rapid 0.0.1

data/lib/rad/models/role.rb

@@ -0,0 +1,88 @@
+class Role
+  ORDERED_ROLES = %w{manager member user}
+  SYSTEM_ROLES = %w{admin anonymous manager member owner registered user}.sort.freeze
+  PRESERVED_USER_NAMES = (SYSTEM_ROLES + ['admin']).sort.freeze
+
+  class << self
+  
+    def normalize_roles roles    
+      ordinary_roles, ordered_roles = split roles
+      ordinary_roles << lower_role(ordered_roles)    
+      ordinary_roles.sort
+    end
+  
+    def denormalize_to_higher_roles roles
+      ordinary_roles, ordered_roles = split roles
+      ordinary_roles.push *higher_roles(lower_role(ordered_roles))
+      ordinary_roles.sort
+    end
+    
+    def denormalize_to_lower_roles roles
+      ordinary_roles, ordered_roles = split roles
+      ordinary_roles.push *lower_roles(higher_role(ordered_roles))
+      ordinary_roles.sort
+    end
+    
+    def higher_role roles
+      ORDERED_ROLES.each do |role|
+        return role if roles.include? role
+      end
+      nil
+    end
+    
+    def lower_role roles
+      ORDERED_ROLES.reverse.each do |role|
+        return role if roles.include? role
+      end
+      nil
+    end
+    
+    def major_roles roles
+      major_roles = roles.select{|role| !SYSTEM_ROLES.include?(role)}
+      if higher_role = higher_role(roles)
+        major_roles << higher_role
+      end
+      major_roles.sort
+    end
+  
+    def minor_roles roles
+      minor_roles = roles.select{|role| !SYSTEM_ROLES.include?(role)}
+      if lower_role = lower_role(roles)
+        minor_roles << lower_role
+      end
+      minor_roles.sort
+    end
+  
+    protected
+      def split roles
+        ordinary_roles = []
+        ordered_roles = []
+
+        roles.collect do |role| 
+          if ORDERED_ROLES.include? role
+            ordered_roles << role
+          else
+            ordinary_roles << role
+          end
+        end
+      
+        [ordinary_roles, ordered_roles]
+      end
+  
+      def lower_roles role
+        return [] if role.nil?
+        
+        role.must_be.in ORDERED_ROLES
+        index = ORDERED_ROLES.index role
+        ORDERED_ROLES[index..-1]
+      end
+
+      def higher_roles role
+        return [] if role.nil?
+        
+        role.must_be.in ORDERED_ROLES
+        index = ORDERED_ROLES.index role
+        ORDERED_ROLES[0..index]
+      end      
+  end
+end

data/lib/rad/models/secure_token.rb

@@ -0,0 +1,33 @@
+class SecureToken
+  include MongoMapper::Document
+  
+  connect_to_global_database
+  
+  key :_type, String
+  
+  key :values, Hash
+  key :token, String, :default => lambda{String.secure_token}
+  key :expires_at, Time, :default => lambda{30.minutes.from_now}
+  timestamps!
+  
+  validates_presence_of :token, :expires_at
+  
+  def expired?
+    expires_at >= Time.now.utc
+  end
+  
+  # defer do
+  ensure_index :token, :unique => true
+  ensure_index :expires_at
+  ensure_index :user_id
+  # end
+  
+  def self.by_token token
+    return nil if token.blank?
+    first :token => token, :expires_at.gte => Time.now.utc
+  end
+  
+  def self.by_token! token
+    return by_token(token) || raise(MongoMapper::DocumentNotFound)
+  end
+end

