smukherjee-openbill 0.1.4 → 0.1.5
Sign up to get free protection for your applications and to get access to all the features.
- data/.actionScriptProperties +26 -0
- data/.flexProperties +2 -0
- data/.gitignore +4 -0
- data/.loadpath +7 -0
- data/.project +24 -0
- data/CONTRIBUTORS +6 -0
- data/INSTALL +11 -0
- data/Rakefile +51 -0
- data/VERSION +1 -0
- data/app/controllers/application.rb +49 -0
- data/app/controllers/carts_controller.rb +226 -0
- data/app/controllers/products_controller.rb +19 -0
- data/app/controllers/sessions_controller.rb +39 -0
- data/app/controllers/settings_controller.rb +15 -0
- data/app/helpers/application_helper.rb +3 -0
- data/app/helpers/carts_helper.rb +5 -0
- data/app/helpers/products_helper.rb +2 -0
- data/app/helpers/sessions_helper.rb +2 -0
- data/app/helpers/settings_helper.rb +2 -0
- data/app/models/account.rb +16 -0
- data/app/models/billingcycle.rb +7 -0
- data/app/models/currency.rb +5 -0
- data/app/models/emailtemplate.rb +5 -0
- data/app/models/invoice.rb +13 -0
- data/app/models/invoicedetail.rb +8 -0
- data/app/models/option.rb +5 -0
- data/app/models/order.rb +7 -0
- data/app/models/orderdetail.rb +11 -0
- data/app/models/paymentgateway.rb +5 -0
- data/app/models/product.rb +10 -0
- data/app/models/registrar.rb +7 -0
- data/app/models/registrarlog.rb +6 -0
- data/app/models/role.rb +7 -0
- data/app/models/server.rb +5 -0
- data/app/models/serverlog.rb +6 -0
- data/app/models/setting.rb +6 -0
- data/app/models/tld.rb +9 -0
- data/app/models/transaction.rb +8 -0
- data/app/models/user.rb +68 -0
- data/app/models/user_mailer.rb +24 -0
- data/app/models/user_observer.rb +11 -0
- data/app/models/userfieldname.rb +8 -0
- data/app/models/userfieldvalue.rb +6 -0
- data/app/views/carts/_cart_details.html.erb +36 -0
- data/app/views/carts/_check_domain_availability.html.erb +7 -0
- data/app/views/carts/_loginbox.html.erb +33 -0
- data/app/views/carts/_new_domain_available.html.erb +14 -0
- data/app/views/carts/_new_domain_not_available.html.erb +10 -0
- data/app/views/carts/_orderinfobox.html.erb +1 -0
- data/app/views/carts/_product_details.html.erb +43 -0
- data/app/views/carts/_products_list.html.erb +22 -0
- data/app/views/carts/_signupbox.html.erb +51 -0
- data/app/views/carts/checkout.html.erb +22 -0
- data/app/views/carts/customer.html.erb +26 -0
- data/app/views/carts/order.html.erb +17 -0
- data/app/views/layouts/default.html.erb +43 -0
- data/app/views/user_mailer/activation.erb +3 -0
- data/app/views/user_mailer/signup_notification.erb +8 -0
- data/config/boot.rb +109 -0
- data/config/database.yml +20 -0
- data/config/environment.rb +76 -0
- data/config/environments/development.rb +17 -0
- data/config/environments/production.rb +24 -0
- data/config/environments/test.rb +22 -0
- data/config/initializers/inflections.rb +10 -0
- data/config/initializers/mime_types.rb +5 -0
- data/config/initializers/new_rails_defaults.rb +17 -0
- data/config/initializers/site_keys.rb +38 -0
- data/config/locales/en.yml +2 -0
- data/config/routes.rb +31 -0
- data/db/migrate/20090429095737_create_settings.rb +28 -0
- data/db/migrate/20090429102507_create_users.rb +25 -0
- data/db/migrate/20090429113405_create_accounts.rb +12 -0
- data/db/migrate/20090430091300_create_roles.rb +14 -0
- data/db/migrate/20090430103415_create_products.rb +24 -0
- data/db/migrate/20090509144706_create_sessions.rb +16 -0
- data/db/migrate/20090518070457_create_billingcycles.rb +15 -0
- data/db/migrate/20090518105551_create_orders.rb +13 -0
- data/db/migrate/20090518105611_create_invoices.rb +17 -0
- data/db/migrate/20090518105912_create_orderdetails.rb +24 -0
- data/db/migrate/20090518105931_create_invoicedetails.rb +14 -0
- data/db/migrate/20090519051441_create_servers.rb +14 -0
- data/db/migrate/20090519051509_create_registrars.rb +13 -0
- data/db/migrate/20090519051536_create_paymentgateways.rb +13 -0
- data/db/migrate/20090519052025_create_tlds.rb +15 -0
- data/db/migrate/20090519070149_create_transactions.rb +17 -0
- data/db/migrate/20090519070225_create_registrarlogs.rb +16 -0
- data/db/migrate/20090519070248_create_serverlogs.rb +16 -0
- data/db/migrate/20090519071741_create_emailtemplates.rb +18 -0
- data/db/migrate/20090519083539_create_currencies.rb +18 -0
- data/db/migrate/20090522102336_create_userfieldnames.rb +16 -0
- data/db/migrate/20090522102401_create_userfieldvalues.rb +14 -0
- data/db/migrate/20090526092119_create_options.rb +14 -0
- data/html-template/AC_OETags.js +292 -0
- data/html-template/history/history.css +6 -0
- data/html-template/history/history.js +662 -0
- data/html-template/history/historyFrame.html +29 -0
- data/html-template/index.template.html +121 -0
- data/html-template/playerProductInstall.swf +0 -0
- data/lib/authenticated_system.rb +189 -0
- data/lib/authenticated_test_helper.rb +11 -0
- data/lib/tasks/empty +0 -0
- data/openbill.gemspec +787 -0
- data/pkg/openbill-0.0.0.gem +0 -0
- data/pkg/openbill-0.1.3.gem +0 -0
- data/pkg/openbill-0.1.4.gem +0 -0
- data/public/404.html +30 -0
- data/public/422.html +30 -0
- data/public/500.html +33 -0
- data/public/AC_OETags.js +292 -0
- data/public/admin.html +121 -0
- data/public/admin.swf +0 -0
- data/public/assets/LoadingUndefinedSkin.swf +0 -0
- data/public/assets/UndefinedPersonalSkinLoad.swf +0 -0
- data/public/assets/blanc.png +0 -0
- data/public/assets/botones/Boton_dis.png +0 -0
- data/public/assets/botones/PopUpButton.png +0 -0
- data/public/assets/botones/PopUpButton1.png +0 -0
- data/public/assets/botones/PopUpButton2.png +0 -0
- data/public/assets/botones/PopUpButton_0.png +0 -0
- data/public/assets/botones/PopUpButton_1.png +0 -0
- data/public/assets/botones/PopUpButton_2.png +0 -0
- data/public/assets/botones/PopUpButton_dis.png +0 -0
- data/public/assets/botones/PopUpMenuButton.png +0 -0
- data/public/assets/botones/PopUpMenuButton1.png +0 -0
- data/public/assets/botones/PopUpMenuButton2.png +0 -0
- data/public/assets/botones/PopUpMenuButton_0.png +0 -0
- data/public/assets/botones/PopUpMenuButton_1.png +0 -0
- data/public/assets/botones/PopUpMenuButton_2.png +0 -0
- data/public/assets/botones/PopUpMenuButton_dis.png +0 -0
- data/public/assets/botones/Scroll_barra.png +0 -0
- data/public/assets/botones/Scroll_barra1.png +0 -0
- data/public/assets/botones/Scroll_barra2.png +0 -0
- data/public/assets/botones/Scroll_down.png +0 -0
- data/public/assets/botones/Scroll_down1.png +0 -0
- data/public/assets/botones/Scroll_fondo.png +0 -0
- data/public/assets/botones/Scroll_icon.png +0 -0
- data/public/assets/botones/Scroll_up.png +0 -0
- data/public/assets/botones/Scroll_up1.png +0 -0
- data/public/assets/botones/TabNavigator.png +0 -0
- data/public/assets/botones/TabNavigator1.png +0 -0
- data/public/assets/botones/TabNavigator2.png +0 -0
- data/public/assets/botones/TabNavigator3.png +0 -0
- data/public/assets/botones/Thumbs.db +0 -0
- data/public/assets/botones/accordion_backround.png +0 -0
- data/public/assets/botones/accordion_barra.png +0 -0
- data/public/assets/botones/accordion_barra1.png +0 -0
- data/public/assets/botones/accordion_barra2.png +0 -0
- data/public/assets/botones/accordion_barra3.png +0 -0
- data/public/assets/botones/adelante.png +0 -0
- data/public/assets/botones/adelante1.png +0 -0
- data/public/assets/botones/adelante2.png +0 -0
- data/public/assets/botones/adelante_dis.png +0 -0
- data/public/assets/botones/atras.png +0 -0
- data/public/assets/botones/atras1.png +0 -0
- data/public/assets/botones/atras2.png +0 -0
- data/public/assets/botones/atras_dis.png +0 -0
- data/public/assets/botones/barra.png +0 -0
- data/public/assets/botones/barra_dis.png +0 -0
- data/public/assets/botones/barra_v.png +0 -0
- data/public/assets/botones/boton.jpg +0 -0
- data/public/assets/botones/boton.png +0 -0
- data/public/assets/botones/boton1.png +0 -0
- data/public/assets/botones/boton2.png +0 -0
- data/public/assets/botones/boton_classic.png +0 -0
- data/public/assets/botones/boton_classic1.png +0 -0
- data/public/assets/botones/boton_classic2.png +0 -0
- data/public/assets/botones/bullet.png +0 -0
- data/public/assets/botones/bullet1.png +0 -0
- data/public/assets/botones/bullet_V_dis.png +0 -0
- data/public/assets/botones/bullet_dis.png +0 -0
- data/public/assets/botones/bullet_v.png +0 -0
- data/public/assets/botones/bullet_v1.png +0 -0
- data/public/assets/botones/chekOff.png +0 -0
- data/public/assets/botones/chekOff1.png +0 -0
- data/public/assets/botones/chekOff2.png +0 -0
- data/public/assets/botones/chekOn.png +0 -0
- data/public/assets/botones/chekOn1.png +0 -0
