lockdown 0.8.1 → 0.9.0

data/README.txt

@@ -4,7 +4,7 @@ lockdown
 
 == DESCRIPTION:
 
-Lockdown is a authentication/authorization system for RubyOnRails (ver >= 2.1).
+Lockdown is an authorization system for RubyOnRails (ver >= 2.1).
 
 == INSTALL:
 

data/lib/lockdown/frameworks/rails/controller.rb

@@ -46,7 +46,8 @@ module Lockdown
             def set_current_user
               login_from_basic_auth? unless logged_in?
               if logged_in?
-                Thread.current[:profile_id] = current_profile_id
+                Thread.current[:who_did_it] = Lockdown::System.
+                  call(self, :who_did_it)
               end
             end
 
@@ -64,10 +65,7 @@ module Lockdown
             def check_session_expiry
               if session[:expiry_time] && session[:expiry_time] < Time.now
                 nil_lockdown_values
-                timeout_method = Lockdown::System.fetch(:session_timeout_method)
-                if timeout_method.is_a?(Symbol) && self.respond_to?(timeout_method)
-                  send(timeout_method) 
-                end
+                Lockdown::System.call(self, :session_timeout_method)
               end
               session[:expiry_time] = Time.now + Lockdown::System.fetch(:session_timeout)
             end
@@ -139,7 +137,11 @@ module Lockdown
             end
 
             def redirect_back_or_default(default)
-              session[:prevpage] ? redirect_to(session[:prevpage]) : redirect_to(default)
+              if session[:prevpage].nil? || session[:prevpage].blank?
+                redirect_to(default) 
+              else
+                redirect_to(session[:prevpage])
+              end
             end
     
             # Called from current_user.  Now, attempt to login by

data/lib/lockdown/frameworks/rails.rb

@@ -17,6 +17,7 @@ module Lockdown
         def mixin
           Lockdown.controller_parent.class_eval do
             include Lockdown::Frameworks::Rails::Controller::Lock
+            include Lockdown::Session
           end
           Lockdown.view_helper.class_eval do
             include Lockdown::Frameworks::Rails::View

data/lib/lockdown/orms/active_record.rb

@@ -46,20 +46,20 @@ module Lockdown
           end
         end
 
-        def current_profile_id
-          Thread.current[:profile_id]
+        def current_who_did_it
+          Thread.current[:who_did_it]
         end
 
         def create_with_stamps
-          profile_id = current_profile_id || Profile::SYSTEM
-          self[:created_by] = profile_id if self.respond_to?(:created_by) 
-          self[:updated_by] = profile_id if self.respond_to?(:updated_by) 
+          pid = current_who_did_it || Lockdown::System.fetch(:default_who_did_it)
+          self[:created_by] = pid if self.respond_to?(:created_by) 
+          self[:updated_by] = pid if self.respond_to?(:updated_by) 
           create_without_stamps
         end
                   
         def update_with_stamps
-          profile_id = current_profile_id || Profile::SYSTEM
-          self[:updated_by] = profile_id if self.respond_to?(:updated_by)
+          pid = current_who_did_it || Lockdown::System.fetch(:default_who_did_it)
+          self[:updated_by] = pid if self.respond_to?(:updated_by)
           update_without_stamps
         end
       end

data/lib/lockdown/rules.rb

@@ -25,6 +25,8 @@ module Lockdown
 
       @options = {
         :session_timeout => (60 * 60),
+        :who_did_it => :current_user_id,
+        :default_who_did_it => 1,
         :logout_on_access_violation => false,
         :access_denied_path => "/",
         :successful_login_path => "/",

data/lib/lockdown/session.rb

@@ -1,27 +1,31 @@
 module Lockdown
   module Session
+
     protected
 
-    def nil_lockdown_values
-      [:expiry_time, :user_id, :user_name, :user_profile_id, :access_rights].each do |val|
-        session[val] = nil if session[val]
+    def add_lockdown_session_values(user = nil)
+      user ||= current_user
+
+      if user
+        session[:access_rights] = Lockdown::System.access_rights_for_user(user)
+        session[:current_user_id] = user.id
       end
-    end 
-    
-    def current_user_access_in_group?(grp)
-      return true if current_user_is_admin?
-        Lockdown::System.user_groups[grp].each do |perm|
-          return true if access_in_perm?(perm)
-        end
-      false
+    end
+
+    def current_user_id
+      session[:current_user_id]
     end
 
