biovision 0.1.210414.0 → 0.12.211128.0

data/app/controllers/concerns/my_crud_entities.rb

@@ -0,0 +1,146 @@
+# frozen_string_literal: true
+
+# Adds methods for CRUD in My namespace
+module MyCrudEntities
+  extend ActiveSupport::Concern
+  included ProcessedForms
+
+  # get [scope]/[table_name]/search?q=
+  def search
+    q = param_from_request(:q)
+    @collection = model_class.search(q).list_for_owner(current_user).page(current_page)
+  end
+
+  # get [scope]/[table_name]
+  def index
+    @filter = params[:filter]&.permit!.to_h
+    data_helper = Biovision::Helpers::DataHelper.new(model_class, @filter)
+    @collection = data_helper.personal_collection(current_user, current_page)
+  end
+
+  # get [scope]/[table_name]/:id
+  def show
+  end
+
+  # post [scope]/[table_name]/check
+  def check
+    @entity = model_class.instance_for_check(params[:entity_id], entity_parameters)
+
+    render 'shared/forms/check'
+  end
+
+  # get [scope]/[table_name]/new
+  def new
+    @entity = model_class.new
+    render view_for_new
+  end
+
+  # post [scope]/[table_name]
+  def create
+    @entity = component_handler.new_entity(model_class, creation_parameters)
+    apply_meta if @entity.respond_to?(:meta=)
+    if @entity.save
+      form_processed_ok(path_after_save)
+    else
+      form_processed_with_error(view_for_new)
+    end
+  end
+
+  # get [scope]/[table_name]/:id/edit
+  def edit
+    render view_for_edit
+  end
+
+  # patch [scope]/[table_name]/:id
+  def update
+    apply_meta if @entity.respond_to?(:meta=)
+
+    if component_handler.update_entity(@entity, entity_parameters)
+      form_processed_ok(path_after_save)
+    else
+      form_processed_with_error(view_for_edit)
+    end
+  end
+
+  # delete [scope]/[table_name]/:id
+  def destroy
+    flash[:notice] = t('.success') if @entity.destroy
+    redirect_to path_after_destroy
+  end
+
+  private
+
+  def view_for_new
+    default_view = "#{controller_path}/new"
+    lookup_context.exists?(default_view) ? default_view : 'shared/my/entity/new'
+  end
+
+  def view_for_edit
+    default_view = "#{controller_path}/edit"
+    lookup_context.exists?(default_view) ? default_view : 'shared/my/entity/edit'
+  end
+
+  def model_class
+    @model_class ||= controller_name.classify.constantize
+  end
+
+  def model_key
+    model_class.model_name.to_s.underscore
+  end
+
+  def path_after_save
+    if @entity.respond_to?(:my_url)
+      @entity.my_url
+    else
+      scope = self.class.module_parent.to_s.downcase
+      prefix = scope.blank? ? '' : "/#{scope}"
+      key = model_class.column_names.include?('uuid') ? @entity.uuid : @entity.id
+      "#{prefix}/#{model_class.table_name}/#{key}"
+    end
+  end
+
+  def path_after_destroy
+    scope = self.class.module_parent.to_s.downcase
+    prefix = scope.blank? ? '' : "/#{scope}"
+    "#{prefix}/#{model_class.table_name}"
+  end
+
+  def set_entity
+    id = params[:id].to_s
+    has_uuid = model_class.column_names.include?('uuid')
+    key = id.include?('-') && has_uuid ? :uuid : :id
+    @entity = model_class.owned_by(current_user).find_by(key => params[:id])
+    handle_http_404("Cannot find #{model_class.model_name}") if @entity.nil?
+  end
+
+  def creation_parameters
+    if model_class.respond_to?(:creation_parameters)
+      explicit_creation_parameters
+    else
+      implicit_creation_parameters
+    end
+  end
+
+  def explicit_creation_parameters
+    permitted = model_class.creation_parameters
+    parameters = params.require(model_key).permit(permitted)
+    parameters.merge!(tracking_for_entity) if model_class.include?(HasTrack)
+    parameters.merge(owner_for_entity)
+  end
+
+  def implicit_creation_parameters
+    parameters = entity_parameters
+    parameters.merge!(tracking_for_entity) if model_class.include?(HasTrack)
+    parameters.merge(owner_for_entity)
+  end
+
+  def entity_parameters
+    permitted = model_class.entity_parameters
+    params.require(model_key).permit(permitted)
+  end
+
+  def apply_meta
+    new_data = params[:meta].permit!
+    @entity.meta = new_data
+  end
+end

