theworkinggroup-wristband 1.0.0

data/lib/wristband/user_extensions.rb

@@ -0,0 +1,89 @@
+module Wristband
+  module UserExtensions
+    def self.included(base)
+      base.send(:extend, Wristband::UserExtensions::ClassMethods)
+      base.send(:include, Wristband::UserExtensions::InstanceMethods)
+      base.send(:extend, Wristband::Support)
+    end
+
+    module ClassMethods
+      def authenticate(username, password)
+        self.execute_authentication_chain(self, self.wristband[:before_authentication_chain]) == false and return
+        user = nil
+        wristband[:login_with_fields].find do |field|
+          user = send("find_by_#{field}", username) 
+        end
+        (user and user.password_match?(password)) || return
+        self.execute_authentication_chain(user, self.wristband[:after_authentication_chain]) == false  and return
+        user
+      end
+    
+      def execute_authentication_chain(object, list)
+        list.each do |func|
+          case func
+          when Symbol,String
+            object.send(func) == false and return false
+          when Proc
+            func.call(object) == false and return false
+          end
+        end
+      end
+    
+      def verify_email!(email_validation_key)
+        if user = find_by_email_validation_key(email_validation_key)
+          user.update_attribute(:validated_at, Time.now.to_s(:db))
+          user
+        else
+          raise UserVerificationError, 'We were not able to verify your account or it may have been verified already. Please contact us for assistance.'.t
+        end
+      end
+    
+    end
+
+    module InstanceMethods
+
+      def has_authority_to?(action, options = { })
+        self.class.wristband[:authority_class].new(self, action, options).allowed_to?
+      end
+
+      def has_objections_to?(action, options = { })
+        self.class.wristband[:authority_class].new(self, action, options).denied_for_reasons
+      end
+
+      def initialize_salt
+        self.password_salt = Wristband::Support.random_salt
+      end
+
+      def initialize_token
+        self.remember_token = Wristband::Support.random_salt(16)
+      end
+    
+      def encrypt_password
+        initialize_salt if new_record?
+        return if self.password.blank?
+        self.send("#{self.class.wristband[:password_column]}=", Wristband::Support.encrypt_with_salt(self.password, self.password_salt))
+      end
+    
+      def password_match?(string)
+        if self.class.wristband[:plain_text_password]
+          self.send(self.class.wristband[:password_column]) == string
+        else
+          self.send(self.class.wristband[:password_column]) == Wristband::Support.encrypt_with_salt(string, self.password_salt)
+        end
+      end
+    
+      def password_crypted?
+        self.password_salt and !self.password_salt.empty?
+      end
+    
+      def password_crypt=(value)
+        if (value != read_attribute(:password_crypt))
+          initialize_token
+        end
+      
+        write_attribute(:password_crypt, value)
+      end
+      
+    end
+  end
+end

data/test/database.yml

@@ -0,0 +1,3 @@
+sqlite3:
+  :adapter: sqlite3
+  :dbfile: vendor/plugins/wristband/wristband.test.db

data/test/fixtures/crypted_password_users.yml

@@ -0,0 +1,12 @@
+scott:
+  username: scott_tadman
+  email: scott@theworkinggroup.ca
+  password_crypt: passpass
+  role: admin
+  
+jack:
+  username: jack_neto
+  email: jack@theworkinggroup.ca
+  password_crypt: 7d103e2aee36a422ac5f619705e244b03c9e1328
+  password_salt: ad28d83c111a5ab70cef9d0896e5b18e84d899ef
+  role: regular_user

data/test/fixtures/plain_text_password_users.yml

@@ -0,0 +1,4 @@
+jack:
+  username: jack_neto
+  email: jack@theworkinggroup.ca
+  password: passpass

data/test/fixtures/users.yml

@@ -0,0 +1,23 @@
+scott:
+  username: scott
+  email: scott@theworkinggroup.ca
+  password_crypt: passpass
+  
+jack:
+  username: jack
+  email: jack@theworkinggroup.ca
+  password_crypt: 7d103e2aee36a422ac5f619705e244b03c9e1328
+  password_salt: ad28d83c111a5ab70cef9d0896e5b18e84d899ef
+  
+oleg:
+  username: oleg
+  email: oleg@theworkinggroup.ca
+  password_crypt: 7d103e2aee36a422ac5f619705e244b03c9e1328
+  password_salt: ad28d83c111a5ab70cef9d0896e5b18e84d899ef
+
+hesham:
+  username: hesham
+  email: hesham@theworkinggroup.ca
+  password_crypt: 7d103e2aee36a422ac5f619705e244b03c9e1328
+  password_salt: ad28d83c111a5ab70cef9d0896e5b18e84d899ef
+

