lockdown 0.5.9 → 0.5.10

data/History.txt

@@ -1,3 +1,11 @@
+== 0.5.10 2008-06-24
+* Modified: Classy Inheritance is now bundled with Lockdown to simplify the user management screens.
+* Fixed: Templates: Use m.template with views to test for rails version for action_name issue 
+* Added: Templates: Missing javascript for do_highlight
+* Fixed: Templates: Usage of ul for permissions and user groups. 
+* Clean: Templates: Removed unnecessary :locals => {:f => f} attribute in _form partials
+* Clean: Templates: Changed text_field_tag to text_field.  
+
 == 0.5.9 2008-06-19
 * Fixed: Added url.strip! to account for spaces.  URI::split(url) was bombing if url contained spaces.
 

data/Manifest.txt

@@ -13,6 +13,7 @@ bin/lockdown
 config/hoe.rb
 config/requirements.rb
 lib/lockdown.rb
+lib/lockdown/classy-inheritance.rb
 lib/lockdown/controller.rb
 lib/lockdown/controller_inspector.rb
 lib/lockdown/helper.rb
@@ -68,8 +69,6 @@ test/test_lockdown.rb
 test/test_lockdown_all_generator.rb
 test/test_lockdown_generator.rb
 test/test_lockdown_models_generator.rb
-website/generator.html
-website/generator.txt
 website/index.html
 website/index.txt
 website/javascripts/rounded_corners_lite.inc.js

data/bin/lockdown

@@ -95,9 +95,11 @@ begin
   RubiGen::Scripts::Generate.new.run(ARGV, :generator => 'lockdown', :framework => @framework)
 
   File.open(config_file, "a") do |f|
+    require_classy = %Q(require "lockdown/classy-inheritance")
     require_lockdown =  %Q(require "lockdown/init")
 
-    f << %Q(\n\n#{require_lockdown}\n\n) unless configuration_file_has?(require_lockdown)
+    f << %Q(\n#{require_classy}\n) unless configuration_file_has?(require_classy)
+    f << %Q(\n#{require_lockdown}\n) unless configuration_file_has?(require_lockdown)
   end
 rescue Exception => e
   puts e.backtrace.join("\n")

data/config/hoe.rb

@@ -2,7 +2,7 @@ require 'lockdown/version'
 
 AUTHOR = 'Andrew Stone'  # can also be an array of Authors
 EMAIL = "andrew.n.stone@gmail.com"
-DESCRIPTION = "Authorization/Authentication system for RubyOnRails and Merb"
+DESCRIPTION = "Authorization/Authentication system for RubyOnRails"
 GEM_NAME = 'lockdown' # what ppl will type to install your gem
 RUBYFORGE_PROJECT = 'lockdown' # The unix name for your project
 HOMEPATH = "http://#{RUBYFORGE_PROJECT}.rubyforge.org"

