lockdown_vail 1.6.2.1

data/lib/lockdown.rb

@@ -0,0 +1,87 @@
+$:.unshift File.dirname(__FILE__)
+
+require 'logger'
+
+require File.join("lockdown", "errors")
+require File.join("lockdown", "helper")
+require File.join("lockdown", "session")
+require File.join("lockdown", "context")
+require File.join("lockdown", "permission")
+require File.join("lockdown", "database")
+require File.join("lockdown", "rules")
+require File.join("lockdown", "system")
+require File.join("lockdown", "references")
+
+module Lockdown
+  extend Lockdown::References
+  extend Lockdown::Helper
+
+  VERSION = '1.6.2.1'
+
+  class << self
+    attr_accessor :logger
+
+    # Returns the version string for the library.
+    def version
+      VERSION
+    end
+
+    def major_version
+      version.split('.')[0].to_i
+    end
+
+    def minor_version
+      version.split('.')[1].to_i
+    end
+
+    def patch_version
+      version.split('.')[2].to_i
+    end
+
+    # Mixin Lockdown code to the appropriate framework and ORM
+    def mixin
+      if mixin_resource?("frameworks")
+        unless mixin_resource?("orms")
+          raise NotImplementedError, "ORM unknown to Lockdown!"
+        end
+      else
+        Lockdown.logger.info "=> Note:: Lockdown cannot determine framework and therefore is not active.\n"
+      end
+    end # mixin
+
+    def maybe_parse_init
+      return if Lockdown::System.initialized?
+
+      if File.exists?(Lockdown.init_file)
+        Lockdown.logger.info "=> Requiring Lockdown rules engine: #{Lockdown.init_file} \n"
+        load Lockdown.init_file
+      else
+        Lockdown.logger.info "=> Note:: Lockdown couldn't find init file: #{Lockdown.init_file}\n"
+      end
+    end
+
+    private
+
+    def mixin_resource?(str)
+      wildcard_path = File.join( File.dirname(__FILE__), 'lockdown', str , '*.rb' ) 
+      Dir[wildcard_path].each do |f|
+        require f
+        module_name = File.basename(f).split(".")[0]
+        module_class = eval("Lockdown::#{str.capitalize}::#{Lockdown.camelize(module_name)}")
+        if module_class.use_me?
+          include module_class
+          return true
+        end
+      end
+      false
+    end # mixin_resource?
+  end # class block
+
+  self.logger = Logger.new(STDOUT)
+
+end # Lockdown
+
+Lockdown.logger.info "=> Mixing in Lockdown version: #{Lockdown.version} \n"
+Lockdown.mixin
+
+

data/lockdown.gemspec

@@ -0,0 +1,118 @@
+# Generated by jeweler
+# DO NOT EDIT THIS FILE DIRECTLY
+# Instead, edit Jeweler::Tasks in Rakefile, and run the gemspec command
+# -*- encoding: utf-8 -*-
+
+Gem::Specification.new do |s|
+  s.name = %q{lockdown}
+  s.version = "1.6.2"
+
+  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
+  s.authors = ["Andrew Stone"]
+  s.date = %q{2009-11-28}
+  s.description = %q{Restrict access to your controller actions.  Supports basic model level restrictions as well}
+  s.email = %q{andy@stonean.com}
+  s.extra_rdoc_files = [
+    "README.txt"
+  ]
+  s.files = [
+    ".gitignore",
+     "README.txt",
+     "Rakefile",
+     "lib/lockdown.rb",
+     "lib/lockdown/context.rb",
+     "lib/lockdown/database.rb",
+     "lib/lockdown/errors.rb",
+     "lib/lockdown/frameworks/rails.rb",
+     "lib/lockdown/frameworks/rails/controller.rb",
+     "lib/lockdown/frameworks/rails/view.rb",
+     "lib/lockdown/helper.rb",
+     "lib/lockdown/orms/active_record.rb",
+     "lib/lockdown/permission.rb",
+     "lib/lockdown/references.rb",
