RubyGems - marty - Versions diffs - 0.5.12 - Mend

marty 0.5.12

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (345) hide show

data/app/models/marty/tag.rb~ ADDED Viewed

@@ -0,0 +1,91 @@
+class Marty::Tag < Marty::Base
+  has_mcfly append_only: true
+<<<<<<< HEAD
+  # attr_accessible :created_dt, :name, :comment
+=======
+>>>>>>> master
+  mcfly_validates_uniqueness_of :name
+  validates_presence_of :name, :comment
+  belongs_to :user, class_name: "Marty::User"
+  def self.make_name(dt)
+    return 'DEV' if Mcfly.is_infinity(dt)
+    # If no dt is provided (which is the usual non-testing case), we
+    # use Time.now.strftime to name the posting.  This has the effect
+    # of using the host's timezone. i.e. since we're in PST8PDT, names
+    # will be based off of the Pacific TZ.
+    dt ||= Time.now
+    dt.strftime('%Y%m%d-%H%M')
+  end
+  before_validation :set_tag_name
+  def set_tag_name
+    self.name = self.class.make_name(self.created_dt)
+    true
+  end
+  def self.do_create(dt, comment)
+    o            = new
+    o.comment    = comment
+    o.created_dt = dt
+    o.save!
+    o
+  end
+  def isdev?
+    Mcfly.is_infinity(created_dt)
+  end
+  def self.map_to_tag(tag_id)
+    case tag_id
+    when String
+      tag = find_by_name(tag_id)
+      # if tag name wasn't found, look for a matching
+      # posting, then find the tag whose created_dt <= posting dt.
+      if !tag
+        posting = Marty::Posting.lookup(tag_id)
+        tag = find_match(Mcfly.normalize_infinity(posting.created_dt)) if
+          posting
+      end
+    when Fixnum
+      tag = find_by_id(tag_id)
+    when nil
+      tag = get_latest1
+    else
+      tag = tag_id
+    end
+    raise "bad tag identifier #{tag_id}" unless tag.is_a? Marty::Tag
+    tag
+  end
+  cached_delorean_fn :lookup, sig: 1 do
+    |name|
+    self.find_by_name(name)
+  end
+  # Performance hack to cache Rule AR object
+  cached_delorean_fn :lookup_id, sig: 1 do
+    |id|
+    find_by_id(id)
+  end
+  delorean_fn :lookup_dt, sig: 1 do
+    |name|
+    lookup(name).try(:created_dt)
+  end
+  delorean_fn :get_latest1, sig: 0 do
+    where("created_dt <> 'infinity'").order("created_dt DESC").first
+  end
+  delorean_fn :find_match, sig: 1 do
+    |dt|
+    id = where("created_dt <= ?", dt).order("created_dt DESC").pluck(:id).first
+    # performance hack
+    id && lookup_id(id)
+  end
+end

data/app/models/marty/token.rb ADDED Viewed

@@ -0,0 +1,30 @@
+class Marty::Token < Marty::Base
+  belongs_to :user
+  validates_uniqueness_of :value
+  before_create :delete_previous_tokens, :generate_new_token
+  # @@validity_time = 1.day
+  def generate_new_token
+    self.value = Token.generate_token_value
+  end
+  # # Return true if token has expired
+  # def expired?
+  #   return Time.now > self.created_on + @@validity_time
+  # end
+private
+  def self.generate_token_value
+    SecureRandom.hex(20)
+  end
+  # Removes obsolete tokens
+  def delete_previous_tokens
+    if user && !Marty::Util.db_in_recovery?
+      Token.delete_all(['user_id = ?', user.id])
+    end
+  end
+end

