model_security_generator 0.0.3 → 0.0.5

data/model_security_generator.rb

@@ -43,26 +43,24 @@ class ModelSecurityGenerator < Rails::Generator::NamedBase
         m.file "views/#{action}.rhtml", "app/views/user/#{action}.rhtml"
       end
 
-      # Partials
-      m.directory "app/views/user"
-      partial_views.each do |action|
-        m.file "views/_#{action}.rhtml", "app/views/user/_#{action}.rhtml"
-      end
-
       # Mailer
       m.directory "app/views/user_mailer"
       mailer_views.each do |action|
         m.file "mailer/#{action}.rhtml", "app/views/user_mailer/#{action}.rhtml"
       end
+
+      # Documentation
+      m.directory "manuals/ModelSecurity"
+      m.file "README", "manuals/ModelSecurity/README"
+      m.file "USAGE", "manuals/ModelSecurity/USAGE"
+      m.file "RUN_DEMO", "manuals/ModelSecurity/RUN_DEMO"
+      m.file "ADD_TO_APPLICATION_CONTROLLER",
+       "app/controllers/ADD_TO_APPLICATION_CONTROLLER.ModelSecurity"
     end
   end
 
   def user_views
-    %w(activate admin_created created edit forgot_password_done list login login_admin logout new show success)
-  end
-
-  def partial_views
-    %w(form)
+    %w(activate admin_created created forgot_password forgot_password_done login login_admin logout new success)
   end
 
   def mailer_views

data/templates/ADD_TO_APPLICATION_CONTROLLER

@@ -0,0 +1,13 @@
+# The filters added to this controller will be run for all controllers in the application.
+# Likewise will all the methods added be available for all controllers.
+#
+# Added Facilities for User model (and thus also for Modal and ModelSecurity).
+#
+require 'user_support'
+
+class ApplicationController < ActionController::Base
+  helper :ModelSecurity
+  include UserSupport
+
+  before_filter :user_setup
+end

data/templates/README

@@ -0,0 +1,2 @@
+
+

data/templates/RUN_DEMO

@@ -0,0 +1,95 @@
+= Running the Model Security Demo =
+
+Here's how to run the model security demo. Once you've gone through this
+process, you should be able
+
+Generate a rails program called <i>test</i>, and change to its directory:
+
+  rails test
+  cd test
+
+Install the model_security gem:
+
+  gem install model_security -
+
+Have MySQL execute the script to create the database and a MySQL user ID for the rails program:
+
+  cd db/
+  mysql -u <i>MYSQL-ADMIN-NAME</i> -p < demo.sql
+
+Examine demo.sql and users.sql . Note that demo.sql runs users.sql to define
+the users table. When you include ModelSecurity in another Rails program,
+you'll skip demo.sql and use users.sql to create the users table.
+
+Edit the database configuration in db/database.yml to look like this:
+
+  development:
+    adapter: mysql
+    database: model_security_demo
+    host: localhost
+    username: m_s_demo
+    password: 
+
+Add some necessary facilities to your brand new application controller:
+
+  cd ../app/controllers
+  cp ADD_TO_APPLICATION_CONTROLLER.ModelSecurity application.rb
+  cd ../..
+
+If this wasn't a new controller, you would edit application.rb to add the
+facilities requested, rather than copying over the file.
+
+Start the rails server:
+
+  script/server &
+
+Open a web browser to http://localhost:3000/user/new
+Use the form to create a new user. That user will automatically be
+granted the administrator role, and will be activated immediately.
+
+Subsequent users will <i>not</i> automatically get the administrator role,
+although an administrator can grant it to them by editing their record
+with /user/edit/<i>user-name</i> . Subsequent users will
+not have their login activated immediately when they create it. Instead,
+they will be sent an email containing a URL that they must use to activate
+their login.
+
+Now, you can play with the demo. The user controller responds to:
+
+  * /user/activate/<i>user-name</i>?token=<i>security-token</i>
+    Activate a user, after the user's login has been created.
+
+  * /user/destroy/<i>user-name</i>
+    Destroy a user. Requires the administrator role.
+
+  * /user/edit
+    Edit the attributes of a user. Administrators are allowed to edit more
+    fields than normal users, and normal are allowed to edit their own
+    record, not anyone else's.
+
+  * /user/forgot_password
+    Send an email to the user that facilitates password recovery. 
+
+  * /user/list
+    List the users. Administrators can see more information than normal
+    users. Normal users can see some information on their own record
+    that they will not see in the records of other users.
+
+  * /user/login
+    Perform HTTP authentication to log in a user. If that doesn't work,
+    fall back on a login form.
+
+  * /user/logout
+    Log a user out. Actually loops back to the login action, because the only
+    way to get the browser to stop sending HTTP authentication data with
+    every request is to ask it to get new authentication data from the
+    user.
+
+  * /user/new
+    Create a new user.
+
+  * /user/show
+    Display information about a user. Administrators can see more information
+    than normal users.
+    Normal users can see some information on their own record
+    that they will not see in the records of other users.