     def current_user_is_admin?
       session[:access_rights] == :all
     end
 
-    def add_lockdown_session_values(user)
-      session[:access_rights] = Lockdown::System.access_rights_for_user(user)
+    def current_user_access_in_group?(grp)
+      return true if current_user_is_admin?
+        Lockdown::System.user_groups[grp].each do |perm|
+          return true if access_in_perm?(perm)
+        end
+      false
     end
 
     def access_in_perm?(perm)
@@ -37,5 +41,13 @@ module Lockdown
       return false unless session[:access_rights]
       session[:access_rights].include?(str)
     end
+
+    def reset_lockdown_session
+      [:expiry_time, :current_user_id, :access_rights].each do |val|
+        session[val] = nil if session[val]
+      end
+    end 
+
+    alias_method :nil_lockdown_values, :reset_lockdown_session
   end # Session
 end # Lockdown

data/lib/lockdown/system.rb

@@ -21,6 +21,13 @@ module Lockdown
       (@options||={})[key]
     end
 
+    def self.call(object, system_option)
+      method = fetch(system_option)
+      if method.is_a?(Symbol) && object.respond_to?(method)
+        object.send(method) 
+      end
+    end
+
     protected 
 
     def self.paths_for(str_sym, *methods)

data/lib/lockdown.rb

@@ -3,7 +3,7 @@ require File.join(File.dirname(__FILE__), "lockdown", "helper")
 module Lockdown
   extend Lockdown::Helper
 
-  VERSION = '0.8.1'
+  VERSION = '0.9.0'
 
   # Returns the version string for the library.
   def self.version

data/rails_generators/lockdown/lockdown_generator.rb

@@ -59,14 +59,9 @@ class LockdownGenerator < Rails::Generator::Base
         @m.file "lib/lockdown/init.rb", "lib/lockdown/init.rb"
       end
 
-      if options[:basics]
-        options[:skip_management] = true
-        options[:skip_login] = true
-      end
-
-      add_management unless options[:skip_management]
+      add_management if options[:add_management]
 
-      add_login unless options[:skip_login]
+      add_login if options[:add_login]
 
       add_models
       
@@ -115,17 +110,23 @@ class LockdownGenerator < Rails::Generator::Base
   def add_models
     @m.directory 'app/models'
 
-    write_model("permission")
-    write_model("user")
     write_model("user_group")
-    write_model("profile")
+    write_model("permission") 
+
+    if options[:add_lockdown_authentication]
+      write_model("user") 
+      write_model("profile") 
+    end
 
     unless options[:skip_migrations]
-      write_migration("create_profiles")
-      write_migration("create_users")
       write_migration("create_user_groups")
       write_migration("create_permissions")
-      write_migration("create_admin_user")
+
+      if options[:add_lockdown_authentication]
+        write_migration("create_profiles")
+        write_migration("create_users")
+        write_migration("create_admin_user")
+      end
     end
   end
 
@@ -203,18 +204,36 @@ EOS
   def add_options!(opt)
     opt.separator ''
     opt.separator 'Options:'
+
     opt.on("--namespace=admin",
-      "Install lockdown templates with a namespace, in this example 'admin'.") { |v| options[:namespace] = v }
-    opt.on("--skip-management",
-      "Only lib/lockdown and app/models are generated.") { |v| options[:skip_management] = v }
-    opt.on("--skip-login",
-      "Skips generation of session controller and views.") { |v| options[:skip_login] = v }
-    opt.on("--basics",
-      "Install only models and migrations.  Equivalent to skip-management and skip-login.") { |v| options[:basics] = v }
+      "Install lockdown templates with a namespace, in this example 'admin'.") do |v|
+        options[:namespace] = v 
+      end
+
+    opt.on("--add-lockdown-authentication",
+      "Create user model + --add-login functionality.") do |v| 
+        options[:add_lockdown_authentication] = v
+      end
+
+    opt.on("--add-management",
+      "Create user, user_group, permission management controllers and views.") do |v|
+        options[:add_management] = v
+      end
+
+    opt.on("--add-login",
+      "Create session controller and views.") do |v| 
+        options[:add_login] = v 
+      end
+
     opt.on("--skip-rules",
-        "Skip installation of lib/lockdown/init.rb lib/lockdown/session.rb") { |v| options[:skip_rules] = v }
+      "Skip installation of lib/lockdown/init.rb lib/lockdown/session.rb") do |v| 
+        options[:skip_rules] = v
+      end
+
     opt.on("--skip-migrations",
-      "Skip migrations installation") { |v| options[:skip_migrations] = v }
+      "Skip migrations installation") do |v| 
+        options[:skip_migrations] = v
+      end
   end
 
