masterview 0.3.1 → 0.3.2

data/CHANGELOG

@@ -1,3 +1,12 @@
+0.3.2 - February 20, 2007
+Fix bug in mv:attr directive where multiparam eval method like :a => #{hello 1,2} was not being parsed properly
+Added mv:select to alphabetical list on bottom of directives html doc page
+Fix incompatibility with Rails 1.2 template error - blank page on erb error
+Use template_changed_since? for compile checking when it is available Rails changeset 5587
+Added config.admin_auth_mixin allowing configurable authorization for masterview admin
+Change generator to use request, flash, params rather than @request, @flash, @params which are deprecated
+Tested with Rails 1.2.2
+
 0.3.1 - November 20, 2006
 Fixed problem with deprecated/directive_base was missing registry include
 Update image_tag docs, indicating that it now simply passes through width and height rather than setting size

data/RELEASE_NOTES

@@ -1,11 +1,18 @@
 = MasterView - Rails-optimized (x)html friendly template engine
 
+== Recent changes (Release 0.3.2 - Maintenance release plus custom admin auth
+This release addresses a compatibility problem with Rails 1.2 where a view syntax
+error would not display the normal debug output but instead displayed only a blank
+screen. Also fixed a parsing problem with multiple parameters in some directives.
+Added the ability to use custom mixin for authorization to MasterView admin screens.
+Changed the MasterView generator to use request, flash, and params rather than
+deprecated @request, @flash, and @params. Tested with Rails 1.2.2
+
 == Recent changes (Release 0.3.1 - Maintenance release
 This release addresses an issue with ruby 1.8.5, fixes a problem with the
 deprecated/directive_base used for custom directives, updates a few out of
 date docs, and accomodates a change to the API of the Rails 1.2 generator
 
-
 == Recent changes (Release 0.3.0 - Major update - refactoring of directive API (for developing directives)
 The directive API for creating directives has been refactored and simplified
 and improvements have been made to better support directive extensions through

data/Rakefile

@@ -265,7 +265,6 @@ PKG_FILES_RELEASE_DOCS = [
 PKG_FILES_RUNTIME = [
       "lib/**/*",
       "lib/**/.metadata",
-      "directives/**/*",  #SHOULD THIS GO AWAY (??)
       "Rakefile",
       "init.rb"
     ]

data/TODO

@@ -18,6 +18,9 @@ TODO LIST
     - run spelling checker on our html and release docs; retrofit to rdoc comments
     - build utility to auto-generate directives reference doc from directive metadata and std. rdoc markup
     - add doc on directive impl unit test helper and techniques/examples
+    - document directive dir metadata :ignores list option in Developer doc
+    - add discussion in Configuration doc on directive load path configuration
+        (adding directories, providing metadata overrides)
 - more tests
 - build improvements
     - add release tasks to automate archiving trunk to tags/masterview-N.N.N, resetting tags/masterview
@@ -50,3 +53,9 @@ TODO LIST
 - more docs and examples about directive API and helpers
 
 - sitemesh style directives
+
+- not getting good template error messages on latest rails 1.2
+
+- link_to can now take simple string as options rather than hash, but the implied name thing causes a problem since we don't know whether name was passed or not
+
+- REST generator

data/doc/configuration.html

@@ -458,6 +458,24 @@ element. If a body tag is present and mv:generate is being added then also add m
 </td>
 </tr>
 <tr>
+<td class="setting">admin_auth_mixin</td>
+<td class="default">Built-in local machine check (local_request?)</td>
+<td class="description">Defines custom MV Admin authorization method and module.
+<div class="explanation">
+Automatically loads app/masterview/admin_auth_mixin.rb if present.
+<pre>
+    config.admin_auth_mixin = {
+      :file => 'admin_auth_mixin', # require file in app/masterview
+      :file_loc => nil  # :RAILS_ROOT or root dir path for alt load load
+      :module => :MasterViewAdminAuthMixin, # mixin module name
+    }
+
+    see examples/rails_app_admin_auth/auth_local_request_mixin.rb for more details
+</pre>
+</div>
+</td>
+</tr>
+<tr>
 <td class="setting">enable_admin_pages</td>
 <td class="default">true for development, otherwise false</td>
 <td class="description">Enable MasterView admin pages in the rails application.

