Created
February 22, 2010 04:16
-
-
Save nandalopes/b66c262ee2e8b27d416f to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Template created by Nanda Lopes (http://twitter.com/NandaL) | |
# Usage: rails myapp -m authentication-access_control-template.rb | |
# Remove unnecessary Rails files | |
run 'rm README' | |
run 'rm public/index.html' | |
run 'rm public/favicon.ico' | |
run 'rm public/images/rails.png' | |
# Copy database.yml | |
run 'cp config/database.yml config/database.yml.example' | |
gem "authlogic" | |
gem "declarative_authorization", :source => "http://gemcutter.org" | |
gem "faker" if yes?("Use faker to generate fake data? (y/n)") | |
# gem 'rubyist-aasm' | |
# Install gems on local system | |
rake('gems:install', :sudo => true) if yes?('Install gems on local system? (y/n)') | |
generate :controller, 'welcome', 'index' | |
route "map.root :controller => 'welcome', :action => 'index'" | |
# Use database (active record) session store | |
# rake('db:sessions:create') | |
file 'config/authorization_rules.rb.example', <<-FILE | |
privileges do | |
privilege :manage, :includes => [:create, :read, :update, :delete] | |
privilege :create, :includes => :new | |
privilege :read, :includes => [:index, :show] | |
privilege :update, :includes => :edit | |
privilege :delete, :includes => :destroy | |
end | |
authorization do | |
role :admin do | |
includes :loggedin | |
end | |
role :guest do | |
has_permission_on :welcome, :to => [:read] | |
has_permission_on :password_resets, :to => [:manage] | |
has_permission_on :user_sessions, :to => [:create] | |
has_permission_on :users, :to => [:create] | |
end | |
role :loggedin do | |
includes :guest | |
has_permission_on :users, :to => [:read, :update, :delete] | |
has_permission_on :user_sessions, :to => [:read, :update, :delete] | |
end | |
end | |
FILE | |
### Authlogic setup | |
generate :controller, 'user_sessions', 'new', 'create', 'destroy' | |
generate :model, 'user' | |
generate :controller, 'users', 'show', 'new', 'edit', 'create', 'update', 'destroy' | |
route "map.resource 'account', :controller => 'users'" | |
route "map.login 'login', :controller => 'user_sessions', :action => 'new'" | |
route "map.logout 'logout', :controller => 'user_sessions', :action => 'destroy'" | |
route "map.signup 'signup', :controller => 'users', :action => 'new'" | |
file 'db/authlogic_model.example', <<-FILE | |
t.string :login, :null => false # optional, you can use email instead, or both | |
t.string :email, :null => false # optional, you can use login instead, or both | |
t.string :crypted_password, :null => false # optional, see below | |
t.string :password_salt, :null => false # optional, but highly recommended | |
t.string :persistence_token, :null => false # required | |
t.string :single_access_token, :null => false # optional, see Authlogic::Session::Params | |
t.string :perishable_token, :null => false # optional, see Authlogic::Session::Perishability | |
# Magic columns, just like ActiveRecord's created_at and updated_at. These are automatically maintained by Authlogic if they are present. | |
t.integer :login_count, :null => false, :default => 0 # optional, see Authlogic::Session::MagicColumns | |
t.integer :failed_login_count, :null => false, :default => 0 # optional, see Authlogic::Session::MagicColumns | |
t.datetime :last_request_at # optional, see Authlogic::Session::MagicColumns | |
t.datetime :current_login_at # optional, see Authlogic::Session::MagicColumns | |
t.datetime :last_login_at # optional, see Authlogic::Session::MagicColumns | |
t.string :current_login_ip # optional, see Authlogic::Session::MagicColumns | |
t.string :last_login_ip # optional, see Authlogic::Session::MagicColumns | |
FILE | |
file 'db/authlogic_session.example', <<-FILE | |
t.string :session_id, :null => false | |
t.text :data | |
t.timestamps | |
add_index :sessions, :session_id | |
add_index :sessions, :updated_at | |
FILE | |
# Models for authologic | |
file 'app/models/user_session.rb', <<-FILE | |
