browsercms-artirix 4.0.0.rc1.art4 → 4.0.1.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/app/controllers/cms/attachments_controller.rb +1 -1
- data/app/controllers/cms/cas_sessions_controller.rb +13 -0
- data/app/controllers/cms/sections_controller.rb +1 -1
- data/app/controllers/cms/users_controller.rb +1 -1
- data/app/helpers/cms/sites/authentication_helper.rb +1 -0
- data/app/helpers/cms/sites/devise_shim_helper.rb +1 -1
- data/app/models/cms/default_user.rb +6 -0
- data/app/models/cms/external_user.rb +1 -1
- data/app/models/cms/group.rb +7 -3
- data/app/models/cms/guest_user.rb +2 -41
- data/app/models/cms/permission.rb +4 -0
- data/app/models/cms/persistent_user.rb +17 -110
- data/app/models/cms/section.rb +10 -6
- data/app/models/cms/user.rb +2 -2
- data/app/models/cms/user_group_membership.rb +2 -2
- data/app/portlets/login_portlet.rb +2 -2
- data/config/routes.rb +33 -34
- data/db/browsercms.seeds.rb +7 -4
- data/doc/release_notes.md +3 -3
- data/lib/browsercms.rb +2 -0
- data/lib/cms/authentication/controller.rb +8 -5
- data/lib/cms/authentication/test_password_strategy.rb +1 -1
- data/lib/cms/behaviors.rb +15 -0
- data/lib/cms/behaviors/attaching.rb +1 -1
- data/lib/cms/behaviors/userstamping.rb +1 -1
- data/lib/cms/behaviors/versioning.rb +3 -4
- data/lib/cms/configuration.rb +108 -10
- data/lib/cms/configuration/devise.rb +75 -4
- data/lib/cms/engine.rb +55 -2
- data/lib/cms/users_service.rb +26 -190
- data/lib/cms/users_service/cms_login_user_controller_concern.rb +19 -0
- data/lib/cms/users_service/cms_user_compatibility_module.rb +137 -0
- data/lib/cms/users_service/guest_user_module.rb +42 -0
- data/lib/cms/users_service/user_groups_by_codes_module.rb +13 -0
- data/lib/cms/users_service/users_factory.rb +50 -0
- data/lib/cms/version.rb +1 -1
- data/lib/generators/browser_cms/demo_site/templates/demo.seeds.rb +1 -1
- metadata +27 -6
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: c583e14fa12a74f972234f11511a962188130dbe
|
4
|
+
data.tar.gz: 11cc22e7c560d79463b17162c340663f72e198ed
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 8ae938f94dd7d6135bee6c3b041533730171449f1da563087bfd1570b3222bfef97ce1746c7fc4addeb41f3f0a543670b212680b5a69426fc9758cf92dee1ba0
|
7
|
+
data.tar.gz: 2a28a07e19f40207217060314715102733189ff936e33cc05b4ec2f5eee4d060d0377d1e17c2fcd046fde4ed6cb94e607ae6d1f0509b60db6eb8e1105a50c09b
|
@@ -24,7 +24,7 @@ module Cms
|
|
24
24
|
end
|
25
25
|
|
26
26
|
def create
|
27
|
-
@attachment = Attachment.new(permitted_params
|
27
|
+
@attachment = Attachment.new(permitted_params)
|
28
28
|
@attachment.published = true
|
29
29
|
if @attachment.save
|
30
30
|
render :partial => 'cms/attachments/attachment_wrapper', :locals => {:attachment => @attachment}
