lockdown 1.6.5 → 2.0.0
Sign up to get free protection for your applications and to get access to all the features.
- data/.gitignore +1 -0
- data/README.txt +8 -5
- data/Rakefile +43 -26
- data/lib/lockdown/access.rb +108 -0
- data/lib/lockdown/configuration.rb +201 -0
- data/lib/lockdown/database.rb +31 -36
- data/lib/lockdown/delivery.rb +26 -0
- data/lib/lockdown/errors.rb +3 -7
- data/lib/lockdown/frameworks/rails/controller.rb +21 -59
- data/lib/lockdown/frameworks/rails/view.rb +1 -1
- data/lib/lockdown/frameworks/rails.rb +7 -43
- data/lib/lockdown/helper.rb +14 -85
- data/lib/lockdown/orms/active_record.rb +7 -9
- data/lib/lockdown/permission.rb +37 -203
- data/lib/lockdown/resource.rb +54 -0
- data/lib/lockdown/session.rb +16 -25
- data/lib/lockdown/user_group.rb +16 -0
- data/lib/lockdown.rb +15 -60
- data/lockdown.gemspec +29 -69
- data/test/helper.rb +9 -0
- data/test/lockdown/test_access.rb +80 -0
- data/test/lockdown/test_configuration.rb +194 -0
- data/test/lockdown/test_delivery.rb +163 -0
- data/test/lockdown/test_helper.rb +33 -0
- data/test/lockdown/test_permission.rb +73 -0
- data/test/lockdown/test_resource.rb +47 -0
- data/test/lockdown/test_session.rb +31 -0
- data/test/lockdown/test_user_group.rb +17 -0
- data/test/test_lockdown.rb +11 -0
- metadata +41 -78
- data/lib/lockdown/context.rb +0 -41
- data/lib/lockdown/references.rb +0 -19
- data/lib/lockdown/rspec_helper.rb +0 -118
- data/lib/lockdown/rules.rb +0 -372
- data/lib/lockdown/system.rb +0 -58
- data/rails_generators/lockdown/lockdown_generator.rb +0 -274
- data/rails_generators/lockdown/templates/app/controllers/permissions_controller.rb +0 -22
- data/rails_generators/lockdown/templates/app/controllers/sessions_controller.rb +0 -39
- data/rails_generators/lockdown/templates/app/controllers/user_groups_controller.rb +0 -122
- data/rails_generators/lockdown/templates/app/controllers/users_controller.rb +0 -117
- data/rails_generators/lockdown/templates/app/helpers/permissions_helper.rb +0 -2
- data/rails_generators/lockdown/templates/app/helpers/user_groups_helper.rb +0 -2
- data/rails_generators/lockdown/templates/app/helpers/users_helper.rb +0 -2
- data/rails_generators/lockdown/templates/app/models/permission.rb +0 -13
- data/rails_generators/lockdown/templates/app/models/profile.rb +0 -10
- data/rails_generators/lockdown/templates/app/models/user.rb +0 -95
- data/rails_generators/lockdown/templates/app/models/user_group.rb +0 -15
- data/rails_generators/lockdown/templates/app/views/permissions/index.html.erb +0 -16
- data/rails_generators/lockdown/templates/app/views/permissions/show.html.erb +0 -26
- data/rails_generators/lockdown/templates/app/views/sessions/new.html.erb +0 -12
- data/rails_generators/lockdown/templates/app/views/user_groups/edit.html.erb +0 -33
- data/rails_generators/lockdown/templates/app/views/user_groups/index.html.erb +0 -20
- data/rails_generators/lockdown/templates/app/views/user_groups/new.html.erb +0 -31
- data/rails_generators/lockdown/templates/app/views/user_groups/show.html.erb +0 -29
- data/rails_generators/lockdown/templates/app/views/users/edit.html.erb +0 -51
