lockdown 0.4.6 → 0.5.0
Sign up to get free protection for your applications and to get access to all the features.
- data/Manifest.txt +39 -0
- data/lib/lockdown/controller.rb +3 -3
- data/lib/lockdown/system.rb +1 -5
- data/lib/lockdown/version.rb +2 -2
- data/rails_generators/lockdown/USAGE +5 -0
- data/rails_generators/lockdown/lockdown_generator.rb +221 -0
- data/rails_generators/lockdown/templates/app/controllers/permissions_controller.rb +22 -0
- data/rails_generators/lockdown/templates/app/controllers/sessions_controller.rb +38 -0
- data/rails_generators/lockdown/templates/app/controllers/user_groups_controller.rb +113 -0
- data/rails_generators/lockdown/templates/app/controllers/users_controller.rb +124 -0
- data/rails_generators/lockdown/templates/app/helpers/permissions_helper.rb +13 -0
- data/rails_generators/lockdown/templates/app/helpers/user_groups_helper.rb +35 -0
- data/rails_generators/lockdown/templates/app/helpers/users_helper.rb +78 -0
- data/rails_generators/lockdown/templates/app/models/permission.rb +13 -0
- data/rails_generators/lockdown/templates/app/models/profile.rb +10 -0
- data/rails_generators/lockdown/templates/app/models/user.rb +72 -0
- data/rails_generators/lockdown/templates/app/models/user_group.rb +15 -0
- data/rails_generators/lockdown/templates/app/views/permissions/_data.html.erb +13 -0
- data/rails_generators/lockdown/templates/app/views/permissions/index.html.erb +16 -0
- data/rails_generators/lockdown/templates/app/views/permissions/show.html.erb +3 -0
- data/rails_generators/lockdown/templates/app/views/sessions/new.html.erb +12 -0
- data/rails_generators/lockdown/templates/app/views/user_groups/_data.html.erb +44 -0
- data/rails_generators/lockdown/templates/app/views/user_groups/_form.html.erb +11 -0
- data/rails_generators/lockdown/templates/app/views/user_groups/edit.html.erb +6 -0
- data/rails_generators/lockdown/templates/app/views/user_groups/index.html.erb +20 -0
- data/rails_generators/lockdown/templates/app/views/user_groups/new.html.erb +5 -0
- data/rails_generators/lockdown/templates/app/views/user_groups/show.html.erb +6 -0
- data/rails_generators/lockdown/templates/app/views/users/_data.html.erb +62 -0
- data/rails_generators/lockdown/templates/app/views/users/_form.html.erb +18 -0
- data/rails_generators/lockdown/templates/app/views/users/_password.html.erb +5 -0
- data/rails_generators/lockdown/templates/app/views/users/edit.html.erb +6 -0
- data/rails_generators/lockdown/templates/app/views/users/index.html.erb +22 -0
- data/rails_generators/lockdown/templates/app/views/users/new.html.erb +5 -0
- data/rails_generators/lockdown/templates/app/views/users/show.html.erb +4 -0
- data/rails_generators/lockdown/templates/db/migrate/create_admin_user_and_user_group.rb +19 -0
- data/rails_generators/lockdown/templates/db/migrate/create_permissions.rb +19 -0
- data/rails_generators/lockdown/templates/db/migrate/create_profiles.rb +26 -0
- data/rails_generators/lockdown/templates/db/migrate/create_user_groups.rb +19 -0
- data/rails_generators/lockdown/templates/db/migrate/create_users.rb +17 -0
- data/rails_generators/lockdown_all/lockdown_all_generator.rb +0 -2
- data/test/test_generator_helper.rb +10 -1
- data/test/test_lockdown_generator.rb +11 -9
- data/website/generator.html +243 -0
- data/website/generator.txt +174 -0
- data/website/index.html +331 -0
- data/website/index.txt +62 -26
- data/website/model.jpg +0 -0
- metadata +42 -2
data/Manifest.txt
CHANGED
@@ -21,6 +21,41 @@ lib/lockdown/model.rb
|
|
21
21
|
lib/lockdown/system.rb
