biovision-base 0.5.170614 → 0.7.170709

data/app/assets/stylesheets/biovision/base/filters.scss

@@ -1,13 +1,13 @@
 form.filter fieldset {
-  font-size: $small-font-size;
-  line-height: calc(#{$normal-font-size} * 1.5);
+  font-size: $font-size-decreased;
+  line-height: #{$font-size-normal * 1.5};
 
   > div {
     display: flex;
     flex-wrap: wrap;
 
     input {
-      font-size: $small-font-size;
+      font-size: $font-size-decreased;
     }
 
     > div {
@@ -48,6 +48,6 @@ form.filter fieldset {
 
   button {
     margin: .8rem 0 0 0;
-    font-size: $small-font-size;
+    font-size: $font-size-decreased;
   }
 }

data/app/assets/stylesheets/biovision/base/layout.scss

@@ -0,0 +1,113 @@
+html {
+  font: 10px $font-family-main;
+  margin: 0;
+  padding: 0;
+  -webkit-text-size-adjust: none;
+  -moz-text-size-adjust: none;
+  -ms-text-size-adjust: none;
+}
+
+h1, h2, h3, h4, h6, h6 {
+  color: $text-color-heading;
+  font-family: $font-family-heading;
+  font-weight: 500;
+  margin: 0;
+}
+
+h1 {
+  font-size: 3rem;
+  line-height: 4.2rem;
+}
+
+a:link {
+  color: $link-color;
+  text-decoration: none;
+  transition: color .125s;
+}
+
+a:visited {
+  color: $link-color-visited;
+}
+
+a:active,
+a:hover {
+  color: $link-color-hover;
+  text-decoration: underline;
+}
+
+body {
+  color: $text-color-primary;
+  display: flex;
+  flex-direction: column;
+  font-size: $font-size-normal;
+  justify-content: space-between;
+  margin: 0;
+  min-height: 100vh;
+  min-width: $content-width-min;
+  padding: 0;
+
+  > footer,
+  > header {
+    > div {
+      margin: 0 auto;
+      padding: .4rem;
+      max-width: $content-width;
+
+      .authentication {
+        > div {
+          display: flex;
+          align-items: center;
+
+          &.links {
+            a:link,
+            a:visited {
+              @include nav-button;
+              margin: 0 .4rem;
+            }
+          }
+
+          &.plate {
+            .logout {
+              @include action-button;
+              margin-left: 1rem;
+            }
+          }
+        }
+      }
+    }
+  }
+
+  > header {
+    background: $background-header;
+    border-bottom: $border-primary;
+
+    > div {
+      align-items: center;
+      display: flex;
+      flex-wrap: wrap;
+
+      .logo {
+        margin-right: auto;
+      }
+    }
+  }
+
+  > footer {
+    background: $background-footer;
+    border-top: $border-primary;
+    margin: auto 0 0 0;
+
+    > div {
+      color: $text-color-secondary;
+      font-size: $font-size-decreased;
+    }
+  }
+}
+
+#main {
+  background: $background-main;
+  flex: 1;
+  margin: 0 auto;
+  max-width: $content-width;
+  padding: .8rem;
+}

data/app/assets/stylesheets/biovision/base/message-box.scss

@@ -34,7 +34,7 @@ section.errors {
   > h2 {
     background: #fee image_url('biovision/base/icons/alert.svg') no-repeat center left 1.6rem / 1.6rem 1.6rem;
     color: #400;
-    font-size: $large-font-size;
+    font-size: $font-size-large;
     padding: 1.6rem 1.6rem 1.6rem 4.8rem;
   }
 
@@ -44,8 +44,8 @@ section.errors {
 }
 
 .field_with_errors {
-  display: inline-block;
   background: #fee;
+  display: inline-block;
 }
 
 span.not-found {
@@ -53,8 +53,8 @@ span.not-found {
   cursor: default;
 