data/app/models/marty/user.rb ADDED Viewed

@@ -0,0 +1,146 @@
+require 'mcfly'
+require 'net/ldap'
+class Marty::User < Marty::Base
+  validates_presence_of :login, :firstname, :lastname
+  validates_uniqueness_of :login
+  validates_format_of :login, :with => /\A[a-z0-9_\-@\.]*\z/i
+  validates_length_of :login, :firstname, :lastname, maximum: 100
+  has_many :user_roles, dependent: :destroy
+  has_many :roles, through: :user_roles
+  scope :active, -> { where("#{self.table_name}.active = ?", true) }
+  validate :verify_changes
+  before_destroy :destroy_user
+  def name
+    "#{firstname} #{lastname}"
+  end
+  def to_s
+    name
+  end
+  # Returns the user who matches the given autologin +key+ or nil
+  def self.try_to_autologin(key)
+    tokens = Marty::Token.find_all_by_action_and_value('autologin', key.to_s)
+    # Make sure there's only 1 token that matches the key
+    if tokens.size == 1
+      token = tokens.first
+      autologin = Rails.configuration.marty.autologin || 0
+      if (token.created_on > autologin.to_i.day.ago) &&
+          token.user && token.user.active?
+        token.user
+      end
+    end
+  end
+  # Returns the user that matches provided login and password, or nil
+  def self.try_to_login(login, password)
+    login = login.to_s
+    password = password.to_s
+    # Make sure no one can sign in with an empty password
+    return nil if password.empty?
+    user = find_by_login(login)
+    return nil if !user || !user.active?
+    authenticate_with?(login, password) || nil
+  end
+  def self.authenticate_with?(login, password)
+    cf = Rails.configuration.marty
+    auth_source = cf.auth_source.to_s
+    if auth_source == "local"
+      ok = password == cf.local_password
+    elsif auth_source == "ldap"
+      # IMPORTANT NOTE: if server allows anonymous LDAP access, empty
+      # passwords will succeed!  i.e. if a valid user with empty
+      # password is sent in, ldap.bind will return OK.
+      cf = Rails.configuration.marty.ldap
+      ldap = Net::LDAP.new(host: cf.host,
+                           port: cf.port,
+                           base: cf.base_dn,
+                           auth: {
+                             method: :simple,
+                             username: cf.domain + "\\" + login,
+                             password: password,
+                           })
+      ok = ldap.bind
+    else
+      raise "bad auth_source: #{auth_source.inspect}"
+    end
+    find_by_login(login) if ok
+  end
+  def self.current=(user)
+    Mcfly.whodunnit = user
+  end
+  def self.current
+    Mcfly.whodunnit
+  end
+ def self.has_role(role)
+    mr = Mcfly.whodunnit.roles rescue []
+    mr.any? {|attr| attr.name == role}
+ end
+private
+  def verify_changes
+    # If current users role is only user_manager, restrict following
+    # 1 - Do not allow user to edit own record
+    # 2 - Do not allow user to edit the application system record
+    if user_manager_only
+      system_user = Marty::User.find_by_login(
+        Rails.configuration.marty.system_account.to_s)
+      system_id = system_user.id if system_user
+      if self.id == Mcfly.whodunnit.id
+        roles.each {|r| roles.delete r unless r.name == "user_manager"}
+        errors.add :base, "User Managers cannot edit "\
+          "or add additional roles to their own accounts"
+      elsif self.id == system_id
+        errors.add :base,
+        "User Managers cannot edit the application system account"
+      end
+    end
+    errors.add :base, "The application system account cannot be deactivated" if
+      self.login == Rails.configuration.marty.system_account.to_s &&
+      !self.active
+    errors.blank?
+  end
+  delorean_fn :get_roles, sig: 0 do
+     Mcfly.whodunnit.roles
+  end
+  def user_manager_only
+    Marty::User.has_role("user_manager") && !Marty::User.has_role("admin")
+  end
+  def destroy_user
+    errors.add :base, "You cannot delete your own account" if
+      self.login == Mcfly.whodunnit.login
+    errors.add :base, "You cannot delete the system account" if
+      self.login == Rails.configuration.marty.system_account.to_s
+    # Default to disallowing any deletions for now
+    errors.add :base,
+    "Users cannot be deleted - set 'Active' to false to disable the account"
+    errors.blank?
+  end
+end