|
22
22
|
lib/lockdown/version.rb
|
23
23
|
lib/lockdown/view.rb
|
24
|
+
rails_generators/lockdown/USAGE
|
25
|
+
rails_generators/lockdown/lockdown_generator.rb
|
26
|
+
rails_generators/lockdown/templates/app/controllers/permissions_controller.rb
|
27
|
+
rails_generators/lockdown/templates/app/controllers/sessions_controller.rb
|
28
|
+
rails_generators/lockdown/templates/app/controllers/user_groups_controller.rb
|
29
|
+
rails_generators/lockdown/templates/app/controllers/users_controller.rb
|
30
|
+
rails_generators/lockdown/templates/app/helpers/permissions_helper.rb
|
31
|
+
rails_generators/lockdown/templates/app/helpers/user_groups_helper.rb
|
32
|
+
rails_generators/lockdown/templates/app/helpers/users_helper.rb
|
33
|
+
rails_generators/lockdown/templates/app/models/permission.rb
|
34
|
+
rails_generators/lockdown/templates/app/models/profile.rb
|
35
|
+
rails_generators/lockdown/templates/app/models/user.rb
|
36
|
+
rails_generators/lockdown/templates/app/models/user_group.rb
|
37
|
+
rails_generators/lockdown/templates/app/views/permissions/_data.html.erb
|
38
|
+
rails_generators/lockdown/templates/app/views/permissions/index.html.erb
|
39
|
+
rails_generators/lockdown/templates/app/views/permissions/show.html.erb
|
40
|
+
rails_generators/lockdown/templates/app/views/sessions/new.html.erb
|
41
|
+
rails_generators/lockdown/templates/app/views/user_groups/_data.html.erb
|
42
|
+
rails_generators/lockdown/templates/app/views/user_groups/_form.html.erb
|
43
|
+
rails_generators/lockdown/templates/app/views/user_groups/edit.html.erb
|
44
|
+
rails_generators/lockdown/templates/app/views/user_groups/index.html.erb
|
45
|
+
rails_generators/lockdown/templates/app/views/user_groups/new.html.erb
|
46
|
+
rails_generators/lockdown/templates/app/views/user_groups/show.html.erb
|
47
|
+
rails_generators/lockdown/templates/app/views/users/_data.html.erb
|
48
|
+
rails_generators/lockdown/templates/app/views/users/_form.html.erb
|
49
|
+
rails_generators/lockdown/templates/app/views/users/_password.html.erb
|
50
|
+
rails_generators/lockdown/templates/app/views/users/edit.html.erb
|
51
|
+
rails_generators/lockdown/templates/app/views/users/index.html.erb
|
52
|
+
rails_generators/lockdown/templates/app/views/users/new.html.erb
|
53
|
+
rails_generators/lockdown/templates/app/views/users/show.html.erb
|
54
|
+
rails_generators/lockdown/templates/db/migrate/create_admin_user_and_user_group.rb
|
55
|
+
rails_generators/lockdown/templates/db/migrate/create_permissions.rb
|
56
|
+
rails_generators/lockdown/templates/db/migrate/create_profiles.rb
|
57
|
+
rails_generators/lockdown/templates/db/migrate/create_user_groups.rb
|
58
|
+
rails_generators/lockdown/templates/db/migrate/create_users.rb
|
24
59
|
rails_generators/lockdown_all/USAGE
|
25
60
|
rails_generators/lockdown_all/lockdown_all_generator.rb
|
26
61
|
rails_generators/lockdown_all/templates/app/controllers/permissions_controller.rb
|
@@ -70,7 +105,11 @@ test/test_lockdown.rb
|
|
70
105
|
test/test_lockdown_all_generator.rb
|
71
106
|
test/test_lockdown_generator.rb
|
72
107
|
test/test_lockdown_models_generator.rb
|
108
|
+
website/generator.html
|
109
|
+
website/generator.txt
|
110
|
+
website/index.html
|
73
111
|
website/index.txt
|
74
112
|
website/javascripts/rounded_corners_lite.inc.js
|
113
|
+
website/model.jpg
|
75
114
|
website/stylesheets/screen.css
|
76
115
|
website/template.html.erb
|
data/lib/lockdown/controller.rb
CHANGED
@@ -47,7 +47,7 @@ module Lockdown
|
|
47
47
|
