ucb_rails_security 2.0.7

data/generators/ucb_rails_security/templates/javascripts/ucb_security.js

@@ -0,0 +1,99 @@
+
+var DoubleSelectList = {
+    /* Takes the dom Ids of two Select Elements. Moves the
+     * options from the Element with fromId that are selected
+     * to the Element with toId
+     */
+    moveSelected: function(fromId, toId) {
+        var fromList = $(fromId)
+        var toList = $(toId)
+  
+        if (!fromList) {
+            throw new Error("Dom id for fromId not found: " + fromId)
+        } else if (!toList) {
+            throw new Error("Dom id for toId not found: " + toId)
+        }
+  
+        this._transferSelected(fromList, toList);
+    },
+    /* Takes the dom Ids of two Select Elements. Moves all the
+     * options from the Element with fromId to the Element
+     * with toId
+     */
+    moveAll: function(fromId, toId) {
+        var fromList = $(fromId)
+        var toList = $(toId)
+
+        if (!fromList) {
+            throw new Error("Dom id for fromId not found: " + fromId)
+        } else if (!toList) {
+            throw new Error("Dom id for toId not found: " + toId)
+        }
+
+        this._transferAll(fromList, toList);
+    },
+    /*
+     * Takes an array of Option elements and sets their selected attribute to true/false.
+     *
+     *   setSelectedToFalse([<option selected=true></option>], false)
+     *   => [<option selected=false></option>]
+     */
+    setOptionsSelectedAttribute: function(selectOptions, selectedValue) {
+        return selectOptions.map( 
+            function(elem) { 
+                elem.selected = selectedValue;
+                return elem;
+            }
+        );
+
+    },
+    /**
+     * When the form is submitted, we want to make sure the values from both
+     * select lists are sent to our controller/action.  Only select options
+     * that have their selected attribute set to true actually get submitted.
+     * We call this function the first time the page loads and as soon as the
+     * submit button is clicked, it updates the selected attribute of both
+     * select lists to true
+     */
+    initSubmitCallback: function(buttonId, fromId, toId) {
+        var fromOptions = $(fromId).childElements();      
+        var toOptions = $(toId).childElements();
+        $(buttonId).observe('click', function() { fromOptions.each(function(elem) {elem.selected = true}) })
+        $(buttonId).observe('click', function() { toOptions.each(function(elem) {elem.selected = true}) })
+    },
+
+
+    /************************************************************************
+     * Private Methods 
+     ************************************************************************/
+
+    _transferAll: function(fromList, toList) {
+        var fromOptions = fromList.childElements();
+        var toOptions = toList.childElements();
+        var newOptions = new Array(fromOptions, toOptions).flatten();
+
+        newOptions = newOptions.sort(this._optionsSorter);
+        newOptions = this.setOptionsSelectedAttribute(newOptions, false);
+        toOptions.each( function(elem) { elem.remove(); } );
+        newOptions.each( function(elem) { toList.insert(elem); } );
+    },
+    _transferSelected: function(fromList, toList) {
+        var selFromOptions = fromList.childElements().select( 
+            function(elem) { return elem.selected }
+        );
+        selFromOptions = this.setOptionsSelectedAttribute(selFromOptions, false);
+        
+        var toOptions = toList.childElements();
+        var newOptions = new Array(selFromOptions, toOptions).flatten();
+        newOptions = newOptions.sort(this._optionsSorter);
+        newOptions.each( function(elem) { toList.insert(elem) } );
+    },
+    /*
+     * To be used as a comparison function with Array.sort. Compares the
+     * the text of two Option elements and sorts them Alpha ASC.
+     */
+    _optionsSorter: function(option1, option2) {
+        return option1.text > option2.text ? 1 : (option1.text < option2.text ? -1 : 0);
+    },
+
+};

data/generators/ucb_rails_security/templates/models/ldap_search.rb

@@ -0,0 +1,48 @@
+require 'ucb_ldap'
+
+class LdapSearch
+  SEARCH_TERMS = [ 
+    [:last_name_and_first_name, 'Last Name, First Name'],
+    [:last_name,                'Last Name'],
+    [:first_name,               'First Name'],
+    [:email,                    'Email'],
+    [:phone,                    'Phone'],
+    [:department,               'Department'],
+    [:ldap_uid,                 'UID']
+  ]
+
+  LDAP_ALIASES = {
+    :first_name => :givenname,
+    :last_name  => :sn,
+    :email      => :mail,
+    :phone      => :telephonenumber,
+    :department => :berkeleyeduunitcalnetdeptname,
+    :ldap_uid   => :uid,
+  }
+  
+  def self.search_term_select_list
+    SEARCH_TERMS.collect { |item| [item[1], item[0]] }
+  end
+
+  def self.search_arguments_blank?(search_term, search_value)
+    search_term.nil? || search_term.empty? || search_value.nil? || search_value.empty?  
+  end
+  
+  def self.find(search_term, search_value)
+    return [] if search_arguments_blank?(search_term, search_value)
+    
+    search_hash = {}
+    if search_term.to_sym == SEARCH_TERMS[0][0]
+      lname_value, fname_value = search_value.split(",").map { |v| v.strip }
+      lname, fname = search_term.split("_and_")
+      return [] if lname.nil? || fname.nil?
+      search_hash[LDAP_ALIASES[fname.to_sym]] = "#{fname_value}"
+      search_hash[LDAP_ALIASES[lname.to_sym]] = "#{lname_value}"
+    else
+      search_hash[LDAP_ALIASES[search_term.to_sym]] = "#{search_value}"
+    end
+    
+    UCB::LDAP::Person.search(:filter => search_hash)
+  end
+  
+end

data/generators/ucb_rails_security/templates/models/role.rb

@@ -0,0 +1,32 @@
+class Role < ActiveRecord::Base
+  has_and_belongs_to_many(:users, :join_table => "user_roles", :order => 'last_name')
+                        
+  validates_presence_of :name
+  validates_uniqueness_of :name
+
+  
+  def formatted_created_at()
+    created_at.strftime('%m-%d-%Y')
+  end
+  
+  def formatted_updated_at()
+    updated_at.strftime('%m-%d-%Y')
+  end
+
+  def users_menu_list()
+    self.users.map { |u| [u.display_name, u.id] }
+  end
+  
+  def non_users_menu_list
+    self.non_users.map { |u| [u.display_name, u.id] }    
+  end
+  
+  def non_users
+    sql = %(
+      SELECT users.* FROM users LEFT JOIN user_roles 
+      ON (users.id = user_roles.user_id AND user_roles.role_id = #{id})
+      WHERE user_roles.role_id IS NULL
+    )
+    User.find_by_sql(sql)
+  end
+end

data/generators/ucb_rails_security/templates/models/user.rb

@@ -0,0 +1,106 @@
+class User < ActiveRecord::Base
+  has_and_belongs_to_many :roles, :join_table => 'user_roles', :order => 'name'
+  
+  validates_uniqueness_of :ldap_uid
+  validates_uniqueness_of :email, :unless => lambda { |user| user.email.blank? }
+  validates_presence_of :ldap_uid, :first_name, :last_name
+  
+  def formatted_created_at()
+    created_at.strftime('%m-%d-%Y')
+  end
+
+  def current_user?(ldap_uid)
+    self.ldap_uid == ldap_uid
+  end
+
+  def full_name()
+    "#{first_name} #{last_name}"
+  end
+
+  def display_name()
+    "#{last_name}, #{first_name}"
+  end
+
+  def sync_attributes_with_ldap!()
+    ldap_person = UCB::LDAP::Person.find_by_uid(self.ldap_uid)
+    raise UCB::LDAP::Person::RecordNotFound if ldap_person.nil?
+    self.update_attributes!(self.class.attributes_hash_for_ldap_person(ldap_person))
+  end
+  
+  class << self
+    ### Start Class Aliases ###
+    #
+    # These methods provide aliases for ActiveRecord's
+    # dynamic finders and can't be aliased with the
+    # usual: alias :new_method :old_method
+    #
+    def find_by_uid(ldap_uid)
+      find_by_ldap_uid(ldap_uid)
+    end
+
+    def new_from_uid(ldap_uid)
+      new_from_ldap_uid(ldap_uid)
+    end
+    ### End Class Aliases ####
+    
+    def find_or_create_by_ldap_uid!(ldap_uid)
+      user = find_or_create_by_ldap_uid(ldap_uid)
+      if user.new_record?
+        ldap_person = UCB::LDAP::Person.find_by_uid(ldap_uid)
+        raise UCB::LDAP::Person::RecordNotFound if ldap_person.nil?
+        user.attributes = attributes_hash_for_ldap_person(ldap_person)
+        user.save!
+      end
+      user
+    end
+    
+    def new_from_ldap_uid(ldap_uid)
+      ldap_person = ldap_uid.nil? ? nil : UCB::LDAP::Person.find_by_uid(ldap_uid)
+      if ldap_person.nil?
+        self.new
+      else
+        user = self.new
+        user.attributes = attributes_hash_for_ldap_person(ldap_person)
+        user
+      end
+    end
+
+    def attributes_hash_for_ldap_person(ldap_person)
+      {
+        :ldap_uid => ldap_person.uid,
+        :first_name => ldap_person.first_name,
+        :last_name => ldap_person.last_name,
+        :phone => ldap_person.phone,
+        :email => ldap_person.email,
+        :department => ldap_person.dept_name
+      }
+    end
+    
+    def find_in_ldap(search_params = {})
+      return [] if search_params.empty?
+
+      ldap_people = []
+      UCB::LDAP::Person.search(:filter => search_params).each do |person|
+        ldap_people << person
+      end
+      ldap_people
+    end
+    
+    def sync_all_with_ldap!()
+      unfound = []
+      users = self.find(:all).each do |u|
+         begin
+          u.sync_attributes_with_ldap!
+        rescue UCB::LDAP::Person::RecordNotFound => e
+          unfound << u.uid
+        end
+      end
+
+      unless unfound.blank?
+        msg = "Sync failed for uids: #{unfound.join(',')}"
+        raise(UCB::LDAP::Person::RecordNotFound, msg)
+      end
+    end
+  end
+  
+end