   &:before {
-    content: '\26A0';
     color: #f00;
+    content: '\26A0';
     margin-right: .4rem;
   }
 }

data/app/assets/stylesheets/biovision/base/regions.scss

@@ -0,0 +1,9 @@
+form {
+  #region-image {
+    img {
+      border: $border-primary;
+      max-height: 11rem;
+      width: 11rem;
+    }
+  }
+}

data/app/assets/stylesheets/biovision/base/tootik.scss

@@ -1,11 +1,11 @@
 // https://eliorshalev.github.io/tootik/
 
-$tootik_background_color: #000000;
-$tootik_success_color: #8bc34a;
-$tootik_info_color: #29d2e4;
-$tootik_warning_color: #f87d09;
-$tootik_danger_color: #e91e63;
-$tootik_text_color: #ffffff;
+$tootik_background_color: #000000 !default;
+$tootik_success_color: #8bc34a !default;
+$tootik_info_color: #29d2e4 !default;
+$tootik_warning_color: #f87d09 !default;
+$tootik_danger_color: #e91e63 !default;
+$tootik_text_color: #ffffff !default;
 
 [data-tootik] {
   position: relative;

data/app/assets/stylesheets/biovision/base/track.scss

@@ -14,15 +14,16 @@
 
 div.track {
   border: .1rem dotted;
-  font-size: $small_font_size;
+  box-sizing: border-box;
+  font-size: $font-size-decreased;
   margin: .4rem;
   padding: .4rem;
-  width: calc(100% - .8rem);
+  width: 100%;
 
   > div {
-    overflow: hidden;
-    text-overflow: ellipsis;
-    white-space: nowrap;
-    width: 100%;
+    //overflow: hidden;
+    //text-overflow: ellipsis;
+    //white-space: nowrap;
+    //width: 100%;
   }
 }

data/app/assets/stylesheets/biovision/base/users.scss

@@ -0,0 +1,64 @@
+.privileges {
+  .entity {
+    > input[type=checkbox] {
+      &:checked ~ ul {
+        button,
+        input[type=checkbox] {
+          display: none;
+        }
+      }
+    }
+  }
+}
+
+div.user-search {
+  .message-box-warning {
+    background-position: left .4rem center;
+    font-weight: 400;
+    margin: .4rem;
+    padding: .4rem .4rem .4rem 2.4rem;
+  }
+
+  .results {
+    ul {
+      margin: .4rem;
+      padding: 0;
+
+      li {
+        cursor: pointer;
+        font-size: 1.4rem;
+        font-weight: 400;
+        line-height: 2rem;
+        list-style: none;
+        margin: 0;
+        padding: 0 .4rem;
+
+        &:hover {
+          outline: .1rem solid #070;
+        }
+      }
+    }
+  }
+}
+
+.my-profile-new {
+  > section {
+    dl {
+      input {
+        max-width: 32rem;
+
+        &:not([size]) {
+          width: calc(100% - 1rem);
+        }
+      }
+    }
+
+    .trap {
+      width: .01rem;
+      height: .01rem;
+      overflow: hidden;
+      position: absolute;
+      left: -300rem;
+    }
+  }
+}

data/app/controllers/admin/login_attempts_controller.rb

@@ -0,0 +1,6 @@
+class Admin::LoginAttemptsController < AdminController
+  # get /admin/login_attempts
+  def index
+    @collection = LoginAttempt.page_for_administration(current_page)
+  end
+end

