From 56dd1ffe06fa883a18c33fd3d8c56fe68bf08253 Mon Sep 17 00:00:00 2001 From: Dan mi Sun Date: Fri, 21 Mar 2014 11:47:14 +0000 Subject: [PATCH 01/15] add manager_or_admin? --- app/controllers/organizations_controller.rb | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/app/controllers/organizations_controller.rb b/app/controllers/organizations_controller.rb index 0cd339f9..da4ce84d 100644 --- a/app/controllers/organizations_controller.rb +++ b/app/controllers/organizations_controller.rb @@ -1,10 +1,10 @@ class OrganizationsController < ApplicationController skip_before_filter :login_required, :only => [:index, :show, :new, :create] - before_filter :assign_id_param, :resolve_organization_by_id, :except => [ :index, :new, :create ] + before_filter :assign_id_param, :resolve_organization_by_id, :manager_or_admin?, :except => [ :index, :new, :create ] permit "admin", :only => [ :destroy ] - permit "admin or (manager of :organization)", :only => [ :show, :edit, :update ] +# permit "admin or (manager of :organization)", :only => [ :show, :edit, :update ] # GET /organizations # GET /organizations.xml @@ -97,4 +97,7 @@ def resolve_organization_by_id def assign_id_param params[:id] ||= @organization.id if @organization end + def manager_or_admin? + @current_user.organization.id == @organization.id && ( @current_user.roles.first.name == "admin" || @current_user.roles.first.name == "manager") + end end From a26759068e4914d908d9ef257aca1cd22aaa2b4f Mon Sep 17 00:00:00 2001 From: Dan mi Sun Date: Fri, 21 Mar 2014 11:47:14 +0000 Subject: [PATCH 02/15] add manager_or_admin? --- app/controllers/organizations_controller.rb | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/app/controllers/organizations_controller.rb b/app/controllers/organizations_controller.rb index 0cd339f9..da4ce84d 100644 --- a/app/controllers/organizations_controller.rb +++ b/app/controllers/organizations_controller.rb @@ -1,10 +1,10 @@ class OrganizationsController < ApplicationController skip_before_filter :login_required, :only => [:index, :show, :new, :create] - before_filter :assign_id_param, :resolve_organization_by_id, :except => [ :index, :new, :create ] + before_filter :assign_id_param, :resolve_organization_by_id, :manager_or_admin?, :except => [ :index, :new, :create ] permit "admin", :only => [ :destroy ] - permit "admin or (manager of :organization)", :only => [ :show, :edit, :update ] +# permit "admin or (manager of :organization)", :only => [ :show, :edit, :update ] # GET /organizations # GET /organizations.xml @@ -97,4 +97,7 @@ def resolve_organization_by_id def assign_id_param params[:id] ||= @organization.id if @organization end + def manager_or_admin? + @current_user.organization.id == @organization.id && ( @current_user.roles.first.name == "admin" || @current_user.roles.first.name == "manager") + end end From 241a7f246554edf1aeea8fa083e1ec58a3fe1366 Mon Sep 17 00:00:00 2001 From: alex-frost Date: Fri, 21 Mar 2014 13:34:55 +0000 Subject: [PATCH 03/15] re-add permit for now --- app/controllers/organizations_controller.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/controllers/organizations_controller.rb b/app/controllers/organizations_controller.rb index da4ce84d..5b8d473d 100644 --- a/app/controllers/organizations_controller.rb +++ b/app/controllers/organizations_controller.rb @@ -4,7 +4,7 @@ class OrganizationsController < ApplicationController before_filter :assign_id_param, :resolve_organization_by_id, :manager_or_admin?, :except => [ :index, :new, :create ] permit "admin", :only => [ :destroy ] -# permit "admin or (manager of :organization)", :only => [ :show, :edit, :update ] + permit "admin or (manager of :organization)", :only => [ :show, :edit, :update ] # GET /organizations # GET /organizations.xml From 5cf9d0cef1645f3752272f45e0169c7ca5c0809a Mon Sep 17 00:00:00 2001 From: Dan mi Sun Date: Mon, 7 Apr 2014 09:09:21 -0700 Subject: [PATCH 04/15] Fix tests for person_id --- app/controllers/application_controller.rb | 3 + script/log/newrelic_agent.log | 96 +++++++++++++++++++++++ test/unit/visit_test.rb | 4 +- 3 files changed, 101 insertions(+), 2 deletions(-) create mode 100644 script/log/newrelic_agent.log diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 585d5e84..e10c9ccd 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -46,4 +46,7 @@ def date_from_params(params) Date.new params[:year].to_i, params[:month].to_i, params[:day].to_i end + def authorize_manager_or_admin + @current_user.organization.id == @organization.id && ( @current_user.roles.first.name == "admin" || @current_user.roles.first.name == "manager") + end end diff --git a/script/log/newrelic_agent.log b/script/log/newrelic_agent.log new file mode 100644 index 00000000..24557614 --- /dev/null +++ b/script/log/newrelic_agent.log @@ -0,0 +1,96 @@ +# Logfile created on 2014-03-21 10:40:45 +0000 by logger.rb/31641 +[03/21/14 10:40:45 +0000 ruby (4228)] INFO : Starting the New Relic agent in "development" environment. +[03/21/14 10:40:45 +0000 ruby (4228)] INFO : To prevent agent startup add a NEWRELIC_ENABLE=false environment variable or modify the "development" section of your newrelic.yml. +[03/21/14 10:40:45 +0000 ruby (4228)] INFO : Reading configuration from +[03/21/14 10:40:45 +0000 ruby (4228)] ERROR : Unable to read configuration file : Is a directory - /home/user/code/freehub/script +[03/21/14 10:40:45 +0000 ruby (4228)] INFO : Enabling the Request Sampler. +[03/21/14 10:40:45 +0000 ruby (4228)] INFO : Environment: development +[03/21/14 10:40:45 +0000 ruby (4228)] INFO : Dispatcher: webrick +[03/21/14 10:40:45 +0000 ruby (4228)] INFO : Application: development +[03/21/14 10:40:45 +0000 ruby (4228)] WARN : No license key found in newrelic.yml config. This often means your newrelic.yml is missing a section for the running environment 'development' +[03/21/14 10:40:46 +0000 ruby (4228)] INFO : Installing ActiveRecord instrumentation +[03/21/14 10:40:46 +0000 ruby (4228)] INFO : Installing deferred Rack instrumentation +[03/21/14 10:40:46 +0000 ruby (4228)] INFO : Installing Net instrumentation +[03/21/14 10:40:46 +0000 ruby (4228)] INFO : Installing Rails 2.2 - 2.3 View instrumentation +[03/21/14 10:40:46 +0000 ruby (4228)] WARN : Called add_method_tracer from ActionView::RenderablePartial without including the NewRelic::Agent::MethodTracer module. This is deprecated and will stop working in the future. Please see http://docs.newrelic.com/docs/ruby/ruby-custom-metric-collection for examples of correct add_method_tracer usage. +[03/21/14 10:40:46 +0000 ruby (4228)] WARN : Called add_method_tracer from ActionView::Template without including the NewRelic::Agent::MethodTracer module. This is deprecated and will stop working in the future. Please see http://docs.newrelic.com/docs/ruby/ruby-custom-metric-collection for examples of correct add_method_tracer usage. +[03/21/14 10:40:46 +0000 ruby (4228)] INFO : Installing Rails 2 Controller instrumentation +[03/21/14 