protected 1.0.0

data/app/views/protected/admin/users/_form.html.haml

@@ -0,0 +1,27 @@
+- if @user.errors.any?
+  %div{ :class => 'alert-message block-message error', :id => 'error_explanation'}
+    %h3== #{pluralize(@user.errors.count, "error")} prohibited this user from being saved:
+
+    %ul
+      - @user.errors.full_messages.each do |msg|
+        %li= msg
+%div.control-group
+  = f.label :first_name, {:class => 'control-label' }
+  %div.controls
+    = f.text_field :first_name, :autocomplete => 'off'
+%div.control-group
+  = f.label :last_name, {:class => 'control-label' }
+  %div.controls
+    = f.text_field :last_name, :autocomplete => 'off'
+%div.control-group
+  = f.label :company, {:class => 'control-label' }
+  %div.controls
+    = f.text_field :company, :autocomplete => 'off'
+%div.control-group
+  = f.label :login, {:class => 'control-label' }
+  %div.controls
+    = f.text_field :login, :class => 'logintext', :autocomplete => 'off', :disabled => !@user.new_record?
+%div.control-group
+  = f.label :email, {:class => 'control-label' }
+  %div.controls
+    = f.email_field :email, :class => 'logintext', :autocomplete => 'off', :disabled => !@user.new_record?

data/app/views/protected/admin/users/_password_fields.html.haml

@@ -0,0 +1,9 @@
+- if @user.new_record?
+  %div{:class => 'clearfix'}
+    = f.label :password
+    %div{:class => 'input'}
+      = f.password_field :password, :class => 'logintext', :autocomplete => 'off'
+  %div{:class => 'clearfix'}
+    = f.label :password_confirmation
+    %div{:class => 'input'}
+      = f.password_field :password_confirmation, :class => 'logintext', :autocomplete => 'off'

data/app/views/protected/admin/users/_role_fields.html.haml

@@ -0,0 +1,10 @@
+- if f.object != current_user
+  %div.control-group
+    = f.label "User Role", {:class => 'control-label' }
+    %div.controls
+      %label.radio
+        = f.radio_button :is_admin, false
+        Normal User
+      %label.radio
+        = f.radio_button :is_admin, true
+        Admin User

data/app/views/protected/admin/users/confirm_delete.html.haml

@@ -0,0 +1,9 @@
+%h3 Delete User Account
+%div{:class => "alert-message block-message error" }
+  %p 
+    %strong Be Careful!
+    Are you sure you want to delete this user account? It cannot be undone.
+  %div{ :class => 'alert-actions' }
+    = form_for(['admin',@user], :method => 'DELETE') do |f| 
+      =f.submit 'Yes, Delete User', :class => 'btn danger'
+      =link_to 'Cancel', ['admin','users'], :class =>'btn'

data/app/views/protected/admin/users/edit.html.haml

@@ -0,0 +1,9 @@
+= form_for(['admin',@user], :method => 'PUT', :html => { :autocomplete => "off", :class => "form-horizontal" }) do |f| 
+  %fieldset 
+    %legend Edit User
+    = render :partial => 'form', :locals => { :f => f }
+    = render :partial => 'password_fields', :locals => { :f => f }
+    = render :partial => 'role_fields', :locals => { :f => f }
+  %div.form-actions
+    = f.submit 'Save Changes', :class => 'btn btn-primary'
+    = link_to 'Cancel', ['admin','users'], :class => 'btn'

data/app/views/protected/admin/users/index.html.haml

@@ -0,0 +1,27 @@
+%h2 Users
+%div.clearfix
+  = will_paginate(@users)
+%table.table.table-bordered.table-striped
+  %thead
+    %tr
+      %th Name
+      %th Email
+      %th Role
+      %th Actions
+  %tbody
+    - @users.each do |u|
+      %tr
+        %td=u.name
+        %td=u.email
+        %td=u.is_admin? ? 'Admin' : 'Default'
+        %td 
+          =link_to 'Edit', ['edit','admin',u], :class =>'btn'
+          =link_to 'Unlock', ['unlock','admin',u], :class =>'btn' if u != current_user and u.access_locked?
+          =link_to 'Delete', ['confirm_delete','admin',u], :class =>'btn btn-danger' unless u == current_user
+
+%div.clearfix
+  = will_paginate(@users)
+
+%div{:class =>'well' }
+  =link_to 'New User', ['new','admin','user'], :class => 'btn large primary'
+

