snapuser 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: b38f377cee7d956fe990c3e698a13f18c165a1f7
+  data.tar.gz: 823c7af07d505b94daa27189ebf28f026bff394e
+SHA512:
+  metadata.gz: 46fa4257ef80d04818989d8cf4921eb8a25a3ae406d3b29552b2e59149ea550b179c91dc4c9eead8d52740773c26d55c80ce872842f250524ec16803a3535ea2
+  data.tar.gz: 8c8b95b9c5c481a066d46ce98a4d16c0a0bc6572411562f62e20c8d02a1c32ebae421e70ba265e64dbd9faf2c38ecbbf8fa42d2f820528a4945dbe0c6adc3166

data/MIT-LICENSE

@@ -0,0 +1,20 @@
+Copyright 2015 khcr
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/Rakefile

@@ -0,0 +1,37 @@
+begin
+  require 'bundler/setup'
+rescue LoadError
+  puts 'You must `gem install bundler` and `bundle install` to run rake tasks'
+end
+
+require 'rdoc/task'
+
+RDoc::Task.new(:rdoc) do |rdoc|
+  rdoc.rdoc_dir = 'rdoc'
+  rdoc.title    = 'Snapuser'
+  rdoc.options << '--line-numbers'
+  rdoc.rdoc_files.include('README.rdoc')
+  rdoc.rdoc_files.include('lib/**/*.rb')
+end
+
+APP_RAKEFILE = File.expand_path("../test/dummy/Rakefile", __FILE__)
+load 'rails/tasks/engine.rake'
+
+
+load 'rails/tasks/statistics.rake'
+
+
+
+Bundler::GemHelper.install_tasks
+
+require 'rake/testtask'
+
+Rake::TestTask.new(:test) do |t|
+  t.libs << 'lib'
+  t.libs << 'test'
+  t.pattern = 'test/**/*_test.rb'
+  t.verbose = false
+end
+
+
+task default: :test

data/app/controllers/admin/users_controller.rb

@@ -0,0 +1,46 @@
+class Admin::UsersController < ApplicationController
+	before_action { |c| c.authorize_level(1) }
+	layout 'admin'
+
+	def index
+		@table = Table.new(self, User)
+		@table.respond
+	end
+
+	def new
+		@user = User.new
+	end
+
+	def create
+		@user = User.new(user_params)
+		if @user.save
+			redirect_to admin_users_path, success: t('user.admin.new.success')
+		else
+			render 'new'
+		end
+	end
+
+	def edit
+		@user = User.find(params[:id])
+	end
+
+	def update
+		@user = User.find(params[:id])
+		if @user.update_attributes(user_params)
+			redirect_to admin_users_path, success: t('user.admin.edit.success')
+		else
+			render 'edit'
+		end
+	end
+
+	def destroy
+		User.find(params[:id]).destroy
+		redirect_to admin_activities_path, success: t('user.admin.destroy.success')
+	end
+
+	private
+
+	def user_params
+		params.require(:user).permit(:name, :level, :password, :password_confirmation)
+	end
+end

data/app/controllers/sessions_controller.rb

@@ -0,0 +1,29 @@
+class SessionsController < ApplicationController
+	before_action :connected?, except: :destroy
+
+	def new
+	end
+
+	def create
+		@user = User.where("lower(name) = ?", params[:session][:name].strip.downcase).first
+		if @user && @user.authenticate(params[:session][:password])
+			params[:session][:remember_me] == '1' ? sign_in_permanent(@user) : sign_in(@user)
+			redirect_back_or profile_path, success: t('session.new.success')
+		else
+			flash.now[:error] = t('session.new.error')
+			render 'new'
+		end
+	end
+
+	def destroy
+		sign_out
+		redirect_to root_path, success: t('session.destroy.success')
+	end
+
+	private
+
+	def connected?
+		redirect_to profile_path unless current_user.nil?
+	end
+
+end

data/app/controllers/users_controller.rb

@@ -0,0 +1,28 @@
+class UsersController < ApplicationController
+  before_action except: [:profile] { |c| c.authorize_level(2) }
+  before_action only: [:profile] { |c| c.authorize_level(4) }
+  layout 'admin'
+
+  def profile
+  end
+
+  def edit
+    @user = current_user
+  end
+
+  def update
+    @user = current_user
+    if @user.update_attributes(user_params)
+      sign_in @user
+      redirect_to profile_path, success: t('user.edit.success')
+    else
+      render 'new'
+    end
+  end
+
+  private
+
+  def user_params
+    params.require(:user).permit(:name, :password, :password_confirmation)
+  end
+end

