lockdown 0.4.0 → 0.4.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
data/History.txt CHANGED
@@ -1,3 +1,6 @@
1
+ == 0.4.1 2008-05-06
2
+ * Just some minor tabs-to-spaces formatting and removed unnecessary helper included into the user model.
3
+
1
4
  == 0.4.0 2008-05-04
2
5
  * Added: Automatically sync definitions in init.rb with database to remove migrations requirement
3
6
  * Added: Improved notification if invalid user group or permission is referenced in init.rb
@@ -7,7 +7,7 @@ module Lockdown
7
7
  def self.included(base)
8
8
  base.send :include, Lockdown::Controller::Core::InstanceMethods
9
9
  end
10
-
10
+
11
11
  module InstanceMethods
12
12
  def configure_lock_down
13
13
  check_session_expiry
@@ -209,8 +209,6 @@ module Lockdown
209
209
 
210
210
  end # InstanceMethods
211
211
  end # Rails
212
-
213
-
214
212
  end # Controller
215
213
  end # Lockdown
216
214
 
@@ -64,7 +64,7 @@ module Lockdown
64
64
  end
65
65
  methods.collect{|meth| ctr_path(str) + "/" + meth.to_s }
66
66
  end
67
-
67
+
68
68
  def ctr_path(str)
69
69
  str.gsub("__","\/")
70
70
  end
@@ -48,7 +48,7 @@ module Lockdown
48
48
  def administrator_group_symbol
49
49
  :administrators
50
50
  end
51
-
51
+
52
52
  private
53
53
 
54
54
  def titleize(str)
@@ -18,7 +18,6 @@ module Lockdown
18
18
  Thread.current[:profile_id]
19
19
  end
20
20
 
21
-
22
21
  def create_with_stamps
23
22
  profile_id = current_profile_id || Profile::SYSTEM
24
23
  self[:created_by] = profile_id if self.respond_to?(:created_by)
@@ -1,10 +1,10 @@
1
1
  module Lockdown
2
2
  class System
3
3
  class << self
4
- include Lockdown::ControllerInspector
4
+ include Lockdown::ControllerInspector
5
5
 
6
6
  attr_accessor :options #:nodoc:
7
-
7
+
8
8
  attr_accessor :permissions #:nodoc:
9
9
  attr_accessor :user_groups #:nodoc:
10
10
 
@@ -20,7 +20,7 @@ module Lockdown
20
20
  attr_accessor :controller_classes #:nodoc:
21
21
 
22
22
  def configure(&block)
23
- set_defaults
23
+ set_defaults
24
24
  instance_eval(&block)
25
25
  if options[:use_db_models] && options[:sync_init_rb_with_db]
26
26
  sync_with_db
@@ -30,7 +30,7 @@ module Lockdown
30
30
  def [](key)
31
31
  (@options||={})[key]
32
32
  end
33
-
33
+
34
34
  def []=(key,val)
35
35
  @options[key] = val
36
36
  end
@@ -39,9 +39,9 @@ module Lockdown
39
39
  @permissions[name] ||= []
40
40
  method_arrays.each{|ary| @permissions[name] += ary}
41
41
  end
42
-
43
- def get_permissions
44
- @permissions.keys
42
+
43
+ def get_permissions
44
+ @permissions.keys
45
45
  end
46
46
 
47
47
  def permission_exists?(perm)
@@ -58,13 +58,13 @@ module Lockdown
58
58
  end
59
59
  end
60
60
 
61
- def get_user_groups
62
- @user_groups.keys
61
+ def get_user_groups
62
+ @user_groups.keys
63
63
  end
64
64
 
65
65
  def permissions_for_user_group(ug)
66
66
  sym = lockdown_symbol(ug)
67
-
67
+
68
68
  if has_user_group?(sym)
69
69
  @user_groups[sym].each do |perm|
70
70
  unless permission_exists?(perm)
@@ -88,143 +88,143 @@ module Lockdown
88
88
 
89
89
  def access_rights_for_permission(perm)
90
90
  sym = lockdown_symbol(perm)
91
-
91
+
92
92
  unless permission_exists?(sym)
93
93
  raise SecurityError, "Permission requested is not defined: #{sym}"
94
94
  end
95
95
  @permissions[sym]
96
96
  end
97
-
97
+
98
98
  def public_access?(perm)
99
99
  @public_access.include?(perm)
100
100
  end
101
101
 