- data/public/assets/botones/chekOn2.png +0 -0
- data/public/assets/botones/chek_dis.png +0 -0
- data/public/assets/botones/close.png +0 -0
- data/public/assets/botones/close1.png +0 -0
- data/public/assets/botones/close2.png +0 -0
- data/public/assets/botones/close_folder.png +0 -0
- data/public/assets/botones/colorPicker.png +0 -0
- data/public/assets/botones/colorPicker1.png +0 -0
- data/public/assets/botones/colorPicker2.png +0 -0
- data/public/assets/botones/colorPicker_blanco.png +0 -0
- data/public/assets/botones/colorPicker_blanco1.png +0 -0
- data/public/assets/botones/colorPicker_blanco2.png +0 -0
- data/public/assets/botones/colorPicker_dis.png +0 -0
- data/public/assets/botones/combo.png +0 -0
- data/public/assets/botones/combo1.png +0 -0
- data/public/assets/botones/combo2.png +0 -0
- data/public/assets/botones/combo_dis.png +0 -0
- data/public/assets/botones/dataIcon.png +0 -0
- data/public/assets/botones/dataIcon1.png +0 -0
- data/public/assets/botones/dataIcon2.png +0 -0
- data/public/assets/botones/dataIcon_dis.png +0 -0
- data/public/assets/botones/dataText.png +0 -0
- data/public/assets/botones/folder_close.png +0 -0
- data/public/assets/botones/folder_open.png +0 -0
- data/public/assets/botones/hoja.png +0 -0
- data/public/assets/botones/icon_down.png +0 -0
- data/public/assets/botones/icon_up.png +0 -0
- data/public/assets/botones/last_toggle.png +0 -0
- data/public/assets/botones/last_toggle1.png +0 -0
- data/public/assets/botones/last_toggle2.png +0 -0
- data/public/assets/botones/last_toggle3.png +0 -0
- data/public/assets/botones/numericStepper_Down.png +0 -0
- data/public/assets/botones/numericStepper_Down1.png +0 -0
- data/public/assets/botones/numericStepper_Down2.png +0 -0
- data/public/assets/botones/numericStepper_Down_dis.png +0 -0
- data/public/assets/botones/numericStepper_Text.png +0 -0
- data/public/assets/botones/numericStepper_Up.png +0 -0
- data/public/assets/botones/numericStepper_Up1.png +0 -0
- data/public/assets/botones/numericStepper_Up2.png +0 -0
- data/public/assets/botones/numericStepper_Up_dis.png +0 -0
- data/public/assets/botones/open_folder.png +0 -0
- data/public/assets/botones/prev_toggle.png +0 -0
- data/public/assets/botones/prev_toggle1.png +0 -0
- data/public/assets/botones/prev_toggle2.png +0 -0
- data/public/assets/botones/prev_toggle3.png +0 -0
- data/public/assets/botones/progress.png +0 -0
- data/public/assets/botones/progress_barra.png +0 -0
- data/public/assets/botones/progress_charning.png +0 -0
- data/public/assets/botones/progress_dis.png +0 -0
- data/public/assets/botones/radio.png +0 -0
- data/public/assets/botones/radio1.png +0 -0
- data/public/assets/botones/radio2.png +0 -0
- data/public/assets/botones/radio3.png +0 -0
- data/public/assets/botones/radio4.png +0 -0
- data/public/assets/botones/radio_dis.png +0 -0
- data/public/assets/botones/seleccionData.png +0 -0
- data/public/assets/botones/seleccionDataSelected.png +0 -0
- data/public/assets/botones/seleccionDataUp.png +0 -0
- data/public/assets/botones/textArea.png +0 -0
- data/public/assets/botones/textInput.png +0 -0
- data/public/assets/botones/textInput_error.png +0 -0
- data/public/assets/botones/textInput_no.png +0 -0
- data/public/assets/botones/toggle_medio.png +0 -0
- data/public/assets/botones/toggle_medio1.png +0 -0
- data/public/assets/botones/toggle_medio2.png +0 -0
- data/public/assets/botones/toggle_medio3.png +0 -0
- data/public/assets/botones/toolTip.png +0 -0
- data/public/assets/general/Fondo4.jpg +0 -0
- data/public/assets/general/Fondo5.jpg +0 -0
- data/public/assets/general/MenuItem.png +0 -0
- data/public/assets/general/MenuItem1.png +0 -0
- data/public/assets/general/Thumbs.db +0 -0
- data/public/assets/general/alert_fondo.png +0 -0
- data/public/assets/general/alert_fondo1.png +0 -0
- data/public/assets/general/alert_titulo.png +0 -0
- data/public/assets/general/alert_titulo1.png +0 -0
- data/public/assets/general/blanc.png +0 -0
- data/public/assets/general/fondo.jpg +0 -0
- data/public/assets/general/fondo1.jpg +0 -0
- data/public/assets/general/fondo2.jpg +0 -0
- data/public/assets/general/fondo3.jpg +0 -0
- data/public/assets/general/fondo_list.png +0 -0
- data/public/assets/general/menu.png +0 -0
- data/public/assets/general/panel.png +0 -0
- data/public/assets/general/separator.png +0 -0
- data/public/assets/general/titleWindow.png +0 -0
- data/public/assets/general/titleWindow1.png +0 -0
- data/public/assets/icons/Thumbs.db +0 -0
- data/public/assets/icons/ai.jpg +0 -0
- data/public/assets/icons/air.jpg +0 -0
- data/public/assets/icons/fl.jpg +0 -0
- data/public/assets/icons/fw.jpg +0 -0
- data/public/assets/icons/fx.jpg +0 -0
- data/public/assets/icons/ps.jpg +0 -0
- data/public/assets/scroll/Thumbs.db +0 -0
- data/public/assets/scroll/barra.png +0 -0
- data/public/assets/scroll/barra1.png +0 -0
- data/public/assets/scroll/barra2.png +0 -0
- data/public/assets/scroll/barra_1.png +0 -0
- data/public/assets/scroll/barra_2.png +0 -0
- data/public/assets/scroll/down.png +0 -0
- data/public/assets/scroll/down1.png +0 -0
- data/public/assets/scroll/down_1.png +0 -0
- data/public/assets/scroll/down_2.png +0 -0
- data/public/assets/scroll/fondo.png +0 -0
- data/public/assets/scroll/fondo_1.png +0 -0
- data/public/assets/scroll/fondo_2.png +0 -0
- data/public/assets/scroll/up.png +0 -0
- data/public/assets/scroll/up1.png +0 -0
- data/public/assets/scroll/up_1.png +0 -0
- data/public/assets/scroll/up_2.png +0 -0
- data/public/assets/xml/listData.xml +21 -0
- data/public/dispatch.cgi +10 -0
- data/public/dispatch.fcgi +24 -0
- data/public/dispatch.rb +10 -0
- data/public/favicon.ico +0 -0
- data/public/framework_3.0.0.477.swf +0 -0
- data/public/framework_3.0.0.477.swz +0 -0
- data/public/history/history.css +6 -0
- data/public/history/history.js +662 -0
- data/public/history/historyFrame.html +29 -0
- data/public/images/avatar.png +0 -0
- data/public/images/logo.png +0 -0
- data/public/images/rails.png +0 -0
- data/public/images/spinner.gif +0 -0
- data/public/index.html +1 -0
- data/public/javascripts/application.js +2 -0
- data/public/javascripts/controls.js +963 -0
- data/public/javascripts/dragdrop.js +973 -0
- data/public/javascripts/effects.js +1128 -0
- data/public/javascripts/jquery-1.3.min.js +19 -0
- data/public/javascripts/jquery.localscroll.js +104 -0
- data/public/javascripts/jquery.scrollTo.js +150 -0
- data/public/javascripts/prototype.js +4320 -0
- data/public/playerProductInstall.swf +0 -0
- data/public/robots.txt +5 -0
- data/public/stylesheets/base.css +336 -0
- data/public/stylesheets/darkroom.css +1374 -0
- data/public/stylesheets/darkroom.swf +0 -0
- data/public/stylesheets/default.css +1034 -0
- data/public/stylesheets/myriad.swf +0 -0
- data/public/stylesheets/scaffold.css +54 -0
- data/public/stylesheets/themes/bec/style.css +301 -0
- data/public/stylesheets/themes/bec-green/style.css +290 -0
- data/public/stylesheets/themes/blue/style.css +280 -0
- data/public/stylesheets/themes/default/style.css +267 -0
- data/public/stylesheets/themes/djime-cerulean/style.css +298 -0
- data/public/stylesheets/themes/kathleene/style.css +272 -0
- data/public/stylesheets/themes/openbill/style.css +272 -0
- data/public/stylesheets/themes/orange/style.css +263 -0
- data/public/stylesheets/themes/reidb-greenish/style.css +301 -0
- data/rdoc/empty +0 -0
- data/rdoc/logo.max +0 -0
- data/rdoc/logo.png +0 -0
- data/script/about +4 -0
- data/script/console +3 -0
- data/script/dbconsole +3 -0
- data/script/destroy +3 -0
- data/script/generate +3 -0
- data/script/performance/benchmarker +3 -0
- data/script/performance/profiler +3 -0
- data/script/performance/request +3 -0
- data/script/plugin +3 -0
- data/script/process/inspector +3 -0
- data/script/process/reaper +3 -0
- data/script/process/spawner +3 -0
- data/script/runner +3 -0
- data/script/server +3 -0
- data/src/admin.mxml +62 -0
- data/src/assets/LoadingUndefinedSkin.swf +0 -0
- data/src/assets/UndefinedPersonalSkinLoad.swf +0 -0
- data/src/assets/blanc.png +0 -0
- data/src/assets/botones/Boton_dis.png +0 -0
- data/src/assets/botones/PopUpButton.png +0 -0
- data/src/assets/botones/PopUpButton1.png +0 -0
- data/src/assets/botones/PopUpButton2.png +0 -0
- data/src/assets/botones/PopUpButton_0.png +0 -0
- data/src/assets/botones/PopUpButton_1.png +0 -0
- data/src/assets/botones/PopUpButton_2.png +0 -0
- data/src/assets/botones/PopUpButton_dis.png +0 -0
- data/src/assets/botones/PopUpMenuButton.png +0 -0
- data/src/assets/botones/PopUpMenuButton1.png +0 -0
