zuk-picnic 0.7.999.20090212

data/CHANGELOG.txt

@@ -0,0 +1 @@
+See History.txt

data/History.txt

@@ -0,0 +1,68 @@
+=== 0.7.1 :: 2008-11-10
+
+* Fixed config file loading problems rooted in $APP_PATH inconsistencies.
+  $APP_PATH is now set to the root of the application installation, rather than
+  the bin or lib subdirectory.
+
+=== 0.7.0 :: 2008-10-28
+
+* Can now configure the CLI aspect of an app to respond to additional command-
+  line flags. This is done by passing a block of OptionParser calls as
+  an :extra_cli_options parameter to the Cli initializer.
+* activerecord is no longer a requirement. However you should make sure that
+  you take care of loading activerecord in your app if you intend to use
+  Camping's database functionality.
+  
+=== 0.6.5 :: 2008-09-18
+
+* Fixed compatibility with ActiveSupport 2.1.
+
+=== 0.6.4 :: 2008-05-26
+
+* Patched bundled Camping library to allow setting expiry time on cookies.
+* CLI initializer can now be fed an alternate module name for your application.
+  This will override the module that would have been guessed based on the
+  app's name.
+* Fixed bug where HTTPS operation didn't work under Webrick. You should now
+  again be able to serve over HTTPS when using webrick by supplying the
+  ssl_cert configuration option.
+  See: http://code.google.com/p/rubycas-server/issues/detail?id=45
+* Fixed bug where the log file was being truncuated whenever the server
+  was started in daemon mode.
+
+=== 0.6.3 :: 2008-03-14
+
+* Fixed bug in mongrel postamble that prevented the server from starting when
+  the log level was set to DEBUG.
+
+=== 0.6.2 :: 2008-03-06
+
+* Fixed some loading problems having to do with the new CAS authenticator
+  introduced in 0.6.0.
+
+=== 0.6.1 :: 2008-02-28
+
+* Fixed bug introduced in 0.6.0 where webrick and mongrel postambles were
+  broken for apps that don't define any public directories.
+* Each public directory mount is now logged during startup. Also resolved
+  some potential issues with the uri_path config option. Multiple /'s
+  in the path are now automatically removed.
+
+=== 0.6.0 :: 2008-02-26
+
+* Added support for CAS authentication. See picnic/authentication.rb for 
+  details.
+* Webrick and Mongrel can now be made to bind to a specific IP address using
+  the :bind_address option. If no :bind_address is specified, the server will
+  listen on all addresses (i.e. '0.0.0.0').
+* The Public controller for serving the '/public' directory is gone. It has
+  been replaced by respective Webrick and Mongrel mechanisms for serving
+  directory contents, since these are much faster. If you're using CGI/FastCGI,
+  you'll have to manually configure your web server (i.e. probably Apache)
+  to serve your public directory contents.
+* The gem package now correctly recognizes markaby as a required
+  dependency.
+
+=== 0.5.0 :: 2007-12-20
+
+* First public release.