+     "lib/lockdown/rspec_helper.rb",
+     "lib/lockdown/rules.rb",
+     "lib/lockdown/session.rb",
+     "lib/lockdown/system.rb",
+     "lockdown.gemspec",
+     "rails_generators/lockdown/lockdown_generator.rb",
+     "rails_generators/lockdown/templates/app/controllers/permissions_controller.rb",
+     "rails_generators/lockdown/templates/app/controllers/sessions_controller.rb",
+     "rails_generators/lockdown/templates/app/controllers/user_groups_controller.rb",
+     "rails_generators/lockdown/templates/app/controllers/users_controller.rb",
+     "rails_generators/lockdown/templates/app/helpers/permissions_helper.rb",
+     "rails_generators/lockdown/templates/app/helpers/user_groups_helper.rb",
+     "rails_generators/lockdown/templates/app/helpers/users_helper.rb",
+     "rails_generators/lockdown/templates/app/models/permission.rb",
+     "rails_generators/lockdown/templates/app/models/profile.rb",
+     "rails_generators/lockdown/templates/app/models/user.rb",
+     "rails_generators/lockdown/templates/app/models/user_group.rb",
+     "rails_generators/lockdown/templates/app/views/permissions/index.html.erb",
+     "rails_generators/lockdown/templates/app/views/permissions/show.html.erb",
+     "rails_generators/lockdown/templates/app/views/sessions/new.html.erb",
+     "rails_generators/lockdown/templates/app/views/user_groups/edit.html.erb",
+     "rails_generators/lockdown/templates/app/views/user_groups/index.html.erb",
+     "rails_generators/lockdown/templates/app/views/user_groups/new.html.erb",
+     "rails_generators/lockdown/templates/app/views/user_groups/show.html.erb",
+     "rails_generators/lockdown/templates/app/views/users/edit.html.erb",
+     "rails_generators/lockdown/templates/app/views/users/index.html.erb",
+     "rails_generators/lockdown/templates/app/views/users/new.html.erb",
+     "rails_generators/lockdown/templates/app/views/users/show.html.erb",
+     "rails_generators/lockdown/templates/config/initializers/lockit.rb",
+     "rails_generators/lockdown/templates/db/migrate/create_admin_user.rb",
+     "rails_generators/lockdown/templates/db/migrate/create_permissions.rb",
+     "rails_generators/lockdown/templates/db/migrate/create_profiles.rb",
+     "rails_generators/lockdown/templates/db/migrate/create_user_groups.rb",
+     "rails_generators/lockdown/templates/db/migrate/create_users.rb",
+     "rails_generators/lockdown/templates/lib/lockdown/README",
+     "rails_generators/lockdown/templates/lib/lockdown/init.rb",
+     "spec/lockdown/context_spec.rb",
+     "spec/lockdown/database_spec.rb",
+     "spec/lockdown/frameworks/rails/controller_spec.rb",
+     "spec/lockdown/frameworks/rails/view_spec.rb",
+     "spec/lockdown/frameworks/rails_spec.rb",
+     "spec/lockdown/permission_spec.rb",
+     "spec/lockdown/rspec_helper_spec.rb",
+     "spec/lockdown/rules_spec.rb",
+     "spec/lockdown/session_spec.rb",
+     "spec/lockdown/system_spec.rb",
+     "spec/lockdown_spec.rb",
+     "spec/rcov.opts",
+     "spec/spec.opts",
+     "spec/spec_helper.rb"
+  ]
+  s.homepage = %q{http://stonean.com/wiki/lockdown}
+  s.rdoc_options = ["--charset=UTF-8"]
+  s.require_paths = ["lib"]
+  s.rubyforge_project = %q{lockdown}
+  s.rubygems_version = %q{1.3.5}
+  s.summary = %q{Authorization system for Rails 2.x}
+  s.test_files = [
+    "spec/lockdown/context_spec.rb",
+     "spec/lockdown/database_spec.rb",
+     "spec/lockdown/frameworks/rails/controller_spec.rb",
