biovision 0.1.210414.0 → 0.12.211128.0

data/app/assets/stylesheets/biovision/default.scss

@@ -41,10 +41,10 @@ $border-color-secondary: rgb(230, 230, 230) !default;
 $border-primary: .1rem solid $border-color-primary !default;
 $border-secondary: .1rem solid $border-color-secondary !default;
 
-$background-body: #f4f4f4 linear-gradient(to top, #f4f4f4, #dfdedc) no-repeat center / cover !default;
-$background-header: #fff !default;
-$background-main: #fff !default;
-$background-footer: #fff !default;
+$layout-bg-body: #f4f4f4 linear-gradient(to top, #f4f4f4, #dfdedc) no-repeat center / cover !default;
+$layout-bg-header: #fff !default;
+$layout-bg-main: #fff !default;
+$layout-bg-footer: #fff !default;
 
 $link-color: rgb(20, 127, 255) !default;
 $link-color-visited: rgb(20, 77, 250) !default;

data/app/assets/stylesheets/biovision/themes/default_theme/components/users/dashboard.scss

@@ -0,0 +1,4 @@
+.my__component {
+  border-top: var(--border-secondary);
+  margin: var(--spacer-m) auto;
+}

data/app/assets/stylesheets/biovision/themes/default_theme/components/users.scss

@@ -1,2 +1,3 @@
 @import "biovision/themes/default_theme/components/users/form_tabs";
 @import "biovision/themes/default_theme/components/users/profile";
+@import "biovision/themes/default_theme/components/users/dashboard";

data/app/assets/stylesheets/biovision/themes/default_theme/layout/footer.scss

@@ -0,0 +1,3 @@
+.main-footer {
+  background: var(--layout-bg-footer);
+}

data/app/assets/stylesheets/biovision/themes/default_theme/layout/header.scss

@@ -1,4 +1,6 @@
 .main-header {
+  background: var(--layout-bg-header);
+
   .content-wrapper {
     align-items: center;
     display: flex;
@@ -23,11 +25,13 @@
 .header-authentication {
   align-items: center;
   display: flex;
+  gap: var(--spacer-xxs);
   margin: 0 0 0 auto;
 
   .avatar {
     display: inline-block;
     height: 2.4rem;
+    overflow: hidden;
     width: 2.4rem;
 
     img {
@@ -36,4 +40,12 @@
       width: 100%;
     }
   }
+
+  .current-user {
+    align-items: center;
+    color: inherit;
+    display: flex;
+    font-size: var(--font-size-decreased);
+    gap: var(--spacer-xs);
+  }
 }

data/app/assets/stylesheets/biovision/themes/default_theme/layout.scss

@@ -1,6 +1,3 @@
-@import "biovision/themes/default_theme/components";
-@import "biovision/themes/default_theme/layout/header";
-
 //* { outline: solid pink 1px }
 
 html {
@@ -8,12 +5,14 @@ html {
 }
 
 body {
+  background: var(--layout-bg-body);
   display: flex;
   flex-direction: column;
   //height: 100%;
 }
 
 #main {
+  background: var(--layout-bg-main);
   flex: 1;
 }
 
@@ -28,3 +27,7 @@ body {
   width: 100%;
   z-index: 5;
 }
+
+@import "biovision/themes/default_theme/components";
+@import "biovision/themes/default_theme/layout/header";
+@import "biovision/themes/default_theme/layout/footer";

data/app/assets/stylesheets/biovision/themes/default_theme.scss

@@ -1,2 +1 @@
-@import "biovision/vars";
 @import "biovision/themes/default_theme/layout";

data/app/assets/stylesheets/biovision/vars.scss

@@ -50,4 +50,9 @@
   --input-border-focus: #{$input-border-focus};
   --input-border-invalid: #{$input-border-invalid};
   --input-border-invalid-focus: #{$input-border-invalid-focus};
+
+  --layout-bg-body: #{$layout-bg-body};
+  --layout-bg-footer: #{$layout-bg-footer};
+  --layout-bg-header: #{$layout-bg-header};
+  --layout-bg-main: #{$layout-bg-main};
 }

data/app/controllers/admin/biovision_components_controller.rb

@@ -0,0 +1,10 @@
+# frozen_string_literal: true
+
+# Managing component list
+class Admin::BiovisionComponentsController < AdminController
+  include CrudEntities
+  include EntityPriority
+  include ToggleableEntity
+
+  before_action :set_entity, except: %i[index]
+end

data/app/controllers/admin/components_controller.rb

@@ -2,12 +2,14 @@
 
 # Handling components
 class Admin::ComponentsController < AdminController
-  before_action :set_handler, except: :index
+  include ProcessedForms
+
+  # skip_before_action :restrict_access, only: :index
   skip_before_action :verify_authenticity_token, only: :ckeditor
 
