the_role 2.1.1 → 2.3

data/spec/dummy_app/app/controllers/application_controller.rb

@@ -0,0 +1,38 @@
+class ApplicationController < ActionController::Base
+  include TheRole::Controller
+
+  # Prevent CSRF attacks by raising an exception.
+  # For APIs, you may want to use :null_session instead.
+  protect_from_forgery with: :exception
+
+  protect_from_forgery
+  before_filter :set_locale
+
+  def access_denied
+    flash[:error] = t('the_role.access_denied')
+    redirect_to(:back)
+  end
+
+  private
+
+  def set_locale
+    locale = 'en'
+    langs  = %w{ en ru es pl zh_CN }
+
+    if params[:locale]
+      lang = params[:locale]
+      if langs.include? lang
+        locale           = lang
+        cookies[:locale] = lang
+      end
+    else
+      if cookies[:locale]
+        lang   = cookies[:locale]
+        locale = lang if langs.include? lang
+      end
+    end
+
+    I18n.locale = locale
+    redirect_to(:back) if params[:locale]
+  end
+end

data/spec/dummy_app/app/controllers/pages_controller.rb

@@ -0,0 +1,75 @@
+class PagesController < ApplicationController
+  # Devise2 and TheRole before_actions
+  before_action :login_required, except: [:index, :show]
+  before_action :role_required,  except: [:index, :show]
+
+  before_action :set_page,       only:   [:edit, :update, :destroy]
+  before_action :owner_required, only:   [:edit, :update, :destroy]
+
+  # Public
+
+  def index
+    @pages = Page.with_state(:published).all
+  end
+
+  def show
+    @page = Page.with_state(:published).find params[:id]
+  end
+
+  # Login && role
+
+  def new
+    @page = Page.new
+  end
+
+  def create
+    @page = Page.new page_params
+
+    if @page.save
+      redirect_to @page, notice: 'Page was successfully created.'
+    else
+      render action: 'new'
+    end
+  end
+
+  def my
+    @pages = current_user.pages
+  end
+
+  # login && role && ownership
+
+  def edit; end
+
+  def update
+    if @page.update_attributes page_params
+      redirect_to @page, notice: 'Page was successfully updated.'
+    else
+      render action: :edit
+    end
+  end
+
+  def destroy
+    @page.destroy
+    redirect_to pages_url
+  end
+
+  # Admin or Pages Moderator Role require
+
+  def manage
+    @pages = Page.all
+  end
+
+  private
+
+  def set_page
+    @page = Page.find params[:id]
+
+    # TheRole: You should define OWNER CHECK OBJECT
+    # When editable object was found
+    @owner_check_object = @page
+  end
+
+  def page_params
+    params.require(:page).permit(:user_id, :title, :content, :state)
+  end
+end

data/spec/dummy_app/app/controllers/users_controller.rb

@@ -0,0 +1,32 @@
+class UsersController < ApplicationController
+  before_filter :login_required
+  before_filter :role_required
+
+  before_filter :find_user,      :only   => [:edit, :update]
+  before_filter :owner_required, :only   => [:edit, :update]
+
+  def edit; end
+
+  def update
+    @user.update_attributes params[:user]
+    flash[:notice] = 'User was successfully updated.'
+    redirect_to edit_user_path @user
+  end
+
+  def change_role
+    @user = User.find params[:user_id]
+    @role = Role.find params[:role_id]
+    @user.update_attribute(:role, @role)
+    redirect_to edit_user_path @user
+  end
+
+  private
+
+  def find_user
+    @user = User.find params[:id]
+
+    # TheRole: You should define OWNER CHECK OBJECT
+    # When editable object was found
+    @owner_check_object = @user
+  end
+end

data/spec/dummy_app/app/controllers/welcome_controller.rb

@@ -0,0 +1,13 @@
+class WelcomeController < ApplicationController
+  before_filter :authenticate_user!, :except => [:index, :autologin]
+
+  def index; end
+  def profile; end
+
+  def autologin
+    user = User.find_by_email params[:email]
+    sign_in user if user
+    redirect_to request.referrer || root_path
+  end
+
+end

data/spec/dummy_app/app/helpers/application_helper.rb

@@ -0,0 +1,2 @@
+module ApplicationHelper
+end

data/spec/dummy_app/app/models/page.rb

@@ -0,0 +1,24 @@
+class Page < ActiveRecord::Base
+  # RELATIONS
+  belongs_to :user
+
+  # VALIDATIONS
+  validates :user,    presence: true
+  validates :title,   presence: true, uniqueness: true
+  validates :content, presence: true
+
+  state_machine :state, :initial => :draft do
+    # events
+    event :to_draft do 
+      transition all => :draft
+    end
+
+    event :to_published do
+      transition all => :published
+    end
+
+    event :to_deleted do
+      transition all => :deleted
+    end
+  end
+end