if session[:expiry_time] && session[:expiry_time] < Time.now
|
48
48
|
nil_lockdown_values
|
49
49
|
end
|
50
|
-
session[:expiry_time] = Time.now + Lockdown::System
|
50
|
+
session[:expiry_time] = Time.now + Lockdown::System.fetch(:session_timeout)
|
51
51
|
end
|
52
52
|
|
53
53
|
def store_location
|
@@ -189,13 +189,13 @@ module Lockdown
|
|
189
189
|
end
|
190
190
|
|
191
191
|
def access_denied(e)
|
192
|
-
if Lockdown::System
|
192
|
+
if Lockdown::System.fetch(:logout_on_access_violation)
|
193
193
|
reset_session
|
194
194
|
end
|
195
195
|
respond_to do |accepts|
|
196
196
|
accepts.html do
|
197
197
|
store_location
|
198
|
-
send_to Lockdown::System
|
198
|
+
send_to Lockdown::System.fetch(:access_denied_path)
|
199
199
|
end
|
200
200
|
accepts.xml do
|
201
201
|
headers["Status"] = "Unauthorized"
|
data/lib/lockdown/system.rb
CHANGED
@@ -27,14 +27,10 @@ module Lockdown
|
|
27
27
|
end
|
28
28
|
end
|
29
29
|
|
30
|
-
def
|
30
|
+
def fetch(key)
|
31
31
|
(@options||={})[key]
|
32
32
|
end
|
33
33
|
|
34
|
-
def []=(key,val)
|
35
|
-
@options[key] = val
|
36
|
-
end
|
37
|
-
|
38
34
|
def set_permission(name, *method_arrays)
|
39
35
|
@permissions[name] ||= []
|
40
36
|
method_arrays.each{|ary| @permissions[name] += ary}
|
data/lib/lockdown/version.rb
CHANGED
@@ -0,0 +1,221 @@
|
|
1
|
+
class LockdownGenerator < Rails::Generator::Base
|
2
|
+
attr_accessor :file_name
|
3
|
+
|
4
|
+
def manifest
|
5
|
+
record do |m|
|
6
|
+
# Ensure appropriate folder(s) exists
|
7
|
+
m.directory 'app/helpers'
|
8
|
+
m.directory 'app/views'
|
9
|
+
m.directory 'app/controllers'
|
10
|
+
|
11
|
+
if options[:all]
|
12
|
+
options[:management] = true
|
13
|
+
options[:login] = true
|
14
|
+
end
|
15
|
+
|
16
|
+
add_management(m) if options[:management]
|
17
|
+
|
18
|
+
add_login(m) if options[:login]
|
19
|
+
|
20
|
+
add_models(m)
|
21
|
+
end #record do |m|
|
22
|
+
end
|
23
|
+
|
24
|
+
protected
|
25
|
+
|
26
|
+
def add_management(m)
|
27
|
+
m.directory 'app/views/users'
|
28
|
+
m.directory 'app/views/user_groups'
|
29
|
+
m.directory 'app/views/permissions'
|
30
|
+
|
31
|
+
m.file "app/controllers/permissions_controller.rb",
|
32
|
+
"app/controllers/permissions_controller.rb"
|
33
|
+
|
34
|
+
m.file "app/controllers/users_controller.rb",
|
35
|
+
"app/controllers/users_controller.rb"
|
36
|
+
|
37
|
+
m.file "app/controllers/user_groups_controller.rb",
|
38
|
+
"app/controllers/user_groups_controller.rb"
|
39
|
+
|
40
|
+
m.file "app/helpers/permissions_helper.rb",
|
41
|
+
"app/helpers/permissions_helper.rb"
|
42
|
+
|
43
|
+
m.file "app/helpers/users_helper.rb",
|
44
|
+
"app/helpers/users_helper.rb"
|
45
|
+
|
46
|
+
m.file "app/helpers/user_groups_helper.rb",
|
47
|
+
"app/helpers/user_groups_helper.rb"
|
48
|
+
|
49
|
+
copy_views(m, "users")
|
50
|
+
|
51
|
+
m.file "app/views/users/_password.html.erb",
|
52
|
+
"app/views/users/_password.html.erb"
|
53
|
+
|
54
|
+
copy_views(m, "user_groups")
|
55
|
+
|
56
|
+
m.file "app/views/permissions/_data.html.erb",
|
57
|
+
"app/views/permissions/_data.html.erb"
|
58
|
+
|
59
|
+
m.file "app/views/permissions/index.html.erb",
|
60
|
+
"app/views/permissions/index.html.erb"
|
61
|
+
|
62
|
+
m.file "app/views/permissions/show.html.erb",
|
63
|
+
"app/views/permissions/show.html.erb"
|
64
|
+
|
65
|
+
|
66
|
+
m.route_resources "permissions"
|
67
|
+
m.route_resources "user_groups"
|
68
|
+
m.route_resources "users"
|
69
|
+
|
70
|
+
add_management_permissions(m)
|
71
|
+
end
|
72
|
+
|
73
|
+
def add_login(m)
|
74
|
+
m.directory 'app/views/sessions'