- data/src/assets/botones/PopUpMenuButton2.png +0 -0
- data/src/assets/botones/PopUpMenuButton_0.png +0 -0
- data/src/assets/botones/PopUpMenuButton_1.png +0 -0
- data/src/assets/botones/PopUpMenuButton_2.png +0 -0
- data/src/assets/botones/PopUpMenuButton_dis.png +0 -0
- data/src/assets/botones/Scroll_barra.png +0 -0
- data/src/assets/botones/Scroll_barra1.png +0 -0
- data/src/assets/botones/Scroll_barra2.png +0 -0
- data/src/assets/botones/Scroll_down.png +0 -0
- data/src/assets/botones/Scroll_down1.png +0 -0
- data/src/assets/botones/Scroll_fondo.png +0 -0
- data/src/assets/botones/Scroll_icon.png +0 -0
- data/src/assets/botones/Scroll_up.png +0 -0
- data/src/assets/botones/Scroll_up1.png +0 -0
- data/src/assets/botones/TabNavigator.png +0 -0
- data/src/assets/botones/TabNavigator1.png +0 -0
- data/src/assets/botones/TabNavigator2.png +0 -0
- data/src/assets/botones/TabNavigator3.png +0 -0
- data/src/assets/botones/Thumbs.db +0 -0
- data/src/assets/botones/accordion_backround.png +0 -0
- data/src/assets/botones/accordion_barra.png +0 -0
- data/src/assets/botones/accordion_barra1.png +0 -0
- data/src/assets/botones/accordion_barra2.png +0 -0
- data/src/assets/botones/accordion_barra3.png +0 -0
- data/src/assets/botones/adelante.png +0 -0
- data/src/assets/botones/adelante1.png +0 -0
- data/src/assets/botones/adelante2.png +0 -0
- data/src/assets/botones/adelante_dis.png +0 -0
- data/src/assets/botones/atras.png +0 -0
- data/src/assets/botones/atras1.png +0 -0
- data/src/assets/botones/atras2.png +0 -0
- data/src/assets/botones/atras_dis.png +0 -0
- data/src/assets/botones/barra.png +0 -0
- data/src/assets/botones/barra_dis.png +0 -0
- data/src/assets/botones/barra_v.png +0 -0
- data/src/assets/botones/boton.jpg +0 -0
- data/src/assets/botones/boton.png +0 -0
- data/src/assets/botones/boton1.png +0 -0
- data/src/assets/botones/boton2.png +0 -0
- data/src/assets/botones/boton_classic.png +0 -0
- data/src/assets/botones/boton_classic1.png +0 -0
- data/src/assets/botones/boton_classic2.png +0 -0
- data/src/assets/botones/bullet.png +0 -0
- data/src/assets/botones/bullet1.png +0 -0
- data/src/assets/botones/bullet_V_dis.png +0 -0
- data/src/assets/botones/bullet_dis.png +0 -0
- data/src/assets/botones/bullet_v.png +0 -0
- data/src/assets/botones/bullet_v1.png +0 -0
- data/src/assets/botones/chekOff.png +0 -0
- data/src/assets/botones/chekOff1.png +0 -0
- data/src/assets/botones/chekOff2.png +0 -0
- data/src/assets/botones/chekOn.png +0 -0
- data/src/assets/botones/chekOn1.png +0 -0
- data/src/assets/botones/chekOn2.png +0 -0
- data/src/assets/botones/chek_dis.png +0 -0
- data/src/assets/botones/close.png +0 -0
- data/src/assets/botones/close1.png +0 -0
- data/src/assets/botones/close2.png +0 -0
- data/src/assets/botones/close_folder.png +0 -0
- data/src/assets/botones/colorPicker.png +0 -0
- data/src/assets/botones/colorPicker1.png +0 -0
- data/src/assets/botones/colorPicker2.png +0 -0
- data/src/assets/botones/colorPicker_blanco.png +0 -0
- data/src/assets/botones/colorPicker_blanco1.png +0 -0
- data/src/assets/botones/colorPicker_blanco2.png +0 -0
- data/src/assets/botones/colorPicker_dis.png +0 -0
- data/src/assets/botones/combo.png +0 -0
- data/src/assets/botones/combo1.png +0 -0
- data/src/assets/botones/combo2.png +0 -0
- data/src/assets/botones/combo_dis.png +0 -0
- data/src/assets/botones/dataIcon.png +0 -0
- data/src/assets/botones/dataIcon1.png +0 -0
- data/src/assets/botones/dataIcon2.png +0 -0
- data/src/assets/botones/dataIcon_dis.png +0 -0
- data/src/assets/botones/dataText.png +0 -0
- data/src/assets/botones/folder_close.png +0 -0
- data/src/assets/botones/folder_open.png +0 -0
- data/src/assets/botones/hoja.png +0 -0
- data/src/assets/botones/icon_down.png +0 -0
- data/src/assets/botones/icon_up.png +0 -0
- data/src/assets/botones/last_toggle.png +0 -0
- data/src/assets/botones/last_toggle1.png +0 -0
- data/src/assets/botones/last_toggle2.png +0 -0
- data/src/assets/botones/last_toggle3.png +0 -0
- data/src/assets/botones/numericStepper_Down.png +0 -0
- data/src/assets/botones/numericStepper_Down1.png +0 -0
- data/src/assets/botones/numericStepper_Down2.png +0 -0
- data/src/assets/botones/numericStepper_Down_dis.png +0 -0
- data/src/assets/botones/numericStepper_Text.png +0 -0
- data/src/assets/botones/numericStepper_Up.png +0 -0
- data/src/assets/botones/numericStepper_Up1.png +0 -0
- data/src/assets/botones/numericStepper_Up2.png +0 -0
- data/src/assets/botones/numericStepper_Up_dis.png +0 -0
- data/src/assets/botones/open_folder.png +0 -0
- data/src/assets/botones/prev_toggle.png +0 -0
- data/src/assets/botones/prev_toggle1.png +0 -0
- data/src/assets/botones/prev_toggle2.png +0 -0
- data/src/assets/botones/prev_toggle3.png +0 -0
- data/src/assets/botones/progress.png +0 -0
- data/src/assets/botones/progress_barra.png +0 -0
- data/src/assets/botones/progress_charning.png +0 -0
- data/src/assets/botones/progress_dis.png +0 -0
- data/src/assets/botones/radio.png +0 -0
- data/src/assets/botones/radio1.png +0 -0
- data/src/assets/botones/radio2.png +0 -0
- data/src/assets/botones/radio3.png +0 -0
- data/src/assets/botones/radio4.png +0 -0
- data/src/assets/botones/radio_dis.png +0 -0
- data/src/assets/botones/seleccionData.png +0 -0
- data/src/assets/botones/seleccionDataSelected.png +0 -0
- data/src/assets/botones/seleccionDataUp.png +0 -0
- data/src/assets/botones/textArea.png +0 -0
- data/src/assets/botones/textInput.png +0 -0
- data/src/assets/botones/textInput_error.png +0 -0
- data/src/assets/botones/textInput_no.png +0 -0
- data/src/assets/botones/toggle_medio.png +0 -0
- data/src/assets/botones/toggle_medio1.png +0 -0
- data/src/assets/botones/toggle_medio2.png +0 -0
- data/src/assets/botones/toggle_medio3.png +0 -0
- data/src/assets/botones/toolTip.png +0 -0
- data/src/assets/general/Fondo4.jpg +0 -0
- data/src/assets/general/Fondo5.jpg +0 -0
- data/src/assets/general/MenuItem.png +0 -0
- data/src/assets/general/MenuItem1.png +0 -0
- data/src/assets/general/Thumbs.db +0 -0
- data/src/assets/general/alert_fondo.png +0 -0
- data/src/assets/general/alert_fondo1.png +0 -0
- data/src/assets/general/alert_titulo.png +0 -0
- data/src/assets/general/alert_titulo1.png +0 -0
- data/src/assets/general/blanc.png +0 -0
- data/src/assets/general/fondo.jpg +0 -0
- data/src/assets/general/fondo1.jpg +0 -0
- data/src/assets/general/fondo2.jpg +0 -0
- data/src/assets/general/fondo3.jpg +0 -0
- data/src/assets/general/fondo_list.png +0 -0
- data/src/assets/general/menu.png +0 -0
- data/src/assets/general/panel.png +0 -0
- data/src/assets/general/separator.png +0 -0
- data/src/assets/general/titleWindow.png +0 -0
- data/src/assets/general/titleWindow1.png +0 -0
- data/src/assets/icons/Thumbs.db +0 -0
- data/src/assets/icons/ai.jpg +0 -0
- data/src/assets/icons/air.jpg +0 -0
- data/src/assets/icons/fl.jpg +0 -0
- data/src/assets/icons/fw.jpg +0 -0
- data/src/assets/icons/fx.jpg +0 -0
- data/src/assets/icons/ps.jpg +0 -0
- data/src/assets/programmatic/BigThumbClass.as +14 -0
- data/src/assets/programmatic/CustomPreloader.as +79 -0
- data/src/assets/programmatic/MyDateField.as +22 -0
- data/src/assets/scroll/Thumbs.db +0 -0
- data/src/assets/scroll/barra.png +0 -0
- data/src/assets/scroll/barra1.png +0 -0
- data/src/assets/scroll/barra2.png +0 -0
- data/src/assets/scroll/barra_1.png +0 -0
- data/src/assets/scroll/barra_2.png +0 -0
- data/src/assets/scroll/down.png +0 -0
- data/src/assets/scroll/down1.png +0 -0
- data/src/assets/scroll/down_1.png +0 -0
- data/src/assets/scroll/down_2.png +0 -0
- data/src/assets/scroll/fondo.png +0 -0
- data/src/assets/scroll/fondo_1.png +0 -0
- data/src/assets/scroll/fondo_2.png +0 -0
- data/src/assets/scroll/up.png +0 -0
- data/src/assets/scroll/up1.png +0 -0
- data/src/assets/scroll/up_1.png +0 -0
- data/src/assets/scroll/up_2.png +0 -0
- data/src/assets/xml/listData.xml +21 -0
- data/src/images/logo.png +0 -0
- data/src/libs/Cairngorm.swc +0 -0
- data/src/libs/flexlib.swc +0 -0
- data/src/org/rsos/openbill/business/RailsDelegate.as +109 -0
- data/src/org/rsos/openbill/business/Services.mxml +15 -0
- data/src/org/rsos/openbill/command/FpCommand.as +44 -0
- data/src/org/rsos/openbill/command/LoginCommand.as +52 -0
- data/src/org/rsos/openbill/command/LogoutCommand.as +43 -0
- data/src/org/rsos/openbill/command/ProductCommand.as +49 -0
- data/src/org/rsos/openbill/command/SettingCommand.as +39 -0
- data/src/org/rsos/openbill/control/OpenbillController.as +25 -0
- data/src/org/rsos/openbill/event/FpEvent.as +29 -0
- data/src/org/rsos/openbill/event/LoginEvent.as +29 -0
