social_stream-oauth2_server 2.0.3 → 2.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/app/assets/stylesheets/social_stream-oauth2_server.css.sass +1 -1
- data/app/assets/stylesheets/social_stream/oauth2_server/applications/_applications-oauth2server.css.sass +1 -1
- data/app/assets/stylesheets/social_stream/oauth2_server/applications/layout/_applications-oauth2server.css.sass +4 -0
- data/app/assets/stylesheets/social_stream/oauth2_server/create/_create-oauth2server.css.sass +3 -7
- data/app/assets/stylesheets/social_stream/oauth2_server/mixins/_mixin.css.sass +10 -0
- data/app/assets/stylesheets/social_stream/oauth2_server/show/layout/_show-oauth2server.css.sass +15 -6
- data/app/controllers/site/clients_controller.rb +14 -11
- data/app/models/relation/manager.rb +19 -0
- data/app/models/site/client.rb +10 -6
- data/app/views/site/clients/_avatar.html.erb +15 -0
- data/app/views/site/clients/_edit.html.erb +6 -0
- data/app/views/site/clients/_edit_step_2.html.erb +11 -0
- data/app/views/site/clients/_edit_step_3.html.erb +10 -0
- data/app/views/site/clients/_list.html.erb +20 -17
- data/app/views/site/clients/edit.html.erb +5 -6
- data/app/views/site/clients/index.html.erb +1 -1
- data/app/views/site/clients/new.html.erb +4 -2
- data/app/views/site/clients/show.html.erb +49 -42
- data/config/locales/en.yml +21 -3
- data/config/locales/es.yml +26 -11
- data/config/locales/zh.yml +25 -0
- data/db/migrate/20130619134332_site_client_admin_to_manager.rb +24 -0
- data/lib/social_stream-oauth2_server.rb +1 -19
- data/lib/social_stream/oauth2_server.rb +33 -5
- data/lib/social_stream/oauth2_server/ability.rb +23 -0
- data/lib/social_stream/oauth2_server/engine.rb +6 -0
- data/lib/social_stream/oauth2_server/models/actor.rb +2 -2
- data/lib/social_stream/oauth2_server/version.rb +1 -1
- data/social_stream-oauth2_server.gemspec +1 -1
- data/spec/controllers/site_clients_controller_authorization_spec.rb +112 -0
- data/spec/factories/site_client.rb +2 -2
- data/spec/models/site/client_authorization_spec.rb +20 -0
- metadata +14 -8
- data/app/assets/stylesheets/social_stream/oauth2_server/mixins/_mixins.css.sass +0 -5
- data/app/models/relation/admin.rb +0 -9
- data/app/views/site/clients/_form_step1.html.erb +0 -7
- data/app/views/site/clients/_form_step2.html.erb +0 -20
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 1a60e2888e5625188bfc0189ef45f33a371219f7
|
|
4
|
+
data.tar.gz: 618771f1116c05f0658c38f082f101801b31ad9b
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 02c4fcb5e161d6dd4cd900b8819b58b5de16870d9d11197dfe6c74267699f6526e479fb8c2b79f229506caac19a6fc21c8e52c267dea23b491aa17cf6bce453a
|
|
7
|
+
data.tar.gz: 3f6933a27f7fdaccb410f999e70b0a69d5e23c6cb3fe37e6f989834a5321d1cbc4e1acbab88a4f8e519ba68800a859458506eaa3757c3ff36bcb5ed99f864cc1
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
@import "social_stream/oauth2_server/mixins/
|
|
1
|
+
@import "social_stream/oauth2_server/mixins/mixin"
|
|
2
2
|
|
|
3
3
|
@import "social_stream/oauth2_server/applications/applications-oauth2server"
|
|
4
4
|
@import "social_stream/oauth2_server/applications/layout/applications-oauth2server"
|
|
@@ -0,0 +1,10 @@
|
|
|
1
|
+
// menu horizontal
|
|
2
|
+
// ----------------------------------
|
|
3
|
+
|
|
4
|
+
@mixin principal-box
|
|
5
|
+
@include border-radius(5px)
|
|
6
|
+
@include box-shadow (1px 1px 15px 0px rgba(50, 50, 50, 0.1))
|
|
7
|
+
border: 1px solid
|
|
8
|
+
border-color: rgba(0,0,0, 0.1)
|
|
9
|
+
background-color: $auxiliarColor
|
|
10
|
+
border-color: rgba(0,0,0, 0.1)
|
data/app/assets/stylesheets/social_stream/oauth2_server/show/layout/_show-oauth2server.css.sass
CHANGED
|
@@ -34,8 +34,8 @@
|
|
|
34
34
|
margin-left: 2.85%
|
|
35
35
|
.site_client
|
|
36
36
|
width: 95%
|
|
37
|
-
padding
|
|
38
|
-
|
|
37
|
+
padding: 0 2.5%
|
|
38
|
+
margin-bottom: 30px
|
|
39
39
|
display: inline-block
|
|
40
40
|
h1
|
|
41
41
|
@include clearfix
|
|
@@ -56,6 +56,9 @@
|
|
|
56
56
|
margin-top: -50px
|
|
57
57
|
h4
|
|
58
58
|
margin-bottom: 0px
|
|
59
|
+
font-size: 18px
|
|
60
|
+
color: $principalColor
|
|
61
|
+
font-family: $serifFontFamily
|
|
59
62
|
.name,
|
|
60
63
|
.url,
|
|
61
64
|
.users
|
|
@@ -69,21 +72,27 @@
|
|
|
69
72
|
margin-left: 20px
|
|
70
73
|
padding-top: 5px
|
|
71
74
|
border-top: 1px solid #C1C1C1
|
|
75
|
+
color: #929292
|
|
76
|
+
font-size: 17px
|
|
72
77
|
.btn-group
|
|
73
78
|
@include btn-primary
|
|
74
79
|
@include border-radius(5px)
|
|
75
80
|
@include btn-add
|
|
81
|
+
float: right
|
|
76
82
|
.dropdown-menu
|
|
77
83
|
width: 300px
|
|
78
84
|
margin-left: -196px
|
|
85
|
+
padding: 10px 14px
|
|
86
|
+
color: $gray
|
|
79
87
|
li
|
|
80
|
-
word-break: break-all
|
|
81
|
-
overflow-y: hidden
|
|
82
|
-
overflow-x: scroll
|
|
83
88
|
h6
|
|
84
89
|
border-bottom: 1px solid #CCC
|
|
85
90
|
a
|
|
86
|
-
color: principalColor
|
|
91
|
+
color: $principalColor !important
|
|
92
|
+
li.client-secret
|
|
93
|
+
p
|
|
94
|
+
word-break: break-all
|
|
95
|
+
overflow-x: scroll
|
|
87
96
|
|
|
88
97
|
|
|
89
98
|
|
|
@@ -1,18 +1,12 @@
|
|
|
1
1
|
class Site::ClientsController < ApplicationController
|
|
2
2
|
before_filter :authenticate_user!
