browsercms 3.0.2 → 3.0.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (64) hide show
  1. data/app/controllers/cms/content_block_controller.rb +25 -2
  2. data/app/controllers/cms/content_controller.rb +31 -2
  3. data/app/controllers/cms/dashboard_controller.rb +2 -1
  4. data/app/controllers/cms/error_handling.rb +9 -2
  5. data/app/controllers/cms/links_controller.rb +2 -0
  6. data/app/controllers/cms/pages_controller.rb +22 -18
  7. data/app/controllers/cms/section_nodes_controller.rb +1 -1
  8. data/app/controllers/cms/sections_controller.rb +12 -7
  9. data/app/controllers/cms/sessions_controller.rb +17 -10
  10. data/app/controllers/cms/users_controller.rb +8 -6
  11. data/app/helpers/cms/application_helper.rb +2 -6
  12. data/app/helpers/cms/menu_helper.rb +118 -146
  13. data/app/helpers/cms/page_helper.rb +2 -2
  14. data/app/models/attachment.rb +2 -2
  15. data/app/models/group.rb +13 -2
  16. data/app/models/guest_user.rb +9 -3
  17. data/app/models/link.rb +2 -2
  18. data/app/models/page.rb +1 -1
  19. data/app/models/section.rb +7 -2
  20. data/app/models/user.rb +35 -17
  21. data/app/views/cms/blocks/_toolbar_for_member.html.erb +3 -3
  22. data/app/views/cms/blocks/index.html.erb +11 -6
  23. data/app/views/cms/content/show.html.erb +3 -3
  24. data/app/views/cms/menus/_menu.html.erb +9 -0
  25. data/app/views/cms/menus/_menu_item.html.erb +11 -0
  26. data/app/views/cms/pages/_edit_connector.html.erb +1 -1
  27. data/app/views/cms/pages/_edit_container.html.erb +1 -1
  28. data/app/views/cms/section_nodes/_node.html.erb +1 -1
  29. data/app/views/cms/sections/_form.html.erb +36 -34
  30. data/app/views/cms/shared/access_denied.html.erb +3 -0
  31. data/app/views/cms/users/change_password.html.erb +8 -6
  32. data/app/views/cms/users/index.html.erb +1 -1
  33. data/app/views/cms/users/show.html.erb +50 -0
  34. data/app/views/layouts/_cms_toolbar.html.erb +1 -1
  35. data/app/views/layouts/_page_toolbar.html.erb +7 -7
  36. data/app/views/layouts/cms/administration.html.erb +24 -7
  37. data/browsercms.gemspec +13 -7
  38. data/lib/acts_as_list.rb +8 -4
  39. data/lib/cms/acts/content_block.rb +1 -1
  40. data/lib/cms/authentication/controller.rb +26 -7
  41. data/lib/cms/behaviors/attaching.rb +3 -3
  42. data/lib/cms/behaviors/publishing.rb +12 -1
  43. data/lib/cms/behaviors/rendering.rb +17 -4
  44. data/lib/cms/behaviors/versioning.rb +2 -2
  45. data/lib/cms/routes.rb +4 -0
  46. data/lib/tasks/cms.rake +0 -18
  47. data/public/javascripts/cms/content_library.js +36 -0
  48. data/public/javascripts/cms/sitemap.js +21 -9
  49. data/public/stylesheets/cms/form_layout.css +16 -2
  50. data/public/stylesheets/cms/nav.css +4 -3
  51. data/test/functional/cms/content_block_controller_test.rb +120 -0
  52. data/test/functional/cms/content_controller_test.rb +135 -80
  53. data/test/functional/cms/links_controller_test.rb +89 -1
  54. data/test/functional/cms/pages_controller_test.rb +138 -0
  55. data/test/functional/cms/section_nodes_controller_test.rb +45 -5
  56. data/test/functional/cms/sections_controller_test.rb +148 -1
  57. data/test/functional/cms/sessions_controller_test.rb +26 -2
  58. data/test/functional/cms/users_controller_test.rb +49 -2
  59. data/test/test_helper.rb +3 -1
  60. data/test/unit/behaviors/attaching_test.rb +26 -0
