zen 0.1a

data/lib/zen/packages/users/lib/users/controller/users.rb

@@ -0,0 +1,240 @@
+module Users
+  module Controllers
+    ##
+    # Controller for managing users. Users in this case are people
+    # that have access to the backend. However, users might be able
+    # to access the backend but that doesn't mean they can actuall use it.
+    # The permission system will block anybody that don't have the correct
+    # permissions for each module. In case of a module like a forum it's
+    # probably better to add some additional checks to ensure people
+    # can't mess around with your system.
+    #
+    # @author Yorick Peterse
+    # @since  0.1
+    #
+    class Users < Zen::Controllers::AdminController
+      map '/admin/users'
+      
+      trait :extension_identifier => 'com.zen.users'
+      include ::Users::Models
+      
+      before_all do
+        csrf_protection :save, :delete do
+          respond(@zen_general_lang.errors[:csrf], 401)
+        end
+      end
+      
+      # Every action should use the admin layout except the "login" method,
+      # that one will use a trimmed down version of the admin layout.
+      layout do |path, format|
+        if path == 'login'
+          :login
+        else
+          :admin
+        end
+      end
+      
+      ##
+      # Load our language packs, set the form URLs and define our page title.
+      #
+      # @author Yorick Peterse
+      # @since  0.1
+      #
+      def initialize
+        super
+        
+        @form_save_url   = '/admin/users/save'
+        @form_delete_url = '/admin/users/delete'
+        @form_login_url  = '/admin/users/login'
+        @users_lang      = Zen::Language.load 'users'
+        
+        # Set the page title
+        if !action.method.nil?
+          method = action.method.to_sym
+        
+          if @users_lang.titles.key? method 
+            @page_title = @users_lang.titles[method]
+          end
+        end
+      end
+      
+      ##
+      # Show an overview of all users and allow the current user
+      # to manage these users.
+      #
+      # @author Yorick Peterse
+      # @since  0.1
+      #
+      def index
+        if !user_authorized?([:read])
+          respond(@zen_general_lang.errors[:not_authorized], 403)
+        end
+        
+        set_breadcrumbs @users_lang.titles[:index]
+        
+        @users = User.all
+      end
+      
+      ##
+      # Edit an existing user based on the ID.
+      #
+      # @author Yorick Peterse
+      # @since  0.1
+      #
+      def edit id
+        if !user_authorized?([:read, :update])
+          respond(@zen_general_lang.errors[:not_authorized], 403)
+        end
+        
+        set_breadcrumbs anchor_to(@users_lang.titles[:index], "admin/users"), @users_lang.titles[:edit]
+        
+        @user           = User[id]
+        @user_group_pks = UserGroup.pk_hash(:name)
+      end
+      
+      ##
+      # Create a new user.
+      #
+      # @author Yorick Peterse
+      # @since  0.1
+      #
+      def new
+        if !user_authorized?([:read, :create])
+          respond(@zen_general_lang.errors[:not_authorized], 403)
+        end
+        
+        set_breadcrumbs anchor_to(@users_lang.titles[:index], "admin/users"), @users_lang.titles[:new]
+        
+        @user           = User.new
+        @user_group_pks = UserGroup.pk_hash(:name)
+      end
+      
+      ##
+      # Show a form that allows a user to log in.
+      #
+      # @author Yorick Peterse
+      # @since  0.1
+      #
+      def login
+        if request.post?
+          # Let's see if we can authenticate
+          if user_login(request.subset(:email, :password))
+            # Update the last time the user logged in
+            User[:email => request.params['email']].update(:last_login => Time.new)
+            
+            notification :success, @users_lang.titles[:index], @users_lang.success[:login]
+            redirect "admin"
+          else
+            notification :error, @users_lang.titles[:index], @users_lang.errors[:login]
+          end
+        end
+      end
+      
+      ##
+      # Logout and destroy the user's session.
+      #
+      # @author Yorick Peterse
+      # @since  0.1
+      #
+      def logout
+        user_logout
+        
+        notification :success, @users_lang.titles[:index], @users_lang.success[:logout]
+        redirect "admin/users/login"
+      end
+      
+      ##
+      # Saves or creates a new user based on the POST data and a field named "id".
+      #
+      # @author Yorick Peterse
+      # @since  0.1
+      #
+      def save
+        if !user_authorized?([:update, :create])
+          respond(@zen_general_lang.errors[:not_authorized], 403)
+        end
+        
+        post = request.params.dup
+       
+        post.each do |key, value|
+          post.delete(key) if value.empty?
+        end
+
+        if post["id"] and !post["id"].empty?
+          @user       = User[post["id"]]
+          save_action = :save
+        else
+          @user       = User.new
+          save_action = :new
+        end
+        
+        if !post['new_password'].nil? and !post['new_password'].empty?
+          if post['new_password'] != post['confirm_password']
+            notification :error, @users_lang.titles[:index], @users_lang.errors[:no_password_match]
+            redirect_referrer
+          else
+            post['password'] = post['new_password']
+            
+            post.delete 'new_password'
+            post.delete 'confirm_password'
+          end
+        end
+        
+        # User group pks have to be integers
+        if !post["user_group_pks"].nil?
+          post["user_group_pks"].map! { |value| value.to_i }
+        else
+          post["user_group_pks"] = []
+        end
+        
+        flash_success = @users_lang.success[save_action]
+        flash_error   = @users_lang.errors[save_action]
+
+        begin
+          @user.update(post)
+          notification(:success, @users_lang.titles[:index], flash_success)
+        rescue
+          notification(:error, @users_lang.titles[:index], flash_error)
+          
+          flash[:form_errors] = @user.errors
+        end
+        
+        if @user.id
+          redirect "/admin/users/edit/#{@user.id}"
+        else
+          redirect_referrer
+        end
+      end
+      
+      ##
+      # Delete all specified users.
+      #
+      # @author Yorick Peterse
+      # @since  0.1
+      #
+      def delete
+        if !user_authorized?([:delete])
+          respond(@zen_general_lang.errors[:not_authorized], 403)
+        end
+        
+        if !request.params["user_ids"] or request.params["user_ids"].empty?
+          notification(:error, @users_lang.titles[:index], @users_lang.errors[:no_delete])
+          redirect_referrer
+        end
+        
+        request.params["user_ids"].each do |id|
+          @user = User[id]
+          
+          begin
+            @user.delete
+            notification(:success, @users_lang.titles[:index], @users_lang.success[:delete] % id)
+          rescue
+            notification(:error, @users_lang.titles[:index], @users_lang.errors[:delete] % id)
+          end
+        end
+        
+        redirect_referrer
+      end
+    end
+  end
+end

