salt = Digest::SHA1.hexdigest("--#{Time.now.to_s}--#{login}--") 
+    end
+    self.crypted_password = encrypt(password)
+  end
     
-	def password_required?
-		(crypted_password.blank? || !password.blank?)
-	end
+  def password_required?
+    (crypted_password.blank? || !password.blank?)
+  end
     
 end

data/rails_generators/lockdown_all/templates/app/models/user_group.rb

@@ -10,6 +10,6 @@ class UserGroup < ActiveRecord::Base
 			from users, user_groups_users
 			where users.id = user_groups_users.user_id 
 			and user_groups_users.user_group_id = #{self.id}
-			SQL
+    SQL
 	end
 end

data/website/index.txt

@@ -1,7 +1,5 @@
 h1. <a href="http://lockdown.rubyforge.org">Lockdown</a>
 
-h3. Lockdown has not been officially released!  This page is a Work-In-Progress. 
-
 h2. What
 
 Lockdown is a authentication/authorization system for RubyOnRails (ver 2.x). While Merb functionality is in place, it is not complete.  There will be a release solely focused on getting the Merb functionality up to par with Rails. 
@@ -18,6 +16,14 @@ $ lockdown .
 
 This will create a "lockdown" directory in the lib dir add two files: init.rb and session.rb.  Modify init.rb to set defaults and define the rules that apply to your system.
 
+<strong> Some noteworthy points:</strong>
+<ul>
+<li><strong>All Permissions are defined in init.rb, they cannot be defined via the administration screens.</strong></li>
+<li><strong>All User Groups should be defined in init.rb. The administration screens can be used to create user groups, but doing so should be reserved for the unexpected.</strong></li>
+<li><strong>Lockdown will sync up the rules (Permissions and User Groups) defined in init.rb with your database.</strong></li>
+</ul>
+
+
 To help you with your new application, Lockdown comes with a generator called lockdown_all.
 
 <pre>

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification 
 name: lockdown
 version: !ruby/object:Gem::Version 
-  version: 0.4.0
+  version: 0.4.1
 platform: ruby
 authors: 
 - Andrew Stone
@@ -9,7 +9,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2008-05-05 00:00:00 -04:00
+date: 2008-05-06 00:00:00 -04:00
 default_executable: 
 dependencies: 
 - !ruby/object:Gem::Dependency