adva_comments 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: e97b4790dbbafc5bd5a7b1587994a0376996f0afbfaa066105f48be741a60c39
+  data.tar.gz: 7c89022fc00fd8ce186d011b2d7b0e732094613e7d2f410f9be8f01e6a8b0fa0
+SHA512:
+  metadata.gz: b791d5fa817b56fe2ffd25ea6fbfcb150ec3e89506b17199e2234895442d36d134be438897878b915982e77631d995a0b6409b7e395f601fca0ee866a7e5ebc2
+  data.tar.gz: 0a5b0ad8cd654fc989e41d19616ffa513502132272238eb81b9a5eca98aa76074d51f88abc73ba6d0ac4e1f32921b153f3a90530294c86933615ae931fdcd92e

data/.gitignore

@@ -0,0 +1,17 @@
+*.gem
+*.rbc
+.bundle
+.config
+.yardoc
+Gemfile.lock
+InstalledFiles
+_yardoc
+coverage
+doc/
+lib/bundler/man
+pkg
+rdoc
+spec/reports
+test/tmp
+test/version_tmp
+tmp

data/Gemfile

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in adva_comments.gemspec
+gemspec

data/LICENSE

@@ -0,0 +1,22 @@
+Copyright (c) 2012 Micah Geisel
+
+MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,29 @@
+# AdvaComments
+
+TODO: Write a gem description
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+    gem 'adva_comments'
+
+And then execute:
+
+    $ bundle
+
+Or install it yourself as:
+
+    $ gem install adva_comments
+
+## Usage
+
+TODO: Write usage instructions here
+
+## Contributing
+
+1. Fork it
+2. Create your feature branch (`git checkout -b my-new-feature`)
+3. Commit your changes (`git commit -am 'Added some feature'`)
+4. Push to the branch (`git push origin my-new-feature`)
+5. Create new Pull Request

data/Rakefile

@@ -0,0 +1,2 @@
+#!/usr/bin/env rake
+require "bundler/gem_tasks"

data/adva_comments.gemspec

@@ -0,0 +1,20 @@
+# -*- encoding: utf-8 -*-
+require File.expand_path('../lib/adva_comments/version', __FILE__)
+
+Gem::Specification.new do |gem|
+  gem.authors       = ["Micah Geisel"]
+  gem.email         = ["micah@botandrose.com"]
+  gem.description   = %q{Adva Comments}
+  gem.summary       = %q{Engine for Adva CMS commenting component}
+  gem.homepage      = ""
+
+  gem.files         = `git ls-files`.split($\)
+  gem.executables   = gem.files.grep(%r{^bin/}).map{ |f| File.basename(f) }
+  gem.test_files    = gem.files.grep(%r{^(test|spec|features)/})
+  gem.name          = "adva_comments"
+  gem.require_paths = ["lib"]
+  gem.version       = AdvaComments::VERSION
+
+  gem.add_dependency "validates_email_format_of"
+  gem.add_dependency "invisible_captcha"
+end

data/app/assets/javascripts/adva_comments/jquery.comments.js

@@ -0,0 +1,41 @@
+var CommentForm = {
+  init: function() {
+		var user_name = Cookie.get('uname');
+    if (user_name) {
+    	user_name = unescape(user_name).replace(/\+/g, " ");
+			try { $('#registered_author span').each(function() { $(this).html(user_name); }); } catch(err) {}
+			try { $('#registered_author').show(); } catch(err) {}
+			try { $('#anonymous_author').hide();  } catch(err) {}
+    }
+  }
+};
+
+var Comment = {
+  preview: function(event) {
+    event.preventDefault();
+    $.ajax({
+      url: this.href,
+      type: 'post',
+      dataType: 'html',
+      data: $('form#comment_form').serializeArray(),
+      success: function(data, status) {
+        $('#preview').html(data);
+      },
+      beforeSend: function(xhr) {
+        $('#comment_preview_spinner').show();
+      },
+      complete: function(xhr, status) {
+        $('#comment_preview_spinner').hide();
+      }
+    });
+  }
+}
+
+$(document).ready(function() {
+  if($('#anonymous_author')) {
+	  CommentForm.init();
+  }
+
+  $('a#preview_comment').show();
+  $('a#preview_comment').click(Comment.preview);
+});