data/app/views/protected/admin/users/new.html.haml

@@ -0,0 +1,9 @@
+= form_for(['admin',@user], :html => { :autocomplete => "off", :class => "form-horizontal" }) do |f| 
+  %fieldset 
+    %legend New User
+    = render :partial => 'form', :locals => { :f => f }
+    = render :partial => 'role_fields', :locals => { :f => f }
+  %div.form-actions
+    = f.submit 'Create User', :class => 'btn btn-primary'
+    = link_to 'Cancel', ['admin','users'], :class => 'btn'
+  

data/app/views/protected/passwords/edit.html.haml

@@ -0,0 +1,28 @@
+.container.pageHeading
+  %h2.pull-left Change your password
+.container
+  .row
+    .span16
+      = form_for(resource, :as => resource_name, :url => update_password_url(resource_name), :html => { :method => :put }) do |f|
+        = password_instructions(devise_error_messages!)
+        - if resource.errors.any?
+          %div{ :class => 'alert-message block-message error', :id => 'error_explanation'}
+            %h3== #{pluralize(resource.errors.count, "error")} prohibited this user from being saved:
+
+            %ul
+              - resource.errors.full_messages.each do |msg|
+                %li= msg
+        
+        %div{:style => "margin:0;padding:0;display:inline"}
+          = f.hidden_field :reset_password_token
+        %fieldset
+          .clearfix
+            = f.label :password, "New password"
+            .input
+              = f.password_field :password, :value => '', :autocomplete => 'off'
+          .clearfix
+            = f.label :password_confirmation, "Confirm new password"
+            .input
+              = f.password_field :password_confirmation, :autocomplete => 'off'
+          .actions
+            = f.submit "Change my password", :class => "btn primary"

data/app/views/protected/passwords/forgot_password.html.haml

@@ -0,0 +1,20 @@
+%div.container.pageContainer2
+  %div.row.prepend-top
+    %div.row.show-grid
+      %div.clearFloat.sectionHeading
+        %h3.pull-left.clearfix Forgot your password?
+      =form_for(resource, :as => resource_name, :url => password_url(resource_name), :html => { :method => :post }) do |f|
+        = password_instructions(devise_error_messages!)
+        %div{:class => 'instructions'} 1. Enter the email address that was used to create the account <br/> 2. An email will be sent shortly containing instructions on resetting password
+        %fieldset
+          %div{:class => 'clearfix'}
+            = f.label :email
+            %div{:class => 'input'}
+              = f.email_field :email, :autocomplete => 'off'
+          %div{:class => 'clearfix'}
+            %label
+              &nbsp;
+        %div{:class => 'well'}
+          = f.submit "Send me reset password instructions", :class => "btn primary"
+  = render :partial => "devise/shared/links"
+

data/app/views/protected/passwords/new.html.haml

@@ -0,0 +1,22 @@
+%div.container.pageContainer2
+  %div.row.prepend-top
+    %div.row.show-grid
+      %div.span-one-half
+        %div.clearFloat.sectionHeading
+          %h3.pull-left.clearfix Forgot your password?
+        %div{:class => 'instructions'} 
+          1. Enter the email address that was used to create the account 
+          %br 2. An email will be sent shortly containing instructions on resetting password
+        =form_for(resource, :as => resource_name, :url => create_password_url(resource_name), :html => { :method => :post }) do |f|
+          = devise_error_messages!
+          %fieldset
+            %div{:class => 'clearfix'}
+              = f.label :email
+              %div{:class => 'input'}
+                = f.email_field :email, :autocomplete => 'off'
+            %div{:class => 'clearfix'}
+            = f.submit "Send me reset password instructions", :class => "btn primary"
+            = render :partial => "devise/shared/links.erb"
+      %div.span-one-half
+        %div.clearFloat.sectionHeading
+          %h3.pull-left.clearfix  