data/app/controllers/concerns/processed_forms.rb

@@ -0,0 +1,28 @@
+# frozen_string_literal: true
+
+# Adds method for redirects after processed forms
+module ProcessedForms
+  extend ActiveSupport::Concern
+
+  private
+
+  # @param [String] next_page
+  def form_processed_ok(next_page)
+    respond_to do |format|
+      format.js { render(js: "document.location.href = '#{next_page}'") }
+      format.json { render(json: { links: { next: next_page } }) }
+      format.html { redirect_to(next_page) }
+    end
+  end
+
+  # @param [Symbol|String] view_to_render
+  # @param [Array] errors
+  def form_processed_with_error(view_to_render, errors = [])
+    @errors = errors
+    respond_to do |format|
+      format.js { render('shared/forms/errors', status: :bad_request) }
+      format.json { render('shared/forms/errors', status: :bad_request) }
+      format.html { render(view_to_render, status: :bad_request) }
+    end
+  end
+end

data/app/controllers/concerns/restricted_access.rb

@@ -0,0 +1,37 @@
+# frozen_string_literal: true
+
+# Adds method for restricting access
+module RestrictedAccess
+  extend ActiveSupport::Concern
+
+  private
+
+  # Restrict access for anonymous users
+  def restrict_anonymous_access
+    return unless current_user.nil?
+
+    handle_http_401(t('application.errors.restricted_access'))
+  end
+
+  def restrict_access
+    user_action = role_end_from_action
+    role_name = "#{component_handler.slug}.#{user_action}"
+    error = t('admin.errors.unauthorized.missing_role', role: role_name)
+
+    handle_http_401(error) unless component_handler.permit?(user_action)
+  end
+
+  def role_end_from_action
+    role = action_to_role_map.select { |k| k.include?(action_name) }.values.last
+    role || 'default'
+  end
+
+  def action_to_role_map
+    view = %w[index show search]
+    edit = %w[create destroy edit new priority toggle update]
+    {
+      view => "#{controller_name}.view",
+      edit => "#{controller_name}.edit"
+    }
+  end
+end

data/app/controllers/contact_controller.rb

@@ -27,7 +27,7 @@ class ContactController < ApplicationController
   def save_entity
     if @entity.save
       show_result
-      # FeedbackMailer.new_feedback_request(@entity.id).deliver_later
+      FeedbackMailer.new_feedback_request(@entity.id).deliver_later
     else
       redirect_to root_path
     end

data/app/controllers/errors_controller.rb

@@ -0,0 +1,37 @@
+# frozen_string_literal: true
+
+# Errors
+class ErrorsController < ApplicationController
+  before_action :set_message
+
+  # get /400
+  def bad_request
+    render :error
+  end
+
+  # get /401
+  def unauthorized
+    render :error
+  end
+
+  # get /403
+  def forbidden
+    render :error
+  end
+
+  # get /422
+  def unprocessable_entity
+    render :error
+  end
+
+  # get /500
+  def internal_server_error
+    render :error
+  end
+
+  private
+
+  def set_message
+    @message = t("application.errors.#{action_name}")
+  end
+end

data/app/controllers/my/components_controller.rb

@@ -2,4 +2,25 @@
 
 # User-side component handling
 class My::ComponentsController < ProfileController
+  before_action :restrict_component_access, except: :index
+
+  # get /my/components
+  def index
+    @collection = BiovisionComponent.list_for_user
+  end
+
+  # get /my/components/:slug
+  def show
+  end
+
+  private
+
+  def restrict_component_access
+    slug = params[:slug]
+    @handler = Biovision::Components::BaseComponent.handler(slug, current_user)
+    role_name = "#{@handler.slug}.default"
+    error = t('admin.errors.unauthorized.missing_role', role: role_name)
+
+    handle_http_401(error) unless @handler.permit?(role_name)
+  end
 end

data/app/controllers/my/index_controller.rb

@@ -1,9 +1,7 @@
 # frozen_string_literal: true
 
 # Main page for user
-class My::IndexController < ApplicationController
-  before_action :restrict_anonymous_access
-
+class My::IndexController < ProfileController
   # get /my
   def index
   end

data/app/controllers/my/profiles_controller.rb

@@ -3,6 +3,8 @@
 # Managing profile for current user
 class My::ProfilesController < ApplicationController
   include Authentication
+  include ProcessedForms
+  include RestrictedAccess
 
   before_action :redirect_authorized_user, only: %i[new create]
   before_action :restrict_anonymous_access, except: %i[check new create]

data/app/controllers/oembed_controller.rb

@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+
+# Receiving oembed data by URLs
+class OembedController < ApplicationController
+  # get /oembed?url=
+  def code
+    url = param_from_request(:url)
+    receiver = Biovision::Components::Content::Oembed::Receiver[url]
+
+    render json: { meta: { code: receiver.code } }
+  end
+end

data/app/controllers/profile_controller.rb

@@ -2,6 +2,8 @@
 
 # Controllers for logged-in users only
 class ProfileController < ApplicationController
+  include RestrictedAccess
+
   before_action :restrict_access
 