|
@@ -0,0 +1,13 @@
|
|
1
|
+
module Cms
|
2
|
+
class CasSessionsController < Devise::CasSessionsController
|
3
|
+
|
4
|
+
# remove "You need to be signed in" error flash after you're logged in.
|
5
|
+
before_filter :clear_flash, only: [:service]
|
6
|
+
|
7
|
+
private
|
8
|
+
def clear_flash
|
9
|
+
flash.delete :alert
|
10
|
+
true
|
11
|
+
end
|
12
|
+
end
|
13
|
+
end
|
@@ -6,7 +6,7 @@ module Cms
|
|
6
6
|
# # Assumes there is an external Crm tool that we look up username/passwords from.
|
7
7
|
# if(SouthparkCrm::Client.authenticate(params[:login], params[:password]))
|
8
8
|
# user = Cms::ExternalUser.authenticate('stan.marsh', 'southpark-crm')
|
9
|
-
# user.authorize(
|
9
|
+
# user.authorize(Cms::UsersService::GROUP_CMS_ADMIN)
|
10
10
|
# end
|
11
11
|
# ```
|
12
12
|
class ExternalUser < Cms::PersistentUser
|
data/app/models/cms/group.rb
CHANGED
@@ -6,7 +6,7 @@ class Cms::Group < ActiveRecord::Base
|
|
6
6
|
GUEST_CODE = "guest"
|
7
7
|
|
8
8
|
has_many :user_group_memberships, :class_name => 'Cms::UserGroupMembership'
|
9
|
-
has_many :users, :through => :user_group_memberships, :class_name =>
|
9
|
+
has_many :users, :through => :user_group_memberships, :class_name => Cms.user_class_name
|
10
10
|
|
11
11
|
has_many :group_permissions, :class_name => 'Cms::GroupPermission'
|
12
12
|
has_many :permissions, :through => :group_permissions, :class_name => 'Cms::Permission'
|
@@ -36,7 +36,8 @@ class Cms::Group < ActiveRecord::Base
|
|
36
36
|
end
|
37
37
|
end
|
38
38
|
|
39
|
-
|
39
|
+
# `public` scope is defined in rails 4.2
|
40
|
+
scope :public_users, -> { where(["#{Cms::GroupType.table_name}.cms_access = ?", false]).includes(:group_type).references(:group_type) }
|
40
41
|
scope :cms_access, -> { where(["#{Cms::GroupType.table_name}.cms_access = ?", true]).includes(:group_type).references(:group_type) }
|
41
42
|
|
42
43
|
def guest?
|
@@ -49,9 +50,12 @@ class Cms::Group < ActiveRecord::Base
|
|
49
50
|
|
50
51
|
# Finds the guest group, which is a special group that represents public non-logged in users.
|
51
52
|
def self.guest
|
52
|
-
|
53
|
+
guest_groups.first
|
53
54
|
end
|
54
55
|
|
56
|
+
def self.guest_groups
|
57
|
+
with_code(GUEST_CODE)
|
58
|
+
end
|
55
59
|
|
56
60
|
def has_permission?(permission)
|
57
61
|
permissions.any? do |p|
|
@@ -7,51 +7,12 @@
|
|
7
7
|
module Cms
|
8
8
|
class GuestUser < Cms::User
|
9
9
|
|
10
|
+
include Cms::UsersService::GuestUserModule
|
11
|
+
|
10
12
|
def initialize(attributes={})
|
11
13
|
super({:login => Cms::Group::GUEST_CODE, :first_name => "Anonymous", :last_name => "User"}.merge(attributes))
|
12
14
|
@guest = true
|
13
15
|
end
|
14
16
|
|
15
|
-
def able_to?(*name)
|
16
|
-
group && group.permissions.where('name in (?)', name.map(&:to_s)).count > 0
|
17
|
-
end
|
18
|
-
|
19
|
-
# Guests never get access to the CMS.
|
20
|
-
# Overridden from user so that able_to_view? will work correctly.
|
21
|
-
def cms_access?