data/app/views/protected/sessions/first_login.html.haml

@@ -0,0 +1,25 @@
+- if current_user.errors.any?
+  %div{ :class => 'alert-message block-message error', :id => 'error_explanation'}
+    %h3== #{pluralize(current_user.errors.count, "error")} prohibited this user from being saved:
+
+    %ul
+      - current_user.errors.full_messages.each do |msg|
+        %li= msg
+
+= form_for(current_user, :url => update_first_login_url, :html => { :autocomplete => "off", :class => "form-horizontal" }) do |f|
+  %fieldset
+    %legend Change Password
+    %div.control-group
+      = f.label :current_password, "Current Password", {:class => 'control-label'}
+      %div.controls
+        = f.password_field :current_password, :autocomplete => 'off', :class => 'span3'
+    %div.control-group
+      = f.label :password, "Password", {:class => 'control-label'}
+      %div.controls
+        = f.password_field :password, :autocomplete => 'off', :class => 'span3'
+    %div.control-group
+      = f.label :password_confirmation, "Confirm Password", {:class => 'control-label'}
+      %div.controls
+        = f.password_field :password_confirmation, :autocomplete => 'off', :class => 'span3'
+    %div.form-actions
+      = f.submit "Save Changes", :class => "btn btn-primary", :tabindex => 3

data/app/views/protected/sessions/new.html.haml

@@ -0,0 +1,22 @@
+= form_for(resource, :as => resource_name, :url => user_session_url, :html => { :autocomplete => "off", :class => "form-horizontal" }) do |f|
+  %fieldset
+    %legend Login
+    %div.control-group
+      = f.label :login, "Username", {:class => 'control-label'}
+      %div.controls
+        = f.text_field :login, :tabindex => 1, :value => '', :autocomplete => 'off', :size => '30', :class => 'span3'
+    %div.control-group
+      = f.label :password, "Password", {:class => 'control-label'}
+      %div.controls
+        = f.password_field :password, :tabindex => 2, :autocomplete => 'off', :class => 'span3'
+    %div.control-group
+      %div.controls
+        %label.checkbox
+          %input{ :id => "wants_first_login", :value => "1",:type => 'checkbox', :name => "wants_first_login", :tabindex => 5}
+          Change password after login
+    %div.form-actions
+      %label.control-label  
+      = f.submit "Login", :class => "btn btn-primary", :tabindex => 3
+    %div.control-group
+      %div.controls
+        %a{:href => new_user_password_url(resource_name), :tabindex => 4} I have forgotten my password

data/app/views/protected/sessions/not_authorized.html.haml

@@ -0,0 +1,9 @@
+%h3 Not Authorized
+%div{:class => "alert alert-error" }
+  %h4.alert-heading
+    403 error - Access denied
+
+  You are not authorized to view this page using credentials you supplied.
+  %br 
+    Return to the
+    =link_to 'homepage', root_url

data/app/views/protected/users/_form.html.haml

@@ -0,0 +1,19 @@
+- if current_user.errors.any?
+  %div{ :class => 'alert-message block-message error', :id => 'error_explanation'}
+    %h3== #{pluralize(current_user.errors.count, "error")} prohibited this user from being saved:
+
+    %ul
+      - current_user.errors.full_messages.each do |msg|
+        %li= msg
+%div{:class => 'clearfix'}
+  = f.label :name
+  %div{:class => 'input'}
+    = f.text_field :name, :class => 'logintext', :autocomplete => 'off'
+%div{:class => 'clearfix'}
+  = f.label :password
+  %div{:class => 'input'}
+    = f.password_field :password, :class => 'logintext', :autocomplete => 'off'
+%div{:class => 'clearfix'}
+  = f.label :password_confirmation
+  %div{:class => 'input'}
+    = f.password_field :password_confirmation, :class => 'logintext', :autocomplete => 'off'