- data/rails_generators/lockdown/templates/app/views/users/index.html.erb +0 -22
- data/rails_generators/lockdown/templates/app/views/users/new.html.erb +0 -50
- data/rails_generators/lockdown/templates/app/views/users/show.html.erb +0 -33
- data/rails_generators/lockdown/templates/config/initializers/lockit.rb +0 -1
- data/rails_generators/lockdown/templates/db/migrate/create_admin_user.rb +0 -17
- data/rails_generators/lockdown/templates/db/migrate/create_permissions.rb +0 -19
- data/rails_generators/lockdown/templates/db/migrate/create_profiles.rb +0 -26
- data/rails_generators/lockdown/templates/db/migrate/create_user_groups.rb +0 -19
- data/rails_generators/lockdown/templates/db/migrate/create_users.rb +0 -17
- data/rails_generators/lockdown/templates/lib/lockdown/README +0 -42
- data/rails_generators/lockdown/templates/lib/lockdown/init.rb +0 -131
- data/spec/lockdown/context_spec.rb +0 -191
- data/spec/lockdown/database_spec.rb +0 -162
- data/spec/lockdown/frameworks/rails/controller_spec.rb +0 -215
- data/spec/lockdown/frameworks/rails/view_spec.rb +0 -96
- data/spec/lockdown/frameworks/rails_spec.rb +0 -163
- data/spec/lockdown/permission_spec.rb +0 -156
- data/spec/lockdown/rspec_helper_spec.rb +0 -40
- data/spec/lockdown/rules_spec.rb +0 -245
- data/spec/lockdown/session_spec.rb +0 -112
- data/spec/lockdown/system_spec.rb +0 -51
- data/spec/lockdown_spec.rb +0 -19
- data/spec/rcov.opts +0 -5
- data/spec/spec.opts +0 -3
- data/spec/spec_helper.rb +0 -8
@@ -1,274 +0,0 @@
|
|
1
|
-
@override_next_migration_string = false
|
2
|
-
|
3
|
-
if Rails::VERSION::MAJOR >= 2 && Rails::VERSION::MINOR >= 1
|
4
|
-
if Rails::VERSION::TINY == 0
|
5
|
-
@override_next_migration_string = true
|
6
|
-
elsif ActiveRecord::Base.timestamped_migrations
|
7
|
-
@override_next_migration_string = true
|
8
|
-
end
|
9
|
-
end
|
10
|
-
|
11
|
-
if @override_next_migration_string
|
12
|
-
class Rails::Generator::Commands::Base
|
13
|
-
protected
|
14
|
-
def next_migration_string(padding = 3)
|
15
|
-
sleep(1)
|
16
|
-
Time.now.utc.strftime("%Y%m%d%H%M%S")
|
17
|
-
end
|
18
|
-
end
|
19
|
-
end
|
20
|
-
|
21
|
-
class LockdownGenerator < Rails::Generator::Base
|
22
|
-
attr_accessor :file_name, :action_name, :namespace, :view_path, :controller_path
|
23
|
-
|
24
|
-
def initialize(runtime_args, runtime_options = {})
|
25
|
-
super
|
26
|
-
if Rails::VERSION::MAJOR >= 2 && Rails::VERSION::MINOR >= 1
|
27
|
-
@action_name = "action_name"
|
28
|
-
else
|
29
|
-
@action_name = "@action_name"
|
30
|
-
end
|
31
|
-
|
32
|
-
@namespace = options[:namespace] if options[:namespace]
|
33
|
-
|
34
|
-
# so if the namespace option exists it sets the correct view path and controller path
|
35
|
-
@view_path = "app/views"
|
36
|
-
@controller_path = "app/controllers"
|
37
|
-
@helper_path = "app/helpers"
|
38
|
-
@lib_path = "lib/lockdown"
|
39
|
-
|
40
|
-
@initializer = "config/environment.rb"
|
41
|
-
|
42
|
-
if @namespace
|
43
|
-
@view_path += "/#{@namespace}"
|
44
|
-
@controller_path += "/#{@namespace}"
|
45
|
-
@helper_path += "/#{@namespace}"
|
46
|
-
end
|
47
|
-
end
|
48
|
-
|
49
|
-
def manifest
|
50
|
-
record do |m|
|
51
|
-
@m = m
|
52
|
-