   def write_migration(str)

data/rails_generators/lockdown/templates/lib/lockdown/README

@@ -0,0 +1,39 @@
+#
+#                           !!!!IMPORTANT!!!!
+#
+#*** MUST define a current_user method that will return the current user object
+#
+#*** MUST define a logged_in? method that will return true if a user is logged in
+#
+#*** MUST add call to add_lockdown_session_values to your login method
+#
+#   # This method uses the current_user method.
+#   add_lockdown_session_values
+#
+#*** MAY NEED to add call to reset_lockdown_session to your logout method. 
+# ** Not needed if your authentication system resets the session
+#   
+#
+#
+#                       ~~~~Method Descriptions~~~~
+
+# The Lockdown gem defines these session methods:
+#
+# current_user_id: returns the id of the current_user
+#
+# current_user_is_admin?: returns true if user is assigned 
+# administrator rights.
+#
+# reset_lockdown_session: This will nil the following session values:
+#   current_user_id
+#   access_rights
+#   expiry_time
+#
+# current_user_access_in_group?(grp):  grp is a symbol referencing a 
+# Lockdown::UserGroups method such as :registered_users
+# Will return true if the session[:access_rights] contain at 
+# least one match to the access_right list associated to the group
+#
+# If you want access to any of these methods in your view, just add them 
+# as helpers in your controller (application controller for global use).
+#

data/rails_generators/lockdown/templates/lib/lockdown/init.rb

@@ -1,5 +1,3 @@
-require File.join(File.dirname(__FILE__), "session")
-
 Lockdown::System.configure do
 
   #~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
@@ -7,9 +5,27 @@ Lockdown::System.configure do
   #~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   # Options with defaults:
   #
+  # Set who_did_it method
+  #   This method is used in setting the created_by/updated_by fields and
+  #   should be accessible to the controller
+  #      options[:who_did_it] = :current_user_id
+  #
+  # Set default_who_did_it
+  #   When current_user_id returns nil, this is the value to use
+  #      options[:default_who_did_it] = 1
+  #
+  #   Should probably be something like:
+  #      options[:default_who_did_it] = User::SystemId
+  #
   # Set timeout to 1 hour:
   #       options[:session_timeout] = (60 * 60)
   #
+  # Set default_creator_id. This is the value assigned to created_by and/or
+  # updated_by when no one is logged in.  Think of it as the system id.
+  #
+  #   Lockdown version < 0.9.0 set this to:
+  #       options[:default_creator_id] = Profile::System
+  #
   # Call method when timeout occurs (method must be callable by controller):
   #       options[:session_timeout_method] = :clear_session_values
   #
@@ -44,6 +60,9 @@ Lockdown::System.configure do
   #  controller.  You can change this behaviour by chaining on except_methods or
   #  only_methods.  (see examples below)
   #
+  #  ** To define a namespaced controller use two underscores:
+  #     :admin__products
+  #
   # if products is your standard RESTful resource you'll get:
   #   ["products/index , "products/show",
   #    "products/new", "products/edit",

data/spec/lockdown/frameworks/rails/controller_spec.rb

@@ -64,13 +64,14 @@ describe Lockdown::Frameworks::Rails::Controller::Lock do
   end
 
   describe "#set_current_user" do
-    it "should set the profile_id in Thread.current" do
+    it "should set who_did_it  in Thread.current" do
+      Lockdown::System.stub!(:fetch).with(:who_did_it).and_return(:current_user_id)
       @controller.stub!(:logged_in?).and_return(true)
-      @controller.stub!(:current_profile_id).and_return(1234)
+      @controller.stub!(:current_user_id).and_return(1234)
 
       @controller.set_current_user
 
-      Thread.current[:profile_id].should == 1234
+      Thread.current[:who_did_it].should == 1234
     end
   end
 
