alchemy_cms 6.1.5 → 7.0.0.pre.b
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.github/workflows/brakeman-analysis.yml +2 -2
- data/.github/workflows/ci.yml +7 -10
- data/.github/workflows/lint.yml +17 -0
- data/.gitignore +1 -6
- data/.hound.yml +2 -3
- data/.rubocop.yml +4 -350
- data/.standard.yml +3 -0
- data/CHANGELOG.md +49 -19
- data/Gemfile +4 -2
- data/README.md +7 -9
- data/Rakefile +12 -7
- data/alchemy_cms.gemspec +3 -3
- data/app/assets/javascripts/alchemy/admin.js +0 -1
- data/app/assets/javascripts/alchemy/alchemy.dirty.js.coffee +1 -1
- data/app/assets/javascripts/alchemy/alchemy.element_editors.js.coffee +18 -32
- data/app/assets/javascripts/alchemy/alchemy.elements_window.js.coffee +2 -2
- data/app/assets/javascripts/alchemy/alchemy.gui.js.coffee +2 -2
- data/app/assets/javascripts/alchemy/alchemy.link_dialog.js.coffee +33 -30
- data/app/assets/stylesheets/alchemy/elements.scss +16 -35
- data/app/assets/stylesheets/alchemy/forms.scss +0 -4
- data/app/assets/stylesheets/alchemy/node-select.scss +2 -2
- data/app/components/alchemy/ingredients/audio_view.rb +37 -0
- data/app/components/alchemy/ingredients/base_view.rb +38 -0
- data/app/components/alchemy/ingredients/boolean_view.rb +13 -0
- data/app/components/alchemy/ingredients/datetime_view.rb +22 -0
- data/app/components/alchemy/ingredients/file_view.rb +40 -0
- data/app/components/alchemy/ingredients/headline_view.rb +20 -0
- data/app/components/alchemy/ingredients/html_view.rb +9 -0
- data/app/components/alchemy/ingredients/link_view.rb +25 -0
- data/app/components/alchemy/ingredients/node_view.rb +11 -0
- data/app/components/alchemy/ingredients/page_view.rb +15 -0
- data/app/components/alchemy/ingredients/picture_view.rb +108 -0
- data/app/components/alchemy/ingredients/richtext_view.rb +22 -0
- data/app/components/alchemy/ingredients/select_view.rb +6 -0
- data/app/components/alchemy/ingredients/text_view.rb +41 -0
- data/app/components/alchemy/ingredients/video_view.rb +39 -0
- data/app/controllers/alchemy/admin/attachments_controller.rb +3 -4
- data/app/controllers/alchemy/admin/base_controller.rb +7 -7
- data/app/controllers/alchemy/admin/clipboard_controller.rb +2 -2
- data/app/controllers/alchemy/admin/elements_controller.rb +33 -43
- data/app/controllers/alchemy/admin/languages_controller.rb +1 -1
- data/app/controllers/alchemy/admin/nodes_controller.rb +2 -2
- data/app/controllers/alchemy/admin/pages_controller.rb +11 -11
- data/app/controllers/alchemy/admin/pictures_controller.rb +15 -15
- data/app/controllers/alchemy/admin/resources_controller.rb +28 -46
- data/app/controllers/alchemy/admin/styleguide_controller.rb +1 -0
- data/app/controllers/alchemy/admin/tags_controller.rb +11 -11
- data/app/controllers/alchemy/api/base_controller.rb +2 -2
- data/app/controllers/alchemy/api/elements_controller.rb +11 -13
- data/app/controllers/alchemy/api/ingredients_controller.rb +1 -1
- data/app/controllers/alchemy/api/nodes_controller.rb +1 -1
- data/app/controllers/alchemy/api/pages_controller.rb +14 -12
- data/app/controllers/alchemy/attachments_controller.rb +3 -3
- data/app/controllers/alchemy/base_controller.rb +1 -1
- data/app/controllers/alchemy/messages_controller.rb +18 -18
- data/app/controllers/alchemy/pages_controller.rb +10 -16
- data/app/controllers/concerns/alchemy/admin/archive_overlay.rb +1 -0
- data/app/controllers/concerns/alchemy/admin/uploader_responses.rb +5 -7
- data/app/controllers/concerns/alchemy/legacy_page_redirects.rb +5 -5
- data/app/decorators/alchemy/element_editor.rb +13 -33
- data/app/decorators/alchemy/ingredient_editor.rb +6 -6
- data/app/helpers/alchemy/admin/attachments_helper.rb +1 -1
- data/app/helpers/alchemy/admin/base_helper.rb +21 -22
- data/app/helpers/alchemy/admin/elements_helper.rb +1 -3
- data/app/helpers/alchemy/admin/form_helper.rb +1 -1
- data/app/helpers/alchemy/admin/navigation_helper.rb +7 -7
