administrate 0.8.1 → 0.9.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: bbf40650e2f1b5fef6121aed98256dfc8225bb12
-  data.tar.gz: ec4394132d9e3b0f5117b95e26dcbc8d3fca3bea
+SHA256:
+  metadata.gz: 200650aa4703202324342f17c6e1bce7642309664b28149e3aa5763d708af7cf
+  data.tar.gz: 2b49177bd91bc20d1c5ffcb15fb33497339163e5058e24c39d82ef7fba6bdae9
 SHA512:
-  metadata.gz: 9e9014f2e04d659e1ca3d8e7fdb3b54f55097bfb8911279baf03f5114db200d4de3cc4a1b0fe745d70e033aa790e43e50a1f5b7f708897623cfeff75b156204b
-  data.tar.gz: 23896d95877e97096300d8412b9a5ff9332aceb3f9aabee06cd297f6641a01bfe6a0e86b2b6c48cd55f047decb0d77935e21874bba5459a118cde5051a28adee
+  metadata.gz: 56aa3cfb03420e71ee5ce158e3ce2d98b04a2038d8322b84dcddf4ebca67e27c599806d58d61d8f7c2d39f1bec4a723ac47f2157e73ae54df0e7249e6d37a9fd
+  data.tar.gz: 6856dcf40b1cabea4b46e580f1379e07a79fca813040c39ae7e5018e1fb2a0c55e62ed4940872f5a28b983f762a276808b47d3954593660fd81a170f01ddf749

data/app/assets/stylesheets/administrate/components/_cells.scss

@@ -1,6 +1,4 @@
 .cell-label {
-  position: relative;
-
   &:hover {
     a {
       color: $action-color;
@@ -26,10 +24,8 @@
 }
 
 .cell-label__sort-indicator {
-  display: inline-block;
-  overflow: hidden;
-  position: absolute;
-  right: 0;
+  float: right;
+  margin-left: 5px;
 
   svg {
     fill: $hint-grey;

data/app/assets/stylesheets/docs.scss

@@ -80,6 +80,7 @@ code {
     padding-left: 1rem;
 
     .hljs-string { color: $code-green; }
+    .hljs-subst { color: $code-white; }
     .hljs-constant { color: $code-blue; }
     .hljs-symbol { color: $code-red; }
     .hljs-keyword { color: $code-yellow; }

data/app/controllers/administrate/application_controller.rb

@@ -27,8 +27,10 @@ module Administrate
     end
 
     def new
+      resource = resource_class.new
+      authorize_resource(resource)
       render locals: {
-        page: Administrate::Page::Form.new(dashboard, resource_class.new),
+        page: Administrate::Page::Form.new(dashboard, resource),
       }
     end
 
@@ -40,6 +42,7 @@ module Administrate
 
     def create
       resource = resource_class.new(resource_params)
+      authorize_resource(resource)
 
       if resource.save
         redirect_to(
@@ -103,7 +106,9 @@ module Administrate
     end
 
     def requested_resource
-      @_requested_resource ||= find_resource(params[:id])
+      @_requested_resource ||= find_resource(params[:id]).tap do |resource|
+        authorize_resource(resource)
+      end
     end
 
     def find_resource(param)
@@ -120,7 +125,20 @@ module Administrate
 
     def resource_params
       params.require(resource_class.model_name.param_key).
-        permit(dashboard.permitted_attributes)
+        permit(dashboard.permitted_attributes).
+        transform_values { |v| read_param_value(v) }
+    end
+
+    def read_param_value(data)
+      if data.is_a?(ActionController::Parameters) && data[:type]
+        if data[:type] == Administrate::Field::Polymorphic.to_s
+          GlobalID::Locator.locate(data[:value])
+        else
+          raise "Unrecognised param data: #{data.inspect}"
+        end
+      else
+        data
+      end
     end
 
     delegate :dashboard_class, :resource_class, :resource_name, :namespace,
@@ -145,5 +163,19 @@ module Administrate
         dashboard.collection_attributes
       ).any? { |_name, attribute| attribute.searchable? }
     end
+
+    def show_action?(action, resource)
+      true
+    end
+    helper_method :show_action?
+
+    def new_resource
+      resource_class.new
+    end
+    helper_method :new_resource
+
+    def authorize_resource(resource)
+      resource
+    end
   end
 end

