RubyGems - marty - Versions diffs - 0.5.12 - Mend

marty 0.5.12

Files changed (345) hide show

data/app/models/marty/tag.rb~ ADDED Viewed

@@ -0,0 +1,91 @@
+class Marty::Tag < Marty::Base
+  has_mcfly append_only: true
+<<<<<<< HEAD
+  # attr_accessible :created_dt, :name, :comment
+=======
+>>>>>>> master
+  mcfly_validates_uniqueness_of :name
+  validates_presence_of :name, :comment
+  belongs_to :user, class_name: "Marty::User"
+  def self.make_name(dt)
+    return 'DEV' if Mcfly.is_infinity(dt)
+    # If no dt is provided (which is the usual non-testing case), we
+    # use Time.now.strftime to name the posting.  This has the effect
+    # of using the host's timezone. i.e. since we're in PST8PDT, names
+    # will be based off of the Pacific TZ.
+    dt ||= Time.now
+    dt.strftime('%Y%m%d-%H%M')
+  end
+  before_validation :set_tag_name
+  def set_tag_name
+    self.name = self.class.make_name(self.created_dt)
+    true
+  end
+  def self.do_create(dt, comment)
+    o            = new
+    o.comment    = comment
+    o.created_dt = dt
+    o.save!
+    o
+  end
+  def isdev?
+    Mcfly.is_infinity(created_dt)
+  end
+  def self.map_to_tag(tag_id)
+    case tag_id
+    when String
+      tag = find_by_name(tag_id)
+      # if tag name wasn't found, look for a matching
+      # posting, then find the tag whose created_dt <= posting dt.
+      if !tag
+        posting = Marty::Posting.lookup(tag_id)
+        tag = find_match(Mcfly.normalize_infinity(posting.created_dt)) if
+          posting
+      end
+    when Fixnum
+      tag = find_by_id(tag_id)
+    when nil
+      tag = get_latest1
+    else
+      tag = tag_id
+    end
+    raise "bad tag identifier #{tag_id}" unless tag.is_a? Marty::Tag
+    tag
+  end
+  cached_delorean_fn :lookup, sig: 1 do
+    |name|
+    self.find_by_name(name)
+  end
+  # Performance hack to cache Rule AR object
+  cached_delorean_fn :lookup_id, sig: 1 do
+    |id|
+    find_by_id(id)
+  end
+  delorean_fn :lookup_dt, sig: 1 do
+    |name|
+    lookup(name).try(:created_dt)
+  end
+  delorean_fn :get_latest1, sig: 0 do
+    where("created_dt <> 'infinity'").order("created_dt DESC").first
+  end
+  delorean_fn :find_match, sig: 1 do
+    |dt|
+    id = where("created_dt <= ?", dt).order("created_dt DESC").pluck(:id).first
+    # performance hack
+    id && lookup_id(id)
+  end
+end

data/app/models/marty/token.rb ADDED Viewed

@@ -0,0 +1,30 @@
+class Marty::Token < Marty::Base
+  belongs_to :user
+  validates_uniqueness_of :value
+  before_create :delete_previous_tokens, :generate_new_token
+  # @@validity_time = 1.day
+  def generate_new_token
+    self.value = Token.generate_token_value
+  end
+  # # Return true if token has expired
+  # def expired?
+  #   return Time.now > self.created_on + @@validity_time
+  # end
+private
+  def self.generate_token_value
+    SecureRandom.hex(20)
+  end
+  # Removes obsolete tokens
+  def delete_previous_tokens
+    if user && !Marty::Util.db_in_recovery?
+      Token.delete_all(['user_id = ?', user.id])
+    end
+  end
+end