data/LICENSE.txt

@@ -0,0 +1,165 @@
+		   GNU LESSER GENERAL PUBLIC LICENSE
+                       Version 3, 29 June 2007
+
+ Copyright (C) 2007 Free Software Foundation, Inc. <http://fsf.org/>
+ Everyone is permitted to copy and distribute verbatim copies
+ of this license document, but changing it is not allowed.
+
+
+  This version of the GNU Lesser General Public License incorporates
+the terms and conditions of version 3 of the GNU General Public
+License, supplemented by the additional permissions listed below.
+
+  0. Additional Definitions. 
+
+  As used herein, "this License" refers to version 3 of the GNU Lesser
+General Public License, and the "GNU GPL" refers to version 3 of the GNU
+General Public License.
+
+  "The Library" refers to a covered work governed by this License,
+other than an Application or a Combined Work as defined below.
+
+  An "Application" is any work that makes use of an interface provided
+by the Library, but which is not otherwise based on the Library.
+Defining a subclass of a class defined by the Library is deemed a mode
+of using an interface provided by the Library.
+
+  A "Combined Work" is a work produced by combining or linking an
+Application with the Library.  The particular version of the Library
+with which the Combined Work was made is also called the "Linked
+Version".
+
+  The "Minimal Corresponding Source" for a Combined Work means the
+Corresponding Source for the Combined Work, excluding any source code
+for portions of the Combined Work that, considered in isolation, are
+based on the Application, and not on the Linked Version.
+
+  The "Corresponding Application Code" for a Combined Work means the
+object code and/or source code for the Application, including any data
+and utility programs needed for reproducing the Combined Work from the
+Application, but excluding the System Libraries of the Combined Work.
+
+  1. Exception to Section 3 of the GNU GPL.
+
+  You may convey a covered work under sections 3 and 4 of this License
+without being bound by section 3 of the GNU GPL.
+
+  2. Conveying Modified Versions.
+
+  If you modify a copy of the Library, and, in your modifications, a
+facility refers to a function or data to be supplied by an Application
+that uses the facility (other than as an argument passed when the
+facility is invoked), then you may convey a copy of the modified
+version:
+
+   a) under this License, provided that you make a good faith effort to
+   ensure that, in the event an Application does not supply the
+   function or data, the facility still operates, and performs
+   whatever part of its purpose remains meaningful, or
+
+   b) under the GNU GPL, with none of the additional permissions of
+   this License applicable to that copy.
+
+  3. Object Code Incorporating Material from Library Header Files.
+
+  The object code form of an Application may incorporate material from
+a header file that is part of the Library.  You may convey such object
+code under terms of your choice, provided that, if the incorporated
+material is not limited to numerical parameters, data structure
+layouts and accessors, or small macros, inline functions and templates
+(ten or fewer lines in length), you do both of the following:
+
+   a) Give prominent notice with each copy of the object code that the
+   Library is used in it and that the Library and its use are
+   covered by this License.
+
+   b) Accompany the object code with a copy of the GNU GPL and this license
+   document.
+
+  4. Combined Works.
+
+  You may convey a Combined Work under terms of your choice that,
+taken together, effectively do not restrict modification of the
+portions of the Library contained in the Combined Work and reverse
+engineering for debugging such modifications, if you also do each of
+the following:
+
+   a) Give prominent notice with each copy of the Combined Work that
+   the Library is used in it and that the Library and its use are
+   covered by this License.
+
+   b) Accompany the Combined Work with a copy of the GNU GPL and this license
+   document.
+
+   c) For a Combined Work that displays copyright notices during
+   execution, include the copyright notice for the Library among
+   these notices, as well as a reference directing the user to the
+   copies of the GNU GPL and this license document.
+
+   d) Do one of the following:
+
+       0) Convey the Minimal Corresponding Source under the terms of this
+       License, and the Corresponding Application Code in a form
+       suitable for, and under terms that permit, the user to
+       recombine or relink the Application with a modified version of
+       the Linked Version to produce a modified Combined Work, in the
+       manner specified by section 6 of the GNU GPL for conveying
+       Corresponding Source.
+
+       1) Use a suitable shared library mechanism for linking with the
+       Library.  A suitable mechanism is one that (a) uses at run time
+       a copy of the Library already present on the user's computer
+       system, and (b) will operate properly with a modified version
+       of the Library that is interface-compatible with the Linked
+       Version. 
+
+   e) Provide Installation Information, but only if you would otherwise
+   be required to provide such information under section 6 of the
+   GNU GPL, and only to the extent that such information is
+   necessary to install and execute a modified version of the
+   Combined Work produced by recombining or relinking the
+   Application with a modified version of the Linked Version. (If
+   you use option 4d0, the Installation Information must accompany
+   the Minimal Corresponding Source and Corresponding Application
+   Code. If you use option 4d1, you must provide the Installation
+   Information in the manner specified by section 6 of the GNU GPL
+   for conveying Corresponding Source.)
+
+  5. Combined Libraries.
+
+  You may place library facilities that are a work based on the
+Library side by side in a single library together with other library
+facilities that are not Applications and are not covered by this
+License, and convey such a combined library under terms of your
+choice, if you do both of the following:
+
+   a) Accompany the combined library with a copy of the same work based
+   on the Library, uncombined with any other library facilities,
+   conveyed under the terms of this License.
+
+   b) Give prominent notice with the combined library that part of it
+   is a work based on the Library, and explaining where to find the
+   accompanying uncombined form of the same work.
+
+  6. Revised Versions of the GNU Lesser General Public License.
+
+  The Free Software Foundation may publish revised and/or new versions
+of the GNU Lesser General Public License from time to time. Such new
+versions will be similar in spirit to the present version, but may
+differ in detail to address new problems or concerns.
+
+  Each version is given a distinguishing version number. If the
+Library as you received it specifies that a certain numbered version
+of the GNU Lesser General Public License "or any later version"
+applies to it, you have the option of following the terms and
+conditions either of that published version or of any later version
+published by the Free Software Foundation. If the Library as you
+received it does not specify a version number of the GNU Lesser
+General Public License, you may choose any version of the GNU Lesser
+General Public License ever published by the Free Software Foundation.
+
+  If the Library as you received it specifies that a proxy can decide
+whether future versions of the GNU Lesser General Public License shall
+apply, that proxy's public statement of acceptance of any version is
+permanent authorization for you to choose that version for the
+Library.