data/app/views/protected/users/edit.html.haml

@@ -0,0 +1,19 @@
+- if current_user.errors.any?
+  %div{ :class => 'alert-message block-message error', :id => 'error_explanation'}
+    %h3== #{pluralize(current_user.errors.count, "error")} prohibited this user from being saved:
+
+    %ul
+      - current_user.errors.full_messages.each do |msg|
+        %li= msg
+
+%div.container.pageContainer2
+  %div.row.prepend-top
+    %div.row.show-grid
+      %div.span8.offset4
+        = form_for([current_user], :method => 'PUT') do |f| 
+          %div.clearFloat.sectionHeading
+            %h3.pull-left.clearfix Edit Your Account
+          = render :partial => '/users/form', :locals => { :f => f }
+          %div.clearFloat
+            = f.submit 'Save Changes', :class => 'btn primary'
+            = link_to 'Cancel',root_url, :class => 'btn'

data/app/views/user_mailer/welcome_existing_user.haml

@@ -0,0 +1,5 @@
+%p= "Welcome #{@resource.name}!"
+%p You can login to your account through the link below:
+%p= link_to('Log in to my account', root_url)
+%p Your login and password are the same as those specified in your Active Directory account.
+%p Please do not reply to this email.

data/app/views/user_mailer/welcome_login_instructions.html.haml

@@ -0,0 +1,6 @@
+%p= "Welcome #{@resource.name}!"
+%p You can login to your account through the link below:
+%p= link_to('Log in to my account', root_url)
+%p= "Your login name is #{@resource.login}"
+%p You would receive the password in a separate mail.
+%p Please do not reply to this email.

data/app/views/user_mailer/welcome_password_instructions.haml

@@ -0,0 +1,7 @@
+%p= "Welcome #{@resource.name}!"
+%p You can login to your account through the link below:
+%p= link_to('Log in to my account', root_url)
+%p= "Your password is #{raw @resource.password}"
+%p Use the login name you must have received in a previous mail.
+%p Please change your password on your first login.
+%p Please do not reply to this email.