data/spec/dummy_app/app/models/role.rb

@@ -0,0 +1,4 @@
+class Role < ActiveRecord::Base
+  include TheRole::Role
+  # acts_as_role
+end

data/spec/dummy_app/app/models/user.rb

@@ -0,0 +1,21 @@
+class User < ActiveRecord::Base
+  # Include default devise modules. Others available are:
+  # :token_authenticatable, :encryptable, :confirmable, :lockable, :timeoutable and :omniauthable
+  devise :database_authenticatable, :registerable,
+         :recoverable, :rememberable, :trackable, :validatable
+
+  include TheRole::User
+  # has_role
+
+  # Setup accessible (or protected) attributes for your model
+  # attr_accessible :email, :password, :password_confirmation, :remember_me
+  # User accessible fields
+  # attr_accessible :name, :company, :address
+
+  # When we uncomment this string - test should give fail
+  # just for example, do not uncomment it
+  # attr_accessible :some_protected_field
+
+  # RELATIONS
+  has_many :pages
+end

data/spec/dummy_app/app/views/layouts/_current_user_info.html.haml

@@ -0,0 +1,17 @@
+%h2 Current user
+
+%p
+  - if user_signed_in?
+    %p
+      %b{ style: "color:green" }= current_user.name
+    %p
+      %i role: #{current_user.role.name}
+      \|
+      = link_to "Sign out", destroy_user_session_path, :method => :delete
+  - else
+    %p
+      %i Guest
+    %p
+      = link_to "Sign in", new_user_session_path
+      \|
+      = link_to "Sign up", new_user_registration_path

data/spec/dummy_app/app/views/layouts/application.html.haml

@@ -0,0 +1,68 @@
+!!!
+%html
+  %head
+    %title TheRoleTestcase
+    = stylesheet_link_tag    :application
+    = javascript_include_tag :application
+    = stylesheet_link_tag "http://netdna.bootstrapcdn.com/font-awesome/3.2.1/css/font-awesome.min.css"
+
+    = csrf_meta_tags
+
+    = yield :js 
+    = yield :css 
+
+  %body
+    .container
+      .row
+        .col-md-12.header
+          %h2 TheRole - Authorization Gem for Ruby on Rails with administrative interface.
+          %h3 Semantic, Flexible, Lightweight
+
+      .row
+        .col-md-3.manage_panel
+          = yield :role_sidebar
+
+          %h4 Basic links
+
+          %ul
+            %li= link_to 'Home',         root_path
+            %li= link_to 'pages/index',  pages_path
+            %li= link_to 'pages/manage', manage_pages_path
+            %li= link_to 'pages/my',     my_pages_path
+            %li= link_to 'admin/roles',  admin_roles_path
+          
+          = render :partial => 'layouts/current_user_info'
+
+        .col-md-9.main_content
+          - if flash[:notice]
+            .alert.alert-success
+              %a.close{:href => '#', 'data-dismiss' => :alert } ×
+              = flash[:notice]
+
+          - if flash[:error]
+            .alert.alert-danger
+              %a.close{:href => '#', 'data-dismiss' => :alert } ×
+              = flash[:error]
+          
+          = yield
+          = yield :role_main
+
+      .row
+        .col-md-3
+          %p
+            = link_to 'TheRole 2', 'https://github.com/the-teacher/the_role'
+        .col-md-9
+          %p
+            = link_to 'en', '/?locale=en'
+            \|
+            = link_to 'ru', '/?locale=ru'
+            \|
+            = link_to 'es', '/?locale=es'
+            \|
+            = link_to 'zh_CN', '/?locale=zh_CN'
+            \|
+            = link_to 'pl', '/?locale=pl'
+            \|
+            %b
+              = t '.current_locale'
+              = I18n.locale

data/spec/dummy_app/app/views/pages/_form.html.haml

@@ -0,0 +1,19 @@
+= form_for @page do |f|
+  -if @page.errors.any?
+    #error_explanation
+      %h2= "#{pluralize(@page.errors.count, "error")} prohibited this page from being saved:"
+      %ul
+        - @page.errors.full_messages.each do |msg|
+          %li= msg
+
+  .field
+    = f.label :user_id
+    = f.number_field :user_id
+  .field
+    = f.label :title
+    = f.text_field :title
+  .field
+    = f.label :content
+    = f.text_area :content
+  .actions
+    = f.submit 'Save'

