Changeset 5796

Timestamp:

06/12/08 18:29:21 (3 months ago)

Author:

uta

Message:

2008/06/12 sync

Files:

• rubricks_core/trunk/app/controllers/application.rb (modified) (2 diffs)
• rubricks_core/trunk/app/controllers/test_controller.rb (modified) (1 diff)
• rubricks_core/trunk/app/models/rubricks_lib.rb (modified) (1 diff)
• rubricks_core/trunk/components/system/account_controller.rb (modified) (1 diff)
• rubricks_core/trunk/components/system/mobile_controller.rb (modified) (3 diffs)
• rubricks_core/trunk/vendor/plugins/rubricks/lib/authorize_filter.rb (modified) (4 diffs)

rubricks_core/trunk/app/controllers/application.rb

@@ -118 +118 @@
-    return if performed?
-    before_request_store_common_data
-    before_request_refuse_guest
-    before_request_protection_for_session_fixation_attack
-    RubricksLib.load_lang
@@ -146 +145 @@
-      cookies[:rmp] = {:value => '0', :path => RubricksLib.cookie_path}
-      reset_session
-    end
-  end
-
-  def before_request_refuse_guest
-    if guest? && !RubricksConfig.get('user_guest_available')
-      unless RubricksLib::GUEST_AVAILABLE_CONTROLLER.include?(params[:controller])
-        jump_page(url_for(:controller => '/system/login', :action => 'login_page'))
-      end
-    end
-  end