data/app/controllers/concerns/administrate/punditize.rb

@@ -0,0 +1,36 @@
+if Object.const_defined?("Pundit")
+  module Administrate
+    module Punditize
+      extend ActiveSupport::Concern
+      include Pundit
+
+      included do
+        def scoped_resource
+          policy_scope_admin super
+        end
+
+        def authorize_resource(resource)
+          authorize resource
+        end
+
+        def show_action?(action, resource)
+          Pundit.policy!(pundit_user, resource).send("#{action}?".to_sym)
+        end
+      end
+
+      private
+
+      # Like the policy_scope method in stock Pundit, but allows the 'resolve'
+      # to be overridden by 'resolve_admin' for a different index scope in Admin
+      # controllers.
+      def policy_scope_admin(scope)
+        ps = Pundit::PolicyFinder.new(scope).scope!.new(pundit_user, scope)
+        if ps.respond_to? :resolve_admin
+          ps.resolve_admin
+        else
+          ps.resolve
+        end
+      end
+    end
+  end
+end

data/app/helpers/administrate/application_helper.rb

@@ -7,11 +7,12 @@ module Administrate
       render locals: locals, partial: field.to_partial_path
     end
 
+    def class_from_resource(resource_name)
+      resource_name.to_s.classify.constantize
+    end
+
     def display_resource_name(resource_name)
-      resource_name.
-        to_s.
-        classify.
-        constantize.
+      class_from_resource(resource_name).
         model_name.
         human(
           count: PLURAL_MANY_COUNT,
@@ -27,6 +28,10 @@ module Administrate
       end
     end
 
+    def resource_index_route_key(resource_name)
+      ActiveModel::Naming.route_key(class_from_resource(resource_name))
+    end
+
     def sanitized_order_params
       params.permit(:search, :id, :order, :page, :per_page, :direction, :orders)
     end

data/app/views/administrate/application/_collection.html.erb

@@ -63,11 +63,13 @@ to display a collection of resources in an HTML table.
           >
         <% collection_presenter.attributes_for(resource).each do |attribute| %>
           <td class="cell-data cell-data--<%= attribute.html_class %>">
-            <a href="<%= polymorphic_path([namespace, resource]) -%>"
-               class="action-show"
-               >
-              <%= render_field attribute %>
-            </a>
+            <% if show_action? :show, resource -%>
+              <a href="<%= polymorphic_path([namespace, resource]) -%>"
+                 class="action-show"
+                 >
+                <%= render_field attribute %>
+              </a>
+            <% end -%>
           </td>
         <% end %>
 
@@ -76,7 +78,7 @@ to display a collection of resources in an HTML table.
             t("administrate.actions.edit"),
             [:edit, namespace, resource],
             class: "action-edit",
-          ) %></td>
+          ) if show_action? :edit, resource%></td>
         <% end %>
 
         <% if valid_action? :destroy, collection_presenter.resource_name %>
@@ -86,7 +88,7 @@ to display a collection of resources in an HTML table.
             class: "text-color-red",
             method: :delete,
             data: { confirm: t("administrate.actions.confirm") }
-          ) %></td>
+          ) if show_action? :destroy, resource %></td>
         <% end %>
       </tr>
     <% end %>

data/app/views/administrate/application/_form.html.erb

@@ -18,8 +18,11 @@ and renders all form fields for a resource's editable attributes.
   <% if page.resource.errors.any? %>
     <div id="error_explanation">
       <h2>
-        <%= pluralize(page.resource.errors.count, "error") %>
-        prohibited this <%= page.resource_name %> from being saved:
+        <%= t(
+          "administrate.form.errors",
+          pluralized_errors: pluralize(page.resource.errors.count, t("administrate.form.error")),
+          resource_name: display_resource_name(page.resource_name)
+        ) %>
       </h2>
 