data/app/helpers/sessions_helper.rb

@@ -0,0 +1,84 @@
+module SessionsHelper
+
+	# Sign in a user with a cookie (remove on browser close)
+	# 
+	# * *Args*		:
+	# 	- a user to sign in
+	# * *Returns*	:
+	#
+	def sign_in(user)
+		cookies[:remember_token] = user.remember_token
+		self.current_user = user
+	end
+
+	# Sign in a user with a cookie (remove after 2 months)
+	# 
+	# * *Args*		:
+	# 	- a user to sign in
+	# * *Returns*	:
+	#
+	def sign_in_permanent(user)
+		cookies[:remember_token] = { value: user.remember_token, expires: Time.now + 2592000 }
+		self.current_user = user
+	end
+
+	def current_user=(user)
+		@current_user = user
+	end
+
+	# Provid the user currently signed in.
+	# 
+	# * *Returns*	:
+	# 	- the user currently signed in
+	def current_user
+		@current_user ||= User.find_by_remember_token(cookies[:remember_token])
+	end
+
+
+	# Check if there is a user signed in.
+	# 
+	# * *Returns*	:
+	# 	- true or false
+	def signed_in?
+		!current_user.nil?
+	end
+
+	# Sign out a user by removing the cookie.
+	def sign_out
+		self.current_user = nil
+		cookies.delete(:remember_token)
+	end
+
+	# Store the current url in session's variable
+  # 
+  # * *Args*    :
+  # 
+  # * *Returns* :
+  #
+  def store_location
+    cookies[:return_to] = { value: request.fullpath, expires: 1.minute.from_now }
+  end
+
+  # Redirect the user to the stored url or the default one provided
+  # 
+  # * *Args*    :
+  #   - default path to redirect to
+  # * *Returns* :
+  #
+  def redirect_back_or(default, message = nil)
+    redirect_to(cookies[:return_to] || default, message)
+    session.delete(:return_to)
+  end
+
+  def authorize_level?(level = 3)
+    current_user && current_user.level <= level
+  end
+
+  def authorize_level(level = 3)
+    unless authorize_level?(level)
+      store_location
+      redirect_to login_path, error: "Pas autorisé"
+    end
+  end
+
+end

data/app/models/user.rb

@@ -0,0 +1,20 @@
+class User < ActiveRecord::Base
+
+  has_secure_password({ validations: false })
+
+  before_save :create_remember_token
+
+  validates :name, presence: true, length: { maximum: 15 }, uniqueness: { case_sensitive: false }
+  validates :password, presence: true, length: { minimum: 5 }, confirmation: true, :unless => lambda { |v| v.validate_password? }
+  validates :level, presence: true
+
+  def validate_password?
+    password.blank? && password_confirmation.blank? && !self.new_record?
+  end
+
+  private
+
+  def create_remember_token
+    self.remember_token = SecureRandom.urlsafe_base64
+  end
+end

data/app/views/admin/users/_form.html.erb

@@ -0,0 +1,31 @@
+<%= form_for [:admin, @user] do |f| %>
+
+	<%= render 'error_messages', object: f.object %>
+	<ul class="form col2">
+		<li>
+			<%= f.label :name %>
+			<%= f.text_field :name %>
+		</li>
+		<li>
+			<%= f.label :password %>
+			<%= f.password_field :password %>
+		</li>
+	</ul>
+	<ul class="form col2">
+		<li>
+			<%= f.label :password_confirmation %>
+			<%= f.password_field :password_confirmation %>
+		</li>
+		<li>
+			<%= f.label :level %>
+			<%= f.select :level, {"superadmin" => "1", "admin" => "2", "leader" => "3", "uploader" => "4", "member" => "5"} %>
+		</li>
+	</ul>
+	<div id="clear"></div>
+
+	<ul class="center">
+		<li>
+			<%= f.submit %>
+		</li>
+	</ul>
+<% end %>

data/app/views/admin/users/edit.html.erb

@@ -0,0 +1,3 @@
+<h1><%= t('user.admin.edit.title') %></h1>
+
+<%= render 'form' %>

data/app/views/admin/users/index.html.erb

@@ -0,0 +1,5 @@
+<h1><%= t('user.admin.index') %></h1>
+
+<div id="admin_table">
+	<%= @table.present %>
+</div>

data/app/views/admin/users/new.html.erb

@@ -0,0 +1,3 @@
+<h1><%= t('user.admin.new.title') %></h1>
+
+<%= render 'form' %>

data/app/views/sessions/new.html.erb

@@ -0,0 +1,16 @@
+<% content_for :id, "login" %>
+
+<%= form_for :session, url: sessions_path do |f| %>
+
+	<%= f.label :name %>
+	<%= f.text_field :name %>
+
+	<%= f.label :password %>
+	<%= f.password_field :password %>
+	<div class="rem">
+		<%= f.label :remember_me %>
+		<%= f.check_box :remember_me %>
+	</div>
+	<%= f.submit %>
+
+<% end %>

data/app/views/users/_form.html.erb

@@ -0,0 +1,25 @@
+<%= form_for @user, url: user_update_path do |f| %>
+
+	<%= render 'error_messages', object: f.object %>
+	<ul class="form">
+		<li>
+			<%= f.label :name %>
+			<%= f.text_field :name %>
+		</li>
+		<li>
+			<%= f.label :password %>
+			<%= f.password_field :password %>
+		</li>
+		<li>
+			<%= f.label :password_confirmation %>
+			<%= f.password_field :password_confirmation %>
+		</li>
+	<ul>
+	<div id="clear"></div>
+
+	<ul class="center">
+		<li>
+			<%= f.submit %>
+		</li>
+	</ul>
+<% end %>