|
22
|
-
false
|
23
|
-
end
|
24
|
-
|
25
|
-
# Return a list of the sections associated with this user that can be viewed.
|
26
|
-
# Overridden from user so that able_to_view? will work correctly.
|
27
|
-
def viewable_sections
|
28
|
-
group.sections
|
29
|
-
end
|
30
|
-
|
31
|
-
def able_to_edit?(section)
|
32
|
-
false
|
33
|
-
end
|
34
|
-
|
35
|
-
def group
|
36
|
-
@group ||= Cms::Group.guest
|
37
|
-
end
|
38
|
-
|
39
|
-
def groups
|
40
|
-
[group]
|
41
|
-
end
|
42
|
-
|
43
|
-
#You shouldn't be able to save a guest user
|
44
|
-
def update_attribute(name, value)
|
45
|
-
false
|
46
|
-
end
|
47
|
-
|
48
|
-
def update_attributes(attrs={})
|
49
|
-
false
|
50
|
-
end
|
51
|
-
|
52
|
-
def save(perform_validation=true)
|
53
|
-
false
|
54
|
-
end
|
55
|
-
|
56
17
|
end
|
57
18
|
end
|
@@ -6,6 +6,10 @@ module Cms
|
|
6
6
|
has_many :group_permissions, :class_name => 'Cms::GroupPermission'
|
7
7
|
has_many :groups, :through => :group_permissions, :class_name => 'Cms::Group'
|
8
8
|
|
9
|
+
def self.by_group_ids(group_ids)
|
10
|
+
distinct.where("#{Cms::Group.table_name}.id" => group_ids).includes(:groups).references(:groups)
|
11
|
+
end
|
12
|
+
|
9
13
|
validates_presence_of :name
|
10
14
|
validates_uniqueness_of :name
|
11
15
|
|
@@ -3,16 +3,13 @@ module Cms
|
|
3
3
|
# A parent class for users that need to be persisted in the CMS database.
|
4
4
|
class PersistentUser < ActiveRecord::Base
|
5
5
|
|
6
|
+
include Cms::UsersService.user_compatibility_module
|
7
|
+
|
6
8
|
self.table_name = 'cms_users'
|
7
9
|
|
8
10
|
# Note that Chrome doesn't expire session cookies immediately so test this in other browsers.
|
9
11
|
# http://stackoverflow.com/questions/16817229/issues-with-devise-rememberable
|
10
|
-
devise
|
11
|
-
# Note that Chrome doesn't expire session cookies immediately so test this in other browsers.
|
12
|
-
# http://stackoverflow.com/questions/16817229/issues-with-devise-rememberable
|
13
|
-
:rememberable,
|
14
|
-
:recoverable, # Needs to be here so forgot password link works.
|
15
|
-
:authentication_keys => [:login]
|
12
|
+
devise *Cms.user_class_devise_options
|
16
13
|
|
17
14
|
|
18
15
|
has_many :user_group_memberships, :class_name => 'Cms::UserGroupMembership', foreign_key: :user_id
|
@@ -31,14 +28,14 @@ module Cms
|
|
31
28
|
class << self
|
32
29
|
|
33
30
|
def permitted_params
|
34
|
-
super + [{:group_ids => []}]
|
31
|
+
super + [{ :group_ids => [] }]