- data/src/org/rsos/openbill/event/LogoutEvent.as +26 -0
- data/src/org/rsos/openbill/event/ProductEvent.as +29 -0
- data/src/org/rsos/openbill/event/SettingEvent.as +29 -0
- data/src/org/rsos/openbill/model/OpenbillModelLocator.as +188 -0
- data/src/org/rsos/openbill/util/ValueObjectUtil.as +19 -0
- data/src/org/rsos/openbill/view/Content.mxml +4 -0
- data/src/org/rsos/openbill/view/Footer.mxml +25 -0
- data/src/org/rsos/openbill/view/Header.mxml +31 -0
- data/src/org/rsos/openbill/view/Product.mxml +82 -0
- data/src/org/rsos/openbill/view/Setting.mxml +111 -0
- data/src/org/rsos/openbill/view/SignIn.mxml +67 -0
- data/src/org/rsos/openbill/vo/AccountVO.as +13 -0
- data/src/org/rsos/openbill/vo/CurrencyVO.as +18 -0
- data/src/org/rsos/openbill/vo/ProductVO.as +17 -0
- data/src/org/rsos/openbill/vo/RoleVO.as +14 -0
- data/src/org/rsos/openbill/vo/SettingVO.as +29 -0
- data/src/org/rsos/openbill/vo/UserVO.as +18 -0
- data/src/stylesheets/darkroom.css +1374 -0
- data/src/stylesheets/darkroom.swf +0 -0
- data/src/stylesheets/default.css +1034 -0
- data/src/stylesheets/myriad.swf +0 -0
- data/test/fixtures/accounts.yml +3 -0
- data/test/fixtures/billingcycles.yml +41 -0
- data/test/fixtures/currencies.yml +11 -0
- data/test/fixtures/emailtemplates.yml +8 -0
- data/test/fixtures/invoicedetails.yml +0 -0
- data/test/fixtures/invoices.yml +0 -0
- data/test/fixtures/options.yml +0 -0
- data/test/fixtures/orderdetails.yml +0 -0
- data/test/fixtures/orders.yml +0 -0
- data/test/fixtures/paymentgateways.yml +0 -0
- data/test/fixtures/products.yml +40 -0
- data/test/fixtures/registrarlogs.yml +0 -0
- data/test/fixtures/registrars.yml +4 -0
- data/test/fixtures/roles.yml +19 -0
- data/test/fixtures/serverlogs.yml +0 -0
- data/test/fixtures/servers.yml +0 -0
- data/test/fixtures/settings.yml +7 -0
- data/test/fixtures/tlds.yml +17 -0
- data/test/fixtures/transactions.yml +0 -0
- data/test/fixtures/userfieldnames.yml +9 -0
- data/test/fixtures/userfieldvalues.yml +11 -0
- data/test/fixtures/users.yml +28 -0
- data/test/integration/empty +0 -0
- data/vendor/generators/cairngorm/USAGE +7 -0
- data/vendor/generators/cairngorm/cairngorm_generator.rb +23 -0
- data/vendor/generators/cairngorm/templates/Controller_template.as +20 -0
- data/vendor/generators/cairngorm/templates/ModelLocator_template.as +29 -0
- data/vendor/generators/cairngorm/templates/Services_template.mxml +8 -0
- data/vendor/generators/cairngorm/templates/ValueObjectUtil_template.as +19 -0
- data/vendor/generators/cairngorm/templates/main_template.mxml +27 -0
- data/vendor/generators/command/USAGE +10 -0
- data/vendor/generators/command/command_generator.rb +8 -0
- data/vendor/generators/command/templates/command_template.as +39 -0
- data/vendor/generators/command/templates/event_template.as +26 -0
- data/vendor/generators/delegate/USAGE +8 -0
- data/vendor/generators/delegate/delegate_generator.rb +7 -0
- data/vendor/generators/delegate/templates/delegate_template.as +26 -0
- data/vendor/generators/event/USAGE +8 -0
- data/vendor/generators/event/event_generator.rb +7 -0
- data/vendor/generators/event/templates/event_template.as +26 -0
- data/vendor/generators/vo/USAGE +9 -0
- data/vendor/generators/vo/templates/vo_template.as +18 -0
- data/vendor/generators/vo/vo_generator.rb +7 -0
- data/vendor/generators/worbservice/USAGE +8 -0
- data/vendor/generators/worbservice/templates/service.rb +11 -0
- data/vendor/generators/worbservice/worbservice_generator.rb +7 -0
- data/vendor/plugins/enum-column/init.rb +9 -0
- data/vendor/plugins/enum-column/lib/enum/active_record_helper.rb +107 -0
- data/vendor/plugins/enum-column/lib/enum/enum_adapter.rb +76 -0
- data/vendor/plugins/enum-column/lib/enum/mysql_adapter.rb +33 -0
- data/vendor/plugins/enum-column/lib/enum/postgresql_adapter.rb +64 -0
- data/vendor/plugins/enum-column/lib/enum/quoting.rb +17 -0
- data/vendor/plugins/enum-column/lib/enum/schema_definitions.rb +12 -0
- data/vendor/plugins/enum-column/lib/enum/schema_statements.rb +32 -0
- data/vendor/plugins/enum-column/lib/enum/sqlite3_adapter.rb +52 -0
- data/vendor/plugins/enum-column/lib/enum/validations.rb +40 -0
- data/vendor/plugins/enum-column/readme.html +125 -0
- data/vendor/plugins/enum-column/test/db/schema.rb +28 -0
- data/vendor/plugins/enum-column/test/enum_mysql_test.rb +220 -0
- data/vendor/plugins/enum-column/test/fixtures/db_definitions/mysql.drop.sql +32 -0
- data/vendor/plugins/enum-column/test/fixtures/db_definitions/mysql.sql +244 -0
- data/vendor/plugins/enum-column/test/fixtures/enumeration.rb +20 -0
- data/vendor/plugins/enum-column/test/test_helper.rb +18 -0
- data/vendor/plugins/restful-authentication/.gitignore +21 -0
- data/vendor/plugins/restful-authentication/CHANGELOG +68 -0
- data/vendor/plugins/restful-authentication/LICENSE +20 -0
- data/vendor/plugins/restful-authentication/README.textile +224 -0
- data/vendor/plugins/restful-authentication/Rakefile +32 -0
- data/vendor/plugins/restful-authentication/TODO +15 -0
- data/vendor/plugins/restful-authentication/generators/authenticated/USAGE +1 -0
- data/vendor/plugins/restful-authentication/generators/authenticated/authenticated_generator.rb +478 -0
- data/vendor/plugins/restful-authentication/generators/authenticated/lib/insert_routes.rb +54 -0
- data/vendor/plugins/restful-authentication/generators/authenticated/templates/_model_partial.html.erb +8 -0
- data/vendor/plugins/restful-authentication/generators/authenticated/templates/activation.erb +3 -0
- data/vendor/plugins/restful-authentication/generators/authenticated/templates/authenticated_system.rb +189 -0
- data/vendor/plugins/restful-authentication/generators/authenticated/templates/authenticated_test_helper.rb +22 -0
- data/vendor/plugins/restful-authentication/generators/authenticated/templates/controller.rb +43 -0
- data/vendor/plugins/restful-authentication/generators/authenticated/templates/features/accounts.feature +109 -0
- data/vendor/plugins/restful-authentication/generators/authenticated/templates/features/sessions.feature +134 -0
- data/vendor/plugins/restful-authentication/generators/authenticated/templates/features/step_definitions/ra_env.rb +9 -0
- data/vendor/plugins/restful-authentication/generators/authenticated/templates/features/step_definitions/ra_navigation_steps.rb +48 -0
- data/vendor/plugins/restful-authentication/generators/authenticated/templates/features/step_definitions/ra_resource_steps.rb +178 -0
- data/vendor/plugins/restful-authentication/generators/authenticated/templates/features/step_definitions/ra_response_steps.rb +169 -0
- data/vendor/plugins/restful-authentication/generators/authenticated/templates/features/step_definitions/rest_auth_features_helper.rb +81 -0
- data/vendor/plugins/restful-authentication/generators/authenticated/templates/features/step_definitions/user_steps.rb +131 -0
- data/vendor/plugins/restful-authentication/generators/authenticated/templates/helper.rb +2 -0
- data/vendor/plugins/restful-authentication/generators/authenticated/templates/login.html.erb +16 -0
- data/vendor/plugins/restful-authentication/generators/authenticated/templates/mailer.rb +25 -0
- data/vendor/plugins/restful-authentication/generators/authenticated/templates/migration.rb +26 -0
- data/vendor/plugins/restful-authentication/generators/authenticated/templates/model.rb +83 -0
- data/vendor/plugins/restful-authentication/generators/authenticated/templates/model_controller.rb +85 -0
- data/vendor/plugins/restful-authentication/generators/authenticated/templates/model_helper.rb +93 -0
- data/vendor/plugins/restful-authentication/generators/authenticated/templates/model_helper_spec.rb +158 -0
- data/vendor/plugins/restful-authentication/generators/authenticated/templates/observer.rb +11 -0
- data/vendor/plugins/restful-authentication/generators/authenticated/templates/signup.html.erb +19 -0
- data/vendor/plugins/restful-authentication/generators/authenticated/templates/signup_notification.erb +8 -0
- data/vendor/plugins/restful-authentication/generators/authenticated/templates/site_keys.rb +38 -0
- data/vendor/plugins/restful-authentication/generators/authenticated/templates/spec/controllers/access_control_spec.rb +90 -0
- data/vendor/plugins/restful-authentication/generators/authenticated/templates/spec/controllers/authenticated_system_spec.rb +102 -0
- data/vendor/plugins/restful-authentication/generators/authenticated/templates/spec/controllers/sessions_controller_spec.rb +139 -0
- data/vendor/plugins/restful-authentication/generators/authenticated/templates/spec/controllers/users_controller_spec.rb +198 -0