|
|
3
3
|
|
|
4
|
-
before_filter :set_author_ids, only: [ :create, :update ]
|
|
4
|
+
before_filter :set_author_ids, only: [ :new, :create, :update ]
|
|
5
5
|
|
|
6
|
-
|
|
7
|
-
@developer_clients = current_subject.developer_site_clients
|
|
8
|
-
end
|
|
9
|
-
|
|
10
|
-
def show
|
|
11
|
-
@client = Site::Client.find params[:id]
|
|
12
|
-
end
|
|
6
|
+
load_and_authorize_resource
|
|
13
7
|
|
|
14
|
-
def
|
|
15
|
-
@
|
|
8
|
+
def index
|
|
9
|
+
@clients = current_subject.managed_site_clients
|
|
16
10
|
end
|
|
17
11
|
|
|
18
12
|
def create
|
|
@@ -20,7 +14,9 @@ class Site::ClientsController < ApplicationController
|
|
|
20
14
|
|
|
21
15
|
if @client.save
|
|
22
16
|
respond_to do |format|
|
|
23
|
-
format.html {
|
|
17
|
+
format.html {
|
|
18
|
+
redirect_to edit_site_client_path(@client, step: 2)
|
|
19
|
+
}
|
|
24
20
|
end
|
|
25
21
|
else
|
|
26
22
|
respond_to do |format|
|
|
@@ -47,9 +43,16 @@ class Site::ClientsController < ApplicationController
|
|
|
47
43
|
end
|
|
48
44
|
end
|
|
49
45
|
|
|
46
|
+
def destroy
|
|
47
|
+
@client.destroy
|
|
48
|
+
|
|
49
|
+
redirect_to home_path
|
|
50
|
+
end
|
|
51
|
+
|
|
50
52
|
private
|
|
51
53
|
|
|
52
54
|
def set_author_ids
|
|
55
|
+
params[:site_client] ||= HashWithIndifferentAccess.new
|
|
53
56
|
params[:site_client][:author_id] = current_subject.actor_id
|
|
54
57
|
params[:site_client][:user_author_id] = current_user.actor_id
|
|
55
58
|
params[:site_client][:owner_id] = current_subject.actor_id
|
|
@@ -0,0 +1,19 @@
|
|
|
1
|
+
# Owner of client sites
|
|
2
|
+
class Relation::Manager < Relation::Single
|
|
3
|
+
PERMISSIONS =
|
|
4
|
+
[
|
|
5
|
+
[ 'manage', nil ],
|
|
6
|
+
[ 'manage', 'relation/custom' ],
|
|
7
|
+
[ 'manage', 'contact' ]
|
|
8
|
+
]
|
|
9
|
+
|
|
10
|
+
class << self
|
|
11
|
+
def create_activity?
|
|
12
|
+
false
|
|
13
|
+
end
|
|
14
|
+
end
|
|
15
|
+
|
|
16
|
+
def available_permissions
|
|
17
|
+
Permission.instances PERMISSIONS
|
|
18
|
+
end
|
|
19
|
+
end
|
data/app/models/site/client.rb
CHANGED
|
@@ -4,12 +4,13 @@ class Site::Client < Site
|
|
|
4
4
|
before_validation :set_secret,
|
|
5
5
|
on: :create
|
|
6
6
|
|
|
7
|
-
after_create :
|
|
7
|
+
after_create :set_manager
|
|
8
8
|
|
|
9
|
-
scope :
|
|
10
|
-
|
|
9
|
+
scope :managed_by, lambda { |actor|
|
|
10
|
+
select("DISTINCT sites.*").
|
|
11
|
+
joins(actor: :sent_permissions).
|
|
11
12
|
merge(Contact.received_by(actor)).
