model_security_generator 0.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/README +0 -0
- data/USAGE +0 -0
- data/model_security_generator.rb +75 -0
- data/templates/_view_form.rhtml +27 -0
- data/templates/mailer_forgot_password.rhtml +18 -0
- data/templates/mailer_new_user.rhtml +10 -0
- data/templates/mock_mailer.rb +16 -0
- data/templates/mock_time.rb +17 -0
- data/templates/modal.rb +82 -0
- data/templates/modal_helper.rb +29 -0
- data/templates/model_security.rb +334 -0
- data/templates/model_security_helper.rb +64 -0
- data/templates/once.rb +36 -0
- data/templates/scaffold.css +74 -0
- data/templates/scaffold.rhtml +11 -0
- data/templates/schema.sql +4 -0
- data/templates/standard.css +7 -0
- data/templates/standard.rhtml +16 -0
- data/templates/user.rb +328 -0
- data/templates/user_controller.rb +178 -0
- data/templates/user_controller_test.rb +20 -0
- data/templates/user_mailer.rb +29 -0
- data/templates/user_support.rb +124 -0
- data/templates/user_test.rb +10 -0
- data/templates/users.sql +17 -0
- data/templates/users.yml +41 -0
- data/templates/view_activate.rhtml +1 -0
- data/templates/view_edit.rhtml +10 -0
- data/templates/view_forgot_password_done.rhtml +5 -0
- data/templates/view_list.rhtml +35 -0
- data/templates/view_login.rhtml +11 -0
- data/templates/view_login_admin.rhtml +16 -0
- data/templates/view_logout.rhtml +1 -0
- data/templates/view_new.rhtml +30 -0
- data/templates/view_show.rhtml +10 -0
- data/templates/view_success.rhtml +1 -0
- metadata +83 -0
@@ -0,0 +1,29 @@
|
|
1
|
+
ActionMailer::Base.delivery_method = :sendmail
|
2
|
+
|
3
|
+
# Send mail to a user to administer that user's login. Called by UserController.
|
4
|
+
class UserMailer < ActionMailer::Base
|
5
|
+
|
6
|
+
# Send a forgot-password email, allowing the user to regain their login name
|
7
|
+
# and password.
|
8
|
+
def forgot_password(user, url)
|
9
|
+
@body['user'] = user
|
10
|
+
@body['url'] = url
|
11
|
+
|
12
|
+
recipients user.email
|
13
|
+
subject 'Login and password recovery.'
|
14
|
+
from 'bruce@perens.com'
|
15
|
+
|
16
|
+
end
|
17
|
+
|
18
|
+
# Send a new-user email, providing the user with a URL used to validate
|
19
|
+
# that user's login.
|
20
|
+
def new_user(user, url)
|
21
|
+
@body['user'] = user
|
22
|
+
@body['url'] = url
|
23
|
+
|
24
|
+
recipients user.email
|
25
|
+
subject 'Your new login is ready'
|
26
|
+
from 'bruce@perens.com'
|
27
|
+
|
28
|
+
end
|
29
|
+
end
|
@@ -0,0 +1,124 @@
|
|
1
|
+
# UserSupport provides methods are intended to be included by
|
2
|
+
# ApplicationController to support the user system across the
|
3
|
+
# entire application. They are companions to the User model.
|
4
|
+
#
|
5
|
+
# The HTTP authorization code is
|
6
|
+
# derived from an example published by Maximillian Dornseif at
|
7
|
+
# http://blogs.23.nu/c0re/stories/7409/
|
8
|
+
# which was released for use under any license.
|
9
|
+
#
|
10
|
+
module UserSupport
|
11
|
+
end
|
12
|
+
|
13
|
+
require 'user'
|
14
|
+
require 'modal'
|
15
|
+
|
16
|
+
module UserSupport
|
17
|
+
# Return true if the currently-logged-in user is the administrator.
|
18
|
+
def admin?
|
19
|
+
User.admin?
|
20
|
+
end
|
21
|
+
|
22
|
+
|
23
|
+
# This is meant to be used as a before_filter. It requires an
|
24
|
+
# administrative login, putting up a login panel if the administrator
|
25
|
+
# isn't currently logged in. Once the administrator logs in, it resumes
|
26
|
+
# the action it was protecting.
|
27
|
+
def require_admin
|
28
|
+
if admin?