data/Manifest.txt

@@ -0,0 +1,29 @@
+CHANGELOG.txt
+History.txt
+LICENSE.txt
+Manifest.txt
+README.txt
+Rakefile
+lib/picnic.rb
+lib/picnic/authentication.rb
+lib/picnic/cli.rb
+lib/picnic/conf.rb
+lib/picnic/controllers.rb
+lib/picnic/postambles.rb
+lib/picnic/service_control.rb
+lib/picnic/utils.rb
+lib/picnic/version.rb
+setup.rb
+test/picnic_test.rb
+test/test_helper.rb
+vendor/camping-1.5.180/CHANGELOG
+vendor/camping-1.5.180/COPYING
+vendor/camping-1.5.180/README
+vendor/camping-1.5.180/Rakefile
+vendor/camping-1.5.180/lib/camping-unabridged.rb
+vendor/camping-1.5.180/lib/camping.rb
+vendor/camping-1.5.180/lib/camping/db.rb
+vendor/camping-1.5.180/lib/camping/fastcgi.rb
+vendor/camping-1.5.180/lib/camping/reloader.rb
+vendor/camping-1.5.180/lib/camping/session.rb
+vendor/camping-1.5.180/lib/camping/webrick.rb

data/README.txt

@@ -0,0 +1,31 @@
+= Picnic
+
+<b>Picnic makes it easy(ier) to distribute and run Camping-based applications as 
+well-behaved stand-alone Linux servers (although it works on Windows too).</b>
+
+*Author*::    Matt Zukowski (matt at roughest dot net)
+*Copyright*:: Copyright (c) 2007 Urbacon Ltd.
+*License*::   GNU Lesser General Public License Version 3
+*Homepage*::  http://camping-picnic.googlecode.com
+
+For detailed information and usage examples, please see Picnic's Google Code page at:
+<b>http://camping-picnic.googlecode.com</b>
+
+For info on the Camping microframework, see: 
+http://code.whytheluckystiff.net/camping and
+http://camping.rubyforge.org/files/README.html
+
+== License
+
+picnic is free software; you can redistribute it and/or modify
+it under the terms of the GNU Lesser General Public License as published 
+by the Free Software Foundation; either version 3 of the License, or
+(at your option) any later version.
+
+Reststop is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU Lesser General Public License
+along with this program.  If not, see <http://www.gnu.org/licenses/>.

data/Rakefile

@@ -0,0 +1,62 @@
+require 'rubygems'
+require 'rake'
+require 'rake/clean'
+require 'rake/testtask'
+require 'rake/packagetask'
+require 'rake/gempackagetask'
+require 'rake/rdoctask'
+require 'rake/contrib/rubyforgepublisher'
+require 'fileutils'
+require 'hoe'
+include FileUtils
+require File.join(File.dirname(__FILE__), 'lib', 'picnic', 'version')
+
+AUTHOR = "Matt Zukowski"
+EMAIL = "matt@roughest.net"
+DESCRIPTION = "Camping for sissies"
+GEM_NAME = "picnic"
+RUBYFORGE_PROJECT = "picnic"
+HOMEPATH = "http://#{RUBYFORGE_PROJECT}.rubyforge.org"
+
+ENV['NODOT'] = '1'
+
+NAME = "picnic"
+REV = nil
+#REV = `svn info`[/Revision: (\d+)/, 1] rescue nil
+VERS = ENV['VERSION'] || (Picnic::VERSION::STRING + (REV ? ".#{REV}" : ""))
+                          CLEAN.include ['**/.*.sw?', '*.gem', '.config']
+RDOC_OPTS = ['--quiet', '--title', "picnic #{VERS} documentation",
+    "--opname", "index.html",
+    "--line-numbers", 
+    "--main", "README",
+    "--inline-source"]
+
+class Hoe
+  def extra_deps
+    @extra_deps.reject { |x| Array(x).first == 'hoe' } 
+  end 
+end
+
+# Generate all the Rake tasks
+# Run 'rake -T' to see list of generated tasks (from gem root directory)
+hoe = Hoe.new(GEM_NAME, VERS) do |p|
+  p.author = AUTHOR 
+  p.description = DESCRIPTION
+  p.email = EMAIL
+  p.summary = DESCRIPTION
+  p.url = HOMEPATH
+  p.rubyforge_name = RUBYFORGE_PROJECT if RUBYFORGE_PROJECT
+  p.test_globs = ["test/**/*_test.rb"]
+  p.clean_globs = CLEAN  #An array of file patterns to delete on clean.
+  
+  # == Optional
+  #p.changes        - A description of the release's latest changes.
+  #p.extra_deps     - An array of rubygem dependencies.
+  #p.spec_extras    - A hash of extra values to set in the gemspec.
+  
+  # note that camping-1.5.0.180 is now bundled with picnic in the vendor directory. 
+  p.extra_deps = [
+    'markaby',
+    'activesupport'
+  ]
+end

