lockdown 0.8.1 → 0.9.0

Sign up to get free protection for your applications and to get access to all the features.
data/README.txt CHANGED
@@ -4,7 +4,7 @@ lockdown
4
4
 
5
5
  == DESCRIPTION:
6
6
 
7
- Lockdown is a authentication/authorization system for RubyOnRails (ver >= 2.1).
7
+ Lockdown is an authorization system for RubyOnRails (ver >= 2.1).
8
8
 
9
9
  == INSTALL:
10
10
 
@@ -46,7 +46,8 @@ module Lockdown
46
46
  def set_current_user
47
47
  login_from_basic_auth? unless logged_in?
48
48
  if logged_in?
49
- Thread.current[:profile_id] = current_profile_id
49
+ Thread.current[:who_did_it] = Lockdown::System.
50
+ call(self, :who_did_it)
50
51
  end
51
52
  end
52
53
 
@@ -64,10 +65,7 @@ module Lockdown
64
65
  def check_session_expiry
65
66
  if session[:expiry_time] && session[:expiry_time] < Time.now
66
67
  nil_lockdown_values
67
- timeout_method = Lockdown::System.fetch(:session_timeout_method)
68
- if timeout_method.is_a?(Symbol) && self.respond_to?(timeout_method)
69
- send(timeout_method)
70
- end
68
+ Lockdown::System.call(self, :session_timeout_method)
71
69
  end
72
70
  session[:expiry_time] = Time.now + Lockdown::System.fetch(:session_timeout)
73
71
  end
@@ -139,7 +137,11 @@ module Lockdown
139
137
  end
140
138
 
141
139
  def redirect_back_or_default(default)
142
- session[:prevpage] ? redirect_to(session[:prevpage]) : redirect_to(default)
140
+ if session[:prevpage].nil? || session[:prevpage].blank?
141
+ redirect_to(default)
142
+ else
143
+ redirect_to(session[:prevpage])
144
+ end
143
145
  end
144
146
 
145
147
  # Called from current_user. Now, attempt to login by
@@ -17,6 +17,7 @@ module Lockdown
17
17
  def mixin
18
18
  Lockdown.controller_parent.class_eval do
19
19
  include Lockdown::Frameworks::Rails::Controller::Lock
20
+ include Lockdown::Session
20
21
  end
21
22
  Lockdown.view_helper.class_eval do
22
23
  include Lockdown::Frameworks::Rails::View
@@ -46,20 +46,20 @@ module Lockdown
46
46
  end
47
47
  end
48
48
 
49
- def current_profile_id
50
- Thread.current[:profile_id]
49
+ def current_who_did_it
50
+ Thread.current[:who_did_it]
51
51
  end
52
52
 
53
53
  def create_with_stamps
54
- profile_id = current_profile_id || Profile::SYSTEM
55
- self[:created_by] = profile_id if self.respond_to?(:created_by)
56
- self[:updated_by] = profile_id if self.respond_to?(:updated_by)
54
+ pid = current_who_did_it || Lockdown::System.fetch(:default_who_did_it)
55
+ self[:created_by] = pid if self.respond_to?(:created_by)
56
+ self[:updated_by] = pid if self.respond_to?(:updated_by)
57
57
  create_without_stamps
58
58
  end
59
59
 
60
60
  def update_with_stamps
61
- profile_id = current_profile_id || Profile::SYSTEM
62
- self[:updated_by] = profile_id if self.respond_to?(:updated_by)
61
+ pid = current_who_did_it || Lockdown::System.fetch(:default_who_did_it)
62
+ self[:updated_by] = pid if self.respond_to?(:updated_by)
63
63
  update_without_stamps
64
64
  end
65
65
  end
@@ -25,6 +25,8 @@ module Lockdown
25
25
 
26
26
  @options = {
27
27
  :session_timeout => (60 * 60),
28
+ :who_did_it => :current_user_id,
29
+ :default_who_did_it => 1,
28
30
  :logout_on_access_violation => false,
29
31
  :access_denied_path => "/",
30
32
  :successful_login_path => "/",
@@ -1,27 +1,31 @@
1
1
  module Lockdown
2
2
  module Session
3
+
3
4
  protected
4
5
 
