model_security_generator 0.0.1
Sign up to get free protection for your applications and to get access to all the features.
- data/README +0 -0
- data/USAGE +0 -0
- data/model_security_generator.rb +75 -0
- data/templates/_view_form.rhtml +27 -0
- data/templates/mailer_forgot_password.rhtml +18 -0
- data/templates/mailer_new_user.rhtml +10 -0
- data/templates/mock_mailer.rb +16 -0
- data/templates/mock_time.rb +17 -0
- data/templates/modal.rb +82 -0
- data/templates/modal_helper.rb +29 -0
- data/templates/model_security.rb +334 -0
- data/templates/model_security_helper.rb +64 -0
- data/templates/once.rb +36 -0
- data/templates/scaffold.css +74 -0
- data/templates/scaffold.rhtml +11 -0
- data/templates/schema.sql +4 -0
- data/templates/standard.css +7 -0
- data/templates/standard.rhtml +16 -0
- data/templates/user.rb +328 -0
- data/templates/user_controller.rb +178 -0
- data/templates/user_controller_test.rb +20 -0
- data/templates/user_mailer.rb +29 -0
- data/templates/user_support.rb +124 -0
- data/templates/user_test.rb +10 -0
- data/templates/users.sql +17 -0
- data/templates/users.yml +41 -0
- data/templates/view_activate.rhtml +1 -0
- data/templates/view_edit.rhtml +10 -0
- data/templates/view_forgot_password_done.rhtml +5 -0
- data/templates/view_list.rhtml +35 -0
- data/templates/view_login.rhtml +11 -0
- data/templates/view_login_admin.rhtml +16 -0
- data/templates/view_logout.rhtml +1 -0
- data/templates/view_new.rhtml +30 -0
- data/templates/view_show.rhtml +10 -0
- data/templates/view_success.rhtml +1 -0
- metadata +83 -0
@@ -0,0 +1,29 @@
|
|
1
|
+
ActionMailer::Base.delivery_method = :sendmail
|
2
|
+
|
3
|
+
# Send mail to a user to administer that user's login. Called by UserController.
|
4
|
+
class UserMailer < ActionMailer::Base
|
5
|
+
|
6
|
+
# Send a forgot-password email, allowing the user to regain their login name
|
7
|
+
# and password.
|
8
|
+
def forgot_password(user, url)
|
9
|
+
@body['user'] = user
|
10
|
+
@body['url'] = url
|
11
|
+
|
12
|
+
recipients user.email
|
13
|
+
subject 'Login and password recovery.'
|
14
|
+
from 'bruce@perens.com'
|
15
|
+
|
16
|
+
end
|
17
|
+
|
18
|
+
# Send a new-user email, providing the user with a URL used to validate
|
19
|
+
# that user's login.
|
20
|
+
def new_user(user, url)
|
21
|
+
@body['user'] = user
|
22
|
+
@body['url'] = url
|
23
|
+
|
24
|
+
recipients user.email
|
25
|
+
subject 'Your new login is ready'
|
26
|
+
from 'bruce@perens.com'
|
27
|
+
|
28
|
+
end
|
29
|
+
end
|
@@ -0,0 +1,124 @@
|
|
1
|
+
# UserSupport provides methods are intended to be included by
|
2
|
+
# ApplicationController to support the user system across the
|
3
|
+
# entire application. They are companions to the User model.
|
4
|
+
#
|
5
|
+
# The HTTP authorization code is
|
6
|
+
# derived from an example published by Maximillian Dornseif at
|
7
|
+
# http://blogs.23.nu/c0re/stories/7409/
|
8
|
+
# which was released for use under any license.
|
9
|
+
#
|
10
|
+
module UserSupport
|
11
|
+
end
|
12
|
+
|
13
|
+
require 'user'
|
14
|
+
require 'modal'
|
15
|
+
|
16
|
+
module UserSupport
|
17
|
+
# Return true if the currently-logged-in user is the administrator.
|
18
|
+
def admin?
|
19
|
+
User.admin?
|
20
|
+
end
|
21
|
+
|
22
|
+
|
23
|
+
# This is meant to be used as a before_filter. It requires an
|
24
|
+
# administrative login, putting up a login panel if the administrator
|
25
|
+
# isn't currently logged in. Once the administrator logs in, it resumes
|
26
|
+
# the action it was protecting.
|
27
|
+
def require_admin
|
28
|
+
if admin?