data/app/controllers/admin/privileges_controller.rb

@@ -1,5 +1,41 @@
 class Admin::PrivilegesController < AdminController
   include LockableEntity
   include EntityPriority
-  include Biovision::Admin::Privileges
+  include ToggleableEntity
+
+  before_action :set_entity, except: [:index]
+  before_action :check_entity_lock, only: [:toggle]
+
+  # get /admin/privileges
+  def index
+    @collection = Privilege.for_tree
+  end
+
+  # get /admin/privileges/:id
+  def show
+  end
+
+  # get /admin/privileges/:id/users
+  def users
+    @collection = @entity.users.page_for_administration(current_page)
+  end
+
+  # get /admin/privileges/:id/regions
+  def regions
+    @user       = User.find_by(id: params[:user_id])
+    @collection = Region.visible.for_tree(params[:parent_id]).reject { |r| @entity.has_user?(@user, r) }
+  end
+
+  protected
+
+  def restrict_access
+    require_privilege :administrator
+  end
+
+  def set_entity
+    @entity = Privilege.find_by(id: params[:id], deleted: false)
+    if @entity.nil?
+      handle_http_404("Cannot find non-deleted privilege #{params[:id]}")
+    end
+  end
 end

data/app/controllers/admin/regions_controller.rb

@@ -0,0 +1,37 @@
+class Admin::RegionsController < AdminController
+  include ToggleableEntity
+  include LockableEntity
+
+  before_action :set_entity, except: [:index]
+  before_action :check_entity_lock, only: [:toggle]
+
+  # get /admin/regions
+  def index
+    @collection = Region.for_tree
+  end
+
+  # get /admin/regions/:id
+  def show
+  end
+
+  private
+
+  def restrict_access
+    require_privilege_group :region_managers
+  end
+
+  def restrict_editing
+    unless @entity.editable_by?(current_user)
+      handle_http_401('Current user cannot edit region')
+    end
+  end
+
+  def set_entity
+    @entity = Region.find_by(id: params[:id])
+    if @entity.nil?
+      handle_http_404("Cannot find region #{params[:id]}")
+    else
+      restrict_editing
+    end
+  end
+end

data/app/controllers/admin/users_controller.rb

@@ -31,14 +31,14 @@ class Admin::UsersController < AdminController
 
   # put /admin/users/:id/privileges/:privilege_id
   def grant_privilege
-    @privilege.grant(@entity)
+    @privilege.grant(@entity, Region.find_by(id: params[:region_id]))
 
     render json: { data: { user_privilege_ids: @entity.user_privilege_ids } }
   end
 
   # delete /admin/users/:id/privileges/:privilege_id
   def revoke_privilege
-    @privilege.revoke(@entity)
+    @privilege.revoke(@entity, Region.find_by(id: params[:region_id]))
 
     render json: { data: { user_privilege_ids: @entity.user_privilege_ids } }
   end

data/app/controllers/authentication_controller.rb

@@ -10,16 +10,9 @@ class AuthenticationController < ApplicationController
 
   # post /login
   def create
-    user = User.find_by(slug: params[:login].to_s.downcase)
-    if user&.authenticate(params[:password].to_s) && user.allow_login?
-      create_token_for_user(user)
-      Metric.register(User::METRIC_AUTHENTICATION_SUCCESS)
-      redirect_to root_path
-    else
-      Metric.register(User::METRIC_AUTHENTICATION_FAILURE)
-      flash.now[:alert] = t(:could_not_log_in)
-      render :new, status: :unauthorized
-    end
+    @user    = User.find_by(slug: param_from_request(:login).downcase)
+    @bouncer = UserBouncer.new(@user, tracking_for_entity)
+    bounce_or_allow
   end
 
   # delete /logout
@@ -39,12 +32,6 @@ class AuthenticationController < ApplicationController
 
   private
 
-  def deactivate_token
-    token = Token.find_by token: cookies['token'].split(':').last
-    token.update active: false
-    pop_token
-  end
-
   def set_foreign_site
     @foreign_site = ForeignSite.with_slug(params[:provider]).first
     if @foreign_site.nil?
@@ -54,17 +41,31 @@ class AuthenticationController < ApplicationController
     end
   end
 