102
- def set_public_access(*perms)
103
- perms.each{|perm| @public_access += @permissions[perm]}
104
- end
102
+ def set_public_access(*perms)
103
+ perms.each{|perm| @public_access += @permissions[perm]}
104
+ end
105
105
 
106
106
  def protected_access?(perm)
107
107
  @protected_access.include?(perm)
108
108
  end
109
109
 
110
- def set_protected_access(*perms)
111
- perms.each{|perm| @protected_access += @permissions[perm]}
112
- end
110
+ def set_protected_access(*perms)
111
+ perms.each{|perm| @protected_access += @permissions[perm]}
112
+ end
113
113
 
114
114
  def permission_assigned_automatically?(perm)
115
115
  public_access?(perm) || protected_access?(perm)
116
116
  end
117
117
 
118
- def standard_authorized_user_rights
119
- Lockdown::System.public_access + Lockdown::System.protected_access
118
+ def standard_authorized_user_rights
119
+ Lockdown::System.public_access + Lockdown::System.protected_access
120
120
  end
121
121
 
122
- #
123
- # Determine if the user group is defined in init.rb
124
- #
125
- def has_user_group?(ug)
122
+ #
123
+ # Determine if the user group is defined in init.rb
124
+ #
125
+ def has_user_group?(ug)
126
126
  sym = lockdown_symbol(ug)
127
127
 
128
- return true if sym == administrator_group_symbol
129
- get_user_groups.each do |key|
130
- return true if key == sym
131
- end
132
- false
133
- end
134
-
135
- #
136
- # Delete a user group record from the database
137
- #
138
- def delete_user_group(str_sym)
139
- ug = UserGroup.find(:first, :conditions => ["name = ?",string_name(str_sym)])
140
- ug.destroy unless ug.nil?
141
- end
142
-
143
- def access_rights_for_user(usr)
144
- return unless usr
145
- return :all if administrator?(usr)
146
-
147
- rights = standard_authorized_user_rights
148
-
149
- if @options[:use_db_models]
150
- usr.user_groups.each do |grp|
128
+ return true if sym == administrator_group_symbol
129
+ get_user_groups.each do |key|
130
+ return true if key == sym
131
+ end
132
+ false
133
+ end
134
+
135
+ #
136
+ # Delete a user group record from the database
137
+ #
138
+ def delete_user_group(str_sym)
139
+ ug = UserGroup.find(:first, :conditions => ["name = ?",string_name(str_sym)])
140
+ ug.destroy unless ug.nil?
141
+ end
142
+
143
+ def access_rights_for_user(usr)
144
+ return unless usr
145
+ return :all if administrator?(usr)
146
+
147
+ rights = standard_authorized_user_rights
148
+
149
+ if @options[:use_db_models]
150
+ usr.user_groups.each do |grp|
151
151
  permissions_for_user_group(grp) do |perm|
152
152
  rights += access_rights_for_permission(perm)
153
153
  end
154
- end
155
- end
156
- rights
157
- end
158
-
159
- #
160
- # Use this for the management screen to restrict user group list to the
161
- # user. This will prevent a user from creating a user with more power than
162
- # him/her self.
163
- #
164
- #
165
- def user_groups_assignable_for_user(usr)
166
- return [] if usr.nil?
167
-
168
- if administrator?(usr)
169
- UserGroup.find(:all, :order => :name)
170
- else
171
- UserGroup.find_by_sql <<-SQL
172
- select user_groups.* from user_groups, user_groups_users
173
- where user_groups.id = user_groups_users.user_group_id
174
- and user_groups_users.user_id = #{usr.id}
175
- order by user_groups.name
176
- SQL
177
- end
178
- end
179
-
180
- #
181
- # Similar to user_groups_assignable_for_user, this method should be
154
+ end
155
+ end
156
+ rights
157
+ end
158
+
159
+ #
160
+ # Use this for the management screen to restrict user group list to the
161
+ # user. This will prevent a user from creating a user with more power than
162
+ # him/her self.
163
+ #
164
+ #
165
+ def user_groups_assignable_for_user(usr)
166
+ return [] if usr.nil?
167
+
168
+ if administrator?(usr)
169
+ UserGroup.find(:all, :order => :name)
170
+ else
171
+ UserGroup.find_by_sql <<-SQL
172
+ select user_groups.* from user_groups, user_groups_users
173
+ where user_groups.id = user_groups_users.user_group_id
174
+ and user_groups_users.user_id = #{usr.id}
175
+ order by user_groups.name
176
+ SQL
177
+ end
178
+ end
179
+
180
+ #
181
+ # Similar to user_groups_assignable_for_user, this method should be
182
182
  # used to restrict users from creating a user group with more power than
183
183
  # they have been allowed.
184
- #
185
- def permissions_assignable_for_user(usr)
186
- return [] if usr.nil?
187
- if administrator?(usr)
188
- @permissions.keys.collect{|k| Permission.find_by_name(string_name(k)) }.compact
189
- else
190
- groups = user_groups_assignable_for_user(usr)
191
- groups.collect{|g| g.permissions}.flatten.compact
192
- end
193
- end
194
-
195
- def make_user_administrator(usr)
184
+ #
185
+ def permissions_assignable_for_user(usr)
186
+ return [] if usr.nil?
187
+ if administrator?(usr)
188
+ @permissions.keys.collect{|k| Permission.find_by_name(string_name(k)) }.compact
189
+ else
190
+ groups = user_groups_assignable_for_user(usr)
191
+ groups.collect{|g| g.permissions}.flatten.compact
192
+ end
193
+ end
194
+
195
+ def make_user_administrator(usr)
196
196
  unless Lockdown.database_table_exists?(UserGroup)
197
197
  create_administrator_user_group
198
198
  end
199
199
 