|
29
|
+
return true
|
30
|
+
else
|
31
|
+
store_location
|
32
|
+
redirect_to :controller => 'user', :action => 'login_admin'
|
33
|
+
return false
|
34
|
+
end
|
35
|
+
end
|
36
|
+
|
37
|
+
# This is meant to be used as a before_filter. It requires a
|
38
|
+
# login, putting up a login panel if the session isn't currently
|
39
|
+
# logged in. Once a user logs in, it resumes the action it was
|
40
|
+
# protecting.
|
41
|
+
def require_login
|
42
|
+
if User.current
|
43
|
+
true
|
44
|
+
else
|
45
|
+
store_location
|
46
|
+
redirect_to :controller => 'user', :action => 'login'
|
47
|
+
false
|
48
|
+
end
|
49
|
+
end
|
50
|
+
|
51
|
+
# This is a before filter for the entire application, used to set up the
|
52
|
+
# current user from the session or from various forms of authentication.
|
53
|
+
# It's mandiatory that your application declare this filter if it's using
|
54
|
+
# the User model, as this is responsible for maintaining the application's
|
55
|
+
# idea of the currently-logged-in user.
|
56
|
+
#
|
57
|
+
# It will always return true, and thus will not block your actions. Use
|
58
|
+
# require_login or require_admin if you want to block actions.
|
59
|
+
#
|
60
|
+
# This filter must be called before require_login, require_admin,
|
61
|
+
# security tests of ModelSecurity that are based on User, or anything
|
62
|
+
# that expects login information.
|
63
|
+
#
|
64
|
+
def user_setup
|
65
|
+
user = login = password = nil
|
66
|
+
|
67
|
+
r = @request.env
|
68
|
+
|
69
|
+
# If the request contains an HTTP authentication, decode it.
|
70
|
+
# Don't use it to authenticate the user yet.
|
71
|
+
if (authdata = r['HTTP_AUTHORIZATION'] or r['X-HTTP_AUTHORIZATION'])
|
72
|
+
authdata = authdata.to_s.split
|
73
|
+
|
74
|
+
# FIX: At the moment we only support Basic authentication. It's
|
75
|
+
# prone to sniffing. Change to Digest authentication.
|
76
|
+
if not authdata.nil? and authdata[0] == 'Basic'
|
77
|
+
login, password = Base64.decode64(authdata[1]).split(':')[0..1]
|
78
|
+
end
|
79
|
+
end
|
80
|
+
|
81
|
+
# If the user is already logged into the session, get the user record.
|
82
|
+
if (id = @session[:user_id])
|
83
|
+
user = User.sign_on_by_session(id)
|
84
|
+
end
|
85
|
+
|
86
|
+
# If the HTTP authentication is for a different user name, the user wants
|
87
|
+
# to change logins. This can happen if an operation requires an
|
88
|
+
# administrative login and the current user isn't the administrator but
|
89
|
+
# also has an administrative login. It can also happen with command-line
|
90
|
+
# tools like "wget" or web services clients that operate on behalf of
|
91
|
+
# several users.
|
92
|
+
#
|
93
|
+
# Note that HTTP authentication (at least Basic) can be sent without
|
94
|
+
# the server first asking for it, and that's valid according to the
|
95
|
+
# HTTP specification. So, I can get here without having asked the browser
|
96
|
+
# to put up a login panel.
|
97
|
+
#
|
98
|
+
# Allow re-log-in if the user name and password authenticate properly.
|
99
|
+
#
|
100
|
+
if login and (user.nil? or login != user.login)
|
101
|
+
user = User.sign_on(login, password)
|
102
|
+
end
|
103
|
+
|
104
|
+
# Sign on the user via a web form.
|
105
|
+
if @request.method == :post and (p = @params['user']) != nil
|
106
|
+
if p['login'] and p['password']
|
107
|
+
user = User.sign_on(p['login'], p['password'])
|
108
|
+
end
|
109
|
+
end
|
110
|
+
|
111
|
+
# Sign on the user via a security token.
|
112
|
+
if @params[:id] and @params['token']
|
113
|
+
user = User.sign_on_by_token(@params[:id], @params['token'])
|
114
|
+
end
|
115
|
+
|
116
|
+
if user
|
117
|
+
User.current = user
|
118
|
+
@session[:user_id] = user.id
|
119
|
+
end
|
120
|
+
logger.info("Current user is #{User.current.inspect}.")