|
75
|
+
|
76
|
+
m.file "app/controllers/sessions_controller.rb",
|
77
|
+
"app/controllers/sessions_controller.rb"
|
78
|
+
|
79
|
+
m.file "app/views/sessions/new.html.erb",
|
80
|
+
"app/views/sessions/new.html.erb"
|
81
|
+
|
82
|
+
m.route_resources "sessions"
|
83
|
+
|
84
|
+
add_login_permissions(m)
|
85
|
+
add_login_routes(m)
|
86
|
+
end
|
87
|
+
|
88
|
+
def add_models(m)
|
89
|
+
m.directory 'app/models'
|
90
|
+
|
91
|
+
m.file "app/models/permission.rb",
|
92
|
+
"app/models/permission.rb"
|
93
|
+
|
94
|
+
m.file "app/models/user.rb",
|
95
|
+
"app/models/user.rb"
|
96
|
+
|
97
|
+
m.file "app/models/user_group.rb",
|
98
|
+
"app/models/user_group.rb"
|
99
|
+
|
100
|
+
m.file "app/models/profile.rb",
|
101
|
+
"app/models/profile.rb"
|
102
|
+
|
103
|
+
add_migrations(m) unless options[:no_migrations]
|
104
|
+
end
|
105
|
+
|
106
|
+
def add_migrations(m)
|
107
|
+
begin
|
108
|
+
m.migration_template "db/migrate/create_profiles.rb", "db/migrate",
|
109
|
+
:migration_file_name => "create_profiles"
|
110
|
+
rescue
|
111
|
+
puts "Profiles migration exists"
|
112
|
+
end
|
113
|
+
|
114
|
+
begin
|
115
|
+
m.migration_template "db/migrate/create_users.rb", "db/migrate",
|
116
|
+
:migration_file_name => "create_users"
|
117
|
+
rescue
|
118
|
+
puts "Users migration exists"
|
119
|
+
end
|
120
|
+
|
121
|
+
begin
|
122
|
+
m.migration_template "db/migrate/create_user_groups.rb", "db/migrate",
|
123
|
+
:migration_file_name => "create_user_groups"
|
124
|
+
rescue
|
125
|
+
puts "User Groups migration exists"
|
126
|
+
end
|
127
|
+
|
128
|
+
begin
|
129
|
+
m.migration_template "db/migrate/create_permissions.rb", "db/migrate",
|
130
|
+
:migration_file_name => "create_permissions"
|
131
|
+
rescue
|
132
|
+
puts "Permissions migration exists"
|
133
|
+
end
|
134
|
+
|
135
|
+
begin
|
136
|
+
m.migration_template "db/migrate/create_admin_user_and_user_group.rb",
|
137
|
+
"db/migrate",
|
138
|
+
:migration_file_name => "create_admin_user_and_user_group"
|
139
|
+
rescue
|
140
|
+
puts "Admin User Group... migration exists"
|
141
|
+
end
|
142
|
+
end # add_migrations
|
143
|
+
|
144
|
+
def copy_views(m, vw)
|
145
|
+
m.file "app/views/#{vw}/_data.html.erb", "app/views/#{vw}/_data.html.erb"
|
146
|
+
m.file "app/views/#{vw}/_form.html.erb", "app/views/#{vw}/_form.html.erb"
|
147
|
+
m.file "app/views/#{vw}/index.html.erb", "app/views/#{vw}/index.html.erb"
|
148
|
+
m.file "app/views/#{vw}/show.html.erb", "app/views/#{vw}/show.html.erb"
|
149
|
+
m.file "app/views/#{vw}/edit.html.erb", "app/views/#{vw}/edit.html.erb"
|
150
|
+
m.file "app/views/#{vw}/new.html.erb", "app/views/#{vw}/new.html.erb"
|
151
|
+
end
|
152
|
+
|
153
|
+
def add_login_permissions(m)
|
154
|
+
add_permissions m, "set_permission :sessions_management, all_methods(:sessions)"
|
155
|
+
|
156
|
+
add_predefined_user_group m, "set_public_access :sessions_management"
|
157
|
+
end
|
158
|
+
|
159
|
+
def add_management_permissions(m)
|
160
|
+
perms = []
|
161
|
+
perms << "set_permission :users_management, all_methods(:users)"
|
162
|
+
perms << "set_permission :user_groups_management, all_methods(:user_groups)"
|
163
|
+
perms << "set_permission :permissions_management, all_methods(:permissions)"
|
164
|
+
perms << "set_permission :my_account, only_methods(:users, :edit, :update, :show)"
|
165
|
+
|
166
|
+
add_permissions m, perms.join("\n ")
|
167
|
+
|
168
|
+
add_predefined_user_group m, "set_protected_access :my_account"
|
169
|
+
end
|
170
|
+
|
171
|
+
def add_permissions(m, str)
