lockdown 1.1.6 → 1.2.0
Sign up to get free protection for your applications and to get access to all the features.
data/lib/lockdown/database.rb
CHANGED
@@ -54,7 +54,7 @@ module Lockdown
|
|
54
54
|
# Create user groups not found in the database
|
55
55
|
@user_groups.each do |key|
|
56
56
|
str = Lockdown.get_string(key)
|
57
|
-
unless ug = Lockdown
|
57
|
+
unless ug = Lockdown.user_group_class.find(:first, :conditions => ["name = ?", str])
|
58
58
|
create_user_group(str, key)
|
59
59
|
else
|
60
60
|
# Remove permissions from user group not found in init.rb
|
@@ -68,7 +68,7 @@ module Lockdown
|
|
68
68
|
|
69
69
|
def create_user_group(name_str, key)
|
70
70
|
puts ">> Lockdown: #{Lockdown::System.fetch(:user_group_model)} not in the db: #{name_str}, creating."
|
71
|
-
ug = Lockdown
|
71
|
+
ug = Lockdown.user_group_class.create(:name => name_str)
|
72
72
|
#Inefficient, definitely, but shouldn't have any issues across orms.
|
73
73
|
Lockdown::System.permissions_for_user_group(key).each do |perm|
|
74
74
|
p = ::Permission.find(:first, :conditions => ["name = ?",
|
data/lib/lockdown/helper.rb
CHANGED
@@ -14,20 +14,28 @@ module Lockdown
|
|
14
14
|
end
|
15
15
|
end
|
16
16
|
|
17
|
+
def user_group_class
|
18
|
+
eval(Lockdown::System.fetch(:user_group_model))
|
19
|
+
end
|
20
|
+
|
17
21
|
def user_groups_hbtm_reference
|
18
|
-
underscore(Lockdown::System.fetch(:user_group_model)
|
22
|
+
underscore(Lockdown::System.fetch(:user_group_model)).pluralize.to_sym
|
19
23
|
end
|
20
24
|
|
21
25
|
def user_group_id_reference
|
22
|
-
underscore(Lockdown::System.fetch(:user_group_model)
|
26
|
+
underscore(Lockdown::System.fetch(:user_group_model)) + "_id"
|
27
|
+
end
|
28
|
+
|
29
|
+
def user_class
|
30
|
+
eval(Lockdown::System.fetch(:user_model))
|
23
31
|
end
|
24
32
|
|
25
33
|
def users_hbtm_reference
|
26
|
-
underscore(Lockdown::System.fetch(:user_model)
|
34
|
+
underscore(Lockdown::System.fetch(:user_model)).pluralize.to_sym
|
27
35
|
end
|
28
36
|
|
29
37
|
def user_id_reference
|
30
|
-
underscore(Lockdown::System.fetch(:user_model)
|
38
|
+
underscore(Lockdown::System.fetch(:user_model)) + "_id"
|
31
39
|
end
|
32
40
|
|
33
41
|
def get_string(value)
|
data/lib/lockdown/rules.rb
CHANGED
@@ -35,12 +35,12 @@ module Lockdown
|
|
35
35
|
}
|
36
36
|
|
37
37
|
begin
|
38
|
-
@options[:user_group_model] =
|
38
|
+
@options[:user_group_model] = "UserGroup"
|
39
39
|
rescue NameError
|
40
40
|
end
|
41
41
|
|
42
42
|
begin
|
43
|
-
@options[:user_model] =
|
43
|
+
@options[:user_model] = "User"
|
44
44
|
rescue NameError
|
45
45
|
end
|
46
46
|
|
@@ -155,7 +155,7 @@ module Lockdown
|
|
155
155
|
# The group will be created if it doesn't exist
|
156
156
|
def make_user_administrator(usr)
|
157
157
|
user_groups = usr.send(Lockdown.user_groups_hbtm_reference)
|
158
|
-
user_groups << Lockdown
|
158
|
+
user_groups << Lockdown.user_group_class.
|
159
159
|
find_or_create_by_name(Lockdown.administrator_group_string)
|
160
160
|
end
|
161
161
|
|
@@ -211,7 +211,7 @@ module Lockdown
|
|
211
211
|
return [] if usr.nil?
|
212
212
|
ug_table = Lockdown.user_groups_hbtm_reference.to_s
|
213
213
|
if administrator?(usr)
|
214
|
-
Lockdown
|
214
|
+
Lockdown.user_group_class.find_by_sql <<-SQL
|
215
215
|
select #{ug_table}.* from #{ug_table} order by #{ug_table}.name
|
216
216
|
SQL
|
217
217
|
else
|
@@ -221,7 +221,7 @@ module Lockdown
|
|
221
221
|
else
|
222
222
|
join_table = "#{ug_table}_#{usr_table}"
|
223
223
|
end
|
224
|
-
Lockdown
|
224
|
+
Lockdown.user_group_class.find_by_sql <<-SQL
|
225
225
|
select #{ug_table}.* from #{ug_table}, #{join_table}
|
226
226
|
where #{ug_table}.id = #{join_table}.#{Lockdown.user_group_id_reference}
|
227
227
|
and #{join_table}.#{Lockdown.user_id_reference} = #{usr.id}
|
data/lib/lockdown.rb
CHANGED
@@ -7,10 +7,12 @@ Lockdown::System.configure do
|
|
7
7
|
#
|
8
8
|
#
|
9
9
|
# Set User model:
|
10
|
-
#
|
10
|
+
# # make sure you use the string "User", not the constant
|
11
|
+
# options[:user_model] = "User"
|
11
12
|
#
|
12
13
|
# Set UserGroup model:
|
13
|
-
#
|
14
|
+
# # make sure you use the string "UserGroup", not the constant
|
15
|
+
# options[:user_group_model] = "UserGroup"
|
14
16
|
#
|
15
17
|
# Set who_did_it method:
|
16
18
|
# This method is used in setting the created_by/updated_by fields and
|