rubricks_core/trunk/app/controllers/test_controller.rb

@@ -29 +29 @@
-    raise RubricksError::User::UnauthorizedException unless RubricksLib.test_mode?
-  end
-
-  ###################################################################
-  #  Old
-  ###################################################################
-  def clear_components_dir
-    clear_dirs = ['components', 'install']
-    public_dirs = ['images', 'javascripts', 'stylesheets']
-    target_components = Dir["#{RAILS_ROOT}/test/rzips/*.rzip"]
-    clear_dirs.each do |target_dir|
-      target_components.each do |target_component_path|
-        target_component = target_component_path.sub(%r(^.*/([^/]*)\.rzip$), '\1')
-        clear_dirs.each do |dir|
-          dir_name  = "#{RAILS_ROOT}/#{dir}/#{target_component}"
-          rzip_name = "#{dir_name}.rzip"
-          RubricksLib.rm(dir_name)
-          RubricksLib.rm(rzip_name)
-        end
-        public_dirs.each do |dir|
-          dir_name = "#{RAILS_ROOT}/public/#{dir}/components/#{target_component}"
-          RubricksLib.rm(dir_name)
-        end
-      end
-    end
-    scripts = ['before_install', 'after_install', 'before_uninstall', 'after_uninstall', 'before_update', 'after_update']
-    scripts.each do |script|
-      RubricksLib.rm("#{RAILS_ROOT}/test/#{script}.txt")
-    end
-    render :text => 'clear components directory.'
-  end
-  
-  def clear_skin_dirs(skin_name)
-    targets = ['javascripts', 'images', 'stylesheets']
-    targets.each do |target|
-      RubricksLib.rm("#{RAILS_ROOT}/public/#{target}/dashboard/widgets/#{skin_name}")
-    end
-    RubricksLib.rm("#{RAILS_ROOT}/dashboard/widgets/#{skin_name}")
-  end
-
-  def clear_skin_files
-    skin_name = params[:skin_name] || 'test'
-    clear_skin_dirs(skin_name)
-    render :text => "clear_skin_files. (#{skin_name})"
-  end
-
-  def clear_skin_testdirs
-    skin_testdirs = [
-      'skin32characters0000000000000000', 
-      'skinblue',
-      'skingreen',
-      'skin33characters00000000000000000',
-      'skin6',
-      'skin7',
-      'skin8',
-      'skin(_marks)',
-    ]
-    skin_testdirs.each do |dir|
-      clear_skin_dirs(dir)
-    end
-    render :text => "clear_skin_testdirs."
-  end
-
-  def clear_theme_dirs(theme_name)
-    targets = ['images', 'javascripts', 'stylesheets']
-    targets.each do |target|
-      RubricksLib.rm("#{RAILS_ROOT}/public/#{target}/themes/#{theme_name}")
-    end
-    RubricksLib.rm("#{RAILS_ROOT}/themes/#{theme_name}")
-  end
-
-  def clear_theme_files
-    theme_name = params[:theme_name] || 'test'
-    clear_theme_dirs(theme_name)
-    render :text => "clear_theme_files. (#{theme_name})"
-  end
-
-  def clear_theme_testdirs
-    theme_testdirs = [
-      'theme32characters000000000000000', 
-      'themeblue',
-      'themegreen',
-      'theme33characters0000000000000000',
-      'theme3',
-      'theme4',
-      'theme5',
-      'theme(_marks)',
-    ]
-    theme_testdirs.each do |dir|
-      clear_theme_dirs(dir)
-    end
-    render :text => "clear_theme_testdirs."
-  end
-
-  def confirm_delivery_mail
-    if ActionMailer::Base.deliveries.blank?
-      render :text => 'No Mail'
-    else
-      text = '<meta http-equiv="content-type" content="text/html; charset=UTF-8" />'
-      ActionMailer::Base.deliveries.each do |mail|
-        text << "To: #{mail[:recipient]}<br>"
-        text << "Cc: #{mail[:cc]}<br>"
-        text << "Bcc: #{mail[:bcc]}<br>"
-        text << "From: #{mail[:from]}<br>"
-        text << "Subject: #{mail[:subject]}<br>"
-        text << "Template: #{mail[:template]}<br>"
-      end
-      ActionMailer::Base.deliveries.clear
-      render :text => text
-    end
-  end
-
-  def confirm_permission
-    ru = current_user
-    render :text => (guest?) ? 'Guest' : current_user.login_name
-  end
-
-  def confirm_skin_files_exist
-    skin_name = params[:skin_name]
-    skin_flag = true
-    targets = ['images', 'stylesheets']
-    targets.each do |target|
-      if target == 'stylesheets'
-        from_path = "#{RAILS_ROOT}/dashboard/widgets/#{skin_name}/#{target}/sample.css"
-        copy_path = "#{RAILS_ROOT}/public/#{target}/dashboard/widgets/#{skin_name}/sample.css"
-      else
-        from_path = "#{RAILS_ROOT}/dashboard/widgets/#{skin_name}/#{target}/from.txt"
-        copy_path = "#{RAILS_ROOT}/public/#{target}/dashboard/widgets/#{skin_name}/from.txt"
-      end
-      skin_flag = false unless File.exists?(from_path)
-      skin_flag = false unless File.exists?(copy_path)
-    end
-    render :text => (skin_flag) ? 'ok' : 'ng'
-  end
-
-  def confirm_theme_files_exist
-    theme_name = params[:theme_name]
-    theme_flag = true
-    targets = ['images', 'javascripts', 'stylesheets']
-    targets.each do |target|
-      if target == 'stylesheets'
-        from_path = "#{RAILS_ROOT}/themes/#{theme_name}/#{target}/common.css"
-        copy_path = "#{RAILS_ROOT}/public/#{target}/themes/#{theme_name}/style.css"
-      else
-        from_path = "#{RAILS_ROOT}/themes/#{theme_name}/#{target}/from.txt"
-        copy_path = "#{RAILS_ROOT}/public/#{target}/themes/#{theme_name}/from.txt"
-      end
-      theme_flag = false unless File.exists?(from_path)
-      theme_flag = false unless File.exists?(copy_path)
-    end
