activeadmin 2.9.0 → 3.2.0

data/docs/12-arbre-components.md

@@ -1,214 +0,0 @@
----
-redirect_from: /docs/12-arbre-components.html
----
-
-# Arbre Components
-
-Arbre allows the creation of shareable and extendable HTML components and is
-used throughout Active Admin to create view components.
-
-## Text Node
-
-Sometimes it makes sense to insert something into a registered resource like a
-non-breaking space or some text. The text_node method can be used to insert
-these elements into the page inside of other Arbre components or resource
-controller functions.
-
-```ruby
-ActiveAdmin.register Post do
-  show do
-    panel "Post Details" do
-      attributes_table_for post do
-        row :id
-        row 'Tags' do
-          post.tags.each do |tag|
-            a tag, href: admin_post_path(q: {tagged_with_contains: tag})
-            text_node " ".html_safe
-          end
-        end
-      end
-    end
-  end
-end
-```
-
-## Panels
-
-A panel is a component that takes up all available horizontal space and takes a
-title and a hash of attributes as arguments. If a sidebar is present, a panel
-will take up the remaining space.
-
-This will create two stacked panels:
-
-```ruby
-show do
-  panel "Post Details" do
-    render partial: "details", locals: {post: post}
-  end
-
-  panel "Post Tags" do
-    render partial: "tags",    locals: {post: post}
-  end
-end
-```
-
-## Columns
-
-The Columns component allows you draw content into scalable columns. All you
-need to do is define the number of columns and the component will take care of
-the rest.
-
-### Simple Columns
-
-To create simple columns, use the `columns` method. Within the block, call
-the #column method to create a new column.
-
-```ruby
-columns do
-  column do
-    span "Column #1"
-  end
-
-  column do
-    span "Column #2"
-  end
-end
-```
-
-### Spanning Multiple Columns
-
-To create columns that have multiple spans, pass the :span option to the column
-method.
-
-```ruby
-columns do
-  column span: 2 do
-    span "Column # 1"
-  end
-  column do
-    span "Column # 2"
-  end
-end
-```
-
-By default, each column spans 1 column. The above layout would have 2 columns,
-the first being twice as large as the second.
-
-### Custom Column Widths
-
-Active Admin uses a fluid width layout, causing column width to be defined
-using percentages. Due to using this style of layout, columns can shrink or
-expand past points that may not be desirable. To overcome this issue,
-columns provide `:max_width` and `:min_width` options.
-
-```ruby
-columns do
-  column max_width: "200px", min_width: "100px" do
-    span "Column # 1"
-  end
-  column do
-    span "Column # 2"
-  end
-end
-```
-
-In the above example, the first column will not grow larger than 200px and will
-not shrink less than 100px.
-
-### Custom Column Class
-
-Pass the `:class` option to the column method to set a custom class.
-
-```ruby
-columns do
-  column class: "important" do
-    span "Column # 1"
-  end
-  column do
-    span "Column # 2"
-  end
-end
-```
-
-## Table For
-
-Table For provides the ability to create tables like those present
-in `index_as_table`. It takes a collection and a hash of options and then
-uses `column` to build the fields to show with the table.
-
-```ruby
-table_for order.payments do
-  column(:payment_type) { |payment| payment.payment_type.titleize }
-  column "Received On",     :created_at
-  column "Details & Notes", :payment_details
-  column "Amount",          :amount_in_dollars
-end
-```
-
-The `column` method can take a title as its first argument and data
-(`:your_method`) as its second (or first if no title provided). Column also
-takes a block.
-
-### Internationalization
-
-To customize the internationalization for the component, specify a resource to
-use for translations via the `i18n` named parameter. This is only necessary for
-non-`ActiveRecord::Relation` collections:
-
-```ruby
-table_for payments, i18n: Payment do
-  # ...
-end
-```
-
-## Status tag
-
-Status tags provide convenient syntactic sugar for styling items that have
-status. A common example of where the status tag could be useful is for orders
-that are complete or in progress. `status_tag` takes a status, like
-"In Progress", and a hash of options. The status_tag will generate HTML markup
-that Active Admin CSS uses in styling.
-
-```ruby
-status_tag 'In Progress'
-# => <span class='status_tag in_progress'>In Progress</span>
-
-status_tag 'active', class: 'important', id: 'status_123', label: 'on'
-# => <span class='status_tag active important' id='status_123'>on</span>
-```
-
-When providing a `true` or `false` value, the `status_tag` will display "Yes"
-or "No". This can be configured through the `"en.active_admin.status_tag"`
-locale.