data/lib/lockdown/classy-inheritance.rb

@@ -0,0 +1,153 @@
+$:.unshift(File.dirname(__FILE__)) unless
+  $:.include?(File.dirname(__FILE__)) || $:.include?(File.expand_path(File.dirname(__FILE__)))
+
+module ActiveRecord::Validations::ClassMethods
+  def validates_associated(association, options = {})
+    class_eval do
+      validates_each(association) do |record, associate_name, value|
+        associate = record.send(associate_name)
+        if associate && !associate.valid?
+          associate.errors.each do |key, value|
+            record.errors.add(key, value)
+          end
+        end
+      end
+    end
+  end
+end
+
+module Stonean
+  module ClassyInheritance
+    def self.included(base)
+      base.extend Stonean::ClassyInheritance::ClassMethods
+    end
+
+    module ClassMethods
+      def depends_on(model_sym, options = {}) 
+        define_relationship(model_sym,options)
+
+        validates_presence_of model_sym
+        validates_associated model_sym
+
+        # Before save functionality to create/update the requisite object
+        define_save_method(model_sym, options[:as])
+
+        # Adds a find_with_<model_sym> class method
+        define_find_with_method(model_sym)
+
+        if options[:as]
+          define_can_be_method_on_requisite_class(model_sym, options[:as])
+        end
+
+        options[:attrs].each{|attr| define_accessors(model_sym, attr, options[:prefix])}
+      end
+
+
+      def can_be(model_sym, options = {})
+        unless options[:as]
+          raise ArgumentError, ":as attribute required when calling can_be"
+        end
+
+        klass = model_sym.to_s.classify
+
+        define_method "is_a_#{model_sym}?" do
+          eval("self.#{options[:as]}_type == '#{klass}'")
+        end
+
+        find_with_method = "find_with_#{self.name.underscore}"
+
+        define_method "as_a_#{model_sym}" do
+          eval("#{klass}.send(:#{find_with_method},self.#{options[:as]}_id)")
+        end
+      end
+
+      private
+
+      def define_relationship(model_sym, options)
+        opts = options.dup
+        opts.delete(:attrs)
+        if opts[:as]
+          as_opt = opts.delete(:as)
+          opts = polymorphic_constraints(as_opt).merge(opts)
+          has_one model_sym, opts
+        else
+          belongs_to model_sym, opts
+        end
+      end
+
+      def define_save_method(model_sym, polymorphic_name = nil)
+        define_method "save_requisite_#{model_sym}" do
+          if polymorphic_name
+            eval("self.#{model_sym}.#{polymorphic_name}_type = self.class.name")
+            eval("self.#{model_sym}.#{polymorphic_name}_id = self.id")
+          end
+
+          if polymorphic_name
+            eval <<-SAVEIT
+              unless self.#{model_sym}.new_record?
+                self.#{model_sym}.save
+              end
+            SAVEIT
+          else
+            eval("self.#{model_sym}.save")
+          end
+        end
+
+        before_save "save_requisite_#{model_sym}".to_sym
+      end
+
+      def define_find_with_method(model_sym)
+        self.class.send :define_method, "find_with_#{model_sym}" do |*args|
+          eval <<-CODE
+            if args[1] && args[1].is_a?(Hash)
+              if args[1].has_key?(:include)
+                inc_val = args[1][:include]
+                new_val = inc_val.is_a?(Array) ? inc_val.push(:#{:model_sym}) : [inc_val, :#{model_sym}] 
+                args[1][:include] = new_val
+              else
+                args[1].merge!({:include => :#{model_sym}})
+              end
+            else
+              args << {:include => :#{model_sym}}
+            end
+            find(*args)
+          CODE
+        end
+      end
+
+      def define_accessors(model_sym, attr, prefix)
+        accessor_method_name = ( prefix ? "#{model_sym}_#{attr}" : attr)
+
+        define_method accessor_method_name do
+          eval("self.#{model_sym} ? self.#{model_sym}.#{attr} : nil")
+        end
+
+        define_method "#{accessor_method_name}=" do |val|
+          model_defined = eval("self.#{model_sym}")
+
+          unless model_defined
+            klass = model_sym.to_s.classify
+            eval("self.#{model_sym} = #{klass}.new")
+          end
+
+          eval("self.#{model_sym}.#{attr}= val")
+        end
+      end
+
+      def define_can_be_method_on_requisite_class(model_sym, polymorphic_name)
+        klass = model_sym.to_s.classify
+        requisite_klass = eval(klass)
+        unless requisite_klass.respond_to?(self.name.underscore.to_sym)
+          requisite_klass.send :can_be, self.name.underscore, 
+                                      :as => polymorphic_name 
+        end
+      end
+
+      def polymorphic_constraints(polymorphic_name)
+        { :foreign_key => "#{polymorphic_name}_id",
+          :conditions => "#{polymorphic_name}_type = '#{self.name}'"}
+      end
+    end # ClassMethods
+  end # ClassyInheritance module
+end # Stonean module
+ActiveRecord::Base.send :include, Stonean::ClassyInheritance

data/lib/lockdown/version.rb

@@ -2,7 +2,7 @@ module Lockdown #:nodoc:
   module VERSION #:nodoc:
     MAJOR = 0
     MINOR = 5
-    TINY  = 9
+    TINY  = 10
 
