bcms_ancestry 1.0.0

data/README

@@ -0,0 +1,243 @@
+== Welcome to Rails
+
+Rails is a web-application framework that includes everything needed to create 
+database-backed web applications according to the Model-View-Control pattern. 
+
+This pattern splits the view (also called the presentation) into "dumb" templates
+that are primarily responsible for inserting pre-built data in between HTML tags.
+The model contains the "smart" domain objects (such as Account, Product, Person,
+Post) that holds all the business logic and knows how to persist themselves to
+a database. The controller handles the incoming requests (such as Save New Account,
+Update Product, Show Post) by manipulating the model and directing data to the view.
+
+In Rails, the model is handled by what's called an object-relational mapping
+layer entitled Active Record. This layer allows you to present the data from
+database rows as objects and embellish these data objects with business logic
+methods. You can read more about Active Record in
+link:files/vendor/rails/activerecord/README.html.
+
+The controller and view are handled by the Action Pack, which handles both
+layers by its two parts: Action View and Action Controller. These two layers
+are bundled in a single package due to their heavy interdependence. This is
+unlike the relationship between the Active Record and Action Pack that is much
+more separate. Each of these packages can be used independently outside of
+Rails.  You can read more about Action Pack in
+link:files/vendor/rails/actionpack/README.html.
+
+
+== Getting Started
+
+1. At the command prompt, start a new Rails application using the <tt>rails</tt> command
+   and your application name. Ex: rails myapp
+2. Change directory into myapp and start the web server: <tt>script/server</tt> (run with --help for options)
+3. Go to http://localhost:3000/ and get "Welcome aboard: You're riding the Rails!"
+4. Follow the guidelines to start developing your application
+
+
+== Web Servers
+
+By default, Rails will try to use Mongrel if it's are installed when started with script/server, otherwise Rails will use WEBrick, the webserver that ships with Ruby. But you can also use Rails
+with a variety of other web servers.
+
+Mongrel is a Ruby-based webserver with a C component (which requires compilation) that is
+suitable for development and deployment of Rails applications. If you have Ruby Gems installed,
+getting up and running with mongrel is as easy as: <tt>gem install mongrel</tt>.
+More info at: http://mongrel.rubyforge.org
+
+Say other Ruby web servers like Thin and Ebb or regular web servers like Apache or LiteSpeed or
+Lighttpd or IIS. The Ruby web servers are run through Rack and the latter can either be setup to use
+FCGI or proxy to a pack of Mongrels/Thin/Ebb servers.
+
+== Apache .htaccess example for FCGI/CGI
+
+# General Apache options
+AddHandler fastcgi-script .fcgi
+AddHandler cgi-script .cgi
+Options +FollowSymLinks +ExecCGI
+
+# If you don't want Rails to look in certain directories,
+# use the following rewrite rules so that Apache won't rewrite certain requests
+# 
+# Example:
+#   RewriteCond %{REQUEST_URI} ^/notrails.*
+#   RewriteRule .* - [L]
+
+# Redirect all requests not available on the filesystem to Rails
+# By default the cgi dispatcher is used which is very slow
+# 
+# For better performance replace the dispatcher with the fastcgi one
+#
+# Example:
