biovision 0.0.200518.1 → 0.1.210414.0

data/app/assets/stylesheets/biovision/themes/default_theme/components.scss

@@ -1,3 +1,2 @@
-@import "biovision/components/forms";
-@import "biovision/components/hamburger";
-@import "biovision/components/lists";
+@import "biovision/components";
+@import "biovision/themes/default_theme/components/users";

data/app/assets/stylesheets/biovision/themes/default_theme/components/users.scss

@@ -0,0 +1,2 @@
+@import "biovision/themes/default_theme/components/users/form_tabs";
+@import "biovision/themes/default_theme/components/users/profile";

data/app/assets/stylesheets/biovision/themes/default_theme/components/users/form_tabs.scss

@@ -0,0 +1,101 @@
+$users-tab-color: hsl(220, 75%, 50%) !default;
+$users-tab-color-hover: hsl(220, 100%, 95%) !default;
+
+.users__form-tabs {
+  box-shadow: var(--block-shadow);
+  margin: 0 auto var(--spacer-m);
+  max-width: 40rem;
+  padding-top: var(--spacer-xs);
+
+  .errors {
+    margin: 0 var(--spacer-xs);
+  }
+
+  .labels {
+    align-items: center;
+    border: .1rem solid $users-tab-color;
+    display: flex;
+    margin: 0 var(--spacer-xs);
+
+    label {
+      color: $users-tab-color;
+      cursor: pointer;
+      display: block;
+      flex: 1;
+      padding: var(--spacer-xs) var(--spacer-s);
+      text-align: center;
+      transition: .25s;
+
+      &:hover {
+        background-color: $users-tab-color-hover;
+      }
+    }
+  }
+
+  .tabs {
+    .tab {
+      display: none;
+    }
+
+    .login {
+      form {
+        margin: 0 auto;
+      }
+    }
+  }
+
+  .tab-control-login {
+    &:checked {
+      ~ .labels {
+        .login {
+          background: $users-tab-color;
+          color: var(--text-color-inverted-primary);
+        }
+      }
+
+      ~ .tabs {
+        .login {
+          display: block;
+        }
+      }
+    }
+  }
+
+  .tab-control-join {
+    &:checked {
+      ~ .labels {
+        .join {
+          background: $users-tab-color;
+          color: var(--text-color-inverted-primary);
+        }
+      }
+
+      ~ .tabs {
+        .join {
+          display: block;
+        }
+      }
+    }
+  }
+
+  .fields {
+    > div:not(:last-of-type) {
+      margin-bottom: 0;
+    }
+  }
+
+  .actions {
+    align-items: center;
+    display: flex;
+    justify-content: space-between;
+    padding: var(--spacer-xs);
+  }
+
+  .flags {
+    font-weight: 300;
+
+    li {
+      padding: var(--spacer-xxs) var(--spacer-xs);
+    }
+  }
+}

data/app/assets/stylesheets/biovision/themes/default_theme/components/users/profile.scss

@@ -0,0 +1,77 @@
+.users__profile {
+  --avatar-size: 36rem;
+  align-items: flex-start;
+  display: flex;
+
+  .avatar {
+    flex: none;
+    padding: var(--spacer-xs) var(--spacer-xxs);
+    width: calc(var(--avatar-size) + var(--spacer-xxs) * 2 + var(--spacer-s));
+
+    .image {
+      max-width: 100%;
+      height: var(--avatar-size);
+      width: var(--avatar-size);
+    }
+
+    img {
+      box-shadow: var(--block-shadow);
+      height: 100%;
+      object-fit: contain;
+      width: 100%;
+    }
+  }
+}
+
+@media (max-width: 850px) {
+  .users__profile {
+    display: block;
+  }
+}
+
+@media (max-width: 375px) {
+  .users__profile {
+    --avatar-size: 30rem;
+
+    .avatar {
+      width: 100%;
+
+      .image {
+        margin: 0 auto;
+      }
+    }
+  }
+}
+
+.users__profile-aside {
+  margin: var(--spacer-s) 0;
+  padding: 0 var(--spacer-xs);
+}
+
+.users__profile-form {
+  background: #f7f7f7;
+  border: var(--border-secondary);
+  margin: var(--spacer-s) auto;
+  padding: var(--spacer-xs);
+
+  img {
+    box-shadow: var(--block-shadow);
+  }
+
+  h3 {
+    margin-bottom: var(--spacer-s);
+  }
+
+  .hint {
+    background: #fff;
+    box-shadow: var(--block-shadow);
+    font-size: var(--font-size-increased);
+    font-weight: 300;
+    padding: var(--spacer-xs);
+
+    &::before {
+      content: '☝';
+      margin-right: var(--spacer-xxs);
+    }
+  }
+}