|
|
12
|
-
merge(
|
|
13
|
+
merge(Permission.where(action: 'manage', object: nil))
|
|
13
14
|
}
|
|
14
15
|
|
|
15
16
|
%w{ url callback_url secret }.each do |m|
|
|
@@ -32,7 +33,10 @@ class Site::Client < Site
|
|
|
32
33
|
self.secret = SecureRandom.hex(64)
|
|
33
34
|
end
|
|
34
35
|
|
|
35
|
-
def
|
|
36
|
-
|
|
36
|
+
def set_manager
|
|
37
|
+
c = sent_contacts.create! receiver_id: author.id,
|
|
38
|
+
user_author: author
|
|
39
|
+
|
|
40
|
+
c.relation_ids = [ ::Relation::Manager.instance.id ]
|
|
37
41
|
end
|
|
38
42
|
end
|
|
@@ -0,0 +1,15 @@
|
|
|
1
|
+
<section class="avatar">
|
|
2
|
+
<% if can? :update, @profile %>
|
|
3
|
+
<header>
|
|
4
|
+
<%= render partial: 'edit_icon' %>
|
|
5
|
+
<h4>
|
|
6
|
+
<%= t('avatar.profile_change') %>
|
|
7
|
+
</h4>
|
|
8
|
+
</header>
|
|
9
|
+
<div class="update">
|
|
10
|
+
<%= render partial: 'avatars/form',
|
|
11
|
+
object: @profile.actor,
|
|
12
|
+
as: :avatarable %>
|
|
13
|
+
</div>
|
|
14
|
+
<% end %>
|
|
15
|
+
</section>
|
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
<%= image_tag 'step_2.png' %>
|
|
2
|
+
|
|
3
|
+
<section class="new_app">
|
|
4
|
+
<h1>Set the application's logo</h1>
|
|
5
|
+
|
|
6
|
+
<%= render partial: 'avatars/form',
|
|
7
|
+
object: @client,
|
|
8
|
+
as: :avatarable %>
|
|
9
|
+
|
|
10
|
+
<%= link_to "Next", edit_site_client_path(@client, step: 3) %>
|
|
11
|
+
</section>
|
|
@@ -1,24 +1,27 @@
|
|
|
1
1
|
<section class="site_clients_list">
|
|
2
|
-
|
|
2
|
+
<ul>
|
|
3
|
+
<% list.each do |client| %>
|
|
4
|
+
<li>
|
|
5
|
+
<%= image_tag client.logo.url(:small), style: "width: 40px; height: 40px;" %>
|
|
3
6
|
|
|
4
|
-
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
<% end %>
|
|
7
|
+
<div class="name">
|
|
8
|
+
<%= link_to client.name, client %>
|
|
9
|
+
</div>
|
|
10
|
+
<div class="url">
|
|
11
|
+
<%= link_to client.url, client.url, target: '_blank' %>
|
|
12
|
+
</div>
|
|
13
|
+
<div class="users">
|
|
14
|
+
<span>
|
|
15
|
+
5
|
|
16
|
+
</span>
|
|
17
|
+
users
|
|
18
|
+
</div>
|
|
19
|
+
<hr class="soften">
|
|
20
|
+
</li>
|
|
21
|
+
<% end %>
|
|
20
22
|
|
|
21
23
|
<%= javascript_tag do %>
|
|
22
24
|
SocialStream.SiteClient.index();
|
|
23
25
|
<% end %>
|
|
26
|
+
</ul>
|
|
24
27
|
</section>
|
|
@@ -3,12 +3,11 @@
|
|
|
3
3
|
<%= render partial: 'toolbar/home' %>
|
|
4
4
|
|
|
5
5
|
<section class="edit_site_client" id="edit_<%= dom_id @client %>">
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
<%= render partial: '
|
|
10
|
-
|
|
11
|
-
</section>
|
|
6
|
+
<% if params[:step].present? %>
|
|
7
|
+
<%= render partial: "edit_step_#{ params[:step] }" %>
|
|
8
|
+
<% else %>
|
|
9
|
+
<%= render partial: 'edit' %>
|
|
10
|
+
<% end %>
|
|
12
11
|
</section>
|
|
13
12
|
</section>
|
|
14
13
|
|
|
@@ -20,7 +20,7 @@
|
|
|
20
20
|
<%= Site::Client.human_attribute_name :description %>
|
|
21
21
|
</h4>
|
|
22
22
|
<div class="result">
|
|
23
|
-
<%=
|
|
23
|
+
<%= @client.description%>
|
|
24
24
|
</div>
|
|
25
25
|
|
|
26
26
|
<h4>
|
|
@@ -30,45 +30,52 @@
|
|
|
30
30
|
<%= link_to @client.url, @client.url%>
|
|
31
31
|
</div>
|
|
32
32
|
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
|
|
37
|
-
|
|
38
|
-
|
|
33
|
+
<% if can? :update, @client %>
|
|
34
|
+
<h4>
|
|
35
|
+
<%= Site::Client.human_attribute_name :callback_url %>
|
|
36
|
+
</h4>
|
|
37
|
+
<div class="result">
|
|
38
|
+
<%= @client.callback_url %>
|
|
39
|
+
</div>
|
|
40
|
+
<% end %>
|
|
39
41
|
</div>
|
|
40
42
|
|
|
41
|
-
|
|
42
|
-
<
|
|
43
|
-
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
|
|
47
|
-
<
|
|
48
|
-
<
|
|
49
|
-
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
|
|
53
|
-
|
|
54
|
-
|
|
55
|
-
|
|
56
|
-
|
|
57
|
-
|
|
58
|
-
<
|
|
59
|
-
|
|
60
|
-
|
|
61
|
-
|
|
62
|
-