|
172
|
+
sentinel = '# Define your permissions here:'
|
173
|
+
m.gsub_file 'lib/lockdown/init.rb', /(#{Regexp.escape(sentinel)})/mi do |match|
|
174
|
+
"#{match}\n #{str}"
|
175
|
+
end
|
176
|
+
end
|
177
|
+
|
178
|
+
def add_predefined_user_group(m, str)
|
179
|
+
sentinel = '# Define the built-in user groups here:'
|
180
|
+
m.gsub_file 'lib/lockdown/init.rb', /(#{Regexp.escape(sentinel)})/mi do |match|
|
181
|
+
"#{match}\n #{str}"
|
182
|
+
end
|
183
|
+
end
|
184
|
+
|
185
|
+
def add_login_routes(m)
|
186
|
+
home = %Q(map.home '', :controller => 'sessions', :action => 'new')
|
187
|
+
login = %Q(map.login '/login', :controller => 'sessions', :action => 'new')
|
188
|
+
logout =%Q(map.logout '/logout', :controller => 'sessions', :action => 'destroy')
|
189
|
+
|
190
|
+
sentinel = 'ActionController::Routing::Routes.draw do |map|'
|
191
|
+
|
192
|
+
m.gsub_file 'config/routes.rb', /(#{Regexp.escape(sentinel)})/mi do |match|
|
193
|
+
"#{match}\n #{home}\n\n #{login}\n\n #{logout}\n"
|
194
|
+
end
|
195
|
+
end
|
196
|
+
|
197
|
+
def banner
|
198
|
+
<<-EOS
|
199
|
+
Installs the lockdown framework to managing users user_groups
|
200
|
+
and viewing permissions. Also includes a login screen.
|
201
|
+
|
202
|
+
USAGE: #{$0} #{spec.name}
|
203
|
+
EOS
|
204
|
+
end
|
205
|
+
|
206
|
+
def add_options!(opt)
|
207
|
+
opt.separator ''
|
208
|
+
opt.separator 'Options:'
|
209
|
+
opt.on("--all",
|
210
|
+
"Install all Lockdown templates") { |v| options[:all] = v }
|
211
|
+
opt.on("--models",
|
212
|
+
"Install only models and migrations (skip migrations by --no_migrations).") { |v| options[:models] = v }
|
213
|
+
opt.on("--management",
|
214
|
+
"Install management functionality. Which is --all minus --login. All models (migrations) included. ") { |v| options[:management] = v }
|
215
|
+
opt.on("--login",
|
216
|
+
"Install login functionality. Which is --all minus --management. All models (migrations) included. ") { |v| options[:login] = v }
|
217
|
+
opt.on("--no_migrations",
|
218
|
+
"Skip migrations installation") { |v| options[:no_migrations] = v }
|
219
|
+
end
|
220
|
+
|
221
|
+
end
|
@@ -0,0 +1,22 @@
|
|
1
|
+
class PermissionsController < ApplicationController
|
2
|
+
# GET /permissions
|
3
|
+
# GET /permissions.xml
|
4
|
+
def index
|
5
|
+
@permissions = Permission.find(:all)
|
6
|
+
|
7
|
+
respond_to do |format|
|
8
|
+
format.html # index.html.erb
|
9
|
+
format.xml { render :xml => @permissions }
|
10
|
+
end
|
11
|
+
end
|
12
|
+
|
13
|
+
# GET /permissions/1
|
14
|
+
# GET /permissions/1.xml
|
15
|
+
def show
|
16
|
+
@permission = Permission.find(params[:id])
|
17
|
+
respond_to do |format|
|
18
|
+
format.html # show.html.erb
|
19
|
+
format.xml { render :xml => @permission }
|
20
|
+
end
|
21
|
+
end
|
22
|
+
end
|
@@ -0,0 +1,38 @@
|
|
1
|
+
# This controller handles the login/logout function of the site.
|
2
|
+
class SessionsController < ApplicationController
|
3
|
+
def new
|
4
|
+
#Stub required for Lockdown to grant access
|
5
|
+
end
|
6
|
+
|
7
|
+
def create
|
8
|
+
password_authentication(params[:login], params[:password])
|
9
|
+
end
|
10
|
+
|
11
|
+
def destroy
|
12
|
+
logger.info "resetting session in sessions controller"
|
13
|
+
reset_session
|
14
|
+
flash[:notice] = "You have been logged out."
|
15
|
+
redirect_back_or_default('/')
|
16
|
+
end
|
17
|
+
|
18
|
+
protected
|
19
|
+
|
20
|
+
def password_authentication(login, password)
|
21
|
+
set_session_user(User.authenticate(login, password))
|
22
|
+
if logged_in?