data/config/initializers/devise.rb

@@ -0,0 +1,220 @@
+# Use this hook to configure devise mailer, warden hooks and so forth.
+# Many of these configuration options can be set straight in your model.
+Devise.setup do |config|
+  # ==> Mailer Configuration
+  # Configure the e-mail address which will be shown in Devise::Mailer,
+  # note that it will be overwritten if you use your own mailer class with default "from" parameter.
+  config.mailer_sender = "'Test ' <no-reply@change_me.com>"
+
+  # Configure the class responsible to send e-mails.
+  # config.mailer = "Devise::Mailer"
+
+  # ==> ORM configuration
+  # Load and configure the ORM. Supports :active_record (default) and
+  # :mongoid (bson_ext recommended) by default. Other ORMs may be
+  # available as additional gems.
+  require 'devise/orm/active_record'
+
+  # ==> Configuration for any authentication mechanism
+  # Configure which keys are used when authenticating a user. The default is
+  # just :email. You can configure it to use [:username, :subdomain], so for
+  # authenticating a user, both parameters are required. Remember that those
+  # parameters are used only when authenticating and not when retrieving from
+  # session. If you need permissions, you should implement that in a before filter.
+  # You can also supply a hash where the value is a boolean determining whether
+  # or not authentication should be aborted when the value is not present.
+  # config.authentication_keys = [ :email ]
+  config.authentication_keys = [ :login ]
+
+  # Configure parameters from the request object used for authentication. Each entry
+  # given should be a request method and it will automatically be passed to the
+  # find_for_authentication method and considered in your model lookup. For instance,
+  # if you set :request_keys to [:subdomain], :subdomain will be used on authentication.
+  # The same considerations mentioned for authentication_keys also apply to request_keys.
+  # config.request_keys = []
+
+  # Configure which authentication keys should be case-insensitive.
+  # These keys will be downcased upon creating or modifying a user and when used
+  # to authenticate or find a user. Default is :email.
+  config.case_insensitive_keys = [ :email, :login ]
+
+  # Configure which authentication keys should have whitespace stripped.
+  # These keys will have whitespace before and after removed upon creating or
+  # modifying a user and when used to authenticate or find a user. Default is :email.
+  config.strip_whitespace_keys = [ :email, :login ]
+
+  # Tell if authentication through request.params is enabled. True by default.
+  # config.params_authenticatable = true
+
+  # Tell if authentication through HTTP Basic Auth is enabled. False by default.
+  # config.http_authenticatable = false
+
+  # If http headers should be returned for AJAX requests. True by default.
+  # config.http_authenticatable_on_xhr = true
+
+  # The realm used in Http Basic Authentication. "Application" by default.
+  # config.http_authentication_realm = "Application"
+
+  # It will change confirmation, password recovery and other workflows
+  # to behave the same regardless if the e-mail provided was right or wrong.
+  # Does not affect registerable.
+  # config.paranoid = true
+
+  # ==> Configuration for :database_authenticatable
+  # For bcrypt, this is the cost for hashing the password and defaults to 10. If
+  # using other encryptors, it sets how many times you want the password re-encrypted.
+  #
+  # Limiting the stretches to just one in testing will increase the performance of
+  # your test suite dramatically. However, it is STRONGLY RECOMMENDED to not use
+  # a value less than 10 in other environments.
+  config.stretches = Rails.env.test? ? 1 : 10
+
+  # Setup a pepper to generate the encrypted password.
+  # config.pepper = <%= SecureRandom.hex(64).inspect %>
+  config.pepper = "7e6bee70369b7bc489e4720faf3fe16d13ae3d683172be8f8beeefc824b3acad579cfde93176a6fad70b454a8c8e7a812a66817bf8e5e7825a04d136f20e42ad"
+
+  # ==> Configuration for :confirmable
+  # A period that the user is allowed to access the website even without
+  # confirming his account. For instance, if set to 2.days, the user will be
+  # able to access the website for two days without confirming his account,
+  # access will be blocked just in the third day. Default is 0.days, meaning
+  # the user cannot access the website without confirming his account.
+  # config.confirm_within = 2.days
+
+  # Defines which key will be used when confirming an account
+  # config.confirmation_keys = [ :email ]
+
+  # ==> Configuration for :rememberable
+  # The time the user will be remembered without asking for credentials again.
+  # config.remember_for = 2.weeks
+
+  # If true, a valid remember token can be re-used between multiple browsers.
+  # config.remember_across_browsers = true
+
+  # If true, extends the user's remember period when remembered via cookie.
+  # config.extend_remember_period = false
+
+  # If true, uses the password salt as remember token. This should be turned
+  # to false if you are not using database authenticatable.
+  config.use_salt_as_remember_token = true
+
+  # Options to be passed to the created cookie. For instance, you can set