|
29
|
+
return true
|
30
|
+
else
|
31
|
+
store_location
|
32
|
+
redirect_to :controller => 'user', :action => 'login_admin'
|
33
|
+
return false
|
34
|
+
end
|
35
|
+
end
|
36
|
+
|
37
|
+
# This is meant to be used as a before_filter. It requires a
|
38
|
+
# login, putting up a login panel if the session isn't currently
|
39
|
+
# logged in. Once a user logs in, it resumes the action it was
|
40
|
+
# protecting.
|
41
|
+
def require_login
|
42
|
+
if User.current
|
43
|
+
true
|
44
|
+
else
|
45
|
+
store_location
|
46
|
+
redirect_to :controller => 'user', :action => 'login'
|
47
|
+
false
|
48
|
+
end
|
49
|
+
end
|
50
|
+
|
51
|
+
# This is a before filter for the entire application, used to set up the
|
52
|
+
# current user from the session or from various forms of authentication.
|
53
|
+
# It's mandiatory that your application declare this filter if it's using
|
54
|
+
# the User model, as this is responsible for maintaining the application's
|
55
|
+
# idea of the currently-logged-in user.
|
56
|
+
#
|
57
|
+
# It will always return true, and thus will not block your actions. Use
|
58
|
+
# require_login or require_admin if you want to block actions.
|
59
|
+
#
|
60
|
+
# This filter must be called before require_login, require_admin,
|
61
|
+
# security tests of ModelSecurity that are based on User, or anything
|
62
|
+
# that expects login information.
|
63
|
+
#
|
64
|
+
def user_setup
|
65
|
+
user = login = password = nil
|
66
|
+
|
67
|
+
r = @request.env
|
68
|
+
|
69
|
+
# If the request contains an HTTP authentication, decode it.
|
70
|
+
# Don't use it to authenticate the user yet.
|
71
|
+
if (authdata = r['HTTP_AUTHORIZATION'] or r['X-HTTP_AUTHORIZATION'])
|
72
|
+
authdata = authdata.to_s.split
|
73
|
+
|
74
|
+
# FIX: At the moment we only support Basic authentication. It's
|
75
|
+
# prone to sniffing. Change to Digest authentication.
|
76
|
+
if not authdata.nil? and authdata[0] == 'Basic'
|
77
|
+
login, password = Base64.decode64(authdata[1]).split(':')[0..1]
|
78
|
+
end
|
79
|
+
end
|
80
|
+
|
81
|
+
# If the user is already logged into the session, get the user record.
|
82
|
+
if (id = @session[:user_id])
|
83
|
+
user = User.sign_on_by_session(id)
|
84
|
+
end
|
85
|
+
|
86
|
+
# If the HTTP authentication is for a different user name, the user wants
|
87
|
+
# to change logins. This can happen if an operation requires an
|
88
|
+
# administrative login and the current user isn't the administrator but
|
89
|
+
# also has an administrative login. It can also happen with command-line
|
90
|
+
# tools like "wget" or web services clients that operate on behalf of
|
91
|
+
# several users.
|
92
|
+
#
|
93
|
+
# Note that HTTP authentication (at least Basic) can be sent without
|
94
|
+
# the server first asking for it, and that's valid according to the
|
95
|
+
# HTTP specification. So, I can get here without having asked the browser
|
96
|
+
# to put up a login panel.
|
97
|
+
#
|
98
|
+
# Allow re-log-in if the user name and password authenticate properly.
|
99
|
+
#
|
100
|
+
if login and (user.nil? or login != user.login)
|
101
|
+
user = User.sign_on(login, password)
|
102
|
+
end
|
103
|
+
|
104
|
+
# Sign on the user via a web form.
|
105
|
+
if @request.method == :post and (p = @params['user']) != nil
|
106
|
+
if p['login'] and p['password']
|
107
|
+
user = User.sign_on(p['login'], p['password'])
|
108
|
+
end
|
109
|
+
end
|
110
|
+
|
111
|
+
# Sign on the user via a security token.
|
112
|
+
if @params[:id] and @params['token']
|
113
|
+
user = User.sign_on_by_token(@params[:id], @params['token'])
|
114
|
+
end
|
115
|
+
|
116
|
+
if user
|
117
|
+
User.current = user
|
118
|
+
@session[:user_id] = user.id
|
119
|
+
end
|
120
|
+
logger.info("Current user is #{User.current.inspect}.")
