lockdown 0.8.1 → 0.9.0
Sign up to get free protection for your applications and to get access to all the features.
- data/README.txt +1 -1
- data/lib/lockdown/frameworks/rails/controller.rb +8 -6
- data/lib/lockdown/frameworks/rails.rb +1 -0
- data/lib/lockdown/orms/active_record.rb +7 -7
- data/lib/lockdown/rules.rb +2 -0
- data/lib/lockdown/session.rb +25 -13
- data/lib/lockdown/system.rb +7 -0
- data/lib/lockdown.rb +1 -1
- data/rails_generators/lockdown/lockdown_generator.rb +41 -22
- data/rails_generators/lockdown/templates/lib/lockdown/README +39 -0
- data/rails_generators/lockdown/templates/lib/lockdown/init.rb +21 -2
- data/spec/lockdown/frameworks/rails/controller_spec.rb +8 -5
- data/spec/lockdown/frameworks/rails/view_spec.rb +2 -2
- data/spec/lockdown/session_spec.rb +3 -2
- data/tasks/rdoc.rake +4 -3
- data/tasks/setup.rb +11 -19
- metadata +6 -11
- data/.DS_Store +0 -0
- data/rails_generators/.DS_Store +0 -0
- data/rails_generators/lockdown/.DS_Store +0 -0
- data/rails_generators/lockdown/templates/.DS_Store +0 -0
- data/rails_generators/lockdown/templates/lib/.DS_Store +0 -0
- data/rails_generators/lockdown/templates/lib/lockdown/session.rb +0 -68
data/README.txt
CHANGED
@@ -46,7 +46,8 @@ module Lockdown
|
|
46
46
|
def set_current_user
|
47
47
|
login_from_basic_auth? unless logged_in?
|
48
48
|
if logged_in?
|
49
|
-
Thread.current[:
|
49
|
+
Thread.current[:who_did_it] = Lockdown::System.
|
50
|
+
call(self, :who_did_it)
|
50
51
|
end
|
51
52
|
end
|
52
53
|
|
@@ -64,10 +65,7 @@ module Lockdown
|
|
64
65
|
def check_session_expiry
|
65
66
|
if session[:expiry_time] && session[:expiry_time] < Time.now
|
66
67
|
nil_lockdown_values
|
67
|
-
|
68
|
-
if timeout_method.is_a?(Symbol) && self.respond_to?(timeout_method)
|
69
|
-
send(timeout_method)
|
70
|
-
end
|
68
|
+
Lockdown::System.call(self, :session_timeout_method)
|
71
69
|
end
|
72
70
|
session[:expiry_time] = Time.now + Lockdown::System.fetch(:session_timeout)
|
73
71
|
end
|
@@ -139,7 +137,11 @@ module Lockdown
|
|
139
137
|
end
|
140
138
|
|
141
139
|
def redirect_back_or_default(default)
|
142
|
-
session[:prevpage]
|
140
|
+
if session[:prevpage].nil? || session[:prevpage].blank?