+  # :secure => true in order to force SSL only cookies.
+  # config.cookie_options = {}
+
+  # ==> Configuration for :validatable
+  # Range for password length. Default is 6..128.
+  config.password_length = 8..128
+
+  # Email regex used to validate email formats. It simply asserts that
+  # an one (and only one) @ exists in the given string. This is mainly
+  # to give user feedback and not to assert the e-mail validity.
+  # config.email_regexp = /\A[^@]+@[^@]+\z/
+
+  # ==> Configuration for :timeoutable
+  # The time you want to timeout the user session without activity. After this
+  # time the user will be asked for credentials again. Default is 30 minutes.
+  # config.timeout_in = 30.minutes
+
+  # ==> Configuration for :lockable
+  # Defines which strategy will be used to lock an account.
+  # :failed_attempts = Locks an account after a number of failed attempts to sign in.
+  # :none            = No lock strategy. You should handle locking by yourself.
+  config.lock_strategy = :failed_attempts
+
+  # Defines which key will be used when locking and unlocking an account
+  # config.unlock_keys = [ :email ]
+
+  # Defines which strategy will be used to unlock an account.
+  # :email = Sends an unlock link to the user email
+  # :time  = Re-enables login after a certain amount of time (see :unlock_in below)
+  # :both  = Enables both strategies
+  # :none  = No unlock strategy. You should handle unlocking by yourself.
+  # config.unlock_strategy = :both
+
+  # Number of authentication tries before locking an account if lock_strategy
+  # is failed attempts.
+  # config.maximum_attempts = 20
+
+  # Time interval to unlock the account if :time is enabled as unlock_strategy.
+  # config.unlock_in = 1.hour
+
+  # ==> Configuration for :recoverable
+  #
+  # Defines which key will be used when recovering the password for an account
+  # config.reset_password_keys = [ :email ]
+
+  # Time interval you can reset your password with a reset password key.
+  # Don't put a too small interval or your users won't have the time to
+  # change their passwords.
+  config.reset_password_within = 2.hours
+
+  # ==> Configuration for :encryptable
+  # Allow you to use another encryption algorithm besides bcrypt (default). You can use
+  # :sha1, :sha512 or encryptors from others authentication tools as :clearance_sha1,
+  # :authlogic_sha512 (then you should set stretches above to 20 for default behavior)
+  # and :restful_authentication_sha1 (then you should set stretches to 10, and copy
+  # REST_AUTH_SITE_KEY to pepper)
+  config.encryptor = :bcrypt
+  # config.password_archiving_count = 5
+  # config.deny_old_passwords = true
+
+  # ==> Configuration for :token_authenticatable
+  # Defines name of the authentication token params key
+  # config.token_authentication_key = :auth_token
+
+  # If true, authentication through token does not store user in session and needs
+  # to be supplied on each request. Useful if you are using the token as API token.
+  # config.stateless_token = false
+
+  # ==> Scopes configuration
+  # Turn scoped views on. Before rendering "sessions/new", it will first check for
+  # "users/sessions/new". It's turned off by default because it's slower if you
+  # are using only default views.
+  # config.scoped_views = false
+
+  # Configure the default scope given to Warden. By default it's the first
+  # devise role declared in your routes (usually :user).
+  # config.default_scope = :user
+
+  # Configure sign_out behavior.
+  # Sign_out action can be scoped (i.e. /users/sign_out affects only :user scope).
+  # The default is true, which means any logout action will sign out all active scopes.
+  # config.sign_out_all_scopes = true
+
+  # ==> Navigation configuration
+  # Lists the formats that should be treated as navigational. Formats like
+  # :html, should redirect to the sign in page when the user does not have
+  # access, but formats like :xml or :json, should return 401.
+  #
+  # If you have any extra navigational formats, like :iphone or :mobile, you
+  # should add them to the navigational formats lists.
+  #
+  # The :"*/*" and "*/*" formats below is required to match Internet
+  # Explorer requests.
+  # config.navigational_formats = [:"*/*", "*/*", :html]
+
+  # The default HTTP method used to sign out a resource. Default is :delete.
+  config.sign_out_via = :delete
+
+  # ==> OmniAuth
+  # Add a new OmniAuth provider. Check the wiki for more information on setting
+  # up on your models and hooks.
+  # config.omniauth :github, 'APP_ID', 'APP_SECRET', :scope => 'user,public_repo'
+
+  # ==> Warden configuration
+  # If you want to use other strategies, that are not supported by Devise, or
+  # change the failure app, you can configure them inside the config.warden block.
+  #
+  # config.warden do |manager|
+  #   manager.intercept_401 = false
+  #   manager.default_strategies(:scope => :user).unshift :some_external_strategy
+  # end
+
+  config.warden do |manager|
+    manager.intercept_401 = false
+    manager.default_strategies(:scope => :user).unshift :database_authenticatable
+  end
+  config.router_name = :protected
+  config.parent_controller = 'ActionController::Base'
+end