+     "spec/lockdown/frameworks/rails/view_spec.rb",
+     "spec/lockdown/frameworks/rails_spec.rb",
+     "spec/lockdown/permission_spec.rb",
+     "spec/lockdown/rspec_helper_spec.rb",
+     "spec/lockdown/rules_spec.rb",
+     "spec/lockdown/session_spec.rb",
+     "spec/lockdown/system_spec.rb",
+     "spec/lockdown_spec.rb",
+     "spec/spec_helper.rb"
+  ]
+
+  if s.respond_to? :specification_version then
+    current_version = Gem::Specification::CURRENT_SPECIFICATION_VERSION
+    s.specification_version = 3
+
+    if Gem::Version.new(Gem::RubyGemsVersion) >= Gem::Version.new('1.2.0') then
+      s.add_development_dependency(%q<rspec>, [">= 0"])
+    else
+      s.add_dependency(%q<rspec>, [">= 0"])
+    end
+  else
+    s.add_dependency(%q<rspec>, [">= 0"])
+  end
+end
+

data/lockdown_vail.gemspec

@@ -0,0 +1,120 @@
+# Generated by jeweler
+# DO NOT EDIT THIS FILE DIRECTLY
+# Instead, edit Jeweler::Tasks in Rakefile, and run the gemspec command
+# -*- encoding: utf-8 -*-
+
+Gem::Specification.new do |s|
+  s.name = %q{lockdown_vail}
+  s.version = "1.6.2.1"
+
+  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
+  s.authors = ["Andrew Stone"]
+  s.date = %q{2010-03-12}
+  s.description = %q{Restrict access to your controller actions.  Supports basic model level restrictions as well}
+  s.email = %q{andy@stonean.com}
+  s.extra_rdoc_files = [
+    "README.txt"
+  ]
+  s.files = [
+    ".gitignore",
+     "README.txt",
+     "Rakefile",
+     "VERSION",
+     "lib/lockdown.rb",
+     "lib/lockdown/context.rb",
+     "lib/lockdown/database.rb",
+     "lib/lockdown/errors.rb",
+     "lib/lockdown/frameworks/rails.rb",
+     "lib/lockdown/frameworks/rails/controller.rb",
+     "lib/lockdown/frameworks/rails/view.rb",
+     "lib/lockdown/helper.rb",
+     "lib/lockdown/orms/active_record.rb",
+     "lib/lockdown/permission.rb",
+     "lib/lockdown/references.rb",
+     "lib/lockdown/rspec_helper.rb",
+     "lib/lockdown/rules.rb",
+     "lib/lockdown/session.rb",
+     "lib/lockdown/system.rb",
+     "lockdown.gemspec",
+     "lockdown_vail.gemspec",
+     "rails_generators/lockdown/lockdown_generator.rb",
+     "rails_generators/lockdown/templates/app/controllers/permissions_controller.rb",
+     "rails_generators/lockdown/templates/app/controllers/sessions_controller.rb",
+     "rails_generators/lockdown/templates/app/controllers/user_groups_controller.rb",
+     "rails_generators/lockdown/templates/app/controllers/users_controller.rb",
+     "rails_generators/lockdown/templates/app/helpers/permissions_helper.rb",
+     "rails_generators/lockdown/templates/app/helpers/user_groups_helper.rb",
+     "rails_generators/lockdown/templates/app/helpers/users_helper.rb",
+     "rails_generators/lockdown/templates/app/models/permission.rb",
+     "rails_generators/lockdown/templates/app/models/profile.rb",
+     "rails_generators/lockdown/templates/app/models/user.rb",
+     "rails_generators/lockdown/templates/app/models/user_group.rb",
+     "rails_generators/lockdown/templates/app/views/permissions/index.html.erb",
+     "rails_generators/lockdown/templates/app/views/permissions/show.html.erb",
+     "rails_generators/lockdown/templates/app/views/sessions/new.html.erb",
+     "rails_generators/lockdown/templates/app/views/user_groups/edit.html.erb",
+     "rails_generators/lockdown/templates/app/views/user_groups/index.html.erb",
+     "rails_generators/lockdown/templates/app/views/user_groups/new.html.erb",
+     "rails_generators/lockdown/templates/app/views/user_groups/show.html.erb",
+     "rails_generators/lockdown/templates/app/views/users/edit.html.erb",
+     "rails_generators/lockdown/templates/app/views/users/index.html.erb",
+     "rails_generators/lockdown/templates/app/views/users/new.html.erb",
+     "rails_generators/lockdown/templates/app/views/users/show.html.erb",
+     "rails_generators/lockdown/templates/config/initializers/lockit.rb",
+     "rails_generators/lockdown/templates/db/migrate/create_admin_user.rb",
+     "rails_generators/lockdown/templates/db/migrate/create_permissions.rb",
+     "rails_generators/lockdown/templates/db/migrate/create_profiles.rb",
+     "rails_generators/lockdown/templates/db/migrate/create_user_groups.rb",
+     "rails_generators/lockdown/templates/db/migrate/create_users.rb",
+     "rails_generators/lockdown/templates/lib/lockdown/README",
+     "rails_generators/lockdown/templates/lib/lockdown/init.rb",
+     "spec/lockdown/context_spec.rb",
+     "spec/lockdown/database_spec.rb",
+     "spec/lockdown/frameworks/rails/controller_spec.rb",
+     "spec/lockdown/frameworks/rails/view_spec.rb",
+     "spec/lockdown/frameworks/rails_spec.rb",
+     "spec/lockdown/permission_spec.rb",
+     "spec/lockdown/rspec_helper_spec.rb",
+     "spec/lockdown/rules_spec.rb",
+     "spec/lockdown/session_spec.rb",
+     "spec/lockdown/system_spec.rb",
+     "spec/lockdown_spec.rb",
+     "spec/rcov.opts",
+     "spec/spec.opts",
+     "spec/spec_helper.rb"
+  ]
+  s.homepage = %q{http://stonean.com/wiki/lockdown}
+  s.rdoc_options = ["--charset=UTF-8"]
+  s.require_paths = ["lib"]
+  s.rubyforge_project = %q{lockdown}
+  s.rubygems_version = %q{1.3.5}
+  s.summary = %q{Authorization system for Rails 2.x}
+  s.test_files = [
+    "spec/lockdown/context_spec.rb",
+     "spec/lockdown/database_spec.rb",
+     "spec/lockdown/frameworks/rails/controller_spec.rb",
+     "spec/lockdown/frameworks/rails/view_spec.rb",
+     "spec/lockdown/frameworks/rails_spec.rb",
+     "spec/lockdown/permission_spec.rb",
+     "spec/lockdown/rspec_helper_spec.rb",
+     "spec/lockdown/rules_spec.rb",
+     "spec/lockdown/session_spec.rb",
+     "spec/lockdown/system_spec.rb",
+     "spec/lockdown_spec.rb",
+     "spec/spec_helper.rb"
+  ]
+
+  if s.respond_to? :specification_version then
+    current_version = Gem::Specification::CURRENT_SPECIFICATION_VERSION
+    s.specification_version = 3
+
+    if Gem::Version.new(Gem::RubyGemsVersion) >= Gem::Version.new('1.2.0') then
+      s.add_development_dependency(%q<rspec>, [">= 0"])
+    else
+      s.add_dependency(%q<rspec>, [">= 0"])
+    end
+  else
+    s.add_dependency(%q<rspec>, [">= 0"])
+  end
+end
+

data/rails_generators/lockdown/lockdown_generator.rb

@@ -0,0 +1,274 @@
+@override_next_migration_string = false
+
+if Rails::VERSION::MAJOR >= 2 && Rails::VERSION::MINOR >= 1 
+  if Rails::VERSION::TINY == 0
+    @override_next_migration_string = true
+  elsif ActiveRecord::Base.timestamped_migrations
+    @override_next_migration_string = true
+  end
+end
+
+if @override_next_migration_string
+  class Rails::Generator::Commands::Base
+    protected
+    def next_migration_string(padding = 3)
+      sleep(1)
+      Time.now.utc.strftime("%Y%m%d%H%M%S") 
+    end
+  end
+end
+
+class LockdownGenerator < Rails::Generator::Base
+  attr_accessor :file_name, :action_name, :namespace, :view_path, :controller_path
+
+  def initialize(runtime_args, runtime_options = {})
+    super
+    if Rails::VERSION::MAJOR >= 2 && Rails::VERSION::MINOR >= 1
+      @action_name = "action_name"
+    else
+      @action_name = "@action_name"
+    end
+
+    @namespace = options[:namespace] if options[:namespace]
+
+    # so if the namespace option exists it sets the correct view path and controller path
+    @view_path = "app/views"
+    @controller_path = "app/controllers"
+    @helper_path = "app/helpers"
+    @lib_path = "lib/lockdown"
+
+    @initializer = "config/environment.rb"
+
+    if @namespace
+      @view_path += "/#{@namespace}"
+      @controller_path += "/#{@namespace}"
+      @helper_path += "/#{@namespace}"
+    end
+  end
+
+  def manifest
+    record do |m|
+      @m = m
+      # Ensure appropriate folder(s) exists
+      @m.directory @view_path
+      @m.directory @controller_path
+      @m.directory @helper_path
+      @m.directory @lib_path
+
+      unless options[:skip_rules]
+        @m.file "lib/lockdown/README", "lib/lockdown/README"
+        @m.file "lib/lockdown/init.rb", "lib/lockdown/init.rb"
+      end
+
+      add_management if options[:add_management]
+
+      add_login if options[:add_login]
+
+      add_models
+      
+      @m.file "config/initializers/lockit.rb", "config/initializers/lockit.rb"
+    end #record do |m|
+  end
+
+  protected
+
+  def add_management
+    @m.directory "#{@view_path}/users"
+    @m.directory "#{@view_path}/user_groups"
+    @m.directory "#{@view_path}/permissions"
+
+    write_controller("permissions")
+    write_controller("users")
+    write_controller("user_groups")
+
+    copy_views("users")
+
+    copy_views("user_groups")
+
+    @m.template "app/views/permissions/index.html.erb",
+      "#{@view_path}/permissions/index.html.erb"
+
+    @m.template "app/views/permissions/show.html.erb",
+      "#{@view_path}/permissions/show.html.erb"
+
+    add_management_routes
+    add_management_permissions
+  end
+
+  def add_login
+    @m.directory "app/views/sessions"
+
+    @m.template "app/controllers/sessions_controller.rb",
+      "app/controllers/sessions_controller.rb"
+
+    @m.template "app/views/sessions/new.html.erb",
+      "app/views/sessions/new.html.erb"
+    
+    add_login_routes
+    add_login_permissions
+  end
+
+  def add_models
+    @m.directory 'app/models'
+
+    write_model("user_group")
+    write_model("permission") 
+
+    if options[:add_lockdown_authentication]
+      write_model("user") 
+      write_model("profile") 
+    end
+
+    unless options[:skip_migrations]
+      write_migration("create_user_groups")
+      write_migration("create_permissions")
+
+      if options[:add_lockdown_authentication]
+        write_migration("create_profiles")
+        write_migration("create_users")
+        write_migration("create_admin_user")
+      end
+    end
+  end
+
+  def copy_views(vw)
+    @m.template "app/views/#{vw}/index.html.erb", "#{@view_path}/#{vw}/index.html.erb"
+    @m.template "app/views/#{vw}/show.html.erb", "#{@view_path}/#{vw}/show.html.erb"
+    @m.template "app/views/#{vw}/edit.html.erb", "#{@view_path}/#{vw}/edit.html.erb"
+    @m.template "app/views/#{vw}/new.html.erb", "#{@view_path}/#{vw}/new.html.erb"
+  end
+
+  def add_login_permissions
+    add_permissions "set_permission(:sessions_management).with_controller(:sessions)"
+    
+    add_predefined_user_group "set_public_access :sessions_management"
+  end
+
+  def add_management_routes
+    if @namespace.blank?