data/app/assets/stylesheets/adva_comments/admin/comments.scss

@@ -0,0 +1,34 @@
+#comments_list {
+  list-style-type: none;
+  margin: 0;
+  padding: 0;
+}
+#comments_list li {
+  margin-top: 15px;
+	padding: 0 40px 0 25px;
+	background: image_url("adva_cms/icons/comment.png") no-repeat left 3px;
+}
+#comments_list li.highlight {
+  padding: 20px 20px 20px 55px !important;
+  padding-bottom: 3px;
+  border: 1px solid #add;
+  background-color: #eaf6f6 !important;
+  margin: 20px 0;	
+}
+#comments_list .actions {
+  float: right;
+  margin-top: -1px;
+  height: 20px;
+  line-height: 20px;
+  overflow: hidden;
+}
+#comments_list .actions a {
+  margin-top: -2px;
+}
+#comments_list blockquote {
+	margin: 0;
+}
+#comments_list cite {
+  font-size: 12px;
+	font-style: normal;
+}

data/app/assets/stylesheets/adva_comments/comments.scss

@@ -0,0 +1,50 @@
+/* COMMENTS */
+
+#comments {
+	padding-bottom: 9px;
+}
+#comments h3 {
+  font-size: 18px; 
+  line-height: 18px; 
+  margin: 18px 0 18px 0;
+}
+#comments ol {
+	list-style-type: none;
+	margin-left: 0;
+}
+#comments ol li {
+	padding-bottom: 17px;
+	margin-bottom: 18px;
+	border-bottom: 1px solid #bbb;
+}
+#comments .meta p {
+	margin: 0;
+}
+#comments .comment {
+	padding-left: 220px;
+}
+
+/* COMMENTS FORM */
+
+#comment_form_wrapper {
+	padding-left: 220px;
+	padding-bottom: 9px;
+	margin-bottom: 26px;
+	border-bottom: 1px solid #bbb;
+}
+#comment_user {
+	float: right;
+	margin-top: 3px;
+}
+#comment_form label {
+	display: block;
+	float: left;
+	width: 100px;
+}
+#comment_form input {
+	width: 180px;
+}
+#comment_form textarea {
+	height: 150px;
+	width: 99%;
+}

data/app/controllers/admin/comments_controller.rb

@@ -0,0 +1,86 @@
+class Admin::CommentsController < Admin::BaseController
+  layout "admin"
+
+  before_action :set_comment, :only => [:edit, :update, :destroy]
+  before_action :set_commentable, :set_comment_params, :only => :create
+  after_action :postback_spaminess, :only => [:update]
+
+  def index
+    # FIXME how to remove the Topic dependency here? 
+    # maybe make Comment a subclass of Comment::Base or something so that we can use STI to exclude 
+    # special comment types?
+    @comments = @site.comments.where(['commentable_type NOT IN (?)', 'Topic']).
+      reorder("comments.created_at DESC").
+      paginate(:page => current_page, :per_page => 25)
+  end
+
+  def edit
+  end
+
+  def update
+    if @comment.update params[:comment]
+      trigger_events @comment
+      flash[:notice] = t(:'adva.comments.flash.update.success')
+      redirect_to params[:return_to] || admin_comments_url
+    else
+      flash.now[:error] = t(:'adva.comments.flash.update.failure')
+      render :action => :edit
+    end
+  end
+
+  def destroy
+    @comment.destroy
+    trigger_events @comment
+    flash[:notice] = t(:'adva.comments.flash.destroy.success')
+    redirect_to params[:return_to] || admin_comments_url
+  end
+
+  private
+
+    def set_menu
+      @menu = Menus::Admin::Comments.new
+    end
+
+    def set_commentable
+      type, id = params[:comment].values_at(:commentable_type, :commentable_id)
+      @commentable = type.constantize.find id
+    end
+
+    def set_comment_params
+      params[:comment].merge! :site_id => @commentable.site_id,
+                              :section_id => @commentable.section_id,
+                              :author => current_user
+    end
+
+    def set_comment
+      @comment = Comment.find(params[:id])
+    end
+    
+    def filter_options options
+      case params[:filter]
+      when 'state'
+        params[:state] == 'approved' ? options[:conditions] = "approved = '1'" : options[:conditions] = "approved = '0'"
+      when 'body'
+        options[:conditions] = Comment.send(:sanitize_sql, ["LOWER(body) LIKE :query", {:query => "%#{params[:query].downcase}%"}])
+      when 'author_name'
+        options[:conditions] = Comment.send(:sanitize_sql, ["LOWER(author_name) LIKE :query", {:query => "%#{params[:query].downcase}%"}])
+      when 'author_email'
+        options[:conditions] = Comment.send(:sanitize_sql, ["LOWER(author_email) LIKE :query", {:query => "%#{params[:query].downcase}%"}])
+      when 'author_homepage'
+        options[:conditions] = Comment.send(:sanitize_sql, ["LOWER(author_homepage) LIKE :query", {:query => "%#{params[:query].downcase}%"}])
+      end
+      options
+    end
+
+    def postback_spaminess
+      if @comment.approved_changed? and @site.respond_to?(:spam_engine)
+        spaminess = @comment.approved? ? :ham : :spam
+        @site.spam_engine.mark_spaminess(spaminess, @comment, :url => show_url(@comment.commentable))
+      end
+    end
+
+    def current_resource
+      @comment ? @comment.commentable : @content || @section || @site
+    end
+end
+