|
23
|
+
successful_login
|
24
|
+
else
|
25
|
+
failed_login
|
26
|
+
end
|
27
|
+
end
|
28
|
+
|
29
|
+
def failed_login(message = 'Authentication failed.')
|
30
|
+
flash[:error] = message
|
31
|
+
redirect_back_or_default login_url
|
32
|
+
end
|
33
|
+
|
34
|
+
def successful_login
|
35
|
+
flash[:notice] = "Logged in successfully"
|
36
|
+
redirect_back_or_default Lockdown::System.fetch(:successful_login_path)
|
37
|
+
end
|
38
|
+
end
|
@@ -0,0 +1,113 @@
|
|
1
|
+
class UserGroupsController < ApplicationController
|
2
|
+
before_filter :find_user_group, :only => [:show, :edit, :update, :destroy]
|
3
|
+
after_filter :update_permissions, :only => [:create, :update]
|
4
|
+
|
5
|
+
# GET /user_groups
|
6
|
+
# GET /user_groups.xml
|
7
|
+
def index
|
8
|
+
@user_groups = UserGroup.find(:all)
|
9
|
+
|
10
|
+
respond_to do |format|
|
11
|
+
format.html # index.html.erb
|
12
|
+
format.xml { render :xml => @user_groups }
|
13
|
+
end
|
14
|
+
end
|
15
|
+
|
16
|
+
# GET /user_groups/1
|
17
|
+
# GET /user_groups/1.xml
|
18
|
+
def show
|
19
|
+
respond_to do |format|
|
20
|
+
format.html # show.html.erb
|
21
|
+
format.xml { render :xml => @user_group }
|
22
|
+
end
|
23
|
+
end
|
24
|
+
|
25
|
+
# GET /user_groups/new
|
26
|
+
# GET /user_groups/new.xml
|
27
|
+
def new
|
28
|
+
@user_group = UserGroup.new
|
29
|
+
@all_permissions = Lockdown::System.permissions_assignable_for_user(current_user)
|
30
|
+
|
31
|
+
respond_to do |format|
|
32
|
+
format.html # new.html.erb
|
33
|
+
format.xml { render :xml => @user_group }
|
34
|
+
end
|
35
|
+
end
|
36
|
+
|
37
|
+
# GET /user_groups/1/edit
|
38
|
+
def edit
|
39
|
+
@all_permissions = Lockdown::System.permissions_assignable_for_user(current_user)
|
40
|
+
end
|
41
|
+
|
42
|
+
# POST /user_groups
|
43
|
+
# POST /user_groups.xml
|
44
|
+
def create
|
45
|
+
@user_group = UserGroup.new(params[:user_group])
|
46
|
+
|
47
|
+
respond_to do |format|
|
48
|
+
if @user_group.save
|
49
|
+
flash[:notice] = 'UserGroup was successfully created.'
|
50
|
+
format.html { redirect_to(@user_group) }
|
51
|
+
format.xml { render :xml => @user_group, :status => :created, :location => @user_group }
|
52
|
+
else
|
53
|
+
@all_permissions = Lockdown::System.permissions_assignable_for_user(current_user)
|
54
|
+
format.html { render :action => "new" }
|
55
|
+
format.xml { render :xml => @user_group.errors, :status => :unprocessable_entity }
|
56
|
+
end
|
57
|
+
end
|
58
|
+
end
|
59
|
+
|
60
|
+
# PUT /user_groups/1
|
61
|
+
# PUT /user_groups/1.xml
|
62
|
+
def update
|
63
|
+
respond_to do |format|
|
64
|
+
if @user_group.update_attributes(params[:user_group])
|
65
|
+
flash[:notice] = 'UserGroup was successfully updated.'
|
66
|
+
format.html { redirect_to(@user_group) }
|
67
|
+
format.xml { head :ok }
|
68
|
+
else
|
69
|
+
@all_permissions = Lockdown::System.permissions_assignable_for_user(current_user)
|
70
|
+
format.html { render :action => "edit" }
|
71
|
+
format.xml { render :xml => @user_group.errors, :status => :unprocessable_entity }
|
72
|
+
end
|
73
|
+
end
|
74
|
+
end
|
75
|
+
|
76
|
+
# DELETE /user_groups/1
|
77
|
+
# DELETE /user_groups/1.xml
|
78
|
+
def destroy
|
79
|
+
@user_group.destroy
|
80
|
+
|
81
|
+
respond_to do |format|
|
82
|
+
format.html { redirect_to(user_groups_url) }
|
83
|
+
format.xml { head :ok }
|
84
|
+
end
|
85
|
+
end
|
86
|
+
|
87
|
+
private
|
88
|
+
|
89
|
+
def find_user_group
|
90
|
+
@user_group = UserGroup.find(params[:id])
|
91
|
+
if @action_name != "show" && Lockdown::System.has_user_group?(@user_group)
|
92
|
+
raise SecurityError,"Invalid attempt to modify user group."
