theworkinggroup-wristband 1.0.0

data/generators/wristband/wristband_generator.rb

@@ -0,0 +1,69 @@
+class WristbandGenerator < Rails::Generator::Base 
+  def manifest 
+    record do |m| 
+      # User files
+      m.directory 'app/models'
+      m.template 'app/models/user.rb', 'app/models/user.rb'
+      m.directory 'app/controllers'
+      m.template 'app/controllers/users_controller.rb', 'app/controllers/users_controller.rb'
+      m.directory 'app/views/users'
+      m.template 'app/views/users/index.html.haml', 'app/views/users/index.html.haml'
+
+      # User notifier files
+      m.directory 'app/models'
+      m.template 'app/models/user_notifier.rb', 'app/models/user_notifier.rb'
+      m.directory 'app/views/user_notifier'
+      m.file 'app/views/user_notifier/forgot_password.text.html.rhtml', 'app/views/user_notifier/forgot_password.text.html.rhtml'
+      m.file 'app/views/user_notifier/forgot_password.text.plain.rhtml', 'app/views/user_notifier/forgot_password.text.plain.rhtml'
+      m.file 'app/views/user_notifier/email_verification.text.html.rhtml', 'app/views/user_notifier/email_verification.text.html.rhtml'
+      m.file 'app/views/user_notifier/email_verification.text.plain.rhtml', 'app/views/user_notifier/email_verification.text.plain.rhtml'
+
+      
+      # Session files
+      m.directory 'app/controllers'
+      m.template 'app/controllers/sessions_controller.rb', 'app/controllers/sessions_controller.rb'
+      m.directory 'app/views/sessions'
+      m.template 'app/views/sessions/new.html.haml', 'app/views/sessions/new.html.haml'
+      
+      # Migrations
+      m.directory 'db/migrate'
+      m.migration_template 'db/migrate/create_wristband_tables.rb', 'db/migrate', :migration_file_name => "create_wristband_tables"
+
+      # Routes
+      m.add_route %{
+  # Edit these as needed ...
+  map.with_options :controller => 'sessions' do |session|
+    session.login   '/login',   :action => 'new',     :conditions => { :method => :get }
+    session.login   '/login',   :action => 'create',  :conditions => { :method => :post }
+    session.logout  '/logout',  :action => 'destroy'
+  end
+
+  map.with_options :controller => 'users' do |user|
+    user.register         '/register',   :action => 'new',     :conditions => { :method => :get }
+    user.register         '/register',   :action => 'create',  :conditions => { :method => :post }
+    user.verify_email     '/users/verify_email/:email_validation_key', :action => 'verify_email', :conditions => { :method => :get }
+    user.forgot_password  '/forgot_password', :action => 'forgot_password'
+  end
+
+  map.home  '/',  :controller => 'users', :action => 'index'
+      }
+      m.route_resources :sessions, :users
+    end
+  end
+  
+  def file_name
+    'wristband'
+  end
+  
+  class Rails::Generator::Commands::Create
+    def add_route(text)
+      sentinel = 'ActionController::Routing::Routes.draw do |map|'
+      logger.route "specific routes"
+      unless options[:pretend]
+        gsub_file 'config/routes.rb', /(#{Regexp.escape(sentinel)})/mi do |match|
+          "#{match}\n  #{text}\n"
+        end
+      end
+    end
+  end
+end

data/init.rb

@@ -0,0 +1 @@
+require File.join(File.dirname(__FILE__), "lib", "wristband")

