From cff8194838039171297378019c3fe90ed9ebfd0d Mon Sep 17 00:00:00 2001
From: Nicolae Claudius <nicolae_claudius@yahoo.com>
Date: Wed, 21 Sep 2011 06:47:49 -0700
Subject: [PATCH] authorization

---
 Gemfile                                     |  8 +++----
 Gemfile.lock                                | 18 +++++++-------
 app/models/ability.rb                       | 26 +++++++++++++++++++++
 config/initializers/active_scaffold.rb      |  2 +-
 db/migrate/20110917084645_create_domains.rb |  1 +
 5 files changed, 42 insertions(+), 13 deletions(-)
 create mode 100644 app/models/ability.rb

diff --git a/Gemfile b/Gemfile
index 5c91abe..b7c03de 100644
--- a/Gemfile
+++ b/Gemfile
@@ -14,12 +14,12 @@ group :production do
 end
 
 gem 'devise', '~> 1.4.5'
-#gem 'cancan', '~> 1.6.5'
+gem 'cancan', '~> 1.6.5'
 #gem "meta_where", "~> 1.0" # squeel ?
 gem 'sentient_user', '~> 0.3.2'
 gem 'active_scaffold', '~> 3.1.0', :git => 'https://github.com/activescaffold/active_scaffold.git'
 gem 'web-app-theme', :git => "git://github.com/tscolari/web-app-theme.git", :branch => "v3.1.0"
-gem "pjax-rails", "~> 0.1.4"
+gem "pjax_rails", "~> 0.1.10"
 gem "rails_config", "~> 0.2.4"
 # gem "rails-settings-cached", :require => "rails-settings"
 
@@ -27,14 +27,14 @@ gem "rails_config", "~> 0.2.4"
 # in production environments by default.
 group :assets do
   gem 'sass-rails', "  ~> 3.1.0"
-  gem 'compass', "  ~> 0.11.5"
+  gem "compass", "~> 0.12.alpha.0"
   gem 'coffee-rails', "~> 3.1.0"
   gem 'uglifier'
   gem 'therubyracer'
 end
 
 gem 'jquery-rails'
-# gem 'foreigner'
+# gem 'foreigner' ?
 
 group :test, :development do
   gem "rspec-rails", "~> 2.6.1"
diff --git a/Gemfile.lock b/Gemfile.lock
index 127e44a..da7c3e1 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -8,7 +8,7 @@ GIT
 
 GIT
   remote: https://github.com/activescaffold/active_scaffold.git
-  revision: 59dcb90a7bf09e4b30f34dc39059373748619355
+  revision: 5c4ae3b25238eaed5f3313ab2ac0dea395b4c8cb
   specs:
     active_scaffold (3.1.2)
       rails (~> 3.1.0)
@@ -48,7 +48,8 @@ GEM
     arel (2.2.1)
     bcrypt-ruby (3.0.1)
     builder (3.0.0)
-    chunky_png (1.2.1)
+    cancan (1.6.5)
+    chunky_png (1.2.4)
     coffee-rails (3.1.1)
       coffee-script (>= 2.2.0)
       railties (~> 3.1.0)
@@ -56,17 +57,17 @@ GEM
       coffee-script-source
       execjs
     coffee-script-source (1.1.2)
-    compass (0.11.5)
+    compass (0.12.alpha.0)
       chunky_png (~> 1.2)
       fssm (>= 0.2.7)
       sass (~> 3.1)
-    devise (1.4.5)
+    devise (1.4.6)
       bcrypt-ruby (~> 3.0)
       orm_adapter (~> 0.0.3)
       warden (~> 1.0.3)
     diff-lcs (1.1.3)
     erubis (2.7.0)
-    execjs (1.2.6)
+    execjs (1.2.8)
       multi_json (~> 1.0)
     factory_girl (2.1.0)
     factory_girl_rails (1.2.0)
@@ -87,7 +88,7 @@ GEM
     multi_json (1.0.3)
     orm_adapter (0.0.5)
     pg (0.11.0)
-    pjax-rails (0.1.4)
+    pjax_rails (0.1.10)
       jquery-rails
     polyglot (0.3.2)
     rack (1.3.3)
@@ -164,13 +165,14 @@ PLATFORMS
 
 DEPENDENCIES
   active_scaffold (~> 3.1.0)!
+  cancan (~> 1.6.5)
   coffee-rails (~> 3.1.0)
-  compass (~> 0.11.5)
+  compass (~> 0.12.alpha.0)
   devise (~> 1.4.5)
   factory_girl_rails (~> 1.2)
   jquery-rails
   pg
-  pjax-rails (~> 0.1.4)
+  pjax_rails (~> 0.1.10)
   rails (= 3.1.0)
   rails_config (~> 0.2.4)
   rspec-rails (~> 2.6.1)
diff --git a/app/models/ability.rb b/app/models/ability.rb
new file mode 100644
index 0000000..2b7bd8a
--- /dev/null
+++ b/app/models/ability.rb
@@ -0,0 +1,26 @@
+class Ability
+  include CanCan::Ability
+
+  def initialize(user)
+
+    user ||= User.new
+    if user.persisted?
+      can :manage, Domain, :user_id => user.id
+      can :manage, Record, :domain => {:user_id => user.id}
+    end
+
+    # The first argument to `can` is the action you are giving the user permission to do.
+    # If you pass :manage it will apply to every action. Other common actions here are
+    # :read, :create, :update and :destroy.
+    #
+    # The second argument is the resource the user can perform the action on. If you pass
+    # :all it will apply to every resource. Otherwise pass a Ruby class of the resource.
+    #
+    # The third argument is an optional hash of conditions to further filter the objects.
+    # For example, here the user can only update published articles.
+    #
+    #   can :update, Article, :published => true
+    #
+    # See the wiki for details: https://github.com/ryanb/cancan/wiki/Defining-Abilities
+  end
+end
diff --git a/config/initializers/active_scaffold.rb b/config/initializers/active_scaffold.rb
index 32e1f84..f39f26f 100644
--- a/config/initializers/active_scaffold.rb
+++ b/config/initializers/active_scaffold.rb
@@ -1,6 +1,6 @@
 ActiveScaffold.js_framework = :jquery
 
 ActiveScaffold.set_defaults do |conf|
-  # conf.security.default_permission = false
+  conf.security.default_permission = false
   ActiveScaffold::Config::Mark.mark_all_mode = :page
 end
diff --git a/db/migrate/20110917084645_create_domains.rb b/db/migrate/20110917084645_create_domains.rb
index 4d39696..99590ad 100644
--- a/db/migrate/20110917084645_create_domains.rb
+++ b/db/migrate/20110917084645_create_domains.rb
@@ -1,6 +1,7 @@
 class CreateDomains < ActiveRecord::Migration
   def change
     create_table :domains do |t|
+      t.references :user
       t.string :name, :limit => 255, :null => false
       t.string :master, :limit => 128, :default => nil
       t.integer :last_check, :limit => 50, :default => nil