# Ensure appropriate folder(s) exists
|
53
|
-
@m.directory @view_path
|
54
|
-
@m.directory @controller_path
|
55
|
-
@m.directory @helper_path
|
56
|
-
@m.directory @lib_path
|
57
|
-
|
58
|
-
unless options[:skip_rules]
|
59
|
-
@m.file "lib/lockdown/README", "lib/lockdown/README"
|
60
|
-
@m.file "lib/lockdown/init.rb", "lib/lockdown/init.rb"
|
61
|
-
end
|
62
|
-
|
63
|
-
add_management if options[:add_management]
|
64
|
-
|
65
|
-
add_login if options[:add_login]
|
66
|
-
|
67
|
-
add_models
|
68
|
-
|
69
|
-
@m.file "config/initializers/lockit.rb", "config/initializers/lockit.rb"
|
70
|
-
end #record do |m|
|
71
|
-
end
|
72
|
-
|
73
|
-
protected
|
74
|
-
|
75
|
-
def add_management
|
76
|
-
@m.directory "#{@view_path}/users"
|
77
|
-
@m.directory "#{@view_path}/user_groups"
|
78
|
-
@m.directory "#{@view_path}/permissions"
|
79
|
-
|
80
|
-
write_controller("permissions")
|
81
|
-
write_controller("users")
|
82
|
-
write_controller("user_groups")
|
83
|
-
|
84
|
-
copy_views("users")
|
85
|
-
|
86
|
-
copy_views("user_groups")
|
87
|
-
|
88
|
-
@m.template "app/views/permissions/index.html.erb",
|
89
|
-
"#{@view_path}/permissions/index.html.erb"
|
90
|
-
|
91
|
-
@m.template "app/views/permissions/show.html.erb",
|
92
|
-
"#{@view_path}/permissions/show.html.erb"
|
93
|
-
|
94
|
-
add_management_routes
|
95
|
-
add_management_permissions
|
96
|
-
end
|
97
|
-
|
98
|
-
def add_login
|
99
|
-
@m.directory "app/views/sessions"
|
100
|
-
|
101
|
-
@m.template "app/controllers/sessions_controller.rb",
|
102
|
-
"app/controllers/sessions_controller.rb"
|
103
|
-
|
104
|
-
@m.template "app/views/sessions/new.html.erb",
|
105
|
-
"app/views/sessions/new.html.erb"
|
106
|
-
|
107
|
-
add_login_routes
|
108
|
-
add_login_permissions
|
109
|
-
end
|
110
|
-
|
111
|
-
def add_models
|
112
|
-
@m.directory 'app/models'
|
113
|
-
|
114
|
-
write_model("user_group")
|
115
|
-
write_model("permission")
|
116
|
-
|
117
|
-
if options[:add_lockdown_authentication]
|
118
|
-
write_model("user")
|
119
|
-
write_model("profile")
|
120
|
-
end
|
121
|
-
|
122
|
-
unless options[:skip_migrations]
|
123
|
-
write_migration("create_user_groups")
|
124
|
-
write_migration("create_permissions")
|
125
|
-
|
126
|
-
if options[:add_lockdown_authentication]
|
127
|
-
write_migration("create_profiles")
|
128
|
-
write_migration("create_users")
|
129
|
-
write_migration("create_admin_user")
|
130
|
-
end
|
131
|
-
end
|
132
|
-
end
|
133
|
-
|
134
|
-
def copy_views(vw)
|
135
|
-
@m.template "app/views/#{vw}/index.html.erb", "#{@view_path}/#{vw}/index.html.erb"
|
136
|
-
@m.template "app/views/#{vw}/show.html.erb", "#{@view_path}/#{vw}/show.html.erb"
|
137
|
-
@m.template "app/views/#{vw}/edit.html.erb", "#{@view_path}/#{vw}/edit.html.erb"
|
138
|
-
@m.template "app/views/#{vw}/new.html.erb", "#{@view_path}/#{vw}/new.html.erb"
|
139
|
-
end
|
140
|
-
|
141
|
-
def add_login_permissions
|
142
|
-
add_permissions "set_permission(:sessions_management).with_controller(:sessions)"
|
143
|
-
|
144
|
-
add_predefined_user_group "set_public_access :sessions_management"
|
145
|
-
end
|
146
|
-
|
147
|
-
def add_management_routes
|
148
|
-
if @namespace.blank?
