lockdown 1.6.5 → 2.0.0

data/rails_generators/lockdown/lockdown_generator.rb

@@ -1,274 +0,0 @@
-@override_next_migration_string = false
-
-if Rails::VERSION::MAJOR >= 2 && Rails::VERSION::MINOR >= 1 
-  if Rails::VERSION::TINY == 0
-    @override_next_migration_string = true
-  elsif ActiveRecord::Base.timestamped_migrations
-    @override_next_migration_string = true
-  end
-end
-
-if @override_next_migration_string
-  class Rails::Generator::Commands::Base
-    protected
-    def next_migration_string(padding = 3)
-      sleep(1)
-      Time.now.utc.strftime("%Y%m%d%H%M%S") 
-    end
-  end
-end
-
-class LockdownGenerator < Rails::Generator::Base
-  attr_accessor :file_name, :action_name, :namespace, :view_path, :controller_path
-
-  def initialize(runtime_args, runtime_options = {})
-    super
-    if Rails::VERSION::MAJOR >= 2 && Rails::VERSION::MINOR >= 1
-      @action_name = "action_name"
-    else
-      @action_name = "@action_name"
-    end
-
-    @namespace = options[:namespace] if options[:namespace]
-
-    # so if the namespace option exists it sets the correct view path and controller path
-    @view_path = "app/views"
-    @controller_path = "app/controllers"
-    @helper_path = "app/helpers"
-    @lib_path = "lib/lockdown"
-
-    @initializer = "config/environment.rb"
-
-    if @namespace
-      @view_path += "/#{@namespace}"
-      @controller_path += "/#{@namespace}"
-      @helper_path += "/#{@namespace}"
-    end
-  end
-
-  def manifest
-    record do |m|
-      @m = m
-      # Ensure appropriate folder(s) exists
-      @m.directory @view_path
-      @m.directory @controller_path
-      @m.directory @helper_path
-      @m.directory @lib_path
-
-      unless options[:skip_rules]
-        @m.file "lib/lockdown/README", "lib/lockdown/README"
-        @m.file "lib/lockdown/init.rb", "lib/lockdown/init.rb"
-      end
-
-      add_management if options[:add_management]
-
-      add_login if options[:add_login]
-
-      add_models
-      
-      @m.file "config/initializers/lockit.rb", "config/initializers/lockit.rb"
-    end #record do |m|
-  end
-
-  protected
-
-  def add_management
-    @m.directory "#{@view_path}/users"
-    @m.directory "#{@view_path}/user_groups"
-    @m.directory "#{@view_path}/permissions"
-
-    write_controller("permissions")
-    write_controller("users")
-    write_controller("user_groups")
-
-    copy_views("users")
-
-    copy_views("user_groups")
-
-    @m.template "app/views/permissions/index.html.erb",
-      "#{@view_path}/permissions/index.html.erb"
-
-    @m.template "app/views/permissions/show.html.erb",
-      "#{@view_path}/permissions/show.html.erb"
-
-    add_management_routes
-    add_management_permissions
-  end
-
-  def add_login
-    @m.directory "app/views/sessions"
-
-    @m.template "app/controllers/sessions_controller.rb",
-      "app/controllers/sessions_controller.rb"
-
-    @m.template "app/views/sessions/new.html.erb",
-      "app/views/sessions/new.html.erb"
-    
-    add_login_routes
-    add_login_permissions
-  end
-
-  def add_models
-    @m.directory 'app/models'
-
-    write_model("user_group")
-    write_model("permission") 
-
-    if options[:add_lockdown_authentication]
-      write_model("user") 
-      write_model("profile") 
-    end
-
-    unless options[:skip_migrations]
-      write_migration("create_user_groups")
-      write_migration("create_permissions")
-
-      if options[:add_lockdown_authentication]
-        write_migration("create_profiles")
-        write_migration("create_users")
-        write_migration("create_admin_user")
-      end
-    end
-  end
-
-  def copy_views(vw)
-    @m.template "app/views/#{vw}/index.html.erb", "#{@view_path}/#{vw}/index.html.erb"
-    @m.template "app/views/#{vw}/show.html.erb", "#{@view_path}/#{vw}/show.html.erb"
-    @m.template "app/views/#{vw}/edit.html.erb", "#{@view_path}/#{vw}/edit.html.erb"
-    @m.template "app/views/#{vw}/new.html.erb", "#{@view_path}/#{vw}/new.html.erb"
-  end
-
-  def add_login_permissions
-    add_permissions "set_permission(:sessions_management).with_controller(:sessions)"
-    
-    add_predefined_user_group "set_public_access :sessions_management"
-  end
-
-  def add_management_routes