|
121
|
+
|
122
|
+
true
|
123
|
+
end
|
124
|
+
end
|
data/templates/users.sql
ADDED
@@ -0,0 +1,17 @@
|
|
1
|
+
create table users (
|
2
|
+
id integer unsigned not null auto_increment primary key,
|
3
|
+
login varchar(40) not null,
|
4
|
+
name varchar(128) not null,
|
5
|
+
admin integer(1) not null default 0,
|
6
|
+
activated integer(1) not null default 0,
|
7
|
+
email varchar(80) not null,
|
8
|
+
cypher varchar(512) not null,
|
9
|
+
salt char(40) not null,
|
10
|
+
token char(10) not null,
|
11
|
+
token_expiry timestamp not null,
|
12
|
+
created_on timestamp not null,
|
13
|
+
updated_on timestamp not null,
|
14
|
+
lock_version integer not null default 0,
|
15
|
+
index (login),
|
16
|
+
index (email)
|
17
|
+
);
|
data/templates/users.yml
ADDED
@@ -0,0 +1,41 @@
|
|
1
|
+
# Read about fixtures at http://ar.rubyonrails.org/classes/Fixtures.html
|
2
|
+
|
3
|
+
bob:
|
4
|
+
id: 1000001
|
5
|
+
login: bob
|
6
|
+
cypher: ef94c16f6c124a4e84cc215c164767bfa25f6e92 # atest
|
7
|
+
salt: 7f8b036f9b647d46d22abdbfc8113f44a88f9889
|
8
|
+
email: bob@test.com
|
9
|
+
activated: 1
|
10
|
+
|
11
|
+
existingbob:
|
12
|
+
id: 1000002
|
13
|
+
login: existingbob
|
14
|
+
cypher: 99d6b680d4bfa81cbd383ffa0390bb03323a0b9a # atest
|
15
|
+
salt: fc76daa7bc4e4b7833375cf9deca38beee4c5581
|
16
|
+
email: existingbob@test.com
|
17
|
+
activated: 1
|
18
|
+
|
19
|
+
longbob:
|
20
|
+
id: 1000003
|
21
|
+
login: longbob
|
22
|
+
cypher: c841391e1d29100a4920de7a8fbb4b0fd180c6c0 # alongtest
|
23
|
+
salt: c068e3671780f16898c0a8295ae8d82cc59713e2
|
24
|
+
email: longbob@test.com
|
25
|
+
activated: 1
|
26
|
+
|
27
|
+
deletebob1:
|
28
|
+
id: 1000004
|
29
|
+
login: deletebob1
|
30
|
+
cypher: c841391e1d29100a4920de7a8fbb4b0fd180c6c0 # alongtest
|
31
|
+
salt: c068e3671780f16898c0a8295ae8d82cc59713e2
|
32
|
+
email: deletebob1@test.com
|
33
|
+
activated: 1
|
34
|
+
|
35
|
+
deletebob2:
|
36
|
+
id: 1000005
|
37
|
+
login: deletebob2
|
38
|
+
cypher: c841391e1d29100a4920de7a8fbb4b0fd180c6c0 # alongtest
|
39
|
+
salt: c068e3671780f16898c0a8295ae8d82cc59713e2
|
40
|
+
email: deletebob2@test.com
|
41
|
+
activated: 1
|
@@ -0,0 +1 @@
|
|
1
|
+
Your account is now activated.