data/test/schema.rb

@@ -0,0 +1,34 @@
+ActiveRecord::Schema.define(:version => 1) do
+
+  create_table :crypted_password_users do |t|
+    t.string :username
+    t.string :email
+    t.string :password_crypt, :limit => 40
+    t.string :password_salt,  :limit => 40
+    t.string :remember_token
+    t.string :role
+    t.datetime :created_at
+    t.datetime :updated_at
+  end  
+
+  create_table :plain_text_password_users do |t|
+    t.string :username
+    t.string :email
+    t.string :password
+    t.string :remember_token
+    t.string :email_validation_key
+    t.datetime :created_at
+    t.datetime :updated_at
+  end  
+
+  create_table :users do |t|
+    t.string :username
+    t.string :email
+    t.string :password_crypt, :limit => 40
+    t.string :password_salt,  :limit => 40
+    t.string :remember_token
+    t.datetime :created_at
+    t.datetime :updated_at
+  end  
+
+end

data/test/test_helper.rb

@@ -0,0 +1,40 @@
+$:.unshift(File.dirname(__FILE__) + '/../lib')
+
+require 'test/unit'
+require File.expand_path(File.join(File.dirname(__FILE__), '../../../../config/environment.rb'))
+require 'rubygems'
+# require 'active_support/breakpoint'
+require 'active_record/fixtures'
+
+config = YAML::load(IO.read( File.join(File.dirname(__FILE__),'database.yml')))
+
+# cleanup logs and databases between test runs
+#FileUtils.rm File.join(File.dirname(__FILE__), "debug.log"), :force => true
+FileUtils.rm File.join(RAILS_ROOT, config['sqlite3'][:dbfile]), :force => true
+
+ActiveRecord::Base.logger = Logger.new(File.join(File.dirname(__FILE__), "debug.log"))
+ActiveRecord::Base.establish_connection(config[ENV['DB'] || 'sqlite3'])
+
+load(File.join(File.dirname(__FILE__), "schema.rb"))
+
+Test::Unit::TestCase.fixture_path = File.dirname(__FILE__) + "/fixtures/"
+$LOAD_PATH.unshift(Test::Unit::TestCase.fixture_path)
+
+class Test::Unit::TestCase #:nodoc:
+  def create_fixtures(*table_names)
+    if block_given?
+      Fixtures.create_fixtures(Test::Unit::TestCase.fixture_path, table_names) { yield }
+    else
+      Fixtures.create_fixtures(Test::Unit::TestCase.fixture_path, table_names)
+    end
+  end
+
+  # Turn off transactional fixtures if you're working with MyISAM tables in MySQL
+  self.use_transactional_fixtures = true
+
+  # Instantiated fixtures are slow, but give you @david where you otherwise would need people(:david)
+  self.use_instantiated_fixtures  = false
+  
+  # Instantiated fixtures are slow, but give you @david where you otherwise would need people(:david)
+  
+end

data/test/unit/crypted_password_users_test.rb

@@ -0,0 +1,81 @@
+require File.join(File.dirname(__FILE__), '../test_helper')
+
+class CryptedPasswordUser < ActiveRecord::Base
+  wristband :roles => [:admin, :regular_user]
+end
+
+
+class CryptedPasswordUserTest < Test::Unit::TestCase
+  fixtures :crypted_password_users
+  
+  def setup
+    @scott = crypted_password_users(:scott)
+  end
+
+  def test_user_instance_methods
+    %w{
+      has_authority_to?
+      has_objections_to?
+      initialize_salt
+      initialize_token
+      encrypt_password
+      password_match?
+      password_crypted?
+      password_crypt=
+      is_admin?
+      is_regular_user?
+    }.each do |method|
+      assert @scott.respond_to?(method), "On '#{method}' method"
+    end
+  end
+
+  def test_user_class_methods
+    %w{
+      authenticate
+      execute_authentication_chain
+      verify_email!
+      wristband
+    }.each do |method|
+      assert CryptedPasswordUser.respond_to?(method), "On '#{method}' method"
+    end
+  end
+
+  def test_user_class_private_methods
+    %w{
+      random_string
+      encrypt_with_salt
+      random_salt
+    }.each do |method|
+      assert CryptedPasswordUser.private_methods.include?(method), "On '#{method}' method"
+    end
+  end
+
+  def test_assigned_options
+    assert_equal CryptedPasswordUser.wristband[:login_with_fields], [:username]
+    assert_equal CryptedPasswordUser.wristband[:plain_text_password], false
+    assert_equal CryptedPasswordUser.wristband[:before_authentication_chain], []
+    assert_equal CryptedPasswordUser.wristband[:after_authentication_chain], []
+    assert_equal CryptedPasswordUser.wristband[:password_column], :password_crypt
+    assert_equal CryptedPasswordUser.wristband[:roles], [:admin, :regular_user]
+  end
+  
+  def test_authentication_by_username
+    assert_equal @scott, CryptedPasswordUser.authenticate(@scott.username, @scott.password_crypt)
+  end
+
+  def test_authentication_fails
+    assert_nil CryptedPasswordUser.authenticate('-bugus-', @scott.password_crypt)
+    assert_nil CryptedPasswordUser.authenticate(@scott.email, '-bugus-')
+  end
+  
+  def test_password_match
+    assert @scott.password_match?(@scott.password_crypt)
+    assert crypted_password_users(:jack).password_match?('passpass')
+  end
+  
+  def test_user_roles
+    assert crypted_password_users(:jack).is_regular_user?
+    assert crypted_password_users(:scott).is_admin?
+  end
+  
+end

