initial checkin of full application

Gemfile

@@ -0,0 +1,16 @@
+source 'http://rubygems.org'
+
+gem 'rails', '3.0.4' 
+gem 'mysql', '2.8.1'
+gem 'authlogic'
+
+# Bundle gems for the local environment. Make sure to
+# put test-only gems in this group so their generators
+# and rake tasks are available in development mode:
+group :development, :test do
+	gem 'rspec', '>= 2.0.0.beta.20'
+  gem 'rspec-rails', '>= 2.0.0.beta.20'
+	gem 'autotest'
+	gem 'webrat'
+	gem 'annotate'
+end

Gemfile.lock

@@ -0,0 +1,104 @@
+GEM
+  remote: http://rubygems.org/
+  specs:
+    ZenTest (4.5.0)
+    abstract (1.0.0)
+    actionmailer (3.0.4)
+      actionpack (= 3.0.4)
+      mail (~> 2.2.15)
+    actionpack (3.0.4)
+      activemodel (= 3.0.4)
+      activesupport (= 3.0.4)
+      builder (~> 2.1.2)
+      erubis (~> 2.6.6)
+      i18n (~> 0.4)
+      rack (~> 1.2.1)
+      rack-mount (~> 0.6.13)
+      rack-test (~> 0.5.7)
+      tzinfo (~> 0.3.23)
+    activemodel (3.0.4)
+      activesupport (= 3.0.4)
+      builder (~> 2.1.2)
+      i18n (~> 0.4)
+    activerecord (3.0.4)
+      activemodel (= 3.0.4)
+      activesupport (= 3.0.4)
+      arel (~> 2.0.2)
+      tzinfo (~> 0.3.23)
+    activeresource (3.0.4)
+      activemodel (= 3.0.4)
+      activesupport (= 3.0.4)
+    activesupport (3.0.4)
+    annotate (2.4.0)
+    arel (2.0.9)
+    authlogic (2.1.6)
+      activesupport
+    autotest (4.4.6)
+      ZenTest (>= 4.4.1)
+    builder (2.1.2)
+    diff-lcs (1.1.2)
+    erubis (2.6.6)
+      abstract (>= 1.0.0)
+    i18n (0.5.0)
+    mail (2.2.15)
+      activesupport (>= 2.3.6)
+      i18n (>= 0.4.0)
+      mime-types (~> 1.16)
+      treetop (~> 1.4.8)
+    mime-types (1.16)
+    mysql (2.8.1)
+    nokogiri (1.4.4)
+    polyglot (0.3.1)
+    rack (1.2.2)
+    rack-mount (0.6.14)
+      rack (>= 1.0.0)
+    rack-test (0.5.7)
+      rack (>= 1.0)
+    rails (3.0.4)
+      actionmailer (= 3.0.4)
+      actionpack (= 3.0.4)
+      activerecord (= 3.0.4)
+      activeresource (= 3.0.4)
+      activesupport (= 3.0.4)
+      bundler (~> 1.0)
+      railties (= 3.0.4)
+    railties (3.0.4)
+      actionpack (= 3.0.4)
+      activesupport (= 3.0.4)
+      rake (>= 0.8.7)
+      thor (~> 0.14.4)
+    rake (0.8.7)
+    rspec (2.5.0)
+      rspec-core (~> 2.5.0)
+      rspec-expectations (~> 2.5.0)
+      rspec-mocks (~> 2.5.0)
+    rspec-core (2.5.1)
+    rspec-expectations (2.5.0)
+      diff-lcs (~> 1.1.2)
+    rspec-mocks (2.5.0)
+    rspec-rails (2.5.0)
+      actionpack (~> 3.0)
+      activesupport (~> 3.0)
+      railties (~> 3.0)
+      rspec (~> 2.5.0)
+    thor (0.14.6)
+    treetop (1.4.9)
+      polyglot (>= 0.3.1)
+    tzinfo (0.3.25)
+    webrat (0.7.3)
+      nokogiri (>= 1.2.0)
+      rack (>= 1.0)
+      rack-test (>= 0.5.3)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  annotate
+  authlogic
+  autotest
+  mysql (= 2.8.1)
+  rails (= 3.0.4)
+  rspec (>= 2.0.0.beta.20)
+  rspec-rails (>= 2.0.0.beta.20)
+  webrat

Rakefile

@@ -0,0 +1,7 @@
+# Add your own tasks in files placed in lib/tasks ending in .rake,
+# for example lib/tasks/capistrano.rake, and they will automatically be available to Rake.
+
+require File.expand_path('../config/application', __FILE__)
+require 'rake'
+
+Thingspeak::Application.load_tasks

app/controllers/api_keys_controller.rb

@@ -0,0 +1,45 @@
+class ApiKeysController < ApplicationController
+	before_filter :require_user, :set_channels_menu
+
+	def index
+		get_channel_data
+		@read_keys = ApiKey.find(:all, :conditions => { :channel_id => @channel.id, :user_id => current_user.id, :write_flag => 0 })
+	end
+
+	def destroy
+		@api_key = ApiKey.find_by_api_key(params[:api_key])
+		@api_key.delete if @api_key.user_id == current_user.id
+		redirect_to :back
+	end
+
+	def create
+		@channel = Channel.find(params[:channel_id])
+		# make sure channel belongs to current user
+		check_permissions(@channel)
+
+		@api_key = ApiKey.find(:first, :conditions => { :channel_id => @channel.id, :user_id => current_user.id, :write_flag => 1 } )
+
+		# if no api key found or read api key
+		if (@api_key.nil? or params[:write] == '0')
+			@api_key = ApiKey.new
+			@api_key.channel_id = @channel.id
+			@api_key.user_id = current_user.id
+			@api_key.write_flag = params[:write]
+		end
+
+		# set new api key and save
+		@api_key.api_key = generate_api_key
+		@api_key.save
+
+		# redirect
+		redirect_to channel_api_keys_path(@channel.id) and return
+	end
+
+	def update
+		@api_key = ApiKey.find_by_api_key(params[:api_key][:api_key])
+
+		@api_key.note = params[:api_key][:note]
+		@api_key.save if current_user.id == @api_key.user_id
+		redirect_to channel_api_keys_path(@api_key.channel)
+	end
+end

