adminpanel 1.2.9 → 1.2.10

data/Gemfile

@@ -11,6 +11,7 @@ gem "bcrypt-ruby", "~> 3.0.0"
 gem "rails-i18n", "~> 3.0.0"
 gem "inherited_resources", "~> 1.3.1"
 gem "google-api-client", "~> 0.7.1"
+gem "cancan", "~> 1.6.10"
 
 group :test do
 	gem "bundler", "~> 1.3"

data/adminpanel.gemspec

@@ -26,6 +26,7 @@ Gem::Specification.new do |spec|
   spec.add_dependency "bcrypt-ruby", "~> 3.0.0"
   spec.add_dependency "rails-i18n", "~> 3.0.0"
   spec.add_dependency "inherited_resources", "~> 1.3.1"
+  spec.add_dependency "cancan", "~> 1.6.10"
   spec.add_dependency "google-api-client", "~> 0.7.1"
 
   spec.add_development_dependency "bundler", "~> 1.3"

data/app/controllers/adminpanel/analytics_controller.rb

@@ -1,6 +1,6 @@
 module Adminpanel
     class AnalyticsController < Adminpanel::ApplicationController
-
+    authorize_resource :class => false
 		skip_before_filter :set_model
 
 		API_VERSION = 'v3'

data/app/controllers/adminpanel/application_controller.rb

@@ -7,13 +7,17 @@ module Adminpanel
         include SessionsHelper
         include RestActionsHelper
 
-        layout "admin"
+        layout 'admin'
 
         before_filter :signed_in_user, :set_model
 
+        rescue_from CanCan::AccessDenied do |exception|
+          sign_out
+          redirect_to signin_path, :alert => I18n.t('authentication.not_authorized')
+        end
 
         def signed_in_user
-            redirect_to signin_url, :notice => "Favor de Iniciar sesion" unless signed_in?
+            redirect_to signin_url, :notice => I18n.t("authentication.welcome") unless signed_in?
         end
 
         def set_model
@@ -24,9 +28,5 @@ module Adminpanel
             sign_out
             super
         end
-
-        # def get_menu_elements
-        #     @menu_items = menu_items
-        # end
     end
 end

data/app/controllers/adminpanel/categories_controller.rb

@@ -1,5 +1,7 @@
 module Adminpanel
   class CategoriesController < ApplicationController
+    load_and_authorize_resource
+
     def index
       @categories = Category.all
     end
@@ -8,30 +10,37 @@ module Adminpanel
       set_collections
       new! do |format|
         format.html { render "shared/new" }
-        format.js {render :locals => {:category => resource, :model => params[:model]}}
+        format.js do
+          render :locals => {:resource => resource}
+        end
       end
     end
 
 
     def create
+      params.merge({:model_name => params[:model_name]}) if params[:model_name].present?
+      params.merge({:model => params[:model]}) if params[:model].present?
+      params.merge({:currentcontroller => params[:currentcontroller]}) if params[:currentcontroller].present?
+
       create! do |success, failure|
         success.html do
-          flash.now[:success] = I18n.t("action.save_success")
-          # render "shared/index"
+          flash[:success] = I18n.t("action.save_success")
           redirect_to categories_path
         end
         failure.html do
           set_collections
           render "shared/new"
         end
-
         success.js do
-           render :locals => {:category => resource }
-
+          if params[:currentcontroller] == 'adminpanel/categories'
+            render 'create', :locals => {:category => resource}
+          else
+            render 'shared/create_has_many', :locals => {:resource => resource}
+          end
         end
         failure.js do
           set_collections
-          render "new", :locals => {:category => resource, :model => resource.model }, :formats => [:js]
+          render "new", :locals => {:resource => resource }
 
         end
       end
@@ -49,7 +58,7 @@ module Adminpanel
     def update
       update! do |success, failure|
         success.html do
-          flash.now[:success] = I18n.t("action.save_success")
+          flash[:success] = I18n.t("action.save_success")
           # render "shared/index"
           redirect_to categories_path
         end

data/app/controllers/adminpanel/galleries_controller.rb

@@ -1,5 +1,7 @@
 module Adminpanel
   class GalleriesController < Adminpanel::ApplicationController
+    load_and_authorize_resource
+    
     def index
       @galleries = Gallery.find(:all)
     end

