alchemy_cms 7.1.12 → 7.1.13
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +10 -0
- data/Gemfile +7 -0
- data/app/assets/stylesheets/alchemy/elements.scss +1 -1
- data/app/controllers/alchemy/admin/base_controller.rb +26 -2
- data/app/controllers/alchemy/admin/languages_controller.rb +1 -1
- data/app/controllers/alchemy/admin/pages_controller.rb +1 -5
- data/app/controllers/alchemy/admin/resources_controller.rb +1 -1
- data/app/models/alchemy/page.rb +3 -3
- data/app/models/concerns/alchemy/picture_thumbnails.rb +4 -5
- data/lib/alchemy/resource.rb +14 -4
- data/lib/alchemy/version.rb +1 -1
- metadata +3 -5
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 122b7507c58ee7984f2fe8e8bb25bdcbf66a3fea17f87e89524777f58d724044
|
|
4
|
+
data.tar.gz: c1907274004ecd5c562aa5e85b78cfa333e1703815f19b8f51df94e2536511db
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 3ff38d23f4b1ceddbc62431d16065245ea5734681c9feecb56b09bf1d02d8656f35b673532db9ff717fbf99a45305e0b6295e20f9f6f2996fd0f1f98f440ce28
|
|
7
|
+
data.tar.gz: a3203ae19cb5c4e067d627f86cd1b24c6cb1a687eaeac211cd83bed14e1fc2af850218d8e17f8112356d8ccd54e000d5ca8d61d3eabc0699558c611c6b1aeee1
|
data/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,15 @@
|
|
|
1
1
|
# Changelog
|
|
2
2
|
|
|
3
|
+
## 7.1.13 (2025-01-24)
|
|
4
|
+
|
|
5
|
+
- [7.1-stable] fix attribute sorting across Ruby versions [#3161](https://github.com/AlchemyCMS/alchemy_cms/pull/3161) ([alchemycms-bot](https://github.com/alchemycms-bot))
|
|
6
|
+
- [7.1-stable] fix missing logger issue in github actions [#3156](https://github.com/AlchemyCMS/alchemy_cms/pull/3156) ([alchemycms-bot](https://github.com/alchemycms-bot))
|
|
7
|
+
- [7.1-stable] CI: Set workflow permissions [#3143](https://github.com/AlchemyCMS/alchemy_cms/pull/3143) ([tvdeyen](https://github.com/tvdeyen))
|
|
8
|
+
- [7.1-stable] Use safe redirect paths in admin redirects [#3135](https://github.com/AlchemyCMS/alchemy_cms/pull/3135) ([tvdeyen](https://github.com/tvdeyen))
|
|
9
|
+
- [7.1-stable] CI: Run actions on ubuntu-22.04 [#3126](https://github.com/AlchemyCMS/alchemy_cms/pull/3126) ([tvdeyen](https://github.com/tvdeyen))
|
|
10
|
+
- Fix tinymce fullscreen mode [#3102](https://github.com/AlchemyCMS/alchemy_cms/pull/3102) ([tvdeyen](https://github.com/tvdeyen))
|
|
11
|
+
- [7.1-stable] Use alchemy_display_name for page actor names [#3029](https://github.com/AlchemyCMS/alchemy_cms/pull/3029) ([alchemycms-bot](https://github.com/alchemycms-bot))
|
|
12
|
+
|
|
3
13
|
## 7.1.12 (2024-09-04)
|
|
4
14
|
|
|
5
15
|
- [7.1-stable] Render Datetime ingredient in local time zone [#3018](https://github.com/AlchemyCMS/alchemy_cms/pull/3018) ([tvdeyen](https://github.com/tvdeyen))
|
data/Gemfile
CHANGED
|
@@ -31,6 +31,13 @@ group :development, :test do
|
|
|
31
31
|
if rails_version == "7.1"
|
|
32
32
|
gem "actioncable", "~> #{rails_version}.0"