@@ -206,8 +207,10 @@ describe Lockdown::Frameworks::Rails::Controller::Lock do
     end
 
     it "should redirect to session[:prevpage]" do
-      @session[:prevpage] = "/previous"
-      @controller.should_receive(:redirect_to).with("/previous")
+      path = "/previous"
+      path.stub!(:blank?).and_return(false)
+      @session[:prevpage] = path
+      @controller.should_receive(:redirect_to).with(path)
       @controller.redirect_back_or_default("/")
     end
   end

data/spec/lockdown/frameworks/rails/view_spec.rb

@@ -73,14 +73,14 @@ describe Lockdown::Frameworks::Rails::Controller do
 
   describe "#link_to_or_show" do
     it "should return links separated by | " do
+      Lockdown::System.stub!(:fetch).with(:link_separator).and_return(' | ')
       links = ["link_one", "link_two"]
-
       @view.links(links).should == links.join(' | ')
     end
 
     it "should return links separated by | and handle empty strings" do
+      Lockdown::System.stub!(:fetch).with(:link_separator).and_return(' | ')
       links = ["link_one", "link_two", ""]
-
       @view.links(links).should == links.join(' | ')
     end
   end

data/spec/lockdown/session_spec.rb

@@ -64,8 +64,9 @@ describe Lockdown::Session do
     it "should set the access_rights from the user list" do
       array  = ["posts/index", "posts/show"]
       Lockdown::System.stub!(:access_rights_for_user).and_return(array)
-      @controller.send(:add_lockdown_session_values,:user_object).
-        should == array
+      @controller.stub!(:current_user).and_return(:user_object)
+      @controller.send(:add_lockdown_session_values)
+      @session[:access_rights].should == array
     end
   end
 

data/tasks/rdoc.rake

@@ -19,10 +19,11 @@ namespace :doc do
             end
     rd.rdoc_files.push(*files)
 
-    title = "#{PROJ.name}-#{PROJ.version} Documentation"
-
+    name    = PROJ.name
     rf_name = PROJ.rubyforge.name
-    title = "#{rf_name}'s " + title if rf_name.valid? and rf_name != title
+
+    title = "#{name}-#{PROJ.version} Documentation"
+    title = "#{rf_name}'s " + title if rf_name.valid? and rf_name != name
 
     rd.options << "-t #{title}"
     rd.options.concat(rdoc.opts)

data/tasks/setup.rb

@@ -6,7 +6,7 @@ require 'fileutils'
 require 'ostruct'
 require 'find'
 
-class OpenStruct; undef :gem; end
+class OpenStruct; undef :gem if defined? :gem; end 
 
 # TODO: make my own openstruct type object that includes descriptions
 # TODO: use the descriptions to output help on the available bones options
@@ -124,9 +124,7 @@ import(*rakefiles)
 %w(lib ext).each {|dir| PROJ.libs << dir if test ?d, dir}
 
 # Setup some constants
-WIN32 = %r/djgpp|(cyg|ms|bcc)win|mingw/ =~ RUBY_PLATFORM unless defined? WIN32
-
-DEV_NULL = WIN32 ? 'NUL:' : '/dev/null'
+DEV_NULL = File.exist?('/dev/null') ? '/dev/null' : 'NUL:'
 
 def quiet( &block )
   io = [STDOUT.dup, STDERR.dup]
@@ -139,21 +137,15 @@ ensure
   $stdout, $stderr = STDOUT, STDERR
 end
 
-DIFF = if WIN32 then 'diff.exe'
-       else
-         if quiet {system "gdiff", __FILE__, __FILE__} then 'gdiff'
-         else 'diff' end
-       end unless defined? DIFF
-
-SUDO = if WIN32 then ''
-       else
-         if quiet {system 'which sudo'} then 'sudo'
-         else '' end
-       end
-
-RCOV = WIN32 ? 'rcov.bat' : 'rcov'
-RDOC = WIN32 ? 'rdoc.bat' : 'rdoc'
-GEM  = WIN32 ? 'gem.bat'  : 'gem'
+DIFF = if system("gdiff '#{__FILE__}' '#{__FILE__}' > #{DEV_NULL} 2>&1") then 'gdiff'
+       else 'diff' end unless defined? DIFF
+
+SUDO = if system("which sudo > #{DEV_NULL} 2>&1") then 'sudo'
+       else '' end unless defined? SUDO
+
+RCOV = "#{RUBY} -S rcov"
+RDOC = "#{RUBY} -S rdoc"
+GEM  = "#{RUBY} -S gem"
 
 %w(rcov spec/rake/spectask rubyforge bones facets/ansicode).each do |lib|
   begin