data/app/controllers/adminpanel/sections_controller.rb

@@ -1,5 +1,7 @@
 module Adminpanel
   class SectionsController < Adminpanel::ApplicationController
+    load_and_authorize_resource
+
     def new
       @section = Section.new
     end

data/app/controllers/adminpanel/sessions_controller.rb

@@ -15,10 +15,10 @@ module Adminpanel
 			user = User.find_by_email(params[:session][:email].downcase)
 			if user && user.authenticate(params[:session][:password])
 					sign_in user
-					flash[:success] = I18n.t("authentication.signin success")
+					flash[:success] = I18n.t("authentication.signin_success")
 					redirect_to root_url
 			else
-				flash.now[:error] = I18n.t("authentication.signin error")
+				flash.now[:error] = I18n.t("authentication.signin_error")
 				render 'new'
 			end
 		end

data/app/controllers/adminpanel/users_controller.rb

@@ -1,5 +1,7 @@
 module Adminpanel
   class UsersController < Adminpanel::ApplicationController
+    # authorize_resource :class => false
+    load_and_authorize_resource
     # GET /admin/users
     # GET /admin/users.json
     # def index

data/app/helpers/adminpanel/custom_form_builder.rb

@@ -123,6 +123,30 @@ module Adminpanel
 			)
 		end
 
+		def boolean(name, *args)
+			options = args.extract_options!
+
+			@template.content_tag(
+				:div,
+				@template.content_tag(
+					:div,
+					options['label'],
+					:class => 'control-label') +
+					@template.content_tag(
+						:div,
+						@template.content_tag(
+							:label,
+							check_box(
+								name
+							),
+							:class => 'checkbox'
+						),
+						:class => 'controls'
+					),
+				:class => 'control-group'
+			)
+		end
+
 		def select(name, select_options, *args)
 			options = args.extract_options!
 

data/app/helpers/adminpanel/rest_actions_helper.rb

@@ -16,22 +16,39 @@ module Adminpanel
 			set_collections
       new! do |format|
         format.html { render "shared/new" }
+				format.js { render 'shared/new', :locals => { :resource => resource }}
       end
 		end
 
 		def create
-      create! do |success, failure|
-        success.html do
-        	flash.now[:success] = I18n.t("action.save_success")
-          render "shared/index"
-        end
-        failure.html do
+			params.merge({:model => params[:model]}) if params[:model].present?
+			params.merge({:model_name => params[:model_name]}) if params[:model_name].present?
+			params.merge({:belongs_request => params[:belongs_request]}) if params[:belongs_request].present?
+			create! do |success, failure|
+				success.html do
+					flash[:success] = I18n.t("action.save_success")
+					redirect_to resource
+				end
+				failure.html do
 					set_collections
-        	render "shared/new"
+					render "shared/new"
 				end
-      end
+				success.js do
+					flash.now[:success] = I18n.t("action.save_success")
+					if params[:belongs_request]
+						render 'shared/create_belongs_to', :locals => {:resource => resource }
+					else
+						render 'shared/create_has_many', :locals => {:resource => resource }
+					end
+				end
+				failure.js do
+					set_collections
+					render 'shared/new', :locals => {:resource => resource }
+				end
+			end
 		end
 
+
 		def edit
       edit! do |format|
         format.html do
@@ -44,7 +61,7 @@ module Adminpanel
 		def update
       update! do |success, failure|
         success.html do
-        	flash.now[:success] = I18n.t("action.save_success")
+        	flash[:success] = I18n.t("action.save_success")
         	render "shared/index"
         end
         failure.html do

data/app/helpers/adminpanel/shared_pages_helper.rb

@@ -5,8 +5,9 @@ module Adminpanel
         if association.klass.to_s == parent_model
         	if !resource.send(association.name).nil?
         		return resource.send(association.name).name
+						# return resource.client
         	else
-        		return "N/A"
+        		return "N/A #{association.klass.to_s}"
         	end
         end
       end

data/app/models/adminpanel/group.rb

@@ -0,0 +1,6 @@
+module Adminpanel
+  class Group < ActiveRecord::Base
+    attr_accessible :name
+
+  end
+end

data/app/models/adminpanel/user.rb

@@ -1,7 +1,11 @@
 module Adminpanel
   class User < ActiveRecord::Base
-    attr_accessible :email, :name, :password, :password_confirmation
+    attr_accessible :email, :name, :password, :password_confirmation, :group_id
     has_secure_password
+    belongs_to :group
+
+  #group validation
+    validates_presence_of :group_id
 