   # get /admin/components
   def index
-    @collection = BiovisionComponent.list_for_administration
+    @collection = BiovisionComponent.active.list_for_administration
   end
 
   # get /admin/components/:slug
@@ -18,105 +20,45 @@ class Admin::ComponentsController < AdminController
 
   # get /admin/components/:slug/settings
   def settings
-    error = 'Viewing settings is not allowed'
-    handle_http_401(error) unless @handler.permit?('settings.view')
   end
 
   # patch /admin/components/:slug/settings
   def update_settings
-    if @handler.permit?('settings.edit')
-      new_settings = params.dig(:component, :settings).permit!
-      @handler.settings = new_settings.to_h
-      flash[:success] = t('.success')
-      redirect_to(admin_component_settings_path(slug: params[:slug]))
-    else
-      handle_http_401('Changing settings is not allowed')
-    end
+    new_settings = params.dig(:component, :settings).permit!
+    @handler.settings = new_settings.to_h
+    flash[:success] = t('.success')
+    redirect_to(admin_component_settings_path(slug: params[:slug]))
   end
 
   # patch /admin/components/:slug/parameters
   def update_parameter
-    if @handler.permit?('settings.edit')
-      slug = param_from_request(:key, :slug).downcase
-      value = param_from_request(:key, :value)
+    slug = param_from_request(:key, :slug).downcase
+    value = param_from_request(:key, :value)
 
-      @handler[slug] = value
-    end
+    @handler[slug] = value
 
     head :no_content
   end
 
   # delete /admin/components/:slug/parameters/:parameter_slug
   def delete_parameter
-    if @handler.permit?('settings.edit')
-      @handler.component.parameters.delete(params[:parameter_slug])
-      @handler.component.save
-    end
-
-    head :no_content
-  end
-
-  # get /admin/components/:slug/privileges
-  def privileges
-    error = 'Viewing privileges is not allowed'
-    handle_http_401(error) unless @handler.administrator?
-  end
-
-  # patch /admin/components/:slug/privileges
-  def update_privileges
-    if @handler.administrator?
-      user = User.find_by(id: params[:user_id])
-
-      if user.nil?
-        handle_http_404('Cannot find user') if user.nil?
-      else
-        @entity = @handler.user_link!(true)
-      end
-    else
-      handle_http_401('Updating privileges is not allowed')
-    end
-  end
-
-  # put /admin/components/:slug/administrators/:user_id
-  def add_administrator
-    if @handler.administrator?
-      @handler.user = User.find_by(id: params[:user_id])
-      @handler.privilege_handler.administrator!
-    end
-
-    head :no_content
-  end
-
-  # put /admin/components/:slug/administrators/:user_id
-  def remove_administrator
-    if @handler.administrator?
-      @handler.user = User.find_by(id: params[:user_id])
-      @handler.privilege_handler.not_administrator!
-    end
-
-    head :no_content
-  end
+    @handler.component.parameters.delete(params[:parameter_slug])
+    @handler.component.save
 
-  # put /admin/components/:slug/users/:user_id/privileges/:privilege_slug
-  def add_privilege
-    head :no_content
-  end
-
-  # put /admin/components/:slug/users/:user_id/privileges/:privilege_slug
-  def remove_privilege
     head :no_content
   end
 
   # get /admin/components/:slug/images
   def images
     list = SimpleImage.in_component(@handler.component).list_for_administration
-    @collection = @handler.permit?('simple_images.view') ? list.page(current_page) : []
+    @collection = list.page(current_page)
   end
 
+  # post /admin/components/:slug/images
   def create_image
     if @handler.permit?('simple_images.create')
-      @entity = @handler.component.simple_images.new(image_parameters)
-      if @entity.save
+      @entity = @handler.upload_image(image_parameters)
+      if @entity
         render 'image', formats: :json
       else
         form_processed_with_error(:new_image)
@@ -133,7 +75,7 @@ class Admin::ComponentsController < AdminController
       biovision_component: @handler.component
     }.merge(owner_for_entity(true))
 
-    @entity = SimpleImage.create!(parameters)
+    @entity = @handler.upload_image(parameters)
 
     render json: {
       uploaded: 1,
@@ -144,16 +86,14 @@ class Admin::ComponentsController < AdminController
 
   private
 
-  def set_handler
+  def restrict_access
     slug = params[:slug]
     @handler = Biovision::Components::BaseComponent.handler(slug, current_user)
-  end
+    role = action_name == 'index' ? 'components.view' : role_end_from_action
+    role_name = "#{@handler.slug}.#{role}"
+    error = t('admin.errors.unauthorized.missing_role', role: role_name)
 