-    if @namespace.blank?
-      permissions = %Q(\tmap.resources :permissions)
-      users = %Q(\tmap.resources :users)
-      user_groups = %Q(\tmap.resources :user_groups)
-      routes = [permissions, user_groups, users].join("\n\n")
-    else
-      routes = %Q(\tmap.namespace :#{@namespace} do |#{@namespace}|\n\t\t#{@namespace}.resources :permissions\n\t\t#{@namespace}.resources :users\n\t\t#{@namespace}.resources :user_groups\n\tend)
-    end
-
-    write_routes_file(routes)
-  end
-
-  def add_management_permissions
-    perms = []
-    perms << "set_permission(:users_management).with_controller(:#{@namespace.blank? ? "users" : "#{@namespace}__users"})"
-    perms << "set_permission(:user_groups_management).with_controller(:#{@namespace.blank? ? "user_groups" : "#{@namespace}__user_groups"})"
-    perms << "set_permission(:permissions_management).with_controller(:#{@namespace.blank? ? "permissions" : "#{@namespace}__permissions"})"
-    perms << "set_permission(:my_account).with_controller(:#{@namespace.blank? ? "users" : "#{@namespace}__users"}).only_methods(:edit, :update, :show)"
-
-    add_permissions perms.join("\n  ")
-    
-    add_predefined_user_group "set_protected_access :my_account"
-  end
-
-  def add_permissions(str)
-    sentinel = '# Define your permissions here:'
-    write_init_file(sentinel, str)
-  end
-
-  def add_predefined_user_group(str)
-    sentinel = '# Define the built-in user groups here:'
-    write_init_file(sentinel, str)
-  end
-
-  def add_login_routes
-    sessions = %Q(\tmap.resources :sessions)
-    home     = %Q(\tmap.home '', :controller => 'sessions', :action => 'new')
-    login    = %Q(\tmap.login '/login', :controller => 'sessions', :action => 'new')
-    logout   = %Q(\tmap.logout '/logout', :controller => 'sessions', :action => 'destroy')
-    routes   = [sessions, home, login, logout].join("\n\n")
-
-    write_routes_file(routes)
-  end
-
-  def banner
-<<-EOS
-Installs the lockdown framework to managing users user_groups 
-and viewing permissions. Also includes a login screen.
-
-By default the entire set of stubs are installed.  
-
-Please use the appropriate options to customize your install. 
-
-USAGE: #{$0} #{spec.name} 
-EOS
-  end
-
-  def add_options!(opt)
-    opt.separator ''
-    opt.separator 'Options:'
-
-    opt.on("--namespace=admin",
-      "Install lockdown templates with a namespace, in this example 'admin'.") do |v|
-        options[:namespace] = v 
-      end
-
-    opt.on("--add-lockdown-authentication",
-      "Create user model + --add-login functionality.") do |v| 
-        options[:add_lockdown_authentication] = v
-      end
-
-    opt.on("--add-management",
-      "Create user, user_group, permission management controllers and views.") do |v|
-        options[:add_management] = v
-      end
-
-    opt.on("--add-login",
-      "Create session controller and views.") do |v| 
-        options[:add_login] = v 
-      end
-
-    opt.on("--skip-rules",
-      "Skip installation of lib/lockdown/init.rb lib/lockdown/session.rb") do |v| 
-        options[:skip_rules] = v
-      end
-
-    opt.on("--skip-migrations",
-      "Skip migrations installation") do |v| 
-        options[:skip_migrations] = v
-      end
-  end
-
-  def write_migration(str)
-    @m.migration_template "db/migrate/#{str}.rb", "db/migrate", 
-      :migration_file_name => str
-  end
-
-  def write_model(str)
-    @m.file "app/models/#{str}.rb", "app/models/#{str}.rb"
-  end
-
-  def write_controller(str)
-    @m.template "app/controllers/#{str}_controller.rb",
-      "#{@controller_path}/#{str}_controller.rb"
-    write_helper(str)
-  end
-
-  def write_helper(str)
-    @m.template "app/helpers/#{str}_helper.rb",
-      "#{@helper_path}/#{str}_helper.rb"
-  end
-
-  def write_routes_file(routes)
-    sentinel = 'ActionController::Routing::Routes.draw do |map|'
-                
-    @m.gsub_file 'config/routes.rb', /(#{Regexp.escape(sentinel)})/mi do |match|
-      "#{match}\n #{routes}\n"
-    end
-  end
-
-  def write_init_file(sentinel, str)
-    @m.gsub_file 'lib/lockdown/init.rb', /(#{Regexp.escape(sentinel)})/mi do |match|
-      "#{match}\n  #{str}"
-    end
-  end
-  
-end