- data/app/helpers/alchemy/admin/pages_helper.rb +2 -2
- data/app/helpers/alchemy/admin/tags_helper.rb +3 -3
- data/app/helpers/alchemy/base_helper.rb +2 -2
- data/app/helpers/alchemy/elements_block_helper.rb +13 -48
- data/app/helpers/alchemy/elements_helper.rb +15 -23
- data/app/helpers/alchemy/pages_helper.rb +11 -15
- data/app/helpers/alchemy/url_helper.rb +1 -1
- data/app/mailers/alchemy/messages_mailer.rb +1 -1
- data/app/models/alchemy/attachment.rb +12 -9
- data/app/models/alchemy/base_record.rb +3 -0
- data/app/models/alchemy/eager_loading.rb +6 -7
- data/app/models/alchemy/element/definitions.rb +1 -1
- data/app/models/alchemy/element/element_ingredients.rb +4 -11
- data/app/models/alchemy/element/presenters.rb +9 -25
- data/app/models/alchemy/element.rb +4 -19
- data/app/models/alchemy/elements_repository.rb +1 -1
- data/app/models/alchemy/image_cropper_settings.rb +2 -2
- data/app/models/alchemy/ingredient.rb +29 -16
- data/app/models/alchemy/ingredient_validator.rb +1 -1
- data/app/models/alchemy/ingredients/audio.rb +2 -0
- data/app/models/alchemy/ingredients/datetime.rb +3 -1
- data/app/models/alchemy/ingredients/file.rb +7 -0
- data/app/models/alchemy/ingredients/headline.rb +6 -0
- data/app/models/alchemy/ingredients/link.rb +2 -0
- data/app/models/alchemy/ingredients/node.rb +2 -0
- data/app/models/alchemy/ingredients/page.rb +2 -0
- data/app/models/alchemy/ingredients/picture.rb +29 -0
- data/app/models/alchemy/ingredients/richtext.rb +17 -8
- data/app/models/alchemy/ingredients/select.rb +1 -0
- data/app/models/alchemy/ingredients/text.rb +8 -0
- data/app/models/alchemy/ingredients/video.rb +2 -0
- data/app/models/alchemy/language/code.rb +1 -1
- data/app/models/alchemy/language.rb +4 -4
- data/app/models/alchemy/legacy_page_url.rb +1 -1
- data/app/models/alchemy/node.rb +11 -8
- data/app/models/alchemy/page/page_elements.rb +19 -40
- data/app/models/alchemy/page/page_layouts.rb +0 -14
- data/app/models/alchemy/page/page_naming.rb +4 -4
- data/app/models/alchemy/page/page_natures.rb +1 -11
- data/app/models/alchemy/page/page_scopes.rb +5 -5
- data/app/models/alchemy/page.rb +11 -19
- data/app/models/alchemy/picture/calculations.rb +2 -2
- data/app/models/alchemy/picture/transformations.rb +2 -32
- data/app/models/alchemy/picture/url.rb +5 -5
- data/app/models/alchemy/picture.rb +22 -20
- data/app/models/alchemy/picture_thumb/create.rb +7 -18
- data/app/models/alchemy/picture_thumb/file_store.rb +33 -0
- data/app/models/alchemy/picture_thumb.rb +11 -11
- data/app/models/alchemy/picture_variant.rb +2 -3
- data/app/models/alchemy/tag.rb +8 -0
- data/app/models/concerns/alchemy/picture_thumbnails.rb +8 -8
- data/app/serializers/alchemy/base_serializer.rb +1 -1
- data/app/serializers/alchemy/element_serializer.rb +1 -6
- data/app/serializers/alchemy/page_tree_serializer.rb +7 -7
- data/app/services/alchemy/delete_elements.rb +1 -7
- data/app/services/alchemy/duplicate_element.rb +2 -7
- data/app/services/alchemy/tag_validations.rb +1 -1
- data/app/views/alchemy/admin/elements/_element.html.erb +8 -22
- data/app/views/alchemy/admin/elements/create.js.erb +1 -1
- data/app/views/alchemy/admin/elements/fold.js.erb +2 -2
- data/app/views/alchemy/admin/elements/order.js.erb +1 -1
- data/app/views/alchemy/admin/elements/update.js.erb +1 -2
- data/app/views/alchemy/admin/pages/_external_link.html.erb +2 -2
- data/app/views/alchemy/admin/pages/_file_link.html.erb +2 -2
- data/app/views/alchemy/admin/pages/_internal_link.html.erb +2 -2
- data/app/views/alchemy/admin/pages/edit.html.erb +1 -4
- data/app/views/alchemy/admin/pages/update.js.erb +10 -4
- data/app/views/alchemy/admin/pictures/_filter_and_size_bar.html.erb +1 -3
- data/app/views/alchemy/admin/pictures/_infos.html.erb +4 -6
- data/app/views/alchemy/ingredients/_audio_view.html.erb +1 -14
- data/app/views/alchemy/ingredients/_boolean_editor.html.erb +1 -1