|
149
|
-
permissions = %Q(\tmap.resources :permissions)
|
150
|
-
users = %Q(\tmap.resources :users)
|
151
|
-
user_groups = %Q(\tmap.resources :user_groups)
|
152
|
-
routes = [permissions, user_groups, users].join("\n\n")
|
153
|
-
else
|
154
|
-
routes = %Q(\tmap.namespace :#{@namespace} do |#{@namespace}|\n\t\t#{@namespace}.resources :permissions\n\t\t#{@namespace}.resources :users\n\t\t#{@namespace}.resources :user_groups\n\tend)
|
155
|
-
end
|
156
|
-
|
157
|
-
write_routes_file(routes)
|
158
|
-
end
|
159
|
-
|
160
|
-
def add_management_permissions
|
161
|
-
perms = []
|
162
|
-
perms << "set_permission(:users_management).with_controller(:#{@namespace.blank? ? "users" : "#{@namespace}__users"})"
|
163
|
-
perms << "set_permission(:user_groups_management).with_controller(:#{@namespace.blank? ? "user_groups" : "#{@namespace}__user_groups"})"
|
164
|
-
perms << "set_permission(:permissions_management).with_controller(:#{@namespace.blank? ? "permissions" : "#{@namespace}__permissions"})"
|
165
|
-
perms << "set_permission(:my_account).with_controller(:#{@namespace.blank? ? "users" : "#{@namespace}__users"}).only_methods(:edit, :update, :show)"
|
166
|
-
|
167
|
-
add_permissions perms.join("\n ")
|
168
|
-
|
169
|
-
add_predefined_user_group "set_protected_access :my_account"
|
170
|
-
end
|
171
|
-
|
172
|
-
def add_permissions(str)
|
173
|
-
sentinel = '# Define your permissions here:'
|
174
|
-
write_init_file(sentinel, str)
|
175
|
-
end
|
176
|
-
|
177
|
-
def add_predefined_user_group(str)
|
178
|
-
sentinel = '# Define the built-in user groups here:'
|
179
|
-
write_init_file(sentinel, str)
|
180
|
-
end
|
181
|
-
|
182
|
-
def add_login_routes
|
183
|
-
sessions = %Q(\tmap.resources :sessions)
|
184
|
-
home = %Q(\tmap.home '', :controller => 'sessions', :action => 'new')
|
185
|
-
login = %Q(\tmap.login '/login', :controller => 'sessions', :action => 'new')
|
186
|
-
logout = %Q(\tmap.logout '/logout', :controller => 'sessions', :action => 'destroy')
|
187
|
-
routes = [sessions, home, login, logout].join("\n\n")
|
188
|
-
|
189
|
-
write_routes_file(routes)
|
190
|
-
end
|
191
|
-
|
192
|
-
def banner
|
193
|
-
<<-EOS
|
194
|
-
Installs the lockdown framework to managing users user_groups
|
195
|
-
and viewing permissions. Also includes a login screen.
|
196
|
-
|
197
|
-
By default the entire set of stubs are installed.
|
198
|
-
|
199
|
-
Please use the appropriate options to customize your install.
|
200
|
-
|
201
|
-
USAGE: #{$0} #{spec.name}
|
202
|
-
EOS
|
203
|
-
end
|
204
|
-
|
205
|
-
def add_options!(opt)
|
206
|
-
opt.separator ''
|
207
|
-
opt.separator 'Options:'
|
208
|
-
|
209
|
-
opt.on("--namespace=admin",
|
210
|
-
"Install lockdown templates with a namespace, in this example 'admin'.") do |v|
|
211
|
-
options[:namespace] = v
|
212
|
-
end
|
213
|
-
|
214
|
-
opt.on("--add-lockdown-authentication",
|
215
|
-
"Create user model + --add-login functionality.") do |v|
|
216
|
-
options[:add_lockdown_authentication] = v
|
217
|
-
end
|
218
|
-
|
219
|
-
opt.on("--add-management",
|
220
|
-
"Create user, user_group, permission management controllers and views.") do |v|
|
221
|
-
options[:add_management] = v
|
222
|
-
end
|
223
|
-
|
224
|
-