     STRING = [MAJOR, MINOR, TINY].join('.')
   end

data/rails_generators/lockdown/lockdown_generator.rb

@@ -48,13 +48,13 @@ class LockdownGenerator < Rails::Generator::Base
     m.directory 'app/views/user_groups'
     m.directory 'app/views/permissions'
 
-    m.file "app/controllers/permissions_controller.rb",
+    m.template "app/controllers/permissions_controller.rb",
       "app/controllers/permissions_controller.rb"
 
-    m.file "app/controllers/users_controller.rb",
+    m.template "app/controllers/users_controller.rb",
       "app/controllers/users_controller.rb"
 
-    m.file "app/controllers/user_groups_controller.rb",
+    m.template "app/controllers/user_groups_controller.rb",
       "app/controllers/user_groups_controller.rb"
 
     m.template "app/helpers/permissions_helper.rb",
@@ -70,13 +70,13 @@ class LockdownGenerator < Rails::Generator::Base
 
     copy_views(m, "user_groups")
 
-    m.file "app/views/permissions/_data.html.erb",
+    m.template "app/views/permissions/_data.html.erb",
       "app/views/permissions/_data.html.erb"
 
-    m.file "app/views/permissions/index.html.erb",
+    m.template "app/views/permissions/index.html.erb",
       "app/views/permissions/index.html.erb"
 
-    m.file "app/views/permissions/show.html.erb",
+    m.template "app/views/permissions/show.html.erb",
       "app/views/permissions/show.html.erb"
 
     m.route_resources "permissions"
@@ -158,12 +158,12 @@ class LockdownGenerator < Rails::Generator::Base
   end # add_migrations
 
   def copy_views(m, vw)
-    m.file "app/views/#{vw}/_data.html.erb", "app/views/#{vw}/_data.html.erb"
-    m.file "app/views/#{vw}/_form.html.erb", "app/views/#{vw}/_form.html.erb"
-    m.file "app/views/#{vw}/index.html.erb", "app/views/#{vw}/index.html.erb"
-    m.file "app/views/#{vw}/show.html.erb", "app/views/#{vw}/show.html.erb"
-    m.file "app/views/#{vw}/edit.html.erb", "app/views/#{vw}/edit.html.erb"
-    m.file "app/views/#{vw}/new.html.erb", "app/views/#{vw}/new.html.erb"
+    m.template "app/views/#{vw}/_data.html.erb", "app/views/#{vw}/_data.html.erb"
+    m.template "app/views/#{vw}/_form.html.erb", "app/views/#{vw}/_form.html.erb"
+    m.template "app/views/#{vw}/index.html.erb", "app/views/#{vw}/index.html.erb"
+    m.template "app/views/#{vw}/show.html.erb", "app/views/#{vw}/show.html.erb"
+    m.template "app/views/#{vw}/edit.html.erb", "app/views/#{vw}/edit.html.erb"
+    m.template "app/views/#{vw}/new.html.erb", "app/views/#{vw}/new.html.erb"
   end
 
   def add_login_permissions(m)

data/rails_generators/lockdown/templates/app/controllers/user_groups_controller.rb

@@ -89,7 +89,7 @@ class UserGroupsController < ApplicationController
 
 	def find_user_group
     @user_group = UserGroup.find(params[:id])
-    if @action_name != "show" && Lockdown::System.has_user_group?(@user_group)
+    if <%= action_name %> != "show" && Lockdown::System.has_user_group?(@user_group)
       raise SecurityError,"Invalid attempt to modify user group."
     end
   end

data/rails_generators/lockdown/templates/app/controllers/users_controller.rb

@@ -25,7 +25,6 @@ class UsersController < ApplicationController
   # GET /users/new.xml
   def new
 		@user = User.new
-		@profile = Profile.new
     @user_groups_for_user = Lockdown::System.user_groups_assignable_for_user(current_user)
 		respond_to do |format|
      format.html # new.html.erb
@@ -42,9 +41,7 @@ class UsersController < ApplicationController
   # POST /users.xml
   def create
     @user = User.new(params[:user])
-    @profile = Profile.new(params[:profile])
 