|
35
32
|
end
|
36
33
|
|
37
34
|
# Returns all users that can :edit_content or :publish_content permissions.
|
38
35
|
#
|
39
36
|
# @return [ActiveRelation<Cms::User>] A scope which will find users with the correct permissions.
|
40
37
|
def able_to_edit_or_publish_content
|
41
|
-
where(["#{Permission.table_name}.name = ? OR #{Permission.table_name}.name = ?", "edit_content", "publish_content"]).includes({:groups => :permissions}).references(:permissions)
|
38
|
+
where(["#{Permission.table_name}.name = ? OR #{Permission.table_name}.name = ?", "edit_content", "publish_content"]).includes({ :groups => :permissions }).references(:permissions)
|
42
39
|
end
|
43
40
|
|
44
41
|
def current
|
@@ -55,29 +52,23 @@ module Cms
|
|
55
52
|
end
|
56
53
|
end
|
57
54
|
|
58
|
-
|
59
|
-
|
60
|
-
|
55
|
+
def cas_extra_attributes=(extra_attributes)
|
56
|
+
self.external_data = extra_attributes.to_json
|
57
|
+
extra_attributes = {}.merge(extra_attributes).symbolize_keys
|
58
|
+
Cms.user_cas_extra_attributes_setter.call self, extra_attributes
|
61
59
|
end
|
62
60
|
|
63
|
-
|
64
|
-
|
65
|
-
true
|
61
|
+
def group_codes
|
62
|
+
groups.map &:code
|
66
63
|
end
|
67
64
|
|
68
|
-
def
|
69
|
-
|
65
|
+
def group_codes=(group_codes)
|
66
|
+
self.groups = Cms::Group.with_code(group_codes)
|
70
67
|
end
|
71
68
|
|
72
|
-
|
73
|
-
|
74
|
-
|
75
|
-
|
76
|
-
|
77
|
-
# Determines if this user should have access to the CMS administration tools. Can be overridden by specific users (like GuestUser)
|
78
|
-
# which may not need to check the database for that information.
|
79
|
-
def cms_access?
|
80
|
-
groups.cms_access.count > 0
|
69
|
+
# Determines if this user a Guest or not.
|
70
|
+
def guest?
|
71
|
+
!!@guest
|
81
72
|
end
|
82
73
|
|
83
74
|
def disable
|
@@ -129,95 +120,11 @@ module Cms
|
|
129
120
|
[first_name, last_name].reject { |e| e.nil? }.join(" ")
|
130
121
|
end
|
131
122
|
|
132
|
-
|
133
|
-
"#{full_name} (#{login})"
|
134
|
-
end
|
135
|
-
|
136
|
-
def full_name_or_login
|
137
|
-
if full_name.strip.blank?
|
138
|
-
login
|
139
|
-
else
|
140
|
-
full_name
|
141
|
-
end
|
142
|
-
end
|
143
|
-
|
144
|
-
# This is to show a formated date on the input form. I'm unsure that
|
123
|
+
# This is to show a formatted date on the input form. I'm unsure that
|
145
124
|
# this is the best way to solve this, but it works.
|
146
125
|
def expires_at_formatted
|
147
126
|
expires_at ? (expires_at.strftime '%m/%d/%Y') : nil
|
148
127
|
end
|
149
128
|
|
150
|
-
def permissions
|
151
|
-
@permissions ||= Cms::Permission.where(["#{self.class.table_name}.id = ?", id]).includes({:groups => :users}).references(:users)
|
152
|
-
end
|
153
|
-
|
154
|
-
def viewable_sections
|
155
|
-
@viewable_sections ||= Cms::Section.where(["#{self.class.table_name}.id = ?", id]).includes(:groups => :users).references(:users)
|
156
|
-
end
|
157
|
-
|
158
|
-
def modifiable_sections
|
159
|
-
@modifiable_sections ||= Cms::Section.where(["#{self.class.table_name}.id = ? and #{GroupType.table_name}.cms_access = ?", id, true]).includes(:groups => [:group_type, :users]).references(:users, :groups)
|
160
|
-
end
|
161
|
-
|
162
|
-
# Expects a list of names of Permissions
|
163
|
-
# true if the user has any of the permissions
|
164
|
-
def able_to?(*required_permissions)
|
165
|
-
perms = required_permissions.map(&:to_sym)
|
166
|
-
permissions.any? do |p|
|
167
|
-
perms.include?(p.name.to_sym)
|
168
|
-
end
|
169
|
-
end
|
170
|
-
|
171
|
-
# Determine if this user has permission to view the specific object. Permissions
|
172
|
-
# are always tied to a specific section. This method can take different input parameters
|
173
|
-
# and will attempt to determine the relevant section to check.
|
174
|
-
# Expects object to be of type:
|
175
|
-
# 1. Section - Will check the user's groups to see if any of those groups can view this section.
|
176
|
-
# 2. Path - Will look up the section based on the path, then check it. (Note that section paths are not currently unique, so this will check the first one it finds).