data/app/models/marty/user.rb~ ADDED Viewed

@@ -0,0 +1,148 @@
+require 'mcfly'
+require 'net/ldap'
+class Marty::User < Marty::Base
+  has_paper_trail
+  validates_presence_of :login, :firstname, :lastname
+  validates_uniqueness_of :login
+  validates_format_of :login, :with => /\A[a-z0-9_\-@\.]*\z/i
+  validates_length_of :login, :firstname, :lastname, maximum: 100
+  has_many :user_roles, dependent: :destroy
+  has_many :roles, through: :user_roles
+  scope :active, -> { where("#{self.table_name}.active = ?", true) }
+  validate :verify_changes
+  before_destroy :destroy_user
+  def name
+    "#{firstname} #{lastname}"
+  end
+  def to_s
+    name
+  end
+  # Returns the user who matches the given autologin +key+ or nil
+  def self.try_to_autologin(key)
+    tokens = Marty::Token.find_all_by_action_and_value('autologin', key.to_s)
+    # Make sure there's only 1 token that matches the key
+    if tokens.size == 1
+      token = tokens.first
+      autologin = Rails.configuration.marty.autologin || 0
+      if (token.created_on > autologin.to_i.day.ago) &&
+          token.user && token.user.active?
+        token.user
+      end
+    end
+  end
+  # Returns the user that matches provided login and password, or nil
+  def self.try_to_login(login, password)
+    login = login.to_s
+    password = password.to_s
+    # Make sure no one can sign in with an empty password
+    return nil if password.empty?
+    user = find_by_login(login)
+    return nil if !user || !user.active?
+    authenticate_with?(login, password) || nil
+  end
+  def self.authenticate_with?(login, password)
+    cf = Rails.configuration.marty
+    auth_source = cf.auth_source.to_s
+    if auth_source == "local"
+      ok = password == cf.local_password
+    elsif auth_source == "ldap"
+      # IMPORTANT NOTE: if server allows anonymous LDAP access, empty
+      # passwords will succeed!  i.e. if a valid user with empty
+      # password is sent in, ldap.bind will return OK.
+      cf = Rails.configuration.marty.ldap
+      ldap = Net::LDAP.new(host: cf.host,
+                           port: cf.port,
+                           base: cf.base_dn,
+                           auth: {
+                             method: :simple,
+                             username: cf.domain + "\\" + login,
+                             password: password,
+                           })
+      ok = ldap.bind
+    else
+      raise "bad auth_source: #{auth_source.inspect}"
+    end
+    find_by_login(login) if ok
+  end
+  def self.current=(user)
+    Mcfly.whodunnit = user
+  end
+  def self.current
+    Mcfly.whodunnit
+  end
+ def self.has_role(role)
+    mr = Mcfly.whodunnit.roles rescue []
+    mr.any? {|attr| attr.name == role}
+ end
+private
+  def verify_changes
+    # If current users role is only user_manager, restrict following
+    # 1 - Do not allow user to edit own record
+    # 2 - Do not allow user to edit the Gemini system record
+    if user_manager_only
+      gemini_user = Marty::User.find_by_login(
+        Rails.configuration.marty.system_account.to_s)
+      gemini_id = gemini_user.id if gemini_user
+      if self.id == Mcfly.whodunnit.id
+        roles.each {|r| roles.delete r unless r.name == "user_manager"}
+        errors.add :base, "User Managers cannot edit "\
+          "or add additional roles to their own accounts"
+      elsif self.id == gemini_id
+        errors.add :base,
+        "User Managers cannot edit the Gemini system account"
+      end
+    end
+    errors.add :base, "The Gemini system account cannot be deactivated" if
+      self.login == Rails.configuration.marty.system_account.to_s &&
+      !self.active
+    errors.blank?
+  end
+  delorean_fn :get_roles, sig: 0 do
+     Mcfly.whodunnit.roles
+  end
+  def user_manager_only
+    Marty::User.has_role("user_manager") && !Marty::User.has_role("admin")
+  end
+  def destroy_user
+    errors.add :base, "You cannot delete your own account" if
+      self.login == Mcfly.whodunnit.login
+    errors.add :base, "You cannot delete the system account" if
+      self.login == Rails.configuration.marty.system_account.to_s
+    # Default to disallowing any deletions for now
+    errors.add :base,
+    "Users cannot be deleted - set 'Active' to false to disable the account"
+    errors.blank?
+  end
+end

data/app/models/marty/user_role.rb ADDED Viewed

@@ -0,0 +1,7 @@
+class Marty::UserRole < Marty::Base
+  validates_uniqueness_of :user_id, scope: [:role_id]
+  validates_presence_of :user_id, :role_id
+  belongs_to :user
+  belongs_to :role
+end

data/app/models/marty/user_role.rb~ ADDED Viewed

@@ -0,0 +1,13 @@
+class Marty::UserRole < Marty::Base
+  has_paper_trail
+<<<<<<< HEAD
+  # attr_accessible :user_id, :role_id
+=======
+>>>>>>> master
+  validates_uniqueness_of :user_id, scope: [:role_id]
+  validates_presence_of :user_id, :role_id
+  belongs_to :user
+  belongs_to :role
+end

data/app/views/layouts/marty/application.html.erb ADDED Viewed

@@ -0,0 +1,12 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <meta http-equiv="X-UA-Compatible" content="IE=edge">
+  <title><%= Rails.application.class.parent %></title>
+  <%= load_netzke theme: "classic" %>
+  <%= csrf_meta_tag %>
+</head>
+<body>
+<%= yield %>
+</body>
+</html>