data/test/unit/has_authorities_test.rb

@@ -0,0 +1,49 @@
+require File.join(File.dirname(__FILE__), '../test_helper')
+
+class UserAuthorityCheck < AuthorityCheck
+  before_check :is_admin?
+  
+  def is_admin?
+    unless (@user.username.match(/^scott/i))
+      fail!("Only scott can be an admin.")
+    else
+      allow!
+    end    
+  end
+  
+  def wear_shoes?
+    unless (@user.username.match(/^s/i))
+      fail!("Only people with names that start with 'S' can wear shoes.")
+    end
+  end
+
+  def walk_outside?
+    wear_shoes?
+    unless (@user.username.match(/^j/i))
+      fail!("Only people with names that start with 'J' or 'S' can walk outside.")
+    end
+  end
+  
+end
+
+class User < ActiveRecord::Base
+  wristband :has_authorities => true
+end
+
+
+class HasAuthoritiesTest < Test::Unit::TestCase
+  fixtures :users
+
+  def test_has_authority_to_with_fail
+    assert users(:scott).has_authority_to?(:wear_shoes)
+    assert !users(:jack).has_authority_to?(:wear_shoes)
+    assert_equal users(:jack).has_objections_to?(:wear_shoes), ["Only scott can be an admin.", "Only people with names that start with 'S' can wear shoes."]
+
+
+    assert users(:scott).has_authority_to?(:walk_outside)
+    assert !users(:jack).has_authority_to?(:walk_outside)
+    assert_equal users(:jack).has_objections_to?(:walk_outside), ["Only scott can be an admin.", "Only people with names that start with 'S' can wear shoes."]
+    assert !users(:oleg).has_authority_to?(:walk_outside)
+    assert_equal users(:oleg).has_objections_to?(:walk_outside), ["Only scott can be an admin.", "Only people with names that start with 'S' can wear shoes.", "Only people with names that start with 'J' or 'S' can walk outside."]
+  end
+end

data/test/unit/plain_text_password_user_test.rb

@@ -0,0 +1,92 @@
+require File.join(File.dirname(__FILE__), '../test_helper')
+
+class PlainTextPasswordUser < ActiveRecord::Base
+  wristband :login_with => [:username, :email], 
+            :plain_text_password => true,
+            :after_authentication => :email_is_verified?,
+            :password_column => :password
+
+  def email_is_verified?
+    return self.email_validation_key.blank?
+  end
+end
+
+
+
+class PlainTextPasswordUserTest < Test::Unit::TestCase
+  fixtures :plain_text_password_users
+  
+  def setup
+    @jack = plain_text_password_users(:jack)
+  end
+
+  def test_user_instance_methods
+    %w{
+      has_authority_to?
+      has_objections_to?
+      initialize_salt
+      initialize_token
+      encrypt_password
+      password_match?
+      password_crypted?
+      password_crypt=
+    }.each do |method|
+      assert @jack.respond_to?(method), "On '#{method}' method"
+    end
+  end
+
+  def test_user_class_methods
+    %w{
+      authenticate
+      execute_authentication_chain
+      verify_email!
+      wristband
+    }.each do |method|
+      assert PlainTextPasswordUser.respond_to?(method), "On '#{method}' method"
+    end
+  end
+
+  def test_user_class_private_methods
+    %w{
+      random_string
+      encrypt_with_salt
+      random_salt
+    }.each do |method|
+      assert PlainTextPasswordUser.private_methods.include?(method), "On '#{method}' method"
+    end
+  end
+
+  def test_assigned_options    
+    assert_equal PlainTextPasswordUser.wristband[:login_with_fields], [:username, :email]
+    assert_equal PlainTextPasswordUser.wristband[:plain_text_password], true
+    assert_equal PlainTextPasswordUser.wristband[:before_authentication_chain], []
+    assert_equal PlainTextPasswordUser.wristband[:after_authentication_chain], [:email_is_verified?]
+    assert_equal PlainTextPasswordUser.wristband[:password_column], :password
+    assert_equal PlainTextPasswordUser.wristband[:roles], []
+  end
+  
+  def test_authentication_by_username
+    assert_equal @jack, PlainTextPasswordUser.authenticate(@jack.username, @jack.password)
+  end
+
+  def test_authentication_by_email
+    assert_equal @jack, PlainTextPasswordUser.authenticate(@jack.email, @jack.password)
+  end
+
+  def test_authentication_fails
+    assert_nil PlainTextPasswordUser.authenticate('-bugus-', @jack.password)
+    assert_nil PlainTextPasswordUser.authenticate(@jack.email, '-bugus-')
+  end
+
+  def test_after_authentication_chain
+    @jack.update_attribute(:email_validation_key, Time.now)
+    assert_nil PlainTextPasswordUser.authenticate(@jack.username, @jack.password)
+
+    @jack.update_attribute(:email_validation_key, nil)
+    assert_equal @jack, PlainTextPasswordUser.authenticate(@jack.username, @jack.password)
+  end
+  
+  def test_password_match
+    assert @jack.password_match?(@jack.password)
+  end
+end