data/templates/USAGE

@@ -0,0 +1,2 @@
+
+

data/templates/controllers/user_controller.rb

@@ -1,3 +1,7 @@
+# Manipulate the User model.
+#
+# This (and the User model) should probably be merged with ActiveRBAC.
+#
 # The HTTP authorization code is
 # derived from an example published by Maximillian Dornseif at
 # http://blogs.23.nu/c0re/stories/7409/
@@ -9,7 +13,8 @@
 # say that this is derived from the work of Joe Hosteny and Tobias Leutke.
 #
 class UserController < ApplicationController
-  # helper ModelSecurity
+  scaffold :user
+  helper :ModelSecurity
 
 private
   # Require_admin will require an administrative login before the action
@@ -31,13 +36,6 @@ private
     render :status => 401
   end
 
-  def initialize
-  end
-
-public
-  scaffold :user
-
-private
 public
 
   # Activate a new user, having logged in with a security token. All of the
@@ -45,28 +43,6 @@ public
   def activate
   end
 
-  # Destroy a user object.
-  def destroy
-    user = User.find(@params[:id])
-    user.destroy
-    flash['notice'] = 'User destroyed.'
-    redirect_to :action => :list
-  end
-  
-  # Edit a user. Will only allow you to edit what your security clearance
-  # allows, due to the magic of model security.
-  def edit
-    case @request.method
-    when :get
-      @user = User.find(@params[:id])
-    when :post
-      @user = User.find(@params[:id])
-      @user.attributes = @params['user']
-      @user.save
-      redirect_to :action => :list
-    end
-  end
-  
   # Send out a forgot-password email.
   def forgot_password
     case @request.method
@@ -89,19 +65,6 @@ public
   def forgot_password_done
   end
 
-  # List users.
-  # FIX: Get away from the scaffold here, and use the login instead of the ID
-  # to access a user record. Using an ID gives outsiders a way to enumerate
-  # the users, which has security implications.
-  def list
-    options = {
-      :per_page => 10,
-      :order_by => 'name, id'
-    }
-
-    @user_pages, @users = paginate(:user, options)
-  end
-
   # Attempt HTTP authentication, and fall back on a login form.
   # If this method is called login_admin (it's an alias), keep trying
   # until an administrator logs in or the user pushes the "back" button.
@@ -150,6 +113,7 @@ public
           @user.activated = 1
           @user.save
           User.sign_on_by_session(1)
+          session[:user_id] = 1
           render :file => 'app/views/user/admin_created.rhtml'
 	# Mail the user instructions on how to activate their account.
         else
@@ -169,14 +133,6 @@ public
     end
   end
 
-  # Display a user's information.
-  # FIX: Use the user's login instead of the record ID.
-  # Using the record ID provides an easy way for outsiders to enumerate the
-  # users, which has security implications.
-  def show
-    @user = User.find(@params[:id])
-  end
-
   # Tell the user that an action succeeded.
   def success
   end

data/templates/helpers/model_security_helper.rb

@@ -1,64 +1,128 @@
-module ActionView::Helpers::FormHelper
-private
+require 'once'
 
-  def self.restrict(name)
-    module_eval <<-"end_eval", __FILE__, __LINE__
-      alias old_#{name} #{name}
-      def #{name}(object, method, options = {})
-        restricted_input(:old_#{name}, object, method, options) \
-      end
-    end_eval
-  end
+module ModelSecurityHelper
+end
 