|
@@ -0,0 +1,10 @@
|
|
1
|
+
<h1>Editing user</h1>
|
2
|
+
|
3
|
+
<% error_messages_for 'user' %>
|
4
|
+
<%= start_form_tag :action => 'edit', :id => @user %>
|
5
|
+
<%= render_partial 'form' %>
|
6
|
+
<%= submit_tag 'Edit' %>
|
7
|
+
<%= end_form_tag %>
|
8
|
+
|
9
|
+
<%= link_to 'Show', :action => 'show', :id => @user %> |
|
10
|
+
<%= link_to 'Back', :action => 'list' %>
|
@@ -0,0 +1,35 @@
|
|
1
|
+
<h1>Listing users</h1>
|
2
|
+
|
3
|
+
<table>
|
4
|
+
<tr>
|
5
|
+
<% for column in User.content_columns %>
|
6
|
+
<% if User.display?(column.name) %>
|
7
|
+
<th><%= column.human_name %></th>
|
8
|
+
<% end %>
|
9
|
+
<% end %>
|
10
|
+
</tr>
|
11
|
+
|
12
|
+
<% for user in @users %>
|
13
|
+
<tr>
|
14
|
+
<% for column in User.content_columns %>
|
15
|
+
<% if User.display?(column.name) %>
|
16
|
+
<% if user.readable?(column.name) %>
|
17
|
+
<td><%= user.send(column.name) %></td>
|
18
|
+
<% else %>
|
19
|
+
<td></td>
|
20
|
+
<% end %>
|
21
|
+
<% end %>
|
22
|
+
<% end %>
|
23
|
+
<td><%= link_to 'Show', :action => 'show', :id => user %></td>
|
24
|
+
<td><%= link_to 'Edit', :action => 'edit', :id => user %></td>
|
25
|
+
<td><%= link_to 'Destroy', {:action => 'destroy', :id => user}, :confirm => 'Are you sure?' %></td>
|
26
|
+
</tr>
|
27
|
+
<% end %>
|
28
|
+
</table>
|
29
|
+
|
30
|
+
<%= link_to 'Previous page', { :page => @user_pages.current.previous } if @user_pages.current.previous %>
|
31
|
+
<%= link_to 'Next page', { :page => @user_pages.current.next } if @user_pages.current.next %>
|
32
|
+
|
33
|
+
<br />
|
34
|
+
|
35
|
+
<%= link_to 'New user', :action => 'new' %>
|
@@ -0,0 +1,11 @@
|
|
1
|
+
<h1>Please login</h1>
|
2
|
+
|
3
|
+
<%= start_form_tag :action => 'login' %>
|
4
|
+
<p><label for="user_login">User ID</label><br/>
|
5
|
+
<%= text_field 'user', 'login' %></p>
|
6
|
+
|
7
|
+
<p><label for="user_password">Password</label><br/>
|
8
|
+
<%= password_field 'user', 'password' %></p>
|
9
|
+
|
10
|
+
<%= submit_tag 'Login' %>
|
11
|
+
<%= end_form_tag %>
|
@@ -0,0 +1,16 @@
|
|
1
|
+
<p>
|
2
|
+
You must have the administrator role to proceed.<br/>
|
3
|
+
If you aren't an administrator, please use the "back" button in your browser to exit this action.
|
4
|
+
</p>
|
5
|
+
<p>
|
6
|
+
<b>Administrator login</b>
|
7
|
+
</p>
|
8
|
+
<%= start_form_tag %>
|
9
|
+
<p><label for="user_login">User ID</label><br/>
|
10
|
+
<%= text_field 'user', 'login' %></p>
|
11
|
+
|
12
|
+
<p><label for="user_password">Password</label><br/>
|
13
|
+
<%= password_field 'user', 'password' %></p>
|
14
|
+
|
15
|
+
<%= submit_tag 'Login' %>
|
16
|
+
<%= end_form_tag %>
|
@@ -0,0 +1 @@
|
|
1
|
+
OK.
|
@@ -0,0 +1,30 @@
|
|
1
|
+
<h1>New user</h1>
|
2
|
+
|
3
|
+
<%= error_messages_for 'user' %>
|
4
|
+
<%= start_form_tag :action => 'new' %>
|
5
|
+
<table>
|
6
|
+
<tr>
|
7
|
+
<th><label for="user_login">Login</label></th>
|
8
|
+
<td><%= text_field 'user', 'login' %></td>
|
9
|
+
</tr>
|
10
|
+
<tr>
|
11
|
+
<th><label for="user_name">Name</label></th>
|
12
|
+
<td><%= text_field 'user', 'name' %></td>
|
13
|
+
</tr>
|
14
|
+
<tr>
|
15
|
+
<th><label for="user_email">Email</label></th>
|
16
|
+
<td><%= text_field 'user', 'email' %></td>
|
17
|
+
</tr>
|
18
|
+
<tr>
|
19
|
+
<th><label for="user_password">Password</label></th>
|
20
|
+
<td><%= password_field 'user', 'password' %></td>
|
21
|
+
</tr>
|
22
|
+
<tr>
|
23
|
+
<th><label for="user_password_confirmation">Password again</label></th>
|
24
|
+
<td><%= password_field 'user', 'password_confirmation' %></td>
|
25
|
+
</tr>
|
26
|
+
</table>
|
27
|
+
<%= submit_tag "Create" %>
|
28
|
+
<%= end_form_tag %>
|
29
|
+
|
30
|
+
<%= link_to 'Back', :action => 'list' %>
|
@@ -0,0 +1,10 @@
|
|
1
|
+
<% for column in User.content_columns %>
|
2
|
+
<% if User.display?(column.name) and @user.readable?(column.name) %>
|
3
|
+
<p>
|
4
|
+
<b><%= column.human_name %>:</b> <%=h @user.send(column.name) %>
|
5
|
+
</p>
|
6
|
+
<% end %>
|
7
|
+
<% end %>
|
8
|
+
|
9
|
+
<%= link_to 'Edit', :action => 'edit', :id => @user %> |
|
10
|
+
<%= link_to 'Back', :action => 'list' %>
|
@@ -0,0 +1 @@
|
|
1
|
+
OK.