+#   RewriteRule ^(.*)$ dispatch.fcgi [QSA,L]
+RewriteEngine On
+
+# If your Rails application is accessed via an Alias directive,
+# then you MUST also set the RewriteBase in this htaccess file.
+#
+# Example:
+#   Alias /myrailsapp /path/to/myrailsapp/public
+#   RewriteBase /myrailsapp
+
+RewriteRule ^$ index.html [QSA]
+RewriteRule ^([^.]+)$ $1.html [QSA]
+RewriteCond %{REQUEST_FILENAME} !-f
+RewriteRule ^(.*)$ dispatch.cgi [QSA,L]
+
+# In case Rails experiences terminal errors
+# Instead of displaying this message you can supply a file here which will be rendered instead
+# 
+# Example:
+#   ErrorDocument 500 /500.html
+
+ErrorDocument 500 "<h2>Application error</h2>Rails application failed to start properly"
+
+
+== Debugging Rails
+
+Sometimes your application goes wrong.  Fortunately there are a lot of tools that
+will help you debug it and get it back on the rails.
+
+First area to check is the application log files.  Have "tail -f" commands running
+on the server.log and development.log. Rails will automatically display debugging
+and runtime information to these files. Debugging info will also be shown in the
+browser on requests from 127.0.0.1.
+
+You can also log your own messages directly into the log file from your code using
+the Ruby logger class from inside your controllers. Example:
+
+  class WeblogController < ActionController::Base
+    def destroy
+      @weblog = Weblog.find(params[:id])
+      @weblog.destroy
+      logger.info("#{Time.now} Destroyed Weblog ID ##{@weblog.id}!")
+    end
+  end
+
+The result will be a message in your log file along the lines of:
+
+  Mon Oct 08 14:22:29 +1000 2007 Destroyed Weblog ID #1
+
+More information on how to use the logger is at http://www.ruby-doc.org/core/
+
+Also, Ruby documentation can be found at http://www.ruby-lang.org/ including:
+
+* The Learning Ruby (Pickaxe) Book: http://www.ruby-doc.org/docs/ProgrammingRuby/
+* Learn to Program: http://pine.fm/LearnToProgram/  (a beginners guide)
+
+These two online (and free) books will bring you up to speed on the Ruby language
+and also on programming in general.
+
+
+== Debugger
+
+Debugger support is available through the debugger command when you start your Mongrel or
+Webrick server with --debugger. This means that you can break out of execution at any point
+in the code, investigate and change the model, AND then resume execution! 
+You need to install ruby-debug to run the server in debugging mode. With gems, use 'gem install ruby-debug'
+Example:
+
+  class WeblogController < ActionController::Base
+    def index
+      @posts = Post.find(:all)
+      debugger
+    end
+  end
+
+So the controller will accept the action, run the first line, then present you
+with a IRB prompt in the server window. Here you can do things like:
+
+  >> @posts.inspect
+  => "[#<Post:0x14a6be8 @attributes={\"title\"=>nil, \"body\"=>nil, \"id\"=>\"1\"}>,
+       #<Post:0x14a6620 @attributes={\"title\"=>\"Rails you know!\", \"body\"=>\"Only ten..\", \"id\"=>\"2\"}>]"
+  >> @posts.first.title = "hello from a debugger"
+  => "hello from a debugger"
+
+...and even better is that you can examine how your runtime objects actually work:
+
+  >> f = @posts.first
+  => #<Post:0x13630c4 @attributes={"title"=>nil, "body"=>nil, "id"=>"1"}>
+  >> f.
+  Display all 152 possibilities? (y or n)
+
+Finally, when you're ready to resume execution, you enter "cont"
+
+
+== Console
+