|
|
63
|
-
|
|
43
|
+
<% if can? :update, @client %>
|
|
44
|
+
<div class="btn-group">
|
|
45
|
+
<a class="dropdown-toggle" data-toggle="dropdown" href="#">
|
|
46
|
+
Credentials
|
|
47
|
+
<span class="caret"></span>
|
|
48
|
+
</a>
|
|
49
|
+
<ul class="dropdown-menu">
|
|
50
|
+
<li>
|
|
51
|
+
<h6>
|
|
52
|
+
<%= Site::Client.human_attribute_name :id %>
|
|
53
|
+
</h6>
|
|
54
|
+
<p>
|
|
55
|
+
<%= @client.id %>
|
|
56
|
+
</p>
|
|
57
|
+
</li>
|
|
58
|
+
|
|
59
|
+
<li class="client-secret">
|
|
60
|
+
<h6>
|
|
61
|
+
<%= Site::Client.human_attribute_name :secret %>
|
|
62
|
+
<a href="#" class="pull-right">refresh</a>
|
|
63
|
+
</h6>
|
|
64
|
+
<p>
|
|
65
|
+
<%= @client.secret %>
|
|
66
|
+
</p>
|
|
67
|
+
</li>
|
|
68
|
+
</ul>
|
|
69
|
+
</div>
|
|
70
|
+
<% end %>
|
|
64
71
|
</div>
|
|
65
72
|
</section>
|
|
66
73
|
|
|
67
74
|
<div class="tabbable"> <!-- Only required for left/right tabs -->
|
|
68
75
|
<ul class="nav nav-tabs">
|
|
69
|
-
<li class="active"><a href="#
|
|
70
|
-
<li><a href="#
|
|
71
|
-
<li><a href="#
|
|
76
|
+
<li class="active"><a href="#authorized" data-toggle="tab">Authorized</a></li>
|
|
77
|
+
<li><a href="#registered" data-toggle="tab">Registered</a></li>
|
|
78
|
+
<li><a href="#stats" data-toggle="tab">Stats</a></li>
|
|
72
79
|
</ul>
|
|
73
80
|
<div class="search-nav hidden-phone">
|
|
74
81
|
<%= form_tag search_path, method: 'get', class: "navbar-search pull-left" do %>
|
|
@@ -79,6 +86,7 @@
|
|
|
79
86
|
SocialStream.SearchHeader.show();
|
|
80
87
|
});
|
|
81
88
|
<% end %>
|
|
89
|
+
|
|
82
90
|
<div class="mat">
|
|
83
91
|
<%= render partial: 'layouts/loading' %>
|
|
84
92
|
|
|
@@ -97,18 +105,17 @@
|
|
|
97
105
|
|
|
98
106
|
|
|
99
107
|
<div class="tab-content">
|
|
100
|
-
<div class="tab-pane active" id="
|
|
101
|
-
|
|
102
|
-
|
|
103
|
-
|
|
104
|
-
|
|
105
|
-
|
|
106
|
-
</ul>
|
|
108
|
+
<div class="tab-pane active" id="authorized">
|
|
109
|
+
<%= render partial: 'contacts/contact',
|
|
110
|
+
collection: @client.sent_contacts.first(12) %>
|
|
111
|
+
</div>
|
|
112
|
+
|
|
113
|
+
<div class="tab-pane" id="registered">
|
|
107
114
|
</div>
|
|
108
115
|
|
|
109
|
-
<div class="tab-pane" id="
|
|
116
|
+
<div class="tab-pane" id="stats">
|
|
110
117
|
</div>
|
|
111
118
|
</div>
|
|
112
119
|
</div>
|
|
113
120
|
|
|
114
|
-
</section>
|
|
121
|
+
</section>
|
data/config/locales/en.yml
CHANGED
|
@@ -21,12 +21,30 @@ en:
|
|
|
21
21
|
helpers:
|
|
22
22
|
submit:
|
|
23
23
|
site_client:
|
|
24
|
-
create:
|
|
25
|
-
update:
|
|
24
|
+
create: Next
|
|
25
|
+
update: Save
|
|
26
26
|
permission:
|
|
27
|
+
description:
|
|
28
|
+
default:
|
|
29
|
+
brief:
|
|
30
|
+
manage:
|
|
31
|
+
contact: Manage authorizations
|
|
32
|
+
nil: Manage the site
|
|
33
|
+
relation/custom: Manage roles
|
|
34
|
+
detailed:
|
|
35
|
+
manage:
|
|
36
|
+
nil:
|
|
37
|
+
positive: They WILL BE ABLE to update the details of the client site
|
|
38
|
+
negative: They WILL NOT BE ABLE to update the details of the client
|
|
39
|
+
site
|
|
40
|
+
relation/custom:
|
|
41
|
+
positive: They WILL BE ABLE to create, update and delete the roles of
|
|
42
|
+
the client site
|
|
43
|
+
negative: They WILL NOT BE ABLE to create, update and delete the roles
|
|
44
|
+
of the client site
|
|
27
45
|
public_info: Read your public information
|
|
28
46
|
relation_admin:
|
|
29
|
-
name:
|
|
47
|
+
name: Site Client Admin
|
|
30
48
|
site:
|
|
31
49
|
client:
|
|
32
50
|
added: Added sites
|
data/config/locales/es.yml
CHANGED
|
@@ -10,15 +10,38 @@ es:
|
|
|
10
10
|
name: Nombre
|
|
11
11
|
secret: Client Secret
|
|
12
12
|
url: URL
|
|
13
|
+
authorization:
|
|
14
|
+
form:
|
|
15
|
+
accept: Accept
|
|
16
|
+
cancel: Cancel
|
|
17
|
+
new:
|
|
18
|
+
title: Authorize %{client}?