data/rails_generators/lockdown/templates/app/controllers/permissions_controller.rb

@@ -1,22 +0,0 @@
-class <%= "#{namespace.camelcase}::" unless namespace.blank? %>PermissionsController < ApplicationController
-  # GET /permissions
-  # GET /permissions.xml
-  def index
-    @permissions = Permission.find(:all)
-
-    respond_to do |format|
-      format.html # index.html.erb
-      format.xml  { render :xml => @permissions }
-    end
-  end
-
-  # GET /permissions/1
-  # GET /permissions/1.xml
-  def show
-    @permission = Permission.find(params[:id])
-    respond_to do |format|
-      format.html # show.html.erb
-      format.xml  { render :xml => @permission }
-    end
-  end
-end

data/rails_generators/lockdown/templates/app/controllers/sessions_controller.rb

@@ -1,39 +0,0 @@
-class SessionsController < ApplicationController
-
-# This controller handles the login/logout function of the site.
-  def new
-    #Stub required for Lockdown to grant access
-  end
-
-  def create
-    password_authentication(params[:login], params[:password])
-  end
-
-  def destroy
-		logger.info "resetting session in sessions controller"
-    reset_session
-    flash[:notice] = "You have been logged out."
-    redirect_back_or_default('/')
-  end
-  
-  protected
-
-  def password_authentication(login, password)
-    set_session_user(User.authenticate(login, password))
-    if logged_in?
-      successful_login
-    else
-      failed_login
-    end
-  end
-  
-  def failed_login(message = 'Authentication failed.')
-    flash[:error] = message
-    redirect_back_or_default login_path
-  end
-	 
-  def successful_login
-    flash[:notice] = "Logged in successfully"
-    redirect_back_or_default Lockdown::System.fetch(:successful_login_path)
-  end
-end

data/rails_generators/lockdown/templates/app/controllers/user_groups_controller.rb