- data/app/views/alchemy/ingredients/_boolean_view.html.erb +1 -1
- data/app/views/alchemy/ingredients/_datetime_view.html.erb +3 -9
- data/app/views/alchemy/ingredients/_file_view.html.erb +3 -16
- data/app/views/alchemy/ingredients/_headline_editor.html.erb +1 -1
- data/app/views/alchemy/ingredients/_headline_view.html.erb +4 -10
- data/app/views/alchemy/ingredients/_html_editor.html.erb +1 -1
- data/app/views/alchemy/ingredients/_html_view.html.erb +1 -1
- data/app/views/alchemy/ingredients/_link_view.html.erb +4 -9
- data/app/views/alchemy/ingredients/_node_editor.html.erb +1 -1
- data/app/views/alchemy/ingredients/_node_view.html.erb +1 -1
- data/app/views/alchemy/ingredients/_page_view.html.erb +1 -4
- data/app/views/alchemy/ingredients/_picture_editor.html.erb +4 -4
- data/app/views/alchemy/ingredients/_picture_view.html.erb +4 -5
- data/app/views/alchemy/ingredients/_richtext_editor.html.erb +11 -2
- data/app/views/alchemy/ingredients/_richtext_view.html.erb +3 -3
- data/app/views/alchemy/ingredients/_select_editor.html.erb +2 -2
- data/app/views/alchemy/ingredients/_select_view.html.erb +1 -1
- data/app/views/alchemy/ingredients/_text_editor.html.erb +1 -1
- data/app/views/alchemy/ingredients/_text_view.html.erb +3 -19
- data/app/views/alchemy/ingredients/_video_view.html.erb +3 -18
- data/app/views/alchemy/ingredients/shared/_link_tools.html.erb +4 -3
- data/app/views/alchemy/ingredients/shared/_picture_tools.html.erb +1 -0
- data/app/views/alchemy/pages/_meta_data.html.erb +0 -1
- data/app/views/layouts/alchemy/admin.html.erb +10 -8
- data/bin/setup +37 -0
- data/bin/start +17 -0
- data/config/alchemy/config.yml +6 -6
- data/config/brakeman.ignore +56 -57
- data/config/initializers/assets.rb +1 -0
- data/config/initializers/dragonfly.rb +1 -0
- data/config/initializers/mime_types.rb +1 -0
- data/config/initializers/mini_profiler.rb +1 -0
- data/config/initializers/simple_form.rb +3 -2
- data/config/locales/alchemy.en.yml +98 -112
- data/config/routes.rb +22 -36
- data/config/spring.rb +1 -0
- data/db/migrate/20230121212637_alchemy_six_point_one.rb +248 -0
- data/db/migrate/20230505132743_add_indexes_to_alchemy_pictures.rb +6 -0
- data/lib/alchemy/admin/locale.rb +3 -3
- data/lib/alchemy/admin/preview_url.rb +2 -2
- data/lib/alchemy/auth_accessors.rb +1 -1
- data/lib/alchemy/cache_digests/template_tracker.rb +6 -7
- data/lib/alchemy/config.rb +3 -3
- data/lib/alchemy/controller_actions.rb +4 -4
- data/lib/alchemy/deprecation.rb +2 -1
- data/lib/alchemy/dragonfly/processors/thumbnail.rb +1 -1
- data/lib/alchemy/element_definition.rb +2 -2
- data/lib/alchemy/engine.rb +2 -1
- data/lib/alchemy/errors.rb +0 -11
- data/lib/alchemy/filetypes.rb +7 -7
- data/lib/alchemy/forms/builder.rb +4 -4
- data/lib/alchemy/hints.rb +10 -10
- data/lib/alchemy/i18n.rb +6 -4
- data/lib/alchemy/install/tasks.rb +2 -1
- data/lib/alchemy/name_conversions.rb +1 -1
- data/lib/alchemy/page_layout.rb +1 -1
- data/lib/alchemy/permissions.rb +5 -17
- data/lib/alchemy/resource.rb +10 -10
- data/lib/alchemy/resources_helper.rb +7 -7
- data/lib/alchemy/routing_constraints.rb +5 -5
- data/lib/alchemy/searchable_resource.rb +38 -0
- data/lib/alchemy/seeder.rb +4 -3
- data/lib/alchemy/shell.rb +2 -1
- data/lib/alchemy/taggable.rb +3 -2
- data/lib/alchemy/tasks/tidy.rb +1 -38
- data/lib/alchemy/test_support/capybara_helpers.rb +69 -0
- data/lib/alchemy/test_support/config_stubbing.rb +1 -0
- data/lib/alchemy/test_support/factories/element_factory.rb +2 -4
- data/lib/alchemy/test_support/factories/ingredient_factory.rb +1 -1
- data/lib/alchemy/test_support/factories/page_factory.rb +5 -3
- data/lib/alchemy/test_support/having_crop_action_examples.rb +9 -9
- data/lib/alchemy/test_support/having_picture_thumbnails_examples.rb +33 -33
- data/lib/alchemy/test_support/integration_helpers.rb +4 -3
- data/lib/alchemy/test_support/shared_contexts.rb +2 -1