   protected

data/app/controllers/users_controller.rb

@@ -2,6 +2,8 @@
 
 # Users for visitors
 class UsersController < ApplicationController
+  include RestrictedAccess
+
   before_action :restrict_anonymous_access, only: %i[ban follow unban unfollow]
   before_action :set_socialization, only: %i[ban follow unban unfollow]
   before_action :set_entity

data/app/helpers/biovision_components_helper.rb

@@ -6,9 +6,13 @@ module BiovisionComponentsHelper
   # @param [String] text
   # @param [Hash] options
   def admin_biovision_component_link(entity, text = nil, options = {})
-    if text.nil?
-      text = t("biovision.components.#{entity.slug}.name", default: entity.slug)
-    end
+    text ||= component_name(entity.slug)
     link_to(text, admin_component_path(slug: entity.slug), options)
   end
+
+  # @param [String|BiovisionComponent] slug
+  def component_name(slug)
+    slug = slug.respond_to?(:slug) ? slug.slug : slug
+    t("biovision.components.#{slug}.name", default: slug)
+  end
 end

data/app/helpers/biovision_helper.rb

@@ -3,58 +3,43 @@
 # Helper methods for common cases
 module BiovisionHelper
   # @param [ApplicationRecord] entity
-  # @param [String] text
+  # @param [Biovision::Components::BaseComponent] handler
   # @param [Hash] options
-  def admin_entity_link(entity, text = nil, options = {})
+  def admin_entity_link(entity, handler: nil, **options)
     return '∅' if entity.nil?
 
-    if text.nil?
-      text = entity.respond_to?(:text_for_link) ? entity.text_for_link : entity.id
-    end
-
-    href = if entity.respond_to?(:admin_url)
-             entity.admin_url
-           else
-             "/admin/#{entity.class.table_name}/#{entity.id}"
-           end
+    component = (handler || component_handler)
+    text = options.delete(:text) { component.text_for_link(entity) }
 
-    link_to(text, href, options)
+    if handler.nil? || handler.permit?('view', entity)
+      href = component.entity_link(entity, :admin)
+      link_to(text, href, options)
+    else
+      text
+    end
   end
 
   # @param [ApplicationRecord] entity
-  # @param [String] text
   # @param [Hash] options
-  def my_entity_link(entity, text = nil, options = {})
+  def my_entity_link(entity, **options)
     return '∅' if entity.nil?
 
-    if text.nil?
-      text = entity.respond_to?(:text_for_link) ? entity.text_for_link : entity.id
-    end
-
-    href = if entity.respond_to?(:my_url)
-             entity.my_url
-           else
-             "/my/#{entity.class.table_name}/#{entity.id}"
-           end
+    handler = Biovision::Components::BaseComponent[]
+    text = options.delete(:text) { handler.text_for_link(entity) }
+    href = handler.entity_link(entity, :my)
 
     link_to(text, href, options)
   end
 
   # @param [ApplicationRecord] entity
-  # @param [String] text
   # @param [Hash] options
-  def entity_link(entity, text = nil, options = {})
+  def entity_link(entity, **options)
     return '' if entity.nil?
+    return '' if entity.respond_to?(:visible?) && !entity.visible?
 
-    if text.nil?
-      text = entity.respond_to?(:text_for_link) ? entity.text_for_link : entity.id
-    end
-
-    href = if entity.respond_to?(:world_url)
-             entity.world_url
-           else
-             "/#{entity.class.table_name}/#{entity.id}"
-           end
+    handler = Biovision::Components::BaseComponent[]
+    text = options.delete(:text) { handler.text_for_link(entity) }
+    href = handler.entity_link(entity)
 
     link_to(text, href, options)
   end
@@ -69,6 +54,8 @@ module BiovisionHelper
   # @param [Hash] options
   def world_icon(path, title = t(:view_as_visitor), options = {})
     if path.is_a? ApplicationRecord
+      return '' if path.respond_to?(:visible?) && !path.visible?
+
       table_name = path.class.table_name
       path = path.respond_to?(:world_url) ? path.world_url : "/#{table_name}/#{path.id}"
     end
@@ -168,4 +155,16 @@ module BiovisionHelper
   def email_link(email, options = {})
     link_to(email, "mailto:#{email}", options)
   end
+
+  # @param [ApplicationRecord] entity
+  # @deprecated use #entity_priority_icons
+  def admin_priority_icons(entity)
+    render(partial: 'shared/admin/priority', locals: { entity: entity })
+  end
+
+  # @param [ApplicationRecord] entity
+  # @deprecated use #entity_toggle
+  def admin_toggle_block(entity)
+    render(partial: 'shared/admin/toggle', locals: { entity: entity })
+  end
 end