data/app/models/marty/user.rb ADDED Viewed

@@ -0,0 +1,146 @@
+require 'mcfly'
+require 'net/ldap'
+class Marty::User < Marty::Base
+  validates_presence_of :login, :firstname, :lastname
+  validates_uniqueness_of :login
+  validates_format_of :login, :with => /\A[a-z0-9_\-@\.]*\z/i
+  validates_length_of :login, :firstname, :lastname, maximum: 100
+  has_many :user_roles, dependent: :destroy
+  has_many :roles, through: :user_roles
+  scope :active, -> { where("#{self.table_name}.active = ?", true) }
+  validate :verify_changes
+  before_destroy :destroy_user
+  def name
+    "#{firstname} #{lastname}"
+  end
+  def to_s
+    name
+  end
+  # Returns the user who matches the given autologin +key+ or nil
+  def self.try_to_autologin(key)
+    tokens = Marty::Token.find_all_by_action_and_value('autologin', key.to_s)
+    # Make sure there's only 1 token that matches the key
+    if tokens.size == 1
+      token = tokens.first
+      autologin = Rails.configuration.marty.autologin || 0
+      if (token.created_on > autologin.to_i.day.ago) &&
+          token.user && token.user.active?
+        token.user
+      end
+    end
+  end
+  # Returns the user that matches provided login and password, or nil
+  def self.try_to_login(login, password)
+    login = login.to_s
+    password = password.to_s
+    # Make sure no one can sign in with an empty password
+    return nil if password.empty?
+    user = find_by_login(login)
+    return nil if !user || !user.active?
+    authenticate_with?(login, password) || nil
+  end
+  def self.authenticate_with?(login, password)
+    cf = Rails.configuration.marty
+    auth_source = cf.auth_source.to_s
+    if auth_source == "local"
+      ok = password == cf.local_password
+    elsif auth_source == "ldap"
+      # IMPORTANT NOTE: if server allows anonymous LDAP access, empty
+      # passwords will succeed!  i.e. if a valid user with empty
+      # password is sent in, ldap.bind will return OK.
+      cf = Rails.configuration.marty.ldap
+      ldap = Net::LDAP.new(host: cf.host,
+                           port: cf.port,
+                           base: cf.base_dn,
+                           auth: {
+                             method: :simple,
+                             username: cf.domain + "\\" + login,
+                             password: password,
+                           })
+      ok = ldap.bind
+    else
+      raise "bad auth_source: #{auth_source.inspect}"
+    end
+    find_by_login(login) if ok
+  end
+  def self.current=(user)
+    Mcfly.whodunnit = user
+  end
+  def self.current
+    Mcfly.whodunnit
+  end
+ def self.has_role(role)
+    mr = Mcfly.whodunnit.roles rescue []
+    mr.any? {|attr| attr.name == role}
+ end
+private
+  def verify_changes
+    # If current users role is only user_manager, restrict following
+    # 1 - Do not allow user to edit own record
+    # 2 - Do not allow user to edit the application system record
+    if user_manager_only
+      system_user = Marty::User.find_by_login(
+        Rails.configuration.marty.system_account.to_s)
+      system_id = system_user.id if system_user
+      if self.id == Mcfly.whodunnit.id
+        roles.each {|r| roles.delete r unless r.name == "user_manager"}
+        errors.add :base, "User Managers cannot edit "\
+          "or add additional roles to their own accounts"
+      elsif self.id == system_id
+        errors.add :base,
+        "User Managers cannot edit the application system account"
+      end
+    end
+    errors.add :base, "The application system account cannot be deactivated" if
+      self.login == Rails.configuration.marty.system_account.to_s &&
+      !self.active
+    errors.blank?
+  end
+  delorean_fn :get_roles, sig: 0 do
+     Mcfly.whodunnit.roles
+  end
+  def user_manager_only
+    Marty::User.has_role("user_manager") && !Marty::User.has_role("admin")
+  end
+  def destroy_user
+    errors.add :base, "You cannot delete your own account" if
+      self.login == Mcfly.whodunnit.login
+    errors.add :base, "You cannot delete the system account" if
+      self.login == Rails.configuration.marty.system_account.to_s
+    # Default to disallowing any deletions for now
+    errors.add :base,
+    "Users cannot be deleted - set 'Active' to false to disable the account"
+    errors.blank?
+  end
+end