+You can interact with the domain model by starting the console through <tt>script/console</tt>.
+Here you'll have all parts of the application configured, just like it is when the
+application is running. You can inspect domain models, change values, and save to the
+database. Starting the script without arguments will launch it in the development environment.
+Passing an argument will specify a different environment, like <tt>script/console production</tt>.
+
+To reload your controllers and models after launching the console run <tt>reload!</tt>
+
+== dbconsole
+
+You can go to the command line of your database directly through <tt>script/dbconsole</tt>.
+You would be connected to the database with the credentials defined in database.yml.
+Starting the script without arguments will connect you to the development database. Passing an
+argument will connect you to a different database, like <tt>script/dbconsole production</tt>.
+Currently works for mysql, postgresql and sqlite.
+
+== Description of Contents
+
+app
+  Holds all the code that's specific to this particular application.
+
+app/controllers
+  Holds controllers that should be named like weblogs_controller.rb for
+  automated URL mapping. All controllers should descend from ApplicationController
+  which itself descends from ActionController::Base.
+
+app/models
+  Holds models that should be named like post.rb.
+  Most models will descend from ActiveRecord::Base.
+
+app/views
+  Holds the template files for the view that should be named like
+  weblogs/index.html.erb for the WeblogsController#index action. All views use eRuby
+  syntax.
+
+app/views/layouts
+  Holds the template files for layouts to be used with views. This models the common
+  header/footer method of wrapping views. In your views, define a layout using the
+  <tt>layout :default</tt> and create a file named default.html.erb. Inside default.html.erb,
+  call <% yield %> to render the view using this layout.
+
+app/helpers
+  Holds view helpers that should be named like weblogs_helper.rb. These are generated
+  for you automatically when using script/generate for controllers. Helpers can be used to
+  wrap functionality for your views into methods.
+
+config
+  Configuration files for the Rails environment, the routing map, the database, and other dependencies.
+
+db
+  Contains the database schema in schema.rb.  db/migrate contains all
+  the sequence of Migrations for your schema.
+
+doc
+  This directory is where your application documentation will be stored when generated
+  using <tt>rake doc:app</tt>
+
+lib
+  Application specific libraries. Basically, any kind of custom code that doesn't
+  belong under controllers, models, or helpers. This directory is in the load path.
+
+public
+  The directory available for the web server. Contains subdirectories for images, stylesheets,
+  and javascripts. Also contains the dispatchers and the default HTML files. This should be
+  set as the DOCUMENT_ROOT of your web server.
+
+script
+  Helper scripts for automation and generation.
+
+test
+  Unit and functional tests along with fixtures. When using the script/generate scripts, template
+  test files will be generated for you and placed in this directory.
+
+vendor
+  External libraries that the application depends on. Also includes the plugins subdirectory.
+  If the app has frozen rails, those gems also go here, under vendor/rails/.
+  This directory is in the load path.