|
141
|
+
redirect_to(default)
|
142
|
+
else
|
143
|
+
redirect_to(session[:prevpage])
|
144
|
+
end
|
143
145
|
end
|
144
146
|
|
145
147
|
# Called from current_user. Now, attempt to login by
|
@@ -46,20 +46,20 @@ module Lockdown
|
|
46
46
|
end
|
47
47
|
end
|
48
48
|
|
49
|
-
def
|
50
|
-
Thread.current[:
|
49
|
+
def current_who_did_it
|
50
|
+
Thread.current[:who_did_it]
|
51
51
|
end
|
52
52
|
|
53
53
|
def create_with_stamps
|
54
|
-
|
55
|
-
self[:created_by] =
|
56
|
-
self[:updated_by] =
|
54
|
+
pid = current_who_did_it || Lockdown::System.fetch(:default_who_did_it)
|
55
|
+
self[:created_by] = pid if self.respond_to?(:created_by)
|
56
|
+
self[:updated_by] = pid if self.respond_to?(:updated_by)
|
57
57
|
create_without_stamps
|
58
58
|
end
|
59
59
|
|
60
60
|
def update_with_stamps
|
61
|
-
|
62
|
-
self[:updated_by] =
|
61
|
+
pid = current_who_did_it || Lockdown::System.fetch(:default_who_did_it)
|
62
|
+
self[:updated_by] = pid if self.respond_to?(:updated_by)
|
63
63
|
update_without_stamps
|
64
64
|
end
|
65
65
|
end
|
data/lib/lockdown/rules.rb
CHANGED
data/lib/lockdown/session.rb
CHANGED
@@ -1,27 +1,31 @@
|
|
1
1
|
module Lockdown
|
2
2
|
module Session
|
3
|
+
|
3
4
|
protected
|
4
5
|
|
5
|
-
def
|
6
|
-
|
7
|
-
|
6
|
+
def add_lockdown_session_values(user = nil)
|
7
|
+
user ||= current_user
|
8
|
+
|
9
|
+
if user
|
10
|
+
session[:access_rights] = Lockdown::System.access_rights_for_user(user)
|
11
|
+
session[:current_user_id] = user.id
|
8
12
|
end
|
9
|
-
end
|
10
|
-
|
11
|
-
def
|
12
|
-
|
13
|
-
Lockdown::System.user_groups[grp].each do |perm|
|
14
|
-
return true if access_in_perm?(perm)
|
15
|
-
end
|
16
|
-
false
|
13
|
+
end
|
14
|
+
|
15
|
+
def current_user_id
|
16
|
+
session[:current_user_id]
|
17
17
|
end
|
18
18
|
|
19
19
|
def current_user_is_admin?
|
20
20
|
session[:access_rights] == :all
|
21
21
|
end
|
22
22
|
|
23
|
-
def
|
24
|
-
|
23
|
+
def current_user_access_in_group?(grp)
|
24
|
+
return true if current_user_is_admin?
|
25
|
+
Lockdown::System.user_groups[grp].each do |perm|
|
26
|
+
return true if access_in_perm?(perm)
|
27
|
+
end
|
28
|
+
false
|
25
29
|
end
|
26
30
|
|
27
31
|
def access_in_perm?(perm)
|
@@ -37,5 +41,13 @@ module Lockdown
|
|
37
41
|
return false unless session[:access_rights]
|
38
42
|
session[:access_rights].include?(str)
|
39
43
|
end
|
44
|
+
|
45
|
+
def reset_lockdown_session
|
46
|
+
[:expiry_time, :current_user_id, :access_rights].each do |val|
|
47
|
+
session[val] = nil if session[val]
|
48
|
+
end
|
49
|
+
end
|
50
|
+
|
51
|
+
alias_method :nil_lockdown_values, :reset_lockdown_session
|
40
52
|
end # Session
|
41
53
|
end # Lockdown
|
data/lib/lockdown/system.rb
CHANGED
@@ -21,6 +21,13 @@ module Lockdown
|
|
21
21
|
(@options||={})[key]
|
22
22
|
end
|
23
23
|
|
24
|
+
def self.call(object, system_option)
|
25
|
+
method = fetch(system_option)
|
26
|
+
if method.is_a?(Symbol) && object.respond_to?(method)
|
27
|
+
object.send(method)
|
28
|
+
end
|
29
|
+
end
|
30
|
+
|
24
31
|
protected
|
25
32
|
|
26
33
|
def self.paths_for(str_sym, *methods)
|
data/lib/lockdown.rb
CHANGED
@@ -59,14 +59,9 @@ class LockdownGenerator < Rails::Generator::Base
|
|
59
59
|
@m.file "lib/lockdown/init.rb", "lib/lockdown/init.rb"
|
60
60
|
end
|
61
61
|
|
62
|