|
|
33
33
|
end
|
|
34
|
+
|
|
35
|
+
# concurrent-ruby v1.3.5 has removed the dependency on logger,
|
|
36
|
+
# effecting Rails 6.1 up to including 7.0.
|
|
37
|
+
# https://github.com/rails/rails/pull/54264
|
|
38
|
+
if ("6.1".to_f.."7.0".to_f).cover?(rails_version.to_f)
|
|
39
|
+
gem "concurrent-ruby", "< 1.3.5"
|
|
40
|
+
end
|
|
34
41
|
else
|
|
35
42
|
gem "launchy"
|
|
36
43
|
gem "annotate"
|
|
@@ -31,6 +31,27 @@ module Alchemy
|
|
|
31
31
|
|
|
32
32
|
private
|
|
33
33
|
|
|
34
|
+
def safe_redirect_path(path = params[:redirect_to], fallback: admin_path)
|
|
35
|
+
if is_safe_redirect_path?(path)
|
|
36
|
+
path
|
|
37
|
+
elsif is_safe_redirect_path?(fallback)
|
|
38
|
+
fallback
|
|
39
|
+
else
|
|
40
|
+
admin_path
|
|
41
|
+
end
|
|
42
|
+
end
|
|
43
|
+
|
|
44
|
+
def is_safe_redirect_path?(path)
|
|
45
|
+
mount_path = alchemy.root_path
|
|
46
|
+
path.to_s.match? %r{^#{mount_path}admin/}
|
|
47
|
+
end
|
|
48
|
+
|
|
49
|
+
def relative_referer_path(referer = request.referer)
|
|
50
|
+
return unless referer
|
|
51
|
+
|
|
52
|
+
URI(referer).path
|
|
53
|
+
end
|
|
54
|
+
|
|
34
55
|
# Disable layout rendering for xhr requests.
|
|
35
56
|
def set_layout
|
|
36
57
|
request.xhr? ? false : "alchemy/admin"
|
|
@@ -106,13 +127,16 @@ module Alchemy
|
|
|
106
127
|
|
|
107
128
|
# Does redirects for html and js requests
|
|
108
129
|
#
|
|
130
|
+
# Makes sure that the redirect path is safe.
|
|
131
|
+
#
|
|
109
132
|
def do_redirect_to(url_or_path)
|
|
133
|
+
redirect_path = safe_redirect_path(url_or_path)
|
|
110
134
|
respond_to do |format|
|
|
111
135
|
format.js {
|
|
112
|
-
@redirect_url =
|
|
136
|
+
@redirect_url = redirect_path
|
|
113
137
|
render :redirect
|
|
114
138
|
}
|
|
115
|
-
format.html { redirect_to
|
|
139
|
+
format.html { redirect_to redirect_path }
|
|
116
140
|
end
|
|
117
141
|
end
|
|
118
142
|
|
|
@@ -40,7 +40,7 @@ module Alchemy
|
|
|
40
40
|
def switch
|
|
41
41
|
@language = set_alchemy_language(params[:language_id])
|
|
42
42
|
session[:alchemy_language_id] = @language.id
|
|
43
|
-
do_redirect_to
|
|
43
|
+
do_redirect_to relative_referer_path || alchemy.admin_dashboard_path
|
|
44
44
|
end
|
|
45
45
|
|
|
46
46
|
private
|
|
@@ -189,11 +189,7 @@ module Alchemy
|
|
|
189
189
|
end
|
|
190
190
|
|
|
191
191
|
def unlock_redirect_path
|
|
192
|
-
|
|
193
|
-
params[:redirect_to]
|
|
194
|
-
else
|
|
195
|
-
admin_pages_path
|
|
196
|
-
end
|
|
192
|
+
safe_redirect_path(fallback: admin_pages_path)
|
|
197
193
|
end
|
|
198
194
|
|
|
199
195
|
# Sets the page public and updates the published_at attribute that is used as cache_key
|
|
@@ -78,7 +78,7 @@ module Alchemy
|
|
|
78
78
|
flash[:error] = resource_instance_variable.errors.full_messages.join(", ")
|
|
79
79
|
end
|
|
80
80
|
flash_notice_for_resource_action
|
|
81
|
-
do_redirect_to resource_url_proxy.url_for(search_filter_params.merge(action: "index"))
|
|
81
|
+
do_redirect_to resource_url_proxy.url_for(search_filter_params.merge(action: "index", only_path: true))
|
|
82
82
|
end
|
|
83
83
|
|
|
84
84
|
def resource_handler
|
data/app/models/alchemy/page.rb
CHANGED
|
@@ -506,7 +506,7 @@ module Alchemy
|
|
|
506
506
|
# does not respond to +#name+ it returns +'unknown'+
|
|
507
507
|
#
|
|
508
508
|
def creator_name
|
|
509
|
-
creator.try(:
|
|
509
|
+
creator.try(:alchemy_display_name) || Alchemy.t("unknown")