-  def restricted_input(old_name, object, method, options, *extra, &block)
-    o = instance_variable_get("@" + object)
-    writable = o.writable?(method)
-    if o.readable?(method)
-      if writable
-	if block
-	  return yield(object, method, options, extra)
-	else
-	  return send(old_name, object, method, options)
-	end
-      else
-        return o.send(method)
-      end
-    elseif writable
-      options[:value] = ''
-      if block
-	return yield(object, method, options, extra)
-      else
-	return send(old_name, object, method, options)
+module ActiveRecord
+  class Base
+    once('@instanceAliasesDone') {
+      # Provides access to the pre-overload version of read_attribute, which
+      # is called by the overloaded version.
+      alias :old_read_attribute :read_attribute
+  
+      # Provides access to the pre-overload version of write_attribute, which
+      # is called by the overloaded version.
+      alias :old_write_attribute :write_attribute
+    }
+
+    class << self
+    private
+      once('@classAliasesDone') {
+        # Provides access to the pre-overload version of content_columns, which
+        # is called by the overloaded version.
+        alias :old_content_columns :content_columns
+      }
+    public
+      # Overload the base method to understand the let_display directive
+      # of ModelSecurity. If display? is not true for a model attribute
+      # in this context, that attribute won't be reported as a content
+      # column.
+      def content_columns
+        old_content_columns.reject { |c|
+          not display?(c.name)
+        }
       end
     end
   end
+end
 
-  once ('@aliasesDone') { # Evaluating this twice would break it.
-    alias old_check_box check_box
-    alias old_radio_button radio_button
-  }
-
-  SimpleMethods = \
-   ['file_field', 'hidden_field', 'password_field', 'text_area', 'text_field']
-
-public
+module ActionView
+  module Helpers
+    # Overload the form helper functions to understand ModelSecurity and
+    # act upon the permissions that ModelSecurity encodes. If a model
+    # attribute does not have a read permission in the current context,
+    # its data won't be displayed, or read at all, and thus the helpers
+    # won't trigger a ModelSecurity exception.  If there's no write
+    # permission on the datum, you'll display static data instead of an
+    # edit field. Write-only attributes work too. And all of this works
+    # on scaffolds.
+    # 
+    # The methods overriden here are:
+    # 
+    # * check_box
+    # * file_field
+    # * hidden_field
+    # * password_field
+    # * radio_button
+    # * text_area
+    # * text_field
+    #
+    module FormHelper
+    private
+    
+      def self.restrict(name)
+        module_eval <<-"end_eval", __FILE__, __LINE__
+          private
+	  alias :old_#{name} :#{name}
+          def #{name}(object, method, options = {})
+            restricted_input('#{name}', object, method, options)
+          end
+        end_eval
+      end
+    
+      def restricted_input(function, object, method, options, *extra, &block)
+        o = instance_variable_get('@' + object)
 
-  once ('@simpleMethodsDone') { # because it calls alias.
-    SimpleMethods.each { | name | restrict(name) }
-  }
+        if o.readable?(method)
+          if o.writable?(method) # Read+Write
+            if block
+              return yield(object, method, options, extra)
+            else
+              return send(('old_' + function).to_sym, object, method, options)
+            end
+          else # Read Only
+            return o.send(method)
+          end
+        else # Not Readable.
+          if o.writable?(method) # Write only.
+            u = { :value => '' }
 
-  def check_box(object, method, options = {}, checked_value = "1", unchecked_value = "0")
-    restricted_input(:old_check_box, object, method, options, checked_value, unchecked_value) {
-      | object, method, options, extra |
-      old_check_box(object, method, options, extra[0], extra[1])
-    } 
-  end
+            return send(('old_' + function).to_sym, object, method, options.update(u))
+          else # Neither readable or writable.
+            return ''
+          end
+        end
+      end
+    
+      # Evaluating the aliases twice would break them.
+      # Evaluating the constant definition twice causes a complaint.
+      once ('@aliasesDone') {
+        alias :old_check_box :check_box
+        alias :old_radio_button :radio_button
+      }
+    
+    
+    public
+    
+      once ('@simpleMethodsDone') { # because it calls alias.
+        m = %w(file_field hidden_field password_field text_area text_field)
 