10:40:46 +0000 ruby (4228)] INFO : Installing Rails 2 Error instrumentation +[03/21/14 10:40:46 +0000 ruby (4228)] INFO : Finished instrumentation +[03/21/14 10:40:47 +0000 ruby (4228)] INFO : Doing deferred dependency-detection before Rack startup +[03/21/14 11:21:31 +0000 ruby (5139)] INFO : Starting the New Relic agent in "development" environment. +[03/21/14 11:21:31 +0000 ruby (5139)] INFO : To prevent agent startup add a NEWRELIC_ENABLE=false environment variable or modify the "development" section of your newrelic.yml. +[03/21/14 11:21:31 +0000 ruby (5139)] INFO : Reading configuration from +[03/21/14 11:21:31 +0000 ruby (5139)] ERROR : Unable to read configuration file : Is a directory - /home/user/code/freehub/script +[03/21/14 11:21:31 +0000 ruby (5139)] INFO : Enabling the Request Sampler. +[03/21/14 11:21:31 +0000 ruby (5139)] INFO : Environment: development +[03/21/14 11:21:31 +0000 ruby (5139)] INFO : Dispatcher: webrick +[03/21/14 11:21:31 +0000 ruby (5139)] INFO : Application: development +[03/21/14 11:21:31 +0000 ruby (5139)] WARN : No license key found in newrelic.yml config. This often means your newrelic.yml is missing a section for the running environment 'development' +[03/21/14 11:21:31 +0000 ruby (5139)] INFO : Installing ActiveRecord instrumentation +[03/21/14 11:21:31 +0000 ruby (5139)] INFO : Installing deferred Rack instrumentation +[03/21/14 11:21:31 +0000 ruby (5139)] INFO : Installing Net instrumentation +[03/21/14 11:21:31 +0000 ruby (5139)] INFO : Installing Rails 2.2 - 2.3 View instrumentation +[03/21/14 11:21:31 +0000 ruby (5139)] WARN : Called add_method_tracer from ActionView::RenderablePartial without including the NewRelic::Agent::MethodTracer module. This is deprecated and will stop working in the future. Please see http://docs.newrelic.com/docs/ruby/ruby-custom-metric-collection for examples of correct add_method_tracer usage. +[03/21/14 11:21:31 +0000 ruby (5139)] WARN : Called add_method_tracer from ActionView::Template without including the NewRelic::Agent::MethodTracer module. This is deprecated and will stop working in the future. Please see http://docs.newrelic.com/docs/ruby/ruby-custom-metric-collection for examples of correct add_method_tracer usage. +[03/21/14 11:21:31 +0000 ruby (5139)] INFO : Installing Rails 2 Controller instrumentation +[03/21/14 11:21:31 +0000 ruby (5139)] INFO : Installing Rails 2 Error instrumentation +[03/21/14 11:21:31 +0000 ruby (5139)] INFO : Finished instrumentation +[03/21/14 11:21:32 +0000 ruby (5139)] INFO : Doing deferred dependency-detection before Rack startup +[03/28/14 07:11:02 +0000 ruby (3740)] INFO : Starting the New Relic agent in "development" environment. +[03/28/14 07:11:02 +0000 ruby (3740)] INFO : To prevent agent startup add a NEWRELIC_ENABLE=false environment variable or modify the "development" section of your newrelic.yml. +[03/28/14 07:11:02 +0000 ruby (3740)] INFO : Reading configuration from +[03/28/14 07:11:02 +0000 ruby (3740)] ERROR : Unable to read configuration file : Is a directory - /home/user/code/freehub/script +[03/28/14 07:11:02 +0000 ruby (3740)] INFO : Enabling the Request Sampler. +[03/28/14 07:11:02 +0000 ruby (3740)] INFO : Environment: development +[03/28/14 07:11:02 +0000 ruby (3740)] INFO : Dispatcher: webrick +[03/28/14 07:11:02 +0000 ruby (3740)] INFO : Application: development +[03/28/14 07:11:02 +0000 ruby (3740)] WARN : No license key found in newrelic.yml config. This often means your newrelic.yml is missing a section for the running environment 'development' +[03/28/14 07:11:03 +0000 ruby (3740)] INFO : Installing ActiveRecord instrumentation +[03/28/14 07:11:03 +0000 ruby (3740)] INFO : Installing deferred Rack instrumentation +[03/28/14 07:11:03 +0000 ruby (3740)] INFO : Installing Net instrumentation +[03/28/14 07:11:03 +0000 ruby (3740)] INFO : Installing Rails 2.2 - 2.3 View instrumentation +[03/28/14 07:11:03 +0000 ruby (3740)] WARN : Called add_method_tracer from ActionView::RenderablePartial without including the NewRelic::Agent::MethodTracer module. This is deprecated and will stop working in the future. Please see http://docs.newrelic.com/docs/ruby/ruby-custom-metric-collection for examples of correct add_method_tracer usage. +[03/28/14 07:11:03 +0000 ruby (3740)] WARN : Called add_method_tracer from ActionView::Template without including the NewRelic::Agent::MethodTracer module. This is deprecated and will stop working in the future. Please see http://docs.newrelic.com/docs/ruby/ruby-custom-metric-collection for examples of correct add_method_tracer usage. +[03/28/14 07:11:03 +0000 ruby (3740)] INFO : Installing Rails 2 Controller instrumentation +[03/28/14 07:11:03 +0000 ruby (3740)] INFO : Installing Rails 2 Error instrumentation +[03/28/14 07:11:03 +0000 ruby (3740)] INFO : Finished instrumentation +[03/28/14 07:11:04 +0000 ruby (3740)] INFO : Doing deferred dependency-detection before Rack startup +[03/28/14 08:56:43 +0000 ruby (6100)] INFO : Starting the New Relic agent in "development" environment. +[03/28/14 08:56:43 +0000 ruby (6100)] INFO : To prevent agent startup add a NEWRELIC_ENABLE=false environment variable or modify the "development" section of your newrelic.yml. +[03/28/14 08:56:43 +0000 ruby (6100)] INFO : Reading configuration from +[03/28/14 08:56:43 +0000 ruby (6100)] ERROR : Unable to read configuration file : Is a directory - /home/user/code/freehub/script +[03/28/14 08:56:43 +0000 ruby (6100)] INFO : Enabling the Request Sampler. +[03/28/14 08:56:43 +0000 ruby (6100)] INFO : Environment: development +[03/28/14 08:56:43 +0000 ruby (6100)] INFO : Dispatcher: webrick +[03/28/14 08:56:43 +0000 ruby (6100)] INFO : Application: development +[03/28/14 08:56:43 +0000 ruby (6100)] WARN : No license key found in newrelic.yml config. This often means your newrelic.yml is missing a section for the running environment 'development' +[03/28/14 08:56:43 +0000 ruby (6100)] INFO : Installing ActiveRecord instrumentation +[03/28/14 08:56:43 +0000 ruby (6100)] INFO : Installing deferred Rack instrumentation +[03/28/14 08:56:43 +0000 ruby (6100)] INFO : Installing Net instrumentation +[03/28/14 08:56:43 +0000 ruby (6100)] INFO : Installing Rails 2.2 - 2.3 View instrumentation +[03/28/14 08:56:43 +0000 ruby (6100)] WARN : Called add_method_tracer from ActionView::RenderablePartial without including the NewRelic::Agent::MethodTracer module. This is deprecated and will stop working in the future. Please see http://docs.newrelic.com/docs/ruby/ruby-custom-metric-collection for examples of correct add_method_tracer usage. +[03/28/14 08:56:43 +0000 ruby (6100)] WARN : Called add_method_tracer from ActionView::Template without including the NewRelic::Agent::MethodTracer module. This is deprecated and will stop working in the future. Please see http://docs.newrelic.com/docs/ruby/ruby-custom-metric-collection for examples of correct add_method_tracer usage. +[03/28/14 08:56:43 +0000 ruby (6100)] INFO : Installing Rails 2 Controller instrumentation +[03/28/14 08:56:43 +0000 ruby (6100)] INFO : Installing Rails 2 Error instrumentation +[03/28/14 08:56:43 +0000 ruby (6100)] INFO : Finished instrumentation +[03/28/14 08:56:44 +0000 ruby (6100)] INFO : Doing deferred dependency-detection before Rack startup +[03/28/14 10:52:24 +0000 ruby (7003)] INFO : Starting the New Relic agent in "development" environment. +[03/28/14 10:52:24 +0000 ruby (7003)] INFO : To prevent agent startup add a NEWRELIC_ENABLE=false environment variable or modify the "development" section of your newrelic.yml. +[03/28/14 10:52:24 +0000 ruby (7003)] INFO : Reading configuration from +[03/28/14 10:52:24 +0000 ruby (7003)] ERROR : Unable to read configuration file : Is a directory - /home/user/code/freehub/script +[03/28/14 10:52:24 +0000 ruby (7003)] INFO : Enabling the Request Sampler. +[03/28/14 10:52:24 +0000 ruby (7003)] INFO : Environment: development +[03/28/14 10:52:24 +0000 ruby (7003)] INFO : Dispatcher: webrick +[03/28/14 10:52:24 +0000 ruby (7003)] INFO : Application: development +[03/28/14 10:52:24 +0000 ruby (7003)] WARN : No license key found in newrelic.yml config. This often means your newrelic.yml is missing a section for the running environment 'development' +[03/28/14 10:52:25 +0000 ruby (7003)] INFO : Installing ActiveRecord instrumentation +[03/28/14 10:52:25 +0000 ruby (7003)] INFO : Installing deferred Rack instrumentation +[03/28/14 10:52:25 +0000 ruby (7003)] INFO : Installing Net instrumentation +[03/28/14 10:52:25 +0000 ruby (7003)] INFO : Installing Rails 2.2 - 2.3 View instrumentation +[03/28/14 10:52:25 +0000 ruby (7003)] WARN : Called add_method_tracer from ActionView::RenderablePartial without including the NewRelic::Agent::MethodTracer module. This is deprecated and will stop working in the future. Please see http://docs.newrelic.com/docs/ruby/ruby-custom-metric-collection for examples of correct add_method_tracer usage. +[03/28/14 10:52:25 +0000 ruby (7003)] WARN : Called add_method_tracer from ActionView::Template without including the NewRelic::Agent::MethodTracer module. This is deprecated and will stop working in the future. Please see http://docs.newrelic.com/docs/ruby/ruby-custom-metric-collection for examples of correct add_method_tracer usage. +[03/28/14 10:52:25 +0000 ruby (7003)] INFO : Installing Rails 2 Controller instrumentation +[03/28/14 10:52:25 +0000 ruby (7003)] INFO : Installing Rails 2 Error instrumentation +[03/28/14 10:52:25 +0000 ruby (7003)] INFO : Finished instrumentation +[03/28/14 10:52:26 +0000 ruby (7003)] INFO : Doing deferred dependency-detection before Rack startup diff --git a/test/unit/visit_test.rb b/test/unit/visit_test.rb index 526312e7..5e1e14bd 100644 --- a/test/unit/visit_test.rb +++ b/test/unit/visit_test.rb @@ -34,11 +34,11 @@ def test_chain_finders end def test_to_csv - assert_match /^Mary,Member,mary@example.com,false,415 123-1234,95105,2007-02-01 10:01,false,true,false,Mary.+/, visits(:mary_1).to_csv + assert_match /^365790011,Mary,Member,mary@example.com,false,415 123-1234,95105,2007-02-01 10:01,false,true,false,Mary.+/, visits(:mary_1).to_csv end def test_csv_header - assert_equal "first_name,last_name,email,email_opt_out,phone,postal_code,arrived_at,staff,member,volunteer,note\n", Visit.csv_header + assert_equal "person_id,first_name,last_name,email,email_opt_out,phone,postal_code,arrived_at,staff,member,volunteer,note\n", Visit.csv_header end def test_create_defaults From e93ceac3b44a585dbe695d5ac684a0f19ff2b181 Mon Sep 17 00:00:00 2001 From: Dan mi Sun Date: Mon, 7 Apr 2014 10:26:11 -0700 Subject: [PATCH 05/15] remove authorization plugin add authorization method --- app/controllers/application_controller.rb | 29 +++++++++++++++++++-- app/controllers/notes_controller.rb | 2 +- app/controllers/organizations_controller.rb | 9 ++----- app/controllers/people_controller.rb | 2 +- app/controllers/reports_controller.rb | 2 +- app/controllers/services_controller.rb | 2 +- app/controllers/taggings_controller.rb | 3 ++- app/controllers/tags_controller.rb | 2 +- app/controllers/users_controller.rb | 4 +-- app/controllers/visits_controller.rb | 2 +- 10 files changed, 39 insertions(+), 18 deletions(-) diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index e10c9ccd..c7c243df 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -46,7 +46,32 @@ def date_from_params(params) Date.new params[:year].to_i, params[:month].to_i, params[:day].to_i end - def authorize_manager_or_admin - @current_user.organization.id == @organization.id && ( @current_user.roles.first.name == "admin" || @current_user.roles.first.name == "manager") + def user_is_admin_or_manager? + is_user_in_organization? && ( @current_user.roles.first.name == "admin" || @current_user.roles.first.name == "manager") + end + + def authorize_admin_or_manager + redirect_unauthrized unless user_is_admin_or_manager? + end + + def redirect_unauthrized + redirect_to({ :controller => 'sessions', :action => 'new' }) + end + + def authorize_admin + redirect_unauthrized unless user_is_admin? + end + + def user_is_admin? + is_user_in_organization? && @current_user.roles.first.name == "admin" + end + + def is_user_in_organization? + user_organization = @current_user.organization + if user_organization.nil? || @organization.nil? + return false + end + @current_user.organization.id == @organization.id end end + diff --git a/app/controllers/notes_controller.rb b/app/controllers/notes_controller.rb index 1a088018..2f05c03e 100644 --- a/app/controllers/notes_controller.rb +++ b/app/controllers/notes_controller.rb @@ -1,6 +1,6 @@ class NotesController < ApplicationController - permit "admin or (manager of :organization)" + before_filter :authorize_admin_or_manager # GET /notes # GET /notes.xml diff --git a/app/controllers/organizations_controller.rb b/app/controllers/organizations_controller.rb index da4ce84d..45b2e52c 100644 --- a/app/controllers/organizations_controller.rb +++ b/app/controllers/organizations_controller.rb @@ -1,11 +1,9 @@ class OrganizationsController < ApplicationController skip_before_filter :login_required, :only => [:index, :show, :new, :create] - before_filter :assign_id_param, :resolve_organization_by_id, :manager_or_admin?, :except => [ :index, :new, :create ] + before_filter :assign_id_param, :resolve_organization_by_id, :authorize_admin_or_manager, :except => [ :index, :new, :create ] + before_filter :authorize_admin, :only => [ :destory ] - permit "admin", :only => [ :destroy ] -# permit "admin or (manager of :organization)", :only => [ :show, :edit, :update ] - # GET /organizations # GET /organizations.xml def index @@ -97,7 +95,4 @@ def resolve_organization_by_id def assign_id_param params[:id] ||= @organization.id if @organization end - def manager_or_admin? - @current_user.organization.id == @organization.id && ( @current_user.roles.first.name == "admin" || @current_user.roles.first.name == "manager") - end