data/lib/zen/packages/users/lib/users/language/en/access_rules.rb

@@ -0,0 +1,49 @@
+Zen::Language.translation 'access_rules' do |item|
+
+  item.titles = {
+    :index  => 'Access Rules',
+    :edit   => 'Edit Access Rule',
+    :new    => 'Add Access Rule'
+  }
+  
+  item.labels = {
+    :id           => '#',
+    :extension    => 'Extension',
+    :rule_applies => 'Rule applies to',
+    :create       => 'Create',
+    :read         => 'Read',
+    :update       => 'Update',
+    :delete       => 'Delete',
+    :user         => 'User',
+    :user_group   => 'User group'
+  }
+  
+  item.special = {
+    :boolean_hash      => {true => "Yes", false => "No"},
+    :rule_applies_hash => {"Users" => "div_user_id", "User groups" => "div_user_group_id"}
+  }
+
+  item.messages = {
+    :no_rules    => 'No access rules have been added yet'
+  }
+  
+  item.errors = {
+    :new        => "Failed to create a new access rule.",
+    :save       => "Failed to save the access rule.",
+    :delete     => "Failed to delete the access rule with ID #%s",
+    :no_delete  => "You haven't specified any access rules to delete."
+  }
+  
+  item.success = {
+    :new    => "The new access rule has been created.",
+    :save   => "The access rule has been modified.",
+    :delete => "The access rule with ID #%s has been deleted."
+  }
+  
+  item.buttons = {
+    :new    => 'New rule',
+    :delete => 'Delete selected rules',
+    :save   => 'Save rule'
+  }
+
+end

data/lib/zen/packages/users/lib/users/language/en/user_groups.rb

@@ -0,0 +1,42 @@
+Zen::Language.translation 'user_groups' do |item|
+  item.titles = {
+    :index  => 'User Groups',
+    :edit   => 'Edit User Group',
+    :new    => 'Add User Group'
+  }
+  
+  item.labels = {
+    :id          => '#',
+    :name        => 'Name',
+    :slug        => 'Slug',
+    :description => 'Description',
+    :super_group => 'Super group'
+  }
+  
+  item.special = {
+    :boolean_hash => {true => "Yes", false => "No"}
+  }
+
+  item.messages = {
+    :no_user_groups  => 'No user groups have been added yet'
+  }
+  
+  item.errors = {
+    :new        => "Failed to create a new user group.",
+    :save       => "Failed to save the user group.",
+    :delete     => "Failed to delete the user group with ID #%s",
+    :no_delete  => "You haven't specified any user groups to delete."
+  }
+  
+  item.success = {
+    :new    => "The new user group has been created.",
+    :save   => "The user group has been modified.",
+    :delete => "The user group with ID #%s has been deleted."
+  }
+  
+  item.buttons = {
+    :new_group     => 'New group',
+    :delete_groups => 'Delete selected groups',
+    :save_group    => 'Save group'
+  }
+end