-  def radio_button(object, method, tag_value, options = {})
-    restricted_input(:old_radio_button, object, method, options, tag_value) {
-      | object, method, options, extra |
-      old_radio_button(object, method, extra[0], options)
-    }
+        m.each { | name | restrict(name) }
+      }
+    
+      def check_box(object, method, options = {}, checked_value = "1", unchecked_value = "0") #:nodoc:
+        restricted_input('check_box', object, method, options, checked_value, unchecked_value) {
+          | object, method, options, extra |
+          old_check_box(object, method, options, extra[0], extra[1])
+        } 
+      end
+    
+      def radio_button(object, method, tag_value, options = {}) #:nodoc:
+        restricted_input('radio_button', object, method, options, tag_value) {
+          | object, method, options, extra |
+          old_radio_button(object, method, extra[0], options)
+        }
+      end
+    end
   end
 end
-

data/templates/lib/model_security.rb

@@ -1,3 +1,165 @@
+require 'once'
+
+module ModelSecurity
+private
+  # Functions that are both class and instance methods within ModelSecurity.
+  module BothClassAndInstanceMethods
+  private
+    # Run a single test. 
+    def run_test t
+      case t.class.name
+      when 'Proc'
+        return t.call(binding)
+      when 'Symbol'
+        return self.send(t)
+      when 'String'
+        return eval(t)
+      else
+        return false
+      end
+    end
+  
+    # This does the permission test for readable?, writable?, and display?. 
+    # A global variable is used to short-circuit recursion.
+    # 
+    # FIX: The global variable should be replaced with a thread-local variable
+    # once I learn how to make one. 
+    #
+    def run_tests(d, attribute)
+      global = d[:all]
+      local = d[attribute.to_sym]
+      result = true
+  
+      if (global or local) and ($in_test_permission != true)
+        $in_test_permission = true
+        result = (run_test(global) or run_test(local))
+        $in_test_permission = false
+      end
+      return result
+    end
+  
+  public
+    # Stub test for let_read and friends. Always returns true.
+    def always?
+      true
+    end
+  
+    # Stub test for let_read and friends. Always returns false.
+    def never?
+      false
+    end
+  end
+end
+
+# Class methods for ModelSecurity. They are broken out this way so that they
+# can be fed to base.extend(), Ruby interpreter magic so that class methods
+# of this module work while a class including it is being defined.
+# Uses a Rails-internal inheritable-attribute mechanism so that this data in a
+# derived class survives modification of similar data in its base class.
+#
+module ModelSecurity
+private
+  module ClassMethods
+  private
+    include BothClassAndInstanceMethods
+  
+    # Internal function where the work of let_read, let_write, let_access,
+    # and let_display is done. Store the tests to be run for each attribute
+    # in the class, to be evaluated later. *permission* is :let_read,
+    # :let_write, or :let_display. *arguments* is a list of attributes
+    # upon which security permissions are being declared and a hash
+    # containing all options, currently just :if . *block*, if given,
+    # contains a security test.
+    #
+    def let(permission, arguments, block)
+      attributes = []	# List of attributes that this permission applies to.
+      parameters = {}	# Optional parameters, currently only :if
+      procedure = nil	# Permission-test procedure.
+  
+      arguments.each { | argument |
+	case argument.class.name
+	when 'Hash'
+	  parameters.merge! argument
+	else
+	  attributes << argument
+	end
+      }
+      if not block.nil?
+	procedure = block
+      elsif (p = parameters[:if])
+	procedure = p
+      else