data/app/views/users/edit.html.erb

@@ -0,0 +1,3 @@
+<h1><%= t('user.edit.title') %></h1>
+
+<%= render 'form' %>

data/app/views/users/profile.html.erb

@@ -0,0 +1,20 @@
+<% content_for :id, "profil" %>
+
+<h1><%= t('user.index') %></h1>
+
+<%= link_to t('user.edit.title'), user_edit_path if authorize_level?(2) %>
+
+<div class="links">
+	<%= link_to_active "Home", root_path %>
+	<%= link_to_active t('user.index'), profile_path %>
+	<%= link_to_active t('layout.header.messages'), messages_path %>
+	<%= link_to_active t('layout.header.admin.files'), admin_files_path if authorize_level?(3) %>
+	<%= link_to_active t('layout.header.admin.pages'), admin_pages_path if authorize_level?(2) %>
+	<%= link_to_active t('layout.header.admin.events'), admin_events_path if authorize_level?(2) %>
+	<%= link_to_active t('layout.header.admin.activities'), admin_activities_path if authorize_level?(2) %>
+	<%= link_to_active t('layout.header.admin.galleries'), admin_galleries_path if authorize_level?(2) %>
+	<%= link_to_active t('layout.header.admin.messages'), admin_messages_path if authorize_level?(4) %>
+	<%= link_to_active t('layout.header.admin.newsletter_emails'), admin_newsletter_emails_path if authorize_level?(2) %>
+	<%= link_to_active t('layout.header.admin.downloads'), admin_downloads_path if authorize_level?(2) %>
+	<%= link_to_active t('layout.header.admin.users'), admin_users_path if authorize_level?(1) %>
+</div>

data/config/routes.rb

@@ -0,0 +1,17 @@
+Rails.application.routes.draw do
+
+  get 'profile', to: "users#profile"
+
+  patch 'user/update', to: "users#update"
+  get 'user/edit', to: "users#edit"
+  
+  get 'login', to: "sessions#new"
+  delete 'signout', to: 'sessions#destroy'
+  resources :sessions, only: [:create]
+
+  namespace :admin do
+
+    resources :users, except: [:show]
+
+  end
+end

data/db/migrate/20150415193853_create_users.rb

@@ -0,0 +1,13 @@
+class CreateUsers < ActiveRecord::Migration
+  def change
+    create_table :users do |t|
+
+      t.string :name
+      t.string :remember_token, index: true
+      t.string :password_digest
+      t.integer :level
+
+      t.timestamps null: false
+    end
+  end
+end

data/lib/snapuser/engine.rb

@@ -0,0 +1,13 @@
+module Snapuser
+  class Engine < ::Rails::Engine
+
+    initializer "Snapuser.append_migrations" do |app|
+      unless app.root.to_s.match root.to_s
+        config.paths["db/migrate"].expanded.each do |expanded_path|
+          app.config.paths["db/migrate"] << expanded_path
+        end
+      end
+    end
+
+  end
+end

data/lib/snapuser/version.rb

@@ -0,0 +1,3 @@
+module Snapuser
+  VERSION = "0.1.0"
+end

data/lib/snapuser.rb

@@ -0,0 +1,4 @@
+require "snapuser/engine"
+
+module Snapuser
+end

data/lib/tasks/snapuser_tasks.rake

@@ -0,0 +1,4 @@
+# desc "Explaining what the task does"
+# task :snapuser do
+#   # Task goes here
+# end

metadata

@@ -0,0 +1,107 @@
+--- !ruby/object:Gem::Specification
+name: snapuser
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- khcr
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2015-04-15 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 4.2.1
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 4.2.1
+- !ruby/object:Gem::Dependency
+  name: bcrypt-ruby
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 3.1.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 3.1.0
+- !ruby/object:Gem::Dependency
+  name: sqlite3
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: A rails engine to add a simple authentification and permission system.
+email:
+- kocher.ke@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- MIT-LICENSE
+- Rakefile
+- app/controllers/admin/users_controller.rb
+- app/controllers/sessions_controller.rb
+- app/controllers/users_controller.rb
+- app/helpers/sessions_helper.rb
+- app/models/user.rb
+- app/views/admin/users/_form.html.erb
+- app/views/admin/users/edit.html.erb
+- app/views/admin/users/index.html.erb
+- app/views/admin/users/new.html.erb
+- app/views/sessions/new.html.erb
+- app/views/users/_form.html.erb
+- app/views/users/edit.html.erb
+- app/views/users/profile.html.erb
+- config/routes.rb
+- db/migrate/20150415193853_create_users.rb
+- lib/snapuser.rb
+- lib/snapuser/engine.rb
+- lib/snapuser/version.rb
+- lib/tasks/snapuser_tasks.rake
+homepage: https://github.com/khcr/snapuser
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.4.6
+signing_key: 
+specification_version: 4
+summary: A rails engine to add a simple authentification and permission system.
+test_files: []