- data/vendor/plugins/restful-authentication/generators/authenticated/templates/spec/fixtures/users.yml +60 -0
- data/vendor/plugins/restful-authentication/generators/authenticated/templates/spec/helpers/users_helper_spec.rb +141 -0
- data/vendor/plugins/restful-authentication/generators/authenticated/templates/spec/models/user_spec.rb +290 -0
- data/vendor/plugins/restful-authentication/generators/authenticated/templates/test/functional_test.rb +82 -0
- data/vendor/plugins/restful-authentication/generators/authenticated/templates/test/mailer_test.rb +31 -0
- data/vendor/plugins/restful-authentication/generators/authenticated/templates/test/model_functional_test.rb +93 -0
- data/vendor/plugins/restful-authentication/generators/authenticated/templates/test/unit_test.rb +164 -0
- data/vendor/plugins/restful-authentication/init.rb +1 -0
- data/vendor/plugins/restful-authentication/lib/authentication/by_cookie_token.rb +82 -0
- data/vendor/plugins/restful-authentication/lib/authentication/by_password.rb +64 -0
- data/vendor/plugins/restful-authentication/lib/authentication.rb +40 -0
- data/vendor/plugins/restful-authentication/lib/authorization/aasm_roles.rb +63 -0
- data/vendor/plugins/restful-authentication/lib/authorization/stateful_roles.rb +62 -0
- data/vendor/plugins/restful-authentication/lib/authorization.rb +14 -0
- data/vendor/plugins/restful-authentication/lib/trustification/email_validation.rb +20 -0
- data/vendor/plugins/restful-authentication/lib/trustification.rb +14 -0
- data/vendor/plugins/restful-authentication/notes/AccessControl.txt +2 -0
- data/vendor/plugins/restful-authentication/notes/Authentication.txt +5 -0
- data/vendor/plugins/restful-authentication/notes/Authorization.txt +154 -0
- data/vendor/plugins/restful-authentication/notes/RailsPlugins.txt +78 -0
- data/vendor/plugins/restful-authentication/notes/SecurityFramework.graffle +0 -0
- data/vendor/plugins/restful-authentication/notes/SecurityFramework.png +0 -0
- data/vendor/plugins/restful-authentication/notes/SecurityPatterns.txt +163 -0
- data/vendor/plugins/restful-authentication/notes/Tradeoffs.txt +126 -0
- data/vendor/plugins/restful-authentication/notes/Trustification.txt +49 -0
- data/vendor/plugins/restful-authentication/rails/init.rb +3 -0
- data/vendor/plugins/restful-authentication/restful-authentication.gemspec +33 -0
- data/vendor/plugins/restful-authentication/tasks/auth.rake +33 -0
- data/vendor/plugins/ruby-enom/README.markdown +37 -0
- data/vendor/plugins/ruby-enom/ruby-enom.rb +198 -0
- metadata +729 -8
@@ -0,0 +1,163 @@
|
|
1
|
+
h1. Security from the perspective of a community site.
|
2
|
+
|
3
|
+
Better than anything you'll read below on the subject:
|
4
|
+
|
5
|
+
* "The OWASP Guide to Building Secure Web Applications":http://www.owasp.org/index.php/Category:OWASP_Guide_Project
|
6
|
+
* "Secure Programming for Linux and Unix HOWTO":http://www.dwheeler.com/secure-programs/Secure-Programs-HOWTO/web-authentication.html
|
7
|
+
* "Core Security Patterns":http://www.coresecuritypatterns.com/patterns.htm
|
8
|
+
* Stephen Downes' article on "Authentication and Identification":http://www.downes.ca/post/12
|
9
|
+
|
10
|
+
h2. Snazzy Diagram
|
11
|
+
|
12
|
+
!http://github.com/technoweenie/restful-authentication/tree/master/notes/SecurityFramework.png?raw=true!:http://github.com/technoweenie/restful-authentication/tree/master/notes/SecurityFramework.png
|
13
|
+
|
14
|
+
(in notes/SecurityFramework.png)
|
15
|
+
|
16
|
+
h2. Terms
|
17
|
+
|
18
|
+
* Identification: Assign this visitor a name and an associated identity
|
19
|
+
(picture, website, favorite pokemon, trust metric, security roles).
|
20
|
+
|
21
|
+
bq. "Behold. I am not Gandalf the Grey, whom you betrayed, I am Gandalf the White,
|
22
|
+
who has returned from death." -- Tolkien
|
23
|
+
|
24
|
+
* Authentication: Verify this visitor matches the claimed identity.
|
25
|
+
|
26
|
+
bq. "My name is Werner Brandis. My voice is my password. Verify me." -- Sneakers
|
27
|
+
|
28
|
+
* Authorization: Given a request (Actions+Resource+Environment), decide if it's safe.
|
29
|
+
|
30
|
+
bq. "Of every tree of the garden thou mayest freely eat: But of the tree of
|
31
|
+
the knowledge of good and evil, thou shalt not eat of it: for in the day that
|
32
|
+
thou eatest thereof thou shalt surely die." -- Gen 2:16-17
|
33
|
+
|
34
|
+
* Trust: Confidence this visitor will act reliably.
|
35
|
+
|
36
|
+
bq. "A copper! A copper! How d'ya like that, boys? And we went for it. _I_ went
|
37
|
+
for it. Treated him like a kid brother. And I was gonna split fifty-fifty with
|
38
|
+
a copper." -- James Cagney, White Heat
|
39
|
+
|
40
|
+
** Reputation from Trust Network: Award trust to this visitor based on what other trusted parties say.
|
41
|
+
|
42
|
+
bq. "He used my name? In the /street/? He called me a punk? My name was on
|
43
|
+
the street? When we bounce from this s-t here, Y'all gonna go down on them
|
44
|
+
corners, let the people know: word did not get back to me. Let 'em know Marlo
|
45
|
+
step to any m-f-: Omar, Barksdale, whoever. My name IS my NAME." -- Marlo
|
46
|
+
Stansfield, The Wire (paraphrased)
|
47
|
+
|
48
|
+
* Reputation from Past Actions:
|
49
|
+
|
50
|
+
bq. "The man you just killed was just released from prison. He could've f-in'
|
51
|
+
walked. All he had to do was say my dad's name, but he didn't; he kept his
|
52
|
+
f-ing mouth shut. And did his f-in' time, and he did it like a man. He did
|
53
|
+
four years for us. So, Mr. Orange, you're tellin' me this very good friend of
|
54
|
+
mine, who did four years for my father, who in four years never made a deal,
|
55
|
+
no matter what they dangled in front of him, you're telling me that now, that
|
56
|
+
now this man is free, and we're making good on our commitment to him, he's
|
57
|
+
just gonna decide, out of the f-ing blue, to rip us off?" -- Nice Guy Eddie,
|
58
|
+
Reservoir Dogs
|
59
|
+
|
60
|
+
* Access control
|
61
|
+
|
62
|
+
** Role
|
63
|
+
* http://en.wikipedia.org/wiki/Role-based_access_control
|
64
|
+
* "Role-Based Access Control FAQ":http://csrc.nist.gov/groups/SNS/rbac/faq.html
|
65
|
+
* "Role Based Access Control and Role Based Security":http://csrc.nist.gov/groups/SNS/rbac/ from the NIST Computer Security Division
|
66
|
+
|
67
|
+
|
68
|
+
* Auditing & Recovery
|
69
|
+
|
70
|
+
h2. Concept
|
71
|
+
|
72
|
+
@ The below is a mixture of half-baked, foolish and incomplete. Just sos you know. @
|
73
|
+
|
74
|
+
* Identity here will mean 'online presence' -- user account, basically.
|
75
|
+
* Person will mean the remote endpoint -- whether that's a person or robot or
|
76
|
+
company. (Security papers call this "Subject" but that's awful).
|
77
|
+
* It's easy to confuse 'person' and 'identity', so easy I probably have below.
|
78
|
+
|
79
|
+
Why do you need to authenticate? For authorization. So traditionally, we think
|
80
|
+
|
81
|
+
person <- (ath'n token) <- identity <- (policy) <- actions
|
82
|
+
|
83
|
+
That is, actions are attached to an identity by security policy, identity is
|
84
|
+
attached to a person by their authentication token.
|
85
|
+
|
86
|
+
The problem is that we cannot authenticate a /person/, only the token they
|
87
|
+
present: password, ATM card+PIN number, etc.
|
88
|
+
bq. "The Doors of Durin, Lord of Moria. Speak friend, and enter" -- Tolkien
|
89
|
+
|
90
|
+
Anyone who presents that card+PIN, Elvish catchphrase, or voice print will be
|
91
|
+
authenticated to act as the corresponding identity (account holder, friend of
|
92
|
+
the elves, nerdy scientist), and we have no control over those tokens.
|
93
|
+
|
94
|
+
person <- (ath'n token) <- identity <- (az'n policy) <- actions
|
95
|
+
^^^^ This step is wrong.
|
96
|
+
|
97
|
+
The solution is to not care, or rather to reframe our goals.
|
98
|
+
|
99
|
+
What we actually want is not to /control/ users' actions, but to /predict/ them.
|
100
|
+
When Mr. Blonde helps Mr. White rob a jewelry store it's a security failure for
|
101
|
+
the store but a success for the crime gang. When Mr. Orange (an undercover cop)
|
102
|
+
shoots Mr. Blonde it's a security failure for the crime gang and a success for
|
103
|
+
the police. We want to know how to use
|
104
|
+
|
105
|
+
( identity, past actions ) => (trust, future actions)
|
106
|
+
|
107
|
+
If you can predict someone is a vandal or troll, don't let them change pages, or
|
108
|
+
only let them post to Ye Flaming Pitte of Flamage.