+	procedure = :always?
+      end
+  
+      d = {}
+      attributes.each { | name | d[name] = procedure }
+      write_inheritable_hash(permission, d)
+    end
+  
+  public
+  
+    # Install default permissions for all of the attributes that Rails defines.
+    #
+    # Readable:
+    #	created_at, created_on, type, id, updated_at, updated_on,
+    #	lock_version, position, parent_id, lft, rgt,
+    #	table_name + '_count'
+    #
+    # Writable:
+    #	updated_at, updated_on, lock_version, position, parent_id, lft, rgt
+    #
+    # Writable only before the first save of an Active Record:
+    #	created_at, created_on, type, id
+    #
+    def default_permissions
+      let_read :created_at, :created_on, :type, :id, :updated_at, \
+       :updated_on, :lock_version, :position, :parent_id, :lft, :rgt, \
+       (table_name + '_count').to_sym
+  
+      # These shouldn't change after the first save.
+      let_write :created_at, :created_on, :type, :id, :if => :new_record?
+  
+      # These can change.
+      let_write :updated_at, :updated_on, :lock_version, :position, :parent_id, \
+       :lft, :rgt
+    end
+  
+    # Return true if display of the attribute is permitted. *attribute* is a
+    # symbol, and should match a field in the database schema corresponding to
+    # this model.
+    def display?(attribute)
+      if (d = read_inheritable_attribute(:let_display))
+	return run_tests(d, attribute)
+      else
+	return true
+      end
+    end
+  
+    # Declare whether reads and writes are permitted on the named attributes.
+    def let_access(*arguments, &block)
+      let(:let_read, arguments, block)
+      let(:let_write, arguments, block)
+    end
+  
+    # Declare whether display of the named attribute is permitted.
+    def let_display(*arguments, &block)
+      let(:let_display, arguments, block)
+    end
+  
+  
+    # Declare whether read is permitted upon the named attributes.
+    def let_read(*arguments, &block)
+      let(:let_read, arguments, block)
+    end
+  
+    # Declare whether write is permitted upon the named attributes.
+    def let_write(*arguments, &block)
+      let(:let_write, arguments, block)
+    end
+  end
+end
+
 # The ModelSecurity module allows you to specify security permissions on any
 # or all of the attributes of a model implemented using ActiveRecord.
 #
@@ -99,59 +261,7 @@
 # access is attempted.
 #
 module ModelSecurity
-end
-
-require 'once'
-
-module ModelSecurity::BothClassAndInstanceMethods
-private
-  # Run a single test. 
-  def run_test t
-    case t.class.name
-    when 'Proc'
-      return t.call(binding)
-    when 'Symbol'
-      return self.send(t)
-    when 'String'
-      return eval(t)
-    else
-      return false
-    end
-  end
-
-  # This does the permission test for readable?, writable?, and display?. 
-  # A global variable is used to short-circuit recursion.
-  # 
-  # FIX: The global variable should be replaced with a thread-local variable
-  # once I learn how to make one. 
-  #
-  def run_tests(d, attribute)
-    global = d[:all]
-    local = d[attribute.to_sym]
-    result = true
-
-    if (global or local) and ($in_test_permission != true)
-      $in_test_permission = true
-      result = (run_test(global) or run_test(local))
-      $in_test_permission = false
-    end
-    return result
-  end
-
-public
-  # Stub test for let_read and friends. Always returns true.
-  def always?
-    true
-  end
-
-  # Stub test for let_read and friends. Always returns false.
-  def never?
-    false
-  end
-end
-
-module ModelSecurity
-  include ModelSecurity::BothClassAndInstanceMethods
+  include BothClassAndInstanceMethods
 
   # This does the permission test for readable? or writable?.
   def test_permission(permission, attribute)
@@ -241,121 +351,3 @@ public
   end
 end
 