5
- def nil_lockdown_values
6
- [:expiry_time, :user_id, :user_name, :user_profile_id, :access_rights].each do |val|
7
- session[val] = nil if session[val]
6
+ def add_lockdown_session_values(user = nil)
7
+ user ||= current_user
8
+
9
+ if user
10
+ session[:access_rights] = Lockdown::System.access_rights_for_user(user)
11
+ session[:current_user_id] = user.id
8
12
  end
9
- end
10
-
11
- def current_user_access_in_group?(grp)
12
- return true if current_user_is_admin?
13
- Lockdown::System.user_groups[grp].each do |perm|
14
- return true if access_in_perm?(perm)
15
- end
16
- false
13
+ end
14
+
15
+ def current_user_id
16
+ session[:current_user_id]
17
17
  end
18
18
 
19
19
  def current_user_is_admin?
20
20
  session[:access_rights] == :all
21
21
  end
22
22
 
23
- def add_lockdown_session_values(user)
24
- session[:access_rights] = Lockdown::System.access_rights_for_user(user)
23
+ def current_user_access_in_group?(grp)
24
+ return true if current_user_is_admin?
25
+ Lockdown::System.user_groups[grp].each do |perm|
26
+ return true if access_in_perm?(perm)
27
+ end
28
+ false
25
29
  end
26
30
 
27
31
  def access_in_perm?(perm)
@@ -37,5 +41,13 @@ module Lockdown
37
41
  return false unless session[:access_rights]
38
42
  session[:access_rights].include?(str)
39
43
  end
44
+
45
+ def reset_lockdown_session
46
+ [:expiry_time, :current_user_id, :access_rights].each do |val|
47
+ session[val] = nil if session[val]
48
+ end
49
+ end
50
+
51
+ alias_method :nil_lockdown_values, :reset_lockdown_session
40
52
  end # Session
41
53
  end # Lockdown
@@ -21,6 +21,13 @@ module Lockdown
21
21
  (@options||={})[key]
22
22
  end
23
23
 
24
+ def self.call(object, system_option)
25
+ method = fetch(system_option)
26
+ if method.is_a?(Symbol) && object.respond_to?(method)
27
+ object.send(method)
28
+ end
29
+ end
30
+
24
31
  protected
25
32
 
26
33
  def self.paths_for(str_sym, *methods)
data/lib/lockdown.rb CHANGED
@@ -3,7 +3,7 @@ require File.join(File.dirname(__FILE__), "lockdown", "helper")
3
3
  module Lockdown
4
4
  extend Lockdown::Helper
5
5
 
6
- VERSION = '0.8.1'
6
+ VERSION = '0.9.0'
7
7
 
8
8
  # Returns the version string for the library.
9
9
  def self.version
@@ -59,14 +59,9 @@ class LockdownGenerator < Rails::Generator::Base
59
59
  @m.file "lib/lockdown/init.rb", "lib/lockdown/init.rb"
60
60
  end
61
61
 
62
- if options[:basics]
63
- options[:skip_management] = true
64
- options[:skip_login] = true
65
- end
66
-
67
- add_management unless options[:skip_management]
62
+ add_management if options[:add_management]
68
63
 
69
- add_login unless options[:skip_login]
64
+ add_login if options[:add_login]
70
65
 
71
66
  add_models
72
67
 
@@ -115,17 +110,23 @@ class LockdownGenerator < Rails::Generator::Base
115
110
  def add_models
116
111
  @m.directory 'app/models'
117
112
 
118
- write_model("permission")
119
- write_model("user")
120
113
  write_model("user_group")
121
- write_model("profile")
114
+ write_model("permission")
115
+
116
+ if options[:add_lockdown_authentication]
117
+ write_model("user")
118
+ write_model("profile")
119
+ end
122
120
 
123
121
  unless options[:skip_migrations]
124
- write_migration("create_profiles")
125
- write_migration("create_users")
126
122
  write_migration("create_user_groups")
127
123
  write_migration("create_permissions")
128
- write_migration("create_admin_user")
124
+
125
+ if options[:add_lockdown_authentication]
126
+ write_migration("create_profiles")
127
+ write_migration("create_users")
128
+ write_migration("create_admin_user")
129
+ end
129
130
  end
130
131
  end
131
132
 