- data/lib/alchemy/test_support/shared_dom_ids_examples.rb +10 -10
- data/lib/alchemy/test_support/shared_ingredient_examples.rb +13 -7
- data/lib/alchemy/test_support/shared_uploader_examples.rb +1 -0
- data/lib/alchemy/tinymce.rb +3 -43
- data/lib/alchemy/upgrader/seven_point_zero.rb +45 -0
- data/lib/alchemy/upgrader/tasks/.keep +0 -0
- data/lib/alchemy/upgrader.rb +9 -3
- data/lib/alchemy/version.rb +1 -1
- data/lib/alchemy.rb +0 -19
- data/lib/alchemy_cms.rb +2 -2
- data/lib/generators/alchemy/base.rb +3 -2
- data/lib/generators/alchemy/elements/elements_generator.rb +2 -2
- data/lib/generators/alchemy/elements/templates/view.html.erb +1 -10
- data/lib/generators/alchemy/elements/templates/view.html.haml +1 -9
- data/lib/generators/alchemy/elements/templates/view.html.slim +1 -9
- data/lib/generators/alchemy/ingredient/ingredient_generator.rb +1 -0
- data/lib/generators/alchemy/install/files/alchemy.en.yml +7 -8
- data/lib/generators/alchemy/install/files/application.html.erb +1 -1
- data/lib/generators/alchemy/install/install_generator.rb +20 -23
- data/lib/generators/alchemy/install/templates/elements.yml.tt +12 -12
- data/lib/generators/alchemy/module/module_generator.rb +1 -0
- data/lib/generators/alchemy/page_layouts/page_layouts_generator.rb +1 -0
- data/lib/generators/alchemy/site_layouts/site_layouts_generator.rb +1 -0
- data/lib/generators/alchemy/views/views_generator.rb +2 -1
- data/lib/tasks/alchemy/thumbnails.rake +6 -25
- data/lib/tasks/alchemy/tidy.rake +2 -12
- data/lib/tasks/alchemy/upgrade.rake +13 -49
- data/package/admin.js +2 -0
- data/package/dist/admin.js +16 -0
- data/package/dist/admin.js.map +7 -0
- data/package/src/datepicker.js +1 -0
- data/package/src/tinymce.js +142 -0
- data/package.json +5 -3
- metadata +41 -135
- data/app/assets/javascripts/alchemy/alchemy.tinymce.js.coffee +0 -93
- data/app/controllers/alchemy/admin/contents_controller.rb +0 -21
- data/app/controllers/alchemy/admin/essence_audios_controller.rb +0 -30
- data/app/controllers/alchemy/admin/essence_files_controller.rb +0 -31
- data/app/controllers/alchemy/admin/essence_pictures_controller.rb +0 -43
- data/app/controllers/alchemy/admin/essence_videos_controller.rb +0 -34
- data/app/controllers/alchemy/api/contents_controller.rb +0 -52
- data/app/decorators/alchemy/content_editor.rb +0 -119
- data/app/helpers/alchemy/admin/contents_helper.rb +0 -42
- data/app/helpers/alchemy/admin/essences_helper.rb +0 -31
- data/app/models/alchemy/content/factory.rb +0 -143
- data/app/models/alchemy/content.rb +0 -247
- data/app/models/alchemy/element/element_contents.rb +0 -200
- data/app/models/alchemy/element/element_essences.rb +0 -133
- data/app/models/alchemy/essence_audio.rb +0 -13
- data/app/models/alchemy/essence_boolean.rb +0 -20
- data/app/models/alchemy/essence_date.rb +0 -25
- data/app/models/alchemy/essence_file.rb +0 -49
- data/app/models/alchemy/essence_headline.rb +0 -41
- data/app/models/alchemy/essence_html.rb +0 -23
- data/app/models/alchemy/essence_link.rb +0 -21
- data/app/models/alchemy/essence_node.rb +0 -19
- data/app/models/alchemy/essence_page.rb +0 -17
- data/app/models/alchemy/essence_picture.rb +0 -67
- data/app/models/alchemy/essence_picture_view.rb +0 -90
- data/app/models/alchemy/essence_richtext.rb +0 -44
- data/app/models/alchemy/essence_select.rb +0 -19
- data/app/models/alchemy/essence_text.rb +0 -23
- data/app/models/alchemy/essence_video.rb +0 -13
- data/app/presenters/alchemy/picture_view.rb +0 -88
- data/app/serializers/alchemy/content_serializer.rb +0 -17
- data/app/serializers/alchemy/essence_boolean_serializer.rb +0 -10
- data/app/serializers/alchemy/essence_date_serializer.rb +0 -10
- data/app/serializers/alchemy/essence_file_serializer.rb +0 -13
- data/app/serializers/alchemy/essence_html_serializer.rb +0 -10
- data/app/serializers/alchemy/essence_link_serializer.rb +0 -13
- data/app/serializers/alchemy/essence_picture_serializer.rb +0 -28