-# Class methods for ModelSecurity. They are broken out this way so that they
-# can be fed to base.extend(), Ruby interpreter magic so that class methods
-# of this module work while a class including it is being defined.
-# Uses a Rails-internal inheritable-attribute mechanism so that this data in a
-# derived class survives modification of similar data in its base class.
-#
-module ModelSecurity::ClassMethods
-private
-  include ModelSecurity::BothClassAndInstanceMethods
-
-  # Internal function where the work of let_read, let_write, let_access,
-  # and let_display is done. Store the tests to be run for each attribute
-  # in the class, to be evaluated later. *permission* is :let_read,
-  # :let_write, or :let_display. *arguments* is a list of attributes
-  # upon which security permissions are being declared and a hash
-  # containing all options, currently just :if . *block*, if given,
-  # contains a security test.
-  #
-  def let(permission, arguments, block)
-    attributes = []	# List of attributes that this permission applies to.
-    parameters = {}	# Optional parameters, currently only :if
-    procedure = nil	# Permission-test procedure.
-
-    arguments.each { | argument |
-      case argument.class.name
-      when 'Hash'
-	  parameters.merge! argument
-	else
-	  attributes << argument
-	end
-    }
-    if not block.nil?
-      procedure = block
-    elsif (p = parameters[:if])
-      procedure = p
-    else
-      procedure = :always?
-    end
-
-    d = {}
-    attributes.each { | name | d[name] = procedure }
-    write_inheritable_hash(permission, d)
-  end
-
-public
-
-  # Install default permissions for all of the attributes that Rails defines.
-  #
-  # Readable:
-  #	created_at, created_on, type, id, updated_at, updated_on,
-  #	lock_version, position, parent_id, lft, rgt,
-  #	table_name + '_count'
-  #
-  # Writable:
-  #	updated_at, updated_on, lock_version, position, parent_id, lft, rgt
-  #
-  # Writable only before the first save of an Active Record:
-  #	created_at, created_on, type, id
-  #
-  def default_permissions
-    let_read :created_at, :created_on, :type, :id, :updated_at, \
-     :updated_on, :lock_version, :position, :parent_id, :lft, :rgt, \
-     (table_name + '_count').to_sym
-
-    # These shouldn't change after the first save.
-    let_write :created_at, :created_on, :type, :id, :if => :new_record?
-
-    # These can change.
-    let_write :updated_at, :updated_on, :lock_version, :position, :parent_id, \
-     :lft, :rgt
-  end
-
-  # Return true if display of the attribute is permitted. *attribute* is a
-  # symbol, and should match a field in the database schema corresponding to
-  # this model.
-  def display?(attribute)
-    if (d = read_inheritable_attribute(:let_display))
-      return run_tests(d, attribute)
-    else
-      return true
-    end
-  end
-
-  # Declare whether reads and writes are permitted on the named attributes.
-  def let_access(*arguments, &block)
-    let(:let_read, arguments, block)
-    let(:let_write, arguments, block)
-  end
-
-  # Declare whether display of the named attribute is permitted.
-  def let_display(*arguments, &block)
-    let(:let_display, arguments, block)
-  end
-
-
-  # Declare whether read is permitted upon the named attributes.
-  def let_read(*arguments, &block)
-    let(:let_read, arguments, block)
-  end
-
-  # Declare whether write is permitted upon the named attributes.
-  def let_write(*arguments, &block)
-    let(:let_write, arguments, block)
-  end
-end
-
-class ActiveRecord::Base
-private
-  once ('@aliasesDone') {
-    # Provides access to the pre-overload version of read_attribute, which
-    # is called by the overloaded version.
-    alias old_read_attribute read_attribute
-
-    # Provides access to the pre-overload version of write_attribute, which
-    # is called by the overloaded version.
-    alias old_write_attribute write_attribute
-  }
-end

data/templates/lib/user_support.rb

@@ -14,6 +14,8 @@ require 'user'
 require 'modal'
 
 module UserSupport
+  include Modal
+
   # Return true if the currently-logged-in user is the administrator.
   def admin?
     User.admin?
@@ -62,6 +64,10 @@ module UserSupport
   # that expects login information.
   #
   def user_setup
+    # require_* use Modal to return to what they were doing after HTTP
+    # authentication.
+    modal_setup
+
     # This is used by the logout action to discard the old HTTP authentiction.
     # Logout redirects to login and that generates a new authentication
     # request. That request is the only input that can tell the browser to

data/templates/mailer/forgot_password.rhtml

@@ -1,18 +1,12 @@
-<h1>Recover Your Login or Re-Set Your Password</h1>
+Dear <%= @params['name'] %>,
 