|
109
|
+
|
110
|
+
We can to reasonable satisfaction authenticate a token: only grant that
|
111
|
+
identity to visitors who bear that token. So this part is fine:
|
112
|
+
|
113
|
+
person (token)<- identity
|
114
|
+
|
115
|
+
But we have no control over authentication token - identity correspondence.
|
116
|
+
This part is broken:
|
117
|
+
|
118
|
+
person x (token)<- identity
|
119
|
+
|
120
|
+
The only one who does have that control is the person behind that identity.
|
121
|
+
They can reasonably guarantee
|
122
|
+
|
123
|
+
person ->(token)<- identity
|
124
|
+
|
125
|
+
If that person is going to be in your community, they have an interest in their
|
126
|
+
identity: they want to be known as someone who isn't a punk, or doesn't troll,
|
127
|
+
or does troll and better than anyone, or won't rat you out to the cops. The
|
128
|
+
actions of a person are moderated by their interest in maintaining their
|
129
|
+
reputation:
|
130
|
+
|
131
|
+
past actions -> reputation ->person
|
132
|
+
|
133
|
+
So give up authorization in favor of auditing and recoverability, and authorize
|
134
|
+
based on reputation -- on the past behavior and vouchsafes offered by the
|
135
|
+
identity,
|
136
|
+
|
137
|
+
reputation -> trust -> permissions ->actions
|
138
|
+
|
139
|
+
They want to know that they have full control of their identity; among other
|
140
|
+
things, privacy and an understanding that nobody can act without permission on
|
141
|
+
their behalf. In fact, we can assure that only a token-holder can assume the
|
142
|
+
corresponding identity:
|
143
|
+
|
144
|
+
person ->(token)<->identity ->(trust) actions ->reputation ->person
|
145
|
+
|
146
|
+
poop
|
147
|
+
|
148
|
+
reputation ->trust
|
149
|
+
|
150
|
+
|
151
|
+
So we need to
|
152
|
+
* Understand and encourage how their security interests aligns with ours,
|
153
|
+
* Understand how it doesn't, and be robust in the face of that; and
|
154
|
+
* Recover gracefully if it goes wrong.
|
155
|
+
|
156
|
+
Instead of
|
157
|
+
|
158
|
+
authorization -> user -> token -> identity
|
159
|
+
|
160
|
+
we assign roles based on
|
161
|
+
|
162
|
+
authorization <- trust <- reputation <- identity <- token <- person
|
163
|
+
|
@@ -0,0 +1,126 @@
|
|
1
|
+
Guides to best practices:
|
2
|
+
* "The OWASP Guide to Building Secure Web Applications":http://www.owasp.org/index.php/Category:OWASP_Guide_Project
|
3
|
+
* "Secure Programming for Linux and Unix HOWTO":http://www.dwheeler.com/secure-programs/Secure-Programs-HOWTO/web-authentication.html
|
4
|
+
* [[http://www.coresecuritypatterns.com/patterns.htm]]
|
5
|
+
|
6
|
+
***************************************************************************
|
7
|
+
h2. Session resetting
|
8
|
+
|
9
|
+
Best practices recommend that you regenerate all session tokens (for us, the
|
10
|
+
browser session ID and the remember_token cookie) on any privilege change (for
|
11
|
+
us, logging in or logging out) -- see http://tinyurl.com/5vdvuq. This release
|
12
|
+
properly regenerates remember_token cookies, but does *not* by default
|
13
|
+
reset_session.
|
14
|
+
|
15
|
+
Calling reset_session can interact with Form Authentication tokens (a *much*
|
16
|
+
more important security feature). If a visitor logs in but has a form open in
|
17
|
+
another tab, or uses the back button to pull one up from their history (perhaps
|
18
|
+
the one that required them to log in), they will get the exceedingly unpleasant
|
19
|
+
Request Forgery error. Imagine spending twenty minutes crafting a devastating
|
20
|
+
critique of this week's Battlestar Galactica episode, finding you need to log in
|
21
|
+
before posting -- but then getting a Request Forgery when you re-attempt the
|
22
|
+
post. Frak! Thus, it's disabled by default.
|
23
|
+
|
24
|
+
On the other hand, this does moderately reduce your defense-in-depth against a
|
25
|
+
"Cross-Site Request Forgery":http://en.wikipedia.org/wiki/CSRF attack. To
|
26
|
+
enable session_resetting, look for any
|
27
|
+
# reset session
|
28
|
+
lines in the app/controllers/session_controller.rb and
|
29
|
+
app/controllers/users_controller.rb and uncomment them.
|
30
|
+
|
31
|
+
***************************************************************************
|
32
|
+
h2. Site Key
|
33
|
+
|
34
|
+
A Site key gives additional protection against a dictionary attack if your
|
35
|
+
DB is ever compromised. With no site key, we store
|
36
|
+
DB_password = hash(user_password, DB_user_salt)
|
37
|
+
If your database were to be compromised you'd be vulnerable to a dictionary
|
38
|
+
attack on all your stupid users' passwords. With a site key, we store
|
39
|
+
DB_password = hash(user_password, DB_user_salt, Code_site_key)
|
40
|
+
That means an attacker needs access to both your site's code *and* its
|
41
|
+
database to mount an "offline dictionary attack.":http://www.dwheeler.com/secure-programs/Secure-Programs-HOWTO/web-authentication.html
|
42
|
+
|
43
|
+
It's probably of minor importance, but recommended by best practices: 'defense
|
44
|
+
in depth'. Needless to say, if you upload this to github or the youtubes or
|
45
|
+
otherwise place it in public view you'll kinda defeat the point. Your users'
|
46
|
+
passwords are still secure, and the world won't end, but defense_in_depth -= 1.
|
47
|
+
|
48
|
+
Please note: if you change this, all the passwords will be invalidated, so DO
|
49
|
+
keep it someplace secure. Use the random value given or type in the lyrics to
|
50
|
+
your favorite Jay-Z song or something; any moderately long, unpredictable text.
|
51
|
+
|
52
|
+
***************************************************************************
|
53
|
+
h2. Password stretching
|
54
|
+
|
55
|
+
If someone were to capture your user accounts database, they could farm it out
|
56
|
+
for brute-force or dictionary-attack password cracking. "Password Stretching"
|
57
|
+
makes brute force (even with a compromised database and site key) attacks
|
58
|
+
harder, and scales with Moore's law. Basically, you apply the password
|
59
|
+
encryption process several times, meaning that each brute-force attempt takes
|
60
|
+
that much longer. Hash your password ten times, and a brute-force attack takes
|
61
|
+
ten times longer; hash 100,000 times and an attack takes 100,000 times longer.
|
62
|
+
|
63
|
+
bq. "To squeeze the most security out of a limited-entropy password or
|
64
|
+
passphrase, we can use two techniques [salting and stretching]... that are so
|
65
|
+
simple and obvious that they should be used in every password system. There
|
66
|
+
is really no excuse not to use them. ... Choose stretching factor so computing
|
67
|
+
K from (salt, passwd) takes 200-1000 ms. Store r with the user's password, and
|
68
|
+
increase it as computers get faster." -- http://tinyurl.com/37lb73
|
69
|
+
Practical Security (Ferguson & Scheier) p350
|
70
|
+
|
71
|
+
Now, adding even a 0.2s delay to page requests isn't justifiable for most online
|
72
|
+
applications, and storing r is unnecessary (at least on your first design
|
73
|
+
iteration). But
|
74
|
+
On a 1G Slicehost already under moderate load:
|
75
|
+
irb(main):005:0> puts Time.now; (10**6).times{ secure_digest(Time.now, rand) }; puts Time.now
|
76
|
+
Fri May 16 08:26:16 +0000 2008
|
77
|
+
Fri May 16 08:30:58 +0000 2008
|
78
|
+
=> 280s/1M ~= 0.000_3 ms / digest
|
79
|
+
A modest 10 (the default here) foldings makes brute forcing, even given the site
|
80
|
+
key and database, 10 times harder at a 3ms penalty. An app that otherwise
|
81
|
+
serves 100 reqs/s is reduced to 78 signin reqs/s; an app that does 10reqs/s is
|
82
|
+
reduced to 9.7 signin reqs/s
|
83
|
+
|
84
|
+
* http://www.owasp.org/index.php/Hashing_Java
|
85
|
+
* "An Illustrated Guide to Cryptographic Hashes":http://www.unixwiz.net/techtips/iguide-crypto-hashes.html
|
86
|
+
|
87
|
+
The default of 10 is a reasonable compromise, but the security-paranoid and
|
88
|
+
resource-rich may consider increasing REST_AUTH_DIGEST_STRETCHES to match the
|
89
|
+
one-second best-practices value, while those with existing userbases (whose
|
90
|
+
passwords would otherwise no longer work) should leave the value at one.
|
91
|
+
|
92
|
+
***************************************************************************
|
93
|
+
h2. Token regeneration
|
94
|
+
|
95
|
+
The session and the remember_token should both be expired and regenerated
|
96
|
+
every time we cross the logged out / logged in barrier by either password
|
97
|
+
or cookie. ("To reduce the risk from session hijacking":http://www.owasp.org/index.php/Session_Management#Regeneration_of_Session_Tokens
|
98
|
+
and brute force attacks, the HTTP server can seamlessly expire and
|
99
|
+
regenerate tokens. This decreases the window of opportunity for a replay or
|
100
|
+
brute force attack.) It does mean we set the cookie more often.