   #name validations
     validates_presence_of :name
@@ -30,10 +34,49 @@ module Adminpanel
 
     def self.form_attributes
       [
-        {"name" => {"type" => "text_field", "name" => "Nombre", 'label' => "Nombre", "placeholder" => "Nombre"}},
-        {"email" => {"type" => "text_field", "name" => "Correo", 'label' => 'Correo', 'placeholder' => 'Correo'}},
-        {"password" => {"type" => "password_field", "name" => "Contrasena", 'label' => I18n.t('model.attributes.password'), "placeholder" => I18n.t('model.attributes.password'), 'show' => 'false'}},
-        {"password_confirmation" => {"type" => "password_field", "name" => "Confirmacion de contrasena", 'placeholder' => I18n.t('model.attributes.password_confirmation'), 'label' => I18n.t('model.attributes.password_confirmation'), 'show' => 'false'}},
+        {
+          'name' => {
+            'type' => 'text_field',
+            'name' => 'Nombre',
+            'label' => 'Nombre',
+            'placeholder' => 'Nombre'
+            }
+        },
+        {
+          'email' => {
+            'type' => 'text_field',
+            'name' => 'Correo',
+            'label' => 'Correo',
+            'placeholder' => 'Correo'
+          }
+        },
+        {
+          'password' => {
+            'type' => 'password_field',
+            'name' => 'Contrasena',
+            'label' => I18n.t('model.attributes.password'),
+            'placeholder' => I18n.t('model.attributes.password'),
+            'show' => 'false'
+          }
+        },
+        {
+          'password_confirmation' => {
+            'type' => 'password_field',
+            'name' => 'Confirmacion de contrasena',
+            'placeholder' => I18n.t('model.attributes.password_confirmation'),
+            'label' => I18n.t('model.attributes.password_confirmation'),
+            'show' => 'false'
+          }
+        },
+        {
+          'group_id' => {
+            'type' => 'belongs_to',
+            'model' => 'Adminpanel::Group',
+            'remote_resource' => false,
+            'placeholder' => I18n.t('model.attributes.group_id'),
+            'label' => I18n.t('model.attributes.group_id')
+          }
+        },
       ]
     end
 

data/app/views/adminpanel/categories/_categories_table.html.erb

@@ -15,9 +15,10 @@
       {
         :controller => params[:controller],
         :action => "new",
-      :"model" => model
+        :"model" => model,
+        :currentcontroller => params[:controller]
       },
-      :"data-target" => '#example_modal',
+      :"data-target" => '#new-category',
       :"data-toggle" => 'modal',
       :remote => true
     )

data/app/views/adminpanel/categories/_category_form.html.erb

@@ -1,13 +1,13 @@
-<%= custom_form_for(resource, :remote => true, :html => {:class => "form-horizontal", :id => "new_resource"}) do |f| -%>
+<%= custom_form_for(resource, :url => {:action => :create, :model => params[:model], :model_name => params[:model_name], :currentcontroller => params[:currentcontroller]}, :remote => true, :html => {:class => "form-horizontal", :id => "new-category-form"}) do |f| -%>
   <div class="row-fluid">
     <div class="modal-body">
         <%= render 'shared/error_messages', :object => resource %>
-        <%= render 'shared/form_fields', :f => f %>
-        <%= f.hidden_field :model, :value => model %>
+        <%= render 'shared/form_fields', :f => f, :remote_request => true %>
+        <%= f.hidden_field :model, :value => params[:model] %>
     </div>
   </div>
   <div class="modal-footer">
     <button id="modal-button" class="btn" data-dismiss="modal" aria-hidden="true"><%= I18n.t('action.close') %></button>
-    <%= f.submit t("action.add") + " " + @model.display_name, :disable_with => t("action.submitting"), :id =>"new-resource-button" %>
+    <%= f.submit t("action.add") + " " + @model.display_name, :disable_with => t("action.submitting"), :id =>"new-#{@model.name.demodulize}-button" %>
   </div>
 <% end -%>

