typus 3.0.2 → 3.0.4

data/lib/support/hash.rb

@@ -1,8 +1,7 @@
 class Hash
 
-  # Remove nil and empty keys.
   def compact
-    delete_if { |key, value| value.blank? }
+    delete_if { |k, v| v.blank? }
   end
 
 end

data/lib/support/object.rb

@@ -1,22 +1,9 @@
 class Object
 
-  ##
-  # Instead of having to translate strings and defining a default value:
-  #
-  #     t("Hello World!", :default => 'Hello World!')
-  #
-  # We define this method to define the value only once:
-  #
-  #     _t("Hello World!")
-  #
-  # Note that interpolation still works ...
-  #
-  #     _t("Hello %{world}!", :world => @world)
-  #
-  def _t(msg, *args)
-    options = args.extract_options!
-    options[:default] = msg
-    I18n.t(msg, options)
+  # Probably there's a better way to verify if a model responds to an STI
+  # pattern.
+  def self.is_sti?
+    superclass.superclass == ActiveRecord::Base
   end
 
 end

data/lib/support/string.rb

@@ -4,12 +4,43 @@ class String
     split(",").map { |x| x.strip }
   end
 
-  def remove_prefix(prefix = 'admin/')
-    partition(prefix).last
+  def remove_prefix
+    split("/")[1..-1].join("/")
   end
 
   def extract_class
-    remove_prefix.camelize.classify.constantize
+    remove_prefix.classify.typus_constantize
+  end
+
+  def typus_constantize
+    Typus::Configuration.models_constantized[self]
+  end
+
+  def action_mapper
+    case self
+    when "index" then :list
+    when "new", "create", "edit", "update" then :form
+    else self
+    end
+  end
+
+  def acl_action_mapper
+    case self
+    when "new", "create"
+      "create"
+    when "index", "show"
+      "read"
+    when "edit", "update", "position", "toggle", "relate", "unrelate", "detach"
+      "update"
+    when "destroy", "trash"
+      "delete"
+    else
+      self
+    end
+  end
+
+  def to_resource
+    self.underscore.pluralize
   end
 
 end

data/lib/tasks/typus.rake

@@ -4,7 +4,7 @@ namespace :typus do
   task :roles => :environment do
     Typus::Configuration.roles.each do |role|
       puts "#{role.first.capitalize} role has access to:"
-      role.last.each { |key, value| puts "- #{key}: #{value}" }
+      role.last.each { |k, v| puts "- #{k}: #{v}" }
     end
   end
 

data/lib/typus.rb

@@ -7,19 +7,25 @@ require "support/object"
 require "support/string"
 
 require "typus/engine"
+require "typus/i18n"
 require "typus/orm/active_record"
 require "typus/user"
+require "typus/version"
 
-require 'will_paginate'
+require "render_inheritable"
+require "will_paginate"
 
 autoload :FakeUser, "support/fake_user"
 
 module Typus
 
   autoload :Configuration, "typus/configuration"
-  autoload :Pagination, "typus/pagination"
   autoload :Resources, "typus/resources"
 
+  autoload :Actions, "typus/actions"
+  autoload :Filters, "typus/filters"
+  autoload :Format, "typus/format"
+
   module Authentication
     autoload :Base, "typus/authentication/base"
     autoload :None, "typus/authentication/none"
@@ -51,28 +57,48 @@ module Typus
   mattr_accessor :username
   @@username = "admin"
 
+  ##
+  # Pagination options
+  #
+  mattr_accessor :pagination
+  @@pagination = { :previous_label => "← " + Typus::I18n.t("Previous"),
+                   :next_label => Typus::I18n.t("Next") + " →" }
+
   ##
   # Define a password.
   #
-  # Used as default password for http and advances authentication.
+  # Used as default password for http and advanced authentication.
   #
   mattr_accessor :password
   @@password = "columbia"
 
   ##
-  # Configure the e-mail address which will be shown in Admin::Mailer.
-  #
-  # When `nil`, the `forgot_password` will be disabled.
+  # Configure the e-mail address which will be shown in Admin::Mailer. If not
+  # set `forgot_password` feature is disabled.
   #
   mattr_accessor :mailer_sender
   @@mailer_sender = nil
 
+  ##
+  # Define `paperclip` attachment styles.
+  #
+
   mattr_accessor :file_preview
   @@file_preview = :medium
 
   mattr_accessor :file_thumbnail
   @@file_thumbnail = :thumb
 
+  ##
+  # Define `dragonfly` attachment styles.
+  #
+
+  mattr_accessor :image_preview_size
+  @@image_preview_size = 'x450'
+
+  mattr_accessor :image_thumb_size
+  @@image_thumb_size = '75x75#'
+
   ##
   # Defines the default relationship table.
   #
@@ -88,73 +114,62 @@ module Typus
   mattr_accessor :user_fk
   @@user_fk = "typus_user_id"
 