|
101
|
+
|
102
|
+
http://www.owasp.org/index.php/Session_Management#Regeneration_of_Session_Tokens
|
103
|
+
http://palisade.plynt.com/issues/2004Jul/safe-auth-practices/
|
104
|
+
|
105
|
+
|
106
|
+
***************************************************************************
|
107
|
+
h2. Field validation
|
108
|
+
|
109
|
+
We restrict login names to only contain the characters
|
110
|
+
<nowiki>A-Za-z0-9.-_@</nowiki> This allows (most) email addresses and is safe
|
111
|
+
for urls, database expressions (the at sign, technically reserved in a url, will
|
112
|
+
survive in most browsers). If you want to be more permissive:
|
113
|
+
* "URL-legal characters":http://www.blooberry.com/indexdot/html/topics/urlencoding.htm are <nowiki>-_.!~*'()</nowiki>
|
114
|
+
* "XML-legal characters":http://www.sklar.com/blog/archives/96-XML-vs.-Control-Characters.html are <nowiki>Char ::= #x9 | #xA | #xD | [#x20-#xD7FF] | [#xE000-#xFFFD] | [#x10000-#x10FFFF]</nowiki>
|
115
|
+
* "Email-address legal characters":http://tools.ietf.org/html/rfc2822#section-3.4.1 are <nowiki>0-9a-zA-Z!#\$%\&\'\*\+_/=\?^\-`\{|\}~\.</nowiki> but see "this discussion of what is sane"http://www.regular-expressions.info/email.html (as opposed to legal)
|
116
|
+
|
117
|
+
We restrict email addresses to match only those actually seen in the wild,
|
118
|
+
invalidating some that are technically allowed (characters such as % and ! that
|
119
|
+
date back to UUCP days. The line to allow all RFC-2822 emails is commented out,
|
120
|
+
so feel free to enable it, or remove this validation. See "this discussion of
|
121
|
+
what is sane"http://www.regular-expressions.info/email.html as opposed to what
|
122
|
+
is legal. Also understand that this is just a cursory bogus-input check --
|
123
|
+
there's no guarantee that this email matches an account or is even well-formed.
|
124
|
+
|
125
|
+
If you change these validations you should change the RSpec tests as well.
|
126
|
+
|
@@ -0,0 +1,49 @@
|
|
1
|
+
See also
|
2
|
+
* "Trustlet Wiki":http://www.trustlet.org/wiki
|
3
|
+
|
4
|
+
Potential Ingredients for a trust metric
|
5
|
+
|
6
|
+
h2. Reputation
|
7
|
+
|
8
|
+
* Web of trust
|
9
|
+
* Reputation systems
|
10
|
+
** Akismet, Viking, etc.
|
11
|
+
|
12
|
+
* prove_as_human Completing a
|
13
|
+
* validate_email
|
14
|
+
|
15
|
+
logged_in
|
16
|
+
akismet, etc.
|
17
|
+
session duration
|
18
|
+
|
19
|
+
h2. Accountability
|
20
|
+
|
21
|
+
Does the person tied to this identity stand to lose or gain anything based on this action?
|
22
|
+
|
23
|
+
|
24
|
+
h2. Past history
|
25
|
+
|
26
|
+
* past history
|
27
|
+
** we can revisit past trust decisions based on revised trust estimates
|
28
|
+
* recency of errors (reduce trust on an application exception)
|
29
|
+
|
30
|
+
h2. Commitment
|
31
|
+
|
32
|
+
* are_you_sure -- ask for con
|
33
|
+
* willingness to pay a "hate task" (compute big hash) a la Zed Shaw
|
34
|
+
* send_me_one_cent a micropayment
|
35
|
+
** shows commitment
|
36
|
+
** secondary validation from payment system
|
37
|
+
** offsets rist
|
38
|
+
|
39
|
+
h2. Identity Binding
|
40
|
+
|
41
|
+
* Stale sessions
|
42
|
+
bq. "If your application allows users to be logged in for long periods of time
|
43
|
+
ensure that controls are in place to revalidate a user’s authorization to a
|
44
|
+
resource. For example, if Bob has the role of “Top Secret” at 1:00, and at
|
45
|
+
2:00 while he is logged in his role is reduced to Secret he should not be able
|
46
|
+
to access “Top Secret” data any more." -- http://www.owasp.org/index.php/Guide_to_Authorization
|
47
|
+
|
48
|
+
* how I authenticated: for instance, 'logged in by cookie' << 'logged in by password'
|
49
|
+
|
@@ -0,0 +1,33 @@
|
|
1
|
+
# -*- encoding: utf-8 -*-
|
2
|
+
|
3
|
+
Gem::Specification.new do |s|
|
4
|
+
s.name = %q{restful-authentication}
|
5
|
+
s.version = "1.1.1"
|
6
|
+
|
7
|
+
s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
|
8
|
+
s.authors = ["RailsJedi", "Rick Olson"]
|
9
|
+
s.date = %q{2008-07-04}
|
10
|
+
s.description = %q{This widely-used plugin provides a foundation for securely managing user.}
|
11
|
+
s.email = %q{railsjedi@gmail.com}
|
12
|
+
s.extra_rdoc_files = ["README.textile"]
|
13
|
+
s.files = ["CHANGELOG", "README.textile", "Rakefile", "TODO", "generators/authenticated/authenticated_generator.rb", "generators/authenticated/lib/insert_routes.rb", "generators/authenticated/templates/_model_partial.html.erb", "generators/authenticated/templates/activation.erb", "generators/authenticated/templates/authenticated_system.rb", "generators/authenticated/templates/authenticated_test_helper.rb", "generators/authenticated/templates/controller.rb", "generators/authenticated/templates/helper.rb", "generators/authenticated/templates/login.html.erb", "generators/authenticated/templates/mailer.rb", "generators/authenticated/templates/migration.rb", "generators/authenticated/templates/model.rb", "generators/authenticated/templates/model_controller.rb", "generators/authenticated/templates/model_helper.rb", "generators/authenticated/templates/model_helper_spec.rb", "generators/authenticated/templates/observer.rb", "generators/authenticated/templates/signup.html.erb", "generators/authenticated/templates/signup_notification.erb", "generators/authenticated/templates/site_keys.rb", "generators/authenticated/templates/spec/controllers/access_control_spec.rb", "generators/authenticated/templates/spec/controllers/authenticated_system_spec.rb", "generators/authenticated/templates/spec/controllers/sessions_controller_spec.rb", "generators/authenticated/templates/spec/controllers/users_controller_spec.rb", "generators/authenticated/templates/spec/fixtures/users.yml", "generators/authenticated/templates/spec/helpers/users_helper_spec.rb", "generators/authenticated/templates/spec/models/user_spec.rb", "generators/authenticated/templates/stories/rest_auth_stories.rb", "generators/authenticated/templates/stories/rest_auth_stories_helper.rb", "generators/authenticated/templates/stories/steps/ra_navigation_steps.rb", "generators/authenticated/templates/stories/steps/ra_resource_steps.rb", "generators/authenticated/templates/stories/steps/ra_response_steps.rb", "generators/authenticated/templates/stories/steps/user_steps.rb", "generators/authenticated/templates/stories/users/accounts.story", "generators/authenticated/templates/stories/users/sessions.story", "generators/authenticated/templates/test/functional_test.rb", "generators/authenticated/templates/test/mailer_test.rb", "generators/authenticated/templates/test/model_functional_test.rb", "generators/authenticated/templates/test/unit_test.rb", "generators/authenticated/USAGE", "init.rb", "lib/authentication/by_cookie_token.rb", "lib/authentication/by_password.rb", "lib/authentication.rb", "lib/authorization/aasm_roles.rb", "lib/authorization/stateful_roles.rb", "lib/authorization.rb", "lib/trustification/email_validation.rb", "lib/trustification.rb", "rails/init.rb"]
|
14
|
+
s.has_rdoc = true
|
15
|
+
s.homepage = %q{http://github.com/technoweenie/restful-authentication}
|
16
|
+
s.rdoc_options = ["--main", "README.textile"]
|
17
|
+
s.require_paths = ["lib"]
|
18
|
+
s.rubygems_version = %q{1.3.0}
|
19
|
+
s.summary = %q{Generates code for user login and authentication}
|
20
|
+
|
21
|
+
if s.respond_to? :specification_version then
|
22
|
+
current_version = Gem::Specification::CURRENT_SPECIFICATION_VERSION
|
23
|
+
s.specification_version = 2
|
24
|
+
|
25
|
+
if Gem::Version.new(Gem::RubyGemsVersion) >= Gem::Version.new('1.2.0') then
|
26
|
+
s.add_runtime_dependency(%q<rails>, ["~> 2.1.0"])
|
27
|
+
else
|
28
|
+
s.add_dependency(%q<rails>, ["~> 2.1.0"])
|
29
|
+
end
|
30
|
+
else
|
31
|
+
s.add_dependency(%q<rails>, ["~> 2.1.0"])
|
32
|
+
end
|
33
|
+
end
|
@@ -0,0 +1,33 @@
|
|
1
|
+
require 'digest/sha1'
|
2
|
+
require 'erb'
|
3
|
+
|
4
|
+
def site_keys_file
|
5
|
+
File.join("config", "initializers", "site_keys.rb")
|
6
|
+
end
|
7
|
+
|
8
|
+
def secure_digest(*args)
|
9
|
+
Digest::SHA1.hexdigest(args.flatten.join('--'))
|
10
|
+
end
|
11
|
+
|
12
|
+
def make_token
|
13
|
+
secure_digest(Time.now, (1..10).map{ rand.to_s })
|
14
|
+
end
|
15
|
+
|
16
|
+
def make_site_keys_rb
|
17
|
+
site_key = secure_digest(Time.now, (1..10).map{ rand.to_s })
|
18
|
+
site_key_erb = <<-EOF
|
19
|
+
# key of 40 chars length
|
20
|
+
REST_AUTH_SITE_KEY = '#{site_key}'
|
21
|
+
REST_AUTH_DIGEST_STRETCHES = 10
|
22
|
+
EOF
|
23
|
+
end
|
24
|
+
|
25
|
+
namespace :auth do
|
26
|
+
namespace :gen do
|
27
|
+
desc "Generates config/initializers/site_keys.rb"
|
28
|
+
task :site_key do
|
29
|
+
file = ENV['file'] || site_keys_file
|
30
|
+
File.open(file, "w"){|f| f.write(make_site_keys_rb)}
|
31
|
+
end
|
32
|
+
end
|
33
|
+
end
|
@@ -0,0 +1,37 @@
|
|
1
|
+
eNom domain reseller API wrapper
|
2
|
+
================================
|
3
|
+
|
4
|
+
Based on documentation found in:
|
5
|
+
http://resellertest.enom.com/resellers/newdocumentation.asp
|
6
|
+
|
7
|
+
Example
|
8
|
+
-------
|
9
|
+
|
10
|
+
require 'ruby-enom'
|
11
|
+
|
12
|
+
# Configure RubyEnom with your company's specifics
|
13
|
+
RubyEnom::COMMANDS_DEFAULT_OPTIONS.merge!({
|
14
|
+
:purchase => {
|
15
|
+
:NS1 => 'ns1.example.com',
|
16
|
+
:NS2 => 'ns2.example.com',
|
17
|
+
:NumYears => 2,
|
18
|
+
:RegistrantOrganizationName => 'Example Corp.',
|
19
|
+
:RegistrantAddress1 => 'Your address',
|
20
|
+
:RegistrantCity => 'City name',
|
21
|
+
:RegistrantPostalCode => 93000,
|
22
|
+
:RegistrantCountry => 'US',
|
23
|
+
:RegistrantEmailAddress => 'youremail@example.com',
|
24
|
+
:RegistrantPhone => '555',
|
25
|
+
:RegistrantFax => '555'
|
26
|
+
}
|
27
|
+
})
|
28
|
+
|
29
|
+
enom = RubyEnom::Connection.new('username', 'password', 'http://resellertest.enom.com/interface.asp')
|
30
|
+
if enom.domain_available?("example.com")
|
31
|
+
resp = enom.purchase(:sld => "example", :tld => "com")
|
32
|
+
if resp.has_errors?
