rad_kit 0.0.8 → 0.0.9
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/lib/components/captcha.rb +4 -4
- data/lib/components/kit.rb +5 -5
- data/lib/components/kit.yml +0 -2
- data/lib/components/models.rb +2 -5
- data/lib/components/models.yml +3 -0
- data/lib/kit/controller/authorized.rb +9 -8
- data/lib/kit/controller/captcha.rb +6 -6
- data/lib/kit/controller/localized.rb +2 -2
- data/lib/kit/gems.rb +12 -8
- data/lib/kit/i18n.rb +3 -3
- data/lib/kit/i18n/locales/ru/pluralization.rb +3 -3
- data/lib/kit/kit.rb +7 -7
- data/lib/kit/kit_text_utils.rb +6 -6
- data/lib/kit/misc/prepare_model.rb +4 -4
- data/lib/kit/models.rb +22 -5
- data/lib/kit/models/attachment_file.rb +27 -0
- data/lib/kit/models/{attachments_uploader_helper.rb → attachments_helper.rb} +34 -28
- data/lib/kit/models/authorized.rb +64 -63
- data/lib/kit/models/authorized_object.rb +70 -73
- data/lib/kit/models/base_file.rb +37 -0
- data/lib/kit/models/config.rb +30 -0
- data/lib/kit/models/indexes.rb +30 -0
- data/lib/kit/models/miscellaneous.rb +7 -1
- data/lib/kit/models/role.rb +17 -17
- data/lib/kit/models/tags.rb +71 -0
- data/lib/kit/models/tags_mixin.rb +39 -0
- data/lib/kit/mongodb_model.rb +13 -0
- data/lib/kit/mongodb_model/text_processor.rb +32 -0
- data/lib/kit/spec.rb +30 -30
- data/lib/kit/spec/items_controller_crud.rb +9 -9
- data/lib/kit/support.rb +1 -1
- data/lib/kit/tasks.rb +3 -7
- data/lib/text_utils.rb +2 -2
- data/lib/text_utils/code_highlighter.rb +17 -17
- data/lib/text_utils/custom_markdown.rb +7 -7
- data/lib/text_utils/ensure_utf.rb +3 -3
- data/lib/text_utils/format_qualifier.rb +2 -2
- data/lib/text_utils/html_sanitizer.rb +9 -9
- data/lib/text_utils/markdown.rb +9 -9
- data/lib/text_utils/pipe.rb +1 -1
- data/lib/text_utils/processor.rb +3 -3
- data/lib/text_utils/support.rb +3 -3
- data/lib/text_utils/truncate.rb +4 -4
- data/readme.md +3 -1
- data/spec/controller/authorization_spec.rb +45 -45
- data/spec/controller/captcha_spec.rb +18 -18
- data/spec/controller/comments_spec.rb +16 -14
- data/spec/controller/items_spec.rb +16 -17
- data/spec/i18n/i18n_spec.rb +5 -5
- data/spec/misc/kit_text_utils_spec.rb +5 -5
- data/spec/misc/prepare_model_spec.rb +6 -6
- data/spec/misc/user_error_spec.rb +8 -8
- data/spec/models/{attachments_uploader_helper_spec.rb → attachments_helper_spec.rb} +46 -50
- data/spec/models/{attachments_uploader_helper_spec → attachments_helper_spec}/v1/a.txt +0 -0
- data/spec/models/{attachments_uploader_helper_spec → attachments_helper_spec}/v1/b.txt +0 -0
- data/spec/models/{attachments_uploader_helper_spec → attachments_helper_spec}/v2/a.txt +0 -0
- data/spec/models/attachments_spec.rb +4 -7
- data/spec/models/authorization_spec.rb +15 -15
- data/spec/models/authorized_object_spec.rb +75 -75
- data/spec/models/item_spec.rb +44 -40
- data/spec/models/role_spec.rb +4 -4
