RubyGems - tb_core - Versions diffs - 1.0.2 → 1.1.0 - Mend

tb_core 1.0.2 → 1.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (153) hide show

data/app/models/spud_permission.rb ADDED Viewed

@@ -0,0 +1,33 @@
+class SpudPermission
+  attr_accessor :tag, :name, :apps
+  def initialize(tag, name, apps=nil)
+    self.tag = tag
+    self.name = name
+    self.apps = apps || []
+  end
+  # Find a permission by tag
+  def self.find(tag)
+    return Spud::Core.permissions.find{ |p| p.tag == tag }
+  end
+  # Returns hash of permissions, grouped by tag namespace
+  def self.grouped_by_tag
+    return Spud::Core.permissions.group_by do |p|
+      p.tag.split('.').first
+    end
+  end
+  # Returns array permissions sorted by tag
+  def self.sorted_by_tag
+    return Spud::Core.permissions.sort_by(&:tag)
+  end
+  # Returns all permissions
+  def self.all
+    return Spud::Core.permissions
+  end
+end

data/app/models/spud_role.rb ADDED Viewed

@@ -0,0 +1,32 @@
+class SpudRole < ActiveRecord::Base
+  attr_accessible :name, :permission_tags
+  has_many :spud_role_permissions, :dependent => :destroy
+  has_many :users, :class_name => 'SpudUser'
+  validates :name, :presence => true, :uniqueness => true
+  def permissions
+    self.spud_role_permissions.collect(&:permission).reject(&:blank?)
+  end
+  def permissions=(permissions_list)
+    self.permission_tags = permissions_list.collect(&:tag)
+  end
+  def permission_tags=(tags)
+    self.spud_role_permissions.each do |role_permission|
+      if role_permission.permission.nil? || !tags.include?(role_permission.permission.tag)
+        role_permission.destroy()
+      else
+        tags.delete(role_permission.permission.tag)
+      end
+    end
+    self.spud_role_permissions += tags.collect{ |tag| SpudRolePermission.new(:spud_permission_tag => tag) }
+  end
+  def permission_tags
+    return self.permissions.collect(&:tag)
+  end
+end

data/app/models/spud_role_permission.rb ADDED Viewed

@@ -0,0 +1,9 @@
+class SpudRolePermission < ActiveRecord::Base
+  attr_accessible :spud_permission_tag, :spud_role_id, :tag
+  belongs_to :spud_role
+  def permission
+    SpudPermission.find(self.spud_permission_tag)
+  end
+end