-  def pop_token
-    if cookies['pt']
-      cookies['token'] = {
-        value: cookies['pt'],
-        expires: 1.year.from_now,
-        domain: :all,
-        httponly: true
-      }
-      cookies['pt']    = nil
+  def bounce_or_allow
+    if @bouncer.let_user_in?(param_from_request(:password))
+      successful_authentication
     else
-      cookies['token'] = nil
+      failed_authentication
     end
   end
+
+  def successful_authentication
+    create_token_for_user(@user)
+    Metric.register(User::METRIC_AUTHENTICATION_SUCCESS)
+    redirect_after_success
+  end
+
+  def failed_authentication
+    Metric.register(User::METRIC_AUTHENTICATION_FAILURE)
+    flash.now[:alert] = t(:could_not_log_in)
+    render :new, status: :unauthorized
+  end
+
+  def redirect_after_success
+    return_path = cookies['return_path'].to_s
+    return_path = my_path unless return_path[0] == '/'
+    cookies.delete 'return_path', domain: :all
+
+    redirect_to return_path
+  end
 end

data/app/controllers/concerns/authentication.rb

@@ -16,4 +16,24 @@ module Authentication
       httponly: true
     }
   end
+
+  def deactivate_token
+    token = Token.find_by token: cookies['token'].split(':').last
+    token.update active: false
+    pop_token
+  end
+
+  def pop_token
+    if cookies['pt']
+      cookies['token'] = {
+        value:    cookies['pt'],
+        expires:  1.year.from_now,
+        domain:   :all,
+        httponly: true
+      }
+      cookies.delete 'pt', domain: :all
+    else
+      cookies.delete 'token', domain: :all
+    end
+  end
 end

data/app/controllers/my/confirmations_controller.rb

@@ -1,5 +1,7 @@
 class My::ConfirmationsController < ApplicationController
-  before_action :restrict_anonymous_access, only: [:create, :update]
+  include Authentication
+
+  # before_action :restrict_anonymous_access, only: [:create, :update]
   before_action :redirect_confirmed_user, only: [:create, :update]
 
   # get /my/confirmation
@@ -20,9 +22,10 @@ class My::ConfirmationsController < ApplicationController
   # patch /my/confirmation
   def update
     code    = Code.find_by(body: param_from_request(:code))
-    manager = CodeManager::Confirmation.new(code, current_user)
+    manager = CodeManager::Confirmation.new(code)
     if manager.code_is_valid?
       manager.activate
+      create_token_for_user(code.user)
       redirect_to my_path
     else
       redirect_to my_confirmation_path, alert: t('my.confirmations.update.invalid_code')
@@ -32,6 +35,8 @@ class My::ConfirmationsController < ApplicationController
   protected
 
   def redirect_confirmed_user
-    redirect_to my_confirmation_path, notice: t(:email_already_confirmed) if current_user.email_confirmed?
+    if current_user&.email_confirmed?
+      redirect_to my_path
+    end
   end
 end

data/app/controllers/my/login_attempts_controller.rb

@@ -0,0 +1,9 @@
+class My::LoginAttemptsController < ApplicationController
+  before_action :restrict_anonymous_access
+
+  # get /my/login_attempts
+  def index
+    @collection = LoginAttempt.page_for_owner(current_user, current_page)
+    @agents     = Agent.where(id: @collection.pluck(:agent_id))
+  end
+end

data/app/controllers/my/profiles_controller.rb

@@ -12,7 +12,7 @@ class My::ProfilesController < ApplicationController
   # post /my/profile
   def create
     if params[:agree]
-      redirect_to root_path, notice: t('my.profiles.create.success')
+      redirect_to root_path, alert: t('my.profiles.create.are_you_bot')
     else
       create_user
     end
@@ -46,7 +46,7 @@ class My::ProfilesController < ApplicationController
     if @user.save
       Metric.register(User::METRIC_REGISTRATION)
       create_token_for_user(@user)
-      redirect_to my_profile_path, notice: t('my.profiles.create.success')
+      redirect_after_creation
     else
       render :new, status: :bad_request
     end
@@ -78,4 +78,12 @@ class My::ProfilesController < ApplicationController
     parameters[:phone_confirmed] = false if parameters[:phone] && parameters[:phone] != current_user.phone
     parameters
   end
+
+  def redirect_after_creation
+    return_path = cookies['return_path'].to_s
+    return_path = my_profile_path unless return_path[0] == '/'
+    cookies.delete 'return_path', domain: :all
+    
+    redirect_to return_path, notice: t('my.profiles.create.success')
+  end
 end