data/spec/dummy_app/app/views/pages/edit.html.haml

@@ -0,0 +1,7 @@
+%h1 Editing page
+
+= render 'form'
+
+= link_to 'Show', @page
+\|
+= link_to 'Back', pages_path

data/spec/dummy_app/app/views/pages/index.html.haml

@@ -0,0 +1,27 @@
+%p= link_to 'Back', root_path
+
+%h1 Listing of #{@pages.count} pages
+
+%table
+  %tr
+    %th Num
+    %th User
+    %th Title
+    %th State
+    %th
+    %th
+    %th
+
+  - @pages.each_with_index do |page, index|
+    %tr
+      %td
+        - if current_user and current_user.owner?(page)
+          %span{ style: "color:red" }= index.next
+        - else
+          = index.next
+      %td= page.user_id
+      %td= page.title
+      %td= page.state
+      %td= link_to 'Show', page
+      %td= link_to 'Edit', edit_page_path(page)
+      %td= link_to 'Destroy', page, :data => { :confirm => 'Are you sure?' }, :method => :delete

data/spec/dummy_app/app/views/pages/manage.html.haml

@@ -0,0 +1,23 @@
+%p= link_to 'Back', root_path
+
+%h1 Listing of #{@pages.count} pages
+
+%table
+  %tr
+    %th Num
+    %th User
+    %th Title
+    %th State
+    %th
+    %th
+    %th
+
+  - @pages.each_with_index do |page, index|
+    %tr
+      %td= index.next
+      %td= page.user_id
+      %td= page.title
+      %td= page.state
+      %td= link_to 'Show', page
+      %td= link_to 'Edit', edit_page_path(page)
+      %td= link_to 'Destroy', page, :data => { :confirm => 'Are you sure?' }, :method => :delete

data/spec/dummy_app/app/views/pages/my.html.haml

@@ -0,0 +1,10 @@
+%p= link_to 'Back', root_path
+%h1 Current user: #{current_user.name}
+
+%h2 User's pages
+
+%ol
+  - @pages.each do |page|
+    %li
+      %i user_id: #{page.user_id}
+      %b= page.title

data/spec/dummy_app/app/views/pages/new.html.haml

@@ -0,0 +1,5 @@
+%h1 New page
+
+= render 'form'
+
+= link_to 'Back', pages_path

data/spec/dummy_app/app/views/pages/show.html.haml

@@ -0,0 +1,15 @@
+%p#notice= notice
+
+%p
+  %b User:
+  = @page.user_id
+%p
+  %b Title:
+  = @page.title
+%p
+  %b Content:
+  = @page.content
+
+= link_to 'Edit', edit_page_path(@page)
+\|
+= link_to 'Back', pages_path

data/spec/dummy_app/app/views/users/edit.html.haml

@@ -0,0 +1,34 @@
+- if flash[:notice]
+  %p{ :style => 'background: LightGreen; padding: 10px;' }= flash[:notice]
+
+%h2{ :style => 'color: gray' } Editable User: #{@user.name} | Role: #{@user.role.name}
+%h3{ :style => 'color: lightGray' } Current User: #{current_user.name} | Role: #{current_user.role.name}
+
+%p= link_to 'To index page', '/'
+
+= form_for @user, :method => :put do |f|
+  .field
+    %p= f.label :name
+    %p= f.text_field :name
+
+  .field
+    %p= f.label :email
+    %p= f.text_field :email
+
+  .field
+    %p= f.label :role_id, 'Protected field'
+    %p= f.text_field :role_id
+
+  .field
+    %p= f.label :some_protected_field, 'Protected field'
+    %p= f.text_field :some_protected_field
+
+  .field
+    %p= f.submit
+
+
+- if current_user.admin?
+  = form_tag change_role_path, :method => :put do
+    = hidden_field_tag :user_id, @user.id
+    = select_tag :role_id, options_for_select(Role.all.collect{ |r| [r.name, r.id] })
+    = submit_tag