- data/spec/models/tags_spec.rb +47 -21
- data/spec/models/uploader_spec.rb +13 -23
- data/spec/mongodb_model/text_processor_spec.rb +26 -0
- data/spec/spec_helper.rb +6 -4
- data/spec/spec_helper/factories.rb +3 -3
- data/spec/spec_helper/user.rb +4 -7
- data/spec/text_utils/code_highlighter_spec.rb +7 -7
- data/spec/text_utils/custom_markdown_spec.rb +14 -14
- data/spec/text_utils/format_qualifier_spec.rb +6 -6
- data/spec/text_utils/html_sanitizer_spec.rb +15 -15
- data/spec/text_utils/markdown_spec.rb +17 -17
- data/spec/text_utils/pipe_spec.rb +5 -5
- data/spec/text_utils/spec_helper.rb +1 -1
- data/spec/text_utils/text_processor_shared.rb +1 -1
- data/spec/text_utils/truncate_spec.rb +5 -5
- metadata +118 -114
- data/lib/kit/models/attachment_uploader.rb +0 -15
- data/lib/kit/models/file_uploader.rb +0 -26
- data/lib/kit/models_after.rb +0 -27
- data/lib/kit/mongoid.rb +0 -22
- data/lib/kit/mongoid/rad_miscellaneous.rb +0 -36
- data/lib/kit/mongoid/text_processor.rb +0 -44
- data/spec/mongoid/basic_spec.rb +0 -36
@@ -1,50 +1,50 @@
|
|
1
|
-
module
|
2
|
-
extend ActiveSupport::Concern
|
3
|
-
|
1
|
+
module Models::Authorized
|
4
2
|
class << self
|
5
3
|
attr_writer :custom_permissions
|
6
|
-
def custom_permissions; @custom_permissions ||= {} end
|
4
|
+
def custom_permissions; @custom_permissions ||= {} end
|
7
5
|
def permissions
|
8
6
|
@default_permissions ||= YAML.load_file("#{__FILE__.dirname}/default_permissions.yml").freeze
|
9
7
|
@default_permissions.merge(rad.config.permissions).merge(custom_permissions)
|
10
8
|
end
|
11
9
|
end
|
12
|
-
|
13
|
-
|
10
|
+
|
11
|
+
rad.extension :model_authorization, self do
|
12
|
+
define_method(:roles){@roles ||= []}
|
13
|
+
attr_writer :roles
|
14
|
+
# field :roles, type: Array, protected: true, default: []
|
15
|
+
|
16
|
+
alias_method :mm_roles, :roles
|
17
|
+
alias_method :mm_roles=, :roles=
|
18
|
+
|
19
|
+
attr_accessor :admin
|
20
|
+
# field :admin, type: Boolean, protected: true, default: false
|
21
|
+
end
|
22
|
+
|
23
|
+
inherited do
|
14
24
|
validate :validate_anonymous
|
15
|
-
validates_exclusion_of :name, in: Role::PRESERVED_USER_NAMES, if: lambda{|u| u.new_record?}
|
16
|
-
|
17
|
-
rad.extension :model_authorization, self do
|
18
|
-
field :roles, type: Array, protected: true, default: []
|
19
|
-
alias_method :mm_roles, :roles
|
20
|
-
alias_method :mm_roles=, :roles=
|
21
|
-
|
22
|
-
field :admin, type: Boolean, protected: true, default: false
|
23
|
-
end
|
24
|
-
|
25
|
-
alias_method :roles, :handy_roles
|
25
|
+
validates_exclusion_of :name, in: Role::PRESERVED_USER_NAMES, if: lambda{|u| u.new_record?}
|
26
26
|
end
|
27
|
-
|
27
|
+
|
28
28
|
module ClassMethods
|
29
29
|
def anonymous
|
30
30
|
Models::User.by_name('anonymous') || raise("You probably don't create Anonymous User!")