data/app/models/spud_user.rb CHANGED Viewed

@@ -1,26 +1,81 @@
 class SpudUser < ActiveRecord::Base
-	include Concerns::SpudAuthentication
-	has_many :spud_admin_permissions,:foreign_key => :user_id
-	has_many :spud_user_settings
-	accepts_nested_attributes_for :spud_admin_permissions, :allow_destroy => true
-	attr_accessible :login,:email,:first_name,:last_name,:password,:password_confirmation,:password_salt,:last_login_at,:last_request_at,:last_login_ip,:failed_login_count,:current_login_at,:login_count,:persistence_token,:perishable_token,:single_access_token,:crypted_password, :current_login_ip, :created_at, :updated_at,:spud_admin_permissions_attributes,:time_zone, :as => [:default, :admin]
-	attr_accessible :super_admin, :id, :as => :admin
-	def has_admin_rights?
-		return self.super_admin || self.spud_admin_permissions.count > 0
-	end
-	def full_name
-		if first_name.blank? && last_name.blank?
-			return self.login
-		end
-		if self.first_name.blank?
-			return self.last_name
-		elsif self.last_name.blank?
-			return self.first_name
-		end
-		return "#{self.first_name} #{self.last_name}"
-	end
+  include Concerns::SpudAuthentication
+  belongs_to :role, :class_name => 'SpudRole', :foreign_key => 'spud_role_id'
+  has_many :spud_user_settings
+  attr_accessible :login,:email,:first_name,:last_name,:password,:password_confirmation,:password_salt,:last_login_at,:last_request_at,:last_login_ip,:failed_login_count,:current_login_at,:login_count,:persistence_token,:perishable_token,:single_access_token,:crypted_password, :current_login_ip, :created_at, :updated_at,:time_zone, :as => [:default, :admin]
+  attr_accessible :super_admin, :spud_role_id, :id, :as => :admin
+  def full_name
+    if first_name.blank? && last_name.blank?
+      return self.login
+    end
+    if self.first_name.blank?
+      return self.last_name
+    elsif self.last_name.blank?
+      return self.first_name
+    end
+    return "#{self.first_name} #{self.last_name}"
+  end
+  # Returns true if user can view at least one dashboard app
+  def has_admin_rights?
+    if self.super_admin?
+      return true
+    else
+      return Spud::Core.admin_applications.find{ |app| self.can_view_app?(app) }.present?
+    end
+  end
+  # Returns true if the user can view a spud app based on it's key
+  def can_view_app?(admin_application)
+    if self.super_admin?
+      return true
+    else
+      key = admin_application[:key]
+      return self.permissions.find{ |p| p.apps.include?(key) }.present?
+    end
+  end
+  # Check if a user has a given list of permissions
+  #
+  # * if one tag is supplied, return true if the tag matches
+  # * if multiple tags are supplied, return true if ALL tags match
+  def has_permission?(*tags)
+    if self.super_admin?
+      return true
+    else
+      my_tags = self.permissions.collect(&:tag)
+      return tags.find{ |tag| !my_tags.include?(tag) }.blank?
+    end
+  end
+  # Check if a user has at least one out of a given list of permissions
+  #
+  # * if one tag is supplied, return true if the tag matches
+  # * if multiple tags are supplied, return true if ANY tag matches
+  def has_any_permission?(*tags)
+    if self.super_admin?
+      return true
+    else
+      return self.permissions.find{ |p| tags.include?(p.tag) }.present?
+    end
+  end
+  # Return a list of SpudPermission objects for the user's SpudRole
+  def permissions
+    if !self.role
+      return []
+    else
+      return self.role.permissions
+    end
+  end
+  # Returns an ActiveRecord::Relation performing a LIKE query against name columns
+  def self.where_name_like(string)
+    like = '%' + string + '%'
+    return self.where('login like ? or concat(`first_name`, " ", `last_name`) like ?', like, like)
+  end
 end

data/app/models/spud_user_setting.rb CHANGED Viewed

@@ -1,6 +1,6 @@
 class SpudUserSetting < ActiveRecord::Base
-	belongs_to :spud_user
+  belongs_to :spud_user
-	validates :key,:presence=>true
-	validates_uniqueness_of :key,:scope => :spud_user_id
+  validates :key,:presence=>true
+  validates_uniqueness_of :key,:scope => :spud_user_id
 end

data/app/views/{spud/admin → admin}/dashboard/index.html.erb RENAMED Viewed

@@ -10,9 +10,6 @@
 <%end%>
 </div>
-<div id="dashboard-editmode">
-	<a href="#" class="btn btn-primary" id="dashboard-editsave">Done Editing</a>&nbsp;<a id="dashboard-editcancel" href="#" class="btn">Cancel</a>
-</div>
 <script type="text/javascript">
-$(document).ready(Spud.Admin.Dashboard.init);
+  $(document).ready(spud.admin.dashboard.init);
 </script>

data/app/views/admin/password_resets/index.html.erb ADDED Viewed

@@ -0,0 +1,10 @@
+<% @login_title = 'Forgot Password' %>
+	<%= form_tag admin_password_resets_path do  %>
+	  <div class="login-form-row">
+		  <%= label_tag :email %>
+		  <%= text_field_tag :email %>
+	  </div>
+	  <div class="login-form-row">
+	  	<%= submit_tag "Send Reset Instructions", :class => 'btn' %> or <%= link_to 'Cancel', admin_login_path %>
+	  </div>
+	<% end %>

data/app/views/admin/password_resets/show.html.erb ADDED Viewed

@@ -0,0 +1,15 @@
+<% @login_title = 'Password Reset' %>
+<%= form_for @user, url: admin_password_reset_path(:id => @user.perishable_token) do |f| %>
+  <%= error_messages_for(f.object) %>
+  <div class="field-group">
+  	<%= f.label :password %>
+  	<%= f.password_field :password %>
+  </div>
+  <div class="field-group">
+  	<%= f.label :password_confirmation %>
+  	<%= f.password_field :password_confirmation %>
+  </div>
+  <div class="field-group">
+  	<%= f.submit "Reset Password", :class => 'btn' %>
+  </div>
+<% end %>