200
- usr.user_groups << UserGroup.find_or_create_by_name(administrator_group_string)
201
- end
200
+ usr.user_groups << UserGroup.find_or_create_by_name(administrator_group_string)
201
+ end
202
202
 
203
- def administrator?(usr)
204
- user_has_user_group?(usr, administrator_group_symbol)
205
- end
206
-
207
- def administrator_rights
208
- all_controllers
203
+ def administrator?(usr)
204
+ user_has_user_group?(usr, administrator_group_symbol)
209
205
  end
210
206
 
207
+ def administrator_rights
208
+ all_controllers
209
+ end
210
+
211
211
  def fetch_controller_class(str)
212
212
  @controller_classes[controller_class_name(str)]
213
213
  end
214
-
214
+
215
215
  protected
216
216
 
217
217
  def set_defaults
218
218
  load_controller_classes
219
-
219
+
220
220
  @permissions = {}
221
221
  @user_groups = {}
222
-
222
+
223
223
  @public_access = []
224
224
  @protected_access = []
225
225
  @private_access = []
226
226
 
227
- @options = {
227
+ @options = {
228
228
  :use_db_models => true,
229
229
  :sync_init_rb_with_db => true,
230
230
  :session_timeout => (60 * 60),
@@ -234,19 +234,19 @@ module Lockdown
234
234
  }
235
235
  end
236
236
 
237
- private
238
-
239
- def create_administrator_user_group
240
- return unless @options[:use_db_models]
241
- UserGroup.create :name => administrator_group_name
242
- end
243
-
244
- def user_has_user_group?(usr, sym)
245
- usr.user_groups.each do |ug|
246
- return true if convert_reference_name(ug.name) == sym
247
- end
248
- false
249
- end
237
+ private
238
+
239
+ def create_administrator_user_group
240
+ return unless @options[:use_db_models]
241
+ UserGroup.create :name => administrator_group_name
242
+ end
243
+
244
+ def user_has_user_group?(usr, sym)
245
+ usr.user_groups.each do |ug|
246
+ return true if convert_reference_name(ug.name) == sym
247
+ end
248
+ false
249
+ end
250
250
 
251
251
  def load_controller_classes
252
252
  @controller_classes = {}
@@ -281,7 +281,7 @@ module Lockdown
281
281
  load("application.rb") unless const_defined?("Application")
282
282
  end
283
283
  end
284
-
284
+
285
285
  def lockdown_load(file)
286
286
  klass = controller_class_name_from_file(file)
287
287
  if Lockdown.rails_app?
@@ -365,8 +365,8 @@ module Lockdown
365
365
  return unless const_defined?("Permission") && const_defined?("UserGroup")
366
366
 