data/app/controllers/my/tokens_controller.rb

@@ -0,0 +1,20 @@
+class My::TokensController < ApplicationController
+  include ToggleableEntity
+
+  before_action :restrict_anonymous_access
+  before_action :set_entity, except: [:index]
+
+  # get /my
+  def index
+    @collection = Token.page_for_owner(current_user, current_page)
+  end
+
+  private
+
+  def set_entity
+    @entity = Token.owned_by(current_user).find_by(id: params[:id])
+    if @entity.nil?
+      handle_http_404('Cannot find token for current user')
+    end
+  end
+end

data/app/controllers/regions_controller.rb

@@ -0,0 +1,73 @@
+class RegionsController < AdminController
+  before_action :set_entity, only: [:edit, :update, :destroy]
+  before_action :restrict_editing, only: [:edit, :update, :destroy]
+
+  # post /regions
+  def create
+    @entity = Region.new(creation_parameters)
+    if @entity.save
+      cache_relatives
+      redirect_to admin_region_path(@entity)
+    else
+      render :new, status: :bad_request
+    end
+  end
+
+  # get /regions/:id/edit
+  def edit
+  end
+
+  # patch /regions/:id
+  def update
+    if @entity.update(entity_parameters)
+      cache_relatives
+      redirect_to admin_region_path(@entity), notice: t('regions.update.success')
+    else
+      render :edit, status: :bad_request
+    end
+  end
+
+  # delete /post_categories/:id
+  def destroy
+    if @entity.destroy
+      flash[:notice] = t('regions.destroy.success')
+    end
+    redirect_to admin_regions_path
+  end
+
+  protected
+
+  def restrict_access
+    require_privilege_group :region_managers
+  end
+
+  def set_entity
+    @entity = Region.find_by(id: params[:id])
+    if @entity.nil?
+      handle_http_404('Cannot find region')
+    end
+  end
+
+  def restrict_editing
+    unless @entity.editable_by?(current_user)
+      redirect_to admin_region_path(@entity.id), alert: t('regions.edit.forbidden')
+    end
+  end
+
+  def entity_parameters
+    params.require(:region).permit(Region.entity_parameters)
+  end
+
+  def creation_parameters
+    params.require(:region).permit(Region.creation_parameters)
+  end
+
+  def cache_relatives
+    @entity.cache_parents!
+    unless @entity.parent.blank?
+      parent = @entity.parent
+      parent.cache_children!
+      parent.save
+    end
+  end
+end

data/app/helpers/biovision_regions_helper.rb

@@ -0,0 +1,22 @@
+module BiovisionRegionsHelper
+  # @param [Region] entity
+  def admin_region_link(entity)
+    link_to(entity.name, admin_region_path(entity.id))
+  end
+
+  # @param [Region] entity
+  def region_image_preview(entity)
+    unless entity.image.blank?
+      versions = "#{entity.image.preview_2x.url} 2x"
+      image_tag(entity.image.preview.url, alt: entity.name, srcset: versions)
+    end
+  end
+
+  # @param [Region] entity
+  def region_image_medium(entity)
+    unless entity.image.blank?
+      versions = "#{entity.image.medium_2x.url} 2x"
+      image_tag(entity.image.medium.url, alt: entity.name, srcset: versions)
+    end
+  end
+end

data/app/mailers/application_mailer.rb

@@ -0,0 +1,5 @@
+class ApplicationMailer < ActionMailer::Base
+  default from: 'from@example.com'
+  layout 'mailer'
+end
+