data/app/views/admin/roles/_form.html.erb ADDED Viewed

@@ -0,0 +1,33 @@
+<%= form_for @role, :url => path, :html => {:class => 'form-horizontal'} do |f| %>
+  <fieldset>
+    <div class="control-group">
+      <%= f.label :name, :class => 'control-label' %>
+      <div class="controls">
+        <%= f.text_field :name %>
+      </div>
+    </div>
+  </fieldset>
+  <fieldset>
+    <legend>Permissions</legend>
+    <div class="spud-admin-role-permissions">
+      <% SpudPermission.sorted_by_tag.each do |permission| %>
+        <div class="control-group">
+          <div class="controls">
+            <label>
+              <%= check_box_tag 'spud_role[permission_tags][]', permission.tag, @role.permissions.include?(permission) %>
+              <%= permission.name %>
+            </label>
+          </div>
+        </div>
+      <% end %>
+    </div>
+  </fieldset>
+  <div class="form-actions">
+    <%= f.submit "Save Role", :class=>"btn btn-primary", "data-loading-text" => "Saving..." %>
+    or <%=link_to "Cancel", admin_roles_path, :class => "btn" %>
+  </div>
+<% end %>

data/app/views/admin/roles/edit.html.erb ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ <% @page_name = 'Edit Role' %>
2	+ <%= render :partial => 'form', :locals => {:path => admin_role_path(@role)} %>

data/app/views/admin/roles/index.html.erb ADDED Viewed

@@ -0,0 +1,29 @@
+<% @page_name = 'Roles' %>
+<%= content_for :data_controls do %>
+  <%= link_to 'New Role', new_admin_role_path, :class => 'btn btn-primary' %>
+<% end %>
+<% content_for :detail do %>
+  <table class="admin-table data-table">
+    <thead>
+      <tr>
+        <th>Name</th>
+        <th># Users</th>
+        <th></th>
+      </tr>
+    </thead>
+    <tbody>
+      <% @roles.each do |role| %>
+        <tr>
+          <td><%= role.name %></td>
+          <td><%= role.users.count %></td>
+          <td align="right">
+            <%= link_to 'Edit', edit_admin_role_path(role), :class => 'btn btn-mini' %>
+            <%= link_to 'Delete', admin_role_path(role), :method => :delete, :confirm => 'Are you sure?', :class => 'btn btn-mini btn-danger' %>
+          </td>
+        </tr>
+      <% end %>
+    </tbody>
+  </table>
+<% end %>

data/app/views/admin/roles/new.html.erb ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ <% @page_name = 'New Role' %>
2	+ <%= render :partial => 'form', :locals => {:path => admin_roles_path} %>

data/app/views/{spud/admin → admin}/settings/edit.html.erb RENAMED Viewed

@@ -1,6 +1,11 @@
+<%
+@page_thumbnail = "admin/users_thumb.png"
+@page_name = "Settings"
+%>
 <p>Fields marked with * are required and must be filled out.</p>
-<%= form_for @current_user, :url => spud_admin_settings_path, :method => :put, :html => {:class => "form-horizontal"} do |f| %>
+<%= form_for @current_user, :url => admin_settings_path, :method => :put, :html => {:class => "form-horizontal"} do |f| %>
   <%= render :partial => "form", :locals => {:f => f} %>
   <div class="form-actions">
   	<%= f.submit "Save Settings", :class=>"btn btn-primary"%> or <%=link_to "cancel",request.referer,:class => "btn" %>