-
if options[:
|
63
|
-
options[:skip_management] = true
|
64
|
-
options[:skip_login] = true
|
65
|
-
end
|
66
|
-
|
67
|
-
add_management unless options[:skip_management]
|
62
|
+
add_management if options[:add_management]
|
68
63
|
|
69
|
-
add_login
|
64
|
+
add_login if options[:add_login]
|
70
65
|
|
71
66
|
add_models
|
72
67
|
|
@@ -115,17 +110,23 @@ class LockdownGenerator < Rails::Generator::Base
|
|
115
110
|
def add_models
|
116
111
|
@m.directory 'app/models'
|
117
112
|
|
118
|
-
write_model("permission")
|
119
|
-
write_model("user")
|
120
113
|
write_model("user_group")
|
121
|
-
write_model("
|
114
|
+
write_model("permission")
|
115
|
+
|
116
|
+
if options[:add_lockdown_authentication]
|
117
|
+
write_model("user")
|
118
|
+
write_model("profile")
|
119
|
+
end
|
122
120
|
|
123
121
|
unless options[:skip_migrations]
|
124
|
-
write_migration("create_profiles")
|
125
|
-
write_migration("create_users")
|
126
122
|
write_migration("create_user_groups")
|
127
123
|
write_migration("create_permissions")
|
128
|
-
|
124
|
+
|
125
|
+
if options[:add_lockdown_authentication]
|
126
|
+
write_migration("create_profiles")
|
127
|
+
write_migration("create_users")
|
128
|
+
write_migration("create_admin_user")
|
129
|
+
end
|
129
130
|
end
|
130
131
|
end
|
131
132
|
|
@@ -203,18 +204,36 @@ EOS
|
|
203
204
|
def add_options!(opt)
|
204
205
|
opt.separator ''
|
205
206
|
opt.separator 'Options:'
|
207
|
+
|
206
208
|
opt.on("--namespace=admin",
|
207
|
-
"Install lockdown templates with a namespace, in this example 'admin'.")
|
208
|
-
|
209
|
-
|
210
|
-
|
211
|
-
|
212
|
-
|
213
|
-
|
209
|
+
"Install lockdown templates with a namespace, in this example 'admin'.") do |v|
|
210
|
+
options[:namespace] = v
|
211
|
+
end
|
212
|
+
|
213
|
+
opt.on("--add-lockdown-authentication",
|
214
|
+
"Create user model + --add-login functionality.") do |v|
|
215
|
+
options[:add_lockdown_authentication] = v
|
216
|
+
end
|
217
|
+
|
218
|
+
opt.on("--add-management",
|
219
|
+
"Create user, user_group, permission management controllers and views.") do |v|
|
220
|
+
options[:add_management] = v
|
221
|
+
end
|
222
|
+
|
223
|
+
opt.on("--add-login",
|
224
|
+
"Create session controller and views.") do |v|
|
225
|
+
options[:add_login] = v
|
226
|
+
end
|
227
|
+
|
214
228
|
opt.on("--skip-rules",
|
215
|
-
|
229
|
+
"Skip installation of lib/lockdown/init.rb lib/lockdown/session.rb") do |v|
|
230
|
+
options[:skip_rules] = v
|
231
|
+
end
|
232
|
+
|
216
233
|
opt.on("--skip-migrations",
|
217
|
-
"Skip migrations installation")
|
234
|
+
"Skip migrations installation") do |v|
|
235
|
+
options[:skip_migrations] = v
|
236
|
+
end
|
218
237
|
end
|
219
238
|
|
220
239
|
def write_migration(str)
|
@@ -0,0 +1,39 @@
|
|
1
|
+
#
|
2
|
+
# !!!!IMPORTANT!!!!
|
3
|
+
#
|
4
|
+
#*** MUST define a current_user method that will return the current user object
|
5
|
+
#
|
6
|
+
#*** MUST define a logged_in? method that will return true if a user is logged in
|
7
|
+
#
|
8
|
+
#*** MUST add call to add_lockdown_session_values to your login method
|
9
|
+
#
|
10
|
+
# # This method uses the current_user method.
|
11
|
+
# add_lockdown_session_values
|
12
|
+
#
|
13
|
+
#*** MAY NEED to add call to reset_lockdown_session to your logout method.