|
93
|
+
end
|
94
|
+
end
|
95
|
+
|
96
|
+
def update_permissions
|
97
|
+
new_perm_ids = params.collect{|p| p[0].split("_")[1].to_i if p[0] =~ /^perm_/}.compact
|
98
|
+
#
|
99
|
+
# Removed previously associated permissions if not checked this time.
|
100
|
+
#
|
101
|
+
@user_group.permissions.dup.each do |p|
|
102
|
+
@user_group.permissions.delete(p) unless new_perm_ids.include?(p.id)
|
103
|
+
end
|
104
|
+
|
105
|
+
#
|
106
|
+
# Add in the new permissions
|
107
|
+
#
|
108
|
+
new_perm_ids.each do |id|
|
109
|
+
next if @user_group.permission_ids.include?(id)
|
110
|
+
@user_group.permissions << Permission.find(id)
|
111
|
+
end
|
112
|
+
end
|
113
|
+
end
|
@@ -0,0 +1,124 @@
|
|
1
|
+
class UsersController < ApplicationController
|
2
|
+
before_filter :find_user, :only => [:show, :edit, :update, :destroy]
|
3
|
+
after_filter :update_user_groups, :only => [:create, :update]
|
4
|
+
# GET /users
|
5
|
+
# GET /users.xml
|
6
|
+
def index
|
7
|
+
@users = User.find :all, :include => [:profile, :user_groups]
|
8
|
+
respond_to do |format|
|
9
|
+
format.html # index.html.erb
|
10
|
+
format.xml { render :xml => @users }
|
11
|
+
end
|
12
|
+
end
|
13
|
+
|
14
|
+
# GET /users/1
|
15
|
+
# GET /users/1.xml
|
16
|
+
def show
|
17
|
+
respond_to do |format|
|
18
|
+
format.html # show.html.erb
|
19
|
+
format.xml { render :xml => @user }
|
20
|
+
end
|
21
|
+
end
|
22
|
+
|
23
|
+
# GET /users/new
|
24
|
+
# GET /users/new.xml
|
25
|
+
def new
|
26
|
+
@user = User.new
|
27
|
+
@profile = Profile.new
|
28
|
+
@user_groups_for_user = Lockdown::System.user_groups_assignable_for_user(current_user)
|
29
|
+
respond_to do |format|
|
30
|
+
format.html # new.html.erb
|
31
|
+
format.xml { render :xml => @user }
|
32
|
+
end
|
33
|
+
end
|
34
|
+
|
35
|
+
# GET /users/1/edit
|
36
|
+
def edit
|
37
|
+
@user_groups_for_user = Lockdown::System.user_groups_assignable_for_user(current_user)
|
38
|
+
end
|
39
|
+
|
40
|
+
# POST /users
|
41
|
+
# POST /users.xml
|
42
|
+
def create
|
43
|
+
@user = User.new(params[:user])
|
44
|
+
@profile = Profile.new(params[:profile])
|
45
|
+
|
46
|
+
@user.profile = @profile
|
47
|
+
if @user.save
|
48
|
+
flash[:notice] = "Thanks for signing up!"
|
49
|
+
redirect_to(users_path)
|
50
|
+
else
|
51
|
+
@user_groups_for_user = Lockdown::System.user_groups_assignable_for_user(current_user)
|
52
|
+
flash[:error] = "Please correct the following issues"
|
53
|
+
render :action => "new"
|
54
|
+
end
|
55
|
+
end
|
56
|
+
|
57
|
+
# PUT /users/1
|
58
|
+
# PUT /users/1.xml
|
59
|
+
def update
|
60
|
+
@user.profile.attributes = params[:profile]
|
61
|
+
@user.attributes = params[:user]
|
62
|
+
|
63
|
+
respond_to do |format|
|
64
|
+
if @user.save
|
65
|
+
flash[:notice] = 'User was successfully updated.'
|
66
|
+
format.html { redirect_to(@user) }
|
67
|
+
format.xml { head :ok }
|
68
|
+
else
|
69
|
+
@user_groups_for_user = Lockdown::System.user_groups_assignable_for_user(current_user)
|
70
|
+
format.html { render :action => "edit" }
|
71
|
+
format.xml { render :xml => @user.errors, :status => :unprocessable_entity }
|
72
|
+
end
|
73
|
+
end
|
74
|
+
end
|
75
|
+
|
76
|
+
# DELETE /users/1
|
77
|
+
# DELETE /users/1.xml
|
78
|
+
def destroy
|
79
|
+
@user.destroy
|
80
|
+
|
81
|
+
respond_to do |format|
|
82
|
+
format.html { redirect_to(users_url) }
|
83
|
+
format.xml { head :ok }
|
84
|
+
end
|
85
|
+
end
|
86
|
+
|
87
|
+
def change_password
|
88
|
+
render :update do |page|
|
89
|
+
page.replace_html 'password', :partial => 'password'
|
90
|
+
end
|
91
|
+
end
|
92
|
+
|
93
|
+
private
|
94
|
+
|
95
|
+
def find_user
|
96
|
+
# Skip test if current user is an administrator
|
97
|
+
unless current_user_is_admin?
|
98
|
+
# Raise error if id not = current logged in user
|
99
|
+
raise SecurityError.new if (current_user_id != params[:id].to_i)
|
100
|
+
end
|
101
|
+
@user = User.find(params[:id])
|
102
|
+
raise SecurityError.new if @user.nil?
|
103
|
+
@profile = @user.profile
|
104
|
+
end
|
105
|
+
|
106
|
+
def update_user_groups
|
107
|
+
new_ug_ids = params.collect{|p| p[0].split("_")[1].to_i if p[0] =~ /^ug_/}.compact
|
108
|
+
#
|
109
|
+
# Removed previously associated user_groups if not checked this time.
|
110
|
+
#
|
111
|
+
@user.user_groups.dup.each do |g|
|
112
|
+
#Don't remove the automatically assigned user groups
|
113
|
+
next if Lockdown::System.has_user_group?(g)
|
114
|
+
@user.user_groups.delete(g) unless new_ug_ids.include?(g.id)
|
115
|
+
end
|
116
|
+
#
|
117
|
+
# Add in the new permissions
|
118
|
+
#
|
119
|
+
new_ug_ids.each do |id|
|
120
|
+
next if @user.user_group_ids.include?(id)
|
121
|
+
@user.user_groups << UserGroup.find(id)
|
122
|
+
end
|
123
|
+
end
|
124
|
+
end
|
@@ -0,0 +1,13 @@
|
|
1
|
+
module PermissionsHelper
|
2
|
+
def permission_name_value
|
3
|
+
h @permission.name
|
4
|
+
end
|
5
|
+
|
6
|
+
def permission_access_rights_value
|
7
|
+
Lockdown::System.access_rights_for_permission(@permission).collect{|r| r}.join("<br/>")
|
8
|
+
end
|
9
|
+
|
10
|
+
def permission_users_value
|
11
|
+
@permission.all_users.collect{|u| link_to_or_show(u.full_name, u)}.join("<br/>")
|
12
|
+
end
|
13
|
+
end
|
@@ -0,0 +1,35 @@
|
|
1
|
+
module UserGroupsHelper
|
2
|
+
def user_group_name_value
|
3
|
+
if @action_name == "show"
|
4
|
+
h @user_group.name
|
5
|
+
else
|
6
|
+
text_field_tag "user_group[name]", @user_group.name
|
7
|
+
end
|
8
|
+
end
|
9
|
+
|
10
|
+
def user_group_permissions_value
|
11
|
+
if @action_name == "show"
|
12
|
+
@user_group.permissions.collect{|p| p.name + "<br/>"}
|
13
|
+
else
|
14
|
+
rvalue = %{<ul id="all_permissions" class="checklist">}
|
15
|
+
@all_permissions.each_with_index do |perm,i|
|
16
|
+
bg = ( i % 2 == 0 ) ? "even" : "odd"
|
17
|
+
input_id = "perm_#{perm.id}"
|
18
|
+
checked = (@user_group.permission_ids.include?(perm.id) ? "checked" : "")
|
19
|
+
bg << "_" << checked if checked.length > 0
|
20
|
+
rvalue << <<-HTML
|
21
|
+
<li class="#{bg}">
|
22
|
+
<label id="lbl_#{input_id}" for="#{input_id}" onclick="do_highlight('#{input_id}')">
|
23
|
+
<input id="#{input_id}" name="#{input_id}" type="checkbox" #{checked}/> #{perm.name}
|
24
|
+
</label>
|
25
|
+
</li>
|
26
|
+
HTML
|
27
|
+
end
|
28
|
+
rvalue << "</ul>"
|
29
|
+
end
|
30
|
+
end
|
31
|
+
|
32
|
+
def user_group_users_value
|
33
|
+
@user_group.all_users.collect{|u| link_to_or_show(u.full_name, u)}.join("<br/>")
|
34
|
+
end
|
35
|
+
end
|