data/app/views/admin/setup/new.html.erb ADDED Viewed

@@ -0,0 +1,44 @@
+<%
+@page_thumbnail = "spud/admin/users_thumb.png"
+@page_name = "First Time Setup"
+%>
+<% content_for :detail do %>
+	<% form_for @spud_user, :url => admin_setup_path, :html => {:class => "form-horizontal"} do |f| %>
+		<%= error_messages_for f.object %>
+		<fieldset>
+			<legend>New Admin Account</legend>
+				<div class="control-group">
+					<%= f.label :login, "Login", :class => "control-label" %>
+					<div class="controls">
+						<%= f.text_field :login %>
+					</div>
+				</div>
+				<div class="control-group">
+					<%= f.label :email, "Email", :class => "control-label" %>
+					<div class="controls">
+						<%= f.text_field :email %>
+					</div>
+				</div>
+				<div class="control-group">
+					<%= f.label :password, "Password", :class => "control-label" %>
+					<div class="controls">
+						<%= f.password_field :password %>
+						<p class="help-block">Password must be at least 8 characters</p>
+					</div>
+				</div>
+				<div class="control-group">
+					<%= f.label :password_confirmation, "Confirm", :class => "control-label" %>
+					<div class="controls">
+						<%= f.password_field :password_confirmation %>
+						<p class="help-block">Retype your password here.</p>
+					</div>
+				</div>
+		</fieldset>
+		<div class="form-actions">
+			<%=submit_tag "Create Admin Account", :class=>"btn btn-primary"%>
+		</div>
+	<% end %>
+<% end %>

data/app/views/admin/user_sessions/new.html.erb ADDED Viewed

@@ -0,0 +1,17 @@
+<%= form_for @user_session, :url => admin_login_path do |f| %>
+  <%= error_messages_for(f.object) %>
+  <div class="login-form-row">
+	  <%= f.label :login %>
+	  <%= f.text_field :login %>
+  </div>
+  <div class="login-form-row">
+  	<%= f.label :password %>
+  	<%= f.password_field :password %>
+  </div>
+  <div class="login-form-row">
+  	<%= f.submit "Login", :class => 'btn' %> or <%=link_to "Forgot Password?", admin_password_resets_path %>
+  </div>
+<% end %>

data/app/views/{spud/admin → admin}/users/_form.html.erb RENAMED Viewed

@@ -60,31 +60,31 @@
   </div>
 </div>
-<div class="control-group">
-  <%=f.label :super_admin,"Super Admin",:class=> "control-label"%>
-  <div class="controls">
-    <label class="checkbox inline">
-    <%=f.check_box :super_admin, :title => ""%>
-    The super administrator bypasses all permissions.
-  </label>
-  </div>
-</div>
 </fieldset>
 <fieldset>
   <legend>Permissions</legend>
-        <div class="control-group">
-        <label class="control-label">Access Control</label>
-    <div class="controls">
-    <%=f.fields_for :spud_admin_permissions do |builder|%>
-      <%=builder.hidden_field :name%>
+  <div class="control-group">
+    <%= f.label :super_admin, "Super Admin", :class=> "control-label" %>
+    <div class="controls">
       <label class="checkbox inline">
-        <%=builder.check_box :access%><%=builder.object.name%>&nbsp;&nbsp;
-    </label>
-    <%end%>
+        <%= f.check_box :super_admin, :title => "" %>
+        The super administrator bypasses all permissions and roles.
+      </label>
+    </div>
+  </div>
+  <div class="control-group">
+    <%= f.label :role, 'Role', :class => 'control-label' %>
+    <div class="controls">
+      <%= f.select :spud_role_id, options_from_collection_for_select(SpudRole.all, :id, :name, f.object.spud_role_id), :include_blank => 'No Role' %>
     </div>
-      </div>
+  </div>
 </fieldset>
+<div class="form-actions">
+  <%= f.submit "Save User", :class=>"btn btn-primary", "data-loading-text" => "Saving..." %>
+  or <%= link_to "Cancel", '#', :class => "btn admin-user-edit-cancel-btn" %>
+</div>

data/app/views/admin/users/_index.html.erb ADDED Viewed

@@ -0,0 +1,15 @@
+<div class="split-pane-left-content">
+  <% if @users.blank? %>
+    <p class="split-pane-left-content-empty">No users found for your search.</p>
+  <% else %>
+    <% @users.each do |user| %>
+      <div class="split-pane-item" data-url="<%= admin_user_path(user) %>" data-id="<%= user.id %>">
+        <span class="split-pane-item-title"><%= user.full_name %></span>
+        <span class="split-pane-item-meta"><%= user.email %></span>
+      </div>
+    <% end %>
+  <% end %>
+</div>
+<div class="split-pane-left-pagination">
+  <%= will_paginate @users %>
+</div>