@@ -203,18 +204,36 @@ EOS
203
204
  def add_options!(opt)
204
205
  opt.separator ''
205
206
  opt.separator 'Options:'
207
+
206
208
  opt.on("--namespace=admin",
207
- "Install lockdown templates with a namespace, in this example 'admin'.") { |v| options[:namespace] = v }
208
- opt.on("--skip-management",
209
- "Only lib/lockdown and app/models are generated.") { |v| options[:skip_management] = v }
210
- opt.on("--skip-login",
211
- "Skips generation of session controller and views.") { |v| options[:skip_login] = v }
212
- opt.on("--basics",
213
- "Install only models and migrations. Equivalent to skip-management and skip-login.") { |v| options[:basics] = v }
209
+ "Install lockdown templates with a namespace, in this example 'admin'.") do |v|
210
+ options[:namespace] = v
211
+ end
212
+
213
+ opt.on("--add-lockdown-authentication",
214
+ "Create user model + --add-login functionality.") do |v|
215
+ options[:add_lockdown_authentication] = v
216
+ end
217
+
218
+ opt.on("--add-management",
219
+ "Create user, user_group, permission management controllers and views.") do |v|
220
+ options[:add_management] = v
221
+ end
222
+
223
+ opt.on("--add-login",
224
+ "Create session controller and views.") do |v|
225
+ options[:add_login] = v
226
+ end
227
+
214
228
  opt.on("--skip-rules",
215
- "Skip installation of lib/lockdown/init.rb lib/lockdown/session.rb") { |v| options[:skip_rules] = v }
229
+ "Skip installation of lib/lockdown/init.rb lib/lockdown/session.rb") do |v|
230
+ options[:skip_rules] = v
231
+ end
232
+
216
233
  opt.on("--skip-migrations",
217
- "Skip migrations installation") { |v| options[:skip_migrations] = v }
234
+ "Skip migrations installation") do |v|
235
+ options[:skip_migrations] = v
236
+ end
218
237
  end
219
238
 
220
239
  def write_migration(str)
@@ -0,0 +1,39 @@
1
+ #
2
+ # !!!!IMPORTANT!!!!
3
+ #
4
+ #*** MUST define a current_user method that will return the current user object
5
+ #
6
+ #*** MUST define a logged_in? method that will return true if a user is logged in
7
+ #
8
+ #*** MUST add call to add_lockdown_session_values to your login method
9
+ #
10
+ # # This method uses the current_user method.
11
+ # add_lockdown_session_values
12
+ #
13
+ #*** MAY NEED to add call to reset_lockdown_session to your logout method.
14
+ # ** Not needed if your authentication system resets the session
15
+ #
16
+ #
17
+ #
18
+ # ~~~~Method Descriptions~~~~
19
+
20
+ # The Lockdown gem defines these session methods:
21
+ #
22
+ # current_user_id: returns the id of the current_user
23
+ #
24
+ # current_user_is_admin?: returns true if user is assigned
25
+ # administrator rights.
26
+ #
27
+ # reset_lockdown_session: This will nil the following session values:
28
+ # current_user_id
29
+ # access_rights
30
+ # expiry_time
31
+ #
32
+ # current_user_access_in_group?(grp): grp is a symbol referencing a
33
+ # Lockdown::UserGroups method such as :registered_users
34
+ # Will return true if the session[:access_rights] contain at
35
+ # least one match to the access_right list associated to the group
36
+ #
37
+ # If you want access to any of these methods in your view, just add them
38
+ # as helpers in your controller (application controller for global use).
39
+ #
@@ -1,5 +1,3 @@
1
- require File.join(File.dirname(__FILE__), "session")
2
-
3
1
  Lockdown::System.configure do
4
2
 