data/lib/wristband.rb

@@ -0,0 +1,121 @@
+require 'wristband/user_extensions'
+require 'wristband/support'
+require 'wristband/application_extensions'
+require 'wristband/authority_check'
+
+module Wristband
+
+  VERSION = "1.0.0"
+
+  class << self
+    def included base #:nodoc:
+      base.extend ClassMethods
+    end
+  end
+
+  module ClassMethods
+    def wristband(options={})
+      options[:login_with]            ||= [:username]
+      options[:before_authentication] ||= []
+      options[:after_authentication]  ||= []
+      options[:plain_text_password]   ||= false
+      options[:has_authorities]       ||= false
+      options[:roles]                 ||= []
+      
+      class_eval do
+        include Wristband::UserExtensions
+        
+        if options[:plain_text_password]
+          options[:password_column] ||= :password
+        else
+          options[:password_column] ||= :password_crypt
+          
+          # These two are used on the login form
+          attr_accessor :password
+          attr_accessor :password_confirmation
+          
+          before_save :encrypt_password
+        end
+          
+        # Add roles
+        unless options[:roles].blank?
+          options[:roles].each do |role|
+            define_method "is_#{role}?" do
+              self.role == role.to_s
+            end
+          end
+        end
+        
+        class << self
+          attr_accessor :wristband
+        end
+      end
+      
+      self.wristband = {
+        :login_with_fields            => [options[:login_with]].flatten,
+        :before_authentication_chain  => [options[:before_authentication]].flatten,
+        :after_authentication_chain   => [options[:after_authentication]].flatten,
+        :password_column              => options[:password_column],
+        :plain_text_password          => options[:plain_text_password],
+        :roles                        => options[:roles]
+      }
+      
+      if options[:has_authorities]
+        self.wristband[:authority_class] = UtilityMethods.interpret_class_specification(self, options[:has_authorities])
+      end
+    end    
+  end
+  
+  module MigrationExtensions
+    def create_users_table(options = { }, &block)
+      case (options)
+      when String:
+        options = { :options => options }
+      end
+      
+      create_table :users, options do |t|
+        t.default_user_columns
+        yield(t) if (block)
+      end
+    end
+  end
+  
+  module TableDefinitionMethods
+    def default_user_columns
+      column :username, :string
+      column :password_crypt, :string, :limit => 40
+      column :password_salt, :string, :limit => 40
+      column :remember_token, :string
+      column :email_validation_key, :string
+      column :created_at, :datetime
+      column :updated_at, :datetime
+    end
+  end
+  
+  module UtilityMethods
+    def self.interpret_class_specification(model_class, with_class)
+      case (with_class)
+      when Symbol:
+        "#{model_class.class_name}#{with_class.to_s.camelcase}".constantize
+      when String:
+        with_class.constantize
+      when true:
+        "#{model_class.class_name}AuthorityCheck".constantize
+      else
+        with_class
+      end
+    end
+  end
+  
+end
+
+# Set it all up.
+if Object.const_defined?("ActiveRecord")
+  ActiveRecord::Base.send(:extend, Wristband::ClassMethods)
+end
+
+if Object.const_defined?("ActionController")
+  ActionController::Base.send(:include, Wristband::ApplicationExtensions)
+end
+
+

data/lib/wristband/application_extensions.rb

@@ -0,0 +1,78 @@
+module Wristband
+  module ApplicationExtensions
+    def self.included(base)
+      base.send(:extend, Wristband::ApplicationExtensions::ClassMethods)
+      base.send(:include, Wristband::ApplicationExtensions::InstanceMethods)
+      base.send(:helper_method, :logged_in?, :session_user) if base.respond_to?(:helper_method)
+    end
+
+    module ClassMethods
+      # ...
+    end
+
+    module InstanceMethods
+      def authenticate_and_login(username, password, remember_me=false)
+        if user = ::User.authenticate(username, password)
+          login_as_user(user, remember_me)
+          user
+        end
+      end
+    
+      def login_as_user(user, remember_me=false)
+        self.session_user = user
+        if remember_me
+          token = Support.encrypt_with_salt(user.id.to_s, Time.now.to_f.to_s)
+          cookies[:login_token] = { :value => token, :expires => 2.weeks.from_now.utc }
+          user.update_attribute(:remember_token, token)
+        end
+      end
+  
+      # Logs a user out and deletes the remember_token.
+      def logout
+        session_user.update_attribute(:remember_token, nil) if session_user
+        cookies.delete(:login_token)    
+        reset_session
+      end  
+    
+      # Returns true if a user is logged in
+      def logged_in?
+        !!session_user
+      end
+    
+      # Returns the current user in session. Use this on your views and controllers.
+      def session_user
+        @session_user ||= (session[:user_id] and ::User.find_by_id(session[:user_id]))
+      end
+
+      # Sets the current user in session
+      def session_user=(user)
+        @session_user = user
+        session[:user_id] = (user and user.id)
+      end
+    
+      # Logs a user automatically from his cookie
+      #
+      # You can use this function as a before filter on your controllers.
+      def login_from_cookie
+        return if (logged_in? or !cookies[:login_token])
+        self.session_user = ::User.find_by_remember_token(cookies[:login_token])
+      end
+    
+      # You can use this function as a before filter on your controllers that require autentication.
+      #
+      # If the user is not logged in +respond_not_logged_in+ will be called.
+      def login_required
+        unless logged_in?
+          respond_not_logged_in
+          return false
+        end
+      end
+    
+      # Override this on your controllers to specify what to do when the user is not logged in.
+      def respond_not_logged_in
+        false
+      end
+    
+    end
+  end
+end

data/lib/wristband/authority_check.rb

@@ -0,0 +1,160 @@
+# = AuthorityCheck
+# The different user authorities are defined in a separate class so as to reduce
+# clutter in the User model itself. 
+# 
+#   class User < ActiveRecord::Base
+#     wristband :has_authorities => true
+#   end
+#   
+# This will refer to the class UserAuthorityCheck for all authority tests, but the
+# name of this module can be defined as required:
+# 
+#   class User < ActiveRecord::Base
+#     has_authorities => :permissions
+#   end
+# 
+# That would reference the class UserPermissions instead for all tests.
+# 
+# A sample authority checking class is defined as:
+# 
+#   class UserAuthorityCheck < AuthorityCheck
+#     def wear_shoes?
+#       unless (@user.name.match(/^a/i))
+#         fail!("Only people with names that start with 'A' can wear shoes.")
+#       end
+#     end
+#   end
+# 
+# <b>Note the syntax: </b>All authority checks are defined as ending with a trailing question mark
+# character.
+# 
+# A check is considered to have passed if
+# * a call to <tt>allow!</tt> has been made, or
+# * no calls to <tt>fail!</tt> have been made.
+# 
+# Once defined, the user authorities are checked via a call to a User instance:
+# 
+#   user.has_authority_to?(:wear_shoes)
+# 
+# While the <tt>has_authority_to?</tt> method returns only true or false, a call to
+# <tt>has_objections_to?</tt> will return nil on success or any error messages if there
+# is a failure.
+# 
+# 
+# ==== Passing parameters to the authority methods
+# 
+# Any call to these tests may include options in the form of a Hash:
+# 
+#   user.has_authority_to?(:send_message, :text => "Foo bar")
+#   
+# These options can be acted upon within the authority check:
+# 
+#   def send_message?
+#     if (options[:text].match(/foo/i))
+#       fail!("Messages may not contain forbidden words.")
+#     end
+#   end
+# 
+# ==== Before chains
+# 
+# In addition to defining straight tests, a chain can be defined to run before
+# any of the tests themselves. This allows certain calls to be over-ruled. For
+# example:
+# 
+#   before_check :allow_if_admin!
+#   
+#   def allow_if_admin!
+#     if (@user.is_admin?)
+#       allow!
+#     end
+#   end
+#   
+# In this case, the <tt>allow_if_admin!</tt> method will be called before any checks are performed. If
+# the <tt>allow!</tt> method is executed, all subsequent tests are halted and the check
+# is considered to have passed.
+
+class AuthorityCheck
+  attr_accessor :user
+  attr_accessor :options
+  
+  def initialize(user, test_method, options = { })
+    self.user = user
+    self.options = options
+    
+    @test_method = "#{test_method}?".to_sym
+
+    @result = nil
+  end
+  
+  # Checkes if the user is allowed to do something.
+  # Returns <tt>true</tt> or <tt>false</tt>
+  def allowed_to?
+    execute_tests!
+
+    # Either explicitly allowed (true) or not given any reasons as to why
+    # not (nil, empty)
+    (@result === true or (@result === nil and @reasons.blank?)) ? true : false
+  end
+  
+  def denied_for_reasons
+    @reasons = [ ]
+    
+    allowed_to? ? nil : @reasons
+  end
+  
+  
+  class << self
+    def check_chain
+      @check_chain ||= [ ]
+    end
+
+    def check_chain=(value)
+      @check_chain = value
+    end
+  
+    def before_check(method, options = { })
+      self.check_chain += remap_chain_methods([ method ])
+    end
+  
+    def check_alias_as(original, *aliases)
+      aliases.flatten.each do |alias_name|
+        alias_method alias_name, original
+      end
+    end
+  end
+
+
+  
+protected
+  def allow!
+    @result = true
+  end
+  
+  def fail!(message)
+    if (@reasons and message)
+      @reasons << message
+    end
+    
+    @result = false
+  end
+
+  def execute_tests!
+    self.class.check_chain.each do |method|
+      case (method)
+      when Symbol, String:
+        send(method)
+      else
+        method.call
+      end
+
+      # Stop evaluating if this test called allow!
+      return if (@result === true)
+    end
+    
+    self.send(@test_method)
+  end
+
+  def self.remap_chain_methods(methods)
+    methods
+  end
+end

data/lib/wristband/support.rb

@@ -0,0 +1,28 @@
+module Wristband
+  module Support
+    CONSONANTS = %w( b c d f g h j k l m n p qu r s t v w x z ch cr fr nd ng nk nt ph pr rd sh sl sp st th tr )
+    VOWELS = %w( a e i o u y )
+  
+    def random_string(length = 8)
+      (1 .. length).collect { |n|
+        (n % 2 != 0) ? CONSONANTS[rand(CONSONANTS.size)] : VOWELS[rand(VOWELS.size)]
+      }.to_s[0, length]
+    end
+    module_function :random_string
+  
+    def encrypt_with_salt(password, salt)
+      return password unless (salt and !salt.empty?)
+    
+      Digest::SHA1.hexdigest([ password, salt ].to_s)
+    end
+    module_function :encrypt_with_salt
+  
+    def random_salt(length = nil)
+      salt = Digest::SHA1.hexdigest([ rand, rand, random_string(64), rand, rand ].to_s)
+    
+      length ? salt[0, length] : salt
+    end
+    module_function :random_salt
+  
+  end
+end