end diff --git a/app/controllers/people_controller.rb b/app/controllers/people_controller.rb index 4059cee8..dd011736 100644 --- a/app/controllers/people_controller.rb +++ b/app/controllers/people_controller.rb @@ -1,6 +1,6 @@ class PeopleController < ApplicationController - permit "admin or (manager of :organization)" + before_filter :authorize_admin_or_manager # GET /people/1 # GET /people/1.xml diff --git a/app/controllers/reports_controller.rb b/app/controllers/reports_controller.rb index ee49ea14..a1053082 100644 --- a/app/controllers/reports_controller.rb +++ b/app/controllers/reports_controller.rb @@ -2,7 +2,7 @@ class ReportsController < ApplicationController - permit "admin or (manager of :organization)" + before_filter :authorize_admin_or_manager def index end diff --git a/app/controllers/services_controller.rb b/app/controllers/services_controller.rb index 69dcde3a..772363dc 100644 --- a/app/controllers/services_controller.rb +++ b/app/controllers/services_controller.rb @@ -1,6 +1,6 @@ class ServicesController < ApplicationController - permit "admin or (manager of :organization)" + before_filter :authorize_admin_or_manager # GET /services # GET /services.xml diff --git a/app/controllers/taggings_controller.rb b/app/controllers/taggings_controller.rb index 3495bf0d..d8bace44 100644 --- a/app/controllers/taggings_controller.rb +++ b/app/controllers/taggings_controller.rb @@ -1,5 +1,6 @@ class TaggingsController < ApplicationController - permit "admin or (manager of :organization)" + + before_filter :authorize_admin_or_manager def create @person.tag_list << params[:id] diff --git a/app/controllers/tags_controller.rb b/app/controllers/tags_controller.rb index a6eb77bc..6004736e 100644 --- a/app/controllers/tags_controller.rb +++ b/app/controllers/tags_controller.rb @@ -1,6 +1,6 @@ class TagsController < ApplicationController - permit "admin or (manager of :organization)" + before_filter :authorize_admin_or_manager def show @tag = ActsAsTaggableOn::Tag.find(params[:id]) diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb index f2eafd91..e9ef183a 100644 --- a/app/controllers/users_controller.rb +++ b/app/controllers/users_controller.rb @@ -3,8 +3,8 @@ class UsersController < ApplicationController before_filter :resolve_user_by_id skip_before_filter :login_from_cookie, :login_required, :only => [:new, :create, :activate, :reset, :forgot] - permit "admin", :only => [:index] - permit "admin or (owner of :user)", :only => [:edit, :update, :destroy] + before_filter :authorize_admin, :only => [:index] + before_filter :authorize_admin_or_manager, :only => [:edit, :update, :destroy] # render new.rhtml def new diff --git a/app/controllers/visits_controller.rb b/app/controllers/visits_controller.rb index 8e867ec4..113d0702 100644 --- a/app/controllers/visits_controller.rb +++ b/app/controllers/visits_controller.rb @@ -1,6 +1,6 @@ class VisitsController < ApplicationController - permit "admin or (manager of :organization)" + before_filter :authorize_admin_or_manager # GET /visits # GET /visits.xml From 14369756b9f1d9f54386a14e89948fd7387e94b2 Mon Sep 17 00:00:00 2001 From: alex-frost Date: Sat, 12 Apr 2014 11:53:01 -0700 Subject: [PATCH 06/15] admin doesn't need to be in organization --- app/controllers/application_controller.rb | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index c7c243df..950f77ec 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -47,31 +47,31 @@ def date_from_params(params) end def user_is_admin_or_manager? - is_user_in_organization? && ( @current_user.roles.first.name == "admin" || @current_user.roles.first.name == "manager") + user_is_admin? || (is_user_in_organization? && @current_user.roles.first.name == "manager") end def authorize_admin_or_manager - redirect_unauthrized unless user_is_admin_or_manager? + redirect_unauthrized unless user_is_admin_or_manager? end def redirect_unauthrized redirect_to({ :controller => 'sessions', :action => 'new' }) end - + def authorize_admin redirect_unauthrized unless user_is_admin? end def user_is_admin? - is_user_in_organization? && @current_user.roles.first.name == "admin" + @current_user.roles.first.name == "admin" end - + def is_user_in_organization? user_organization = @current_user.organization if user_organization.nil? || @organization.nil? return false - end - @current_user.organization.id == @organization.id + end + @current_user.organization.id == @organization.id end end From 3f0a0432e0678e665c6cfa2b4bdeb1335c5d5596 Mon Sep 17 00:00:00 2001 From: alex-frost Date: Sat, 12 Apr 2014 14:23:19 -0700 Subject: [PATCH 07/15] move methods from application_controller to application_helper --- app/controllers/application_controller.rb | 23 ++++------------------- app/helpers/application_helper.rb | 20 ++++++++++++++++++++ 2 files changed, 24 insertions(+), 19 deletions(-) diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 950f77ec..c7c4166a 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -22,6 +22,7 @@ class ApplicationController < ActionController::Base # Timezone of the organization or default before_filter :set_timezone + private def resolve_organization @@ -46,32 +47,16 @@ def date_from_params(params) Date.new params[:year].to_i, params[:month].to_i, params[:day].to_i end - def user_is_admin_or_manager? - user_is_admin? || (is_user_in_organization? && @current_user.roles.first.name == "manager") - end - def authorize_admin_or_manager - redirect_unauthrized unless user_is_admin_or_manager? - end - - def redirect_unauthrized - redirect_to({ :controller => 'sessions', :action => 'new' }) + redirect_unauthrized unless user_is_admin? || user_is_manager? end def authorize_admin redirect_unauthrized unless user_is_admin? end - def user_is_admin? - @current_user.roles.first.name == "admin" - end - def is_user_in_organization? - user_organization = @current_user.organization - if user_organization.nil? || @organization.nil? - return false - end - @current_user.organization.id == @organization.id + def redirect_unauthrized + redirect_to({ :controller => 'sessions', :action => 'new' }) end end - diff --git a/app/helpers/application_helper.rb b/app/helpers/application_helper.rb index ac1ff377..3cd4b09e 100644 --- a/app/helpers/application_helper.rb +++ b/app/helpers/application_helper.rb @@ -64,4 +64,24 @@ def labeled_value(label_value, value) ).render(self, :label_value => label_value, :value => value) end + def user_is_manager? + is_user_in_organization? && @current_user.roles.first.name == "manager" + end + + def user_is_admin? + if @current_user && @current_user != :false + @current_user.roles.first.name == "admin" + end + end + + def is_user_in_organization? + user_organization = @current_user.organization + + if user_organization.nil? || @organization.nil? + return false + end + + user_organization.id == @organization.id + end + end From ef8593ca85c8adb77a95e14cdf5bbb33a4c214c1 Mon Sep 17 00:00:00 2001 From: alex-frost Date: Sat, 12 Apr 2014 14:23:59 -0700 Subject: [PATCH 08/15] stop using authrization plugin in views --- app/views/layouts/application.html.haml | 2 +- app/views/organizations/index.html.haml | 2 +- app/views/users/show.html.haml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/app/views/layouts/application.html.haml b/app/views/layouts/application.html.haml index 725da9f1..8bb0f596 100644 --- a/app/views/layouts/application.html.haml +++ b/app/views/layouts/application.html.haml @@ -37,7 +37,7 @@ = tab_item('Home', organization_path(@organization)) = tab_item('Visits', today_visits_path(:organization_key => @organization.key)) = tab_item('Reports', report_path(:action => 'index', :organization_key => @organization.key)) - -if permit? "admin or (manager of :organization)" + -if user_is_manager? || user_is_admin? =tab_item('Settings', edit_organization_path(@organization)) -else =tab_item('Home', root_path) diff --git a/app/views/organizations/index.html.haml b/app/views/organizations/index.html.haml index 94aa01da..c78f509c 100644 --- a/app/views/organizations/index.html.haml +++ b/app/views/organizations/index.html.haml @@ -65,5 +65,5 @@ %br -if organization.member_count > 9 = "#{organization.member_count} members" - -if permit? 'admin' + -if user_is_admin? %td= link_to 'Remove', organization, :confirm => 'Are you sure?', :method => :delete diff --git a/app/views/users/show.html.haml b/app/views/users/show.html.haml index 4ac57085..95ef2b70 100644 --- a/app/views/users/show.html.haml +++ b/app/views/users/show.html.haml @@ -4,6 +4,6 @@ =labeled_value 'Email', @user.email =labeled_value 'Login', @user.login =labeled_value 'Activated at', @user.activated_at.nil? ? 'Not yet activated' : datetime_long(@user.activated_at) --if permit?('owner of :user') +-if user_is_manager? =link_to 'Edit', edit_user_path(@user) From 7b98e9e42aac277e22f32d2fc1a9490bcc1a8aeb Mon Sep 17 00:00:00 2001 From: alex-frost Date: Sat, 12 Apr 2014 14:26:11 -0700 Subject: [PATCH 09/15] fix filters NOTE not using owner role, is this correct? --- app/controllers/organizations_controller.rb | 4 +++- app/controllers/taggings_controller.rb | 1 - 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/app/controllers/organizations_controller.rb b/app/controllers/organizations_controller.rb index 45b2e52c..aa781621 100644 --- a/app/controllers/organizations_controller.rb +++ b/app/controllers/organizations_controller.rb @@ -1,7 +1,9 @@ class OrganizationsController < ApplicationController skip_before_filter :login_required, :only => [:index, :show, :new, :create] - before_filter :assign_id_param, :resolve_organization_by_id, :authorize_admin_or_manager, :except => [ :index, :new, :create ] + before_filter :assign_id_param, :resolve_organization_by_id, :except => [ :index, :new, :create ] + + before_filter :authorize_admin_or_manager, :only => [ :show, :edit, :update ] before_filter :authorize_admin, :only => [ :destory ] # GET /organizations diff --git a/app/controllers/taggings_controller.rb b/app/controllers/taggings_controller.rb index d8bace44..d9157409 100644 --- a/app/controllers/taggings_controller.rb +++ b/app/controllers/taggings_controller.rb @@ -1,5 +1,4 @@ class TaggingsController < ApplicationController - before_filter :authorize_admin_or_manager def create From 0fe75b38b940c95d7fbd3bf77e64a0c2ffa6a60e Mon Sep 17 00:00:00 2001 From: alex-frost Date: Sat, 12 Apr 2014 14:27:14 -0700 Subject: [PATCH 10/15] stop using authorization plugin when creating organization --- app/controllers/organizations_controller.rb | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/app/controllers/organizations_controller.rb b/app/controllers/organizations_controller.rb index aa781621..792bbd42 100644 --- a/app/controllers/organizations_controller.rb +++ b/app/controllers/organizations_controller.rb @@ -49,7 +49,8 @@ def create respond_to do |format| if @organization.valid? && @user.valid? && @organization.save && @user.save - @user.has_role 'manager', @organization + role = Role.create( :name => 'manager', :authorizable => @organization ) + @user.roles << role if role and not @user.roles.exists?( role.id ) self.current_user = @user flash[:notice] = 'Organization was successfully created.' format.html { redirect_to @organization } From 958f32b44d12d0289e2b7638bedb39edcf5ed024 Mon Sep 17 00:00:00 2001 From: alex-frost Date: Sat, 12 Apr 2014 14:28:46 -0700 Subject: [PATCH 11/15] remove authrization plugin from models --- app/models/organization.rb | 5 ++--- app/models/user.rb | 12 +++++++++--- 2 files changed, 11 insertions(+), 6 deletions(-) diff --git a/app/models/organization.rb b/app/models/organization.rb index 4282a223..773b416f 100644 --- a/app/models/organization.rb +++ b/app/models/organization.rb @@ -14,6 +14,7 @@ class Organization < ActiveRecord::Base has_many :people, :dependent => :destroy + has_many :accepted_roles, :as => :authorizable, :class_name => 'Role' validates_presence_of :name, :key, :timezone validates_length_of :name, :within => 3..40, :unless => proc { |organization| organization.errors.on :name } @@ -22,8 +23,6 @@ class Organization < ActiveRecord::Base validates_format_of :key, :with => /\A\w+\Z/i, :unless => proc { |organization| organization.errors.on :key } validate :validate_timezone - acts_as_authorizable - def initialize(attributes=nil) super(attributes) self[:timezone] ||= 'Pacific Time (US & Canada)' @@ -71,4 +70,4 @@ def validate_timezone errors.add :timezone if !@timezone_names.include?(self.timezone) end end -end \ No newline at end of file +end diff --git a/app/models/user.rb b/app/models/user.rb index c46bb029..ee87c555 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -25,8 +25,7 @@ class User < ActiveRecord::Base # Authenticated user cattr_accessor :current_user - # Authorization plugin - acts_as_authorized_user + has_and_belongs_to_many :roles def accepts_role?(role, user) 'owner' == role && self == user @@ -138,7 +137,14 @@ def forget_me end def organization - @organization ||= self.is_manager_for_what.first + @organization ||= is_manager_for_what + end + + def is_manager_for_what + role = roles.find_all_by_name("manager").first + if role + role.authorizable + end end protected From ee20f7e4be92a1554e02071f06a01450aae7fea1 Mon Sep 17 00:00:00 2001 From: alex-frost Date: Sat, 12 Apr 2014 14:29:27 -0700 Subject: [PATCH 12/15] remove authorization plugin from tests --- test/functional/organizations_controller_test.rb | 2 +- test/unit/role_test.rb | 15 ++++++++++----- 2 files changed, 11 insertions(+), 6 deletions(-) diff --git a/test/functional/organizations_controller_test.rb b/test/functional/organizations_controller_test.rb index 3fc5e945..0aa44a3d 100644 --- a/test/functional/organizations_controller_test.rb +++ b/test/functional/organizations_controller_test.rb @@ -27,7 +27,7 @@ def test_should_create_organization assert assigns(:organization) assert assigns(:user) - assert assigns(:user).is_manager_of?