|
177
|
-
# 3. Other - Assumes it has a section attribute and will call that and check the return value.
|
178
|
-
#
|
179
|
-
# Returns: true if the user can view this object, false otherwise.
|
180
|
-
# Raises: ActiveRecord::RecordNotFound if a path to a not existent section is passed in.
|
181
|
-
def able_to_view?(object)
|
182
|
-
section = object
|
183
|
-
if object.is_a?(String)
|
184
|
-
section = Cms::Section.find_by_path(object)
|
185
|
-
raise ActiveRecord::RecordNotFound.new("Could not find section with path = '#{object}'") unless section
|
186
|
-
elsif !object.is_a?(Cms::Section)
|
187
|
-
section = object.parent
|
188
|
-
end
|
189
|
-
viewable_sections.include?(section) || cms_access?
|
190
|
-
end
|
191
|
-
|
192
|
-
def able_to_modify?(object)
|
193
|
-
case object
|
194
|
-
when Cms::Section
|
195
|
-
modifiable_sections.include?(object)
|
196
|
-
when Cms::Page, Cms::Link
|
197
|
-
modifiable_sections.include?(object.section)
|
198
|
-
else
|
199
|
-
if object.class.respond_to?(:connectable?) && object.class.connectable?
|
200
|
-
object.connected_pages.all? { |page| able_to_modify?(page) }
|
201
|
-
else
|
202
|
-
true
|
203
|
-
end
|
204
|
-
end
|
205
|
-
end
|
206
|
-
|
207
|
-
# Expects node to be a Section, Page or Link
|
208
|
-
# Returns true if the specified node, or any of its ancestor sections, is editable by any of
|
209
|
-
# the user's 'CMS User' groups.
|
210
|
-
def able_to_edit?(object)
|
211
|
-
able_to?(:edit_content) && able_to_modify?(object)
|
212
|
-
end
|
213
|
-
|
214
|
-
def able_to_publish?(object)
|
215
|
-
able_to?(:publish_content) && able_to_modify?(object)
|
216
|
-
end
|
217
|
-
|
218
|
-
def able_to_edit_or_publish_content?
|
219
|
-
able_to?(:edit_content, :publish_content)
|
220
|
-
end
|
221
|
-
|
222
129
|
end
|
223
130
|
end
|
data/app/models/cms/section.rb
CHANGED
@@ -23,17 +23,21 @@ module Cms
|
|
23
23
|
has_many :group_sections, :class_name => 'Cms::GroupSection'
|
24
24
|
has_many :groups, :through => :group_sections, :class_name => 'Cms::Group'
|
25
25
|
|
26
|
-
scope :root, -> { where
|
27
|
-
scope :system, -> { where
|
28
|
-
scope :hidden, -> { where
|
29
|
-
scope :not_hidden, -> { where
|
26
|
+
scope :root, -> { where root: true }
|
27
|
+
scope :system, -> { where name: 'system' }
|
28
|
+
scope :hidden, -> { where hidden: true }
|
29
|
+
scope :not_hidden, -> { where hidden: false }
|
30
30
|
|
31
31
|
def self.named(name)
|
32
|
-
where
|
32
|
+
where name: name
|
33
33
|
end
|
34
34
|
|
35
35
|
def self.with_path(path)
|
36
|
-
where
|
36
|
+
where path: path
|
37
|
+
end
|
38
|
+
|
39
|
+
def self.by_group_ids(group_ids)
|
40
|
+
distinct.where("#{Cms::Group.table_name}.id" => group_ids).includes(:groups).references(:groups)
|
37
41
|
end
|
38
42
|
|
39
43
|
#scope :named, lambda { |name| {-> {where( ["#{table_name}.name = ?", name]} } )}
|
data/app/models/cms/user.rb
CHANGED
@@ -2,8 +2,8 @@ module Cms
|
|
2
2
|
|
3
3
|
# Represents a CMS users that is managed through the CMS UI.
|
4
4
|
class User < PersistentUser
|
5
|
-
include Devise::Models::Validatable
|
6
|
-
include Devise::Models::Recoverable
|
5
|
+
include Devise::Models::Validatable if Cms.user_class_devise_validatable?