-<p>
-Please enter the email address you used when you registered your login.
-A message will be sent to that email with the information you'll need to
-reset your password.
-</p>
-<%= start_form_tag :action => 'forgot_password' %>
-  <table>
-    <tr>
-      <th><label for="user_email">Email</label></th>
-      <td><%= text_field 'user', 'email' %></td>
-    </tr>
-  </table>
-  <%= submit_tag "Send Email" %>
-<%= end_form_tag %>
+To reset the password for your login
+'<%= @params['login'] %>'
+please access the following URL before
+<%= @token_expiry %>:
 
-<%= link_to 'Back', :action => 'list' %>
+<%= @url %>
+
+  Many Thanks
+
+  The Management

data/templates/mailer/new_user.rhtml

@@ -1,7 +1,7 @@
 Dear <%= @params['name'] %>,
 
 Your login
-'<%= @params['login' %>'
+'<%= @params['login'] %>'
 has been created, but you must now activate it.
 To do so, please access the following URL before
 <%= @token_expiry %>:

data/templates/models/user.rb

@@ -92,6 +92,7 @@ private
 
   # These just control display.
   let_display :all, :if => :never?
+  let_display :admin, :activated, :if => :admin?
   let_display :login, :name, :email
 
   # These control both reading and writing.
@@ -115,7 +116,7 @@ private
   # Allow the very first user to be promoted to administrator.
   # Once there's an admin, that user has "let_access :all" and can
   # promote others to administrator.
-  let_write :admin, :if => :initial_self_promotion
+  let_write :admin, :if => :initial_self_promotion?
   
   # If this is a new (never saved) record, or if this record corresponds to
   # the currently-logged-in user, allow reading of the email address.
@@ -137,12 +138,24 @@ private
   # unless this record is new (has never been saved).
   let_write :cypher, :email, :salt, :if => :new_or_me?
 
+  
   # The security token can only be changed if we're the special "login" user.
-  let_write :activated, :token, :token_expiry, :if => :logging_in?
+  let_write :activated, :password, :token, :token_expiry, :if => :logging_in?
 
 public
   attr_accessor :password, :password_confirmation, :old_password
 
+  # NOTE: :password, :password_confirmation, and :old_password
+  # are not attributes of the record, they are instance variables of the
+  # class and aren't written to disk under those names. But I declare them
+  # here because otherwise ModelSecurityHelper (which doesn't know that)
+  # isn't going to allow me to enter them into a form field.
+  #
+  # I like how fine-grained I can get.
+  let_write :password, :if => :new_or_me_or_logging_in?
+  let_write :password_confirmation, :if => :new_or_me?
+  let_write :old_password, :if => :me?
+
   # Change the user's password. Confirm the old password while doing so.
   def change_password(attributes)
     @password_is_new = true
@@ -191,7 +204,7 @@ public
   # himself to administrator. This is used to bootstrap the first administrator
   # and for no other purpose.
   def initial_self_promotion?
-    return (self == User.current and id == 1 and not admin?)
+    return ((id == 1) and (not admin?) and (self.class.count == 1))
   end
 
   # Return true if the user is currently logging in. This security test allows

data/templates/views/forgot_password.rhtml

@@ -0,0 +1,18 @@
+<h1>Recover Your Login or Re-Set Your Password</h1>
+
+<p>
+Please enter the email address you used when you registered your login.
+A message will be sent to that email with the information you'll need to
+reset your password.
+</p>
+<%= start_form_tag :action => 'forgot_password' %>
+  <table>
+    <tr>
+      <th><label for="user_email">Email</label></th>
+      <td><%= text_field 'user', 'email' %></td>
+    </tr>
+  </table>
+  <%= submit_tag "Send Email" %>
+<%= end_form_tag %>
+
+<%= link_to 'Back', :action => 'list' %>