data/app/controllers/comments_controller.rb

@@ -0,0 +1,109 @@
+class CommentsController < BaseController
+  # TODO apparently it is not possible to use protect_from_forgery with
+  # page cached forms? is that correct? as protect_from_forgery seems to
+  # validate the form token against the session and ideally when all pages
+  # and assets are cached there is no session at all this seems to make sense.
+  #
+  # Rails docs say: "done by embedding a token based on the session ... in all
+  # forms and Ajax requests generated by Rails and then verifying the authenticity
+  # of that token in the controller"
+  # http://api.rubyonrails.org/classes/ActionController/RequestForgeryProtection/ClassMethods.html
+  #
+  # Note: Could fetch forgery token via AJAX?
+
+  protect_from_forgery :except => [:preview, :create]
+
+  authenticates_anonymous_user
+  layout 'default'
+
+  before_action :set_section
+  before_action :set_comment, :only => [:show, :update, :destroy]
+  before_action :set_commentable, :only => [:show, :preview, :create]
+
+  invisible_captcha only: [:create, :update], honeypot: :subtitle, if: -> { current_user.anonymous? }
+
+  def show
+  end
+
+  def preview
+    @comment = @commentable.comments.build(comment_params)
+    @comment.send(:process_filters)
+    render :layout => false
+  end
+
+  def create
+    @comment = @commentable.comments.build(comment_params)
+    if @comment.save
+      trigger_events @comment
+      CommentMailer.comment_notification(@comment).deliver_later
+      if current_user.anonymous?
+        flash.notice = "Your comment is being reviewed, and will be posted shortly. Thank you for commenting!"
+      else
+        @comment.update_column :approved, true
+        flash.notice = "You're an admin, so your comment is being posted immediately! Refresh the page to see it."
+      end
+      respond_to do |format|
+        format.html { redirect_to "#{request.env['HTTP_REFERER']}#comments" }
+        format.js { render json: true }
+      end
+    else
+      flash[:error] = @comment.errors.full_messages.to_sentence # TODO hu.
+      respond_to do |format|
+        format.html { redirect_to "#{request.env['HTTP_REFERER']}#comments" }
+        format.js { render json: false }
+      end
+    end
+  end
+
+  def update
+    if @comment.update(comment_params)
+      trigger_events(@comment)
+      flash.notice = t(:'adva.comments.flash.update.success')
+      render json: true
+    else
+      set_commentable
+      flash[:error] = @comment.errors.full_messages.to_sentence
+      render json: false
+    end
+  end
+
+  def destroy
+    @comment.destroy
+    trigger_events @comment
+    redirect_to "/", notice: t(:'adva.comments.flash.destroy.success')
+  end
+
+  protected
+
+  def comment_params
+    params.require(:comment).permit(
+      :author_email,
+      :author_name,
+      :body,
+      :commentable_id,
+      :commentable_type,
+    ).merge(site_id: @commentable.site_id, section_id: @commentable.section_id)
+  end
+
+  def set_comment
+    @comment = Comment.find(params[:id])
+  end
+
+  def set_commentable
+    @commentable = if @comment
+      @comment.commentable or raise ActiveRecord::RecordNotFound
+    else
+      begin
+        klass = params.dig(:comment, :commentable_type).constantize
+        raise NameError unless klass.has_many_comments?
+      rescue NameError
+        raise ActiveRecord::RecordNotFound
+      end
+      klass.find(params.dig(:comment, :commentable_id))
+    end
+  end
+
+  def current_resource
+    @comment || @commentable
+  end
+end