|
metadata
ADDED
@@ -0,0 +1,83 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
rubygems_version: 0.8.8
|
3
|
+
specification_version: 1
|
4
|
+
name: model_security_generator
|
5
|
+
version: !ruby/object:Gem::Version
|
6
|
+
version: 0.0.1
|
7
|
+
date: 2005-08-12
|
8
|
+
summary: "[Rails] Model security and authentication generator."
|
9
|
+
require_paths:
|
10
|
+
- "."
|
11
|
+
email: ''
|
12
|
+
homepage:
|
13
|
+
rubyforge_project:
|
14
|
+
description: Generates Rails code implementing a model security and authentication system for your Rails app.
|
15
|
+
autorequire:
|
16
|
+
default_executable:
|
17
|
+
bindir: bin
|
18
|
+
has_rdoc: false
|
19
|
+
required_ruby_version: !ruby/object:Gem::Version::Requirement
|
20
|
+
requirements:
|
21
|
+
-
|
22
|
+
- ">"
|
23
|
+
- !ruby/object:Gem::Version
|
24
|
+
version: 0.0.0
|
25
|
+
version:
|
26
|
+
platform: ruby
|
27
|
+
authors:
|
28
|
+
- Bruce Perens
|
29
|
+
- Joe Hosteny
|
30
|
+
files:
|
31
|
+
- USAGE
|
32
|
+
- README
|
33
|
+
- model_security_generator.rb
|
34
|
+
- templates/modal.rb
|
35
|
+
- templates/modal_helper.rb
|
36
|
+
- templates/model_security.rb
|
37
|
+
- templates/model_security_helper.rb
|
38
|
+
- templates/once.rb
|
39
|
+
- templates/user_support.rb
|
40
|
+
- templates/user.rb
|
41
|
+
- templates/user_controller.rb
|
42
|
+
- templates/user_mailer.rb
|
43
|
+
- templates/user_controller_test.rb
|
44
|
+
- templates/user_test.rb
|
45
|
+
- templates/mock_mailer.rb
|
46
|
+
- templates/mock_time.rb
|
47
|
+
- templates/users.yml
|
48
|
+
- templates/schema.sql
|
49
|
+
- templates/users.sql
|
50
|
+
- templates/scaffold.css
|
51
|
+
- templates/scaffold.rhtml
|
52
|
+
- templates/standard.css
|
53
|
+
- templates/standard.rhtml
|
54
|
+
- templates/_view_form.rhtml
|
55
|
+
- templates/mailer_forgot_password.rhtml
|
56
|
+
- templates/mailer_new_user.rhtml
|
57
|
+
- templates/view_activate.rhtml
|
58
|
+
- templates/view_edit.rhtml
|
59
|
+
- templates/view_forgot_password_done.rhtml
|
60
|
+
- templates/view_list.rhtml
|
61
|
+
- templates/view_login.rhtml
|
62
|
+
- templates/view_login_admin.rhtml
|
63
|
+
- templates/view_logout.rhtml
|
64
|
+
- templates/view_new.rhtml
|
65
|
+
- templates/view_show.rhtml
|
66
|
+
- templates/view_success.rhtml
|
67
|
+
test_files: []
|
68
|
+
rdoc_options: []
|
69
|
+
extra_rdoc_files: []
|
70
|
+
executables: []
|
71
|
+
extensions: []
|
72
|
+
requirements: []
|
73
|
+
dependencies:
|
74
|
+
- !ruby/object:Gem::Dependency
|
75
|
+
name: rails
|
76
|
+
version_requirement:
|
77
|
+
version_requirements: !ruby/object:Gem::Version::Requirement
|
78
|
+
requirements:
|
79
|
+
-
|
80
|
+
- ">="
|
81
|
+
- !ruby/object:Gem::Version
|
82
|
+
version: 0.13.1
|
83
|
+
version:
|