data/app/helpers/entity_helper.rb

@@ -0,0 +1,77 @@
+# frozen_string_literal: true
+
+# Helpers for displaying common entity-related blocks
+module EntityHelper
+  # @param [Enumerable] collection
+  # @param [Symbol|String|nil] scope
+  # @param [Biovision::Components::BaseComponent|nil] handler
+  # @param [TrueClass|FalseClass] with_priority
+  def entity_list(collection, scope: nil, handler: component_handler, with_priority: false)
+    scope = controller.class.module_parent_name.to_s.downcase if scope.nil?
+    suffix = with_priority ? '_with_priority' : ''
+
+    render(
+      partial: "shared/entity/list#{suffix}",
+      locals: { collection: collection, handler: handler, scope: scope.to_sym }
+    )
+  end
+
+  # @param [ApplicationRecord] entity
+  # @param [Symbol|String|nil] scope
+  def entity_toggle(entity, scope: nil)
+    scope = controller.class.module_parent_name.to_s.downcase if scope.nil?
+
+    render(
+      partial: 'shared/entity/toggle',
+      locals: { entity: entity, scope: scope.to_sym }
+    )
+  end
+
+  # @param [ApplicationRecord] entity
+  # @param [Symbol|String|nil] scope
+  def entity_priority_icons(entity, scope: nil)
+    scope = controller.class.module_parent_name.to_s.downcase if scope.nil?
+
+    render(
+      partial: 'shared/entity/priority_icons',
+      locals: { entity: entity, scope: scope.to_sym }
+    )
+  end
+
+  # @param [ApplicationRecord] entity
+  # @param [String] text
+  def linked_entity_block(entity, text: nil)
+    return '' if entity.blank?
+
+    render(
+      partial: 'shared/entity/linked_entity',
+      locals: { entity: entity, text: text }
+    )
+  end
+
+  # @param [ApplicationRecord] entity
+  # @param [String|Symbol] types
+  def entity_partial_block(entity, *types)
+    permitted = %i[
+      priority uuid slug timestamps language simple_image meta_texts track
+    ]
+
+    buffer = ''
+    types.select { |i| permitted.include?(i.to_sym)}.each do |type|
+      buffer += render(partial: "shared/entity/#{type}", locals: { entity: entity })
+    end
+
+    raw buffer
+  end
+
+  def entity_form_block(f, *types)
+    permitted = %i[priority entity_flags simple_image]
+
+    buffer = ''
+    types.select { |i| permitted.include?(i.to_sym)}.each do |type|
+      buffer += render partial: "shared/forms/#{type}", locals: { f: f }
+    end
+
+    raw buffer
+  end
+end

data/app/helpers/my_helper.rb

@@ -0,0 +1,34 @@
+# frozen_string_literal: true
+
+# Helper methods for user context
+module MyHelper
+  # @param [ApplicationRecord] entity
+  # @param [Hash] options
+  def my_edit_icon(entity, options = {})
+    title = options.delete(:title) { t(:edit) }
+    key = entity.respond_to?(:uuid) ? entity.uuid : entity.id
+    path = "/my/#{entity.class.table_name}/#{key}/edit"
+    my_icon_with_link('biovision/icons/edit.svg', path, title.to_s, options)
+  end
+
+  # @param [ApplicationRecord] entity
+  # @param [Hash] options
+  def my_destroy_icon(entity, options = {})
+    title = options.delete(:title) { t(:edit) }
+    key = entity.respond_to?(:uuid) ? entity.uuid : entity.id
+    path = "/my/#{entity.class.table_name}/#{key}"
+    default = {
+      class: 'danger',
+      data: { confirm: t(:are_you_sure) },
+      method: :delete,
+    }
+    my_icon_with_link('biovision/icons/destroy.svg', path, title.to_s, default.merge(options))
+  end
+
+  # @param [String|ApplicationRecord] path
+  # @param [String] title
+  # @param [Hash] options
+  def my_icon_with_link(source, path, title = '', options = {})
+    link_to(image_tag(source, alt: title), path, options)
+  end
+end

data/app/lib/biovision/components/base/component_parameters.rb

@@ -9,6 +9,14 @@ module Biovision
           false
         end
 
+        def use_files?
+          false
+        end
+
+        def manage_settings?
+          use_parameters? || component.settings.any?
+        end
+
         # Receive parameter value with default
         #
         # Returns value of component's parameter or default value
@@ -28,7 +36,7 @@ module Biovision
         # @param [String] key
         # @return [String]
         def [](key)
-          @component.get(key)
+          @component.get(key, nil)
         end
 
         # Set parameter
@@ -36,7 +44,10 @@ module Biovision
         # @param [String] key
         # @param [String] value
         def []=(key, value)
-          @component[key] = value unless key.blank?
+          return if key.blank?
+
+          @component.parameters[key.to_s] = value
+          @component.save!
         end
       end
     end