data/app/helpers/admin/comments_helper.rb

@@ -0,0 +1,32 @@
+module Admin
+  module CommentsHelper
+    def comment_expiration_options
+      I18n.with_options :scope => :'adva.comments.options.expiration' do |i18n|
+        [ [i18n.t(:not_allowed),                           -1 ],
+          [i18n.t(:never_expire),                           0 ],
+          [i18n.t(:x_hours_after_publishing, :count => 24), 1 ],
+          [i18n.t(:x_weeks_after_publishing, :count => 1),  7 ],
+          [i18n.t(:x_months_after_publishing, :count => 1), 30],
+          [i18n.t(:x_months_after_publishing, :count => 3), 90] ]
+      end
+    end
+
+    def comments_filter_options
+      options = I18n.t(:'adva.comments.filter.options')
+
+      [[options[:all], 					'all'],
+  		 [options[:state], 		    'state'],
+  	   [options[:body],         'body'],
+  	   [options[:author_name], 	'author_name'],
+  	   [options[:author_email], 'author_email'],
+  	   [options[:author_url],   'author_homepage']]
+    end
+
+    def comments_state_options
+      options = I18n.t(:'adva.comments.state.options')
+
+      [[options[:approved],   'approved'],
+  		 [options[:unapproved], 'unapproved']]
+    end
+  end
+end

data/app/helpers/comments_helper.rb

@@ -0,0 +1,71 @@
+module CommentsHelper
+  def comments_feed_title(*owners)
+    options = owners.extract_options!
+    separator = options[:separator] || ' » '
+    I18n.t(:'adva.titles.comments') + ': ' + owners.compact.uniq.map(&:title).join(separator)
+  end
+
+  methods = %w(admin_comments_path admin_comment_path
+               new_admin_comment_path edit_admin_comment_path)
+
+  methods.each do |method|
+    module_eval <<-CODE, __FILE__, __LINE__
+      def #{method}(*args)
+        options = args.extract_options!
+        merge_admin_comments_query_params(options)
+        super *(args << options).compact
+      end
+    CODE
+  end
+
+  def link_to_content_comments_count(content, options = {:total => true})
+    total = content.comments_count
+    approved = content.approved_comments_count
+    return options[:alt] || t(:'adva.common.none') if approved == 0
+    text = if total == approved or !options[:total]
+      "#{approved.to_s.rjust(2, '0')}"
+    else
+      "#{approved.to_s.rjust(2, '0')} (#{total.to_s.rjust(2, '0')})"
+    end
+    link_to_content_comments(text, content)
+  end
+
+  def link_to_content_comments(*args)
+    options = args.extract_options!
+    text = args.shift if args.first.is_a?(String) || args.first.is_a?(Symbol)
+    content, comment = *args
+    return unless content.approved_comments_count > 0 || content.accept_comments?
+
+    text = t(text) if text.is_a?(Symbol)
+    text ||= t(:'adva.comments.titles.comment_with_count', :count => content.approved_comments_count)
+    options.merge! :anchor => (comment ? dom_id(comment) : 'comments')
+    link_to text, [content.section, content], options
+  end
+
+  def link_to_content_comment(*args)
+    options = args.extract_options!
+    args.insert(args.size - 1, args.last.commentable)
+    link_to_content_comments(*args << options)
+  end
+
+  def link_to_remote_comment_preview
+    link_to(I18n.t(:'adva.titles.preview'), preview_comments_path, :id => 'preview_comment', :style => "display:none;") +
+      image_tag('adva_cms/indicator.gif', :alt => '', :id => 'comment_preview_spinner', :style => 'display:none;')
+  end
+
+  def comment_form_hidden_fields(commentable)
+    hidden_field_tag('return_to', request.fullpath) + "\n" +
+    hidden_field_tag('comment[commentable_type]', commentable.class.name, :id => 'comment_commentable_type') + "\n" +
+    hidden_field_tag('comment[commentable_id]', commentable.id, :id => 'comment_commentable_id') + "\n"
+  end
+
+  private
+
+    # TODO obviously doesn't work as expected on the SectionsController where the
+    # section_id is in params[:id]
+    def merge_admin_comments_query_params(options)
+      options.merge! params.slice(:section_id, :content_id).reject{|key, value| value.blank? }.to_unsafe_hash
+      options.symbolize_keys!
+      options.delete(:section_id) if options[:content_id]
+    end
+end