(assigns(:organization)) + assert_equal assigns(:user).roles.first.authorizable, assigns(:organization) assert_redirected_to '/dbc' end diff --git a/test/unit/role_test.rb b/test/unit/role_test.rb index c552c6fb..a38010db 100644 --- a/test/unit/role_test.rb +++ b/test/unit/role_test.rb @@ -1,16 +1,21 @@ require 'test_helper' class RoleTest < ActiveSupport::TestCase + include ApplicationHelper def test_admin_role - assert users(:admin).is_admin? - assert !users(:sfbk).is_admin? + @current_user = users(:admin) + assert user_is_admin? + @current_user = users(:sfbk) + assert !user_is_admin? end def test_manager_role - assert users(:sfbk).is_manager? - assert users(:sfbk).is_manager_of?(organizations(:sfbk)) - assert !users(:sfbk).is_manager_of?(organizations(:scbc)) + @current_user = users(:sfbk) + @organization = organizations(:sfbk) + assert user_is_manager? + @current_user = users(:scbc) + assert !user_is_manager? end end From 706c086a1bffc691d99172b4a556ee9a4a021da3 Mon Sep 17 00:00:00 2001 From: alex-frost Date: Sat, 12 Apr 2014 14:42:49 -0700 Subject: [PATCH 13/15] remove authorization plugin from Gemfile --- Gemfile | 1 - Gemfile.lock | 7 ------- 2 files changed, 8 deletions(-) diff --git a/Gemfile b/Gemfile index e1726a76..e32414c4 100644 --- a/Gemfile +++ b/Gemfile @@ -2,7 +2,6 @@ source 'https://rubygems.org' gem "rails", "2.3.17" gem "mysql" -gem "authorization", github: "asalant/rails-authorization-plugin" gem 'json', '1.7.7' # (CVE-2013-026) Can remove once rails depends on > 1.7.6 gem 'haml', "3.0.25" gem 'googlecharts', "1.6.0" diff --git a/Gemfile.lock b/Gemfile.lock index 9ea748b9..a0ed8fda 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -1,9 +1,3 @@ -GIT - remote: git://github.com/asalant/rails-authorization-plugin.git - revision: 505bd47addf2ef5e3b5d98a7ea8d1352c2aa4ee6 - specs: - authorization (1.0.12) - GEM remote: https://rubygems.org/ specs: @@ -58,7 +52,6 @@ PLATFORMS DEPENDENCIES acts-as-taggable-on (= 2.0.6) annotate - authorization! calendar_date_select (= 1.16.1) debugger googlecharts (= 1.6.0) From f7ae5e37175298c2a2585f397b25fb3dc2115171 Mon Sep 17 00:00:00 2001 From: alex-frost Date: Sat, 12 Apr 2014 14:46:02 -0700 Subject: [PATCH 14/15] rm log --- .gitignore | 3 +- script/log/newrelic_agent.log | 96 ----------------------------------- 2 files changed, 2 insertions(+), 97 deletions(-) delete mode 100644 script/log/newrelic_agent.log diff --git a/.gitignore b/.gitignore index 154182a3..4686914b 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,4 @@ tmp/ .idea -*.iml \ No newline at end of file +*.iml +script/log/ diff --git a/script/log/newrelic_agent.log b/script/log/newrelic_agent.log deleted file mode 100644 index 24557614..00000000 --- a/script/log/newrelic_agent.log +++ /dev/null @@ -1,96 +0,0 @@ -# Logfile created on 2014-03-21 10:40:45 +0000 by logger.rb/31641 -[03/21/14 10:40:45 +0000 ruby (4228)] INFO : Starting the New Relic agent in "development" environment. -[03/21/14 10:40:45 +0000 ruby (4228)] INFO : To prevent agent startup add a NEWRELIC_ENABLE=false environment variable or modify the "development" section of your newrelic.yml. -[03/21/14 10:40:45 +0000 ruby (4228)] INFO : Reading configuration from -[03/21/14 10:40:45 +0000 ruby (4228)] ERROR : Unable to read configuration file : Is a directory - /home/user/code/freehub/script -[03/21/14 10:40:45 +0000 ruby (4228)] INFO : Enabling the Request Sampler. -[03/21/14 10:40:45 +0000 ruby (4228)] INFO : Environment: development -[03/21/14 10:40:45 +0000 ruby (4228)] INFO : Dispatcher: webrick -[03/21/14 10:40:45 +0000 ruby (4228)] INFO : Application: development -[03/21/14 10:40:45 +0000 ruby (4228)] WARN : No license key found in newrelic.yml config. This often means your newrelic.yml is missing a section for the running environment 'development' -[03/21/14 10:40:46 +0000 ruby (4228)] INFO : Installing ActiveRecord instrumentation -[03/21/14 10:40:46 +0000 ruby (4228)] INFO : Installing deferred Rack instrumentation -[03/21/14 10:40:46 +0000 ruby (4228)] INFO : Installing Net instrumentation -[03/21/14 10:40:46 +0000 ruby (4228)] INFO : Installing Rails 2.2 - 2.3 View instrumentation -[03/21/14 10:40:46 +0000 ruby (4228)] WARN : Called add_method_tracer from ActionView::RenderablePartial without including the NewRelic::Agent::MethodTracer module. This is deprecated and will stop working in the future. Please see http://docs.newrelic.com/docs/ruby/ruby-custom-metric-collection for examples of correct add_method_tracer usage. -[03/21/14 10:40:46 +0000 ruby (4228)] WARN : Called add_method_tracer from ActionView::Template without including the NewRelic::Agent::MethodTracer module. This is deprecated and will stop working in the future. Please see http://docs.newrelic.com/docs/ruby/ruby-custom-metric-collection for examples of correct add_method_tracer usage. -[03/21/14 10:40:46 +0000 ruby (4228)] INFO : Installing Rails 2 Controller instrumentation -[03/21/14 10:40:46 +0000 ruby (4228)] INFO : Installing Rails 2 Error instrumentation -[03/21/14 10:40:46 +0000 ruby (4228)] INFO : Finished instrumentation -[03/21/14 10:40:47 +0000 ruby (4228)] INFO : Doing deferred dependency-detection before Rack startup -[03/21/14 11:21:31 +0000 ruby (5139)] INFO : Starting the New Relic agent in "development" environment. -[03/21/14 11:21:31 +0000 ruby (5139)] INFO : To prevent agent startup add a NEWRELIC_ENABLE=false environment variable or modify the "development" section of your newrelic.yml. -[03/21/14 11:21:31 +0000 ruby (5139)] INFO : Reading configuration from -[03/21/14 11:21:31 +0000 ruby (5139)] ERROR : Unable to read configuration file : Is a directory - /home/user/code/freehub/script -[03/21/14 11:21:31 +0000 ruby (5139)] INFO : Enabling the Request Sampler. -[03/21/14 11:21:31 +0000 ruby (5139)] INFO : Environment: development -[03/21/14 11:21:31 +0000 ruby (5139)] INFO : Dispatcher: webrick -[03/21/14 11:21:31 +0000 ruby (5139)] INFO : Application: development -[03/21/14 11:21:31 +0000 ruby (5139)] WARN : No license key found in newrelic.yml config. This often means your newrelic.yml is missing a section for the running environment 'development' -[03/21/14 11:21:31 +0000 ruby (5139)] INFO : Installing ActiveRecord instrumentation -[03/21/14 11:21:31 +0000 ruby (5139)] INFO : Installing deferred Rack instrumentation -[03/21/14 11:21:31 +0000 ruby (5139)] INFO : Installing Net instrumentation -[03/21/14 11:21:31 +0000 ruby (5139)] INFO : Installing Rails 2.2 - 2.3 View instrumentation -[03/21/14 11:21:31 +0000 ruby (5139)] WARN : Called add_method_tracer from ActionView::RenderablePartial without including the NewRelic::Agent::MethodTracer module. This is deprecated and will stop working in the future. Please see http://docs.newrelic.com/docs/ruby/ruby-custom-metric-collection for examples of correct add_method_tracer usage. -[03/21/14 11:21:31 +0000 ruby (5139)] WARN : Called add_method_tracer from ActionView::Template without including the NewRelic::Agent::MethodTracer module. This is