|
121
|
+
|
122
|
+
true
|
123
|
+
end
|
124
|
+
end
|
data/templates/users.sql
ADDED
@@ -0,0 +1,17 @@
|
|
1
|
+
create table users (
|
2
|
+
id integer unsigned not null auto_increment primary key,
|
3
|
+
login varchar(40) not null,
|
4
|
+
name varchar(128) not null,
|
5
|
+
admin integer(1) not null default 0,
|
6
|
+
activated integer(1) not null default 0,
|
7
|
+
email varchar(80) not null,
|
8
|
+
cypher varchar(512) not null,
|
9
|
+
salt char(40) not null,
|
10
|
+
token char(10) not null,
|
11
|
+
token_expiry timestamp not null,
|
12
|
+
created_on timestamp not null,
|
13
|
+
updated_on timestamp not null,
|
14
|
+
lock_version integer not null default 0,
|
15
|
+
index (login),
|
16
|
+
index (email)
|
17
|
+
);
|
data/templates/users.yml
ADDED
@@ -0,0 +1,41 @@
|
|
1
|
+
# Read about fixtures at http://ar.rubyonrails.org/classes/Fixtures.html
|
2
|
+
|
3
|
+
bob:
|
4
|
+
id: 1000001
|
5
|
+
login: bob
|
6
|
+
cypher: ef94c16f6c124a4e84cc215c164767bfa25f6e92 # atest
|
7
|
+
salt: 7f8b036f9b647d46d22abdbfc8113f44a88f9889
|
8
|
+
email: bob@test.com
|
9
|
+
activated: 1
|
10
|
+
|
11
|
+
existingbob:
|
12
|
+
id: 1000002
|
13
|
+
login: existingbob
|
14
|
+
cypher: 99d6b680d4bfa81cbd383ffa0390bb03323a0b9a # atest
|
15
|
+
salt: fc76daa7bc4e4b7833375cf9deca38beee4c5581
|
16
|
+
email: existingbob@test.com
|
17
|
+
activated: 1
|
18
|
+
|
19
|
+
longbob:
|
20
|
+
id: 1000003
|
21
|
+
login: longbob
|
22
|
+
cypher: c841391e1d29100a4920de7a8fbb4b0fd180c6c0 # alongtest
|
23
|
+
salt: c068e3671780f16898c0a8295ae8d82cc59713e2
|
24
|
+
email: longbob@test.com
|
25
|
+
activated: 1
|
26
|
+
|
27
|
+
deletebob1:
|
28
|
+
id: 1000004
|
29
|
+
login: deletebob1
|
30
|
+
cypher: c841391e1d29100a4920de7a8fbb4b0fd180c6c0 # alongtest
|
31
|
+
salt: c068e3671780f16898c0a8295ae8d82cc59713e2
|
32
|
+
email: deletebob1@test.com
|
33
|
+
activated: 1
|
34
|
+
|
35
|
+
deletebob2:
|
36
|
+
id: 1000005
|
37
|
+
login: deletebob2
|
38
|
+
cypher: c841391e1d29100a4920de7a8fbb4b0fd180c6c0 # alongtest
|
39
|
+
salt: c068e3671780f16898c0a8295ae8d82cc59713e2
|
40
|
+
email: deletebob2@test.com
|
41
|
+
activated: 1
|
@@ -0,0 +1 @@
|
|
1
|
+
Your account is now activated.