       <ul>

data/app/views/administrate/application/_navigation.html.erb

@@ -11,7 +11,7 @@ as defined by the routes in the `admin/` namespace
   <% Administrate::Namespace.new(namespace).resources.each do |resource| %>
     <%= link_to(
       display_resource_name(resource),
-      [namespace, resource.path],
+      [namespace, resource_index_route_key(resource)],
       class: "navigation__link navigation__link--#{nav_link_state(resource)}"
     ) %>
   <% end %>

data/app/views/administrate/application/edit.html.erb

@@ -15,7 +15,7 @@ It displays a header, and renders the `_form` partial to do the heavy lifting.
 [1]: http://www.rubydoc.info/gems/administrate/Administrate/Page/Form
 %>
 
-<% content_for(:title) { "#{t("administrate.actions.edit")} #{page.page_title}" } %>
+<% content_for(:title) { t("administrate.actions.edit_resource", name: page.page_title) } %>
 
 <header class="main-content__header" role="banner">
   <h1 class="main-content__page-title">
@@ -24,10 +24,10 @@ It displays a header, and renders the `_form` partial to do the heavy lifting.
 
   <div>
     <%= link_to(
-      "#{t("administrate.actions.show")} #{page.page_title}",
+      t("administrate.actions.show_resource", name: page.page_title),
       [namespace, page.resource],
       class: "button",
-    ) if valid_action? :show %>
+    ) if valid_action?(:show) && show_action?(:show, page.resource) %>
   </div>
 </header>
 

data/app/views/administrate/application/index.html.erb

@@ -42,10 +42,13 @@ It renders the `_table` partial to display details about the resources.
 
   <div>
     <%= link_to(
-      "#{t("administrate.actions.new")} #{page.resource_name.titleize.downcase}",
+      t(
+        "administrate.actions.new_resource",
+        name: page.resource_name.titleize.downcase
+      ),
       [:new, namespace, page.resource_path],
       class: "button",
-    ) if valid_action? :new %>
+    ) if valid_action?(:new) && show_action?(:new, new_resource) %>
   </div>
 </header>
 

data/app/views/administrate/application/new.html.erb

@@ -15,7 +15,12 @@ to do the heavy lifting.
 [1]: http://www.rubydoc.info/gems/administrate/Administrate/Page/Form
 %>
 
-<% content_for(:title) { "#{t("administrate.actions.new")} #{page.resource_name.titleize}" } %>
+<% content_for(:title) do %>
+  <%= t(
+    "administrate.actions.new_resource",
+    name: display_resource_name(page.resource_name).titleize
+  ) %>
+<% end %>
 
 <header class="main-content__header" role="banner">
   <h1 class="main-content__page-title">

data/app/views/administrate/application/show.html.erb

@@ -16,7 +16,7 @@ as well as a link to its edit page.
 [1]: http://www.rubydoc.info/gems/administrate/Administrate/Page/Show
 %>
 
-<% content_for(:title) { "#{t("administrate.actions.show")} #{page.page_title}" } %>
+<% content_for(:title) { t("administrate.actions.show_resource", name: page.page_title) } %>
 
 <header class="main-content__header" role="banner">
   <h1 class="main-content__page-title">
@@ -25,10 +25,10 @@ as well as a link to its edit page.
 
   <div>
     <%= link_to(
-      "#{t("administrate.actions.edit")} #{page.page_title}",
+      t("administrate.actions.edit_resource", name: page.page_title),
       [:edit, namespace, page.resource],
       class: "button",
-    ) if valid_action? :edit %>
+    ) if valid_action?(:edit) && show_action?(:edit, page.resource) %>
   </div>
 </header>
 

data/app/views/fields/has_many/_index.html.erb

@@ -16,4 +16,4 @@ as a count of how many objects are associated through the relationship.
 [1]: http://www.rubydoc.info/gems/administrate/Administrate/Field/HasMany
 %>
 
-<%= pluralize(field.data.size, field.attribute.to_s.humanize.downcase) %>
+<%= pluralize(field.data.size, field.attribute.to_s.humanize.downcase.singularize) %>

data/app/views/fields/polymorphic/_form.html.erb

@@ -18,10 +18,15 @@ so this partial renders a message to that effect.
 [1]: http://www.rubydoc.info/gems/administrate/Administrate/Field/Polymorphic
 %>
 
