make prodile work properly with permissions

mkristian · Oct 20, 2011 · b0527d6 · b0527d6
1 parent 45d8f66
commit b0527d6
Show file tree

Hide file tree

Showing 9 changed files with 63 additions and 97 deletions.
diff --git a/Gemfile b/Gemfile
@@ -69,7 +69,7 @@ gem 'ixtlan-generators'#, :path => '../../ixtlan/ixtlan-generators'
 
 gem 'enforce-ssl'
 gem "ixtlan-session-timeout"
-gem "ixtlan-guard"#, :path => '../../ixtlan/ixtlan-guard'
+gem "ixtlan-guard", :path => '../../ixtlan/ixtlan-guard'
 gem "ixtlan-core"
 
 gem 'bcrypt-ruby'

diff --git a/Gemfile.lock b/Gemfile.lock
@@ -1,3 +1,9 @@
+PATH
+  remote: ../../ixtlan/ixtlan-guard
+  specs:
+    ixtlan-guard (0.7.0)
+      ixtlan-core (~> 0.6.0)
+
 GEM
   remote: http://rubygems.org/
   specs:
@@ -40,8 +46,6 @@ GEM
     ixtlan-core (0.6.1)
       slf4r (>= 0.4.2, < 0.4.99999)
     ixtlan-generators (0.1.2)
-    ixtlan-guard (0.6.1)
-      ixtlan-core (~> 0.6.0)
     ixtlan-session-timeout (0.4.0)
     jdbc-sqlite3 (3.7.2)
     mail (2.2.19)
@@ -93,7 +97,7 @@ DEPENDENCIES
   enforce-ssl
   ixtlan-core
   ixtlan-generators
-  ixtlan-guard
+  ixtlan-guard!
   ixtlan-session-timeout
   jdbc-sqlite3
   pg

diff --git a/Mavenfile b/Mavenfile
@@ -1,6 +1,6 @@
 #-*- mode: ruby -*-
 GWT_VERSION = '2.3.0'
-jar('de.mkristian.rails-gwt:rails-gwt', '0.3.0-SNAPSHOT').scope :provided
+jar('de.mkristian.gwt:rails-gwt', '0.6.1-SNAPSHOT').scope :provided
 jar('org.fusesource.restygwt:restygwt', '1.2').scope :provided
 jar('javax.ws.rs:jsr311-api', '1.1').scope :provided
 jar('com.google.gwt:gwt-user', GWT_VERSION).scope :provided

diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
@@ -20,12 +20,18 @@ def remote_permission
     raise "ip #{request.remote_ip} not allowed" if (!perm.ip.blank? && request.remote_ip != perm.ip)
   end
 
-  def groups_for_current_users
-    app_id = Configuration.instance.application.nil? ? 0 :Configuration.instance.application.id
-    current_user.groups.select do |g|
-      g.application.id == app_id
-    end.collect do |g|
-      g.name
+  def current_user_group_names
+    if current_user
+      app_id = Configuration.instance.application.nil? ? 0 :Configuration.instance.application.id
+      group_names = current_user.groups.select do |g|
+        g.application.id == app_id
+      end.collect do |g|
+        g.name.to_s
+      end
+      group_names << 'profile' # to allow every user the profile page
+      group_names
+    else
+      []
     end
   end
 

diff --git a/app/controllers/profiles_controller.rb b/app/controllers/profiles_controller.rb
@@ -8,8 +8,8 @@ def show
 
     respond_to do |format|
       format.html # show.html.erb
-      format.xml  { render :xml => @profile }
-      format.json  { render :json => @profile.to_json(:root => :profile, :methods => []) }
+      format.xml  { render :xml => @profile.to_xml(User.options.merge(:root => 'profile')) }
+      format.json  { render :json => @profile.to_json(User.options.merge(:root => 'profile')) }
     end
   end
 