|
@@ -0,0 +1,10 @@
|
|
1
|
+
<h1>Editing user</h1>
|
2
|
+
|
3
|
+
<% error_messages_for 'user' %>
|
4
|
+
<%= start_form_tag :action => 'edit', :id => @user %>
|
5
|
+
<%= render_partial 'form' %>
|
6
|
+
<%= submit_tag 'Edit' %>
|
7
|
+
<%= end_form_tag %>
|
8
|
+
|
9
|
+
<%= link_to 'Show', :action => 'show', :id => @user %> |
|
10
|
+
<%= link_to 'Back', :action => 'list' %>
|
@@ -0,0 +1,35 @@
|
|
1
|
+
<h1>Listing users</h1>
|
2
|
+
|
3
|
+
<table>
|
4
|
+
<tr>
|
5
|
+
<% for column in User.content_columns %>
|
6
|
+
<% if User.display?(column.name) %>
|
7
|
+
<th><%= column.human_name %></th>
|
8
|
+
<% end %>
|
9
|
+
<% end %>
|
10
|
+
</tr>
|
11
|
+
|
12
|
+
<% for user in @users %>
|
13
|
+
<tr>
|
14
|
+
<% for column in User.content_columns %>
|
15
|
+
<% if User.display?(column.name) %>
|
16
|
+
<% if user.readable?(column.name) %>
|
17
|
+
<td><%= user.send(column.name) %></td>
|
18
|
+
<% else %>
|
19
|
+
<td></td>
|
20
|
+
<% end %>
|
21
|
+
<% end %>
|
22
|
+
<% end %>
|
23
|
+
<td><%= link_to 'Show', :action => 'show', :id => user %></td>
|
24
|
+
<td><%= link_to 'Edit', :action => 'edit', :id => user %></td>
|
25
|
+
<td><%= link_to 'Destroy', {:action => 'destroy', :id => user}, :confirm => 'Are you sure?' %></td>
|
26
|
+
</tr>
|
27
|
+
<% end %>
|
28
|
+
</table>
|
29
|
+
|
30
|
+
<%= link_to 'Previous page', { :page => @user_pages.current.previous } if @user_pages.current.previous %>
|
31
|
+
<%= link_to 'Next page', { :page => @user_pages.current.next } if @user_pages.current.next %>
|
32
|
+
|
33
|
+
<br />
|
34
|
+
|
35
|
+
<%= link_to 'New user', :action => 'new' %>
|
@@ -0,0 +1,11 @@
|
|
1
|
+
<h1>Please login</h1>
|
2
|
+
|
3
|
+
<%= start_form_tag :action => 'login' %>
|
4
|
+
<p><label for="user_login">User ID</label><br/>
|
5
|
+
<%= text_field 'user', 'login' %></p>
|
6
|
+
|
7
|
+
<p><label for="user_password">Password</label><br/>
|
8
|
+
<%= password_field 'user', 'password' %></p>
|
9
|
+
|
10
|
+
<%= submit_tag 'Login' %>
|
11
|
+
<%= end_form_tag %>
|
@@ -0,0 +1,16 @@
|
|
1
|
+
<p>
|
2
|
+
You must have the administrator role to proceed.<br/>
|
3
|
+
If you aren't an administrator, please use the "back" button in your browser to exit this action.
|
4
|
+
</p>
|
5
|
+
<p>
|
6
|
+
<b>Administrator login</b>
|
7
|
+
</p>
|
8
|
+
<%= start_form_tag %>
|
9
|
+
<p><label for="user_login">User ID</label><br/>
|
10
|
+
<%= text_field 'user', 'login' %></p>
|
11
|
+
|
12
|
+
<p><label for="user_password">Password</label><br/>
|
13
|
+
<%= password_field 'user', 'password' %></p>
|
14
|
+
|
15
|
+
<%= submit_tag 'Login' %>
|
16
|
+
<%= end_form_tag %>
|
@@ -0,0 +1 @@
|
|
1
|
+
OK.
|
@@ -0,0 +1,30 @@
|
|
1
|
+
<h1>New user</h1>
|
2
|
+
|
3
|
+
<%= error_messages_for 'user' %>
|
4
|
+
<%= start_form_tag :action => 'new' %>
|
5
|
+
<table>
|
6
|
+
<tr>
|
7
|
+
<th><label for="user_login">Login</label></th>
|
8
|
+
<td><%= text_field 'user', 'login' %></td>
|
9
|
+
</tr>
|
10
|
+
<tr>
|
11
|
+
<th><label for="user_name">Name</label></th>
|
12
|
+
<td><%= text_field 'user', 'name' %></td>
|
13
|
+
</tr>
|
14
|
+
<tr>
|
15
|
+
<th><label for="user_email">Email</label></th>
|
16
|
+
<td><%= text_field 'user', 'email' %></td>
|
17
|
+
</tr>
|
18
|
+
<tr>
|
19
|
+
<th><label for="user_password">Password</label></th>
|
20
|
+
<td><%= password_field 'user', 'password' %></td>
|
21
|
+
</tr>
|
22
|
+
<tr>
|
23
|
+
<th><label for="user_password_confirmation">Password again</label></th>
|
24
|
+
<td><%= password_field 'user', 'password_confirmation' %></td>
|
25
|
+
</tr>
|
26
|
+
</table>
|
27
|
+
<%= submit_tag "Create" %>
|
28
|
+
<%= end_form_tag %>
|
29
|
+
|
30
|
+
<%= link_to 'Back', :action => 'list' %>
|
@@ -0,0 +1,10 @@
|
|
1
|
+
<% for column in User.content_columns %>
|
2
|
+
<% if User.display?(column.name) and @user.readable?(column.name) %>
|
3
|
+
<p>
|
4
|
+
<b><%= column.human_name %>:</b> <%=h @user.send(column.name) %>
|
5
|
+
</p>
|
6
|
+
<% end %>
|
7
|
+
<% end %>
|
8
|
+
|
9
|
+
<%= link_to 'Edit', :action => 'edit', :id => @user %> |
|
10
|
+
<%= link_to 'Back', :action => 'list' %>
|
@@ -0,0 +1 @@
|
|
1
|
+
OK.