data/app/mailers/comment_mailer.rb

@@ -0,0 +1,8 @@
+class CommentMailer < ActionMailer::Base
+  default :content_type => "text/html"
+
+  def comment_notification comment
+    @comment = comment
+    mail :to => comment.site.email, :from => comment.site.email, :subject => "#{comment.site.name}: New pending comment"
+  end
+end

data/app/models/comment.rb

@@ -0,0 +1,94 @@
+class Comment < ActiveRecord::Base
+  class CommentNotAllowed < StandardError; end
+
+  def self.approved
+    where :approved => true
+  end
+
+  def self.unapproved
+    where :approved => false
+  end
+
+  define_model_callbacks :approve, :unapprove
+
+  def around_save
+    if just_approved?
+      run_callbacks(:approve) { yield }
+    elsif just_unapproved?
+      run_callbacks(:unapprove) { yield }
+    else
+      yield
+    end
+  end
+
+  after_save do
+    commentable.touch
+  end
+
+  filtered_column :body
+  filters_attributes :sanitize => :body_html
+
+  has_filter :text  => { :attributes => [:body] },
+             :state => { :states => [:approved, :unapproved] }
+
+  belongs_to :site
+  belongs_to :section
+  belongs_to :commentable, :polymorphic => true
+  # make sure we're storing the base clase for STI
+  def commentable_type=(sType)
+    super(sType.to_s.classify.constantize.base_class.to_s)
+  end
+  has_many :activities, :as => :object
+
+  composed_of :author, :class_name => "User", :mapping => [ %w(author_name name), %w(author_email email) ]
+
+  validates_presence_of :body, :commentable, :author_name, :author_email
+  validates_email_format_of :author_email
+
+  before_validation :set_owners
+  before_create :authorize_commenting
+
+  def owner
+    commentable
+  end
+
+  def filter
+    commentable.comment_filter
+  end
+
+  def unapproved?
+    !approved?
+  end
+
+  def just_approved?
+    approved_changed? and approved?
+  end
+
+  def just_unapproved?
+    approved_changed? and unapproved?
+  end
+
+  def state_changes
+    state_changes = if just_approved?
+      [:approved]
+    elsif just_unapproved?
+      [:unapproved]
+    end || []
+    super + state_changes
+  end
+
+  protected
+
+    def authorize_commenting
+      if commentable && !commentable.accept_comments?
+        raise CommentNotAllowed, I18n.t(:'adva.comments.messages.not_allowed')
+      end
+    end
+
+    def set_owners
+      if commentable # TODO in what cases would commentable be nil here?
+        self.site = commentable.site
+        self.section = commentable.section
+      end
+    end
+end

data/app/views/admin/articles/_comments_settings.html.erb

@@ -0,0 +1 @@
+<%= f.select(:comment_age, comment_expiration_options, {}, :label => :'adva.titles.comments') %>

data/app/views/admin/comments/_form.html.erb

@@ -0,0 +1,12 @@
+<%= hidden_field_tag "return_to", params[:return_to] || request.request_uri %>
+
+<% f.field_set do %>
+  <%= f.text_area :body, :rows => 8, :label => :'adva.titles.comment'  %>
+<% end %>
+
+<%= yield if block_given? %>
+
+<% f.buttons do %>
+  <%= submit_tag t(:'adva.common.save') %>
+  <%= link_to t(:'adva.common.cancel'), params[:return_to] if params[:return_to] %>
+<% end %>

data/app/views/admin/comments/edit.html.erb

@@ -0,0 +1,9 @@
+<h3><%= t(:'adva.comments.titles.edit') %></h3>
+
+<%= form_for [:admin, @comment] do |f| -%>
+  <% render :layout => 'form', :locals => {:f => f} do %>
+    <p>
+      <label><%= f.check_box :approved, {}, 1 %><%= t(:'adva.comments.labels.approved') %></label>
+    </p>
+  <% end -%>
+<% end -%>