data/lib/zen/packages/users/lib/users/language/en/users.rb

@@ -0,0 +1,63 @@
+Zen::Language.translation 'users' do |item|
+  # Page titles
+  item.titles = {
+    :index  => 'Users',
+    :edit   => 'Edit User',
+    :new    => 'Add User',
+    :login  => 'Login'
+  }
+  
+  # Labels
+  item.labels = {
+    :id               => '#',
+    :email            => 'Email',
+    :name             => 'Name',
+    :website          => 'Website',
+    :password         => 'Password',
+    :new_password     => 'New password',
+    :confirm_password => 'Confirm password',
+    :status           => 'Status',
+    :created_at       => 'Created',
+    :updated_at       => 'Updated',
+    :last_login       => 'Last login',
+    :user_groups      => 'User groups'
+  }
+  
+  # Special items such as sub hashes and such
+  item.special = {
+    :status_hash => {'open' => 'Open', 'closed' => 'Closed'}
+  }
+
+  # General messages
+  item.messages = {
+    :no_users    => 'No users have been added yet'
+  }
+  
+  # Error specific messages
+  item.errors = {
+    :new               => "Failed to create a new users.",
+    :save              => "Failed to save the user.",
+    :delete            => "Failed to delete the user with ID #%s",
+    :no_delete         => "You haven't specified any users to delete.",
+    :no_password_match => 'The specified passwords didn\'t match.',
+    :login             => "Failed to login with the specified details",
+    :logout            => "Failed to log out, what the hell is going on?"
+  }
+  
+  # Success messages
+  item.success = {
+    :new    => "The new user has been created.",
+    :save   => "The user has been modified.",
+    :delete => "The user with ID #%s has been deleted.",
+    :login  => "You've been successfully logged in.",
+    :logout => "You've been successfully logged out."
+  }
+  
+  # Buttons
+  item.buttons = {
+    :login        => 'Login',
+    :new_user     => 'New user',
+    :delete_users => 'Delete selected users',
+    :save_user    => 'Save user'
+  }
+end

data/lib/zen/packages/users/lib/users/liquid/user.rb

@@ -0,0 +1,75 @@
+module Users
+  module Liquid
+    ##
+    # Tag that can be used to retrieve details about a single user. When using this
+    # tag you can use the database table's column names as the keys, multiple keys
+    # will result in multiple WHERE/AND clauses. In order to retrieve a user with
+    # the Email address "me@awesome.com" you'd do the following:
+    #
+    # bc. {% user email="me@awesome.com" %}
+    #   {{name}}
+    # {% enduser %}
+    #
+    # If you want to add an extra condition simply do the following:
+    #
+    # bc. {% user email="me@awesome.com" status="open" %}
+    #   {{name}}
+    # {% enduser %}
+    #
+    # Note that this class is a Liquid block, not a tag. This means that you'll have to
+    # specify the closing tag. The reason for this is that there are multiple columns
+    # for the user table and using a tag in combination of a variable would result in
+    # more code.
+    # 
+    # @author Yorick Peterse
+    # @since  0.1
+    #
+    class User < ::Liquid::Block
+      include ::Zen::Liquid::General
+      
+      ##
+      # Initializes the class, parses the tag and retrieves the user for the specified tag.
+      #
+      # @author Yorick Peterse
+      # @param  [String] tag_name The name of the tag that was called.
+      # @param  [String] arguments All additional arguments passed as a string.
+      # @param  [String] html The HTML inside the block.
+      # @since  0.1
+      # 
+      def initialize tag_name, arguments, markup
+        super
+        
+        @arguments = {}
+        arguments  = parse_key_values(arguments)
+        
+        arguments.each do |k, v|
+          @arguments[k.to_sym] = v
+        end
+        
+        @user = {}
+        user  = ::Users::Models::User[@arguments]
+        
+        if !user.nil?
+          user.values.each do |k, v|
+            @user[k.to_s] = v
+          end
+        end
+      end
+      
+      ##
+      # Renders the tag
+      #
+      # @author Yorick Peterse
+      # @param  [Object] context The Liquid context for the current tag.
+      # @return [Array]
+      #
+      def render context
+        @user.each do |k, v|
+          context[k] = v
+        end
+        
+        render_all(@nodelist, context)
+      end
+    end
+  end
+end