+      permissions = %Q(\tmap.resources :permissions)
+      users = %Q(\tmap.resources :users)
+      user_groups = %Q(\tmap.resources :user_groups)
+      routes = [permissions, user_groups, users].join("\n\n")
+    else
+      routes = %Q(\tmap.namespace :#{@namespace} do |#{@namespace}|\n\t\t#{@namespace}.resources :permissions\n\t\t#{@namespace}.resources :users\n\t\t#{@namespace}.resources :user_groups\n\tend)
+    end
+
+    write_routes_file(routes)
+  end
+
+  def add_management_permissions
+    perms = []
+    perms << "set_permission(:users_management).with_controller(:#{@namespace.blank? ? "users" : "#{@namespace}__users"})"
+    perms << "set_permission(:user_groups_management).with_controller(:#{@namespace.blank? ? "user_groups" : "#{@namespace}__user_groups"})"
+    perms << "set_permission(:permissions_management).with_controller(:#{@namespace.blank? ? "permissions" : "#{@namespace}__permissions"})"
+    perms << "set_permission(:my_account).with_controller(:#{@namespace.blank? ? "users" : "#{@namespace}__users"}).only_methods(:edit, :update, :show)"
+
+    add_permissions perms.join("\n  ")
+    
+    add_predefined_user_group "set_protected_access :my_account"
+  end
+
+  def add_permissions(str)
+    sentinel = '# Define your permissions here:'
+    write_init_file(sentinel, str)
+  end
+
+  def add_predefined_user_group(str)
+    sentinel = '# Define the built-in user groups here:'
+    write_init_file(sentinel, str)
+  end
+
+  def add_login_routes
+    sessions = %Q(\tmap.resources :sessions)
+    home     = %Q(\tmap.home '', :controller => 'sessions', :action => 'new')
+    login    = %Q(\tmap.login '/login', :controller => 'sessions', :action => 'new')
+    logout   = %Q(\tmap.logout '/logout', :controller => 'sessions', :action => 'destroy')
+    routes   = [sessions, home, login, logout].join("\n\n")
+
+    write_routes_file(routes)
+  end
+
+  def banner
+<<-EOS
+Installs the lockdown framework to managing users user_groups 
+and viewing permissions. Also includes a login screen.
+
+By default the entire set of stubs are installed.  
+
+Please use the appropriate options to customize your install. 
+
+USAGE: #{$0} #{spec.name} 
+EOS
+  end
+
+  def add_options!(opt)
+    opt.separator ''
+    opt.separator 'Options:'
+
+    opt.on("--namespace=admin",
+      "Install lockdown templates with a namespace, in this example 'admin'.") do |v|
+        options[:namespace] = v 
+      end
+
+    opt.on("--add-lockdown-authentication",
+      "Create user model + --add-login functionality.") do |v| 
+        options[:add_lockdown_authentication] = v
+      end
+
+    opt.on("--add-management",
+      "Create user, user_group, permission management controllers and views.") do |v|
+        options[:add_management] = v
+      end
+
+    opt.on("--add-login",
+      "Create session controller and views.") do |v| 
+        options[:add_login] = v 
+      end
+
+    opt.on("--skip-rules",
+      "Skip installation of lib/lockdown/init.rb lib/lockdown/session.rb") do |v| 
+        options[:skip_rules] = v
+      end
+
+    opt.on("--skip-migrations",
+      "Skip migrations installation") do |v| 
+        options[:skip_migrations] = v
+      end
+  end
+
+  def write_migration(str)
+    @m.migration_template "db/migrate/#{str}.rb", "db/migrate", 
+      :migration_file_name => str
+  end
+
+  def write_model(str)
+    @m.file "app/models/#{str}.rb", "app/models/#{str}.rb"
+  end
+
+  def write_controller(str)
+    @m.template "app/controllers/#{str}_controller.rb",
+      "#{@controller_path}/#{str}_controller.rb"
+    write_helper(str)
+  end
+
+  def write_helper(str)
+    @m.template "app/helpers/#{str}_helper.rb",
+      "#{@helper_path}/#{str}_helper.rb"
+  end
+
+  def write_routes_file(routes)
+    sentinel = 'ActionController::Routing::Routes.draw do |map|'
+                
+    @m.gsub_file 'config/routes.rb', /(#{Regexp.escape(sentinel)})/mi do |match|
+      "#{match}\n #{routes}\n"
+    end
+  end
+
+  def write_init_file(sentinel, str)
+    @m.gsub_file 'lib/lockdown/init.rb', /(#{Regexp.escape(sentinel)})/mi do |match|
+      "#{match}\n  #{str}"
+    end
+  end
+  
+end