data/app/models/marty/user.rb~ ADDED Viewed

@@ -0,0 +1,148 @@
+require 'mcfly'
+require 'net/ldap'
+class Marty::User < Marty::Base
+  has_paper_trail
+  validates_presence_of :login, :firstname, :lastname
+  validates_uniqueness_of :login
+  validates_format_of :login, :with => /\A[a-z0-9_\-@\.]*\z/i
+  validates_length_of :login, :firstname, :lastname, maximum: 100
+  has_many :user_roles, dependent: :destroy
+  has_many :roles, through: :user_roles
+  scope :active, -> { where("#{self.table_name}.active = ?", true) }
+  validate :verify_changes
+  before_destroy :destroy_user
+  def name
+    "#{firstname} #{lastname}"
+  end
+  def to_s
+    name
+  end
+  # Returns the user who matches the given autologin +key+ or nil
+  def self.try_to_autologin(key)
+    tokens = Marty::Token.find_all_by_action_and_value('autologin', key.to_s)
+    # Make sure there's only 1 token that matches the key
+    if tokens.size == 1
+      token = tokens.first
+      autologin = Rails.configuration.marty.autologin || 0
+      if (token.created_on > autologin.to_i.day.ago) &&
+          token.user && token.user.active?
+        token.user
+      end
+    end
+  end
+  # Returns the user that matches provided login and password, or nil
+  def self.try_to_login(login, password)
+    login = login.to_s
+    password = password.to_s
+    # Make sure no one can sign in with an empty password
+    return nil if password.empty?
+    user = find_by_login(login)
+    return nil if !user || !user.active?
+    authenticate_with?(login, password) || nil
+  end
+  def self.authenticate_with?(login, password)
+    cf = Rails.configuration.marty
+    auth_source = cf.auth_source.to_s
+    if auth_source == "local"
+      ok = password == cf.local_password
+    elsif auth_source == "ldap"
+      # IMPORTANT NOTE: if server allows anonymous LDAP access, empty
+      # passwords will succeed!  i.e. if a valid user with empty
+      # password is sent in, ldap.bind will return OK.
+      cf = Rails.configuration.marty.ldap
+      ldap = Net::LDAP.new(host: cf.host,
+                           port: cf.port,
+                           base: cf.base_dn,
+                           auth: {
+                             method: :simple,
+                             username: cf.domain + "\\" + login,
+                             password: password,
+                           })
+      ok = ldap.bind
+    else
+      raise "bad auth_source: #{auth_source.inspect}"
+    end
+    find_by_login(login) if ok
+  end
+  def self.current=(user)
+    Mcfly.whodunnit = user
+  end
+  def self.current
+    Mcfly.whodunnit
+  end
+ def self.has_role(role)
+    mr = Mcfly.whodunnit.roles rescue []
+    mr.any? {|attr| attr.name == role}
+ end
+private
+  def verify_changes
+    # If current users role is only user_manager, restrict following
+    # 1 - Do not allow user to edit own record
+    # 2 - Do not allow user to edit the Gemini system record
+    if user_manager_only
+      gemini_user = Marty::User.find_by_login(
+        Rails.configuration.marty.system_account.to_s)
+      gemini_id = gemini_user.id if gemini_user
+      if self.id == Mcfly.whodunnit.id
+        roles.each {|r| roles.delete r unless r.name == "user_manager"}
+        errors.add :base, "User Managers cannot edit "\
+          "or add additional roles to their own accounts"
+      elsif self.id == gemini_id
+        errors.add :base,
+        "User Managers cannot edit the Gemini system account"
+      end
+    end
+    errors.add :base, "The Gemini system account cannot be deactivated" if
+      self.login == Rails.configuration.marty.system_account.to_s &&
+      !self.active
+    errors.blank?
+  end
+  delorean_fn :get_roles, sig: 0 do
+     Mcfly.whodunnit.roles
+  end
+  def user_manager_only
+    Marty::User.has_role("user_manager") && !Marty::User.has_role("admin")
+  end
+  def destroy_user
+    errors.add :base, "You cannot delete your own account" if
+      self.login == Mcfly.whodunnit.login
+    errors.add :base, "You cannot delete the system account" if
+      self.login == Rails.configuration.marty.system_account.to_s
+    # Default to disallowing any deletions for now
+    errors.add :base,
+    "Users cannot be deleted - set 'Active' to false to disable the account"
+    errors.blank?
+  end
+end

data/app/models/marty/user_role.rb ADDED Viewed

@@ -0,0 +1,7 @@
+class Marty::UserRole < Marty::Base
+  validates_uniqueness_of :user_id, scope: [:role_id]
+  validates_presence_of :user_id, :role_id
+  belongs_to :user
+  belongs_to :role
+end

data/app/models/marty/user_role.rb~ ADDED Viewed

@@ -0,0 +1,13 @@
+class Marty::UserRole < Marty::Base
+  has_paper_trail
+<<<<<<< HEAD
+  # attr_accessible :user_id, :role_id
+=======
+>>>>>>> master
+  validates_uniqueness_of :user_id, scope: [:role_id]
+  validates_presence_of :user_id, :role_id
+  belongs_to :user
+  belongs_to :role
+end

data/app/views/layouts/marty/application.html.erb ADDED Viewed

@@ -0,0 +1,12 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <meta http-equiv="X-UA-Compatible" content="IE=edge">
+  <title><%= Rails.application.class.parent %></title>
+  <%= load_netzke theme: "classic" %>
+  <%= csrf_meta_tag %>
+</head>
+<body>
+<%= yield %>
+</body>
+</html>