data/spec/dummy_app/app/views/welcome/index.html.haml

@@ -0,0 +1,38 @@
+%h1 Users info
+
+%ol
+  - User.all.each do |user|
+    %li
+      %b= user.name
+      \-
+      - if user.role
+        %b role: #{user.role.name}
+      - else
+        %b User has not role
+      \-
+      |
+      = link_to 'Login now!', autologin_path(:email => user.email)
+%p
+  %b password:
+  %i qwerty
+
+%h1 Edit Users
+
+%ol
+  - User.all.each do |user|
+    - if user.role
+      %li= link_to "Edit user: #{user.name} [#{user.role.name}]",  edit_user_path(user)
+    - else
+      %li User #{user.name} has not role
+
+%h1 Roles info
+
+%ol
+  - Role.all.each do |role|
+    %li
+      %b= role.name
+      \-
+      %i= role.description
+      \-
+      - users_list = role.users.map(&:name).join(', ')
+      %b users: [#{users_list}]

data/spec/dummy_app/app/views/welcome/profile.html.haml

@@ -0,0 +1,2 @@
+%h1 Welcome#profile
+%p Find me in app/views/welcome/profile.html.haml

data/spec/dummy_app/bin/bundle

@@ -0,0 +1,3 @@
+#!/usr/bin/env ruby
+ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../../Gemfile', __FILE__)
+load Gem.bin_path('bundler', 'bundle')

data/spec/dummy_app/bin/rails

@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+APP_PATH = File.expand_path('../../config/application',  __FILE__)
+require_relative '../config/boot'
+require 'rails/commands'

data/spec/dummy_app/bin/rake

@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+require_relative '../config/boot'
+require 'rake'
+Rake.application.run

data/spec/dummy_app/config/application.rb

@@ -0,0 +1,23 @@
+require File.expand_path('../boot', __FILE__)
+
+require 'rails/all'
+
+# Require the gems listed in Gemfile, including any gems
+# you've limited to :test, :development, or :production.
+Bundler.require(:default, Rails.env)
+
+module RailsApp
+  class Application < Rails::Application
+    # Settings in config/environments/* take precedence over those specified here.
+    # Application configuration should go into files in config/initializers
+    # -- all .rb files in that directory are automatically loaded.
+
+    # Set Time.zone default to the specified zone and make Active Record auto-convert to this zone.
+    # Run "rake -D time" for a list of tasks for finding time zone names. Default is UTC.
+    # config.time_zone = 'Central Time (US & Canada)'
+
+    # The default locale is :en and all translations from config/locales/*.rb,yml are auto loaded.
+    # config.i18n.load_path += Dir[Rails.root.join('my', 'locales', '*.{rb,yml}').to_s]
+    # config.i18n.default_locale = :de
+  end
+end

data/spec/dummy_app/config/boot.rb

@@ -0,0 +1,4 @@
+# Set up gems listed in the Gemfile.
+ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../../Gemfile', __FILE__)
+
+require 'bundler/setup' if File.exists?(ENV['BUNDLE_GEMFILE'])

data/spec/dummy_app/config/database.yml

@@ -0,0 +1,17 @@
+production:
+  adapter: sqlite3
+  database: db/the_role_prod.db
+  pool: 5
+  timeout: 5000
+
+development:
+  adapter: sqlite3
+  database: db/the_role_dev.db
+  pool: 5
+  timeout: 5000
+
+test:
+  adapter: sqlite3
+  database: db/the_role_test.db
+  pool: 5
+  timeout: 5000

data/spec/dummy_app/config/environment.rb

@@ -0,0 +1,5 @@
+# Load the rails application.
+require File.expand_path('../application', __FILE__)
+
+# Initialize the rails application.
+RailsApp::Application.initialize!

data/spec/dummy_app/config/environments/development.rb

@@ -0,0 +1,29 @@
+RailsApp::Application.configure do
+  # Settings specified here will take precedence over those in config/application.rb.
+
+  # In the development environment your application's code is reloaded on
+  # every request. This slows down response time but is perfect for development
+  # since you don't have to restart the web server when you make code changes.
+  config.cache_classes = false
+
+  # Do not eager load code on boot.
+  config.eager_load = false
+
+  # Show full error reports and disable caching.
+  config.consider_all_requests_local       = true
+  config.action_controller.perform_caching = false
+
+  # Don't care if the mailer can't send.
+  config.action_mailer.raise_delivery_errors = false
+
+  # Print deprecation notices to the Rails logger.
+  config.active_support.deprecation = :log
+
+  # Raise an error on page load if there are pending migrations
+  config.active_record.migration_error = :page_load
+
+  # Debug mode disables concatenation and preprocessing of assets.
+  # This option may cause significant delays in view rendering with a large
+  # number of complex assets.
+  config.assets.debug = true
+end