|
|
19
|
+
permission:
|
|
20
|
+
title: 'The site %{client} will be able to:'
|
|
13
21
|
helpers:
|
|
14
22
|
submit:
|
|
15
23
|
site_client:
|
|
16
|
-
create:
|
|
17
|
-
update:
|
|
24
|
+
create: Siguiente
|
|
25
|
+
update: Guardar
|
|
18
26
|
permission:
|
|
27
|
+
description:
|
|
28
|
+
default:
|
|
29
|
+
brief:
|
|
30
|
+
manage:
|
|
31
|
+
nil: Gestionar el sitio
|
|
32
|
+
relation/custom: Gestionar los roles
|
|
33
|
+
contact: Manage authorizations
|
|
34
|
+
detailed:
|
|
35
|
+
manage:
|
|
36
|
+
nil:
|
|
37
|
+
positive: PODRÁN actualizar los detalles del sitio
|
|
38
|
+
negative: NO PODRÁN actualizar los detalles del sitio
|
|
39
|
+
relation/custom:
|
|
40
|
+
positive: PODRÁN crear, actualizar y borrar los roles del sitio
|
|
41
|
+
negative: NO PODRÁN crear, actualizar y borrar los roles del sitio
|
|
19
42
|
public_info: Acceder a tu información pública
|
|
20
43
|
relation_admin:
|
|
21
|
-
name:
|
|
44
|
+
name: Administrador de Sitio
|
|
22
45
|
site:
|
|
23
46
|
client:
|
|
24
47
|
added: Sitios añadidos
|
|
@@ -27,11 +50,3 @@ es:
|
|
|
27
50
|
new:
|
|
28
51
|
link: Añadir sitio
|
|
29
52
|
title: Registrar nuevo sitio
|
|
30
|
-
authorization:
|
|
31
|
-
form:
|
|
32
|
-
accept: Accept
|
|
33
|
-
cancel: Cancel
|
|
34
|
-
new:
|
|
35
|
-
title: Authorize %{client}?
|
|
36
|
-
permission:
|
|
37
|
-
title: 'The site %{client} will be able to:'
|
data/config/locales/zh.yml
CHANGED
|
@@ -20,6 +20,24 @@ zh:
|
|
|
20
20
|
title: 'The site %{client} will be able to:'
|
|
21
21
|
permission:
|
|
22
22
|
public_info: Read your public information
|
|
23
|
+
description:
|
|
24
|
+
default:
|
|
25
|
+
brief:
|
|
26
|
+
manage:
|
|
27
|
+
nil: Manage the site
|
|
28
|
+
relation/custom: Manage roles
|
|
29
|
+
contact: Manage authorizations
|
|
30
|
+
detailed:
|
|
31
|
+
manage:
|
|
32
|
+
nil:
|
|
33
|
+
positive: They WILL BE ABLE to update the details of the client site
|
|
34
|
+
negative: They WILL NOT BE ABLE to update the details of the client
|
|
35
|
+
site
|
|
36
|
+
relation/custom:
|
|
37
|
+
positive: They WILL BE ABLE to create, update and delete the roles of
|
|
38
|
+
the client site
|
|
39
|
+
negative: They WILL NOT BE ABLE to create, update and delete the roles
|
|
40
|
+
of the client site
|
|
23
41
|
site:
|
|
24
42
|
client:
|
|
25
43
|
added: Added sites
|
|
@@ -28,3 +46,10 @@ zh:
|
|
|
28
46
|
new:
|
|
29
47
|
link: Add site
|
|
30
48
|
title: Register new client site
|
|
49
|
+
helpers:
|
|
50
|
+
submit:
|
|
51
|
+
site_client:
|
|
52
|
+
create: Next
|
|
53
|
+
update: Save
|
|
54
|
+
relation_admin:
|
|
55
|
+
name: Site Client Admin
|
|
@@ -0,0 +1,24 @@
|
|
|
1
|
+
class SiteClientAdminToManager < ActiveRecord::Migration
|
|
2
|
+
|
|
3
|
+
class Relation::Admin < Relation; end
|
|
4
|
+
|
|
5
|
+
def up
|
|
6
|
+
admin = Relation::Admin.first
|
|
7
|
+
|
|
8
|
+
if admin.present?
|
|
9
|
+
rt = Tie.record_timestamps
|
|
10
|
+
Tie.record_timestamps = false
|
|
11
|
+
|
|
12
|
+
admin.ties.each do |t|
|
|
13
|
+
t.relation = Relation::Manager.instance
|
|
14
|
+
t.save!
|
|
15
|
+
end
|
|
16
|
+
|
|
17
|
+
Tie.record_timestamps = rt
|
|
18
|
+
end
|
|
19
|
+
end
|
|
20
|
+
|
|
21
|
+
def down
|
|
22
|
+
raise ActiveRecord::IrreversibleMigration
|
|
23
|
+
end
|
|
24
|
+
end
|
|
@@ -1,19 +1 @@
|
|
|
1
|
-
require 'social_stream
|
|
2
|
-
|
|
3
|
-
require 'rack/oauth2'
|
|
4
|
-
|
|
5
|
-
module SocialStream
|
|
6
|
-
module Oauth2Server
|
|
7
|
-
module Controllers
|
|
8
|
-
autoload :Helpers, 'social_stream/oauth2_server/controllers/helpers'
|
|
9
|
-
end
|
|
10
|
-
|
|
11
|
-
module Models
|
|
12
|
-
autoload :Actor, 'social_stream/oauth2_server/models/actor'
|
|
13
|
-
autoload :User, 'social_stream/oauth2_server/models/user'
|
|
14
|
-
end
|
|
15
|
-
autoload :TokenEndpoint, 'social_stream/oauth2_server/token_endpoint'
|
|
16
|
-
end
|
|
17
|
-
end
|
|
18
|
-
|
|
19
|
-
require 'social_stream/oauth2_server/engine'
|
|
1
|
+
require 'social_stream/oauth2_server'
|
|
@@ -1,5 +1,33 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
|
|
1
|
+
require 'social_stream-base'
|
|
2
|
+
|
|
3
|
+
require 'rack/oauth2'
|
|
4
|
+
|
|
5
|
+
module SocialStream