|
14
|
+
# ** Not needed if your authentication system resets the session
|
15
|
+
#
|
16
|
+
#
|
17
|
+
#
|
18
|
+
# ~~~~Method Descriptions~~~~
|
19
|
+
|
20
|
+
# The Lockdown gem defines these session methods:
|
21
|
+
#
|
22
|
+
# current_user_id: returns the id of the current_user
|
23
|
+
#
|
24
|
+
# current_user_is_admin?: returns true if user is assigned
|
25
|
+
# administrator rights.
|
26
|
+
#
|
27
|
+
# reset_lockdown_session: This will nil the following session values:
|
28
|
+
# current_user_id
|
29
|
+
# access_rights
|
30
|
+
# expiry_time
|
31
|
+
#
|
32
|
+
# current_user_access_in_group?(grp): grp is a symbol referencing a
|
33
|
+
# Lockdown::UserGroups method such as :registered_users
|
34
|
+
# Will return true if the session[:access_rights] contain at
|
35
|
+
# least one match to the access_right list associated to the group
|
36
|
+
#
|
37
|
+
# If you want access to any of these methods in your view, just add them
|
38
|
+
# as helpers in your controller (application controller for global use).
|
39
|
+
#
|
@@ -1,5 +1,3 @@
|
|
1
|
-
require File.join(File.dirname(__FILE__), "session")
|
2
|
-
|
3
1
|
Lockdown::System.configure do
|
4
2
|
|
5
3
|
#~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
@@ -7,9 +5,27 @@ Lockdown::System.configure do
|
|
7
5
|
#~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
8
6
|
# Options with defaults:
|
9
7
|
#
|
8
|
+
# Set who_did_it method
|
9
|
+
# This method is used in setting the created_by/updated_by fields and
|
10
|
+
# should be accessible to the controller
|
11
|
+
# options[:who_did_it] = :current_user_id
|
12
|
+
#
|
13
|
+
# Set default_who_did_it
|
14
|
+
# When current_user_id returns nil, this is the value to use
|
15
|
+
# options[:default_who_did_it] = 1
|
16
|
+
#
|
17
|
+
# Should probably be something like:
|
18
|
+
# options[:default_who_did_it] = User::SystemId
|
19
|
+
#
|
10
20
|
# Set timeout to 1 hour:
|
11
21
|
# options[:session_timeout] = (60 * 60)
|
12
22
|
#
|
23
|
+
# Set default_creator_id. This is the value assigned to created_by and/or
|
24
|
+
# updated_by when no one is logged in. Think of it as the system id.
|
25
|
+
#
|
26
|
+
# Lockdown version < 0.9.0 set this to:
|
27
|
+
# options[:default_creator_id] = Profile::System
|
28
|
+
#
|
13
29
|
# Call method when timeout occurs (method must be callable by controller):
|
14
30
|
# options[:session_timeout_method] = :clear_session_values
|
15
31
|
#
|
@@ -44,6 +60,9 @@ Lockdown::System.configure do
|
|
44
60
|
# controller. You can change this behaviour by chaining on except_methods or
|
45
61
|
# only_methods. (see examples below)
|
46
62
|
#
|
63
|
+
# ** To define a namespaced controller use two underscores:
|
64
|
+
# :admin__products
|
65
|
+
#
|
47
66
|
# if products is your standard RESTful resource you'll get:
|
48
67
|
# ["products/index , "products/show",
|
49
68
|
# "products/new", "products/edit",
|
@@ -64,13 +64,14 @@ describe Lockdown::Frameworks::Rails::Controller::Lock do
|
|
64
64
|
end
|
65
65
|
|
66
66
|
describe "#set_current_user" do
|
67
|
-
it "should set
|
67
|
+
it "should set who_did_it in Thread.current" do
|
68
|
+
Lockdown::System.stub!(:fetch).with(:who_did_it).and_return(:current_user_id)
|
68
69
|
@controller.stub!(:logged_in?).and_return(true)
|
69
|
-