-
-```ruby
-status_tag true
-# => <span class='status_tag yes'>Yes</span>
-```
-
-In the case that a boolean field is `nil`, it will display "No" as a default.
-But using the `"en.active_admin.status_tag.unset"` locale key, it can be
-configured to display something else.
-
-## Tabs
-
-The Tabs component is helpful for saving page real estate. The first tab will be
-the one open when the page initially loads and the rest hidden. You can click
-each tab to toggle back and forth between them. Arbre supports unlimited number
-of tabs.
-
-```ruby
-tabs do
-  tab :active do
-    table_for orders.active do
-      ...
-    end
-  end
-
-  tab :inactive do
-    table_for orders.inactive do
-      ...
-    end
-  end
-end
-```

data/docs/13-authorization-adapter.md

@@ -1,285 +0,0 @@
----
-redirect_from: /docs/13-authorization-adapter.html
----
-
-# Authorization Adapter
-
-Active Admin offers the ability to define and use your own authorization
-adapter. If implemented, the '#authorized?' will be called when an action is
-taken. By default, '#authorized?' returns true.
-
-## Setting up your own AuthorizationAdapter
-
-The following example shows how to set up and tie your authorization
-adapter class to Active Admin:
-
-```ruby
-# app/models/only_authors_authorization.rb
-class OnlyAuthorsAuthorization < ActiveAdmin::AuthorizationAdapter
-
-  def authorized?(action, subject = nil)
-    case subject
-    when normalized(Post)
-      # Only let the author update and delete posts
-      if action == :update || action == :destroy
-        subject.author == user
-      else
-        true
-      end
-    else
-      true
-    end
-  end
-
-end
-```
-
-In order to hook up `OnlyAuthorsAuthorization` to Active Admin, go to your
-application's `config/initializers/active_admin.rb` and add/modify the line:
-
-```ruby
-config.authorization_adapter = "OnlyAuthorsAuthorization"
-```
-
-Now, whenever a controller action is performed, the `OnlyAuthorsAuthorization`'s
-`#authorized?` method will be called.
-
-Authorization adapters can be configured per ActiveAdmin namespace as well, for
-example:
-
-```ruby
-ActiveAdmin.setup do |config|
-  config.namespace :admin do |ns|
-    ns.authorization_adapter = "AdminAuthorization"
-  end
-  config.namespace :my do |ns|
-    ns.authorization_adapter = "DashboardAuthorization"
-  end
-end
-```
-
-## Getting Access to the Current User
-
-From within your authorization adapter, you can call the `#user` method to
-retrieve the current user.
-
-```ruby
-class OnlyAdmins < ActiveAdmin::AuthorizationAdapter
-
-  def authorized?(action, subject = nil)
-    user.admin?
-  end
-
-end
-```
-
-## Scoping Collections in Authorization Adapters
-
-`ActiveAdmin::AuthorizationAdapter` also provides a hook method
-(`#scope_collection`) for the adapter to scope the resource's collection. For
-example, you may want to centralize the scoping:
-
-```ruby
-class OnlyMyAccount < ActiveAdmin::AuthorizationAdapter
-
-  def authorized?(action, subject = nil)
-    subject.account == user.account
-  end
-
-  def scope_collection(collection, action = Auth::READ)
-    collection.where(account_id: user.account_id)
-  end
-
-end
-```
-
-All collections presented on Index Screens will be passed through this method
-and will be scoped accordingly.
-
-## Managing Access to Pages
-
-Pages, just like resources, get authorized too. When authorizing a page, the
-subject will be an instance of `ActiveAdmin::Page`.
-
-```ruby
-class OnlyDashboard < ActiveAdmin::AuthorizationAdapter
-  def authorized?(action, subject = nil)
-    case subject
-    when ActiveAdmin::Page
-      action == :read &&
-        subject.name == "Dashboard" &&
-        subject.namespace.name == :admin
-    else
-      false
-    end
-  end
-end
-```
-
-## Action Types
-
-By default Active Admin simplifies the controller actions into 4 actions:
-
-* `:read` - This controls if the user can view the menu item as well as the
-  index and show screens.
-* `:create` - This controls if the user can view the new screen and submit
-  the form to the create action.
-* `:update` - This controls if the user can view the edit screen and submit
-  the form to the update action.
-* `:destroy` - This controls if the user can delete a resource.