@@ -1,122 +0,0 @@
-class <%= "#{namespace.camelcase}::" unless namespace.blank? %>UserGroupsController < ApplicationController
-	before_filter :find_user_group, :only => [:show, :edit, :update, :destroy]
-	after_filter :update_permissions, :only => [:create, :update]
-
-  # GET /user_groups
-  # GET /user_groups.xml
-  def index
-    @user_groups = UserGroup.find(:all)
-
-    respond_to do |format|
-      format.html # index.html.erb
-      format.xml  { render :xml => @user_groups }
-    end
-  end
-
-  # GET /user_groups/1
-  # GET /user_groups/1.xml
-  def show
-		@all_permissions = Lockdown::System.permissions_assignable_for_user(current_user)
-    respond_to do |format|
-      format.html # show.html.erb
-      format.xml  { render :xml => @user_group }
-    end
-  end
-
-  # GET /user_groups/new
-  # GET /user_groups/new.xml
-  def new
-    @user_group = UserGroup.new
-		@all_permissions = Lockdown::System.permissions_assignable_for_user(current_user)
-
-    respond_to do |format|
-      format.html # new.html.erb
-      format.xml  { render :xml => @user_group }
-    end
-  end
-
-  # GET /user_groups/1/edit
-  def edit
-		@all_permissions = Lockdown::System.permissions_assignable_for_user(current_user)
-  end
-
-  # POST /user_groups
-  # POST /user_groups.xml
-  def create
-    @user_group = UserGroup.new(params[:user_group])
-
-    respond_to do |format|
-      if @user_group.save
-        flash[:notice] = 'UserGroup was successfully created.'
-        <% if namespace %>
-          format.html { redirect_to(<%= namespace %>_user_group_path(@user_group)) }
-        <% else %>
-          format.html { redirect_to(user_group_path(@user_group)) }
-        <% end %>
-        format.xml  { render :xml => @user_group, :status => :created, :location => @user_group }
-      else
-				@all_permissions = Lockdown::System.permissions_assignable_for_user(current_user)
-        format.html { render :action => "new" }
-        format.xml  { render :xml => @user_group.errors, :status => :unprocessable_entity }
-      end
-    end
-  end
-
-  # PUT /user_groups/1
-  # PUT /user_groups/1.xml
-  def update
-    respond_to do |format|
-      if @user_group.update_attributes(params[:user_group])
-        flash[:notice] = 'UserGroup was successfully updated.'
-        <% if namespace %>
-          format.html { redirect_to(<%= namespace %>_user_group_path(@user_group)) }
-        <% else %>
-          format.html { redirect_to(user_group_path(@user_group)) }
-        <% end %>
-        format.xml  { head :ok }
-      else
-				@all_permissions = Lockdown::System.permissions_assignable_for_user(current_user)
-        format.html { render :action => "edit" }
-        format.xml  { render :xml => @user_group.errors, :status => :unprocessable_entity }
-      end
-    end
-  end
-
-  # DELETE /user_groups/1
-  # DELETE /user_groups/1.xml
-  def destroy
-    @user_group.destroy
-
-    respond_to do |format|
-      format.html { redirect_to(<%= namespace.blank? ? 'user_groups_path' : "#{namespace}_user_groups_path" %>) }
-      format.xml  { head :ok }
-    end
-  end
-
-	private
-
-	def find_user_group
-    @user_group = UserGroup.find(params[:id])
-    if <%= action_name %> != "show" && Lockdown::System.has_user_group?(@user_group)
-      raise SecurityError,"Invalid attempt to modify user group."
-    end
-  end
-
-	def update_permissions
-		new_perm_ids = params.collect{|p| p[0].split("_")[1].to_i if p[0] =~ /^perm_/}.compact
-		#
-		# Removed previously associated permissions if not checked this time.
-		#
-		@user_group.permissions.dup.each do |p|
-			@user_group.permissions.delete(p) unless new_perm_ids.include?(p.id)
-    end
-
-		# 
-		# Add in the new permissions
-		#
-		new_perm_ids.each do |id|
-			next if @user_group.permission_ids.include?(id)
-			@user_group.permissions << Permission.find(id)
-    end
-  end
-end