- data/app/serializers/alchemy/essence_richtext_serializer.rb +0 -11
- data/app/serializers/alchemy/essence_select_serializer.rb +0 -10
- data/app/serializers/alchemy/essence_text_serializer.rb +0 -22
- data/app/views/alchemy/admin/contents/create.js.erb +0 -21
- data/app/views/alchemy/admin/essence_audios/edit.html.erb +0 -7
- data/app/views/alchemy/admin/essence_files/edit.html.erb +0 -21
- data/app/views/alchemy/admin/essence_pictures/destroy.js.erb +0 -5
- data/app/views/alchemy/admin/essence_pictures/edit.html.erb +0 -30
- data/app/views/alchemy/admin/essence_pictures/save_link.js.erb +0 -3
- data/app/views/alchemy/admin/essence_pictures/update.js.erb +0 -8
- data/app/views/alchemy/admin/essence_videos/edit.html.erb +0 -12
- data/app/views/alchemy/admin/pages/_tinymce_custom_config.html.erb +0 -13
- data/app/views/alchemy/essences/_essence_audio_editor.html.erb +0 -4
- data/app/views/alchemy/essences/_essence_audio_view.html.erb +0 -15
- data/app/views/alchemy/essences/_essence_boolean_editor.html.erb +0 -11
- data/app/views/alchemy/essences/_essence_boolean_view.html.erb +0 -2
- data/app/views/alchemy/essences/_essence_date_editor.html.erb +0 -16
- data/app/views/alchemy/essences/_essence_date_view.html.erb +0 -10
- data/app/views/alchemy/essences/_essence_file_editor.html.erb +0 -54
- data/app/views/alchemy/essences/_essence_file_view.html.erb +0 -18
- data/app/views/alchemy/essences/_essence_headline_editor.html.erb +0 -36
- data/app/views/alchemy/essences/_essence_headline_view.html.erb +0 -10
- data/app/views/alchemy/essences/_essence_html_editor.html.erb +0 -10
- data/app/views/alchemy/essences/_essence_html_view.html.erb +0 -2
- data/app/views/alchemy/essences/_essence_link_editor.html.erb +0 -30
- data/app/views/alchemy/essences/_essence_link_view.html.erb +0 -10
- data/app/views/alchemy/essences/_essence_node_editor.html.erb +0 -27
- data/app/views/alchemy/essences/_essence_node_view.html.erb +0 -1
- data/app/views/alchemy/essences/_essence_page_editor.html.erb +0 -26
- data/app/views/alchemy/essences/_essence_page_view.html.erb +0 -5
- data/app/views/alchemy/essences/_essence_picture_editor.html.erb +0 -59
- data/app/views/alchemy/essences/_essence_picture_view.html.erb +0 -6
- data/app/views/alchemy/essences/_essence_richtext_editor.html.erb +0 -14
- data/app/views/alchemy/essences/_essence_richtext_view.html.erb +0 -4
- data/app/views/alchemy/essences/_essence_select_editor.html.erb +0 -28
- data/app/views/alchemy/essences/_essence_select_view.html.erb +0 -2
- data/app/views/alchemy/essences/_essence_text_editor.html.erb +0 -29
- data/app/views/alchemy/essences/_essence_text_view.html.erb +0 -17
- data/app/views/alchemy/essences/_essence_video_editor.html.erb +0 -4
- data/app/views/alchemy/essences/_essence_video_view.html.erb +0 -19
- data/app/views/alchemy/essences/shared/_essence_picture_tools.html.erb +0 -59
- data/app/views/alchemy/essences/shared/_linkable_essence_tools.html.erb +0 -20
- data/app/views/alchemy/pages/show.rss.builder +0 -21
- data/db/migrate/20200226213334_alchemy_four_point_four.rb +0 -313
- data/db/migrate/20200423073425_create_alchemy_essence_nodes.rb +0 -11
- data/db/migrate/20200504210159_remove_site_id_from_nodes.rb +0 -28
- data/db/migrate/20200505215518_add_language_id_foreign_key_to_alchemy_pages.rb +0 -8
- data/db/migrate/20200511113603_add_menu_type_to_alchemy_nodes.rb +0 -27
- data/db/migrate/20200514091507_make_page_layoutpage_null_false.rb +0 -6
- data/db/migrate/20200519073500_remove_visible_from_alchemy_pages.rb +0 -24
- data/db/migrate/20200617110713_create_alchemy_picture_thumbs.rb +0 -22
- data/db/migrate/20200907111332_remove_tri_state_booleans.rb +0 -33
- data/db/migrate/20201207131309_create_page_versions.rb +0 -19
- data/db/migrate/20201207135820_add_page_version_id_to_alchemy_elements.rb +0 -76