metadata

@@ -3,8 +3,8 @@ rubygems_version: 0.8.4
 specification_version: 1
 name: model_security_generator
 version: !ruby/object:Gem::Version 
-  version: 0.0.3
-date: 2005-09-23
+  version: 0.0.5
+date: 2005-10-04
 summary: "[Rails] Model security and authentication generator."
 require_paths: 
   - "."
@@ -15,7 +15,7 @@ description: Generates Rails code implementing a model security and authenticati
 autorequire: 
 default_executable: 
 bindir: bin
-has_rdoc: false
+has_rdoc: true
 required_ruby_version: !ruby/object:Gem::Version::Requirement 
   requirements: 
     - 
@@ -31,6 +31,8 @@ files:
   - model_security_generator.rb
   - templates/README
   - templates/USAGE
+  - templates/RUN_DEMO
+  - templates/ADD_TO_APPLICATION_CONTROLLER
   - templates/controllers/user_controller.rb
   - templates/db/demo.sql
   - templates/db/users.sql
@@ -49,18 +51,15 @@ files:
   - templates/test/user_controller_test.rb
   - templates/test/user_test.rb
   - templates/test/users.yml
-  - templates/views/_form.rhtml
   - templates/views/activate.rhtml
   - templates/views/admin_created.rhtml
   - templates/views/created.rhtml
-  - templates/views/edit.rhtml
+  - templates/views/forgot_password.rhtml
   - templates/views/forgot_password_done.rhtml
-  - templates/views/list.rhtml
   - templates/views/login.rhtml
   - templates/views/login_admin.rhtml
   - templates/views/logout.rhtml
   - templates/views/new.rhtml
-  - templates/views/show.rhtml
   - templates/views/success.rhtml
 test_files: []
 rdoc_options: []

data/templates/views/_form.rhtml

@@ -1,27 +0,0 @@
-<%= error_messages_for 'user' %>
-
-<!--[form:user]-->
-<table>
-<% for column in User.content_columns %>
-  <% if User.display?(column.name) %>
-    <tr>
-      <th>
-        <label for="user_#{column.name}">
-	  <%= column.human_name %>:
-	</label>
-      </th>
-      <td>
-        <% if column.name.index('password') %>
-	  <%= password_field('user', column.name) %>
-	<% else %>
-	  <%= text_field('user', column.name) %>
-	<% end %>
-      </td>
-    </tr>
-  <% end %>
-<% end %>
-
-</table>
-
-<!--[eoform:user]-->
-

data/templates/views/edit.rhtml

@@ -1,10 +0,0 @@
-<h1>Editing user</h1>
-
-<% error_messages_for 'user' %>
-<%= start_form_tag :action => 'edit', :id => @user %>
-  <%= render_partial 'form' %>
-  <%= submit_tag 'Edit' %>
-<%= end_form_tag %>
-
-<%= link_to 'Show', :action => 'show', :id => @user %> |
-<%= link_to 'Back', :action => 'list' %>

data/templates/views/list.rhtml

@@ -1,35 +0,0 @@
-<h1>Listing users</h1>
-
-<table>
-  <tr>
-    <% for column in User.content_columns %>
-      <% if User.display?(column.name) %>
-        <th><%= column.human_name %></th>
-      <% end %>
-    <% end %>
-  </tr>
-  
-<% for user in @users %>
-  <tr>
-    <% for column in User.content_columns %>
-      <% if User.display?(column.name) %>
-        <% if user.readable?(column.name)  %>
-          <td><%= user.send(column.name) %></td>
-        <% else %>
-          <td></td>
-        <% end %>
-      <% end %>
-    <% end %>
-    <td><%= link_to 'Show', :action => 'show', :id => user %></td>
-    <td><%= link_to 'Edit', :action => 'edit', :id => user %></td>
-    <td><%= link_to 'Destroy', {:action => 'destroy', :id => user}, :confirm => 'Are you sure?' %></td>
-  </tr>
-<% end %>
-</table>
-
-<%= link_to 'Previous page', { :page => @user_pages.current.previous } if @user_pages.current.previous %>
-<%= link_to 'Next page', { :page => @user_pages.current.next } if @user_pages.current.next %> 
-
-<br />
-
-<%= link_to 'New user', :action => 'new' %>

data/templates/views/show.rhtml

@@ -1,10 +0,0 @@
-<% for column in User.content_columns %>
-  <% if User.display?(column.name) and @user.readable?(column.name) %>
-    <p>
-      <b><%= column.human_name %>:</b> <%=h @user.send(column.name) %>
-    </p>
-  <% end %>
-<% end %>
-
-<%= link_to 'Edit', :action => 'edit', :id => @user %> |
-<%= link_to 'Back', :action => 'list' %>