-  def restrict_access
-    return if current_user&.super_user?
-
-    links_exist = BiovisionComponentUser.where(user: current_user).exists?
-    handle_http_401('User has no component privileges') unless links_exist
+    handle_http_401(error) unless @handler.permit?(role)
   end
 
   def image_parameters
@@ -161,4 +101,14 @@ class Admin::ComponentsController < AdminController
     parameters = params.require(:simple_image).permit(permitted)
     parameters.merge(owner_for_entity(true))
   end
+
+  def action_to_role_map
+    super.merge(
+      %w[images] => 'simple_images.view',
+      %w[create_image ckeditor] => 'simple_images.create',
+      %w[settings] => 'settings.view',
+      %w[update_settings update_parameter delete_parameter] => 'settings.edit',
+      %w[show] => 'view'
+    )
+  end
 end

data/app/controllers/admin/dynamic_pages_controller.rb

@@ -5,7 +5,7 @@ class Admin::DynamicPagesController < AdminController
   include CrudEntities
   include ToggleableEntity
 
-  before_action :set_entity, except: %i[check create index new]
+  before_action :set_entity, except: %i[check create index new search]
 
   private
 

data/app/controllers/admin/index_controller.rb

@@ -4,8 +4,14 @@
 class Admin::IndexController < AdminController
   # get /admin
   def index
-    return if Biovision::Components::BaseComponent.privileged?(current_user)
+  end
+
+  private
+
+  def restrict_access
+    role_name = "#{component_handler.slug}.admin"
+    error = t('admin.errors.unauthorized.missing_role', role: role_name)
 
-    handle_http_401
+    handle_http_401(error) unless component_handler.permit?('admin')
   end
 end

data/app/controllers/admin/navigation_groups_controller.rb

@@ -6,9 +6,40 @@ class Admin::NavigationGroupsController < AdminController
 
   before_action :set_entity, except: %i[check create index new]
 
+  # put /admin/navigation_groups/:id/dynamic_pages/:page_id
+  def add_page
+    @entity.add_dynamic_page(DynamicPage.find_by(id: params[:page_id]))
+
+    head :no_content
+  end
+
+  # delete /admin/navigation_groups/:id/dynamic_pages/:page_id
+  def remove_page
+    @entity.remove_dynamic_page(DynamicPage.find_by(id: params[:page_id]))
+
+    head :no_content
+  end
+
+  # post /admin/navigation_groups/:id/dynamic_pages/:page_id/priority
+  def page_priority
+    link = @entity.navigation_group_pages.find_by(id: params[:page_id])
+
+    if link.nil?
+      handle_http_404
+    else
+      render json: { data: link.change_priority(params[:delta].to_s.to_i) }
+    end
+  end
+
   private
 
   def component_class
     Biovision::Components::ContentComponent
   end
+
+  def action_to_role_map
+    super.merge(
+      %w[add_page page_priority remove_page] => 'navigation_groups.edit',
+    )
+  end
 end

data/app/controllers/admin/tokens_controller.rb

@@ -0,0 +1,15 @@
+# frozen_string_literal: true
+
+# Handling user tokens
+class Admin::TokensController < AdminController
+  include CrudEntities
+  include ToggleableEntity
+
+  before_action :set_entity, except: %i[check create index new search]
+
+  private
+
+  def component_class
+    Biovision::Components::UsersComponent
+  end
+end

data/app/controllers/admin/users_controller.rb

@@ -1,12 +1,13 @@
 # frozen_string_literal: true
 
-# Administrative part for handling dynamic_pages
+# Administrative part for handling users
 class Admin::UsersController < AdminController
   include Authentication
   include CrudEntities
+  include ProcessedForms
   include ToggleableEntity
 
-  before_action :set_entity, except: %i[check create index new]
+  before_action :set_entity, except: %i[check create index new search]
 
   # post /admin/users
   def create
@@ -29,7 +30,7 @@ class Admin::UsersController < AdminController
 
   # post /admin/users/:id/authenticate
   def authenticate
-    unless @entity.super_user?
+    if component_handler.permit?('log_in', @entity) && !@entity.super_user?
       cookies['pt'] = {
         value: cookies['token'],
         expires: 1.year.from_now,
@@ -42,6 +43,35 @@ class Admin::UsersController < AdminController
     redirect_to my_path
   end
 