@@ -35,8 +35,8 @@ def update
       respond_to do |format|
         if @profile.update_attributes(profile)
           format.html { redirect_to(profile_path, :notice => 'Profile was successfully updated.') }
-          format.xml  { render :xml => @profile }
-          format.json  { render :json => @profile.to_json(:root => :profile, :methods => []) }
+          format.xml  { render :xml => @profile.to_json(User.options.merge(:root => 'profile')) }
+          format.json  { render :json => @profile.to_json(User.options.merge(:root => 'profile')) }
         else
           format.html { render :action => "edit" }
           format.xml  { render :xml => @profile.errors, :status => :unprocessable_entity }

diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb
@@ -23,7 +23,7 @@ def create
     if @session.valid?
       current_user(@session.user)
       @session.idle_session_timeout = Rails.application.config.idle_session_timeout
-      @session.permissions = guard.permissions(groups_for_current_users)
+      @session.permissions = guard.permissions(current_user_group_names)
 
       # TODO make html login
       respond_to do |format|

diff --git a/app/guards/profiles_guard.yml b/app/guards/profiles_guard.yml
@@ -1,9 +1,5 @@
 profiles:
-  defaults: [*] 
-#  index: []
-  show: [*]
-#  new: []
-#  create: []
+  defaults: [*] # to allow every user the profile page
+#  show: []
 #  edit: []
-  update: [*]
-#  destroy: []
+#  update: []
diff --git a/pom.xml b/pom.xml
@@ -157,6 +157,16 @@
       <artifactId>jdbc-sqlite3</artifactId>
       <type>gem</type>
     </dependency>
+    <dependency>
+      <groupId>rubygems</groupId>
+      <artifactId>resty-generators</artifactId>
+      <type>gem</type>
+    </dependency>
+    <dependency>
+      <groupId>rubygems</groupId>
+      <artifactId>ixtlan-generators</artifactId>
+      <type>gem</type>
+    </dependency>
     <dependency>
       <groupId>rubygems</groupId>
       <artifactId>enforce-ssl</artifactId>
@@ -183,9 +193,9 @@
       <type>gem</type>
     </dependency>
     <dependency>
-      <groupId>de.mkristian.rails-gwt</groupId>
+      <groupId>de.mkristian.gwt</groupId>
       <artifactId>rails-gwt</artifactId>
-      <version>0.3.0-SNAPSHOT</version>
+      <version>0.6.1-SNAPSHOT</version>
       <type>jar</type>
       <scope>provided</scope>
     </dependency>
@@ -247,16 +257,10 @@
   </dependencies>
   <dependencyManagement>
     <dependencies>
-      <dependency>
-        <groupId>rubygems</groupId>
-        <artifactId>ixtlan-generators</artifactId>
-        <version>0.1.2</version>
-        <type>gem</type>
-      </dependency>
       <dependency>
         <groupId>rubygems</groupId>
         <artifactId>ixtlan-guard</artifactId>
-        <version>0.6.1</version>
+        <version>0.7.0</version>
         <type>gem</type>
       </dependency>
       <dependency>
@@ -271,12 +275,6 @@
         <version>0.4.2</version>
         <type>gem</type>
       </dependency>
-      <dependency>
-        <groupId>rubygems</groupId>
-        <artifactId>resty-generators</artifactId>
-        <version>0.6.0</version>
-        <type>gem</type>
-      </dependency>
       <dependency>
         <groupId>rubygems</groupId>
         <artifactId>abstract</artifactId>
@@ -405,14 +403,14 @@
       </dependency>
       <dependency>
         <groupId>rubygems</groupId>
-        <artifactId>diff-lcs</artifactId>
-        <version>1.1.3</version>
+        <artifactId>enforce-ssl</artifactId>
+        <version>0.2.2</version>
         <type>gem</type>
       </dependency>
       <dependency>
         <groupId>rubygems</groupId>
-        <artifactId>enforce-ssl</artifactId>
-        <version>0.2.2</version>
+        <artifactId>ixtlan-generators</artifactId>
+        <version>0.1.2</version>
         <type>gem</type>
       </dependency>
       <dependency>
@@ -427,6 +425,12 @@
         <version>3.7.2</version>
         <type>gem</type>
       </dependency>
+      <dependency>
+        <groupId>rubygems</groupId>
+        <artifactId>pg</artifactId>
+        <version>0.11.0</version>
+        <type>gem</type>
+      </dependency>
       <dependency>
         <groupId>rubygems</groupId>
         <artifactId>rails</artifactId>
@@ -465,32 +469,14 @@
       </dependency>
       <dependency>
         <groupId>rubygems</groupId>
-        <artifactId>rspec</artifactId>
-        <version>2.7.0.rc1</version>
-        <type>gem</type>
-      </dependency>
-      <dependency>
-        <groupId>rubygems</groupId>
-        <artifactId>rspec-core</artifactId>
-        <version>2.7.0.rc1</version>
-        <type>gem</type>
-      </dependency>
-      <dependency>
-        <groupId>rubygems</groupId>
-        <artifactId>rspec-expectations</artifactId>
-        <version>2.7.0.rc1</version>
-        <type>gem</type>
-      </dependency>
-      <dependency>
-        <groupId>rubygems</groupId>
-        <artifactId>rspec-mocks</artifactId>
-        <version>2.7.0.rc1</version>
+        <artifactId>resty-generators</artifactId>
+        <version>0.6.0</version>
         <type>gem</type>
       </dependency>
       <dependency>
         <groupId>rubygems</groupId>
-        <artifactId>rspec-rails</artifactId>
-        <version>2.7.0.rc1</version>
+        <artifactId>sqlite3</artifactId>
+        <version>1.3.4</version>
         <type>gem</type>
       </dependency>
     </dependencies>