data/lib/picnic/authentication.rb

@@ -0,0 +1,218 @@
+module Picnic #:nodoc:
+  # These modules (currently only one module, but more in the future) provide authentication
+  # for your Camping app. 
+  #
+  module Authentication
+    # Picnic::Authentication::Basic provides Basic HTTP Authentication for your Camping app. 
+    # The module defines a <tt>service</tt> method that only continues the request chain when 
+    # proper credentials are provided by the client (browser).
+    # 
+    # == Getting Started
+    #
+    # To activate Basic Authentication for your application:
+    #
+    # 1. Picnic-fy your Camping app (e.g: <tt>Camping.goes :your_app; YourApp.picnic!</tt>)
+    # 2. Call <tt>YourApp.authenticate_using :basic</tt>.
+    # 3. Define an <tt>authenticate</tt> method on your application module that takes a hash.
+    #    The hash contains credentials like <tt>:username</tt>, <tt>:password</tt>, and <tt>:hostname</tt>,
+    #    although future authentication modules may submit other credentials.
+    #    The <tt>authenticate</tt> method should return true when the credentials are valid.
+    #    Examples:
+    #
+    #      module Blog
+    #        def authenticate(credentials)
+    #          credentials[:username] == 'admin' &&
+    #            credentials[:password] == 'flapper30'
+    #        end
+    #        module_function :authenticate
+    #      end
+    #
+    #    or
+    #
+    #      module Wiki
+    #        def authenticate(credentials)
+    #          u = credentials[:username]
+    #          p = credentials[:password]
+    #          Models::User.find_by_username_and_password u, p
+    #        end
+    #        module_function :authenticate
+    #      end
+    #
+    # 4. <tt>service</tt> sets <tt>@credentials</tt> to the credentials of the person who logged in.
+    #
+    # ----
+    #
+    # This code is based on Camping::BasicAuth written by Manfred Stienstra 
+    # (see http://www.fngtps.com/2006/05/basic-authentication-for-camping).
+    module Basic
+      require 'base64'
+      
+      # Reads the username and password from the headers and returns them.
+      def read_credentials
+        if d = %w{REDIRECT_X_HTTP_AUTHORIZATION X-HTTP_AUTHORIZATION HTTP_AUTHORIZATION}.inject([]) \
+          { |d,h| env.has_key?(h) ? env[h].to_s.split : d }
+          u,p = ::Base64.decode64(d[1]).split(':')[0..1] if d[0] == 'Basic'
+          return {:username => u, :password => p}
+        end
+      end
+      
+      def service(*a)
+        app = Kernel.const_get self.class.name.gsub(/^(\w+)::.+$/, '\1')
+        unless app.respond_to? :authenticate
+          raise "Basic authentication is enabled but the 'authenticate' method has not been defined."
+        end
+        
+        @credentials = read_credentials || {}
+        
+        if app.authenticate(@credentials)
+          s = super(*a)
+        else
+          @status = 401
+          @headers['Content-type'] = @headers['Content-type'] || 'text/plain'
+          @headers['Status'] = 'Unauthorized'
+          @headers['WWW-Authenticate'] = "Basic realm=\"#{app}\""
+          @body = 'Unauthorized'
+          s = self
+        end
+        s
+      end
+    end
+
+    
+    # Picnic::Authentication::Cas provides basic CAS (Central Authentication System) authentication 
+    # for your Camping app.
+    #
+    # To learn more about CAS, see http://rubycas-client.googlecode.com and 
+    # http://www.ja-sig.org/products/cas.
+    # 
+    # The module defines a <tt>service</tt> method that intercepts every request to check for CAS
+    # authentication. If the user has already been authenticated, the request proceeds as normal
+    # and the authenticated user's username is made available under <tt>@state[:cas_username]. 
+    # Otherwise the request is redirected to your CAS server for authentication.
+    # 
+    # == Getting Started
+    #
+    # To activate CAS authentication for your application:
+    #
+    # 1. Picnic-fy your Camping app (e.g: <tt>Camping.goes :your_app; YourApp.picnic!</tt>)
+    # 2. Call <tt>YourApp.authenticate_using :cas</tt>.
+    # 3. In your app's configuration YAML file add something like this:
+    #      authentication:
+    #         cas_base_url: https://login.example.com/cas
+    #    Where the value for </tt>cas_base_url</tt> is the URL of your CAS server.
+    # 4. That's it. Now whenever a user tries to access any of your controller's actions,
+    #    the request will be checked for CAS authentication. If the user is authenticated,