- data/db/migrate/20210205143548_rename_public_on_and_public_until_on_alchemy_pages.rb +0 -10
- data/db/migrate/20210326105046_add_sanitized_body_to_alchemy_essence_richtexts.rb +0 -7
- data/db/migrate/20210406093436_add_alchemy_essence_headlines.rb +0 -12
- data/db/migrate/20210506135919_create_essence_audios.rb +0 -19
- data/db/migrate/20210506140258_create_essence_videos.rb +0 -23
- data/db/migrate/20210508091432_create_alchemy_ingredients.rb +0 -22
- data/db/migrate/20220514072456_restrict_on_delete_page_id_foreign_key_from_alchemy_nodes.rb +0 -13
- data/db/migrate/20220622130905_add_playsinline_to_alchemy_essence_videos.rb +0 -9
- data/lib/alchemy/essence.rb +0 -250
- data/lib/alchemy/test_support/essence_shared_examples.rb +0 -271
- data/lib/alchemy/test_support/factories/content_factory.rb +0 -20
- data/lib/alchemy/test_support/factories/essence_audio_factory.rb +0 -7
- data/lib/alchemy/test_support/factories/essence_file_factory.rb +0 -7
- data/lib/alchemy/test_support/factories/essence_page_factory.rb +0 -7
- data/lib/alchemy/test_support/factories/essence_picture_factory.rb +0 -11
- data/lib/alchemy/test_support/factories/essence_text_factory.rb +0 -7
- data/lib/alchemy/test_support/factories/essence_video_factory.rb +0 -7
- data/lib/alchemy/upgrader/five_point_zero.rb +0 -41
- data/lib/alchemy/upgrader/six_point_zero.rb +0 -21
- data/lib/alchemy/upgrader/tasks/add_page_versions.rb +0 -33
- data/lib/alchemy/upgrader/tasks/element_views_updater.rb +0 -34
- data/lib/alchemy/upgrader/tasks/harden_gutentag_migrations.rb +0 -29
- data/lib/alchemy/upgrader/tasks/ingredients_migrator.rb +0 -74
- data/lib/generators/alchemy/essence/essence_generator.rb +0 -49
- data/lib/generators/alchemy/essence/templates/editor.html.erb +0 -17
- data/lib/generators/alchemy/essence/templates/view.html.erb +0 -2
data/config/brakeman.ignore
CHANGED
@@ -1,36 +1,5 @@
|
|
1
1
|
{
|
2
2
|
"ignored_warnings": [
|
3
|
-
{
|
4
|
-
"warning_type": "Cross-Site Scripting",
|
5
|
-
"warning_code": 2,
|
6
|
-
"fingerprint": "068b12d24047e2ece633115ba065ce46fc8c8a26827be7de2565ab721e1c2e82",
|
7
|
-
"check_name": "CrossSiteScripting",
|
8
|
-
"message": "Unescaped parameter value",
|
9
|
-
"file": "app/views/alchemy/admin/elements/update.js.erb",
|
10
|
-
"line": 21,
|
11
|
-
"link": "https://brakemanscanner.org/docs/warning_types/cross_site_scripting",
|
12
|
-
"code": "Element.find(params[:id]).ingredients_with_errors.map do\n \"[data-ingredient-id=\\\"#{ingredient.id}\\\"]\"\n end.join(\", \")",
|
13
|
-
"render_path": [
|
14
|
-
{
|
15
|
-
"type": "controller",
|
16
|
-
"class": "Alchemy::Admin::ElementsController",
|
17
|
-
"method": "update",
|
18
|
-
"line": 61,
|
19
|
-
"file": "app/controllers/alchemy/admin/elements_controller.rb",
|
20
|
-
"rendered": {
|
21
|
-
"name": "alchemy/admin/elements/update",
|
22
|
-
"file": "app/views/alchemy/admin/elements/update.js.erb"
|
23
|
-
}
|
24
|
-
}
|
25
|
-
],
|
26
|
-
"location": {
|
27
|
-
"type": "template",
|
28
|
-
"template": "alchemy/admin/elements/update"
|
29
|
-
},
|
30
|
-
"user_input": "params[:id]",
|
31
|
-
"confidence": "Weak",
|
32
|
-
"note": ""
|
33
|
-
},
|
34
3
|
{
|
35
4
|
"warning_type": "File Access",
|
36
5
|
"warning_code": 16,
|
@@ -49,6 +18,9 @@
|
|
49
18
|
},
|
50
19
|
"user_input": "params[:id]",
|
51
20
|
"confidence": "Weak",
|
21
|
+
"cwe_id": [
|
22
|
+
22
|
23
|
+
],
|
52
24
|
"note": ""
|
53
25
|
},
|
54
26
|
{
|
@@ -69,6 +41,9 @@
|
|
69
41
|
},
|
70
42
|
"user_input": null,
|
71
43
|
"confidence": "Medium",
|
44
|
+
"cwe_id": [
|
45
|
+
915
|
46
|
+
],
|
72
47
|
"note": "Because we actually can't know all attributes each inheriting controller supports, we permit all resource model params. It is adviced that all inheriting controllers implement this method and provide its own set of permitted attributes. As this all happens inside the password protected /admin namespace this can be considered a false positive."