|
6
|
+
include Devise::Models::Recoverable if Cms.user_class_devise_recoverable?
|
7
7
|
|
8
8
|
class << self
|
9
9
|
# Change a given user's password.
|
@@ -1,11 +1,11 @@
|
|
1
1
|
# Shows a 'Login' form.
|
2
2
|
#
|
3
3
|
# This portlet should not typically necessary in CMS 4.0 or later since there is a built
|
4
|
-
# in /login route built in.
|
4
|
+
# in /users/login route built in.
|
5
5
|
class LoginPortlet < Cms::Portlet
|
6
6
|
|
7
7
|
enable_template_editor false
|
8
|
-
description "Display a login form (Consider using /login instead)."
|
8
|
+
description "Display a login form (Consider using /users/login instead)."
|
9
9
|
|
10
10
|
def render
|
11
11
|
end
|
data/config/routes.rb
CHANGED
@@ -3,31 +3,30 @@
|
|
3
3
|
# be found in lib/cms/route_extensions.rb
|
4
4
|
Cms::Engine.routes.draw do
|
5
5
|
get 'fakemap', to: 'section_nodes#fake'
|
6
|
-
get '/content/:id/edit', :
|
7
|
-
get '/dashboard', :
|
8
|
-
get '/', :
|
9
|
-
get '/sitemap', :
|
10
|
-
get '/content_library', :
|
11
|
-
get '/administration', :
|
12
|
-
|
13
|
-
devise_for :cms_users,
|
14
|
-
skip: [:sessions],
|
15
|
-
path: :users,
|
16
|
-
class_name: 'Cms::PersistentUser',
|
17
|
-
controllers: {passwords: 'cms/passwords'},
|
18
|
-
module: :devise
|
6
|
+
get '/content/:id/edit', to: 'content#edit', as: 'edit_content'
|
7
|
+
get '/dashboard', to: 'dashboard#index', as: 'dashboard'
|
8
|
+
get '/', to: 'home#index', as: 'home'
|
9
|
+
get '/sitemap', to: 'section_nodes#index', as: 'sitemap'
|
10
|
+
get '/content_library', to: 'html_blocks#index', as: 'content_library'
|
11
|
+
get '/administration', to: 'users#index', as: 'administration'
|
12
|
+
|
13
|
+
devise_for :cms_users, Cms.routes_devise_for_options
|
19
14
|
|
20
15
|
devise_scope :cms_user do
|
21
|
-
|
22
|
-
get '/login' => "
|
23
|
-
|
24
|
-
get '/logout' => "sessions#destroy", :as => 'logout'
|
16
|
+
controller = Cms.routes_devise_sessions_controller
|
17
|
+
get '/login' => "#{controller}#new", as: :login
|
18
|
+
get '/logout' => "#{controller}#destroy", as: :logout
|
25
19
|
|
20
|
+
# get '/login' => redirect { new_cms_user_session_path }, as: :login
|
21
|
+
# get '/logout' => redirect { destroy_cms_user_session_path }, as: :logout
|
26
22
|
end
|
27
23
|
|
28
|
-
|
24
|
+
#user root path => go to dashboard
|
25
|
+
get '/dashboard' => 'dashboard#index', as: :cms_user_root
|
26
|
+
|
27
|
+
get '/toolbar', to: 'toolbar#index', as: 'toolbar'
|
29
28
|
|
30
|
-
put
|
29
|
+
put '/inline_content/:id', to: 'inline_content#update', as: 'update_inline_content'
|
31
30
|
resources :page_components
|
32
31
|
resources :connectors do
|
33
32
|
member do
|
@@ -57,8 +56,8 @@ Cms::Engine.routes.draw do
|
|
57
56
|
resources :tasks
|
58
57
|
end
|
59
58
|
get '/pages/:id/preview', to: 'content#preview', as: 'preview_page'