|
31
31
|
end
|
32
32
|
end
|
33
|
-
|
34
|
-
#
|
33
|
+
|
34
|
+
#
|
35
35
|
# Owner
|
36
|
-
#
|
36
|
+
#
|
37
37
|
def owner_name; anonymous? ? nil : name end
|
38
|
-
|
38
|
+
|
39
39
|
def owner? object
|
40
40
|
!object.blank? and !name.blank? and !anonymous? and object.respond_to(:owner_name) == self.name
|
41
41
|
end
|
42
|
-
|
43
|
-
#
|
42
|
+
|
43
|
+
#
|
44
44
|
# Roles
|
45
|
-
#
|
45
|
+
#
|
46
46
|
def self.anonymous? name; name == 'anonymous' end
|
47
|
-
def anonymous?;
|
47
|
+
def anonymous?; Models::Authorized.anonymous?(name) end
|
48
48
|
|
49
49
|
def registered?
|
50
50
|
!anonymous?
|
@@ -55,11 +55,11 @@ module Mongoid::Authorized
|
|
55
55
|
unless roles.include? role
|
56
56
|
if role == 'admin'
|
57
57
|
self.admin = true
|
58
|
-
else
|
58
|
+
else
|
59
59
|
self.mm_roles -= Role.denormalize_to_lower_roles [role]
|
60
60
|
self.mm_roles += [role]
|
61
|
-
end
|
62
|
-
|
61
|
+
end
|
62
|
+
_cache.clear
|
63
63
|
end
|
64
64
|
roles
|
65
65
|
end
|
@@ -72,18 +72,18 @@ module Mongoid::Authorized
|
|
72
72
|
else
|
73
73
|
self.mm_roles -= Role.denormalize_to_higher_roles [role]
|
74
74
|
end
|
75
|
-
|
76
|
-
end
|
75
|
+
_cache.clear
|
76
|
+
end
|
77
77
|
roles
|
78
78
|
end
|
79
|
-
|
80
|
-
def handy_roles
|
81
|
-
unless roles =
|
79
|
+
|
80
|
+
def handy_roles
|
81
|
+
unless roles = _cache[:roles]
|
82
82
|
roles = if self.mm_roles.empty?
|
83
83
|
['user']
|
84
84
|
else
|
85
85
|
Role.denormalize_to_lower_roles self.mm_roles
|
86
|
-
end
|
86
|
+
end
|
87
87
|
if anonymous?
|
88
88
|
roles << 'anonymous'
|
89
89
|
else
|
@@ -94,77 +94,78 @@ module Mongoid::Authorized
|
|
94
94
|
roles << 'admin'
|
95
95
|
%w(manager member).each{|r| roles << r unless roles.include? r}
|
96
96
|
end
|
97
|
-
|
97
|
+
|
98
98
|
roles.must_be == roles.uniq
|
99
|
-
|
100
|
-
roles = HandyRoles.new roles.sort
|
101
|
-
|
99
|
+
|
100
|
+
roles = HandyRoles.new roles.sort
|
101
|
+
_cache[:roles] = roles
|
102
102
|
end
|
103
103
|
roles
|
104
104
|
end
|
105
|
+
alias_method :roles, :handy_roles
|
105
106
|
|
106
107
|
def major_roles
|
107
|
-
|
108
|
+
_cache[:major_roles] ||= Role.major_roles roles
|
108
109
|
end
|
109
110
|
|
110
111
|
def has_role? role
|
111
112
|
roles.include? role
|
112
113
|
end
|
113
|
-
|
114
|
-
|
115
|
-
#
|
114
|
+
|
115
|
+
|
116
|
+
#
|
116
117
|
# can?
|
117
|
-
#
|
118
|
+
#
|
118
119
|
def can? operation, object = nil
|
119
120
|
operation = operation.to_s
|
120
|
-
|
121
|
+
|
121
122
|
return true if has_role?(:admin)
|
122
123
|
|
123
124
|
custom_method = "able_#{operation}?"