opt.on("--add-login",
|
225
|
-
"Create session controller and views.") do |v|
|
226
|
-
options[:add_login] = v
|
227
|
-
end
|
228
|
-
|
229
|
-
opt.on("--skip-rules",
|
230
|
-
"Skip installation of lib/lockdown/init.rb lib/lockdown/session.rb") do |v|
|
231
|
-
options[:skip_rules] = v
|
232
|
-
end
|
233
|
-
|
234
|
-
opt.on("--skip-migrations",
|
235
|
-
"Skip migrations installation") do |v|
|
236
|
-
options[:skip_migrations] = v
|
237
|
-
end
|
238
|
-
end
|
239
|
-
|
240
|
-
def write_migration(str)
|
241
|
-
@m.migration_template "db/migrate/#{str}.rb", "db/migrate",
|
242
|
-
:migration_file_name => str
|
243
|
-
end
|
244
|
-
|
245
|
-
def write_model(str)
|
246
|
-
@m.file "app/models/#{str}.rb", "app/models/#{str}.rb"
|
247
|
-
end
|
248
|
-
|
249
|
-
def write_controller(str)
|
250
|
-
@m.template "app/controllers/#{str}_controller.rb",
|
251
|
-
"#{@controller_path}/#{str}_controller.rb"
|
252
|
-
write_helper(str)
|
253
|
-
end
|
254
|
-
|
255
|
-
def write_helper(str)
|
256
|
-
@m.template "app/helpers/#{str}_helper.rb",
|
257
|
-
"#{@helper_path}/#{str}_helper.rb"
|
258
|
-
end
|
259
|
-
|
260
|
-
def write_routes_file(routes)
|
261
|
-
sentinel = 'ActionController::Routing::Routes.draw do |map|'
|
262
|
-
|
263
|
-
@m.gsub_file 'config/routes.rb', /(#{Regexp.escape(sentinel)})/mi do |match|
|
264
|
-
"#{match}\n #{routes}\n"
|
265
|
-
end
|
266
|
-
end
|
267
|
-
|
268
|
-
def write_init_file(sentinel, str)
|
269
|
-
@m.gsub_file 'lib/lockdown/init.rb', /(#{Regexp.escape(sentinel)})/mi do |match|
|
270
|
-
"#{match}\n #{str}"
|
271
|
-
end
|
272
|
-
end
|
273
|
-
|
274
|
-
end
|
@@ -1,22 +0,0 @@
|
|
1
|
-
class <%= "#{namespace.camelcase}::" unless namespace.blank? %>PermissionsController < ApplicationController
|
2
|
-
# GET /permissions
|
3
|
-
# GET /permissions.xml
|
4
|
-
def index
|
5
|
-
@permissions = Permission.find(:all)
|
6
|
-
|
7
|
-
respond_to do |format|
|
8
|
-
format.html # index.html.erb
|
9
|
-
format.xml { render :xml => @permissions }
|
10
|
-
end
|
11
|
-
end
|
12
|
-
|
13
|
-
# GET /permissions/1
|
14
|
-
# GET /permissions/1.xml
|
15
|
-
def show
|
16
|
-
@permission = Permission.find(params[:id])
|
17
|
-
respond_to do |format|
|
18
|
-
format.html # show.html.erb
|
19
|
-
format.xml { render :xml => @permission }
|
20
|
-
end
|
21
|
-
end
|
22
|
-
end
|
@@ -1,39 +0,0 @@
|
|
1
|
-
class SessionsController < ApplicationController
|
2
|
-
|
3
|
-
# This controller handles the login/logout function of the site.
|
4
|
-
def new
|
5
|
-
#Stub required for Lockdown to grant access
|
6
|
-
end
|
7
|
-
|
8
|
-
def create
|
9
|
-
password_authentication(params[:login], params[:password])
|
10
|
-
end
|
11
|
-
|
12
|
-
def destroy
|
13
|
-
logger.info "resetting session in sessions controller"
|
14
|
-
reset_session
|
15
|
-
flash[:notice] = "You have been logged out."
|
16
|
-
redirect_back_or_default('/')
|
17
|
-
end
|
18
|
-
|
19
|
-
protected
|
20
|
-
|
21
|
-
def password_authentication(login, password)
|
22
|
-
set_session_user(User.authenticate(login, password))
|
23
|
-
if logged_in?
|
24
|
-
successful_login
|
25
|
-
else
|
26
|
-
failed_login
|
27
|
-
end
|
28
|
-
end
|
29
|
-
|
30
|
-
def failed_login(message = 'Authentication failed.')
|
31
|
-
flash[:error] = message
|
32
|
-
redirect_back_or_default login_path
|
33
|
-
end
|
34
|
-
|
35
|
-
def successful_login
|
36
|
-
flash[:notice] = "Logged in successfully"
|
37
|
-
redirect_back_or_default Lockdown::System.fetch(:successful_login_path)
|
38
|
-
end
|
39
|
-
end
|
@@ -1,122 +0,0 @@
|
|
1
|
-
class <%= "#{namespace.camelcase}::" unless namespace.blank? %>UserGroupsController < ApplicationController
|
2
|
-
before_filter :find_user_group, :only => [:show, :edit, :update, :destroy]
|
3
|
-
after_filter :update_permissions, :only => [:create, :update]
|
4
|
-
|
5
|
-
# GET /user_groups
|
6
|
-
# GET /user_groups.xml
|
7
|
-
def index
|
8
|
-
@user_groups = UserGroup.find(:all)
|
9
|
-
|
10
|
-
respond_to do |format|
|
11
|
-
format.html # index.html.erb
|
12
|
-
format.xml { render :xml => @user_groups }
|
13
|
-
end
|
14
|
-
end
|
15
|
-
|
16
|
-
# GET /user_groups/1
|
17
|
-
# GET /user_groups/1.xml
|
18
|
-
def show
|
19
|
-
@all_permissions = Lockdown::System.permissions_assignable_for_user(current_user)
|
20
|
-
respond_to do |format|
|
21
|
-
format.html # show.html.erb
|
22
|
-
format.xml { render :xml => @user_group }
|
23
|
-
end
|
24
|
-
end
|
25
|
-
|
26
|
-
# GET /user_groups/new
|
27
|
-
# GET /user_groups/new.xml
|
28
|
-
def new
|
29
|
-
@user_group = UserGroup.new
|
30
|
-
@all_permissions = Lockdown::System.permissions_assignable_for_user(current_user)
|
31
|
-
|
32
|
-
respond_to do |format|
|
33
|
-
format.html # new.html.erb
|
34
|
-
format.xml { render :xml => @user_group }
|
35
|
-
end
|
36
|
-
end
|
37
|
-
|
38
|
-
# GET /user_groups/1/edit
|
39
|
-
def edit
|
40
|
-
@all_permissions = Lockdown::System.permissions_assignable_for_user(current_user)
|
41
|
-
end
|
42
|
-
|
43
|
-
# POST /user_groups
|
44
|
-
# POST /user_groups.xml
|
45
|
-
def create
|
46
|
-
@user_group = UserGroup.new(params[:user_group])
|
47
|
-
|
48
|
-
respond_to do |format|
|
49
|
-
if @user_group.save
|
50
|
-
flash[:notice] = 'UserGroup was successfully created.'
|
51
|
-
<% if namespace %>
|
52
|
-
format.html { redirect_to(<%= namespace %>_user_group_path(@user_group)) }
|
53
|
-
<% else %>
|
54
|
-
format.html { redirect_to(user_group_path(@user_group)) }
|
55
|
-
<% end %>
|
56
|
-
format.xml { render :xml => @user_group, :status => :created, :location => @user_group }
|
57
|
-
else
|
58
|
-
@all_permissions = Lockdown::System.permissions_assignable_for_user(current_user)
|
59
|
-
format.html { render :action => "new" }
|
60
|
-
format.xml { render :xml => @user_group.errors, :status => :unprocessable_entity }
|
61
|
-
end
|
62
|
-
end
|
63
|
-
end
|
64
|
-
|
65
|
-
# PUT /user_groups/1
|
66
|
-
# PUT /user_groups/1.xml
|
67
|
-
def update
|
68
|
-
respond_to do |format|
|
69
|
-
if @user_group.update_attributes(params[:user_group])
|
70
|
-
flash[:notice] = 'UserGroup was successfully updated.'
|
71
|
-
<% if namespace %>
|
72
|
-
format.html { redirect_to(<%= namespace %>_user_group_path(@user_group)) }
|
73
|
-
<% else %>
|
74
|
-
format.html { redirect_to(user_group_path(@user_group)) }
|
75
|
-
<% end %>
|
76
|
-
format.xml { head :ok }
|
77
|
-
else
|
78
|
-
@all_permissions = Lockdown::System.permissions_assignable_for_user(current_user)
|
79
|
-
format.html { render :action => "edit" }
|
80
|
-
format.xml { render :xml => @user_group.errors, :status => :unprocessable_entity }
|
81
|
-
end
|
82
|
-
end
|
83
|
-
end
|
84
|
-
|
85
|
-
# DELETE /user_groups/1
|
86
|
-
# DELETE /user_groups/1.xml
|
87
|
-
def destroy
|
88
|
-
@user_group.destroy
|
89
|
-
|
90
|
-
respond_to do |format|
|
91
|
-
format.html { redirect_to(<%= namespace.blank? ? 'user_groups_path' : "#{namespace}_user_groups_path" %>) }
|
92
|
-
format.xml { head :ok }
|
93
|
-
end
|
94
|
-
end
|
95
|
-
|
96
|
-
private
|
97
|
-
|
98
|
-
def find_user_group
|
99
|
-
@user_group = UserGroup.find(params[:id])
|
100
|
-
if <%= action_name %> != "show" && Lockdown::System.has_user_group?(@user_group)
|
101
|
-
raise SecurityError,"Invalid attempt to modify user group."