5
3
  #~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
@@ -7,9 +5,27 @@ Lockdown::System.configure do
7
5
  #~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
8
6
  # Options with defaults:
9
7
  #
8
+ # Set who_did_it method
9
+ # This method is used in setting the created_by/updated_by fields and
10
+ # should be accessible to the controller
11
+ # options[:who_did_it] = :current_user_id
12
+ #
13
+ # Set default_who_did_it
14
+ # When current_user_id returns nil, this is the value to use
15
+ # options[:default_who_did_it] = 1
16
+ #
17
+ # Should probably be something like:
18
+ # options[:default_who_did_it] = User::SystemId
19
+ #
10
20
  # Set timeout to 1 hour:
11
21
  # options[:session_timeout] = (60 * 60)
12
22
  #
23
+ # Set default_creator_id. This is the value assigned to created_by and/or
24
+ # updated_by when no one is logged in. Think of it as the system id.
25
+ #
26
+ # Lockdown version < 0.9.0 set this to:
27
+ # options[:default_creator_id] = Profile::System
28
+ #
13
29
  # Call method when timeout occurs (method must be callable by controller):
14
30
  # options[:session_timeout_method] = :clear_session_values
15
31
  #
@@ -44,6 +60,9 @@ Lockdown::System.configure do
44
60
  # controller. You can change this behaviour by chaining on except_methods or
45
61
  # only_methods. (see examples below)
46
62
  #
63
+ # ** To define a namespaced controller use two underscores:
64
+ # :admin__products
65
+ #
47
66
  # if products is your standard RESTful resource you'll get:
48
67
  # ["products/index , "products/show",
49
68
  # "products/new", "products/edit",
@@ -64,13 +64,14 @@ describe Lockdown::Frameworks::Rails::Controller::Lock do
64
64
  end
65
65
 
66
66
  describe "#set_current_user" do
67
- it "should set the profile_id in Thread.current" do
67
+ it "should set who_did_it in Thread.current" do
68
+ Lockdown::System.stub!(:fetch).with(:who_did_it).and_return(:current_user_id)
68
69
  @controller.stub!(:logged_in?).and_return(true)
69
- @controller.stub!(:current_profile_id).and_return(1234)
70
+ @controller.stub!(:current_user_id).and_return(1234)
70
71
 
71
72
  @controller.set_current_user
72
73
 
73
- Thread.current[:profile_id].should == 1234
74
+ Thread.current[:who_did_it].should == 1234
74
75
  end
75
76
  end
76
77
 
@@ -206,8 +207,10 @@ describe Lockdown::Frameworks::Rails::Controller::Lock do
206
207
  end
207
208
 
208
209
  it "should redirect to session[:prevpage]" do
209
- @session[:prevpage] = "/previous"
210
- @controller.should_receive(:redirect_to).with("/previous")
210
+ path = "/previous"
211
+ path.stub!(:blank?).and_return(false)
212
+ @session[:prevpage] = path
213
+ @controller.should_receive(:redirect_to).with(path)
211
214
  @controller.redirect_back_or_default("/")
212
215
  end
213
216
  end
@@ -73,14 +73,14 @@ describe Lockdown::Frameworks::Rails::Controller do
73
73
 
74
74
  describe "#link_to_or_show" do
75
75
  it "should return links separated by | " do
76
+ Lockdown::System.stub!(:fetch).with(:link_separator).and_return(' | ')
76
77
  links = ["link_one", "link_two"]
77
-
78
78
  @view.links(links).should == links.join(' | ')
79
79
  end
80
80
 
81
81
  it "should return links separated by | and handle empty strings" do
82
+ Lockdown::System.stub!(:fetch).with(:link_separator).and_return(' | ')
82
83
  links = ["link_one", "link_two", ""]
83
-
84
84
  @view.links(links).should == links.join(' | ')
85
85
  end
86
86
  end
@@ -64,8 +64,9 @@ describe Lockdown::Session do
64
64
  it "should set the access_rights from the user list" do
65
65
  array = ["posts/index", "posts/show"]
66
66
  Lockdown::System.stub!(:access_rights_for_user).and_return(array)
67
- @controller.send(:add_lockdown_session_values,:user_object).
68
- should == array
67
+ @controller.stub!(:current_user).and_return(:user_object)
68
+ @controller.send(:add_lockdown_session_values)
69
+ @session[:access_rights].should == array
69
70
  end
70
71
  end
71
72
 
data/tasks/rdoc.rake CHANGED
@@ -19,10 +19,11 @@ namespace :doc do
19
19
  end
20
20
  rd.rdoc_files.push(*files)
21
21
 