-  mattr_accessor :available_locales
-  @@available_locales = [:en]
-
   class << self
 
     # Default way to setup typus. Run `rails generate typus` to create a fresh
     # initializer with all configuration values.
     def setup
       yield self
-    end
-
-    def root
-      (File.dirname(__FILE__) + "/../").chomp("/lib/../")
+      reload!
     end
 
     def applications
-      Typus::Configuration.config.collect { |i| i.last["application"] }.compact.uniq.sort
+      Typus::Configuration.config.map { |i| i.last["application"] }.compact.uniq.sort
     end
 
     # Lists modules of an application.
     def application(name)
-      Typus::Configuration.config.collect { |i| i.first if i.last["application"] == name }.compact.uniq.sort
+      Typus::Configuration.config.map { |i| i.first if i.last["application"] == name }.compact.uniq.sort
     end
 
     # Lists models from the configuration file.
     def models
-      Typus::Configuration.config.map { |i| i.first }.sort
+      if config = Typus::Configuration.config
+        config.map { |i| i.first }.sort
+      else
+        []
+      end
     end
 
     # Lists resources, which are tableless models.
     def resources
-      Typus::Configuration.roles.keys.map do |key|
-        Typus::Configuration.roles[key].keys
-      end.flatten.sort.uniq.delete_if { |x| models.include?(x) }
+      if roles = Typus::Configuration.roles
+        roles.keys.map do |key|
+          Typus::Configuration.roles[key].keys
+        end.flatten.sort.uniq.delete_if { |x| models.include?(x) }
+      else
+        []
+      end
     end
 
     # Lists models under <tt>app/models</tt>.
     def detect_application_models
       model_dir = Rails.root.join("app/models")
-      Dir.chdir(model_dir) do
-        models = Dir["**/*.rb"]
-      end
+      Dir.chdir(model_dir) { Dir["**/*.rb"] }
     end
 
     def locales
-      human = available_locales.map { |i| locales_mapping[i.to_s] }
-      available_locales.map { |i| i.to_s }.to_hash_with(human).invert
-    end
-
-    def locales_mapping
-      mapping = { "ca"    => "Català",
-                  "de"    => "German",
-                  "en"    => "English",
-                  "es"    => "Español",
-                  "fr"    => "Français",
-                  "hu"    => "Magyar",
-                  "pt-BR" => "Portuguese",
-                  "ru"    => "Russian",
-                  "it"    => "Italiano" }
-      mapping.default = "Unknown"
-      return mapping
-    end
-
-    def detect_locales
-      available_locales.each do |locale|
-        I18n.load_path += Dir[File.join(Typus.root, "config", "available_locales", "#{locale}*")]
-      end
+      { "Català" => "ca",
+        "German" => "de",
+        "Greek"  => "el",
+        "English" => "en",
+        "Español" => "es",
+        "Français" => "fr",
+        "Magyar" => "hu",
+        "Italiano" => "It",
+        "Portuguese" => "pt-BR",
+        "Russian" => "ru",
+        "中文" => "zh-CN" }
     end
 
     def application_models
@@ -166,17 +181,14 @@ module Typus
     end
 
     def user_class
-      user_class_name.constantize
+      user_class_name.typus_constantize
     end
 
     def reload!
       Typus::Configuration.roles!
       Typus::Configuration.config!
-      detect_locales
     end
 
   end
 
 end
-
-Typus.reload!

data/lib/typus/actions.rb

@@ -0,0 +1,27 @@
+module Typus
+
+  module Actions
+
+    protected
+
+    def add_action(*args)
+      options = args.extract_options!
+      @actions ||= []
+      @actions << options
+    end
+
+    def prepend_action(*args)
+      options = args.extract_options!
+      @actions ||= []
+      @actions = @actions.unshift(options)
+    end
+
+    def append_action(*args)
+      options = args.extract_options!
+      @actions ||= []
+      @actions = @actions.concat([options])
+    end
+
+  end
+
+end

data/lib/typus/authentication/base.rb

@@ -4,8 +4,8 @@ module Typus
 
     module Base
 
-      def current_user
-        @current_user
+      def admin_user
+        @admin_user
       end
 