app/controllers/application_controller.rb

@@ -0,0 +1,166 @@
+class ApplicationController < ActionController::Base
+	# include all helpers for controllers
+  helper :all
+	# include these helper methods for views
+  helper_method :current_user_session, :current_user, :get_header_value
+  protect_from_forgery
+	before_filter :set_variables
+
+	# set up some variables across the entire application
+	def set_variables
+		# hard code locale as english
+		I18n.locale = 'en'
+		# sets timezone for current user, all DateTime outputs will be automatically formatted
+		Time.zone = current_user.time_zone if current_user
+	end
+
+  private
+
+		def set_channels_menu
+			@menu = 'channels'
+		end
+
+    def current_user_session
+      return @current_user_session if defined?(@current_user_session)
+      @current_user_session = UserSession.find
+    end
+
+    def current_user
+      return @current_user if defined?(@current_user)
+      @current_user = current_user_session && current_user_session.record
+    end
+
+		# check that user is logged in
+		def require_user
+			if current_user.nil?
+				redirect_to login_path
+				false
+			end
+		end
+
+    def require_no_user
+      if current_user
+        store_location
+        redirect_to account_path
+        false
+      end
+    end
+
+    def store_location
+			if params[:controller] != "user_sessions"
+      	session[:return_to] = request.fullpath
+			end
+    end
+
+    def redirect_back_or_default(default)
+      redirect_to(session[:return_to] || default)
+      session[:return_to] = nil
+    end
+
+		def domain
+			u = request.url
+			begin
+				# the number 12 is the position at which to begin searching for '/', so we don't get the intitial '/' from http://
+				u = u[0..u.index('/', 12)]
+			rescue
+				u += '/'
+			end
+			# uncomment the line below for https support in a production environment
+			#u = u.sub(/http:/, 'https:') if Rails.env == 'production'
+			return u
+		end
+
+		# gets the api key
+		def get_userkey
+			return get_header_value('THINGSPEAKAPIKEY') || params[:key] || params[:api_key] || params[:apikey] 
+		end
+
+		# get specified header value
+		def get_header_value(name)
+				value = nil
+				for header in request.env
+					value = header[1] if (header[0].upcase.index(name.upcase))
+				end
+				return value
+		end
+
+		# gets the same data for showing or editing
+		def get_channel_data
+			@channel = Channel.find(params[:channel_id]) if params[:channel_id]
+			@channel = Channel.find(params[:id]) if @channel.nil? and params[:id]
+			@key = ''
+			# make sure channel belongs to current user
+			check_permissions(@channel)
+
+			@api_key = ApiKey.find(:first, :conditions => { :channel_id => @channel.id, :user_id => current_user.id, :write_flag => 1 } )
+			@key = @api_key.api_key if @api_key
+		end
+
+		def check_permissions(channel)
+			render :text => t(:channel_permission) and return if (current_user.nil? || (channel.user_id != current_user.id))
+		end
+
+		# checks permission for channel using api_key
+		def channel_permission?(channel, api_key)
+			if channel.public_flag or (api_key and api_key.channel_id == channel.id) or (current_user and channel.user_id == current_user.id)
+				return true
+			else
+				return false
+			end
+		end
+
+		# outputs error for bad channel
+		def bad_channel_xml
+			channel_unauthorized = Channel.new
+			channel_unauthorized.id = -1
+			return channel_unauthorized.to_xml(:only => :id)
+		end
+
+		# outputs error for bad feed
+		def bad_feed_xml
+			feed_unauthorized = Feed.new
+			feedl_unauthorized.id = -1
+			return feed_unauthorized.to_xml(:only => :entry_id)
+		end
+
+		# generates a database unique api key
+		def generate_api_key(size = 16)
+			alphanumerics = ('0'..'9').to_a + ('A'..'Z').to_a
+			k = (0..size).map {alphanumerics[Kernel.rand(36)]}.join
+
+			# if key exists in database, regenerate key
+			k = generate_api_key if ApiKey.find_by_api_key(k)
+
+			# output the key
+			return k
+		end
+
+		# options: days = how many days ago, start = start date, end = end date, offset = timezone offset
+		def get_date_range(params)
+			# set timezone correctly
+			set_time_zone(params)
+
+			start_date = Time.now - 1.day
+			end_date = Time.now
+			start_date = (Time.now - params[:days].to_i.days) if params[:days]
+			start_date = DateTime.strptime(params[:start]) if params[:start]
+			end_date = DateTime.strptime(params[:end]) if params[:end]
+			date_range = (start_date..end_date)
+			# only get a maximum of 30 days worth of data
+			date_range = (end_date - 30.days..end_date) if (end_date - start_date) > 30.days
+
+			return date_range
+		end
+
+		def set_time_zone(params)
+			# set timezone correctly
+			if params[:offset]
+				Time.zone = params[:offset].to_i
+			elsif current_user
+				Time.zone = current_user.time_zone
+			else
+				Time.zone = 0
+			end
+		end
+
+end