|
102
|
-
end
|
103
|
-
end
|
104
|
-
|
105
|
-
def update_permissions
|
106
|
-
new_perm_ids = params.collect{|p| p[0].split("_")[1].to_i if p[0] =~ /^perm_/}.compact
|
107
|
-
#
|
108
|
-
# Removed previously associated permissions if not checked this time.
|
109
|
-
#
|
110
|
-
@user_group.permissions.dup.each do |p|
|
111
|
-
@user_group.permissions.delete(p) unless new_perm_ids.include?(p.id)
|
112
|
-
end
|
113
|
-
|
114
|
-
#
|
115
|
-
# Add in the new permissions
|
116
|
-
#
|
117
|
-
new_perm_ids.each do |id|
|
118
|
-
next if @user_group.permission_ids.include?(id)
|
119
|
-
@user_group.permissions << Permission.find(id)
|
120
|
-
end
|
121
|
-
end
|
122
|
-
end
|
@@ -1,117 +0,0 @@
|
|
1
|
-
class <%= "#{namespace.camelcase}::" unless namespace.blank? %>UsersController < ApplicationController
|
2
|
-
before_filter :find_user, :only => [:show, :edit, :update, :destroy]
|
3
|
-
after_filter :update_user_groups, :only => [:create, :update]
|
4
|
-
# GET /users
|
5
|
-
# GET /users.xml
|
6
|
-
def index
|
7
|
-
@users = User.find :all, :include => [:profile, :user_groups]
|
8
|
-
respond_to do |format|
|
9
|
-
format.html # index.html.erb
|
10
|
-
format.xml { render :xml => @users }
|
11
|
-
end
|
12
|
-
end
|
13
|
-
|
14
|
-
# GET /users/1
|
15
|
-
# GET /users/1.xml
|
16
|
-
def show
|
17
|
-
@user_groups_for_user = Lockdown::System.user_groups_assignable_for_user(current_user)
|
18
|
-
respond_to do |format|
|
19
|
-
format.html # show.html.erb
|
20
|
-
format.xml { render :xml => @user }
|
21
|
-
end
|
22
|
-
end
|
23
|
-
|
24
|
-
# GET /users/new
|
25
|
-
# GET /users/new.xml
|
26
|
-
def new
|
27
|
-
@user = User.new
|
28
|
-
@user_groups_for_user = Lockdown::System.user_groups_assignable_for_user(current_user)
|
29
|
-
respond_to do |format|
|
30
|
-
format.html # new.html.erb
|
31
|
-
format.xml { render :xml => @user }
|
32
|
-
end
|
33
|
-
end
|
34
|
-
|
35
|
-
# GET /users/1/edit
|
36
|
-
def edit
|
37
|
-
@user_groups_for_user = Lockdown::System.user_groups_assignable_for_user(current_user)
|
38
|
-
end
|
39
|
-
|
40
|
-
# POST /users
|
41
|
-
# POST /users.xml
|
42
|
-
def create
|
43
|
-
@user = User.new(params[:user])
|
44
|
-
|
45
|
-
if @user.save
|
46
|
-
flash[:notice] = "Thanks for signing up!"
|
47
|
-
redirect_to(<%= namespace.blank? ? 'user_path(@user)' : "#{namespace}_user_path(@user)" %>)
|
48
|
-
else
|
49
|
-
@user_groups_for_user = Lockdown::System.user_groups_assignable_for_user(current_user)
|
50
|
-
flash[:error] = "Please correct the following issues"
|
51
|
-
render :action => "new"
|
52
|
-
end
|
53
|
-
end
|
54
|
-
|
55
|
-
# PUT /users/1
|
56
|
-
# PUT /users/1.xml
|
57
|
-
def update
|
58
|
-
@user.attributes = params[:user]
|
59
|
-
|
60
|
-
respond_to do |format|
|
61
|
-
if @user.save
|
62
|
-
flash[:notice] = 'User was successfully updated.'