       def authenticate; end
@@ -13,8 +13,7 @@ module Typus
       def check_if_user_can_perform_action_on_resources; end
       def check_if_user_can_perform_action_on_resource; end
       def check_resource_ownership; end
-      def check_resource_ownerships; end
-      def check_ownership_of_referal_item; end
+      def check_resources_ownership; end
       def set_attributes_on_create; end
       def set_attributes_on_update; end
       def reload_locales; end

data/lib/typus/authentication/http_basic.rb

@@ -9,7 +9,7 @@ module Typus
       include Base
 
       def authenticate
-        @current_user = FakeUser.new
+        @admin_user = FakeUser.new
         authenticate_or_request_with_http_basic(Typus.admin_title) do |user_name, password|
           user_name == Typus.username && password == Typus.password
         end

data/lib/typus/authentication/none.rb

@@ -9,7 +9,7 @@ module Typus
       include Base
 
       def authenticate
-        @current_user = FakeUser.new
+        @admin_user = FakeUser.new
       end
 
     end

data/lib/typus/authentication/session.rb

@@ -10,7 +10,7 @@ module Typus
 
       def authenticate
         if session[:typus_user_id]
-          current_user
+          admin_user
         else
           back_to = request.env['PATH_INFO'] unless [admin_dashboard_path, admin_path].include?(request.env['PATH_INFO'])
           redirect_to new_admin_session_path(:back_to => back_to)
@@ -19,64 +19,17 @@ module Typus
 
       #--
       # Return the current user. If role does not longer exist on the
-      # system current_user will be signed out from Typus.
+      # system admin_user will be signed out from Typus.
       #++
-      def current_user
+      def admin_user
+        @admin_user ||= Typus.user_class.find_by_id(session[:typus_user_id])
 
-        @current_user ||= Typus.user_class.find(session[:typus_user_id])
-
-        unless Typus::Configuration.roles.has_key?(@current_user.role)
-          raise _t("Role does no longer exists.")
-        end
-
-        unless @current_user.status
-          back_to = (request.env['REQUEST_URI'] == admin_dashboard_path) ? nil : request.env['REQUEST_URI']
-          raise _t("Typus user has been disabled.")
+        if !@admin_user || !Typus::Configuration.roles.has_key?(@admin_user.role) || !@admin_user.status
+          session[:typus_user_id] = nil
+          redirect_to new_admin_session_path
         end
 
-        I18n.locale = @current_user.preferences[:locale]
-
-        return @current_user
-
-      rescue Exception => error
-        session[:typus_user_id] = nil
-        redirect_to new_admin_session_path(:back_to => back_to), :notice => error.message
-      end
-
-      #--
-      # Action is available on: edit, update, toggle and destroy
-      #++
-      def check_if_user_can_perform_action_on_user
-        return unless @item.kind_of?(Typus.user_class)
-
-        message = case params[:action]
-                  when 'edit'
-                    # Only admin and owner of Typus User can edit.
-                    if current_user.is_not_root? && (current_user != @item)
-                      _t("As you're not the admin or the owner of this record you cannot edit it.")
-                    end
-                  when 'update'
-                    # current_user cannot change her role.
-                    if current_user && !(@item.role == params[@object_name][:role])
-                      _t("You can't change your role.")
-                    end
-                  when 'toggle'
-                    # Only admin can toggle typus user status, but not herself.
-                    if current_user.is_root? && (current_user == @item)
-                      _t("You can't toggle your status.")
-                    elsif current_user.is_not_root?
-                      _t("You're not allowed to toggle status.")
-                    end
-                  when 'destroy'
-                    # Admin can remove anything except herself.
-                    if current_user.is_root? && (current_user == @item)
-                      _t("You can't remove yourself.")
-                    elsif current_user.is_not_root?
-                      _t("You're not allowed to remove Typus Users.")
-                    end
-                  end
-
-        redirect_to set_path, :notice => message if message
+        @admin_user
       end
 
       #--
@@ -84,24 +37,29 @@ module Typus
       # It works on models, so its available on the `resources_controller`.
       #++
       def check_if_user_can_perform_action_on_resources
-
-        message = case params[:action]
-                  when 'index', 'show'
-                    "%{current_user_role} can't display items."
-                  when 'destroy'
-                    "%{current_user_role} can't delete this item."
-                  else
-                    "%{current_user_role} can't perform action. (%{action})"
-                  end
-
-        message = _t(message,
-                    :current_user_role => current_user.role.capitalize,
-                    :action => params[:action])
-
-        unless current_user.can?(params[:action], @resource)
-          redirect_to set_path, :notice => message
+        if @item.is_a?(Typus.user_class)
+          check_if_user_can_perform_action_on_user
+        elsif admin_user.cannot?(params[:action], @resource.model_name)
+          not_allowed
         end
+      end
 