deprecated and will stop working in the future. Please see http://docs.newrelic.com/docs/ruby/ruby-custom-metric-collection for examples of correct add_method_tracer usage. -[03/21/14 11:21:31 +0000 ruby (5139)] INFO : Installing Rails 2 Controller instrumentation -[03/21/14 11:21:31 +0000 ruby (5139)] INFO : Installing Rails 2 Error instrumentation -[03/21/14 11:21:31 +0000 ruby (5139)] INFO : Finished instrumentation -[03/21/14 11:21:32 +0000 ruby (5139)] INFO : Doing deferred dependency-detection before Rack startup -[03/28/14 07:11:02 +0000 ruby (3740)] INFO : Starting the New Relic agent in "development" environment. -[03/28/14 07:11:02 +0000 ruby (3740)] INFO : To prevent agent startup add a NEWRELIC_ENABLE=false environment variable or modify the "development" section of your newrelic.yml. -[03/28/14 07:11:02 +0000 ruby (3740)] INFO : Reading configuration from -[03/28/14 07:11:02 +0000 ruby (3740)] ERROR : Unable to read configuration file : Is a directory - /home/user/code/freehub/script -[03/28/14 07:11:02 +0000 ruby (3740)] INFO : Enabling the Request Sampler. -[03/28/14 07:11:02 +0000 ruby (3740)] INFO : Environment: development -[03/28/14 07:11:02 +0000 ruby (3740)] INFO : Dispatcher: webrick -[03/28/14 07:11:02 +0000 ruby (3740)] INFO : Application: development -[03/28/14 07:11:02 +0000 ruby (3740)] WARN : No license key found in newrelic.yml config. This often means your newrelic.yml is missing a section for the running environment 'development' -[03/28/14 07:11:03 +0000 ruby (3740)] INFO : Installing ActiveRecord instrumentation -[03/28/14 07:11:03 +0000 ruby (3740)] INFO : Installing deferred Rack instrumentation -[03/28/14 07:11:03 +0000 ruby (3740)] INFO : Installing Net instrumentation -[03/28/14 07:11:03 +0000 ruby (3740)] INFO : Installing Rails 2.2 - 2.3 View instrumentation -[03/28/14 07:11:03 +0000 ruby (3740)] WARN : Called add_method_tracer from ActionView::RenderablePartial without including the NewRelic::Agent::MethodTracer module. This is deprecated and will stop working in the future. Please see http://docs.newrelic.com/docs/ruby/ruby-custom-metric-collection for examples of correct add_method_tracer usage. -[03/28/14 07:11:03 +0000 ruby (3740)] WARN : Called add_method_tracer from ActionView::Template without including the NewRelic::Agent::MethodTracer module. This is deprecated and will stop working in the future. Please see http://docs.newrelic.com/docs/ruby/ruby-custom-metric-collection for examples of correct add_method_tracer usage. -[03/28/14 07:11:03 +0000 ruby (3740)] INFO : Installing Rails 2 Controller instrumentation -[03/28/14 07:11:03 +0000 ruby (3740)] INFO : Installing Rails 2 Error instrumentation -[03/28/14 07:11:03 +0000 ruby (3740)] INFO : Finished instrumentation -[03/28/14 07:11:04 +0000 ruby (3740)] INFO : Doing deferred dependency-detection before Rack startup -[03/28/14 08:56:43 +0000 ruby (6100)] INFO : Starting the New Relic agent in "development" environment. -[03/28/14 08:56:43 +0000 ruby (6100)] INFO : To prevent agent startup add a NEWRELIC_ENABLE=false environment variable or modify the "development" section of your newrelic.yml. -[03/28/14 08:56:43 +0000 ruby (6100)] INFO : Reading configuration from -[03/28/14 08:56:43 +0000 ruby (6100)] ERROR : Unable to read configuration file : Is a directory - /home/user/code/freehub/script -[03/28/14 08:56:43 +0000 ruby (6100)] INFO : Enabling the Request Sampler. -[03/28/14 08:56:43 +0000 ruby (6100)] INFO : Environment: development -[03/28/14 08:56:43 +0000 ruby (6100)] INFO : Dispatcher: webrick -[03/28/14 08:56:43 +0000 ruby (6100)] INFO : Application: development -[03/28/14 08:56:43 +0000 ruby (6100)] WARN : No license key found in newrelic.yml config. This often means your newrelic.yml is missing a section for the running environment 'development' -[03/28/14 08:56:43 +0000 ruby (6100)] INFO : Installing ActiveRecord instrumentation -[03/28/14 08:56:43 +0000 ruby (6100)] INFO : Installing deferred Rack instrumentation -[03/28/14 08:56:43 +0000 ruby (6100)] INFO : Installing Net instrumentation -[03/28/14 08:56:43 +0000 ruby (6100)] INFO : Installing Rails 2.2 - 2.3 View instrumentation -[03/28/14 08:56:43 +0000 ruby (6100)] WARN : Called add_method_tracer from ActionView::RenderablePartial without including the NewRelic::Agent::MethodTracer module. This is deprecated and will stop working in the future. Please see http://docs.newrelic.com/docs/ruby/ruby-custom-metric-collection for examples of correct add_method_tracer usage. -[03/28/14 08:56:43 +0000 ruby (6100)] WARN : Called add_method_tracer from ActionView::Template without including the NewRelic::Agent::MethodTracer module. This is deprecated and will stop working in the future. Please see http://docs.newrelic.com/docs/ruby/ruby-custom-metric-collection for examples of correct add_method_tracer usage. -[03/28/14 08:56:43 +0000 ruby (6100)] INFO : Installing Rails 2 Controller instrumentation -[03/28/14 08:56:43 +0000 ruby (6100)] INFO : Installing Rails 2 Error instrumentation -[03/28/14 08:56:43 +0000 ruby (6100)] INFO : Finished instrumentation -[03/28/14 08:56:44 +0000 ruby (6100)] INFO : Doing deferred dependency-detection before Rack startup -[03/28/14 10:52:24 +0000 ruby (7003)] INFO : Starting the New Relic agent in "development" environment. -[03/28/14 10:52:24 +0000 ruby (7003)] INFO : To prevent agent startup add a NEWRELIC_ENABLE=false environment variable or modify the "development" section of your newrelic.yml. -[03/28/14 10:52:24 +0000 ruby (7003)] INFO : Reading configuration from -[03/28/14 10:52:24 +0000 ruby (7003)] ERROR : Unable to read configuration file : Is a directory - /home/user/code/freehub/script -[03/28/14 10:52:24 +0000 ruby (7003)] INFO : Enabling the Request Sampler. -[03/28/14 10:52:24 +0000 ruby (7003)] INFO : Environment: development -[03/28/14 10:52:24 +0000 ruby (7003)] INFO : Dispatcher: webrick -[03/28/14 10:52:24 +0000 ruby (7003)] INFO : Application: development -[03/28/14 10:52:24 +0000 ruby (7003)] WARN : No license key found in newrelic.yml config. This often means your newrelic.yml is missing a section for the running environment 'development' -[03/28/14 10:52:25 +0000 ruby (7003)] INFO : Installing ActiveRecord instrumentation -[03/28/14 10:52:25 +0000 ruby (7003)] INFO : Installing deferred Rack instrumentation -[03/28/14 10:52:25 +0000 ruby (7003)] INFO : Installing Net instrumentation -[03/28/14 10:52:25 +0000 ruby (7003)] INFO : Installing Rails 2.2 - 2.3 View instrumentation -[03/28/14 10:52:25 +0000 ruby (7003)] WARN : Called add_method_tracer from ActionView::RenderablePartial without including the NewRelic::Agent::MethodTracer module. This is deprecated and will stop working in the future. Please see http://docs.newrelic.com/docs/ruby/ruby-custom-metric-collection for examples of correct add_method_tracer usage. -[03/28/14 10:52:25 +0000 ruby (7003)] WARN : Called add_method_tracer from ActionView::Template without