-
-Each of these actions is available as a constant. Eg: `:read` is available as
-`ActiveAdmin::Authorization::READ`.
-
-## Checking for Authorization in Controllers and Views
-
-Active Admin provides a helper method to check if the current user is
-authorized to perform an action on a subject.
-
-Use the `#authorized?(action, subject)` method to check.
-
-```ruby
-ActiveAdmin.register Post do
-
-  index do
-    column :title
-    column '' do |post|
-      link_to 'Edit', admin_post_path(post) if authorized? :update, post
-    end
-  end
-
-end
-```
-
-If you are implementing a custom controller action, you can use the
-`#authorize!` method to raise an `ActiveAdmin::AccessDenied` exception.
-
-```ruby
-ActiveAdmin.register Post do
-
-  member_action :publish, method: :post do
-    post = Post.find(params[:id])
-
-    authorize! :publish, post
-    post.publish!
-
-    flash[:notice] = "Post has been published"
-    redirect_to [:admin, post]
-  end
-
-  action_item :publish, only: :show do
-    if !post.published? && authorized?(:publish, post)
-      link_to "Publish", publish_admin_post_path(post), method: :post
-    end
-  end
-
-end
-```
-
-## Using the CanCan Adapter
-
-Sub-classing `ActiveAdmin::AuthorizationAdapter` is fairly low level. Many times
-it's nicer to have a simpler DSL for managing authorization. Active Admin
-provides an adapter out of the box for [CanCanCan](https://github.com/CanCanCommunity/cancancan).
-
-To use the CanCan adapter, update the configuration in the Active Admin
-initializer:
-
-```ruby
-config.authorization_adapter = ActiveAdmin::CanCanAdapter
-```
-
-You can also specify a method to be called on unauthorized access. This is
-necessary in order to prevent a redirect loop that can happen if a user tries to
-access a page they don't have permissions for (see
-[#2081](https://github.com/activeadmin/activeadmin/issues/2081)).
-
-```ruby
-config.on_unauthorized_access = :access_denied
-```
-
-The method `access_denied` would be defined in `application_controller.rb`. Here
-is one example that redirects the user from the page they don't have permission
-to access to a resource they have permission to access (organizations in this
-case), and also displays the error message in the browser:
-
-```ruby
-class ApplicationController < ActionController::Base
-  protect_from_forgery
-
-  def access_denied(exception)
-    redirect_to admin_organizations_path, alert: exception.message
-  end
-end
-```
-
-By default this will use the ability class named "Ability". This can also be
-changed from the initializer:
-
-```ruby
-config.cancan_ability_class = "MyCustomAbility"
-```
-
-Now you can simply use CanCanCan the way that you would expect and
-Active Admin will use it for authorization:
-
-```ruby
-# app/models/ability.rb
-class Ability
-  include CanCan::Ability
-
-  def initialize(user)
-    can :manage, Post
-    can :read, User
-    can :manage, User, id: user.id
-    can :read, ActiveAdmin::Page, name: "Dashboard", namespace_name: "admin"
-  end
-
-end
-```
-
-To view more details about the API's, visit project pages of
-[CanCanCan](https://github.com/CanCanCommunity/cancancan).
-
-## Using the Pundit Adapter
-
-Active Admin also provides an adapter out of the box for
-[Pundit](https://github.com/varvet/pundit).
-
-To use the Pundit adapter, update the configuration in the Active Admin
-initializer:
-
-```ruby
-config.authorization_adapter = ActiveAdmin::PunditAdapter
-```
-
-Once that's done, Active Admin will pick up your Pundit policies, and use
-them for authorization. For more information about setting up Pundit, see
-[their documentation](https://github.com/varvet/pundit#installation).
-
-Pundit also has [verify_authorized and/or verify_policy_scoped
-methods](https://github.com/varvet/pundit#ensuring-policies-and-scopes-are-used)
-to enforce usage of `authorized` and `policy_scope`. This conflicts with Active
-Admin's authorization architecture, so if you're using those features, you'll
-want to disable them for Active Admin's controllers:
-
-```ruby
-class ApplicationController < ActionController::Base
-  include Pundit
-  after_action :verify_authorized, except: :index, unless: :active_admin_controller?
-  after_action :verify_policy_scoped, only: :index, unless: :active_admin_controller?
-
-  def active_admin_controller?