data/rails_generators/lockdown/templates/app/controllers/users_controller.rb

@@ -1,117 +0,0 @@
-class <%= "#{namespace.camelcase}::" unless namespace.blank? %>UsersController < ApplicationController
-	before_filter :find_user, :only => [:show, :edit, :update, :destroy]
-	after_filter :update_user_groups, :only => [:create, :update]
-  # GET /users
-  # GET /users.xml
-  def index
-    @users = User.find :all, :include => [:profile, :user_groups]
-    respond_to do |format|
-      format.html # index.html.erb
-      format.xml  { render :xml => @users }
-    end
-  end
-
-  # GET /users/1
-  # GET /users/1.xml
-  def show
-    @user_groups_for_user = Lockdown::System.user_groups_assignable_for_user(current_user)
-    respond_to do |format|
-      format.html # show.html.erb
-      format.xml  { render :xml => @user }
-    end
-  end
-
-  # GET /users/new
-  # GET /users/new.xml
-  def new
-		@user = User.new
-    @user_groups_for_user = Lockdown::System.user_groups_assignable_for_user(current_user)
-		respond_to do |format|
-     format.html # new.html.erb
-     format.xml  { render :xml => @user }
-		end
-  end
-
-  # GET /users/1/edit
-  def edit
-    @user_groups_for_user = Lockdown::System.user_groups_assignable_for_user(current_user)
-  end
-  
-  # POST /users
-  # POST /users.xml
-  def create
-    @user = User.new(params[:user])
-
-		if @user.save
-			flash[:notice] = "Thanks for signing up!"
-			redirect_to(<%= namespace.blank? ? 'user_path(@user)' : "#{namespace}_user_path(@user)" %>)
-		else
-			@user_groups_for_user = Lockdown::System.user_groups_assignable_for_user(current_user)
-			flash[:error] = "Please correct the following issues"
-			render :action => "new" 
-    end
-  end
-  
-  # PUT /users/1
-  # PUT /users/1.xml
-  def update
-		@user.attributes = params[:user]
-
-    respond_to do |format|
-      if @user.save
-        flash[:notice] = 'User was successfully updated.'
-          format.html { redirect_to(<%= namespace.blank?  ? 'user_path(@user)' : "#{namespace}_user_path(@user)"%>) }
-        format.xml  { head :ok }
-      else
-        @user_groups_for_user = Lockdown::System.user_groups_assignable_for_user(current_user)
-        format.html { render :action => "edit" }
-        format.xml  { render :xml => @user.errors, :status => :unprocessable_entity }
-      end
-    end
-  end
-
-  # DELETE /users/1
-  # DELETE /users/1.xml
-  def destroy
-    @user.destroy
-
-    respond_to do |format|
-      format.html { redirect_to(<%= namespace.blank? ? 'users_path' : "#{namespace}_users_path" %>) }
-      format.xml  { head :ok }
-    end
-  end
-
-	def change_password 
-		render :update do |page|
-			page.replace_html 'password', :partial => 'password'
-		end
-	end
-
-	private
-
-	def find_user
-		# Skip test if current user is an administrator
-		unless current_user_is_admin? 
-			# Raise error if id not = current logged in user
-			raise SecurityError.new if (current_user_id != params[:id].to_i)
-		end
-		@user = User.find(params[:id])
-		raise SecurityError.new if @user.nil?
-	end
-
-	def update_user_groups
-		new_ug_ids = params.collect{|p| p[0].split("_")[1].to_i if p[0] =~ /^ug_/}.compact
-		# Removed previously associated user_groups if not checked this time.
-		#
-		@user.user_groups.dup.each do |g|
-			@user.user_groups.delete(g) unless new_ug_ids.include?(g.id)
-    end
-	
-		# Add in the new permissions
-		#
-		new_ug_ids.each do |id|
-			next if @user.user_group_ids.include?(id)
-			@user.user_groups << UserGroup.find(id)
-    end
-  end
-end

data/rails_generators/lockdown/templates/app/helpers/permissions_helper.rb

@@ -1,2 +0,0 @@
-module <%= "#{namespace.camelcase}::" unless namespace.blank? %>PermissionsHelper
-end

data/rails_generators/lockdown/templates/app/helpers/user_groups_helper.rb

@@ -1,2 +0,0 @@
-module <%= "#{namespace.camelcase}::" unless namespace.blank? %>UserGroupsHelper
-end

data/rails_generators/lockdown/templates/app/helpers/users_helper.rb

@@ -1,2 +0,0 @@
-module <%= "#{namespace.camelcase}::" unless namespace.blank? %>UsersHelper
-end

data/rails_generators/lockdown/templates/app/models/permission.rb

@@ -1,13 +0,0 @@
-class Permission < ActiveRecord::Base
-  has_and_belongs_to_many :user_groups
-  
-	def all_users
-		User.find_by_sql <<-SQL
-			select users.* 
-			from users, user_groups_users, permissions_user_groups
-			where users.id = user_groups_users.user_id 
-			and user_groups_users.user_group_id = permissions_user_groups.user_group_id
-			and permissions_user_groups.permission_id = #{self.id}
-		SQL
-  end
-end

data/rails_generators/lockdown/templates/app/models/profile.rb

@@ -1,10 +0,0 @@
-class Profile < ActiveRecord::Base
-  SYSTEM = 1
-  
-  validates_presence_of :email, :first_name, :last_name
-  
-  validates_length_of :email, :within => 5..100
-  validates_format_of :email, :with => /\A([^@\s]+)@((?:[-a-z0-9]+\.)+[a-z]{2,})\Z/i
-  
-  validates_uniqueness_of :email, :case_sensitive => false
-end