data/app/assets/stylesheets/biovision/themes/default_theme/layout.scss

@@ -4,33 +4,19 @@
 //* { outline: solid pink 1px }
 
 html {
-  height: 100%;
+  //height: 100%;
 }
 
 body {
   display: flex;
   flex-direction: column;
-  height: 100%;
+  //height: 100%;
 }
 
 #main {
   flex: 1;
 }
 
-.breadcrumbs {
-  a {
-    background: image_url('biovision/icons/breadcrumb.svg') no-repeat bottom .1rem right / .6rem 1.2rem;
-    padding-right: 1rem;
-    transition: background .25s;
-
-    &:active,
-    &:focus,
-    &:hover {
-      background-image: image_url('biovision/icons/breadcrumb-hover.svg');
-    }
-  }
-}
-
 .content-wrapper {
   padding: var(--spacer-xs);
 }

data/app/controllers/admin/components_controller.rb

@@ -13,18 +13,18 @@ class Admin::ComponentsController < AdminController
   # get /admin/components/:slug
   def show
     error = 'Viewing component is not allowed'
-    handle_http_401(error) unless @handler.allow?
+    handle_http_401(error) unless @handler.permit?('view')
   end
 
   # get /admin/components/:slug/settings
   def settings
     error = 'Viewing settings is not allowed'
-    handle_http_401(error) unless @handler.allow?('settings')
+    handle_http_401(error) unless @handler.permit?('settings.view')
   end
 
   # patch /admin/components/:slug/settings
   def update_settings
-    if @handler.allow?('settings')
+    if @handler.permit?('settings.edit')
       new_settings = params.dig(:component, :settings).permit!
       @handler.settings = new_settings.to_h
       flash[:success] = t('.success')
@@ -36,7 +36,7 @@ class Admin::ComponentsController < AdminController
 
   # patch /admin/components/:slug/parameters
   def update_parameter
-    if @handler.allow?('settings')
+    if @handler.permit?('settings.edit')
       slug = param_from_request(:key, :slug).downcase
       value = param_from_request(:key, :value)
 
@@ -48,7 +48,7 @@ class Admin::ComponentsController < AdminController
 
   # delete /admin/components/:slug/parameters/:parameter_slug
   def delete_parameter
-    if @handler.allow?('settings')
+    if @handler.permit?('settings.edit')
       @handler.component.parameters.delete(params[:parameter_slug])
       @handler.component.save
     end
@@ -99,32 +99,22 @@ class Admin::ComponentsController < AdminController
 
   # put /admin/components/:slug/users/:user_id/privileges/:privilege_slug
   def add_privilege
-    if @handler.administrator?
-      @handler.user = User.find_by(id: params[:user_id])
-      @handler.privilege_handler.add_privilege(params[:privilege_slug])
-    end
-
     head :no_content
   end
 
   # put /admin/components/:slug/users/:user_id/privileges/:privilege_slug
   def remove_privilege
-    if @handler.administrator?
-      @handler.user = User.find_by(id: params[:user_id])
-      @handler.privilege_handler.remove_privilege(params[:privilege_slug])
-    end
-
     head :no_content
   end
 