class UserSession < Authlogic::Session::Base | |
self.logout_on_timeout = true | |
end | |
FILE | |
session_time_out = ask("Session expires in ... (minutes) ?") | |
file 'app/models/user.rb', <<-FILE | |
class User < ActiveRecord::Base | |
acts_as_authentic do |c| | |
c.logged_in_timeout(#{session_time_out}.minutes) | |
end | |
end | |
FILE | |
# Controllers for authlogic | |
file 'app/controllers/user_sessions_controller.rb', <<-FILE | |
class UserSessionsController < ApplicationController | |
before_filter :require_no_user, :only => [:new, :create] | |
before_filter :require_user, :only => :destroy | |
def new | |
@user_session = UserSession.new | |
end | |
def create | |
@user_session = UserSession.new(params[:user_session]) | |
if @user_session.save | |
redirect_to account_url | |
else | |
render :action => :new | |
end | |
end | |
def destroy | |
current_user_session.destroy | |
redirect_to new_user_session_url | |
end | |
end | |
FILE | |
file 'app/controllers/users_controller.rb', <<-FILE | |
class UsersController < ApplicationController | |
before_filter :require_no_user, :only => [:new, :create] | |
before_filter :require_user, :only => [:show, :edit, :update] | |
def new | |
@user = User.new | |
end | |
def create | |
@user = User.new(params[:user]) | |
if @user.save | |
flash[:notice] = "Account registered!" | |
redirect_back_or_default account_url | |
else | |
render :action => :new | |
end | |
end | |
def show | |
@user = @current_user | |
end | |
def edit | |
@user = @current_user | |
end | |
def update | |
@user = @current_user # makes our views "cleaner" and more consistent | |
if @user.update_attributes(params[:user]) | |
flash[:notice] = "Account updated!" | |
redirect_to account_url | |
else | |
render :action => :edit | |
end | |
end | |
end | |
FILE | |
file 'app/controllers/application_controller.rb', <<-FILE | |
class ApplicationController | |
helper :all # include all helpers, all the time | |
# Scrub sensitive parameters from your log | |
filter_parameter_logging :password, :password_confirmation | |
# Metodos disponiveis para View | |
helper_method :current_user_session, :current_user | |
private | |
def current_user_session | |
return @current_user_session if defined?(@current_user_session) | |
@current_user_session = UserSession.find | |
end | |
def current_user | |
return @current_user if defined?(@current_user) | |
@current_user = current_user_session && current_user_session.user | |
end | |
def require_user | |
unless current_user | |
store_location | |
flash[:notice] = "You must be logged in to access this page" | |
redirect_to new_user_session_url | |
return false | |
end | |
end | |
def require_no_user | |
if current_user | |
store_location | |
flash[:notice] = "You must be logged out to access this page" | |
redirect_to account_url | |
return false | |
end | |
end | |
def store_location | |
session[:return_to] = request.request_uri | |
end | |
def redirect_back_or_default(default = root_url) | |
redirect_to(session[:return_to] || default) | |
session[:return_to] = nil | |
end | |
def permission_denied | |
store_location | |
flash[:error] = t('controller.errors.access_denied') | |
respond_to do |format| | |
format.html { redirect_to(root_url) } | |
format.xml { head :unauthorized } | |
format.js { head :unauthorized } | |
end | |
end | |
end | |
FILE | |
rake('db:sessions:create') | |
# Create .gitignore file | |
file '.gitignore', <<-FILE | |
.DS_Store | |
log/*.log | |
tmp/**/* | |
config/database.yml | |
db/*.sqlite3 | |
# projects settings | |
.loadpath | |
.project | |
.tmp* | |
*.swp | |
*\~ | |
*.zip | |
!vendor/plugins | |
FILE | |
run "touch tmp/.gitignore log/.gitignore vendor/.gitignore" | |
# Set up git repository | |
git :init | |
git :add => '.' | |
git :commit => "-a -m 'Initial commit'" | |
git :branch => 'maint' | |
git :branch => 'next' | |
git :checkout => 'next' |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment