biovision-base 0.5.170614

data/app/controllers/my/recoveries_controller.rb

@@ -0,0 +1,68 @@
+class My::RecoveriesController < ApplicationController
+  include Authentication
+
+  before_action :redirect_authenticated_user
+  before_action :find_user, only: [:create]
+
+  # get /my/recovery
+  def show
+  end
+
+  # post /my/recovery
+  def create
+    if @user.nil? || @user.email.blank?
+      redirect_to my_recovery_path, alert: t('my.recoveries.create.impossible')
+    else
+      send_code
+      redirect_to my_recovery_path, notice: t('my.recoveries.create.completed')
+    end
+  end
+
+  # patch /my/recovery
+  def update
+    set_manager
+    if @manager.code_is_valid?
+      reset_password
+    else
+      redirect_to my_recovery_path, alert: t('my.recoveries.update.invalid_code')
+    end
+  end
+
+  protected
+
+  def find_user
+    @user = User.with_email(param_from_request(:email)).first
+  end
+
+  def set_manager
+    code     = Code.find_by(body: param_from_request(:code))
+    @manager = CodeManager::Recovery.new(code)
+  end
+
+  def send_code
+    code = CodeManager::Recovery.code_for_user(@user)
+    if code.nil?
+      logger.warn { "Could not get recovery code for user #{@user.id}" }
+    else
+      CodeSender.password(code.id).deliver_later
+    end
+  end
+
+  def reset_password
+    if @manager.activate(new_user_parameters)
+      create_token_for_user @manager.code.user
+      redirect_to my_path, notice: t('my.recoveries.update.success')
+    else
+      render :show, status: :bad_request
+    end
+  end
+
+  def new_user_parameters
+    parameters = params.require(:user).permit(:password, :password_confirmation)
+    if parameters[:password].blank?
+      parameters[:password]              = nil
+      parameters[:password_confirmation] = nil
+    end
+    parameters
+  end
+end

data/app/controllers/privilege_groups_controller.rb

@@ -0,0 +1,57 @@
+class PrivilegeGroupsController < AdminController
+  before_action :restrict_access
+  before_action :set_entity, only: [:edit, :update, :destroy]
+
+  # get /privilege_groups/new
+  def new
+    @entity = PrivilegeGroup.new
+  end
+
+  # post /privilege_groups
+  def create
+    @entity = PrivilegeGroup.new entity_parameters
+    if @entity.save
+      redirect_to admin_privilege_group_path(@entity)
+    else
+      render :new, status: :bad_request
+    end
+  end
+
+  # get /privilege_groups/:id/edit
+  def edit
+  end
+
+  # patch /privilege_groups/:id
+  def update
+    if @entity.update entity_parameters
+      redirect_to admin_privilege_group_path(@entity), notice: t('privilege_groups.update.success')
+    else
+      render :edit, status: :bad_request
+    end
+  end
+
+  # delete /privilege_groups/:id
+  def destroy
+    if @entity.destroy
+      flash[:notice] = t('privilege_groups.destroy.success')
+    end
+    redirect_to admin_privilege_groups_path
+  end
+
+  private
+
+  def restrict_access
+    require_privilege :administrator
+  end
+
+  def set_entity
+    @entity = PrivilegeGroup.find_by(id: params[:id])
+    if @entity.nil?
+      handle_http_404('PrivilegeGroup is not found')
+    end
+  end
+
+  def entity_parameters
+    params.require(:privilege_group).permit(PrivilegeGroup.entity_parameters)
+  end
+end

data/app/controllers/privileges_controller.rb

@@ -0,0 +1,74 @@
+class PrivilegesController < AdminController
+  before_action :restrict_access
+  before_action :set_entity, only: [:edit, :update, :destroy]
+  before_action :restrict_editing, only: [:edit, :update, :destroy]
+
+  # post /privileges
+  def create
+    @entity = Privilege.new(creation_parameters)
+    if @entity.save
+      cache_relatives
+      redirect_to admin_privilege_path(@entity)
+    else
+      render :new, status: :bad_request
+    end
+  end
+
+  # get /privileges/:id/edit
+  def edit
+  end
+
+  # patch /privileges/:id
+  def update
+    if @entity.update(entity_parameters)
+      cache_relatives
+      redirect_to admin_privilege_path(@entity), notice: t('privileges.update.success')
+    else
+      render :edit, status: :bad_request
+    end
+  end
+
+  # delete /privileges/:id
+  def destroy
+    if @entity.update deleted: true
+      flash[:notice] = t('privileges.destroy.success')
+    end
+    redirect_to admin_privileges_path
+  end
+
+  private
+
+  def restrict_access
+    require_privilege :administrator
+  end
+
+  def set_entity
+    @entity = Privilege.find_by(id: params[:id], deleted: false)
+    if @entity.nil?
+      handle_http_404("Cannot find non-deleted privilege #{params[:id]}")
+    end
+  end
+
+  def restrict_editing
+    if @entity.locked?
+      redirect_to admin_privilege_path(@entity), alert: t('privileges.edit.forbidden')
+    end
+  end
+
+  def entity_parameters
+    params.require(:privilege).permit(Privilege.entity_parameters)
+  end
+
+  def creation_parameters
+    params.require(:privilege).permit(Privilege.creation_parameters)
+  end
+
+  def cache_relatives
+    @entity.cache_parents!
+    unless @entity.parent.blank?
+      parent = @entity.parent
+      parent.cache_children!
+      parent.save
+    end
+  end
+end

data/app/controllers/profiles_controller.rb

@@ -0,0 +1,22 @@
+class ProfilesController < ApplicationController
+  before_action :set_entity
+
+  # get /u/:slug
+  def show
+  end
+
+  # get /u/:slug/followees
+  def followees
+    @filter     = params[:filter] || Hash.new
+    @collection = UserLink.filtered(:followee, @filter).with_follower(@entity).page_for_user(current_page)
+  end
+
+  private
+
+  def set_entity
+    @entity = User.find_by(slug: params[:slug].downcase, deleted: false)
+    if @entity.nil?
+      handle_http_404('Cannot find user')
+    end
+  end
+end

data/app/controllers/tokens_controller.rb

@@ -0,0 +1,60 @@
+class TokensController < AdminController
+  before_action :set_entity, only: [:edit, :update, :destroy]
+
+  # get /tokens/new
+  def new
+    @entity = Token.new
+  end
+
+  # post /tokens
+  def create
+    @entity = Token.new(creation_parameters)
+    if @entity.save
+      redirect_to admin_token_path(@entity)
+    else
+      render :new, status: :bad_request
+    end
+  end
+
+  # get /tokens/:id/edit
+  def edit
+  end
+
+  # patch /tokens/:id
+  def update
+    if @entity.update(entity_parameters)
+      redirect_to admin_token_path(@entity), notice: t('tokens.update.success')
+    else
+      render :edit, status: :bad_request
+    end
+  end
+
+  # delete /tokens/:id
+  def destroy
+    if @entity.destroy
+      flash[:notice] = t('tokens.destroy.success')
+    end
+    redirect_to admin_tokens_path
+  end
+
+  protected
+
+  def restrict_access
+    require_privilege :administrator
+  end
+
+  def set_entity
+    @entity = Token.find_by(id: params[:id])
+    if @entity.nil?
+      handle_http_404('Cannot find token')
+    end
+  end
+
+  def entity_parameters
+    params.require(:token).permit(Token.entity_parameters)
+  end
+
+  def creation_parameters
+    params.require(:token).permit(Token.creation_parameters).merge(tracking_for_entity)
+  end
+end

data/app/controllers/users_controller.rb

@@ -0,0 +1,57 @@
+class UsersController < AdminController
+  before_action :set_entity, only: [:edit, :update, :destroy]
+
+  # get /users/new
+  def new
+    @entity = User.new
+  end
+
+  # post /users
+  def create
+    @entity = User.new(creation_parameters)
+    if @entity.save
+      redirect_to admin_user_path(@entity.id), notice: t('users.create.success')
+    else
+      render :new, status: :bad_request
+    end
+  end
+
+  # get /users/:id/edit
+  def edit
+  end
+
+  # patch /users/:id
+  def update
+    if @entity.update(entity_parameters)
+      redirect_to admin_user_path(@entity.id), notice: t('users.update.success')
+    else
+      render :edit, status: :bad_request
+    end
+  end
+
+  # delete /users/:id
+  def destroy
+    if @entity.update(deleted: true)
+      flash[:notice] = t('users.destroy.success')
+    end
+    redirect_to admin_users_path
+  end
+
+  protected
+
+  def restrict_access
+    require_privilege :administrator
+  end
+
+  def set_entity
+    @entity = User.find_by(id: params[:id])
+  end
+
+  def entity_parameters
+    params.require(:user).permit(User.entity_parameters)
+  end
+
+  def creation_parameters
+    params.require(:user).permit(User.entity_parameters).merge(tracking_for_entity)
+  end
+end

data/app/helpers/biovision_helper.rb

@@ -0,0 +1,81 @@
+module BiovisionHelper
+  # @param [Integer] year
+  # @param [Integer] month
+  def title_for_archive(year, month)
+    if year && month
+      month_name = t('date.nominative_months')[month.to_i]
+      t(:archive_month, year: year.to_i, month: month_name)
+    elsif year
+      t(:archive_year, year: year.to_i)
+    else
+      ''
+    end
+  end
+
+  # @param [String] path
+  # @param [String] title
+  # @param [Hash] options
+  def world_icon(path, title = t(:view_as_visitor), options = {})
+    icon_with_link('biovision/base/icons/world.svg', path, title, options)
+  end
+
+  # @param [String] path
+  # @param [String] title
+  # @param [Hash] options
+  def gear_icon(path, title = t(:view_as_administrator), options = {})
+    icon_with_link('biovision/base/icons/gear.svg', path, title, options)
+  end
+
+  # @param [String] path
+  # @param [String] title
+  # @param [Hash] options
+  def create_icon(path, title = t(:create), options = {})
+    icon_with_link('biovision/base/icons/create.svg', path, title, options)
+  end
+
+  # @param [String] path
+  # @param [String] title
+  # @param [Hash] options
+  def back_icon(path, title = t(:back), options = {})
+    icon_with_link('biovision/base/icons/back.svg', path, title, options)
+  end
+
+  # @param [String] path
+  # @param [String] title
+  # @param [Hash] options
+  def return_icon(path, title = t(:back), options = {})
+    icon_with_link('biovision/base/icons/return.svg', path, title, options)
+  end
+
+  # @param [String] path
+  # @param [String] title
+  # @param [Hash] options
+  def edit_icon(path, title = t(:edit), options = {})
+    icon_with_link('biovision/base/icons/edit.svg', path, title, options)
+  end
+
+  # @param [ApplicationRecord] entity
+  # @param [String] title
+  # @param [Hash] options
+  def destroy_icon(entity, title = t(:delete), options = {})
+    default = {
+        method: :delete,
+        data: { confirm: t(:are_you_sure), tootik: title, tootik_conf: 'danger' }
+    }
+    icon_with_link('biovision/base/icons/destroy.svg', entity, title, default.merge(options))
+  end
+
+  # @param [String|ApplicationRecord] path
+  # @param [String] title
+  # @param [Hash] options
+  def icon_with_link(source, path, title, options = {})
+    default = { data: { tootik: title } }
+    link_to(image_tag(source, alt: title), path, default.merge(options))
+  end
+
+  # @param [ApplicationRecord] entity
+  # @param [String] path
+  def lock_icons(entity, path)
+    render partial: 'shared/actions/locks', locals: { path: path, entity: entity }
+  end
+end

data/app/helpers/biovision_users_helper.rb

@@ -0,0 +1,52 @@
+module BiovisionUsersHelper
+  def genders_for_select
+    genders = [[t(:not_selected), '']]
+    prefix  = 'activerecord.attributes.user.genders.'
+    genders + User.genders.keys.to_a.map { |o| [I18n.t("#{prefix}#{o}"), o] }
+  end
+
+  # @param [User] entity
+  def user_link(entity)
+    return I18n.t(:anonymous) if entity.nil? || entity.deleted?
+
+    text = entity.profile_name
+    link_to(text, user_profile_path(slug: entity.screen_name), class: 'profile')
+  end
+
+  # @param [User] entity
+  def admin_user_link(entity)
+    return I18n.t(:anonymous) if entity.nil?
+
+    text = entity.profile_name
+    link_to(text, admin_user_path(entity.id), class: 'profile')
+  end
+
+  # @param [Token] entity
+  def admin_token_link(entity)
+    link_to entity.name, admin_token_path(entity.id)
+  end
+
+  # @param [User] user
+  def profile_avatar(user)
+    if user.is_a?(User) && !user.image.blank? && !user.deleted?
+      image_tag user.image.profile.url
+    else
+      image_tag 'biovision/base/placeholders/user.svg'
+    end
+  end
+
+  # @param [User] entity
+  def user_image_preview(entity)
+    return image_tag('biovision/base/placeholders/user.svg') if entity.image.blank?
+
+    versions = "#{entity.image.preview_2x.url} 2x"
+    image_tag(entity.image.preview.url, alt: entity.name, srcset: versions)
+  end
+
+  # @param [ForeignSite] foreign_site
+  def foreign_login_link(foreign_site)
+    image = "biovision/base/icons/foreign/#{foreign_site.slug}.svg"
+    path  = "/auth/#{foreign_site.slug}"
+    link_to(image_tag(image, alt: foreign_site.name), path)
+  end
+end