|
|
6
|
+
module Oauth2Server
|
|
7
|
+
module Controllers
|
|
8
|
+
autoload :Helpers, 'social_stream/oauth2_server/controllers/helpers'
|
|
9
|
+
end
|
|
10
|
+
|
|
11
|
+
module Models
|
|
12
|
+
autoload :Actor, 'social_stream/oauth2_server/models/actor'
|
|
13
|
+
autoload :User, 'social_stream/oauth2_server/models/user'
|
|
14
|
+
end
|
|
15
|
+
|
|
16
|
+
autoload :Ability, 'social_stream/oauth2_server/ability'
|
|
17
|
+
autoload :TokenEndpoint, 'social_stream/oauth2_server/token_endpoint'
|
|
18
|
+
end
|
|
19
|
+
|
|
20
|
+
# Define default custom relations for Site::Client
|
|
21
|
+
SocialStream.custom_relations['site/client'] = {}
|
|
22
|
+
|
|
23
|
+
# Relations that appear in the Site::Client list
|
|
24
|
+
SocialStream.list_relations['site/client'] = [ :manager ]
|
|
25
|
+
|
|
26
|
+
SocialStream.available_permissions['site/client'] = [
|
|
27
|
+
[ 'manage', nil ],
|
|
28
|
+
[ 'manage', 'relation/custom' ],
|
|
29
|
+
[ 'manage', 'contact' ]
|
|
30
|
+
]
|
|
31
|
+
end
|
|
32
|
+
|
|
33
|
+
require 'social_stream/oauth2_server/engine'
|
|
@@ -0,0 +1,23 @@
|
|
|
1
|
+
module SocialStream
|
|
2
|
+
module Oauth2Server
|
|
3
|
+
module Ability
|
|
4
|
+
def initialize(subject)
|
|
5
|
+
super
|
|
6
|
+
|
|
7
|
+
can :read, Site::Client
|
|
8
|
+
|
|
9
|
+
can :create, Site::Client do |c|
|
|
10
|
+
subject.present? &&
|
|
11
|
+
c.author_id == subject.actor_id
|
|
12
|
+
end
|
|
13
|
+
|
|
14
|
+
can [:update, :destroy], Site::Client do |c|
|
|
15
|
+
c.allow? subject, 'manage'
|
|
16
|
+
end
|
|
17
|
+
|
|
18
|
+
can :read, Relation::Manager
|
|
19
|
+
end
|
|
20
|
+
end
|
|
21
|
+
end
|
|
22
|
+
end
|
|
23
|
+
|
|
@@ -5,6 +5,12 @@ module SocialStream
|
|
|
5
5
|
Oauth2Token::AccessToken.valid.find_by_token(req.access_token) || req.invalid_token!
|
|
6
6
|
end
|
|
7
7
|
|
|
8
|
+
initializer "social_stream-oauth2_server.ability" do
|
|
9
|
+
SocialStream::Ability.module_eval do
|
|
10
|
+
include SocialStream::Oauth2Server::Ability
|
|
11
|
+
end
|
|
12
|
+
end
|
|
13
|
+
|
|
8
14
|
initializer "social_stream-oauth2_server.controller.helpers",
|
|
9
15
|
after: "social_stream-base.controller.helpers" do
|
|
10
16
|
ActiveSupport.on_load(:action_controller) do
|
|
@@ -12,7 +12,7 @@ Gem::Specification.new do |s|
|
|
|
12
12
|
s.files = `git ls-files`.split("\n")
|
|
13
13
|
|
|
14
14
|
# Gem dependencies
|
|
15
|
-
s.add_runtime_dependency('social_stream-base', '~> 2.0
|
|
15
|
+
s.add_runtime_dependency('social_stream-base', '~> 2.1.0')
|
|
16
16
|
s.add_runtime_dependency('rack-oauth2', '~> 1.0.0')
|
|
17
17
|
|
|
18
18
|
s.add_development_dependency('rspec-rails', '~> 2.8.0')
|
|
@@ -0,0 +1,112 @@
|
|
|
1
|
+
require 'spec_helper'
|
|
2
|
+
|
|
3
|
+
describe Site::ClientsController do
|
|
4
|
+
include SocialStream::TestHelpers
|
|
5
|
+
include SocialStream::TestHelpers::Controllers
|
|
6
|
+
|
|
7
|
+
render_views
|
|
8
|
+
|
|
9
|
+
describe "when Anonymous" do
|
|
10
|
+
it "should not render new" do
|
|
11
|
+
get :new
|
|
12
|
+
|
|
13
|
+
response.should redirect_to(new_user_session_path)
|
|
14
|
+
end
|
|
15
|
+
|
|
16
|
+
context "faking a new client" do
|
|
17
|
+
it "should deny creating" do
|
|
18
|
+
post :create, :client => { :name => "Test" }
|
|
19
|
+
|
|
20
|
+
response.should redirect_to(new_user_session_path)
|
|
21
|
+
end
|
|
22
|
+
end
|
|
23
|
+
|
|
24
|
+
context "an existing client" do
|
|
25
|
+
before do
|
|
26
|
+
@current_model = Factory(:"site/client")
|
|
27
|
+
end
|
|
28
|
+
|
|
29
|
+
it_should_behave_like "Deny Updating"
|
|
30
|
+
it_should_behave_like "Deny Destroying"
|
|
31
|
+
end
|
|
32
|
+
end
|
|
33
|
+
|
|
34
|
+
describe "when authenticated" do
|
|
35
|
+
before do
|
|
36
|
+
@user = Factory(:user)
|
|
37
|
+
|
|
38
|
+
sign_in @user
|
|
39
|
+
end
|
|
40
|
+
|
|
41
|
+
it "should render client" do
|
|
42
|
+
@client = Factory(:"site/client", author: @user.actor )
|
|
43
|
+
get :show, :id => @client.to_param
|
|
44
|
+
|
|
45
|
+
response.should be_success
|
|
46
|
+
end
|
|
47
|
+
|
|
48
|
+
it "should render other group" do
|
|
49
|
+
get :show, :id => Factory(:"site/client").to_param
|
|
50
|
+
|
|
51
|
+
response.should be_success