+  # get /admin/users/:id/roles
+  def roles
+    if current_user&.super_user?
+      @components = BiovisionComponent.list_for_administration
+    else
+      handle_http_401
+    end
+  end
+
+  # put /admin/users/:id/roles/:role_id
+  def add_role
+    if current_user&.super_user?
+      role = Role.find_by(id: params[:role_id])
+      @entity.add_role(role)
+    end
+
+    head :no_content
+  end
+
+  # delete /admin/users/:id/roles/:role_id
+  def remove_role
+    if current_user&.super_user?
+      role = Role.find_by(id: params[:role_id])
+      @entity.remove_role(role)
+    end
+
+    head :no_content
+  end
+
   private
 
   def component_class
@@ -55,7 +85,8 @@ class Admin::UsersController < AdminController
   end
 
   def creation_parameters
-    parameters = params.require(:user).permit(User.entity_parameters)
+    permitted = User.entity_parameters
+    parameters = params.require(:user).permit(permitted)
     parameters.merge(tracking_for_entity)
   end
 

data/app/controllers/admin_controller.rb

@@ -2,14 +2,7 @@
 
 # Common administrative controller
 class AdminController < ApplicationController
-  before_action :restrict_access
-
-  private
+  include RestrictedAccess
 
-  def restrict_access
-    user_action = "#{controller_name}.default"
-    error = t('admin.errors.unauthorized.message')
-
-    handle_http_401(error) unless component_handler.permit?(user_action)
-  end
+  before_action :restrict_access
 end

data/app/controllers/concerns/component_stories.rb

@@ -0,0 +1,22 @@
+# frozen_string_literal: true
+
+# Adds method for working with component stories
+module ComponentStories
+  extend ActiveSupport::Concern
+
+  # Perform story
+  #
+  # Parameters:
+  #   slug: story slug app/lib/biovision/components/.../stories/<slug>_story.rb
+  #   entity_id: optional parameter for setting entity context
+  #
+  # post [...]/stories/:slug
+  def story
+    story_parameters = params[:parameters]&.permit!.to_h
+    entity_id = param_from_request(:entity_id)
+    story_handler = component_handler.story(params[:slug], entity_id)
+    result = story_handler.perform(story_parameters)
+
+    render json: { meta: { result: result } }
+  end
+end

data/app/controllers/concerns/crud_entities.rb

@@ -3,14 +3,19 @@
 # Adds method for CRUD
 module CrudEntities
   extend ActiveSupport::Concern
+  include ProcessedForms
+
+  # get [scope]/[table_name]/search?q=
+  def search
+    q = param_from_request(:q)
+    @collection = model_class.search(q).list_for_administration.page(current_page)
+  end
 
   # get [scope]/[table_name]
   def index
-    @collection = if paginate_entities?
-                    model_class.page_for_administration(current_page)
-                  else
-                    model_class.list_for_administration
-                  end
+    @filter = params[:filter]&.permit!.to_h
+    data_helper = Biovision::Helpers::DataHelper.new(model_class, @filter)
+    @collection = data_helper.administrative_collection(current_page)
   end
 
   # get [scope]/[table_name]/:id
@@ -32,7 +37,7 @@ module CrudEntities
 
   # post [scope]/[table_name]
   def create
-    @entity = model_class.new(creation_parameters)
+    @entity = component_handler.new_entity(model_class, creation_parameters)
     apply_meta if @entity.respond_to?(:meta=)
     if @entity.save
       form_processed_ok(path_after_save)
@@ -50,7 +55,7 @@ module CrudEntities
   def update
     apply_meta if @entity.respond_to?(:meta=)
 
-    if @entity.update(entity_parameters)
+    if component_handler.update_entity(@entity, entity_parameters)
       form_processed_ok(path_after_save)
     else
       form_processed_with_error(view_for_edit)
@@ -95,10 +100,6 @@ module CrudEntities
     "#{prefix}/#{model_class.table_name}"
   end
 
-  def paginate_entities?
-    model_class.respond_to?(:page_for_administration)
-  end
-
   def set_entity
     @entity = model_class.find_by(id: params[:id])
     handle_http_404("Cannot find #{model_class.model_name}") if @entity.nil?
@@ -108,25 +109,32 @@ module CrudEntities
     if model_class.respond_to?(:creation_parameters)
       explicit_creation_parameters
     else
-      entity_parameters
+      implicit_creation_parameters
     end
   end
 
   def explicit_creation_parameters
-    permitted = model_class.creation_parameters(current_user)
+    permitted = model_class.creation_parameters
     parameters = params.require(model_key).permit(permitted)
     parameters.merge!(tracking_for_entity) if model_class.include?(HasTrack)
     parameters.merge!(owner_for_entity) if model_class.include?(HasOwner)
     parameters
   end
 
+  def implicit_creation_parameters
+    parameters = entity_parameters
+    parameters.merge!(tracking_for_entity) if model_class.include?(HasTrack)
+    parameters.merge!(owner_for_entity) if model_class.include?(HasOwner)
+    parameters
+  end
+
   def entity_parameters
-    permitted = model_class.entity_parameters(current_user)
+    permitted = model_class.entity_parameters
     params.require(model_key).permit(permitted)
   end
 
   def apply_meta
-    new_data = params[:meta].permit!
+    new_data = params[:meta]&.permit!.to_h
     @entity.meta = new_data
   end
 end