   # get /admin/components/:slug/images
   def images
     list = SimpleImage.in_component(@handler.component).list_for_administration
-    @collection = @handler.allow? ? list.page(current_page) : []
+    @collection = @handler.permit?('simple_images.view') ? list.page(current_page) : []
   end
 
   def create_image
-    if @handler.allow?
+    if @handler.permit?('simple_images.create')
       @entity = @handler.component.simple_images.new(image_parameters)
       if @entity.save
         render 'image', formats: :json
@@ -168,7 +158,7 @@ class Admin::ComponentsController < AdminController
 
   def image_parameters
     permitted = SimpleImage.entity_parameters
-    params.require(:simple_image).permit(permitted)
-    permitted.merge(owner_for_entity(true))
+    parameters = params.require(:simple_image).permit(permitted)
+    parameters.merge(owner_for_entity(true))
   end
 end

data/app/controllers/admin/dynamic_blocks_controller.rb

@@ -0,0 +1,15 @@
+# frozen_string_literal: true
+
+# Administrative part for handling dynamic_blocks
+class Admin::DynamicBlocksController < AdminController
+  include CrudEntities
+  include ToggleableEntity
+
+  before_action :set_entity, except: %i[check create index new]
+
+  private
+
+  def component_class
+    Biovision::Components::ContentComponent
+  end
+end

data/app/controllers/admin/dynamic_pages_controller.rb

@@ -0,0 +1,15 @@
+# frozen_string_literal: true
+
+# Administrative part for handling dynamic_pages
+class Admin::DynamicPagesController < AdminController
+  include CrudEntities
+  include ToggleableEntity
+
+  before_action :set_entity, except: %i[check create index new]
+
+  private
+
+  def component_class
+    Biovision::Components::ContentComponent
+  end
+end

data/app/controllers/admin/navigation_groups_controller.rb

@@ -0,0 +1,14 @@
+# frozen_string_literal: true
+
+# Administrative part for handling navigation_groups
+class Admin::NavigationGroupsController < AdminController
+  include CrudEntities
+
+  before_action :set_entity, except: %i[check create index new]
+
+  private
+
+  def component_class
+    Biovision::Components::ContentComponent
+  end
+end

data/app/controllers/admin/users_controller.rb

@@ -0,0 +1,70 @@
+# frozen_string_literal: true
+
+# Administrative part for handling dynamic_pages
+class Admin::UsersController < AdminController
+  include Authentication
+  include CrudEntities
+  include ToggleableEntity
+
+  before_action :set_entity, except: %i[check create index new]
+
+  # post /admin/users
+  def create
+    @entity = component_handler.create_user(entity_parameters, profile_parameters)
+    if @entity.persisted?
+      form_processed_ok(path_after_save)
+    else
+      form_processed_with_error(view_for_new)
+    end
+  end
+
+  # patch /admin/users/:id
+  def update
+    if component_handler.update_user(@entity, entity_parameters, profile_parameters)
+      form_processed_ok(path_after_save)
+    else
+      form_processed_with_error(view_for_edit)
+    end
+  end
+
+  # post /admin/users/:id/authenticate
+  def authenticate
+    unless @entity.super_user?
+      cookies['pt'] = {
+        value: cookies['token'],
+        expires: 1.year.from_now,
+        domain: :all,
+        httponly: true
+      }
+      create_token_for_user(@entity)
+    end
+
+    redirect_to my_path
+  end
+
+  private
+
+  def component_class
+    Biovision::Components::UsersComponent
+  end
+
+  def entity_parameters
+    excluded = @entity&.super_user? ? User.sensitive_parameters : []
+    permitted = User.entity_parameters - excluded
+    params.require(:user).permit(permitted)
+  end
+
+  def creation_parameters
+    parameters = params.require(:user).permit(User.entity_parameters)
+    parameters.merge(tracking_for_entity)
+  end
+
+  def profile_parameters
+    if params.key?(:profile)
+      list = Biovision::Components::Users::ProfileHandler.permitted_for_request
+      params.require(:profile).permit(list)
+    else
+      {}
+    end
+  end
+end

data/app/controllers/admin_controller.rb

@@ -4,11 +4,12 @@
 class AdminController < ApplicationController
   before_action :restrict_access
 
-  protected
+  private
 
   def restrict_access
+    user_action = "#{controller_name}.default"
     error = t('admin.errors.unauthorized.message')
 
-    handle_http_401(error) unless component_handler.allow?
+    handle_http_401(error) unless component_handler.permit?(user_action)
   end
 end