diff --git a/src/main/java/org/dhamma/users/client/managed/UsersMenuPanel.java b/src/main/java/org/dhamma/users/client/managed/UsersMenuPanel.java
@@ -5,8 +5,6 @@
 
 import org.dhamma.users.client.models.User;
 
-import com.google.gwt.event.dom.client.ClickEvent;
-import com.google.gwt.event.dom.client.ClickHandler;
 import com.google.gwt.place.shared.PlaceController;
 
 import de.mkristian.gwt.rails.places.RestfulActionEnum;
@@ -18,37 +16,13 @@ public class UsersMenuPanel extends MenuPanel<User> {
 
     @Inject
     UsersMenuPanel(final PlaceController placeController, SessionManager<User> sessionManager){
-        super(sessionManager);
+        super(sessionManager, placeController);
         // TODO profile should move into bread-crumbs
-        addButton("Profile").addClickHandler(new ClickHandler() {
-            public void onClick(ClickEvent event) {
-                placeController.goTo(new org.dhamma.users.client.places.ProfilePlace(RestfulActionEnum.SHOW));
-            }
-        });
-        addButton("Configuration").addClickHandler(new ClickHandler() {
-            public void onClick(ClickEvent event) {
-                placeController.goTo(new org.dhamma.users.client.places.ConfigurationPlace(RestfulActionEnum.SHOW));
-            }
-        });
-        addButton("Applications").addClickHandler(new ClickHandler() {
-            public void onClick(ClickEvent event) {
-                placeController.goTo(new org.dhamma.users.client.places.ApplicationPlace(RestfulActionEnum.INDEX));
-            }
-        });
-        addButton("Remote permissions").addClickHandler(new ClickHandler() {
-            public void onClick(ClickEvent event) {
-                placeController.goTo(new org.dhamma.users.client.places.RemotePermissionPlace(RestfulActionEnum.INDEX));
-            }
-        });
-        addButton("Groups").addClickHandler(new ClickHandler() {
-            public void onClick(ClickEvent event) {
-                placeController.goTo(new org.dhamma.users.client.places.GroupPlace(RestfulActionEnum.INDEX));
-            }
-        });
-        addButton("Users").addClickHandler(new ClickHandler() {
-            public void onClick(ClickEvent event) {
-                placeController.goTo(new org.dhamma.users.client.places.UserPlace(RestfulActionEnum.INDEX));
-            }
-        });
+        addButton("Profile", new org.dhamma.users.client.places.ProfilePlace(RestfulActionEnum.SHOW));
+        addButton("Configuration", new org.dhamma.users.client.places.ConfigurationPlace(RestfulActionEnum.SHOW));
+        addButton("Applications", new org.dhamma.users.client.places.ApplicationPlace(RestfulActionEnum.INDEX));
+        addButton("Remote permissions", new org.dhamma.users.client.places.RemotePermissionPlace(RestfulActionEnum.INDEX));
+        addButton("Groups", new org.dhamma.users.client.places.GroupPlace(RestfulActionEnum.INDEX));
+        addButton("Users", new org.dhamma.users.client.places.UserPlace(RestfulActionEnum.INDEX));
     }
 }