|
60
|
-
get '/pages/:id/version/:version', :
|
61
|
-
put '/pages/:id/revert_to/:version', :
|
59
|
+
get '/pages/:id/version/:version', to: 'pages#version', as: 'version_page'
|
60
|
+
put '/pages/:id/revert_to/:version', to: 'pages#revert_to', as: 'revert_page'
|
62
61
|
resources :tasks do
|
63
62
|
member do
|
64
63
|
put :complete
|
@@ -77,7 +76,7 @@ Cms::Engine.routes.draw do
|
|
77
76
|
end
|
78
77
|
end
|
79
78
|
|
80
|
-
resources :attachments, :
|
79
|
+
resources :attachments, only: [:show, :create, :destroy]
|
81
80
|
|
82
81
|
content_blocks :html_blocks
|
83
82
|
content_blocks :forms
|
@@ -86,20 +85,20 @@ Cms::Engine.routes.draw do
|
|
86
85
|
get :confirm_delete
|
87
86
|
end
|
88
87
|
end
|
89
|
-
post
|
90
|
-
get
|
88
|
+
post 'form_fields/:id/insert_at/:position' => 'form_fields#insert_at'
|
89
|
+
get '/forms/:id/fields/preview' => 'form_fields#preview', as: 'preview_form_field'
|
91
90
|
|
92
91
|
resources :form_entries do
|
93
92
|
collection do
|
94
93
|
post :submit
|
95
94
|
end
|
96
95
|
end
|
97
|
-
put
|
96
|
+
put '/form_entries' => 'form_entries#bulk_update'
|
98
97
|
# Faux nested resource for forms (not sure if #content_blocks allows for it.)
|
99
98
|
get 'forms/:id/entries' => 'form_entries#index', as: 'entries'
|
100
99
|
|
101
100
|
content_blocks :portlets
|
102
|
-
post '/portlet/:id/:handler', :
|
101
|
+
post '/portlet/:id/:handler', to: 'portlet#execute_handler', as: 'portlet_handler'
|
103
102
|
|
104
103
|
content_blocks :file_blocks
|
105
104
|
content_blocks :image_blocks
|
@@ -107,7 +106,7 @@ Cms::Engine.routes.draw do
|
|
107
106
|
content_blocks :categories
|
108
107
|
content_blocks :tags
|
109
108
|
|
110
|
-
get 'user' =>
|
109
|
+
get 'user' => 'user#show', as: :current_user
|
111
110
|
resources :users, except: :show do
|
112
111
|
member do
|
113
112
|
get :change_password
|
@@ -119,16 +118,16 @@ Cms::Engine.routes.draw do
|
|
119
118
|
resources :email_messages
|
120
119
|
resources :groups
|
121
120
|
resources :redirects
|
122
|
-
resources :page_partials, :
|
123
|
-
resources :page_templates, :
|
121
|
+
resources :page_partials, controller: 'dynamic_views'
|
122
|
+
resources :page_templates, controller: 'dynamic_views'
|
124
123
|
resources :page_routes, except: :show do
|
125
|
-
resources :conditions, :
|
126
|
-
resources :requirements, :
|
124
|
+
resources :conditions, controller: 'page_route_conditions'
|
125
|
+
resources :requirements, controller: 'page_route_requirements'
|
127
126
|
end
|
128
|
-
get 'cache', :
|
129
|
-
delete 'cache', :
|
127
|
+
get 'cache', to: 'cache#show', as: 'cache'
|
128
|
+
delete 'cache', to: 'cache#destroy'
|
130
129
|
|
131
|
-
get
|
130
|
+
get '/routes', to: 'routes#index', as: 'routes'
|
132
131
|
|
133
132
|
add_routes_for_addressable_content_blocks
|
134
133
|
end
|