|
73
48
|
},
|
74
49
|
{
|
@@ -86,7 +61,7 @@
|
|
86
61
|
"type": "controller",
|
87
62
|
"class": "Alchemy::Admin::ElementsController",
|
88
63
|
"method": "fold",
|
89
|
-
"line":
|
64
|
+
"line": 98,
|
90
65
|
"file": "app/controllers/alchemy/admin/elements_controller.rb",
|
91
66
|
"rendered": {
|
92
67
|
"name": "alchemy/admin/elements/fold",
|
@@ -100,28 +75,11 @@
|
|
100
75
|
},
|
101
76
|
"user_input": "params[:id]",
|
102
77
|
"confidence": "Weak",
|
78
|
+
"cwe_id": [
|
79
|
+
22
|
80
|
+
],
|
103
81
|
"note": ""
|
104
82
|
},
|
105
|
-
{
|
106
|
-
"warning_type": "Mass Assignment",
|
107
|
-
"warning_code": 70,
|
108
|
-
"fingerprint": "4b4dc24a6f5251bc1a6851597dfcee39608a2932eb7f81a4a241c00fca8a3043",
|
109
|
-
"check_name": "MassAssignment",
|
110
|
-
"message": "Specify exact keys allowed for mass assignment instead of using `permit!` which allows any keys",
|
111
|
-
"file": "app/controllers/alchemy/admin/elements_controller.rb",
|
112
|
-
"line": 155,
|
113
|
-
"link": "https://brakemanscanner.org/docs/warning_types/mass_assignment/",
|
114
|
-
"code": "params.fetch(:contents, {}).permit!",
|
115
|
-
"render_path": null,
|
116
|
-
"location": {
|
117
|
-
"type": "method",
|
118
|
-
"class": "Alchemy::Admin::ElementsController",
|
119
|
-
"method": "contents_params"
|
120
|
-
},
|
121
|
-
"user_input": null,
|
122
|
-
"confidence": "Medium",
|
123
|
-
"note": "`Alchemy::Content` is a polymorphic association of any kind of model extending `Alchemy::Essence`. Since we can't know the attributes of all potential essences we need to permit all attributes. As this all happens inside the password protected /admin namespace this can be considered a false positive."