|
|
510
510
|
end
|
|
511
511
|
|
|
512
512
|
# Returns the name of the last updater of this page.
|
|
@@ -515,7 +515,7 @@ module Alchemy
|
|
|
515
515
|
# does not respond to +#name+ it returns +'unknown'+
|
|
516
516
|
#
|
|
517
517
|
def updater_name
|
|
518
|
-
updater.try(:
|
|
518
|
+
updater.try(:alchemy_display_name) || Alchemy.t("unknown")
|
|
519
519
|
end
|
|
520
520
|
|
|
521
521
|
# Returns the name of the user currently editing this page.
|
|
@@ -524,7 +524,7 @@ module Alchemy
|
|
|
524
524
|
# does not respond to +#name+ it returns +'unknown'+
|
|
525
525
|
#
|
|
526
526
|
def locker_name
|
|
527
|
-
locker.try(:
|
|
527
|
+
locker.try(:alchemy_display_name) || Alchemy.t("unknown")
|
|
528
528
|
end
|
|
529
529
|
|
|
530
530
|
# Key hint translations by page layout, rather than the default name.
|
|
@@ -102,11 +102,10 @@ module Alchemy
|
|
|
102
102
|
|
|
103
103
|
# Show image cropping link for ingredient
|
|
104
104
|
def allow_image_cropping?
|
|
105
|
-
settings[:crop] && picture
|
|
106
|
-
|
|
107
|
-
|
|
108
|
-
|
|
109
|
-
) && !!picture.image_file
|
|
105
|
+
settings[:crop] && picture&.can_be_cropped_to?(
|
|
106
|
+
settings[:size],
|
|
107
|
+
settings[:upsample]
|
|
108
|
+
) && !!picture.image_file
|
|
110
109
|
end
|
|
111
110
|
|
|
112
111
|
private
|
data/lib/alchemy/resource.rb
CHANGED
|
@@ -188,11 +188,21 @@ module Alchemy
|
|
|
188
188
|
end
|
|
189
189
|
end
|
|
190
190
|
|
|
191
|
+
# Returns a sorted array of attributes.
|
|
192
|
+
#
|
|
193
|
+
# Attribute called "name" comes first.
|
|
194
|
+
# Attribute called "updated_at" comes last.
|
|
195
|
+
# Boolean type attributes come after non-boolean attributes but before "updated_at".
|
|
196
|
+
#
|
|
191
197
|
def sorted_attributes
|
|
192
|
-
@_sorted_attributes ||= attributes
|
|
193
|
-
|
|
194
|
-
|
|
195
|
-
|
|
198
|
+
@_sorted_attributes ||= attributes.sort_by! do |attr|
|
|
199
|
+
[
|
|
200
|
+
(attr[:name] == "name") ? 0 : 1,
|
|
201
|
+
(attr[:name] == "updated_at") ? 3 : 2,
|
|
202
|
+
(attr[:type] == :boolean) ? 2 : 1,
|
|
203
|
+
attr[:name]
|
|
204
|
+
]
|
|
205
|
+
end
|
|
196
206
|
end
|
|
197
207
|
|
|
198
208
|
def editable_attributes
|
data/lib/alchemy/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: alchemy_cms
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 7.1.
|
|
4
|
+
version: 7.1.13
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Thomas von Deyen
|
|
@@ -10,10 +10,9 @@ authors:
|
|
|
10
10
|
- Hendrik Mans
|
|
11
11
|
- Carsten Fregin
|
|
12
12
|
- Martin Meyerhoff
|
|
13
|
-
autorequire:
|
|
14
13
|
bindir: bin
|
|
15
14
|
cert_chain: []
|
|
16
|
-
date:
|
|
15
|
+
date: 2025-01-24 00:00:00.000000000 Z
|
|
17
16
|
dependencies:
|
|
18
17
|
- !ruby/object:Gem::Dependency
|
|
19
18
|
name: actionmailer
|
|
@@ -1443,8 +1442,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
1443
1442
|
version: '0'
|
|
1444
1443
|
requirements:
|
|
1445
1444
|
- ImageMagick (libmagick), v6.6 or greater.
|
|
1446
|
-
rubygems_version: 3.
|
|
1447
|
-
signing_key:
|
|
1445
|
+
rubygems_version: 3.6.3
|
|
1448
1446
|
specification_version: 4
|
|
1449
1447
|
summary: A powerful, userfriendly and flexible CMS for Rails
|
|
1450
1448
|
test_files: []
|