+    #    their username is availabe in @state[:cas_username]. Note that there is currently
+    #    no way to apply CAS authentication only to certain controllers or actions. When
+    #    enabled, CAS authentication applies to your entire application, except for items
+    #    placed in the /public subdirectory (CSS files, JavaScripts, images, etc.). The
+    #    public directory does not require CAS authentication, so anyone can access its
+    #    contents.
+    #
+    module Cas
+      # For some reason the Module#included callback is just not working for me, so I had
+      # to resort to overriding append_features(). If anyone has any ideas why, please
+      # let me know!
+      def self.append_features(mod)
+        super
+        
+        require 'camping/db'
+        require 'camping/session'
+        
+        $: << File.dirname(File.expand_path(__FILE__))+"/../../../rubycas-client2/lib" # for development
+        require 'rubycas-client'
+      end
+
+#       app = Kernel.const_get self.name.gsub(/^(\w+)::.+$/, '\1')
+#       raise "Cannot enable CAS authentication because your Camping app does not extend Camping::Session." unless
+#        app.ancestors.include?(Camping::Session)
+
+      # There must be a smarter way to do this... but for now, we just re-implement
+      # the Camping::Session method here to provide session support for CAS.
+      module Session
+        # This doesn't work :( MySQL connection is not carried over.
+        #define_method(:service, Camping::Session.instance_method(:service))
+        
+        def service(*a)
+          Camping::Models::Session.create_schema
+          
+          session = Camping::Models::Session.persist @cookies
+          app = self.class.name.gsub(/^(\w+)::.+$/, '\1')
+          @state = (session[app] ||= Camping::H[])
+          hash_before = Marshal.dump(@state).hash
+          s = super(*a)
+          if session
+            hash_after = Marshal.dump(@state).hash
+            unless hash_before == hash_after
+              session[app] = @state
+              session.save
+            end
+          end
+          s
+        end
+      end
+
+      def self.included(mod)
+        mod.module_eval do
+          include Cas::Session
+        end
+      end
+
+      def service(*a)
+        $LOG.debug "Running CAS filter for request #{a.inspect}..."
+        
+        if @env['PATH_INFO'] =~ /^\/public\/.*/
+          $LOG.debug "Access to items in /public subdirectory does not require CAS authentication."
+          return super(*a)
+        end
+        if @state[:cas_username]
+          $LOG.debug "Local CAS session exists for user #{@state[:cas_username]}."
+          return super(*a)
+        end
+                
+        client = CASClient::Client.new($CONF[:authentication].merge(:logger => $LOG))
+        
+        ticket = @input[:ticket]
+        
+        cas_login_url = client.add_service_to_login_url(read_service_url(@env))
+        
+        if ticket
+          if ticket =~ /^PT-/
+            st = CASClient::ProxyTicket.new(ticket, read_service_url(@env), @input[:renew])
+          else
+            st = CASClient::ServiceTicket.new(ticket, read_service_url(@env), @input[:renew])
+          end
+          
+          $LOG.debug "Got CAS ticket: #{st.inspect}"
+          
+          client.validate_service_ticket(st)
+          if st.is_valid?
+            $LOG.info "CAS ticket #{st.ticket.inspect} is valid. Opening local CAS session for user #{st.response.user.inspect}."
+            @state[:cas_username] = st.response.user
+            return super(*a)
+          else
+            $LOG.warn "CAS ticket #{st.ticket.inspect} is INVALID. Redirecting back to CAS server at #{cas_login_url.inspect} for authentication."
+            @state[:cas_username] = nil
+            redirect cas_login_url
+            s = self
+          end
+        else
+          $LOG.info "User is unauthenticated and no CAS ticket found. Redirecting to CAS server at #{cas_login_url.inspect} for authentication."
+          @state[:cas_username] = nil
+          redirect cas_login_url
+          s = self
+        end
+        s
+      end
+      
+      private
+      def read_service_url(env)
+        if $CONF[:authentication][:service_url] 
+          $CONF[:authentication][:service_url]
+        else
+          env['REQUEST_URI'].gsub(/service=[^&]*[&]?/,'').gsub(/ticket=[^&]*[&]?/,'')
+        end
+      end
+    end
+  end
+end