data/app/controllers/application_controller.rb

@@ -0,0 +1,12 @@
+# Filters added to this controller apply to all controllers in the application.
+# Likewise, all the methods added will be available for all controllers.
+
+class ApplicationController < ActionController::Base
+  helper :all # include all helpers, all the time
+  protect_from_forgery # See ActionController::RequestForgeryProtection for details
+
+  # Scrub sensitive parameters from your log
+  # filter_parameter_logging :password
+  
+
+end

data/app/controllers/cms/sections_controller.rb

@@ -0,0 +1,130 @@
+class Cms::SectionsController < Cms::BaseController
+
+  before_filter :load_parent, :only => [:new, :create]
+  before_filter :load_section, :only => [:edit, :update, :destroy, :move]
+  before_filter :set_toolbar_tab
+  
+  helper_method :public_groups
+  helper_method :cms_groups
+
+  def index
+    redirect_to cms_sitemap_path
+  end
+
+  def show
+    redirect_to cms_sitemap_path
+  end
+  
+  def new
+    @section = Section.new(:parent=>@parent)
+    @section.groups = @parent.groups
+  end
+  
+  def create
+    @section = Section.new(params[:section])
+    @section.parent = @parent
+    @section.groups = @section.parent.groups unless current_user.able_to?(:administrate)
+    if @section.save
+      flash[:notice] = "Section '#{@section.name}' was created"
+      redirect_to [:cms, @section]
+    else
+      render :action => 'new'
+    end    
+  end
+
+  def edit
+  end
+  
+  def update
+    params[:section].delete('group_ids') if params[:section] &&  !current_user.able_to?(:administrate)
+    @section.attributes = params[:section]
+    if @section.save
+      flash[:notice] = "Section '#{@section.name}' was updated"
+      redirect_to [:cms, @section]
+    else
+      render :action => 'edit'
+    end      
+  end
+  
+  def destroy
+    respond_to do |format|
+      if @section.deletable? && @section.destroy
+        message = "Section '#{@section.name}' was deleted."
+        format.html { flash[:notice] = message; redirect_to(cms_sitemap_url) }
+        format.json { render :json => {:success => true, :message => message } }
+      else
+        message = "Section '#{@section.name}' could not be deleted"
+        format.html { flash[:error] = message; redirect_to(cms_sitemap_url) }
+        format.json { render :json => {:success => false, :message => message } }
+      end
+    end
+  end  
+  
+  def move
+    if params[:section_id]
+      @move_to = Section.find(params[:section_id])
+    else
+      @move_to = Section.root.first
+    end
+  end
+  
+  def file_browser              
+    @section = Section.find_by_name_path(params[:CurrentFolder])
+    if request.post? && params[:NewFile]
+      handle_file_browser_upload
+    else
+      render_file_browser
+    end
+  end
+  
+  protected
+    def load_parent
+      @parent = Section.find(params[:section_id])
+      raise Cms::Errors::AccessDenied unless current_user.able_to_edit?(@parent)
+    end
+
+    def load_section
+      @section = Section.find(params[:id])
+      raise Cms::Errors::AccessDenied unless current_user.able_to_edit?(@section)
+    end
+
+    def handle_file_browser_upload
+      begin
+        case params[:Type].downcase
+        when "file"
+          FileBlock.create!(:section => @section, :file => params[:NewFile])
+        when "image" 
+          ImageBlock.create!(:section => @section, :file => params[:NewFile])
+        end
+        result = "0"
+      rescue Exception => e
+        result = "1,'#{escape_javascript(e.message)}'"
+      end  
+      render :text => %Q{<script type="text/javascript">window.parent.frames['frmUpload'].OnUploadCompleted(#{result});</script>}, :layout => false      
+    end
+    
+    def render_file_browser
+      headers['Content-Type'] = "text/xml"
+      @files = case params[:Type].downcase
+               when "file"
+                 FileBlock.by_section(@section)
+               when "image" 
+                 ImageBlock.by_section(@section)
+               else
+                 @section.pages
+               end
+       render 'cms/sections/file_browser.xml.builder', :layout => false
+    end
+
+    def public_groups
+      @public_groups ||= Group.public.all(:order => "groups.name")
+    end
+
+    def cms_groups
+      @cms_groups ||= Group.cms_access.all(:order => "groups.name")
+    end
+
+    def set_toolbar_tab
+      @toolbar_tab = :sitemap
+    end
+end

data/app/helpers/application_helper.rb

@@ -0,0 +1,3 @@
+# Methods added to this helper will be available to all templates in the application.
+module ApplicationHelper
+end

data/app/helpers/cms/section_nodes_helper.rb

@@ -0,0 +1,11 @@
+module Cms
+  module SectionNodesHelper
+    def section_icons(node,has_children = false)
+      if (node.depth < 3)
+        has_children ? image_tag("cms/sitemap/no_contents.png", :class => "no_folder_toggle large") : image_tag("cms/sitemap/gray_expand.png", :class => "folder_toggle large")
+      else
+        has_children ? image_tag("cms/sitemap/no_contents.png", :class => "no_folder_toggle") : image_tag("cms/sitemap/expand.png", :class => "folder_toggle")
+      end
+    end
+  end
+end