+      #--
+      # Action is available on: edit, update, toggle and destroy
+      #++
+      def check_if_user_can_perform_action_on_user
+        case params[:action]
+        when 'edit'
+          not_allowed if admin_user.is_not_root? && (admin_user != @item)
+        when 'update'
+          user_profile = (admin_user.is_root? || admin_user.is_not_root?) && (admin_user == @item) && !(@item.role == params[@object_name][:role])
+          other_user   = admin_user.is_not_root? && !(admin_user == @item)
+          not_allowed if (user_profile || other_user)
+        when 'toggle', 'destroy'
+          root = admin_user.is_root? && (admin_user == @item)
+          user = admin_user.is_not_root?
+          not_allowed if (root || user)
+        end
       end
 
       #--
@@ -109,13 +67,16 @@ module Typus
       # It works on a resource: git, memcached, syslog ...
       #++
       def check_if_user_can_perform_action_on_resource
-        controller = params[:controller].remove_prefix
-        action = params[:action]
-        unless current_user.can?(action, controller.camelize, { :special => true })
-          render :text => "Not allowed!", :status => :unprocessable_entity
+        resource = params[:controller].remove_prefix.camelize
+        unless admin_user.can?(params[:action], resource, { :special => true })
+          not_allowed
         end
       end
 
+      def not_allowed
+        render :text => "Not allowed!", :status => :unprocessable_entity
+      end
+
       #--
       # If item is owned by another user, we only can perform a
       # show action on the item. Updated item is also blocked.
@@ -125,61 +86,45 @@ module Typus
       #                                                       :relate, :unrelate ]
       #++
       def check_resource_ownership
+        if admin_user.is_not_root?
 
-        # By-pass if current_user is root.
-        return if current_user.is_root?
-
-        condition_typus_users = @item.respond_to?(Typus.relationship) && !@item.send(Typus.relationship).include?(current_user)
-        condition_typus_user_id = @item.respond_to?(Typus.user_fk) && !@item.owned_by?(current_user)
+          condition_typus_users = @item.respond_to?(Typus.relationship) && !@item.send(Typus.relationship).include?(admin_user)
+          condition_typus_user_id = @item.respond_to?(Typus.user_fk) && !@item.owned_by?(admin_user)
 
-        if condition_typus_users || condition_typus_user_id
-           alert = _t("You don't have permission to access this item.")
-           redirect_to set_path, :alert => alert
+          not_allowed if (condition_typus_users || condition_typus_user_id)
         end
-
       end
 
-      def check_resource_ownerships
-
-        # By-pass if current_user is root.
-        return if current_user.is_root?
-
-        # Show only related items it @resource has a foreign_key (Typus.user_fk)
-        # related to the logged user.
-        if @resource.typus_user_id?
-          condition = { Typus.user_fk => current_user }
-          @conditions = @resource.merge_conditions(@conditions, condition)
+      #--
+      # Show only related items it @resource has a foreign_key (Typus.user_fk)
+      # related to the logged user.
+      #++
+      def check_resources_ownership
+        if admin_user.is_not_root? && @resource.typus_user_id?
+          condition = { Typus.user_fk => admin_user }
+          @resource = @resource.where(condition)
         end
-
-      end
-
-      def check_ownership_of_referal_item
-        return unless params[:resource] && params[:resource_id]
-        klass = params[:resource].classify.constantize
-        return if !klass.typus_user_id?
-        item = klass.find(params[:resource_id])
-        raise "You're not owner of this record." unless item.owned_by?(current_user) || current_user.is_root?
       end
 
       def set_attributes_on_create
         if @resource.typus_user_id?
-          @item.attributes = { Typus.user_fk => current_user.id }
+          @item.attributes = { Typus.user_fk => admin_user.id }
         end
       end
 
       def set_attributes_on_update
-        if @resource.typus_user_id? && current_user.is_not_root?
-          @item.update_attributes(Typus.user_fk => current_user.id)
+        if @resource.typus_user_id? && admin_user.is_not_root?
+          @item.update_attributes(Typus.user_fk => admin_user.id)
         end
       end
 
       #--
-      # Reload current_user when updating to see flash message in the
+      # Reload admin_user when updating to see flash message in the
       # correct locale.
       #++
       def reload_locales
         if @resource.eql?(Typus.user_class)
-          I18n.locale = current_user.reload.preferences[:locale]
+          ::I18n.locale = admin_user.reload.locale
         end
       end