|
124
125
|
return object.send custom_method, self if object.respond_to? custom_method
|
125
|
-
|
126
|
+
|
126
127
|
(
|
127
|
-
effective_permissions[operation] or
|
128
|
+
effective_permissions[operation] or
|
128
129
|
(owner?(object) and effective_permissions_as_owner[operation])
|
129
130
|
)
|
130
131
|
end
|
131
|
-
|
132
|
+
|
132
133
|
def can_view? object
|
133
134
|
can? :view, object
|
134
135
|
end
|
135
|
-
|
136
|
-
|
137
|
-
#
|
136
|
+
|
137
|
+
|
138
|
+
#
|
138
139
|
# Effective Permissions
|
139
|
-
#
|
140
|
+
#
|
140
141
|
def effective_permissions
|
141
|
-
unless ep =
|
142
|
+
unless ep = _cache[:effective_permissions]
|
142
143
|
ep = calculate_effective_roles_for roles
|
143
|
-
|
144
|
+
_cache[:effective_permissions] = ep
|
144
145
|
end
|
145
146
|
ep
|
146
147
|
end
|
147
148
|
|
148
149
|
def effective_permissions_as_owner
|
149
|
-
unless epo =
|
150
|
+
unless epo = _cache[:effective_permissions_as_owner]
|
150
151
|
epo = calculate_effective_roles_for ['owner']
|
151
|
-
|
152
|
+
_cache[:effective_permissions_as_owner] = epo
|
152
153
|
end
|
153
154
|
epo
|
154
155
|
end
|
155
156
|
|
156
|
-
protected
|
157
|
-
def calculate_effective_roles_for roles
|
157
|
+
protected
|
158
|
+
def calculate_effective_roles_for roles
|
158
159
|
effective_permissions = {}
|
159
|
-
permissions = ::
|
160
|
+
permissions = ::Models::Authorized.permissions
|
160
161
|
permissions.each do |operation, allowed_roles|
|
161
162
|
operation = operation.to_s
|
162
163
|
effective_permissions[operation.to_s] = roles.any?{|role| allowed_roles.include? role}
|
163
164
|
end
|
164
165
|
effective_permissions
|
165
166
|
end
|
166
|
-
|
167
|
-
def validate_anonymous
|
167
|
+
|
168
|
+
def validate_anonymous
|
168
169
|
errors.add :base, "Anonymous can't have any roles!" if anonymous? and !self.mm_roles.blank?
|
169
170
|
end
|
170
171
|
|
@@ -173,7 +174,7 @@ module Mongoid::Authorized
|
|
173
174
|
super role.to_s
|
174
175
|
end
|
175
176
|
alias_method :has?, :include?
|
176
|
-
|
177
|
+
|
177
178
|
protected
|
178
179
|
def method_missing m, *args, &block
|
179
180
|
m = m.to_s
|
@@ -182,5 +183,5 @@ module Mongoid::Authorized
|
|
182
183
|
self.include? m[0..-2]
|
183
184
|
end
|
184
185
|
end
|
185
|
-
|
186
|
+
|
186
187
|
end
|
@@ -1,166 +1,163 @@
|
|
1
|
-
module
|
2
|
-
|
3
|
-
|
4
|
-
|
5
|
-
|
6
|
-
|
7
|
-
|
8
|
-
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
(rad.user? ? ['manager', "user:#{rad.user.name}"] : ['manager']) +
|
21
|
-
Array.wrap(rad.config.default_viewers)
|
22
|
-
).uniq.sort},
|
23
|
-
protected: true
|
24
|
-
|
1
|
+
module Models::AuthorizedObject
|
2
|
+
attr_writer :owner_name
|
3
|
+
def owner_name
|
4
|
+
@owner_name ||= rad.user? ? rad.user.name : nil
|
5
|
+
end
|
6
|
+
|
7
|
+
attr_writer :collaborators
|
8
|
+
def collaborators; @collaborators ||= [] end
|
9
|
+
|
10
|
+
attr_writer :viewers
|
11
|
+
def viewers
|
12
|
+
@viewers ||= (
|
13
|
+
(rad.user? ? ['manager', "user:#{rad.user.name}"] : ['manager']) +
|
14
|
+
Array.wrap(rad.config.default_viewers)
|
15
|
+
).uniq.sort
|
16
|
+
end
|
17
|
+
|
18
|
+
inherited do
|
19
|
+
before_create :owner_name
|
25
20
|
validates_presence_of :owner_name
|
21
|
+
|
22
|
+
before_create :viewers
|
26
23
|
validate :validate_viewers
|
27
24
|
validate :validate_collaborators
|
28
25
|
end
|
29
|
-
|
30
|
-
#
|
26
|
+
|
27
|
+
#
|
31
28
|
# Owner
|
32
|
-
#
|
29
|
+
#
|
33
30
|
def owner
|
34
31
|
return nil if owner_name.blank?