|
|
52
|
+
end
|
|
53
|
+
|
|
54
|
+
it "should render new" do
|
|
55
|
+
get :new
|
|
56
|
+
|
|
57
|
+
response.should be_success
|
|
58
|
+
end
|
|
59
|
+
|
|
60
|
+
context "a new own client" do
|
|
61
|
+
it "should allow creating" do
|
|
62
|
+
count = Site::Client.count
|
|
63
|
+
post :create, site_client: { name: "Test",
|
|
64
|
+
url: "http://test.com/",
|
|
65
|
+
callback_url: "http://test.com/callback"
|
|
66
|
+
}
|
|
67
|
+
|
|
68
|
+
client = assigns(:client)
|
|
69
|
+
|
|
70
|
+
client.should be_valid
|
|
71
|
+
Site::Client.count.should eq(count + 1)
|
|
72
|
+
client.receivers.should include(@user.actor)
|
|
73
|
+
end
|
|
74
|
+
end
|
|
75
|
+
|
|
76
|
+
context "a new fake client" do
|
|
77
|
+
before do
|
|
78
|
+
user = Factory(:user)
|
|
79
|
+
|
|
80
|
+
model_attributes[:author_id] = user.actor_id
|
|
81
|
+
model_attributes[:user_author_id] = user.actor_id
|
|
82
|
+
end
|
|
83
|
+
|
|
84
|
+
it_should_behave_like "Deny Creating"
|
|
85
|
+
end
|
|
86
|
+
|
|
87
|
+
context "a external client" do
|
|
88
|
+
before do
|
|
89
|
+
@current_model = Factory(:"site/client")
|
|
90
|
+
end
|
|
91
|
+
|
|
92
|
+
it_should_behave_like "Deny Updating"
|
|
93
|
+
it_should_behave_like "Deny Destroying"
|
|
94
|
+
end
|
|
95
|
+
|
|
96
|
+
context "a existing own client" do
|
|
97
|
+
before do
|
|
98
|
+
@current_model = Factory(:"site/client", author: @user.actor)
|
|
99
|
+
end
|
|
100
|
+
|
|
101
|
+
it "should update client" do
|
|
102
|
+
put :update, :id => @current_model.to_param,
|
|
103
|
+
"client" => { name: "Update name" }
|
|
104
|
+
|
|
105
|
+
response.should redirect_to(@current_model)
|
|
106
|
+
end
|
|
107
|
+
|
|
108
|
+
it_should_behave_like "Allow Destroying"
|
|
109
|
+
end
|
|
110
|
+
end
|
|
111
|
+
end
|
|
112
|
+
|
|
@@ -1,6 +1,6 @@
|
|
|
1
|
-
Factory.define(:
|
|
1
|
+
Factory.define(:"site/client", :class => Site::Client) do |c|
|
|
2
2
|
c.sequence(:name) { |n| "Site client #{ n }" }
|
|
3
3
|
c.url { 'https://test.com' }
|
|
4
4
|
c.callback_url { 'https://test.com/callback' }
|
|
5
|
-
c.
|
|
5
|
+
c.author { Factory(:user).actor }
|
|
6
6
|
end
|
|
@@ -0,0 +1,20 @@
|
|
|
1
|
+
require 'spec_helper'
|
|
2
|
+
|
|
3
|
+
describe Site::Client do
|
|
4
|
+
before do
|
|
5
|
+
@user = Factory(:user)
|
|
6
|
+
|
|
7
|
+
@client = Site::Client.create name: "Test",
|
|
8
|
+
url: "http://test.com",
|
|
9
|
+
callback_url: "http://test.com/callback",
|
|
10
|
+
author: @user
|
|
11
|
+
end
|
|
12
|
+
|
|
13
|
+
it "should allow update to author" do
|
|
14
|
+
Ability.new(@user).should be_able_to(:update, @client)
|
|
15
|
+
end
|
|
16
|
+
|
|
17
|
+
it "should not allow update to other" do
|
|
18
|
+
Ability.new(Factory(:user)).should_not be_able_to(:update, @client)
|
|
19
|
+
end
|
|
20
|
+
end
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: social_stream-oauth2_server
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.0
|
|
4
|
+
version: 2.1.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Antonio Tapiador
|
|
@@ -9,7 +9,7 @@ authors:
|
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date: 2013-
|
|
12
|
+
date: 2013-07-04 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: social_stream-base
|
|
@@ -17,14 +17,14 @@ dependencies:
|
|
|
17
17
|
requirements:
|
|
18
18
|
- - ~>
|
|
19
19
|
- !ruby/object:Gem::Version
|
|
20
|
-
version: 2.0
|
|
20
|
+
version: 2.1.0
|
|
21
21
|
type: :runtime
|
|
22
22
|
prerelease: false
|
|
23
23
|
version_requirements: !ruby/object:Gem::Requirement
|
|
24
24
|
requirements:
|
|
25
25
|
- - ~>
|
|
26
26
|
- !ruby/object:Gem::Version
|
|
27
|
-
version: 2.0
|
|
27
|
+
version: 2.1.0
|
|
28
28
|
- !ruby/object:Gem::Dependency
|
|
29
29
|
name: rack-oauth2
|
|
30
30
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -84,7 +84,7 @@ files:
|
|
|
84
84
|
- app/assets/stylesheets/social_stream/oauth2_server/create/responsive/_responsive-1200px-min.css.sass
|
|
85
85
|
- app/assets/stylesheets/social_stream/oauth2_server/create/responsive/_responsive-767px-max.css.sass
|
|
86
86
|
- app/assets/stylesheets/social_stream/oauth2_server/create/responsive/_responsive-768px-979px.css.sass
|
|
87
|
-