|
33
|
+
puts "Errors while trying to purchase domain 'example.com': #{resp.errors.join(', ')}"
|
34
|
+
end
|
35
|
+
end
|
36
|
+
|
37
|
+
Check the source and eNom's documentation on commands. This wrapper is easily extensible.
|
@@ -0,0 +1,198 @@
|
|
1
|
+
# Copyright (c) 2008-2009, ActiveRain Corp.
|
2
|
+
# All rights reserved.
|
3
|
+
#
|
4
|
+
# Redistribution and use in source and binary forms, with or without
|
5
|
+
# modification, are permitted provided that the following conditions are met:
|
6
|
+
# * Redistributions of source code must retain the above copyright
|
7
|
+
# notice, this list of conditions and the following disclaimer.
|
8
|
+
# * Redistributions in binary form must reproduce the above copyright
|
9
|
+
# notice, this list of conditions and the following disclaimer in the
|
10
|
+
# documentation and/or other materials provided with the distribution.
|
11
|
+
# * Neither the name of ActiveRain Corp. nor the names of its contributors
|
12
|
+
# may be used to endorse or promote products derived from this software
|
13
|
+
# without specific prior written permission.
|
14
|
+
#
|
15
|
+
# THIS SOFTWARE IS PROVIDED BY ActiveRain Corp. "AS IS" AND ANY
|
16
|
+
# EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
|
17
|
+
# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
|
18
|
+
# DISCLAIMED. IN NO EVENT SHALL ActiveRain Corp. OR CONTRIBUTORS BE LIABLE FOR
|
19
|
+
# ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
|
20
|
+
# (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
21
|
+
# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
|
22
|
+
# ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
23
|
+
# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
|
24
|
+
# SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
25
|
+
|
26
|
+
require 'open-uri'
|
27
|
+
require 'cgi'
|
28
|
+
require 'logger'
|
29
|
+
|
30
|
+
module RubyEnom
|
31
|
+
ALLOWED_TLDS = %w(com net org)
|
32
|
+
COMMANDS_DEFAULT_OPTIONS = {
|
33
|
+
:check => {},
|
34
|
+
:purchase => {}
|
35
|
+
}
|
36
|
+
|
37
|
+
def self.allow_any_tld
|
38
|
+
@@allow_any_tld
|
39
|
+
end
|
40
|
+
|
41
|
+
def self.allow_any_tld=(value)
|
42
|
+
@@allow_any_tld = value
|
43
|
+
end
|
44
|
+
self.allow_any_tld = false
|
45
|
+
|
46
|
+
def self.default_logger
|
47
|
+
@@default_logger
|
48
|
+
end
|
49
|
+
|
50
|
+
def self.default_logger=(value)
|
51
|
+
@@default_logger = value
|
52
|
+
end
|
53
|
+
self.default_logger = Logger.new(STDOUT)
|
54
|
+
|
55
|
+
class Error < RuntimeError; end
|
56
|
+
class DomainError < Error; end
|
57
|
+
class CommandError < Error; end
|
58
|
+
class ConfigurationError < Error; end
|
59
|
+
|
60
|
+
module Util
|
61
|
+
def self.get_sld_and_tld_from_domain(domain, recognized_tlds = ALLOWED_TLDS)
|
62
|
+
tld = recognized_tlds.detect do |t|
|
63
|
+
domain =~ /\.#{t.tr('.', '\.')}$/
|
64
|
+
end
|
65
|
+
|
66
|
+
if tld
|
67
|
+
sld = /([^.]+)\.#{tld.tr('.', '\.')}$/.match(domain)[1]
|
68
|
+
else
|
69
|
+
raise DomainError, "Specified domain (#{domain}) is not on the list of recognized TLDs: #{recognized_tlds.join(", ")}."
|
70
|
+
end
|
71
|
+
|
72
|
+
[sld, tld]
|
73
|
+
end
|
74
|
+
end
|
75
|
+
|
76
|
+
class Connection
|
77
|
+
attr_reader :username, :password, :url
|
78
|
+
|
79
|
+
def initialize(username, password, url)
|
80
|
+
@username = username
|
81
|
+
@password = password
|
82
|
+
@url = url
|
83
|
+
end
|
84
|
+
|
85
|
+
# Define a public method for each command as a nice
|
86
|
+
# wrapper for the +execute+ private method.
|
87
|
+
#
|
88
|
+
# It returns a Response object which is a simple Hash
|
89
|
+
# with the adition of some handy methods.
|
90
|
+
COMMANDS_DEFAULT_OPTIONS.each_key do |c|
|
91
|
+
define_method(c) do |options|
|
92
|
+
execute(c, options)
|
93
|
+
end
|
94
|
+
end
|
95
|
+
|
96
|
+
def domain_available?(domain)
|
97
|
+
sld, tld = get_sld_and_tld_from_domain(domain)
|
98
|
+
resp = check(:sld => sld, :tld => tld)
|
99
|
+
if resp.has_errors?
|
100
|
+
raise CommandError, "The command returned errors: #{resp.errors.join(". ")}"
|
101
|
+
end
|
102
|
+
resp.is_available?
|
103
|
+
end
|
104
|
+
|
105
|
+
private
|
106
|
+
|
107
|
+
def execute(cmd, options = {})
|
108
|
+
logger.info "About to execute eNom command '#{cmd}' with options '#{options.inspect}'"
|
109
|
+
opts = full_options(cmd, options)
|
110
|
+
validate_options(options)
|
111
|
+
open(make_url(opts)) do |stream|
|
112
|
+
resp = stream.read
|
113
|
+
logger.debug "Response from eNom: #{resp.inspect}"
|
114
|
+
response_class_for(cmd)[Hash.from_xml(resp)["interface_response"]]
|
115
|
+
end
|
116
|
+
end
|
117
|
+
|
118
|
+
def validate_options(options)
|
119
|
+
if tld = options[:tld]
|
120
|
+
unless is_a_valid_tld?(tld)
|
121
|
+
raise DomainError, "Specified TLD (#{tld}) is not on the list of suported TLDs: #{ALLOWED_TLDS.join(", ")}."
|
122
|
+
end
|
123
|
+
end
|
124
|
+
end
|
125
|
+
|
126
|
+
def full_options(cmd, options)
|
127
|
+
default_command_options(cmd).merge(options)
|
128
|
+
end
|
129
|
+
|
130
|
+
def make_url(options = {})
|
131
|
+
return @url if options.empty?
|
132
|
+
parameters = options.map {|k, v| CGI.escape(k.to_s) + "=" + CGI.escape(v.to_s)}.join('&')
|
133
|
+
@url + "?" + parameters
|
134
|
+
end
|
135
|
+
|
136
|
+
def command_options(cmd)
|
137
|
+
{:command => cmd}.merge(COMMANDS_DEFAULT_OPTIONS[cmd])
|
138
|
+
end
|
139
|
+
|
140
|
+
def required_options
|
141
|
+
{:uid => username, :pw => password, :responsetype => "xml"}
|
142
|
+
end
|
143
|
+
|
144
|
+
def default_command_options(cmd)
|
145
|
+
required_options.merge(command_options(cmd))
|
146
|
+
end
|
147
|
+
|
148
|
+
def response_class_for(cmd)
|
149
|
+
COMMANDS_RESPONSE_CLASSES[cmd] || Response
|
150
|
+
end
|
151
|
+
|
152
|
+
def get_sld_and_tld_from_domain(domain)
|
153
|
+
if allow_any_tld?
|
154
|
+
raise ConfigurationError, "You need to enable TLD validation (RubyEnom.allow_any_tld = false) to be able to use fuzzy domains"
|
155
|
+
end
|
156
|
+
RubyEnom::Util.get_sld_and_tld_from_domain(domain, ALLOWED_TLDS)
|
157
|
+
end
|
158
|
+
|
159
|
+
def is_a_valid_tld?(tld)
|
160
|
+
allow_any_tld? || ALLOWED_TLDS.include?(tld)
|
161
|
+
end
|
162
|
+
|
163
|
+
def allow_any_tld?
|
164
|
+
RubyEnom.allow_any_tld
|
165
|
+
end
|
166
|
+
|
167
|
+
def logger
|
168
|
+
RubyEnom.default_logger
|
169
|
+
end
|
170
|
+
end
|
171
|
+
|
172
|
+
# Response objects are simple hashes with the adition of some handy methods
|
173
|
+
class Response < Hash
|
174
|
+
|
175
|
+
# Return an array with the error messages
|
176
|
+
def errors
|
177
|
+
err_count = self["ErrCount"].to_i
|
178
|
+
(1..err_count).map {|err| self["errors"]["Err#{err}"]}
|
179
|
+
end
|
180
|
+
|
181
|
+
def has_errors?
|
182
|
+
!errors.empty?
|
183
|
+
end
|
184
|
+
end
|
185
|
+
|
186
|
+
# Response adding special methods for check command
|
187
|
+
class CheckResponse < Response
|
188
|
+
DOMAIN_AVAILABLE_CODE = 210
|
189
|
+
|
190
|
+
def is_available?
|
191
|
+
self["RRPCode"].to_i == DOMAIN_AVAILABLE_CODE
|
192
|
+
end
|
193
|
+
end
|
194
|
+
|
195
|
+
COMMANDS_RESPONSE_CLASSES = {
|
196
|
+
:check => CheckResponse
|
197
|
+
}
|
198
|
+
end
|