-    @user.profile = @profile
 		if @user.save
 			flash[:notice] = "Thanks for signing up!"
 			redirect_to(users_path)
@@ -58,7 +55,6 @@ class UsersController < ApplicationController
   # PUT /users/1
   # PUT /users/1.xml
   def update
-		@user.profile.attributes = params[:profile]
 		@user.attributes = params[:user]
 
     respond_to do |format|
@@ -101,7 +97,6 @@ class UsersController < ApplicationController
 		end
 		@user = User.find(params[:id])
 		raise SecurityError.new if @user.nil?
-		@profile = @user.profile
 	end
 
 	def update_user_groups

data/rails_generators/lockdown/templates/app/helpers/user_groups_helper.rb

@@ -3,7 +3,7 @@ module UserGroupsHelper
     if <%= action_name %> == "show"
        h @user_group.name 
     else
-       text_field_tag "user_group[name]", @user_group.name
+       text_field :user_group, :name
     end
   end
 
@@ -18,8 +18,8 @@ module UserGroupsHelper
         checked = (@user_group.permission_ids.include?(perm.id) ? "checked" : "")
         bg << "_" << checked if checked.length > 0
         rvalue << <<-HTML
-          <li class="#{bg}">
-            <label id="lbl_#{input_id}" for="#{input_id}" onclick="do_highlight('#{input_id}')">
+          <li class="#{bg}" id="li_#{input_id}">
+            <label for="#{input_id}" onclick="do_highlight('#{input_id}')">
               <input id="#{input_id}" name="#{input_id}" type="checkbox" #{checked}/>&nbsp;&nbsp;#{perm.name}
             </label>
           </li>

data/rails_generators/lockdown/templates/app/helpers/users_helper.rb

@@ -1,25 +1,25 @@
 module UsersHelper
-  def profile_first_name_value
+  def user_first_name_value
     if <%= action_name %> == "show"
-      h @profile.first_name 
+      h @user.first_name 
     else
-      text_field_tag "profile[first_name]", @profile.first_name
+      text_field :user, :first_name
     end
   end
 
-  def profile_last_name_value
+  def user_last_name_value
     if <%= action_name %> == "show"
-      h @profile.last_name 
+      h @user.last_name 
     else
-      text_field_tag "profile[last_name]", @profile.last_name
+      text_field :user, :last_name
     end
   end
 
-  def profile_email_value
+  def user_email_value
     if <%= action_name %> == "show"
-      h @profile.email 
+      h @user.email 
     else
-      text_field_tag "profile[email]", @profile.email 
+      text_field :user, :email 
     end
   end
 
@@ -27,7 +27,7 @@ module UsersHelper
     if <%= action_name %> == "show"
       h @user.login 
     else
-      text_field_tag "user[login]", @user.login
+      text_field :user, :login
     end
   end
 
@@ -63,8 +63,8 @@ module UsersHelper
         checked = (@user.user_group_ids.include?(ug.id) ? "checked" : "")
         bg << "_" << checked if checked.length > 0
         rvalue << <<-HTML
-          <li class="#{bg}">
-            <label id="lbl_#{input_id}" for="#{input_id}" onclick="do_highlight('#{input_id}')">
+          <li class="#{bg}" id="li_#{input_id}">
+            <label for="#{input_id}" onclick="do_highlight('#{input_id}')">
             <input id="#{input_id}" name="#{input_id}" type="checkbox" #{checked}/>&nbsp;&nbsp;#{ug.name}
             </label>
           </li>

data/rails_generators/lockdown/templates/app/models/user.rb

@@ -1,7 +1,11 @@
 require 'digest/sha1'
 class User < ActiveRecord::Base
   has_and_belongs_to_many :user_groups
-  belongs_to :profile
+  # depends_on functionality is from the classy-inheritance gem 
+  # that is bundled with lockdown.
+  # For more info: http://stonean.com
+  #
+  depends_on :profile, :attrs => [:first_name, :last_name, :email]
   