|
35
|
-
|
36
|
-
end
|
32
|
+
_cache[:owner] ||= Models::User.by_name!(owner_name)
|
33
|
+
end
|
37
34
|
|
38
35
|
def owner= user
|
39
36
|
user.must_be.an Models::User
|
40
|
-
|
37
|
+
_cache[:owner] = user
|
41
38
|
self.owner_name = user.name
|
42
39
|
user
|
43
40
|
end
|
44
|
-
|
45
|
-
# TODO3 update it later, MM uses public API to unmarshal object
|
41
|
+
|
42
|
+
# TODO3 update it later, MM uses public API to unmarshal object
|
46
43
|
# http://groups.google.com/group/mongomapper/browse_thread/thread/ab34457e0ba9c472#
|
47
|
-
def owner_name= name
|
44
|
+
def owner_name= name
|
48
45
|
owner_role = "user:#{name}"
|
49
46
|
old_owner_role = "user:#{owner_name}"
|
50
|
-
|
47
|
+
|
51
48
|
unless viewers.include? owner_role
|
52
49
|
viewers.delete old_owner_role
|
53
50
|
viewers << owner_role
|
54
51
|
viewers.sort!
|
55
52
|
end
|
56
|
-
|
53
|
+
|
57
54
|
# write_attribute :owner_name, name
|
58
|
-
|
59
|
-
|
55
|
+
@owner_name = name
|
56
|
+
_cache.clear
|
60
57
|
owner_name
|
61
58
|
end
|
62
59
|
|
63
|
-
#
|
60
|
+
#
|
64
61
|
# Viewers and Collaborators
|
65
|
-
#
|
62
|
+
#
|
66
63
|
def add_viewer role
|
67
64
|
role = role.to_s
|
68
|
-
should_be_valid_user_input_role role
|
69
|
-
|
70
|
-
return if viewers.include? role
|
71
|
-
|
65
|
+
should_be_valid_user_input_role role
|
66
|
+
|
67
|
+
return if viewers.include? role
|
68
|
+
|
72
69
|
roles = viewers
|
73
|
-
roles << role
|
74
|
-
roles = Role.denormalize_to_higher_roles roles
|
70
|
+
roles << role
|
71
|
+
roles = Role.denormalize_to_higher_roles roles
|
75
72
|
roles << 'manager' unless roles.include? 'manager'
|
76
73
|
self.viewers = roles.sort
|
77
74
|
viewers
|
78
75
|
end
|
79
|
-
|
76
|
+
|
80
77
|
def remove_viewer role
|
81
78
|
role = role.to_s
|
82
|
-
should_be_valid_user_input_role role
|
83
|
-
|
79
|
+
should_be_valid_user_input_role role
|
80
|
+
|
84
81
|
return unless viewers.include? role
|
85
|
-
|
82
|
+
|
86
83
|
roles = viewers
|
87
84
|
Role.denormalize_to_higher_roles([role]).each do |r|
|
88
85
|
roles.delete r
|
89
86
|
end
|
90
87
|
roles << 'manager' unless roles.include? 'manager'
|
91
88
|
self.viewers = roles.sort
|
92
|
-
|
89
|
+
|
93
90
|
remove_collaborator role
|
94
|
-
|
91
|
+
|
95
92
|
viewers
|
96
93
|
end
|
97
|
-
|
94
|
+
|
98
95
|
def minor_viewers
|
99
|
-
unless minor_viewers =
|
96
|
+
unless minor_viewers = _cache[:minor_viewers]
|
100
97
|
viewers = self.viewers.clone
|
101
98
|
viewers.delete 'manager'
|
102
99
|