- app/assets/stylesheets/social_stream/oauth2_server/mixins/
|
|
87
|
+
- app/assets/stylesheets/social_stream/oauth2_server/mixins/_mixin.css.sass
|
|
88
88
|
- app/assets/stylesheets/social_stream/oauth2_server/show/_show-oauth2server.css.sass
|
|
89
89
|
- app/assets/stylesheets/social_stream/oauth2_server/show/layout/_show-oauth2server.css.sass
|
|
90
90
|
- app/assets/stylesheets/social_stream/oauth2_server/show/responsive/_responsive-1200px-min.css.sass
|
|
@@ -100,16 +100,18 @@ files:
|
|
|
100
100
|
- app/models/oauth2_token/access_token.rb
|
|
101
101
|
- app/models/oauth2_token/authorization_code.rb
|
|
102
102
|
- app/models/oauth2_token/refresh_token.rb
|
|
103
|
-
- app/models/relation/admin.rb
|
|
104
103
|
- app/models/relation/auth.rb
|
|
104
|
+
- app/models/relation/manager.rb
|
|
105
105
|
- app/models/site/client.rb
|
|
106
106
|
- app/overrides/frontpage/_presentation/client_site_presentation.html.erb.deface
|
|
107
107
|
- app/overrides/layouts/_header_dropdown_menu/applications_entry.html.erb.deface
|
|
108
108
|
- app/views/authorizations/error.html.erb
|
|
109
109
|
- app/views/authorizations/new.html.erb
|
|
110
|
+
- app/views/site/clients/_avatar.html.erb
|
|
111
|
+
- app/views/site/clients/_edit.html.erb
|
|
112
|
+
- app/views/site/clients/_edit_step_2.html.erb
|
|
113
|
+
- app/views/site/clients/_edit_step_3.html.erb
|
|
110
114
|
- app/views/site/clients/_form.html.erb
|
|
111
|
-
- app/views/site/clients/_form_step1.html.erb
|
|
112
|
-
- app/views/site/clients/_form_step2.html.erb
|
|
113
115
|
- app/views/site/clients/_list.html.erb
|
|
114
116
|
- app/views/site/clients/_new.modal.html.erb
|
|
115
117
|
- app/views/site/clients/_presentation.html.erb
|
|
@@ -122,10 +124,12 @@ files:
|
|
|
122
124
|
- config/locales/zh.yml
|
|
123
125
|
- config/routes.rb
|
|
124
126
|
- db/migrate/20130115102300_create_social_stream_oauth2_server.rb
|
|
127
|
+
- db/migrate/20130619134332_site_client_admin_to_manager.rb
|
|
125
128
|
- lib/generators/social_stream/oauth2_server/install_generator.rb
|
|
126
129
|
- lib/social_stream-oauth2_server.rb
|
|
127
130
|
- lib/social_stream/migrations/oauth2_server.rb
|
|
128
131
|
- lib/social_stream/oauth2_server.rb
|
|
132
|
+
- lib/social_stream/oauth2_server/ability.rb
|
|
129
133
|
- lib/social_stream/oauth2_server/controllers/helpers.rb
|
|
130
134
|
- lib/social_stream/oauth2_server/engine.rb
|
|
131
135
|
- lib/social_stream/oauth2_server/models/actor.rb
|
|
@@ -136,8 +140,10 @@ files:
|
|
|
136
140
|
- social_stream-oauth2_server.gemspec
|
|
137
141
|
- spec/controllers/authorizations_controller_spec.rb
|
|
138
142
|
- spec/controllers/dummy_controller_spec.rb
|
|
143
|
+
- spec/controllers/site_clients_controller_authorization_spec.rb
|
|
139
144
|
- spec/factories/site_client.rb
|
|
140
145
|
- spec/models/relation/auth_spec.rb
|
|
146
|
+
- spec/models/site/client_authorization_spec.rb
|
|
141
147
|
- spec/models/site/client_spec.rb
|
|
142
148
|
homepage: http://github.com/ging/social_stream-oauth2_server
|
|
143
149
|
licenses: []
|
|
@@ -1,20 +0,0 @@
|
|
|
1
|
-
<img src="/assets/step_2.png">
|
|
2
|
-
<article class="permissions">
|
|
3
|
-
<h4>
|
|
4
|
-
<%= raw t('permission.of_relation.choose', :name => h(@relation.name)) %>
|
|
5
|
-
</h4>
|
|
6
|
-
|
|
7
|
-
<%= form_for @relation, url: polymorphic_path(@relation, section: 'permissions'), remote: true do |f| %>
|
|
8
|
-
<%= hidden_field_tag 'relation_custom[permission_ids][]', "" %>
|
|
9
|
-
|
|
10
|
-
<ul>
|
|
11
|
-
<% default_permissions.each do |p| %>
|
|
12
|
-
<li>
|
|
13
|
-
<%= check_box_tag 'relation_custom[permission_ids][]', p.id, @relation.permission_ids.include?(p.id), id: "checkbox_relation_#{ @relation.id }_permission_#{ p.id }" %>
|
|
14
|
-
<%= label_tag "checkbox_relation_#{ @relation.id }_permission_#{ p.id }", p.description(:brief, subject: current_subject), title: p.description(:detailed, subject: current_subject, state: (@relation.permission_ids.include?(p.id) ? 'positive' : 'negative'), relation: @relation.name) %>
|
|
15
|
-
</li>
|
|
16
|
-
<% end %>
|
|
17
|
-
</ul>
|
|
18
|
-
<% end %>
|
|
19
|
-
<%= f.submit :next %>
|
|
20
|
-
</article>
|