367
367
  Lockdown.database_table_exists?(Permission) &&
368
- Lockdown.database_table_exists?(UserGroup)
368
+ Lockdown.database_table_exists?(UserGroup)
369
369
  end
370
- end # class block
370
+ end # class block
371
371
  end # System class
372
372
  end # Lockdown
@@ -2,7 +2,7 @@ module Lockdown #:nodoc:
2
2
  module VERSION #:nodoc:
3
3
  MAJOR = 0
4
4
  MINOR = 4
5
- TINY = 0
5
+ TINY = 1
6
6
 
7
7
  STRING = [MAJOR, MINOR, TINY].join('.')
8
8
  end
data/lib/lockdown/view.rb CHANGED
@@ -21,17 +21,17 @@ module Lockdown
21
21
  return ""
22
22
  end
23
23
 
24
- def link_to_or_show(name, url = '', options = {})
25
- lnk = link_to(name, options, html_options)
26
- lnk.length == 0 ? name : lnk
24
+ def link_to_or_show(name, url = '', options = {})
25
+ lnk = link_to(name, options, html_options)
26
+ lnk.length == 0 ? name : lnk
27
27
  end
28
28
  end # Merb
29
29
 
30
30
  module Rails
31
31
  include Lockdown::View::Core
32
32
  def self.included(base)
33
- base.send :alias_method, :rails_link_to, :link_to
34
- base.send :alias_method, :rails_button_to, :button_to
33
+ base.send :alias_method, :rails_link_to, :link_to
34
+ base.send :alias_method, :rails_button_to, :button_to
35
35
  end
36
36
 
37
37
  def ld_link_to(name, options = {}, html_options = nil)
@@ -42,11 +42,10 @@ module Lockdown
42
42
  return ""
43
43
  end
44
44
 
45
- def link_to_or_show(name, options = {}, html_options = nil)
46
- lnk = link_to(name, options, html_options)
47
- lnk.length == 0 ? name : lnk
45
+ def link_to_or_show(name, options = {}, html_options = nil)
46
+ lnk = link_to(name, options, html_options)
47
+ lnk.length == 0 ? name : lnk
48
48
  end
49
-
50
49
 
51
50
  def button_to(name, options = {}, html_options = nil)
52
51
  url = lock_down_url(options, html_options)
@@ -55,19 +54,19 @@ module Lockdown
55
54
  end
56
55
  return ""
57
56
  end
58
-
59
57
 
60
58
  private
61
- def lock_down_url(options, html_options = {})
62
- return options unless options.respond_to?(:new_record?)
63
- p = polymorphic_path(options)
64
- if html_options.is_a?(Hash) && html_options[:method] == :delete
65
- p += "/destroy"
66
- elsif p.split("/").last.to_i > 0
67
- p += "/show"
68
- end
69
- return p
59
+
60
+ def lock_down_url(options, html_options = {})
61
+ return options unless options.respond_to?(:new_record?)
62
+ p = polymorphic_path(options)
63
+ if html_options.is_a?(Hash) && html_options[:method] == :delete
64
+ p += "/destroy"
65
+ elsif p.split("/").last.to_i > 0
66
+ p += "/show"
70
67
  end
68
+ return p
69
+ end
71
70
  end # Rails
72
71
  end # View
73
72
  end # Lockdown
@@ -16,22 +16,23 @@ class SessionsController < ApplicationController
16
16
  end
17
17
 
18
18
  protected
19
- def password_authentication(login, password)
20
- set_session_user(User.authenticate(login, password))
21
- if logged_in?
22
- successful_login
23
- else
24
- failed_login
25
- end
26
- end
19
+
20
+ def password_authentication(login, password)
21
+ set_session_user(User.authenticate(login, password))
22
+ if logged_in?
23
+ successful_login
24
+ else
25
+ failed_login
26
+ end
27
+ end
27
28
 