data/app/views/admin/users/edit.html.erb ADDED Viewed

@@ -0,0 +1,3 @@
+<%= form_for @user, :url => admin_user_path(@user), :html=> {:class => "form-horizontal admin-user-form"} do |f| %>
+  <%= render :partial => "form", :locals => {:f => f} %>
+<% end %>

data/app/views/admin/users/index.html.erb ADDED Viewed

@@ -0,0 +1,34 @@
+<%= content_for :data_controls do %>
+	<%= link_to raw('<i class="icon-refresh"></i>'), '#', :class => 'btn split-pane-refresh-btn' %>
+	<%= link_to 'Roles', admin_roles_path, :class => 'btn' %>
+	<%= link_to "New User", new_admin_user_path, :class => "btn btn-primary admin-user-add-btn", :title => "New User" %>
+<% end %>
+<%= content_for :detail do %>
+	<div class="split-pane admin-users-split-pane">
+		<div class="split-pane-toolbar">
+			<div class="split-pane-toolbar-left">
+				<%= form_tag admin_users_path, :method => :get, :class => 'split-pane-search-form' do %>
+					<input type="search" name="search" id="search" results="5" autosave="spud-admin-user-search" value="<%= params[:search] %>"/>
+				<% end %>
+				<%= link_to 'X', admin_users_path, :class => 'btn btn-small split-pane-search-clear-btn' %>
+			</div>
+			<div class="split-pane-toolbar-right">
+				<span class="split-pane-toolbar-title"></span>
+			</div>
+		</div>
+		<div class="split-pane-left">
+			<%= render 'index' %>
+		</div>
+		<div class="split-pane-right">
+			<div class="split-pane-right-content">
+			</div>
+		</div>
+	</div>
+	<script>
+		$(document).ready(spud.admin.users.index);
+	</script>
+<% end %>

data/app/views/admin/users/new.html.erb ADDED Viewed

@@ -0,0 +1,3 @@
+<%= form_for @user, :url => admin_users_path, :html=> {:class => "form-horizontal admin-user-form"} do |f| %>
+  <%= render :partial => "form", :locals => {:f => f} %>
+<% end %>

data/app/views/admin/users/show.html.erb ADDED Viewed

@@ -0,0 +1,28 @@
+<div class="admin-user-show" data-id="<%= @user.id %>">
+  <div class="admin-user-show-controls">
+    <%= link_to 'Edit', edit_admin_user_path(@user), :class => 'btn btn-small admin-user-edit-btn', :title => "Edit User - #{@user.full_name}" %>
+    <div class="btn-group">
+      <a class="btn dropdown-toggle btn-small btn-danger" data-toggle="dropdown" href="#">
+        Delete
+      </a>
+      <ul class="dropdown-menu pull-right">
+        <li><%= link_to 'Confirm', admin_user_path(@user), :class => 'admin-user-delete-btn' %></li>
+      </ul>
+    </div>
+  </div>
+  <h2><%= @user.full_name %></h2>
+  <dl>
+    <dt>Login</dt>
+    <dd><%= @user.login %></dd>
+    <dt>Email</dt>
+    <dd><%= mail_to @user.email %></dd>
+    <dt>Last Login</dt>
+    <dd><%= timestamp @user.last_login_at %></dd>
+    <dt>Created At</dt>
+    <dd><%= timestamp @user.created_at %></dd>
+    <dt>Role:</dt>
+    <dd><%= @user.role.blank? ? 'None' : @user.role.name %></dd>
+    <dt>Super Admin?<dt>
+    <dd><%= @user.super_admin? ? 'Yes' : 'No' %></dd>
+  </dl>
+</div>