|
124
|
-
},
|
125
83
|
{
|
126
84
|
"warning_type": "Command Injection",
|
127
85
|
"warning_code": 14,
|
@@ -129,7 +87,7 @@
|
|
129
87
|
"check_name": "Execute",
|
130
88
|
"message": "Possible command injection",
|
131
89
|
"file": "lib/alchemy/upgrader.rb",
|
132
|
-
"line":
|
90
|
+
"line": 33,
|
133
91
|
"link": "https://brakemanscanner.org/docs/warning_types/command_injection/",
|
134
92
|
"code": "`yarn add @alchemy_cms/admin@~#{Alchemy.version}`",
|
135
93
|
"render_path": null,
|
@@ -140,6 +98,9 @@
|
|
140
98
|
},
|
141
99
|
"user_input": "Alchemy.version",
|
142
100
|
"confidence": "Medium",
|
101
|
+
"cwe_id": [
|
102
|
+
77
|
103
|
+
],
|
143
104
|
"note": "The alchemy version is safe"
|
144
105
|
},
|
145
106
|
{
|
@@ -170,6 +131,9 @@
|
|
170
131
|
},
|
171
132
|
"user_input": "(Unresolved Model).new.url",
|
172
133
|
"confidence": "Weak",
|
134
|
+
"cwe_id": [
|
135
|
+
79
|
136
|
+
],
|
173
137
|
"note": ""
|
174
138
|
},
|
175
139
|
{
|
@@ -190,6 +154,9 @@
|
|
190
154
|
},
|
191
155
|
"user_input": "params[:id]",
|
192
156
|
"confidence": "Weak",
|
157
|
+
"cwe_id": [
|
158
|
+
22
|
159
|
+
],
|
193
160
|
"note": ""
|
194
161
|
},
|
195
162
|
{
|
@@ -207,7 +174,7 @@
|
|
207
174
|
"type": "controller",
|
208
175
|
"class": "Alchemy::Admin::ElementsController",
|
209
176
|
"method": "index",
|
210
|
-
"line":
|
177
|
+
"line": 16,
|
211
178
|
"file": "app/controllers/alchemy/admin/elements_controller.rb",
|
212
179
|
"rendered": {
|
213
180
|
"name": "alchemy/admin/elements/index",
|
@@ -221,6 +188,9 @@
|
|
221
188
|
},
|
222
189
|
"user_input": "params[:page_version_id]",
|
223
190
|
"confidence": "Weak",
|
191
|
+
"cwe_id": [
|
192
|
+
22
|
193
|
+
],
|
224
194
|
"note": ""
|
225
195
|
},
|
226
196
|
{
|
@@ -238,7 +208,7 @@
|
|
238
208
|
"type": "controller",
|
239
209
|
"class": "Alchemy::Admin::ElementsController",
|
240
210
|
"method": "index",
|
241
|
-
"line":
|
211
|
+
"line": 16,
|
242
212
|
"file": "app/controllers/alchemy/admin/elements_controller.rb",
|
243
213
|
"rendered": {
|
244
214
|
"name": "alchemy/admin/elements/index",
|
@@ -252,6 +222,32 @@
|
|
252
222
|
},
|
253
223
|
"user_input": "params[:page_version_id]",
|
254
224
|
"confidence": "Weak",
|
225
|
+
"cwe_id": [
|
226
|
+
22
|
227
|
+
],
|
228
|
+
"note": ""
|
229
|
+
},
|
230
|
+
{
|
231
|
+
"warning_type": "Command Injection",
|
232
|
+
"warning_code": 14,
|
233
|
+
"fingerprint": "98ca8e77026312eaa7eec15ce26bfe45aa8dd0fcd38e4cff104cb9dffbde1733",
|
234
|
+
"check_name": "Execute",
|
235
|
+
"message": "Possible command injection",
|
236
|
+
"file": "lib/alchemy/upgrader.rb",
|
237
|
+
"line": 31,
|
238
|
+
"link": "https://brakemanscanner.org/docs/warning_types/command_injection/",
|
239
|
+
"code": "`bin/importmap pin @alchemy_cms/admin@~#{Alchemy.version}`",
|
240
|
+
"render_path": null,
|
241
|
+
"location": {
|
242
|
+
"type": "method",
|
243
|
+
"class": "Alchemy::Upgrader",
|
244
|
+
"method": "update_npm_package"
|
245
|
+
},
|
246
|
+
"user_input": "Alchemy.version",
|
247
|
+
"confidence": "Medium",
|
248
|
+
"cwe_id": [
|
249
|
+
77
|
250
|
+
],
|
255
251
|
"note": ""
|
256
252
|
},
|
257
253
|
{
|
@@ -272,9 +268,12 @@
|
|
272
268
|
},
|
273
269
|
"user_input": "params[:id]",
|
274
270
|
"confidence": "Weak",
|
271
|
+
"cwe_id": [
|
272
|
+
22
|
273
|
+
],
|
275
274
|
"note": ""
|
276
275
|
}
|
277
276
|
],
|
278
|
-
"updated": "
|
279
|
-
"brakeman_version": "5.
|
277
|
+
"updated": "2023-01-31 19:16:48 +0100",
|
278
|
+
"brakeman_version": "5.4.0"
|
280
279
|
}
|
@@ -1,4 +1,5 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
|
+
|
2
3
|
#
|
3
4
|
# Uncomment this and change the path if necessary to include your own
|
4
5
|
# components.
|
@@ -57,8 +58,8 @@ SimpleForm.setup do |config|
|
|
57
58
|
## Inputs
|
58
59
|
# b.use :input, class: 'input', error_class: 'is-invalid'
|
59
60
|
b.use :label_input
|
60
|
-
b.use :error, wrap_with: {
|
61
|
-
b.use :hint,
|
61
|
+
b.use :error, wrap_with: {tag: :small, class: :error}
|
62
|
+
b.use :hint, wrap_with: {tag: :small, class: :hint}
|
62
63
|
|
63
64
|
## full_messages_for
|
64
65
|
# If you want to display the full error message for the attribute, you can
|