-<div class="field-unit__label">
-  <%= f.label field.name %>
-</div>
+<%= f.fields_for field.attribute do |pf| %>
+  <div class="field-unit__label">
+    <%= pf.label :value, field.name.humanize %>
+  </div>
 
-<div class="field-unit__field">
-  <%= t("administrate.fields.polymorphic.not_supported") %>
-</div>
+  <div class="field-unit__field">
+    <%= pf.hidden_field(:type, value: field.class.name) %>
+    <%= pf.select(:value) do %>
+      <%= grouped_options_for_select(field.associated_resource_grouped_options, field.selected_global_id, prompt: true) %>
+    <% end %>
+  </div>
+<% end %>

data/app/views/fields/polymorphic/_show.html.erb

@@ -17,8 +17,12 @@ By default, the relationship is rendered as a link to the associated object.
 %>
 
 <% if field.data %>
-  <%= link_to(
-    field.display_associated_resource,
-    [namespace, field.data],
-  ) %>
+  <% if valid_action?(:show, field.attribute) %>
+    <%= link_to(
+      field.display_associated_resource,
+      [namespace, field.data],
+    ) %>
+  <% else %>
+    <%= field.display_associated_resource %>
+  <% end %>
 <% end %>

data/config/locales/administrate.ar.yml

@@ -5,8 +5,9 @@ ar:
       confirm: "هل أنت متأكد ؟"
       destroy: "حذف"
       edit: "تعديل"
-      show: "إظهار"
-      new: "جديد"
+      edit_resource: "تعديل %{name}"
+      show_resource: "إظهار %{name}"
+      new_resource: "جديد  %{name}"
       back: "الى الخلف"
     controller:
       create:
@@ -19,10 +20,9 @@ ar:
       has_many:
         more: إظهار %{count} من %{total_count}
         none: "لا يوجد"
-      polymorphic:
-        not_supported: "غير مدعمه \"Polymorphic\" هذه العلاقه"
-      has_one:
-        not_supported: "غير مدعمه \"HasOne\" هذه العلاقه"
+    form:
+      error: error
+      errors: "%{pluralized_errors} prohibited this %{resource_name} from being saved:"
     search:
       clear: مسح البحث
       label: بحث %{resource}

data/config/locales/administrate.bs.yml

@@ -0,0 +1,27 @@
+bs:
+  administrate:
+    actions:
+      confirm: Jeste li sigurni?
+      destroy: Izbrisati
+      edit: Izmjena
+      edit_resource: Izmjena %{name}
+      show_resource: Pregled %{name}
+      new_resource: Novi %{name}
+      back: Nazad
+    controller:
+      create:
+        success: "%{resource} je uspješno kreiran."
+      destroy:
+        success: "%{resource} je uspješno izbrisan."
+      update:
+        success: "%{resource} je uspješno izmijenjen."
+    fields:
+      has_many:
+        more: Prikazuje %{count} od %{total_count}
+        none: Niko
+    form:
+      error: error
+      errors: "%{pluralized_errors} prohibited this %{resource_name} from being saved:"
+    search:
+      clear: Izbriši pretraživanje
+      label: Pretraga %{resource}

data/config/locales/administrate.ca.yml

@@ -0,0 +1,28 @@
+---
+ca:
+  administrate:
+    actions:
+      confirm: Estàs segur?
+      destroy: Destruir
+      edit: Editar
+      edit_resource: Edita %{name}
+      show_resource: Mostra %{name}
+      new_resource: Nou %{name}
+      back: Tornar
+    controller:
+      create:
+        success: "%{resource} s'ha creat amb èxit."
+      destroy:
+        success: "%{resource} s'ha destruït amb èxit."
+      update:
+        success: "%{resource} s'ha actualitzat amb èxit."
+    fields:
+      has_many:
+        more: Mostrant %{count} de %{total_count}
+        none: Cap
+    form:
+      error: error
+      errors: "%{pluralized_errors} han impedit que %{resource_name} es guardés amb èxit:"
+    search:
+      clear: Esborrar la cerca
+      label: Cerca %{resource}