-    is_a?(ActiveAdmin::BaseController)
-  end
-end
-```
-
-If you want to use batch actions, ensure that `destroy_all?` method is defined
-in your policy class. You can use this [template
-policy](https://github.com/activeadmin/activeadmin/blob/master/spec/support/templates/policies/application_policy.rb)
-in your application instead of default one generated by Pundit's
-`rails g pundit:install` command.
-
-In addition, there are [example policies](https://github.com/activeadmin/activeadmin/tree/master/spec/support/templates/policies/active_admin)
-for restricting access to ActiveAdmin's pages and comments.

data/docs/14-gotchas.md

@@ -1,138 +0,0 @@
----
-redirect_from: /docs/14-gotchas.html
----
-
-# Gotchas
-
-## Security
-
-### Spreadsheet applications vulnerable to unescaped CSV data
-
-If your CSV export includes untrusted data provided by your users, it's possible
-that they could include an executable formula that could call arbitrary commands
-on your computer. See
-[#4256](https://github.com/activeadmin/activeadmin/issues/4256) for more
-details.
-
-## Session Commits & Asset Pipeline
-
-When configuring the asset pipeline ensure that the asset prefix
-(`config.assets.prefix`) is not the same as the namespace of ActiveAdmin
-(default namespace is `/admin`). If they are the same Sprockets will prevent the
-session from being committed. Flash messages won't work and you will be unable to
-use the session for storing anything.
-
-For more information see [the following
-post](http://www.intridea.com/blog/2013/3/20/rails-assets-prefix-may-disable-your-session).
-
-## Helpers
-
-There are two known gotchas with helpers. This hopefully will help you to
-find a solution.
-
-### Helpers are not reloading in development
-
-This is a known and still open
-[issue](https://github.com/activeadmin/activeadmin/issues/697) the only way is
-to restart your server each time you change a helper.
-
-### Helper maybe not included by default
-
-If you use `config.action_controller.include_all_helpers = false` in your
-application config, you need to include it by hand.
-
-#### Solutions
-
-##### First use a monkey patch
-
-This works for all ActiveAdmin resources at once.
-
-```ruby
-# config/initializers/active_admin_helpers.rb
-ActiveAdmin::BaseController.class_eval do
-  helper ApplicationHelper
-end
-```
-
-##### Second use the `controller` method
-
-This works only for one resource at a time.
-
-```ruby
-ActiveAdmin.register User do
-  controller do
-    helper UserHelper
-  end
-end
-```
-
-## CSS
-
-In order to avoid the override of your application style with the Active Admin
-one, you can do one of these things:
-
-* You can properly move the generated file `active_admin.scss` from
-  `app/assets/stylesheets` to `vendor/assets/stylesheets`.
-* You can remove all `require_tree` commands from your root level css files,
-  where the `active_admin.scss` is in the tree.
-
-## Conflicts
-
-### With gems that provides a `search` class method on a model
-
-If a gem defines a `search` class method on a model, this can result in conflicts
-with the same method provided by `ransack` (a dependency of ActiveAdmin).
-
-Each of this conflicts need to solved is a different way. Some solutions are
-listed below.
-
-#### `tire`, `retire` and `elasticsearch-rails`
-
-This conflict can be solved, by using explicitly the `search` method of `tire`,
-`retire` or `elasticsearch-rails`:
-
-##### For `tire` and `retire`
-
-```ruby
-YourModel.tire.search
-```
-
-##### For `elasticsearch-rails`
-
-```ruby
-YourModel.__elasticsearch__.search
-```
-
-### Sunspot Solr
-
-```ruby
-YourModel.solr_search
-```
-
-### Rails 5 scaffold generators
-
-Active Admin requires the `inherited_resources` gem which may break scaffolding
-under Rails 5 as it replaces the default scaffold generator. The solution is to
-configure the default controller in `config/application.rb` as outlined in
-[activeadmin/inherited_resources#195](https://github.com/activeadmin/inherited_resources/issues/195)
-
-```ruby
-module SampleApp
-  class Application < Rails::Application
-    ...
-    config.app_generators.scaffold_controller = :scaffold_controller
-    ...
-  end
-end
-```
-
-## Authentication & Application Controller
-
-The `ActiveAdmin::BaseController` inherits from the `ApplicationController`. Any
-authentication method(s) specified in the `ApplicationController` callbacks will
-be called instead of the authentication method in the active admin config file.
-For example, if the ApplicationController has a callback `before_action
-:custom_authentication_method` and the config file's authentication method is
-`config.authentication_method = :authenticate_active_admin_user`, then
-`custom_authentication_method` will be called instead of
-`authenticate_active_admin_user`.