22
- title = "#{PROJ.name}-#{PROJ.version} Documentation"
23
-
22
+ name = PROJ.name
24
23
  rf_name = PROJ.rubyforge.name
25
- title = "#{rf_name}'s " + title if rf_name.valid? and rf_name != title
24
+
25
+ title = "#{name}-#{PROJ.version} Documentation"
26
+ title = "#{rf_name}'s " + title if rf_name.valid? and rf_name != name
26
27
 
27
28
  rd.options << "-t #{title}"
28
29
  rd.options.concat(rdoc.opts)
data/tasks/setup.rb CHANGED
@@ -6,7 +6,7 @@ require 'fileutils'
6
6
  require 'ostruct'
7
7
  require 'find'
8
8
 
9
- class OpenStruct; undef :gem; end
9
+ class OpenStruct; undef :gem if defined? :gem; end
10
10
 
11
11
  # TODO: make my own openstruct type object that includes descriptions
12
12
  # TODO: use the descriptions to output help on the available bones options
@@ -124,9 +124,7 @@ import(*rakefiles)
124
124
  %w(lib ext).each {|dir| PROJ.libs << dir if test ?d, dir}
125
125
 
126
126
  # Setup some constants
127
- WIN32 = %r/djgpp|(cyg|ms|bcc)win|mingw/ =~ RUBY_PLATFORM unless defined? WIN32
128
-
129
- DEV_NULL = WIN32 ? 'NUL:' : '/dev/null'
127
+ DEV_NULL = File.exist?('/dev/null') ? '/dev/null' : 'NUL:'
130
128
 
131
129
  def quiet( &block )
132
130
  io = [STDOUT.dup, STDERR.dup]
@@ -139,21 +137,15 @@ ensure
139
137
  $stdout, $stderr = STDOUT, STDERR
140
138
  end
141
139
 
142
- DIFF = if WIN32 then 'diff.exe'
143
- else
144
- if quiet {system "gdiff", __FILE__, __FILE__} then 'gdiff'
145
- else 'diff' end
146
- end unless defined? DIFF
147
-
148
- SUDO = if WIN32 then ''
149
- else
150
- if quiet {system 'which sudo'} then 'sudo'
151
- else '' end
152
- end
153
-
154
- RCOV = WIN32 ? 'rcov.bat' : 'rcov'
155
- RDOC = WIN32 ? 'rdoc.bat' : 'rdoc'
156
- GEM = WIN32 ? 'gem.bat' : 'gem'
140
+ DIFF = if system("gdiff '#{__FILE__}' '#{__FILE__}' > #{DEV_NULL} 2>&1") then 'gdiff'
141
+ else 'diff' end unless defined? DIFF
142
+
143
+ SUDO = if system("which sudo > #{DEV_NULL} 2>&1") then 'sudo'
144
+ else '' end unless defined? SUDO
145
+
146
+ RCOV = "#{RUBY} -S rcov"
147
+ RDOC = "#{RUBY} -S rdoc"
148
+ GEM = "#{RUBY} -S gem"
157
149
 
158
150
  %w(rcov spec/rake/spectask rubyforge bones facets/ansicode).each do |lib|
159
151
  begin
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: lockdown
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.8.1
4
+ version: 0.9.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Andrew Stone
@@ -9,7 +9,7 @@ autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
11
 
12
- date: 2009-02-12 00:00:00 -05:00
12
+ date: 2009-03-22 00:00:00 -04:00
13
13
  default_executable:
14
14
  dependencies:
15
15
  - !ruby/object:Gem::Dependency
@@ -20,9 +20,9 @@ dependencies:
20
20
  requirements:
21
21
  - - ">="
22
22
  - !ruby/object:Gem::Version
23
- version: 2.4.0
23
+ version: 2.4.2
24
24
  version:
25
- description: Lockdown is a authentication/authorization system for RubyOnRails (ver >= 2.1).
25
+ description: Lockdown is an authorization system for RubyOnRails (ver >= 2.1).
26
26
  email: andy@stonean.com
27
27
  executables: []
28
28
 
@@ -32,7 +32,6 @@ extra_rdoc_files:
32
32
  - History.txt
33
33
  - README.txt
34
34
  files:
35
- - .DS_Store
36
35
  - History.txt
37
36
  - README.txt
38
37
  - Rakefile
@@ -48,10 +47,7 @@ files:
48
47
  - lib/lockdown/rules.rb
49
48
  - lib/lockdown/session.rb
50
49
  - lib/lockdown/system.rb
51
- - rails_generators/.DS_Store
52
- - rails_generators/lockdown/.DS_Store
53
50
  - rails_generators/lockdown/lockdown_generator.rb
54
- - rails_generators/lockdown/templates/.DS_Store
55
51
  - rails_generators/lockdown/templates/app/controllers/permissions_controller.rb
56
52
  - rails_generators/lockdown/templates/app/controllers/sessions_controller.rb
57
53
  - rails_generators/lockdown/templates/app/controllers/user_groups_controller.rb
@@ -80,9 +76,8 @@ files:
80
76
  - rails_generators/lockdown/templates/db/migrate/create_profiles.rb
81
77
  - rails_generators/lockdown/templates/db/migrate/create_user_groups.rb
82
78
  - rails_generators/lockdown/templates/db/migrate/create_users.rb
83
- - rails_generators/lockdown/templates/lib/.DS_Store
79
+ - rails_generators/lockdown/templates/lib/lockdown/README
84
80
  - rails_generators/lockdown/templates/lib/lockdown/init.rb
85
- - rails_generators/lockdown/templates/lib/lockdown/session.rb
86
81
  - spec/lockdown/database_spec.rb
87
82
  - spec/lockdown/frameworks/rails/controller_spec.rb
88
83
  - spec/lockdown/frameworks/rails/view_spec.rb
@@ -133,6 +128,6 @@ rubyforge_project: lockdown
133
128
  rubygems_version: 1.3.1
134
129
  signing_key:
135
130
  specification_version: 2
136
- summary: Lockdown is a authentication/authorization system for RubyOnRails (ver >= 2
131
+ summary: Lockdown is an authorization system for RubyOnRails (ver >= 2
137
132
  test_files: []
138
133
 
data/.DS_Store DELETED
Binary file
Binary file
Binary file
@@ -1,68 +0,0 @@
1
- module Lockdown
2
- #
3
- # The Lockdown gem defines additional Session methods:
4
- #
5
- # current_user_is_admin?: returns true if user is assigned
6
- # administrator rights.
7
- #
8
- # nil_lockdown_values: This will nil all session values starting with
9
- # user_ or access_ or expiry
10
- #
11
- # current_user_access_in_group?(grp): grp is a symbol referencing a
12
- # Lockdown::UserGroups method such as :registered_users
13
- # Will return true if the session[:access_rights] contain at
14
- # least one match to the access_right list associated to the group
15
- #
16
- module Session
17
- protected
18
-
19
- def set_session_user(user)
20
- if user.nil?
21
- nil_lockdown_values
22
- return
23
- end
24
- session[:user_id] = user.id
25
- session[:user_name] = user.full_name
26
- session[:user_profile_id] = user.profile.id
27
-
28
- #
29
- # If you remove this method, you will not gain access to any
30
- # protected resources
31
- #
32
- add_lockdown_session_values(user)
33
- end
34
-
35
- def logged_in?
36
- current_user_id > 0
37
- end
38
-
39
- def current_user_id
40
- return session[:user_id] || -1
41
- end
42
-
43
- def current_user_name
44
- session[:user_name]
45
- end
46
-
47
- def current_profile_id
48
- return session[:user_profile_id] || -1
49
- end
50
-
51
- def current_user
52
- return current_user_id > 0 ? User.find(current_user_id, :include => [:profile, :user_groups]) : nil
53
- end
54
-
55
- end # Session module
56
- end # Lockdown module
57
-
58
- ActionController::Base.class_eval do
59
- include Lockdown::Session
60
-
61
- helper_method :logged_in?,
62
- :current_user,
63
- :current_user_name,
64
- :current_user_id,
65
- :current_profile_id,
66
- :current_user_is_admin?,
67
- :current_user_access_in_group?
68
- end