data/generators/ucb_rails_security/templates/models/user_roles.rb

@@ -0,0 +1,3 @@
+class UserRole < ActiveRecord::Base
+  set_table_name("user_roles")
+end

data/generators/ucb_rails_security/templates/stylesheets/ucb_security.css

@@ -0,0 +1,347 @@
+#container {
+  width: 100%;
+  background-color: #fff;
+  color: #333;
+  line-height: 160%;
+  vertical-align: top;
+}
+
+#main {
+  padding: 1.5em;
+  overflow: clip; 
+  vertical-align: top;
+}
+
+#site_header {
+  color: #02305c;
+  font-weight: bold;
+  font-size: 1.8em;
+  padding: .5em;
+  background-color: #fff;
+}
+
+#site_header div {
+  font-size: .4em;
+  float: right;
+}
+
+#site_header div strong {
+  color: black;
+  font-style: oblique;
+}
+/* Start General Element Styles */
+html { 
+  padding: 0em;
+}
+
+body { 
+  margin: 0em;
+  background-color: white;
+}
+
+a, a:visited, a:hover { 
+  color: #0058c4;
+  text-decoration: underline;
+}
+
+/*p {
+  margin: 0px 1em;
+  line-height: 1.5em;
+  color: black;
+}*/
+
+h1 {
+  font-size: 150%;
+  color: black;
+  font-weight: bold;
+}
+
+h2 {
+  font-size: 120%;
+  color: black;
+}
+/* End General Element Styles */
+
+.max_width {
+  width: 100%;
+}
+
+.mid_width {
+  width: 75%;
+}
+
+.min_width {
+  width: 40%;
+}
+
+.align_right {
+  text-align: right;
+}
+
+.align_left {
+  text-align: left;
+}
+
+.align_center {
+  text-align: center;
+}
+
+.red_text p { 
+  text-align: center; 
+  font-size: 100%;
+  color: red;
+}
+
+/* End General Element Styles */
+
+
+.note {
+  color: red;
+  font-weight: bold;
+}
+
+.error {
+  margin-bottom: 2em;
+  background-color: #c40d0d;
+  text-align: center;
+  font-size: 110%;
+  padding: 1px;
+  border: 1px solid gray;
+  color: white;
+}
+
+.notice {
+  margin-bottom: 2em;
+  background-color: #dbffb4;
+  text-align: center;
+  font-family: arial;
+  padding: 1px;
+  border: 1px solid gray;
+  color: black;
+}
+
+#footer {
+  margin: 1em;
+  text-align: center;
+  margin: 1em;
+}
+
+div.button_widget {
+  margin: .2em 0em .4em 0em;
+}
+
+.button_widget form, .button_widget div {
+  display: inline;
+}
+
+div.new_record_widget a {
+  color: #fe7600;
+  font-weight: bold;
+  font-size: 14px;
+}
+
+div.button_widget a, div.button_widget {
+  font-size: 14px;
+}
+
+#logout_link {
+  color: #fe7600;
+}
+
+
+/********* tables *********/
+
+input[readonly], textarea[readonly] {
+  border: 1px dotted #bcbcbc;
+  padding: 2px;
+}
+
+table {
+  vertical-align: top;
+  border: 1px solid black;
+  border-collapse: collapse;
+  margin: 0 0 1.5em 0;
+}
+
+table td {
+  border: 1px solid black;
+  padding: 0px 5px;
+  color: black;
+}
+
+table th {
+  border: 1px solid black;
+  color: black;
+  background-color: #ccc;
+  white-space: nowrap;
+  padding: 0px 5px;
+  text-align: left;
+}
+
+table.vertical th {
+  background-color: #eee;
+  white-space: nowrap;
+  text-align: right;
+}
+
+caption {
+  font-weight: bold;
+  color: white;
+  background-color: #26A;
+  border: 1px solid black;
+  text-align: center;
+  padding: 4px;
+  font-size: 110%;
+}
+
+table.horizontal th {
+  background-color: #fff;
+  text-align: left;
+  font-size: 90%;
+}
+
+table tbody.highlight tr:hover {
+  background-color: #ffd;
+}
+
+.blue {
+  padding: 2px 5px;
+  border: 1px solid black;
+  border-bottom: 0px;
+  color: white;
+  background-color: #58B;
+  font-size: 110%;
+  font-weight: bold;
+  text-align: left;
+  margin: 0px;
+}
+
+.empty_result_set {
+  font-weight: bold;
+  text-align: center;
+  border: 1px solid black;
+}
+
+/** tabbed navigation **/
+
+#navbar_footer {
+  clear: both;
+  margin: 0;
+  padding: 0;
+  width: 100%;
+  /* sync these values, line-height is needed for IE */
+  height: 4px;
+  line-height: 4px;
+  border-bottom: 1px solid #9C9C9C;
+  background: #81BBF2;
+}
+
+#navbar ul {
+  clear: both;
+  display: block;
+  margin: 0;
+  background-color: gray;
+  font-size: 15px;
+}
+
+#navbar li {
+  float: left;
+  display: block;
+  margin: 0 2px;
+  padding: 0px 5px;
+  border: 1px solid #9C9C9C;
+  background-color: #ffffff;
+  border-bottom: none;
+  white-space: nowrap;
+}
+
+#navbar li a, #navbar li a:visited {
+  color: black;
+  text-decoration: none;    
+}
+
+#navbar li.current a {
+  font-weight: bold;
+}
+
+#navbar li:hover {
+  background: #CCCCCC;
+}
+
+#navbar li.current, #navbar li.current:hover {
+  background-color: #81bbf2;
+}
+
+.ucb_rails_security_form label {
+  width: 8em;
+  float: left;
+  text-align: right;
+  margin-right: 0.5em;
+  display: block;
+  font-size: 1em;
+  padding-right: 2px;
+  font-weight: bold;
+}
+
+.ucb_rails_security_form input[type=text] {
+  font-size: .9em;
+}
+
+.ucb_rails_security_form select[multiple] {
+  font-size: .8em;
+  padding: .5em;
+  margin-top: 0px;
+  width: 350px;
+}
+
+
+.ucb_rails_security_form fieldset {
+  width: 65%;
+  overflow: visible;
+  border: 1px solid #999999;
+}
+
+.ucb_rails_security_form legend {
+  background-color: #efefef;
+  font-family: sans-serif;
+  padding: 0em .5em;
+  border: 1px solid black;
+  font-size: .8em;
+  font-weight: bold;
+}
+
+div.button_widget {
+  margin-left: 6em;
+}
+
+.fieldWithErrors {
+  padding: 2px;
+  background-color: red;
+  display: table;
+}
+
+
+
+table.doubleSelectList {
+  border: 0px solid white;
+}
+
+table.doubleSelectList td {
+  text-align: center; 
+  vertical-align: top; 
+  border: 0px solid white;
+}
+
+table.doubleSelectList td.buttons {
+  text-align: center; 
+  vertical-align: middle;
+  color: gray; 
+  border: 0px solid white;
+}
+
+.doubleSelectList select[multiple] {
+  font-size: .8em;
+  padding: .5em;
+  margin-top: 0px;
+  width: 350px;
+}