@controller.stub!(:
|
70
|
+
@controller.stub!(:current_user_id).and_return(1234)
|
70
71
|
|
71
72
|
@controller.set_current_user
|
72
73
|
|
73
|
-
Thread.current[:
|
74
|
+
Thread.current[:who_did_it].should == 1234
|
74
75
|
end
|
75
76
|
end
|
76
77
|
|
@@ -206,8 +207,10 @@ describe Lockdown::Frameworks::Rails::Controller::Lock do
|
|
206
207
|
end
|
207
208
|
|
208
209
|
it "should redirect to session[:prevpage]" do
|
209
|
-
|
210
|
-
|
210
|
+
path = "/previous"
|
211
|
+
path.stub!(:blank?).and_return(false)
|
212
|
+
@session[:prevpage] = path
|
213
|
+
@controller.should_receive(:redirect_to).with(path)
|
211
214
|
@controller.redirect_back_or_default("/")
|
212
215
|
end
|
213
216
|
end
|
@@ -73,14 +73,14 @@ describe Lockdown::Frameworks::Rails::Controller do
|
|
73
73
|
|
74
74
|
describe "#link_to_or_show" do
|
75
75
|
it "should return links separated by | " do
|
76
|
+
Lockdown::System.stub!(:fetch).with(:link_separator).and_return(' | ')
|
76
77
|
links = ["link_one", "link_two"]
|
77
|
-
|
78
78
|
@view.links(links).should == links.join(' | ')
|
79
79
|
end
|
80
80
|
|
81
81
|
it "should return links separated by | and handle empty strings" do
|
82
|
+
Lockdown::System.stub!(:fetch).with(:link_separator).and_return(' | ')
|
82
83
|
links = ["link_one", "link_two", ""]
|
83
|
-
|
84
84
|
@view.links(links).should == links.join(' | ')
|
85
85
|
end
|
86
86
|
end
|
@@ -64,8 +64,9 @@ describe Lockdown::Session do
|
|
64
64
|
it "should set the access_rights from the user list" do
|
65
65
|
array = ["posts/index", "posts/show"]
|
66
66
|
Lockdown::System.stub!(:access_rights_for_user).and_return(array)
|
67
|
-
@controller.
|
68
|
-
|
67
|
+
@controller.stub!(:current_user).and_return(:user_object)
|
68
|
+
@controller.send(:add_lockdown_session_values)
|
69
|
+
@session[:access_rights].should == array
|
69
70
|
end
|
70
71
|
end
|
71
72
|
|
data/tasks/rdoc.rake
CHANGED
@@ -19,10 +19,11 @@ namespace :doc do
|
|
19
19
|
end
|
20
20
|
rd.rdoc_files.push(*files)
|
21
21
|
|
22
|
-
|
23
|
-
|
22
|
+
name = PROJ.name
|
24
23
|
rf_name = PROJ.rubyforge.name
|
25
|
-
|
24
|
+
|
25
|
+
title = "#{name}-#{PROJ.version} Documentation"
|
26
|
+
title = "#{rf_name}'s " + title if rf_name.valid? and rf_name != name
|
26
27
|
|
27
28
|
rd.options << "-t #{title}"
|
28
29
|
rd.options.concat(rdoc.opts)
|
data/tasks/setup.rb
CHANGED
@@ -6,7 +6,7 @@ require 'fileutils'
|
|
6
6
|
require 'ostruct'
|
7
7
|
require 'find'
|
8
8
|
|
9
|
-
class OpenStruct; undef :gem; end
|
9
|
+
class OpenStruct; undef :gem if defined? :gem; end
|
10
10
|
|
11
11
|
# TODO: make my own openstruct type object that includes descriptions
|
12
12
|
# TODO: use the descriptions to output help on the available bones options
|
@@ -124,9 +124,7 @@ import(*rakefiles)
|
|
124
124
|
%w(lib ext).each {|dir| PROJ.libs << dir if test ?d, dir}
|
125
125
|
|
126
126
|
# Setup some constants
|
127
|
-
|
128
|
-
|
129
|
-
DEV_NULL = WIN32 ? 'NUL:' : '/dev/null'
|
127
|
+
DEV_NULL = File.exist?('/dev/null') ? '/dev/null' : 'NUL:'
|
130
128
|
|
131
129
|
def quiet( &block )
|
132
130
|
io = [STDOUT.dup, STDERR.dup]
|
@@ -139,21 +137,15 @@ ensure
|
|
139
137
|
$stdout, $stderr = STDOUT, STDERR
|
140
138
|
end
|
141
139
|
|
142
|
-
DIFF = if
|
143
|
-
else
|
144
|
-
|
145
|
-
|
146
|
-
end unless defined?
|
147
|
-
|
148
|
-
|
149
|
-
|
150
|
-
|
151
|
-
else '' end
|
152
|
-
end
|
153
|
-
|
154
|
-
RCOV = WIN32 ? 'rcov.bat' : 'rcov'
|
155
|
-
RDOC = WIN32 ? 'rdoc.bat' : 'rdoc'
|
156
|
-
GEM = WIN32 ? 'gem.bat' : 'gem'
|
140
|
+
DIFF = if system("gdiff '#{__FILE__}' '#{__FILE__}' > #{DEV_NULL} 2>&1") then 'gdiff'
|
141
|
+
else 'diff' end unless defined? DIFF
|
142
|
+
|
143
|
+
SUDO = if system("which sudo > #{DEV_NULL} 2>&1") then 'sudo'
|
144
|
+
else '' end unless defined? SUDO
|
145
|
+
|
146
|
+
RCOV = "#{RUBY} -S rcov"
|
147
|
+
RDOC = "#{RUBY} -S rdoc"
|
148
|
+
GEM = "#{RUBY} -S gem"
|
157
149
|
|
158
150
|
%w(rcov spec/rake/spectask rubyforge bones facets/ansicode).each do |lib|
|
159
151
|
begin
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: lockdown
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.9.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Andrew Stone
|
@@ -9,7 +9,7 @@ autorequire:
|
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
11
|
|
12
|
-
date: 2009-
|
12
|
+
date: 2009-03-22 00:00:00 -04:00
|
13
13
|
default_executable:
|
14
14
|
dependencies:
|
15
15
|
- !ruby/object:Gem::Dependency
|
@@ -20,9 +20,9 @@ dependencies:
|
|
20
20
|
requirements:
|
21
21
|
- - ">="
|
22
22
|
- !ruby/object:Gem::Version
|
23
|
-
version: 2.4.
|
23
|
+
version: 2.4.2
|
24
24
|
version:
|
25
|
-
description: Lockdown is
|
25
|
+
description: Lockdown is an authorization system for RubyOnRails (ver >= 2.1).
|
26
26
|
email: andy@stonean.com
|
27
27
|
executables: []
|
28
28
|
|
@@ -32,7 +32,6 @@ extra_rdoc_files:
|
|
32
32
|
- History.txt
|
33
33
|
- README.txt
|
34
34
|
files:
|
35
|
-
- .DS_Store
|
36
35
|
- History.txt
|
37
36
|
- README.txt
|
38
37
|
- Rakefile
|
@@ -48,10 +47,7 @@ files:
|
|
48
47
|
- lib/lockdown/rules.rb
|
49
48
|
- lib/lockdown/session.rb
|
50
49
|
- lib/lockdown/system.rb
|
51
|
-
- rails_generators/.DS_Store
|
52
|
-
- rails_generators/lockdown/.DS_Store
|
53
50
|
- rails_generators/lockdown/lockdown_generator.rb
|
54
|
-
- rails_generators/lockdown/templates/.DS_Store
|
55
51
|
- rails_generators/lockdown/templates/app/controllers/permissions_controller.rb
|
56
52
|
- rails_generators/lockdown/templates/app/controllers/sessions_controller.rb
|
57
53
|
- rails_generators/lockdown/templates/app/controllers/user_groups_controller.rb
|
@@ -80,9 +76,8 @@ files:
|
|
80
76
|
- rails_generators/lockdown/templates/db/migrate/create_profiles.rb
|
81
77
|
- rails_generators/lockdown/templates/db/migrate/create_user_groups.rb
|
82
78
|
- rails_generators/lockdown/templates/db/migrate/create_users.rb
|
83
|
-
- rails_generators/lockdown/templates/lib
|
79
|
+
- rails_generators/lockdown/templates/lib/lockdown/README
|
84
80
|
- rails_generators/lockdown/templates/lib/lockdown/init.rb