|
63
|
-
format.html { redirect_to(<%= namespace.blank? ? 'user_path(@user)' : "#{namespace}_user_path(@user)"%>) }
|
64
|
-
format.xml { head :ok }
|
65
|
-
else
|
66
|
-
@user_groups_for_user = Lockdown::System.user_groups_assignable_for_user(current_user)
|
67
|
-
format.html { render :action => "edit" }
|
68
|
-
format.xml { render :xml => @user.errors, :status => :unprocessable_entity }
|
69
|
-
end
|
70
|
-
end
|
71
|
-
end
|
72
|
-
|
73
|
-
# DELETE /users/1
|
74
|
-
# DELETE /users/1.xml
|
75
|
-
def destroy
|
76
|
-
@user.destroy
|
77
|
-
|
78
|
-
respond_to do |format|
|
79
|
-
format.html { redirect_to(<%= namespace.blank? ? 'users_path' : "#{namespace}_users_path" %>) }
|
80
|
-
format.xml { head :ok }
|
81
|
-
end
|
82
|
-
end
|
83
|
-
|
84
|
-
def change_password
|
85
|
-
render :update do |page|
|
86
|
-
page.replace_html 'password', :partial => 'password'
|
87
|
-
end
|
88
|
-
end
|
89
|
-
|
90
|
-
private
|
91
|
-
|
92
|
-
def find_user
|
93
|
-
# Skip test if current user is an administrator
|
94
|
-
unless current_user_is_admin?
|
95
|
-
# Raise error if id not = current logged in user
|
96
|
-
raise SecurityError.new if (current_user_id != params[:id].to_i)
|
97
|
-
end
|
98
|
-
@user = User.find(params[:id])
|
99
|
-
raise SecurityError.new if @user.nil?
|
100
|
-
end
|
101
|
-
|
102
|
-
def update_user_groups
|
103
|
-
new_ug_ids = params.collect{|p| p[0].split("_")[1].to_i if p[0] =~ /^ug_/}.compact
|
104
|
-
# Removed previously associated user_groups if not checked this time.
|
105
|
-
#
|
106
|
-
@user.user_groups.dup.each do |g|
|
107
|
-
@user.user_groups.delete(g) unless new_ug_ids.include?(g.id)
|
108
|
-
end
|
109
|
-
|
110
|
-
# Add in the new permissions
|
111
|
-
#
|
112
|
-
new_ug_ids.each do |id|
|
113
|
-
next if @user.user_group_ids.include?(id)
|
114
|
-
@user.user_groups << UserGroup.find(id)
|
115
|
-
end
|
116
|
-
end
|
117
|
-
end
|
@@ -1,13 +0,0 @@
|
|
1
|
-
class Permission < ActiveRecord::Base
|
2
|
-
has_and_belongs_to_many :user_groups
|
3
|
-
|
4
|
-
def all_users
|
5
|
-
User.find_by_sql <<-SQL
|
6
|
-
select users.*
|
7
|
-
from users, user_groups_users, permissions_user_groups
|
8
|
-
where users.id = user_groups_users.user_id
|
9
|
-
and user_groups_users.user_group_id = permissions_user_groups.user_group_id
|
10
|
-
and permissions_user_groups.permission_id = #{self.id}
|
11
|
-
SQL
|
12
|
-
end
|
13
|
-
end
|
@@ -1,10 +0,0 @@
|
|
1
|
-
class Profile < ActiveRecord::Base
|
2
|
-
SYSTEM = 1
|
3
|
-
|
4
|
-
validates_presence_of :email, :first_name, :last_name
|
5
|
-
|
6
|
-
validates_length_of :email, :within => 5..100
|
7
|
-
validates_format_of :email, :with => /\A([^@\s]+)@((?:[-a-z0-9]+\.)+[a-z]{2,})\Z/i
|
8
|
-
|
9
|
-
validates_uniqueness_of :email, :case_sensitive => false
|
10
|
-
end
|