data/app/views/adminpanel/categories/create.js.erb

@@ -1,4 +1,5 @@
-$("#modal-button").trigger("click");
+// $("#modal-button").trigger("click");
+$('#new-category').modal('toggle');
 row = "<tr><td><%= escape_javascript link_to resource.name, category_path(resource) %></td>";
 row = row + "<td><%= escape_javascript link_to content_tag(:i, nil, :class => 'icon-pencil'), edit_category_path(category), :title => 'Editar' %> ";
 row = row + "<%= escape_javascript link_to content_tag(:i, nil, :class => 'icon-remove'),[category], :title => 'Editar', :method => :delete %></td>";

data/app/views/adminpanel/categories/index.html.erb

@@ -46,7 +46,7 @@
 </div>
 
 <!-- example modal -->
-<div id="example_modal" class="modal hide fade" tabindex="-1" role="dialog" aria-labelledby="myModalLabel" aria-hidden="true">
+<div id="new-category" class="modal hide fade" tabindex="-1" role="dialog" aria-labelledby="myModalLabel" aria-hidden="true">
   <div class="modal-header" id="modal-header">
     <button type="button" class="close" data-dismiss="modal" aria-hidden="true">×</button>
     <h3 id="myModalLabel">Crear Categoría</h3>

data/app/views/adminpanel/categories/new.js.erb

@@ -1 +1,2 @@
-$("#modal-container").html('<%= escape_javascript(render "category_form", :resource => resource, :model => model) %>');
+$("#modal-title").html('Agregar <%= @model.display_name %>');
+$("#modal-container").html('<%= escape_javascript(render "category_form", :resource => resource) %>');

data/app/views/layouts/_side_menu.html.erb

@@ -2,34 +2,36 @@
 <div class="sidebar-nav nav-collapse collapse" id="sidebar-navigation">
 	<div class="user_side clearfix">
 		<h5>
-			<%= @current_user.name.humanize %>
+			<%= current_user.name.humanize %>
 		</h5>
 		<%=
 		link_to(
-			content_tag(:i, nil, :class => 'icon-cog') + ' Editar',
-			edit_user_path(@current_user)
+			"#{current_user.group.name}",
+			"#"
 		)
 		%>
 	</div>
 	<div class="accordion" id="accordion2">
 		<% Adminpanel.displayable_resources.each do |resource| %>
 			<% resource_class = symbol_class(resource) %>
-			<div class="accordion-group">
-				<div class="accordion-heading">
-					<%=
-					link_to(
-						content_tag(
-							:i,
-							nil,
-							:class => resource_class.icon) +
-							content_tag(:span," #{resource_class.display_name}"),
-						[route_symbol(resource.to_s)],
-						:class => "accordion-toggle b_99FFCC
-							#{is_current_section?(resource_class.display_name)}"
-					)
-					%>
+			<% if can? :read, resource_class %>
+				<div class="accordion-group">
+					<div class="accordion-heading">
+						<%=
+						link_to(
+							content_tag(
+								:i,
+								nil,
+								:class => resource_class.icon) +
+								content_tag(:span," #{resource_class.display_name}"),
+							[route_symbol(resource.to_s)],
+							:class => "accordion-toggle b_99FFCC
+								#{is_current_section?(resource_class.display_name)}"
+						)
+						%>
+					</div>
 				</div>
-			</div>
+			<% end %>
 		<% end %>
 
 	</div>

data/app/views/layouts/_top_bar.html.erb

@@ -2,7 +2,7 @@
   <div class="navbar-inner">
     <div class="container-fluid">
       <div class="logo">
-        <%= link_to image_tag("adminpanel/codn.png", :alt => "logo"), main_root_path %>
+        <%= link_to image_tag("adminpanel/codn.png", :alt => "logo"), main_root_path, :target => '_blank' %>
       </div>
       <% if signed_in? %>
          <a class="btn btn-navbar visible-phone" data-toggle="collapse" data-target=".nav-collapse">