   # Virtual attributes
   attr_accessor :password
@@ -14,12 +18,10 @@ class User < ActiveRecord::Base
   validates_length_of       :login,    :within => 3..40
   validates_uniqueness_of   :login, :case_sensitive => false
   
-  validates_presence_of :profile
-	validates_associated	:profile
-  
 	before_save :prepare_for_save
 
-  attr_accessible :login, :password, :password_confirmation
+  attr_accessible :login, :password, :password_confirmation, 
+                  :first_name, :last_name, :email
   
   # Authenticates a user by their login name and unencrypted password.  
   # Returns the user or nil.
@@ -42,19 +44,14 @@ class User < ActiveRecord::Base
     crypted_password == encrypt(password)
   end
   
-  def email
-    self.profile.email
-  end
-  
   def full_name
-    self.profile.first_name + " " + self.profile.last_name
+    self.first_name + " " + self.last_name
   end
   
   protected
 
   def prepare_for_save
     encrypt_password
-    self.profile.save
   end
       
   def encrypt_password

data/rails_generators/lockdown/templates/app/views/permissions/_data.html.erb

@@ -1,13 +1,13 @@
 <p>
   <b>Name</b><br />
-  <%= permission_name_value %>
+  <%%= permission_name_value %>
 </p>
 <p>
   <b>Access rights:</b><br />
-  <%= permission_access_rights_value %>
+  <%%= permission_access_rights_value %>
 </p>
 <p>
   <b>Users with permission:</b><br />
-  <%= permission_users_value %>
+  <%%= permission_users_value %>
 </p>
 

data/rails_generators/lockdown/templates/app/views/permissions/index.html.erb

@@ -5,12 +5,12 @@
     <th>Name</th>
   </tr>
 
-<% for permission in @permissions %>
+<%% for permission in @permissions %>
   <tr>
-    <td><%=h permission.name %></td>
-    <td><%= link_to 'Show', permission %></td>
+    <td><%%=h permission.name %></td>
+    <td><%%= link_to 'Show', permission %></td>
   </tr>
-<% end %>
+<%% end %>
 </table>
 
 <br />

data/rails_generators/lockdown/templates/app/views/permissions/show.html.erb

@@ -1,3 +1,3 @@
-<%= render :partial => "data",  :locals => {:f => nil} %>
+<%%= render :partial => "data"  %>
 
-<%= link_to 'Back', permissions_path %>
+<%%= link_to 'Back', permissions_path %>

data/rails_generators/lockdown/templates/app/views/user_groups/_data.html.erb

@@ -8,6 +8,7 @@ without this, the user group selection is just no good
   border: 1px solid #ccc;
   list-style: none;
   height: 300px;
+  height: 600px;
   text-align: left;
   list-style: none;
   margin-left: 12px;
@@ -30,15 +31,38 @@ li.odd_checked{
 
 <p>
   <b>Name</b><br />
-  <%= user_group_name_value %>
+  <%%= user_group_name_value %>
 </p>
 <p>
   <b>Permissions</b><br />
-  <%= user_group_permissions_value %>
+  <%%= user_group_permissions_value %>
 </p>
-<% if @action_name == "show" %>
+<%% if <%= action_name %> == "show" %>
 	<p>
 		<b>Users in user group:</b><br />
-		<%= user_group_users_value  %>
+		<%%= user_group_users_value  %>
 	</p>
-<% end%>
+<%% end%>
+
+<!--
+Take this out and place in your application.js.  
+This is duplicated in users/_data.html.erb
+-->
+<script type="text/javascript">
+
+  function do_highlight(id){
+    li = document.getElementById("li_"+id);
+    i = document.getElementById(id);
+    if (i.checked){
+      li.style.backgroundColor = "#ddd";
+      li.style.color = "#fff";
+    }else{
+      if (li.className == "odd"){
+        li.style.backgroundColor = "#fff";
+      }else{
+        li.style.backgroundColor = "#ccc";
+      } 
+      li.style.color = "#000";
+    }
+  }
+</script>