-    render :text => (theme_flag) ? 'ok' : 'ng'
-  end
-
-  def drop_table
-    table_name = params[:table]
-    begin
-      ActiveRecord::Migration.execute("drop table if exists #{table_name};")
-    rescue Exception
-      render :text => 'failed to drop table.'
-    else
-      render :text => "drop table '#{table_name}'."
-    end
-  end
-
-  def init_skin_files
-    skin_name = params[:skin_name] || 'test'
-    clear_skin_dirs(skin_name)
-    targets = ['images', 'stylesheets']
-    targets.each do |target|
-      from_path = "#{RAILS_ROOT}/dashboard/widgets/#{skin_name}/#{target}"
-      to_path   = "#{RAILS_ROOT}/public/#{target}/dashboard/widgets/#{skin_name}"
-      RubricksLib.mkdir(from_path)
-      RubricksLib.mkdir(to_path)
-      if target == 'stylesheets'
-        File.open("#{from_path}/sample.css", 'w') do |file|
-          file.puts 'body{color:#cccccc;}'
-        end
-      else
-        File.open("#{from_path}/from.txt", 'w') do |file|
-          file.puts 'test'
-        end
-        File.open("#{to_path}/to.txt", 'w') do |file|
-          file.puts 'test'
-        end
-      end
-    end
-    render :text => "initialize_skin_dir. (#{skin_name})"
-  end
-
-  def init_skin_images
-    skin_name = params[:skin_name] || 'test'
-    image_name = params[:image_name] || 'screenshot.jpg'
-    from_path = "#{RAILS_ROOT}/dashboard/widgets/#{skin_name}/images"
-    to_path   = "#{RAILS_ROOT}/public/images/dashboard/widgets/#{skin_name}"
-    File.open("#{from_path}/#{image_name}", 'w') do |file|
-    end
-    File.open("#{to_path}/#{image_name}", 'w') do |file|
-    end
-    render :text => "initialize_image. (#{image_name})"
-  end
-
-  def init_theme_files
-    theme_name = params[:theme_name] || 'test'
-    clear_theme_dirs(theme_name)
-    targets = ['images', 'javascripts', 'stylesheets']
-    targets.each do |target|
-      from_path = "#{RAILS_ROOT}/themes/#{theme_name}/#{target}"
-      to_path   = "#{RAILS_ROOT}/public/#{target}/themes/#{theme_name}"
-      RubricksLib.mkdir(from_path)
-      RubricksLib.mkdir(to_path)
-      if target == 'stylesheets'
-        File.open("#{from_path}/stylesheet.rb", 'w') do |file|
-          file.puts 'def css_list '
-          file.puts '  {'
-          file.puts ':style    => [:common],'
-          file.puts '  }'
-          file.puts 'end'
-        end
-        File.open("#{from_path}/common.css", 'w') do |file|
-          file.puts 'body{color:#cccccc;}'
-        end
-      else
-        File.open("#{from_path}/from.txt", 'w') do |file|
-          file.puts 'test'
-        end
-        File.open("#{to_path}/to.txt", 'w') do |file|
-          file.puts 'test'
-        end
-      end
-    end
-    render :text => "initialize_theme_dir. (#{theme_name})"
-  end
-
-  def init_theme_images
-    theme_name = params[:theme_name] || 'test'
-    image_name = params[:image_name] || 'screenshot.jpg'
-    from_path = "#{RAILS_ROOT}/themes/#{theme_name}/images"
-    to_path   = "#{RAILS_ROOT}/public/images/themes/#{theme_name}"
-    File.open("#{from_path}/#{image_name}", 'w') do |file|
-    end
-    File.open("#{to_path}/#{image_name}", 'w') do |file|
-    end
-    render :text => "initialize_image. (#{image_name})"
-  end
-
-  def install
-    component_name = params[:component_name] || 'dummy002'
-    from_path = "#{RAILS_ROOT}/test/rzips/#{component_name}.rzip"
-    to_path   = "#{RAILS_ROOT}/install/#{component_name}.rzip"
-    RubricksLib.cp(from_path, to_path)
-    RubricksComponent.component_install(component_name)
-    render :text => "install #{component_name}"
-  end
-
-  def setup_install_rzip
-    component_name = params[:rzip] || 'dummy002'
-    from_path = "#{RAILS_ROOT}/test/rzips/#{component_name}.rzip"
-    to_path   = "#{RAILS_ROOT}/install/#{component_name}.rzip"
-    RubricksLib.cp(from_path, to_path)
-    render :text => "setup RZIP. (#{component_name}.rzip)"
-  end
-
-  def setup_update_rzip
-    component_name = params[:rzip]   || 'dummy002'
-    prefix         = params[:prefix] || 'update'
-    from_path = "#{RAILS_ROOT}/test/rzips/#{prefix}_#{component_name}.rzip"
-    to_path   = "#{RAILS_ROOT}/install/#{component_name}.rzip"
-    RubricksLib.cp(from_path, to_path)
-    render :text => "setup RZIP. (#{component_name}.rzip)"
-  end
-
-  def truncate_table
-    table_name = params[:table]
-    begin
-      ActiveRecord::Migration.execute("TRUNCATE TABLE #{table};")
-      ActiveRecord::Migration.execute("ALTER TABLE #{table} AUTO_INCREMENT=1;")
-    rescue Exception
-      render :text => 'failed to truncate table.'
-    else
-      render :text => "truncate table '#{table_name}'."
-    end
-  end
-
-  def uninstall
-    component_name = params[:component_name] || 'dummy002'
-    rc = RubricksComponent.find_by_name(component_name)
-    if rc
-      rc.active = false
-      rc.save!
-      messages = RubricksComponent.component_uninstall(rc.id, rc.display_name)
-      if messages.empty?
-        render :text => "install #{component_name}"
-      else
-        render :text => 'failed to uninstall.'
-      end
-    else
-      render :text => 'failed to uninstall.'
-    end
-  end
-  ###################################################################
-  #  Old
-  ###################################################################
-end
-