data/doc/directives.html

@@ -1374,6 +1374,14 @@ Used on <code>&lt;input&gt;</code> form elements
 
 <!-- s -->
 <tr>
+<td class="directive"><a href="#mv_select">mv:select</a></td>
+<td>Replaces this element with a Rails <code>select</code> helper.
+<span class="explanation">(
+Used on <code>&lt;select&gt;</code> form elements
+)</span>
+</td>
+</tr>
+<tr>
 <td class="directive"><a href="#mv_stylesheet_link">mv:stylesheet_link</a></td>
 <td>Replaces this element using the Rails <code>stylesheet_link_tag</code> helper
 <span class="explanation">(

data/examples/rails_app_admin_auth/admin_auth_mixin.rb

@@ -0,0 +1,47 @@
+
+# Example of a MasterView admin custom authorization mixin.
+#
+# This module is included into the MasterviewController, so it has access
+# to all the the standard rails controller facilities as well as
+# any application-specific features in your own ApplicationController.
+#
+# To install a custom authorization handler in your application,
+# copy this file to the app/masterview directory in your rails application
+# and modify the implementation of the allow_access? predicate to
+# perform checking suitable in your application for determining
+# whether to grant access to the MasterView admininstration pages.
+#
+# To change the mixin module name or to load your admin_auth module
+# from a different directory or file name, set the MasterView 
+# admin_auth_mixin configuration setting in your config/masterview/settings.rb 
+# or an appropriate config/masterview/environments specification.
+# 
+# For example, to load an alternate mixin from your app/masterview directory:
+#
+# config.admin_auth_mixin = {
+#   :file => 'alt_admin_auth_mixin',
+#   :module => :MasterViewAltAdminAuthMixin, # default is MasterViewAdminAuthMixin
+# }
+#
+# To load an auth_check mixin from your rails lib directory:
+#
+# config.admin_auth_mixin = {
+#   :file => 'lib/custom_admin_auth_mixin',
+#   :file_loc => :RAILS_ROOT,
+# }
+#
+module MasterViewAdminAuthMixin
+
+  MasterView::Log.debug { 'Using customized admin_auth mixin for MasterView admin (local requests only)' }
+
+  protected
+
+  # Check that the current user has authorization to access admin operations.
+  def allow_access?
+    # default allows only for developer testing on local machine
+    local_request?
+  end
+
+end
+
+

data/examples/rails_app_config/masterview/settings.rb

@@ -1,17 +1,17 @@
 # Application configuration settings for the MasterView template engine.
-# 
+#
 # This code is run at plugin load time, after the base rails framework
 # has been loaded and configured, but before any application-specific config
 # in +environment.rb+ is run.
-# 
+#
 # The MasterView configuration specification is referenced through +config+.
-# 
+#
 # Set standard application configuration options here.
 # General settings can be overridden for specific environments by providing
 # additional settings values in +config/masterview/environments/#{environment}.rb+.
-# 
+#
 # See Rails::Configuration for details on the available configuration settings.
-# 
+#
 
 # General options - root paths for config settings, directives, templates
 #config.root_path = RAILS_ROOT
@@ -44,7 +44,7 @@
 #config.handle_parse_exceptions = true
 #config.default_parser_options = { :tidy => false, :escape_erb => true }
 #config.tidy_path = '/usr/lib/libtidy.so'  # *nix
-#config.tidy_path = 'c:/tidy/lib/tidy.dll'  # Win32 
+#config.tidy_path = 'c:/tidy/lib/tidy.dll'  # Win32
 #config.namespace_prefix = 'mv:'
 #config.namespace_prefix_extensions = 'mvx:'
 #config.inline_erb_start = '{{{'
@@ -54,6 +54,11 @@
 # Rails application options
 #config.parse_masterview_templates_at_startup = true
 #config.reparse_changed_masterview_templates = false  # enabled in development env
+#config.admin_auth_mixin = {
+#   :file => 'admin_auth_mixin', # require file in app/masterview unless alt :file_loc context specified
+#   :file_loc => nil,
+#   :module => :MasterViewAdminAuthMixin, # module to mix in to MasterView controller
+#}
 #config.enable_admin_pages = false
 #config.enable_view_rhtml = false
 #config.generate_rhtml_files = false  # compile directly to Rails view cache

data/lib/masterview/attr_string_parser.rb

@@ -17,9 +17,10 @@ module MasterView
     # returns array of string arguments which are trimmed(stripped) representing the arguments
     # declared in the attr_value string
     # handles ([{%'" arguments and embedded quotes
-    def self.parse(str)
+    # if split_implicit_hash is true then splits the hash into args.
+    def self.parse(str, split_implicit_hash = false)
       parser = self.new(str)
-      parser.parse
+      parser.parse(split_implicit_hash)
     end
 
     def initialize(str)
@@ -28,7 +29,8 @@ module MasterView
       @partial_percent_sequence = nil
     end
 
-    def parse
+    # if split_implicit_hash is true then :a => :b, :c => :d will be split into args :a => :b and :c => :d
+    def parse(split_implicit_hash = false)
       args = []
       s = []
       implicit_hash = false
@@ -68,7 +70,7 @@ module MasterView
               push_closing_char(c, false) #not in string
             when '>'
               if s.last == '=' && @closing_char_mode_stack.empty? # we are no in closing_char search and we have a => implying the rest is a hash
-                implicit_hash = true
+                implicit_hash = (split_implicit_hash) ? false : true
               end
             end
           end

data/lib/masterview/directive_registry.rb

@@ -225,10 +225,11 @@ module MasterView
           dir_path = dpe.dir_path
           #??Log.debug { "Loading directives from #{dir_path} with metadata defaults #{md_defaults.inspect}" }
           #??load_context[:synonyms] = dir_md_specs.fetch(:synonyms, {})??
-          #??files_to_ignore = dir_md_specs.fetch(:ignore, []).collect { |fn| fn.ends_with?('.rb') ? fn : "#{fn}.rb" }
+          files_to_ignore = dir_md_specs.fetch(:ignore, []).collect { |fn| fn.ends_with?('.rb') ? fn : "#{fn}.rb" }
           Dir.entries( dir_path ).each { |fn| 
             # we assume all .rb files in a directives dir are directive impls
-            if fn =~ /[.]rb$/  #?? && ! files_to_ignore.include?(fn)
+            if fn =~ /[.]rb$/ 
+              next if files_to_ignore.include?(fn) # skip directives in the ignore list
               directive_file_path = "#{dir_path}/#{fn}"
               dir_load_context[:directive_file] = directive_file_path
               #??@load_context[:directive_synonyms] = dir_synonyms_specs.fetch(fn, [])??

data/lib/masterview/directives/.metadata

@@ -6,8 +6,8 @@ default:
   namespace: mv
   description: Built-in MasterView directive
 
-# optionally specify any .rb files in this directory to ignore
-#ignore: []
+# optionally specify name(s) of any .rb files in this directory to ignore
+ignore: []
 
 # optionally specify synonyms to register directives
 # Mainly intended to provide backwards compat (hopefully for short-term transition only...)

data/lib/masterview/directives/attr.rb

@@ -4,7 +4,7 @@ module MasterView
     # takes the attr_value and parses it as a hash :foo => 'bar', :baz => 'cat'
     # it sets/overrides the tag's attribute values for each value.
     # To use erb output simply wrap the content in #{ foo } for example :foo => #{h product.name}
-    # 
+    #
     class Attr < MasterView::DirectiveBase
       # substitution to make it easy to parse erb in attr
       SubstForErb = '#'+InlineErbStart+'= \1 '+InlineErbEnd+'#'
@@ -14,12 +14,17 @@ module MasterView
         :description => 'Replaces attribute value(s) on an element with the value of an expression'
 
       event :stag do
-        attr_value.gsub!( /#\{([^}]*)\}/, SubstForErb ) #taking #{h product.name} and changing to #{{{= h product.name}}}# for easy parsing
-        arr = attr_value.scan( /:(\w+)\s*=>\s*(['"#])([^,\2]*)\2,?/  )
-        arr.each do |scn|
-          n = scn[0]
-          v = scn[2]
-          element_attrs[n] = v
+        av = attr_value.gsub( /#\{([^}]*)\}/, SubstForErb ) #taking #{h product.name} and changing to #{{{= h product.name}}}# for easy parsing
+        av.strip!
+        av = av[1..-2] if (av[0,1]=='{' && av[-1,1]=='}') # explicit hash, make it implicit by removing surrounding braces so we can split it
+        hash_arr = MasterView::AttrStringParser.parse(av, true) # split_implicit_hash
+        hash_arr.each do |hash_kv|
+          arr = hash_kv.scan( /:(\w+)\s*=>\s*(['"#])([^\2]*)\2/  )
+          arr.each do |scn|
+            n = scn[0]
+            v = scn[2]
+            element_attrs[n] = v
+          end
         end
       end
 

data/lib/masterview/extras/admin_auth_mixin.rb

@@ -0,0 +1,49 @@
+module MasterView
+  module Admin
+    
+    # This module is mixed into the MasterView Admin Controller to provide the default
+    # authorization for MasterView admin page access.
+    #
+    # The authorization method must be a predicate named allow_access?.
+    # The mixin is included in an ApplicationController subclass
+    # and thus may access all services available to controllers
+    # in your application.
+    #
+    # To override this method, create a module with your auth_check predicate
+    # and configure the load specification setting in the config.admin_auth_mixin.
+    # Default if not specified is to load admin_auth_mixin.rb from the rails
+    # app/masterview directory, if present, and install mixin module MasterViewAdminAuthMixin.
+    #
+    # example: 
+    #
+    ##config.admin_auth_mixin = {
+    #   :file => 'admin_auth_mixin', # require file in app/masterview unless alt :file_loc context specified
+    #   :file_loc => nil,
+    #   :module => :MasterViewAdminAuthMixin, # module to mix in to MasterView controller
+    # }
+    #
+    module AuthMixin
+
+      MasterView::Log.info { 'Using default admin_auth mixin for MasterView admin (local requests only)' }
+
+      protected
+
+      # Check that the current user has authorization to access admin operations.
+      #
+      # Default implementation of authorization check
+      # restricts access to requests from the local machine (developer testing).
+      #
+      # An application with a user authorization scheme might do something like
+      # verifying that an authenticated login is available and that the current
+      # user has permission to perform admin operations:
+      #
+      #    current_user && user_has_perm?('mv-admin')
+      # 
+      def allow_access?
+        # default only allow for developer testing on local machine
+        local_request?
+      end
+
+    end
+  end
+end

data/lib/masterview/extras/app/controllers/masterview_controller.rb

@@ -48,7 +48,7 @@ require 'masterview/extras/sample_templates'
 
 class MasterviewController < ApplicationController
   include MasterView::MIO::DefaultGenerateMIOFilter
-
+  include MasterView::MasterViewAdminAuthMixin
   before_filter :check_authorization, :except => [ :access_not_allowed ]
 
   ###layout 'masterview_admin'
@@ -79,14 +79,17 @@ class MasterviewController < ApplicationController
     masterview_render_with_layout( 'masterview/admin/configuration', 'masterview_admin_config' )
   end
 
+  # Describe the installed set of MasterView directives (builtin and addons)
   def directives
     masterview_render_with_layout( 'masterview/admin/directives', 'masterview_admin_config' )
   end
 
+  # Describe the installed set of MasterView features
   def features
     masterview_render_with_layout( 'masterview/admin/features', 'masterview_admin_config' )
   end
 
+#####move this to someplace accessible!!
   # Rebuild all templates in the application.
   # Invoked from the main masterview admin page.
   def rebuild_all
@@ -121,7 +124,7 @@ class MasterviewController < ApplicationController
   # Create a new, empty template.
   # Invoked from the main masterview admin page.
   def create
-    if @request.post?
+    if request.post?
       action_to_create = params[:action_name]
       src_file = params[:file]
 
@@ -147,7 +150,7 @@ class MasterviewController < ApplicationController
     smart_render 'masterview/admin/view_rhtml'
   end
 
-  # interact, test template src, view results
+  # interactive template editor - parse template source and show generated output
   def interact
     @results = []
     @src = params[:src]
@@ -170,28 +173,33 @@ class MasterviewController < ApplicationController
     smart_render 'masterview/admin/interact'
   end
 
+  protected
+
+  # Check that the current user has authorization to access admin operations
+  def check_authorization
+    if ! allow_access?
+      redirect_to :action => :access_not_allowed
+    end
+  end
+
   def access_not_allowed #:nodoc:
     render :text => '<p>We\'re sorry, but the page you have requested is only available to authorized users.</p>',
             :status => 500
   end
 
-  protected
-
+=begin
+  # uses the config.admin_check_auth_proc to determine if allowed, override this
+  # in config settings. Default restricts to local_request
   # Default implementation of authorization check
-  # to restrict access to administrative services
+  # restricts access to administrative services
+  # to local machine (developer testing)
   def allow_access?
     # a more general solution might look something like:
     # current_user && user_has_perm?('mv-admin')
     # backstop: only allow for developer testing on local machine
     local_request?
   end
-
-  # Check that the current user has authorization to access admin operations
-  def check_authorization
-    if ! allow_access?
-      redirect_to :action => :access_not_allowed
-    end
-  end
+=end
 
   private
 

data/lib/masterview/extras/app/views/layouts/masterview_admin.rhtml

@@ -42,9 +42,11 @@
   	  <div class="mv_admin_list content">
 	    <h1>MasterView Admin</h1>
 
-	    <% if @flash[:notice] %>
+	    <% if flash[:notice] %>
+
 	      <div class="messages" id="admin_messages">
-	        <%= h @flash[:notice] %>
+	        <%= h flash[:notice] %>
+
 	      </div>
 	    <% end %>
   

data/lib/masterview/extras/app/views/layouts/masterview_admin_config.rhtml

@@ -46,9 +46,11 @@
 	    <h1><%= @config_page_title %></h1>
 	    <p><b>MasterView Version:</b> <%= MasterView::VERSION::STRING %><br/></p>
 
-	    <% if @flash[:notice] %>
+	    <% if flash[:notice] %>
+
 	      <div class="messages" id="admin_messages">
-	        <%= h @flash[:notice] %>
+	        <%= h flash[:notice] %>
+
 	      </div>
 	    <% end %>