including the NewRelic::Agent::MethodTracer module. This is deprecated and will stop working in the future. Please see http://docs.newrelic.com/docs/ruby/ruby-custom-metric-collection for examples of correct add_method_tracer usage. -[03/28/14 10:52:25 +0000 ruby (7003)] INFO : Installing Rails 2 Controller instrumentation -[03/28/14 10:52:25 +0000 ruby (7003)] INFO : Installing Rails 2 Error instrumentation -[03/28/14 10:52:25 +0000 ruby (7003)] INFO : Finished instrumentation -[03/28/14 10:52:26 +0000 ruby (7003)] INFO : Doing deferred dependency-detection before Rack startup From 7f6385cfed4c46dab2fff670e93f169680c7901c Mon Sep 17 00:00:00 2001 From: Nikolai Berkoff Date: Fri, 2 Jan 2015 12:04:49 -0800 Subject: [PATCH 15/15] move methods into user model --- app/controllers/application_controller.rb | 2 -- app/helpers/application_helper.rb | 17 +++------ app/models/user.rb | 36 +++++++++++-------- .../organizations_controller_test.rb | 2 +- test/unit/role_test.rb | 12 +++---- test/unit/user_test.rb | 13 +++++++ 6 files changed, 44 insertions(+), 38 deletions(-) diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index c7c4166a..11becc33 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -22,7 +22,6 @@ class ApplicationController < ActionController::Base # Timezone of the organization or default before_filter :set_timezone - private def resolve_organization @@ -55,7 +54,6 @@ def authorize_admin redirect_unauthrized unless user_is_admin? end - def redirect_unauthrized redirect_to({ :controller => 'sessions', :action => 'new' }) end diff --git a/app/helpers/application_helper.rb b/app/helpers/application_helper.rb index 3cd4b09e..c679239d 100644 --- a/app/helpers/application_helper.rb +++ b/app/helpers/application_helper.rb @@ -65,23 +65,14 @@ def labeled_value(label_value, value) end def user_is_manager? - is_user_in_organization? && @current_user.roles.first.name == "manager" + wrapped_current_user.try(:is_manager_of?, @organization) end def user_is_admin? - if @current_user && @current_user != :false - @current_user.roles.first.name == "admin" - end + wrapped_current_user.try(:is_admin?) end - def is_user_in_organization? - user_organization = @current_user.organization - - if user_organization.nil? || @organization.nil? - return false - end - - user_organization.id == @organization.id + def wrapped_current_user + User.current_user if User.current_user != :false end - end diff --git a/app/models/user.rb b/app/models/user.rb index ee87c555..3fa9b6e7 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -21,12 +21,12 @@ class User < ActiveRecord::Base belongs_to :organization - + # Authenticated user cattr_accessor :current_user has_and_belongs_to_many :roles - + def accepts_role?(role, user) 'owner' == role && self == user end @@ -44,7 +44,7 @@ def accepts_role?(role, user) validates_email_format_of :email, :check_mx=> true, :unless => proc { |user| user.errors.on :email } validates_uniqueness_of :login, :email, :case_sensitive => false before_save :encrypt_password - before_create :make_activation_code + before_create :make_activation_code # prevents a user from submitting a crafted form that bypasses activation # anything else you want your user to change should be added here. attr_accessible :name, :login, :email, :password, :password_confirmation @@ -89,7 +89,7 @@ def recently_forgot_password? def recently_reset_password? @reset_password - end + end # Authenticates a user by their login name and unencrypted password. Returns the user or nil. def self.authenticate(login, password) @@ -112,7 +112,7 @@ def authenticated?(password) end def remember_token? - remember_token_expires_at && Time.now.utc < remember_token_expires_at + remember_token_expires_at && Time.now.utc < remember_token_expires_at end # These create and unset the fields required for remembering users between browser closes @@ -140,28 +140,34 @@ def organization @organization ||= is_manager_for_what end - def is_manager_for_what - role = roles.find_all_by_name("manager").first - if role - role.authorizable - end + def is_manager_of?(other_organization) + return false if !other_organization || !organization + organization.id == other_organization.id && roles.first.name == 'manager' + end + + def is_admin? + roles.first.name == 'admin' end protected - # before filter + # before filter def encrypt_password return if password.blank? self.salt = Digest::SHA1.hexdigest("--#{Time.now.to_s}--#{login}--") if new_record? self.crypted_password = encrypt(password) end - + def password_required? crypted_password.blank? || !password.blank? || reset_code end - - def make_activation_code + def make_activation_code self.activation_code = Digest::SHA1.hexdigest( Time.now.to_s.split(//).sort_by {rand}.join ) end - + + def is_manager_for_what + role = roles.find_all_by_name("manager").first + role.authorizable if role + end + end diff --git a/test/functional/organizations_controller_test.rb b/test/functional/organizations_controller_test.rb index 0aa44a3d..3fc5e945 100644 --- a/test/functional/organizations_controller_test.rb +++ b/test/functional/organizations_controller_test.rb @@ -27,7 +27,7 @@ def test_should_create_organization assert assigns(:organization) assert assigns(:user) - assert_equal assigns(:user).roles.first.authorizable, assigns(:organization) + assert assigns(:user).is_manager_of?(assigns(:organization)) assert_redirected_to '/dbc' end diff --git a/test/unit/role_test.rb b/test/unit/role_test.rb index a38010db..3e5a6547 100644 --- a/test/unit/role_test.rb +++ b/test/unit/role_test.rb @@ -1,22 +1,20 @@ require 'test_helper' -class RoleTest < ActiveSupport::TestCase +class RolesTest < ActiveSupport::TestCase include ApplicationHelper def test_admin_role - @current_user = users(:admin) + User.current_user = users(:admin) assert user_is_admin? - @current_user = users(:sfbk) + User.current_user = users(:greeter) assert !user_is_admin? end def test_manager_role - @current_user = users(:sfbk) + User.current_user = users(:sfbk) @organization = organizations(:sfbk) assert user_is_manager? - @current_user = users(:scbc) + User.current_user = users(:scbc) assert !user_is_manager? end - end - diff --git a/test/unit/user_test.rb b/test/unit/user_test.rb index 02bc1d09..1524979d 100644 --- a/test/unit/user_test.rb +++ b/test/unit/user_test.rb @@ -106,6 +106,19 @@ def test_reset assert User.authenticate('sfbk', 'new_password') end + def test_is_magager_of + assert users(:sfbk).is_manager_of?(organizations(:sfbk)) + assert !users(:sfbk).is_manager_of?(nil) + assert !users(:sfbk).is_manager_of?(organizations(:scbc)) + assert !create_user.is_manager_of?(organizations(:scbc)) + end + + def test_is_magager_of + assert users(:admin).is_admin? + assert !users(:sfbk).is_admin? + end + + protected def create_user(options = {}) User.create({ :name => 'Quire', :login => 'quire', :email => 'quire@example.com', :password => 'quire', :password_confirmation => 'quire' }.merge(options))