minor_viewers = Role.minor_roles viewers
|
103
|
-
|
100
|
+
_cache[:minor_viewers] = minor_viewers
|
104
101
|
end
|
105
102
|
minor_viewers
|
106
103
|
end
|
107
|
-
|
104
|
+
|
108
105
|
def add_collaborator role
|
109
106
|
role = role.to_s
|
110
107
|
should_be_valid_user_input_role role
|
111
108
|
return if collaborators.include? role
|
112
|
-
collaborators = self.collaborators.clone
|
109
|
+
collaborators = self.collaborators.clone
|
113
110
|
collaborators << role
|
114
111
|
self.collaborators = collaborators
|
115
|
-
|
112
|
+
|
116
113
|
add_viewer role
|
117
|
-
|
114
|
+
|
118
115
|
collaborators
|
119
116
|
end
|
120
|
-
|
117
|
+
|
121
118
|
def remove_collaborator role
|
122
119
|
role = role.to_s
|
123
|
-
should_be_valid_user_input_role role
|
120
|
+
should_be_valid_user_input_role role
|
124
121
|
collaborators.delete role
|
125
122
|
collaborators
|
126
123
|
end
|
127
|
-
|
124
|
+
|
128
125
|
def normalized_collaborators
|
129
|
-
unless normalized_collaborators =
|
126
|
+
unless normalized_collaborators = _cache[:normalized_collaborators]
|
130
127
|
normalized_collaborators = Role.denormalize_to_higher_roles collaborators
|
131
|
-
normalized_collaborators << "user:#{owner_name}" unless
|
128
|
+
normalized_collaborators << "user:#{owner_name}" unless Models::Authorized.anonymous?(owner_name)
|
132
129
|
normalized_collaborators.sort!
|
133
|
-
|
130
|
+
_cache[:normalized_collaborators] = normalized_collaborators
|
134
131
|
end
|
135
132
|
normalized_collaborators
|
136
133
|
end
|
137
134
|
|
138
|
-
#
|
135
|
+
#
|
139
136
|
# Special Permissions
|
140
|
-
#
|
137
|
+
#
|
141
138
|
def able_view? user
|
142
139
|
user.roles.any?{|role| viewers.include? role}
|
143
140
|
end
|
144
|
-
|
141
|
+
|
145
142
|
def able_update? user
|
146
143
|
user.roles.any?{|role| normalized_collaborators.include? role}
|
147
144
|
end
|
148
|
-
|
149
|
-
protected
|
145
|
+
|
146
|
+
protected
|
150
147
|
def should_be_valid_user_input_role role
|
151
148
|
role.must_not == 'manager'
|
152
149
|
role.must_not == "user:#{owner_name}"
|
153
150
|
end
|
154
|
-
|
151
|
+
|
155
152
|
def validate_viewers
|
156
153
|
viewers.must == viewers.uniq
|
157
|
-
|
154
|
+
|
158
155
|
viewers.must.include 'manager' # always
|
159
156
|
viewers.must.include "user:#{owner_name}"
|
160
157
|
end
|
161
|
-
|
158
|
+
|
162
159
|
def validate_collaborators
|
163
160
|
collaborators.must_not.include "user:#{owner_name}"
|
164
161
|
end
|
165
|
-
|
162
|
+
|
166
163
|
end
|