data/generators/ucb_rails_security/templates/views/layouts/ucb_security/_main_navigation.html.erb

@@ -0,0 +1,10 @@
+<div id="navbar">
+  <ul>
+    <% users_class = params[:controller] =~ /users/ ? "class='current'" : "" %>
+    <% roles_class = params[:controller] =~ /roles/ ? "class='current'" : "" %>
+    <% help_class = params[:controller] =~ /help/ ? "class='current'" : "" %>
+    <li <%= users_class %>><%= link_to('Users', ucb_security_users_path()) %></li>
+    <li <%= roles_class %>><%= link_to('Roles', ucb_security_roles_path()) %></li>
+  </ul>
+</div>
+<div id="navbar_footer"><hr style="display:none;"></div>

data/generators/ucb_rails_security/templates/views/layouts/ucb_security/application.html.erb

@@ -0,0 +1,24 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+    <html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
+    <head>
+        <title>UCB Rails Security - <%= @title %></title>
+        <%= stylesheet_link_tag 'ucb_security' %>
+        <%= javascript_include_tag :defaults, 'ucb_security' %>
+    </head>
+    
+    <body>
+        <div id="site_header">
+            UCB Rails Security
+        </div>
+
+        <div id="container">
+            <%= render :partial => 'layouts/ucb_security/main_navigation' %>
+
+            <div id="main">
+              <div id="message"><%= display_message() %></div>
+              <h1><%= @title %></h1>
+              <%= yield %>
+            </div>
+        </div>
+    </body>
+</html>