|
85
|
-
- rails_generators/lockdown/templates/lib/lockdown/session.rb
|
86
81
|
- spec/lockdown/database_spec.rb
|
87
82
|
- spec/lockdown/frameworks/rails/controller_spec.rb
|
88
83
|
- spec/lockdown/frameworks/rails/view_spec.rb
|
@@ -133,6 +128,6 @@ rubyforge_project: lockdown
|
|
133
128
|
rubygems_version: 1.3.1
|
134
129
|
signing_key:
|
135
130
|
specification_version: 2
|
136
|
-
summary: Lockdown is
|
131
|
+
summary: Lockdown is an authorization system for RubyOnRails (ver >= 2
|
137
132
|
test_files: []
|
138
133
|
|
data/.DS_Store
DELETED
Binary file
|
data/rails_generators/.DS_Store
DELETED
Binary file
|
Binary file
|
Binary file
|
Binary file
|
@@ -1,68 +0,0 @@
|
|
1
|
-
module Lockdown
|
2
|
-
#
|
3
|
-
# The Lockdown gem defines additional Session methods:
|
4
|
-
#
|
5
|
-
# current_user_is_admin?: returns true if user is assigned
|
6
|
-
# administrator rights.
|
7
|
-
#
|
8
|
-
# nil_lockdown_values: This will nil all session values starting with
|
9
|
-
# user_ or access_ or expiry
|
10
|
-
#
|
11
|
-
# current_user_access_in_group?(grp): grp is a symbol referencing a
|
12
|
-
# Lockdown::UserGroups method such as :registered_users
|
13
|
-
# Will return true if the session[:access_rights] contain at
|
14
|
-
# least one match to the access_right list associated to the group
|
15
|
-
#
|
16
|
-
module Session
|
17
|
-
protected
|
18
|
-
|
19
|
-
def set_session_user(user)
|
20
|
-
if user.nil?
|
21
|
-
nil_lockdown_values
|
22
|
-
return
|
23
|
-
end
|
24
|
-
session[:user_id] = user.id
|
25
|
-
session[:user_name] = user.full_name
|
26
|
-
session[:user_profile_id] = user.profile.id
|
27
|
-
|
28
|
-
#
|
29
|
-
# If you remove this method, you will not gain access to any
|
30
|
-
# protected resources
|
31
|
-
#
|
32
|
-
add_lockdown_session_values(user)
|
33
|
-
end
|
34
|
-
|
35
|
-
def logged_in?
|
36
|
-
current_user_id > 0
|
37
|
-
end
|
38
|
-
|
39
|
-
def current_user_id
|
40
|
-
return session[:user_id] || -1
|
41
|
-
end
|
42
|
-
|
43
|
-
def current_user_name
|
44
|
-
session[:user_name]
|
45
|
-
end
|
46
|
-
|
47
|
-
def current_profile_id
|
48
|
-
return session[:user_profile_id] || -1
|
49
|
-
end
|
50
|
-
|
51
|
-
def current_user
|
52
|
-
return current_user_id > 0 ? User.find(current_user_id, :include => [:profile, :user_groups]) : nil
|
53
|
-
end
|
54
|
-
|
55
|
-
end # Session module
|
56
|
-
end # Lockdown module
|
57
|
-
|
58
|
-
ActionController::Base.class_eval do
|
59
|
-
include Lockdown::Session
|
60
|
-
|
61
|
-
helper_method :logged_in?,
|
62
|
-
:current_user,
|
63
|
-
:current_user_name,
|
64
|
-
:current_user_id,
|
65
|
-
:current_profile_id,
|
66
|
-
:current_user_is_admin?,
|
67
|
-
:current_user_access_in_group?
|
68
|
-
end
|