rubricks_core/trunk/app/models/rubricks_lib.rb

@@ -20 +20 @@
-      :ruby => %r<^[-a-zA-Z0-9!#\$%&'*+/=?_^`{|}~]+(?:\.[-a-zA-Z0-9!#\$%&'*+/=?_^`{|}~]+)*@(?:[-a-zA-Z0-9]+\.)+[a-zA-Z]{2,}$>,
-    }
-    GUEST_AVAILABLE_CONTROLLER  = ['system/account', 'system/error', 'system/login', 'system/mobile', 'test']
-    IMAGE_FILE_EXTENSION        = /\.(?:gif|jpeg|jpg|png)$/i
-    IMAGE_FILE_SIGNATURE        = {

rubricks_core/trunk/components/system/account_controller.rb

@@ -3 +3 @@
-  user_management
-  uses_component_template_root
+  include Rubricks::Authorize::InvalidateRefuseGuest
-  authorize :login,  :except => [:user_edit]
-  authorize :access, :only   => [:user_edit]

rubricks_core/trunk/components/system/mobile_controller.rb

@@ -7 +7 @@
-
-  def index
-
+ rescue nil
-    if ident
-      case RubricksConfig.get('mobile_login_with_ident')
@@ -20 +20 @@
-
-  def login(ru = nil)
+    ident = request.mobile.ident rescue nil
-    options = {
-      :login_id     => (ru.nil?) ? params[:login][:login_name] : nil,
-      :login_pw     => (ru.nil?) ? params[:login][:raw_password] : nil,
-request.mobile.
+
-      :ru           => ru,
-    }
@@ -51 +52 @@
-  private
-  def dispatch_pc
-
-
-
+
+
+
+
+
-      end
-    else
-      redirect_to :controller => '/'
-    end
-  end

rubricks_core/trunk/vendor/plugins/rubricks/lib/authorize_filter.rb

@@ -12 +12 @@
-        before_filter               :authorize_component_access_filter
-        before_filter               :authorize_component_block_filter
+        before_filter               :refuse_guest_filter
-        before_filter               :initial_login_filter
-      end
@@ -68 +69 @@
-        options = {
-          :actions  => [],
+          :function => :access,
-          :scheme   => :basic,
-        }.merge(options)
@@ -153 +155 @@
-    end
-
+    module InvalidateRefuseGuest
+      def refuse_guest_filter
+      end
+    end
+
-    module InvalidateAuthorize
-      include InvalidateDefaultAuthorize
-      include InvalidateInitialLoginAuthorize
+      include InvalidateRefuseGuest
-
-      def authorize_component_block_filter
@@ -214 +222 @@
-      end
-
+      def refuse_guest_filter
+        jump_page(url_for(:controller => '/system/login', :action => 'login_page')) if guest? && RubricksConfig.get('user_guest_available').blank?
+      end
+
-      def server_authorize_filter
-        return true if server_authorize_options.nil?
+        return true if RubricksLib.permitted_current_component_function?(server_authorize_options[:function].to_sym)
-        actions = server_authorize_options[:actions].to_a.map{|action| action.to_s} rescue []
-        if actions.empty? || actions.include?(params[:action])