data/lib/rad/models/space.rb

@@ -0,0 +1,184 @@
+class Space
+  include MongoMapper::Document
+  
+  # 
+  # Multitenant
+  # 
+  connect_to_global_database
+  
+
+  key :name, String, :protected => true
+  key :title, String
+  key :account_id, ObjectId, :protected => true
+  
+  timestamps!
+  
+  
+  # 
+  # Indexes
+  # 
+  # defer do
+  ensure_index :name
+  ensure_index :account_id
+  # end
+  
+  def default?; name == 'default' end
+  def self.default? name; name == 'default' end
+
+  
+  belongs_to :account
+  
+  validates_presence_of :name, :account
+  validates_uniqueness_of :name, :scope => :account_id
+  validates_format_of :name, :with => STRONG_NAME
+  
+  def self.current= space
+    Thread.current['current_space'] = space
+  end
+
+  def self.current
+    Thread.current['current_space'].must_be.defined
+  end
+  
+  def self.current?
+    !!Thread.current['current_space']
+  end
+  
+  # 
+  # Validation
+  # 
+  validate :validate_default
+  def validate_default
+    errors.add :base, t(:forbiden_to_change_default_space) if name_changed? and name_was == 'default'
+  end
+  protected :validate_default 
+  
+  
+  #
+  # Roles and Permissions
+  #
+  key :custom_roles, Array
+  def custom_roles_as_string
+    custom_roles.join("\n")
+  end
+  def custom_roles_as_string= str
+    self.custom_roles = str.strip.split("\n")
+  end
+    
+  SPECIAL_PERMISSIONS = {
+    'global_administration' => ['admin'],
+    'account_administration' => ['admin'],
+    'view' => ['owner', 'manager']
+  }
+   
+  def permissions
+    self.class.permissions
+  end
+  
+  @@permissions = nil
+  def self.permissions
+    unless @@permissions
+     @@permissions = YAML.load_file("#{File.dirname __FILE__}/default_permissions.yml")
+     @@permissions.merge!(SPECIAL_PERMISSIONS)
+    end
+    @@permissions
+  end
+  
+  
+  # 
+  # Links
+  # 
+  key :default_url, String
+  key :menu, Array
+  
+  def menu_as_string
+    menu.to_a.collect{|name, url| "#{name}:#{url}"}.join("\n") 
+  end
+  
+  def menu_as_string=(str)
+    self.menu = []
+    lines = str.split("\n") 
+    lines.each do |line|
+      name, url = line.split(':').collect(&:strip)
+      menu << [name, url] unless name.blank? or url.blank?
+    end
+  end
+  
+  
+  # 
+  # Language
+  # 
+  AVAILABLE_LANGUAGES = %w{en ru}
+  crystal.after :config do |config|
+    key :language, String, :default => config.default_language('en')
+  end
+  
+  
+  # 
+  # Files audit
+  #   
+  key :max_user_files_size, Integer, :default => 0
+  
+  
+  # 
+  # Other
+  #
+  plugin MongoMapper::Plugins::TextProcessor 
+  markup_key :bottom_text
+  
+  
+  # 
+  # Theme support
+  # 
+  key :theme, String, :default => 'default'
+  def self.available_themes
+    config.available_themes(['default'])
+  end
+  # defer do
+  validates_inclusion_of :theme, :within => Space.available_themes
+  # end
+  
+  include Paperclip
+  has_attached_file :logo  
+  validates_maximum_file_size :logo
+  
+  def slug; name end
+  
+  
+  # 
+  # Wigets
+  # 
+  # has_many :resources #, :dependent => :destroy
+  # has_many :votes #, :dependent => :destroy
+  
+  
+  # def self.account_inheritable_key key, type, options = {}
+  #   key = key.to_s
+  #   
+  #   self.key key, type, options
+  #   Account.send :key, key, type, options
+  #   
+  #   define_method key do
+  #     unless merged_value = cache[key]
+  #       account_value = account.send akey
+  #       value = send(key)
+  #       merged_value = merge account_value, value
+  #       cache[key] = merged_value
+  #     end
+  #     merged_value
+  #   end
+  # end
+  # 
+  # protected
+  #   def self.merge parent_value, value
+  #     return value || parent_value if value.nil? or parent_value.nil?
+  #     
+  #     if parent_value.is_a? Hash
+  #       parent_value.merge(value)
+  #     elsif parent_value.is_a? Array
+  #       (parent_value + value).uniq
+  #     else
+  #       value
+  #     end
+  #   end
+end

data/lib/rad/models/user.rb

@@ -0,0 +1,158 @@
+class User
+  include MongoMapper::Document
+
+  connect_to_global_database
+  
+  set_collection_name 'users'
+  
+  key :_type, String
+  
+  key :name, String, :protected => true
+  key :email, String, :protected => true
+  key :state, String, :protected => true
+  timestamps!
+  
+  def name= value
+    # write_attribute :name, (value ? value.downcase : nil)
+    super(value ? value.downcase : nil)
+  end
+  
+  def email= value
+    # write_attribute :email, (value ? value.downcase : nil)
+    super(value ? value.downcase : nil)
+  end
+
+  # key :remember_token, String, :protected => true
+  # key :remember_token_expires_at, Time, :protected => true
+  # key :secure_token, String, :protected => true
+  # key :secure_token_expires_at, Time, :protected => true  
+  
+  # 
+  # Validations
+  # 
+  validates_presence_of :name
+  validates_length_of :name, :within => 4..40
+  validates_uniqueness_of :name
+  validates_format_of :name, :with => STRONG_NAME
+  
+  EMAIL_NAME_REGEX  = '[\w\.%\+\-]+'.freeze
+  DOMAIN_HEAD_REGEX = '(?:[A-Z0-9\-]+\.)+'.freeze
+  DOMAIN_TLD_REGEX  = '(?:[A-Z]{2}|com|org|net|edu|gov|mil|biz|info|mobi|name|aero|jobs|museum)'.freeze
+  EMAIL_REGEX       = /\A#{EMAIL_NAME_REGEX}@#{DOMAIN_HEAD_REGEX}#{DOMAIN_TLD_REGEX}\z/i
+  
+  validates_length_of :email, :within => 6..100, :allow_blank => true
+  validates_uniqueness_of :email, :allow_blank => true
+  validates_format_of :email, :with => EMAIL_REGEX, :allow_blank => true
+  
+  
+  # 
+  # Indexes
+  # 
+  # defer do
+  ensure_index :name, :unique => true
+  ensure_index :email
+  # ensure_index :remember_token #, :unique => true
+  ensure_index :state
+  ensure_index :created_at
+  ensure_index :updated_at
+  # end
+  
+  
+  #
+  # Autentication
+  # 
+  plugin MongoMapper::Plugins::OpenIdAuthentication
+  acts_as_authenticated_by_open_id
+  
+  plugin MongoMapper::Plugins::PasswordAuthentication
+  acts_as_authenticated_by_password
+  
+  def validate_authentication
+    if crypted_password.blank? and open_ids.blank?
+      errors.add :password, t(:should_not_be_blank)
+    end
+  end
+  protected :validate_authentication
+  validate :validate_authentication
+  
+  
+  # 
+  # Lifecycle
+  # 
+  state_machine :state, :initial => :inactive do
+  
+    # after_transition :on => :wait_for_email_confirmation do |_self, trans|
+    #   _self.generate_secure_token!
+    #   UserStatusMailer.deliver_signup_notification _self
+    # end
+  
+    # after_transition :on => :activate do |_self, trans|
+    #   _self.clear_secure_token!
+    #   UserStatusMailer.deliver_activation_notification _self
+    # end    
+  
+    # on :wait_for_email_confirmation do
+    #   transition any => :inactive
+    # end
+    
+    on :activate do
+      transition all => :active
+    end
+  
+    on :inactivate do
+      transition all => :inactive
+    end
+    
+  end
+
+
+  #
+  # Authorization
+  #
+  plugin MongoMapper::Plugins::SpaceKeys
+  plugin MongoMapper::Plugins::Authorized
+  acts_as_authorized
+  
+  
+  # 
+  # Profile
+  # 
+  key :first_name, String
+  key :last_name, String
+
+
+  # 
+  # Helpers
+  #
+  class << self 
+
+    def [] name
+      find_by_name name.to_s
+    end
+    
+    def current= current
+      Thread.current['current_user'] = current
+    end
+
+    def current
+      Thread.current['current_user'].must_be.defined
+    end
+
+    def current?
+      Thread.current['current_user'] != nil
+    end
+    
+  end
+  
+  
+  # 
+  # Other
+  # 
+  space_key :files_size, Integer, :default => 0
+  def to_param; name end
+  validate do |u|
+    u.space_keys_containers.size.must == 0 if u.anonymous?
+  end
+  
+  def slug; name end
+end

data/lib/rad/models.rb

@@ -0,0 +1,41 @@
+# support
+require 'state_machine'
+require 'crystal/environment'
+require 'rad/mongo_mapper'
+require 'rad/paperclip'
+
+# config
+# use database in config if provided
+if crystal.include? :config and crystal.config.database?
+  config = crystal.config
+  db_config_for_current_environment = config.database!.send("#{config.environment}!").to_hash
+  MongoMapper.db_config = db_config_for_current_environment
+  
+
+  # hide index creation from logging
+  # MongoMapper.logger.info "Checking and creating MongoMapper indexes"
+  # MongoMapper.temporary_silince_logger do
+  #   MongoMapper.call_deferred
+  # end
+end
+
+MongoMapper.logger = crystal.logger
+
+# models
+module Rad
+  def self.multitenant_mode?
+    Space.current?
+  end
+end
+
+%w(
+  micelaneous
+  role
+
+  secure_token
+  user
+  account
+  space
+).each{|n| require "rad/models/#{n}"}
+
+require 'rad/locales'

data/lib/rad/mongo_mapper/acts_as/authenticated_by_open_id.rb

@@ -0,0 +1,29 @@
+module MongoMapper
+  module Plugins
+    module OpenIdAuthentication
+      
+      module InstanceMethods
+        def authenticated_by_open_id? open_id
+          self.open_id == open_id
+        end
+      end
+    
+      module ClassMethods
+        def acts_as_authenticated_by_open_id
+          key :open_ids, Array
+          
+          # defer do
+          ensure_index :open_ids
+          # end
+
+          validates_uniqueness_of :open_ids, :allow_blank => true
+        end
+      
+        def authenticate_by_open_id open_id
+          return nil if open_id.blank?
+          User.first :conditions => {:state => 'active', :open_ids => open_id}
+        end
+      end
+    end
+  end
+end

data/lib/rad/mongo_mapper/acts_as/authenticated_by_password.rb

@@ -0,0 +1,120 @@
+module MongoMapper
+  module Plugins
+    module PasswordAuthentication
+      SITE_KEY = '3eed5a60c1bf8d43de5d0560e9fc2442fe74fdad'
+      DIGEST_STRETCHES = 10
+      PASSWORD_LENGTH = 3..40
+      
+      
+      module InstanceMethods            
+        def authenticated_by_password? password
+          return false if crypted_password.blank? or password.blank?
+          self.crypted_password == self.class.encrypt_password(password, salt)
+        end
+    
+        # def reset_password password, password_confirmation
+        #   self.password, self.password_confirmation = password, password_confirmation
+        #   self.secure_token = nil
+        # end
+    
+        def update_password password, password_confirmation, old_password
+          if crypted_password.blank?
+            self.password, self.password_confirmation = password, password_confirmation
+          elsif authenticated_by_password? old_password
+            self.password, self.password_confirmation = password, password_confirmation
+            true
+          else
+            errors.add :base, t(:invalid_old_password)
+            false
+          end
+        end
+
+        # def update_password password, confirmation
+        #   self.password, self.password_confirmation = password, confirmation
+        #   encrypt_password
+        # end
+        # 
+        # def generate_secure_token!
+        #   self.secure_token = AuthStrategy.generate_token
+        #   self.secure_token_expires_at = AuthStrategy::SECURE_TOKEN_EXPIRATION.from_now
+        # end
+        # 
+        # def clear_secure_token!
+        #   self.secure_token = nil
+        #   self.secure_token_expires_at = nil
+        # end
+        # 
+        # def forgot_password
+        #   generate_secure_token!
+        #   UserStatusMailer.deliver_forgot_password self
+        # end
+        
+        def password= password
+          @password = password
+          encrypt_password!
+        end
+
+        protected
+          def encrypt_password!
+            if password.blank?
+              self.crypted_password = ""
+            else
+              self.salt ||= self.class.generate_token
+              self.crypted_password = self.class.encrypt_password password, salt
+            end
+          end
+        
+          def validate_password?
+            !password.nil?
+            # crypted_password.blank? or !password.blank?
+          end    
+      end
+    
+      module ClassMethods
+        def acts_as_authenticated_by_password
+          key :crypted_password, String, :protected => true
+          key :salt, String, :protected => true
+        
+          attr_reader :password
+          validates_confirmation_of :password, :if => :validate_password?
+          validates_length_of :password, :within => PASSWORD_LENGTH, :if => :validate_password?
+        end
+      
+        def authenticate_by_password name, password
+          return nil if name.blank? or password.blank?
+          u = User.first :conditions => {:state => 'active', :name => name}
+          u && u.authenticated_by_password?(password) ? u : nil
+        end
+
+        # def by_secure_token token
+        #   first :conditions => {
+        #     :secure_token => token, 
+        #     :secure_token_expires_at => {:$gt => Time.now.utc}
+        #   }
+        # end
+        # 
+        # def by_open_id id
+        #   return nil if id.blank?
+        #   first :open_ids => id
+        # end
+        
+        def encrypt_password password, salt
+          digest = SITE_KEY
+          DIGEST_STRETCHES.times do
+            digest = secure_digest(digest, salt, password, SITE_KEY)
+          end
+          digest
+        end
+        
+        def generate_token
+          secure_digest Time.now, (1..10).map{ rand.to_s }
+        end
+        
+        protected
+          def secure_digest *args
+            Digest::SHA1.hexdigest(args.flatten.join('--'))
+          end
+      end
+    end
+  end
+end