data/wristband.gemspec

@@ -0,0 +1,32 @@
+# -*- encoding: utf-8 -*-
+
+Gem::Specification.new do |s|
+  s.name = %q{wristband}
+  s.version = "1.0.0"
+
+  s.required_rubygems_version = Gem::Requirement.new(">= 1.2") if s.respond_to? :required_rubygems_version=
+  s.authors = ["Jack Neto"]
+  s.date = %q{2009-03-26}
+  s.description = %q{Simplifies the process of authenticating and authorizing users.}
+  s.email = %q{jack@theworkinggroup.ca}
+  s.extra_rdoc_files = ["lib/wristband/application_extensions.rb", "lib/wristband/authority_check.rb", "lib/wristband/support.rb", "lib/wristband/user_extensions.rb", "lib/wristband.rb", "README.rdoc"]
+  s.files = ["generators/wristband/templates/app/controllers/sessions_controller.rb", "generators/wristband/templates/app/controllers/users_controller.rb", "generators/wristband/templates/app/models/user.rb", "generators/wristband/templates/app/models/user_notifier.rb", "generators/wristband/templates/app/views/sessions/new.html.haml", "generators/wristband/templates/app/views/user_notifier/email_verification.text.html.rhtml", "generators/wristband/templates/app/views/user_notifier/email_verification.text.plain.rhtml", "generators/wristband/templates/app/views/user_notifier/forgot_password.text.html.rhtml", "generators/wristband/templates/app/views/user_notifier/forgot_password.text.plain.rhtml", "generators/wristband/templates/app/views/users/forgot_password.html.haml", "generators/wristband/templates/app/views/users/index.html.haml", "generators/wristband/templates/db/migrate/create_wristband_tables.rb", "generators/wristband/wristband_generator.rb", "init.rb", "lib/wristband/application_extensions.rb", "lib/wristband/authority_check.rb", "lib/wristband/support.rb", "lib/wristband/user_extensions.rb", "lib/wristband.rb", "Manifest", "Rakefile", "README.rdoc", "test/database.yml", "test/fixtures/crypted_password_users.yml", "test/fixtures/plain_text_password_users.yml", "test/fixtures/users.yml", "test/schema.rb", "test/test_helper.rb", "test/unit/crypted_password_users_test.rb", "test/unit/has_authorities_test.rb", "test/unit/plain_text_password_user_test.rb", "wristband.gemspec"]
+  s.has_rdoc = true
+  s.homepage = %q{http://github.com/theworkinggroup/wristband}
+  s.rdoc_options = ["--line-numbers", "--inline-source", "--title", "Wristband", "--main", "README.rdoc"]
+  s.require_paths = ["lib"]
+  s.rubyforge_project = %q{wristband}
+  s.rubygems_version = %q{1.3.1}
+  s.summary = %q{Simplifies the process of authenticating and authorizing users.}
+  s.test_files = ["test/test_helper.rb", "test/unit/crypted_password_users_test.rb", "test/unit/has_authorities_test.rb", "test/unit/plain_text_password_user_test.rb"]
+
+  if s.respond_to? :specification_version then
+    current_version = Gem::Specification::CURRENT_SPECIFICATION_VERSION
+    s.specification_version = 2
+
+    if Gem::Version.new(Gem::RubyGemsVersion) >= Gem::Version.new('1.2.0') then
+    else
+    end
+  else
+  end
+end