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification 
 name: lockdown
 version: !ruby/object:Gem::Version 
-  version: 0.8.1
+  version: 0.9.0
 platform: ruby
 authors: 
 - Andrew Stone
@@ -9,7 +9,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2009-02-12 00:00:00 -05:00
+date: 2009-03-22 00:00:00 -04:00
 default_executable: 
 dependencies: 
 - !ruby/object:Gem::Dependency 
@@ -20,9 +20,9 @@ dependencies:
     requirements: 
     - - ">="
       - !ruby/object:Gem::Version 
-        version: 2.4.0
+        version: 2.4.2
     version: 
-description: Lockdown is a authentication/authorization system for RubyOnRails (ver >= 2.1).
+description: Lockdown is an authorization system for RubyOnRails (ver >= 2.1).
 email: andy@stonean.com
 executables: []
 
@@ -32,7 +32,6 @@ extra_rdoc_files:
 - History.txt
 - README.txt
 files: 
-- .DS_Store
 - History.txt
 - README.txt
 - Rakefile
@@ -48,10 +47,7 @@ files:
 - lib/lockdown/rules.rb
 - lib/lockdown/session.rb
 - lib/lockdown/system.rb
-- rails_generators/.DS_Store
-- rails_generators/lockdown/.DS_Store
 - rails_generators/lockdown/lockdown_generator.rb
-- rails_generators/lockdown/templates/.DS_Store
 - rails_generators/lockdown/templates/app/controllers/permissions_controller.rb
 - rails_generators/lockdown/templates/app/controllers/sessions_controller.rb
 - rails_generators/lockdown/templates/app/controllers/user_groups_controller.rb
@@ -80,9 +76,8 @@ files:
 - rails_generators/lockdown/templates/db/migrate/create_profiles.rb
 - rails_generators/lockdown/templates/db/migrate/create_user_groups.rb
 - rails_generators/lockdown/templates/db/migrate/create_users.rb
-- rails_generators/lockdown/templates/lib/.DS_Store
+- rails_generators/lockdown/templates/lib/lockdown/README
 - rails_generators/lockdown/templates/lib/lockdown/init.rb
-- rails_generators/lockdown/templates/lib/lockdown/session.rb
 - spec/lockdown/database_spec.rb
 - spec/lockdown/frameworks/rails/controller_spec.rb
 - spec/lockdown/frameworks/rails/view_spec.rb
@@ -133,6 +128,6 @@ rubyforge_project: lockdown
 rubygems_version: 1.3.1
 signing_key: 
 specification_version: 2
-summary: Lockdown is a authentication/authorization system for RubyOnRails (ver >= 2
+summary: Lockdown is an authorization system for RubyOnRails (ver >= 2
 test_files: []
 

data/rails_generators/lockdown/templates/lib/lockdown/session.rb

@@ -1,68 +0,0 @@
-module Lockdown
-  #
-  # The Lockdown gem defines additional Session methods:
-  #
-  #  current_user_is_admin?: returns true if user is assigned 
-  #  administrator rights.
-  #
-  #  nil_lockdown_values:  This will nil all session values starting with 
-  #  user_ or access_ or expiry
-  #
-  #  current_user_access_in_group?(grp):  grp is a symbol referencing a 
-  #  Lockdown::UserGroups method such as :registered_users
-  #  Will return true if the session[:access_rights] contain at 
-  #  least one match to the access_right list associated to the group
-  #
-  module Session
-    protected
-
-    def set_session_user(user)
-      if user.nil?
-        nil_lockdown_values
-        return
-      end
-      session[:user_id] = user.id
-      session[:user_name] =  user.full_name
-      session[:user_profile_id] = user.profile.id
-
-      #
-      # If you remove this method, you will not gain access to any 
-      # protected resources
-      #
-      add_lockdown_session_values(user)
-    end
-      
-    def logged_in?
-      current_user_id > 0
-    end
-
-    def current_user_id
-      return session[:user_id] || -1
-    end
-
-    def current_user_name
-      session[:user_name]
-    end
-      
-    def current_profile_id
-      return session[:user_profile_id] || -1
-    end
-
-    def current_user
-      return current_user_id > 0 ? User.find(current_user_id, :include => [:profile, :user_groups]) : nil
-    end
-  
-  end # Session module
-end # Lockdown module
-
-ActionController::Base.class_eval do
-  include Lockdown::Session
-
-  helper_method :logged_in?, 
-    :current_user,
-    :current_user_name, 
-    :current_user_id, 
-    :current_profile_id,
-    :current_user_is_admin?,
-    :current_user_access_in_group?
-end