data/app/models/attachment.rb

@@ -0,0 +1,177 @@
+require 'digest/sha1'
+require 'fileutils'
+
+class Attachment < ActiveRecord::Base
+
+  #----- Macros ----------------------------------------------------------------
+
+  is_archivable
+  is_publishable
+  uses_soft_delete
+  is_userstamped
+  is_versioned
+  attr_accessor :temp_file
+
+  #----- Callbacks -------------------------------------------------------------
+
+  before_validation :make_dirty_if_temp_file
+  before_validation :prepend_file_path_with_slash
+  before_validation :extract_file_extension_from_file_name
+  before_validation :extract_file_type_from_temp_file
+  before_validation :extract_file_size_from_temp_file
+  before_validation :set_file_location
+  before_save :hack, :process_section
+
+  after_save :write_temp_file_to_storage_location
+  after_save :clear_ivars
+  
+  #----- Associations ----------------------------------------------------------
+
+  #has_one :section_node, :as => :node
+  has_one :section_node, :foreign_key=>:section_id, :class_name=>:section
+#  has_one :section
+
+  #----- Validations -----------------------------------------------------------
+
+  validates_presence_of :temp_file,
+    :message => "You must upload a file", :on => :create
+  validates_presence_of :file_path
+  validates_uniqueness_of :file_path
+  validates_presence_of :section_id
+    
+  #----- Virtual Attributes ----------------------------------------------------
+  
+
+  
+  #----- Callbacks Methods -----------------------------------------------------
+  
+  def make_dirty_if_temp_file
+    dirty! if temp_file
+  end
+  
+  def prepend_file_path_with_slash
+    unless file_path.blank?
+      self.file_path = "/#{file_path}" unless file_path =~ /^\//
+    end
+  end
+  
+  def extract_file_extension_from_file_name
+    if file_name && file_name['.']
+      self.file_extension = file_name.split('.').last.to_s.downcase
+    end
+  end
+  
+  def extract_file_type_from_temp_file
+    unless temp_file.blank?
+      self.file_type = temp_file.content_type
+    end
+  end
+  
+  def extract_file_size_from_temp_file
+    unless temp_file.blank?
+      self.file_size = temp_file.size
+    end
+  end
+
+  # The file will be stored on disk at
+  # Attachment.storage_location/year/month/day/sha1
+  # The sha1 is a 40 character hash based on the original_filename
+  # of the file uploaded and the current time
+  def set_file_location
+    unless temp_file.blank?
+      sha1 = Digest::SHA1.hexdigest("#{temp_file.original_filename}#{Time.now.to_f}")
+      self.file_location = "#{Time.now.strftime("%Y/%m/%d")}/#{sha1}"
+    end
+  end
+
+  def hack
+     section_id = -1
+  end
+  def process_section
+    #logger.info "processing section, section_id => #{section_id}, section_node => #{section_node.inspect}"
+    if section_node && !section_node.new_record? && section_node.section_id != section_id
+      section_node.move_to_end(Section.find(section_id))
+    else
+      build_section_node(:node => self, :section_id => section_id)
+    end
+  end
+    
+  def write_temp_file_to_storage_location
+    unless temp_file.blank?
+      FileUtils.mkdir_p File.dirname(full_file_location)
+      if temp_file.local_path
+        FileUtils.copy temp_file.local_path, full_file_location
+      else
+        open(full_file_location, 'w') {|f| f << temp_file.read }
+      end
+      
+      if Cms.attachment_file_permission
+        FileUtils.chmod Cms.attachment_file_permission, full_file_location
+      end
+    end
+  end
+  
+  def clear_ivars
+    @temp_file = nil
+    @section = nil
+    @section_id = nil
+  end
+  
+  #----- Class Methods ---------------------------------------------------------
+  
+  def self.storage_location
+    @storage_location ||= File.join(Rails.root, "/tmp/uploads")
+  end
+  
+  def self.storage_location=(storage_location)
+    @storage_location = storage_location
+  end
+  
+  def self.find_live_by_file_path(file_path)
+    Attachment.published.not_archived.first(:conditions => {:file_path => file_path})
+  end
+  
+  #----- Instance Methods ------------------------------------------------------
+
+  def file_name
+    file_path ? file_path.split('/').last : nil
+  end
+
+  def name
+    file_name
+  end
+  
+  def icon
+    {
+        :doc => %w[doc],
+        :gif => %w[gif jpg jpeg png tiff bmp],
+        :htm => %w[htm html],
+        :pdf => %w[pdf],
+        :ppt => %w[ppt],
+        :swf => %w[swf],
+        :txt => %w[txt],
+        :xls => %w[xls],
+        :xml => %w[xml],
+        :zip => %w[zip rar tar gz tgz]
+    }.each do |icon, extensions|
+      return icon if extensions.include?(file_extension.to_s)
+    end
+    :file
+  end
+
+  def public?
+    section ? section.public? : false
+  end
+  
+  def full_file_location
+    File.join(Attachment.storage_location, file_location)
+  end
+
+  # Forces this record to be changed, even if nothing has changed
+  # This is necessary if just the section.id has changed, for example
+  def dirty!
+    # Seems like a hack, is there a better way?
+    self.updated_at = Time.now
+  end
+
+end