28
- def failed_login(message = 'Authentication failed.')
29
- flash[:error] = message
30
- redirect_back_or_default login_url
31
- end
29
+ def failed_login(message = 'Authentication failed.')
30
+ flash[:error] = message
31
+ redirect_back_or_default login_url
32
+ end
32
33
 
33
- def successful_login
34
- flash[:notice] = "Logged in successfully"
35
- redirect_back_or_default "/"
36
- end
34
+ def successful_login
35
+ flash[:notice] = "Logged in successfully"
36
+ redirect_back_or_default "/"
37
+ end
37
38
  end
@@ -1,6 +1,5 @@
1
1
  require 'digest/sha1'
2
2
  class User < ActiveRecord::Base
3
- include Lockdown::Helper
4
3
  has_and_belongs_to_many :user_groups
5
4
  belongs_to :profile
6
5
 
@@ -43,7 +42,7 @@ class User < ActiveRecord::Base
43
42
  crypted_password == encrypt(password)
44
43
  end
45
44
 
46
- def email
45
+ def email
47
46
  self.profile.email
48
47
  end
49
48
 
@@ -53,21 +52,21 @@ class User < ActiveRecord::Base
53
52
 
54
53
  protected
55
54
 
56
- def prepare_for_save
57
- encrypt_password
58
- self.profile.save
59
- end
55
+ def prepare_for_save
56
+ encrypt_password
57
+ self.profile.save
58
+ end
60
59
 
61
- def encrypt_password
62
- return if password.blank?
63
- if new_record?
64
- self.salt = Digest::SHA1.hexdigest("--#{Time.now.to_s}--#{login}--")
65
- end
66
- self.crypted_password = encrypt(password)
67
- end
60
+ def encrypt_password
61
+ return if password.blank?
62
+ if new_record?
63
+ self.salt = Digest::SHA1.hexdigest("--#{Time.now.to_s}--#{login}--")
64
+ end
65
+ self.crypted_password = encrypt(password)
66
+ end
68
67
 
69
- def password_required?
70
- (crypted_password.blank? || !password.blank?)
71
- end
68
+ def password_required?
69
+ (crypted_password.blank? || !password.blank?)
70
+ end
72
71
 
73
72
  end
@@ -10,6 +10,6 @@ class UserGroup < ActiveRecord::Base
10
10
  from users, user_groups_users
11
11
  where users.id = user_groups_users.user_id
12
12
  and user_groups_users.user_group_id = #{self.id}
13
- SQL
13
+ SQL
14
14
  end
15
15
  end
data/website/index.txt CHANGED
@@ -1,7 +1,5 @@
1
1
  h1. <a href="http://lockdown.rubyforge.org">Lockdown</a>
2
2
 
3
- h3. Lockdown has not been officially released! This page is a Work-In-Progress.
4
-
5
3
  h2. What
6
4
 
7
5
  Lockdown is a authentication/authorization system for RubyOnRails (ver 2.x). While Merb functionality is in place, it is not complete. There will be a release solely focused on getting the Merb functionality up to par with Rails.
@@ -18,6 +16,14 @@ $ lockdown .
18
16
 
19
17
  This will create a "lockdown" directory in the lib dir add two files: init.rb and session.rb. Modify init.rb to set defaults and define the rules that apply to your system.
20
18
 
19
+ <strong> Some noteworthy points:</strong>
20
+ <ul>
21
+ <li><strong>All Permissions are defined in init.rb, they cannot be defined via the administration screens.</strong></li>
22
+ <li><strong>All User Groups should be defined in init.rb. The administration screens can be used to create user groups, but doing so should be reserved for the unexpected.</strong></li>
23
+ <li><strong>Lockdown will sync up the rules (Permissions and User Groups) defined in init.rb with your database.</strong></li>
24
+ </ul>
25
+
26
+
21
27
  To help you with your new application, Lockdown comes with a generator called lockdown_all.
22
28
 
23
29
  <pre>
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: lockdown
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.4.0
4
+ version: 0.4.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Andrew Stone
@@ -9,7 +9,7 @@ autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
11
 
12
- date: 2008-05-05 00:00:00 -04:00
12
+ date: 2008-05-06 00:00:00 -04:00
13
13
  default_executable:
14
14
  dependencies:
15
15
  - !ruby/object:Gem::Dependency