data/rails_generators/lockdown/templates/app/views/user_groups/_form.html.erb

@@ -1,11 +1,11 @@
-<%
+<%%
   submit_label = "Update"
   submit_label = "Create" if @user_group.new_record?
 -%>
 
-<%= error_messages_for :user_group %>
+<%%= error_messages_for :user_group %>
 
-<% form_for(@user_group) do |f| %>
-  <%= render :partial => "data", :locals => {:f => f} %>
-  <p> <%= f.submit submit_label %> </p>
-<% end %>
+<%% form_for(@user_group) do |f| %>
+  <%%= render :partial => "data" %>
+  <p> <%%= f.submit submit_label %> </p>
+<%% end %>

data/rails_generators/lockdown/templates/app/views/user_groups/edit.html.erb

@@ -1,6 +1,6 @@
 <h1>Editing Usergroup</h1>
 
-<%= render :partial => "form" %>
+<%%= render :partial => "form" %>
 
-<%= link_to 'Show', @user_group %> |
-<%= link_to 'Back', user_groups_path %>
+<%%= link_to 'Show', @user_group %> |
+<%%= link_to 'Back', user_groups_path %>

data/rails_generators/lockdown/templates/app/views/user_groups/index.html.erb

@@ -5,16 +5,16 @@
     <th>Name</th>
   </tr>
 
-<% for user_group in @user_groups %>
+<%% for user_group in @user_groups %>
   <tr>
-    <td><%=h user_group.name %></td>
-    <td><%= link_to 'Show', user_group %></td>
-    <td><%= link_to('Edit', edit_user_group_path(user_group)) unless Lockdown::System.has_user_group?(user_group) %></td>
-    <td><%= link_to('Destroy', user_group, :confirm => 'Are you sure?', :method => :delete) unless Lockdown::System.has_user_group?(user_group) %></td>
+    <td><%%=h user_group.name %></td>
+    <td><%%= link_to 'Show', user_group %></td>
+    <td><%%= link_to('Edit', edit_user_group_path(user_group)) unless Lockdown::System.has_user_group?(user_group) %></td>
+    <td><%%= link_to('Destroy', user_group, :confirm => 'Are you sure?', :method => :delete) unless Lockdown::System.has_user_group?(user_group) %></td>
   </tr>
-<% end %>
+<%% end %>
 </table>
 
 <br />
 
-<%= link_to 'New User Group', new_user_group_path %>
+<%%= link_to 'New User Group', new_user_group_path %>

data/rails_generators/lockdown/templates/app/views/user_groups/new.html.erb

@@ -1,5 +1,5 @@
 <h1>New Usergroup</h1>
 
-<%= render :partial => "form" %>
+<%%= render :partial => "form" %>
 
-<%= link_to 'Back', user_groups_path %>
+<%%= link_to 'Back', user_groups_path %>

data/rails_generators/lockdown/templates/app/views/user_groups/show.html.erb

@@ -1,6 +1,6 @@
-<%= render :partial => "data",  :locals => {:f => nil} %>
+<%%= render :partial => "data" %>
 
-<% unless Lockdown::System.has_user_group?(@user_group) %>
-  <%= link_to 'Edit', edit_user_group_path(@user_group) %> |
-<% end %>
-<%= link_to 'Back', user_groups_path %>
+<%% unless Lockdown::System.has_user_group?(@user_group) %>
+  <%%= link_to 'Edit', edit_user_group_path(@user_group) %> |
+<%% end %>
+<%%= link_to 'Back', user_groups_path %>