data/app/views/layouts/admin/application.html.erb ADDED Viewed

@@ -0,0 +1,68 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <title><%= Spud::Core.config.site_name %> Admin</title>
+  <%= stylesheet_link_tag *Spud::Core.config.admin_stylesheets %>
+  <%= javascript_include_tag *Spud::Core.config.admin_javascripts %>
+  <%= csrf_meta_tags %>
+  <%= yield :head %>
+</head>
+<body>
+<div id="header" style="<%=header_style%>">
+	<%= link_to admin_root_path do %>
+    <h1><%= Spud::Core.config.site_name %> Admin</h1>
+  <% end %>
+  <% if current_user %>
+  	<div id="user_meta">
+  		<span class="greeting">Hello <%= @current_user.full_name %></span> |
+      <%=link_to "Settings", admin_settings_path%> |
+      <%=link_to "Logout",admin_logout_path %>
+  	</div>
+    <% if Spud::Core.multisite_mode_enabled == true %>
+      <div id="multisite_switcher" class="right_floated">
+        <%=form_tag admin_switch_path do%>
+          <%=select_tag :multisite_select,options_for_select([[Spud::Core.site_name,nil]] + Spud::Core.multisite_config.collect{|c| [c[:site_name],c[:site_id]]},session[:admin_site])%>
+        <% end %>
+      </div>
+    <% end %>
+  <% end %>
+</div>
+<div id="breadcrumbs">
+  <%= render_breadcrumbs :separator => ' / ' %>
+</div>
+<div id="content">
+  <% if flash[:notice] %>
+    <div class="alert alert-success">
+      <a class="close" data-dismiss="alert">×</a>
+      <%= flash[:notice] %>
+    </div>
+  <% end %>
+  <% if flash[:warning] %>
+    <div class="alert alert-warning">
+      <a class="close" data-dismiss="alert">×</a>
+      <%= flash[:warning] %>
+    </div>
+  <% end %>
+  <% if flash[:error]%>
+  <div class="alert alert-error">
+      <a class="close" data-dismiss="alert">×</a>
+  	  <%= flash[:error] %>
+  </div>
+  <% end %>
+  <%= content_for?(:content) ? yield(:content) : yield %>
+</div>
+<div id="modal_window" class="modal hide fade" tabindex="-1" role="dialog" aria-labelledby="myModalLabel" aria-hidden="true">
+  <div class="modal-header">
+    <button type="button" class="close" data-dismiss="modal" aria-hidden="true">×</button>
+    <h3 class="modal-title"></h3>
+  </div>
+  <div class="modal-body"></div>
+  <div class="modal-footer modal-footer-default">
+    <button class="btn" data-dismiss="modal" aria-hidden="true">Close</button>
+    <button class="btn btn-primary form-submit">Save changes</button>
+  </div>
+</div>
+</body>
+</html>

data/app/views/layouts/{spud/admin → admin}/detail.html.erb RENAMED Viewed

@@ -1,5 +1,5 @@
 <%=content_for :content do %>
-	<div id="detail_wrapper">
+	<div class="detail_wrapper">
 	<span class="data_controls">
 			<%=yield :data_controls%>
 		</span>
@@ -28,4 +28,4 @@
 		</div>
 	</div>
 <%end%>
-<%= render :template => 'layouts/spud/admin/application' %>
+<%= render :template => 'layouts/admin/application' %>

data/app/views/layouts/admin/login.html.erb ADDED Viewed

@@ -0,0 +1,27 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <title><%= Spud::Core.config.site_name %> Admin: Login</title>
+  <%= stylesheet_link_tag 'admin/application' %>
+  <%= csrf_meta_tags %>
+</head>
+<body>
+<div class="login-container">
+  <div class="login-form">
+    <h1><%= @login_title || 'Login' %></h1>
+    <% if flash[:notice] %>
+      <div class="alert">
+        <%= flash[:notice] %>
+      </div>
+    <% elsif flash[:error] %>
+      <div class="alert alert-error">
+        <%= flash[:error] %>
+      </div>
+    <% end %>
+    <%= yield %>
+  </div>
+</div>
+</body>
+</html>

data/app/views/password_resets/index.html.erb ADDED Viewed

@@ -0,0 +1,11 @@
+<h1>Password Reset</h1>
+<%= form_tag password_resets_path, :class => 'spud-login-form' do  %>
+  <div class="spud-login-form-row">
+    <%= label_tag :email %>
+    <%= text_field_tag :email %>
+  </div>
+  <div class="spud-login-form-row spud-login-form-row-actions">
+    <%= submit_tag 'Submit', :class => 'btn btn-primary' %> or <%= link_to 'Cancel', login_path %>
+  </div>
+<% end %>