|
metadata
ADDED
@@ -0,0 +1,83 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
rubygems_version: 0.8.8
|
3
|
+
specification_version: 1
|
4
|
+
name: model_security_generator
|
5
|
+
version: !ruby/object:Gem::Version
|
6
|
+
version: 0.0.1
|
7
|
+
date: 2005-08-12
|
8
|
+
summary: "[Rails] Model security and authentication generator."
|
9
|
+
require_paths:
|
10
|
+
- "."
|
11
|
+
email: ''
|
12
|
+
homepage:
|
13
|
+
rubyforge_project:
|
14
|
+
description: Generates Rails code implementing a model security and authentication system for your Rails app.
|
15
|
+
autorequire:
|
16
|
+
default_executable:
|
17
|
+
bindir: bin
|
18
|
+
has_rdoc: false
|
19
|
+
required_ruby_version: !ruby/object:Gem::Version::Requirement
|
20
|
+
requirements:
|
21
|
+
-
|
22
|
+
- ">"
|
23
|
+
- !ruby/object:Gem::Version
|
24
|
+
version: 0.0.0
|
25
|
+
version:
|
26
|
+
platform: ruby
|
27
|
+
authors:
|
28
|
+
- Bruce Perens
|
29
|
+
- Joe Hosteny
|
30
|
+
files:
|
31
|
+
- USAGE
|
32
|
+
- README
|
33
|
+
- model_security_generator.rb
|
34
|
+
- templates/modal.rb
|
35
|
+
- templates/modal_helper.rb
|
36
|
+
- templates/model_security.rb
|
37
|
+
- templates/model_security_helper.rb
|
38
|
+
- templates/once.rb
|
39
|
+
- templates/user_support.rb
|
40
|
+
- templates/user.rb
|
41
|
+
- templates/user_controller.rb
|
42
|
+
- templates/user_mailer.rb
|
43
|
+
- templates/user_controller_test.rb
|
44
|
+
- templates/user_test.rb
|
45
|
+
- templates/mock_mailer.rb
|
46
|
+
- templates/mock_time.rb
|
47
|
+
- templates/users.yml
|
48
|
+
- templates/schema.sql
|
49
|
+
- templates/users.sql
|
50
|
+
- templates/scaffold.css
|
51
|
+
- templates/scaffold.rhtml
|
52
|
+
- templates/standard.css
|
53
|
+
- templates/standard.rhtml
|
54
|
+
- templates/_view_form.rhtml
|
55
|
+
- templates/mailer_forgot_password.rhtml
|
56
|
+
- templates/mailer_new_user.rhtml
|
57
|
+
- templates/view_activate.rhtml
|
58
|
+
- templates/view_edit.rhtml
|
59
|
+
- templates/view_forgot_password_done.rhtml
|
60
|
+
- templates/view_list.rhtml
|
61
|
+
- templates/view_login.rhtml
|
62
|
+
- templates/view_login_admin.rhtml
|
63
|
+
- templates/view_logout.rhtml
|
64
|
+
- templates/view_new.rhtml
|
65
|
+
- templates/view_show.rhtml
|
66
|
+
- templates/view_success.rhtml
|
67
|
+
test_files: []
|
68
|
+
rdoc_options: []
|
69
|
+
extra_rdoc_files: []
|
70
|
+
executables: []
|
71
|
+
extensions: []
|
72
|
+
requirements: []
|
73
|
+
dependencies:
|
74
|
+
- !ruby/object:Gem::Dependency
|
75
|
+
name: rails
|
76
|
+
version_requirement:
|
77
|
+
version_requirements: !ruby/object:Gem::Version::Requirement
|
78
|
+
requirements:
|
79
|
+
-
|
80
|
+
- ">="
|
81
|
+
- !ruby/object:Gem::Version
|
82
|
+
version: 0.13.1
|
83
|
+
version:
|