  61. data/test/unit/helpers/menu_helper_test.rb +118 -278
  62. data/test/unit/models/group_test.rb +6 -0
  63. data/test/unit/models/user_test.rb +127 -29
  64. metadata +12 -4
@@ -1,4 +1,4 @@
1
- <div class="cms_edit_connectable" style="display: block; height: auto; width: inherit; position: relative; border: 1px solid #999; margin: 1px -6px 0 -6px; padding: 25px 5px 0 5px; background: url(/images/cms/containers/beta.png) repeat-x 0 0;">
1
+ <div class="cms_edit_connectable" style="display: block; height: auto; position: relative; border: 1px solid #999; margin: 1px -6px 0 -6px; padding: 25px 5px 0 5px; background: url(/images/cms/containers/beta.png) repeat-x 0 0;">
2
2
  <div style="display: block; width: 100%; position: absolute; top: 5px; left: 5px; height: 30px;">
3
3
  <%= link_to image_tag("cms/pages/show_connectable.gif", :style => "text-decoration: none; padding: 0; background: none; margin: 0; float: none; border: none;"), cms_connectable_path(connectable), :title => "View this content (#{connectable.name})" , :style => "text-decoration: none; padding: 0 2px 0 0; background: none; margin: 0; float: none; border: none;"%>
4
4
  <%= link_to image_tag("cms/pages/edit_connectable.gif", :style => "text-decoration: none; padding: 0; background: none; margin: 0; float: none; border: none;"), edit_cms_connectable_path(connectable, :_redirect_to => @page.path), :title => "Edit this content (#{connectable.name})" , :style => "text-decoration: none; padding: 0 2px 0 0; background: none; margin: 0; float: none; border: none;"%>
@@ -1,4 +1,4 @@
1
- <div class="cms_edit_container" style="height: auto; width: inherit; background: url(/images/cms/containers/alpha.png) repeat-x 0 0; border: 1px solid #999; margin: -8px 0 0 -8px; padding: 24px 7px 1px 7px; position: relative;">
1
+ <div class="cms_edit_container" style="height: auto; background: url(/images/cms/containers/alpha.png) repeat-x 0 0; border: 1px solid #999; margin: -8px 0 0 -8px; padding: 24px 7px 1px 7px; position: relative;">
2
2
  <div style="display: block; width: 100%; position: absolute; top: 5px; left: 5px; height: 30px;">
3
3
  <%= link_to image_tag("cms/pages/add_connectable.gif", :style => "text-decoration: none; padding: 0; background: none; margin: 0; float: none; border: none;"), cms_content_types_path(:connect_to_page_id => @page, :connect_to_container => name), :title => "Add new content to this container (#{name})" , :style => "text-decoration: none; padding: 0 2px 0 0; background: none; margin: 0; float: none; border: none;"%>
4
4
  <%= link_to image_tag("cms/pages/connect_connectable.gif", :style => "text-decoration: none; padding: 0; background: none; margin: 0; float: none; border: none;"), new_cms_connector_path(:page_id => @page, :container => name), :title => "Insert existing content into this container (#{name})" , :style => "text-decoration: none; padding: 0 2px 0 0; background: none; margin: 0; float: none; border: none;"%>
@@ -8,7 +8,7 @@
8
8
  <table class="section_node <%= node_type %> <%= "movable" if current_user.able_to?(:publish_content) %>" width="100%" cellspacing="0" cellpadding="0">
9
9
  <tr><td colspan="4" class="drop-before"></td></tr>
10
10
  <tr<%= ' class="doubled"' if access_icon && hidden %>>
11
- <td id="<%= node_type %>_<%= node.id %>" class="<%= node_type == "section" && node.root? ? 'root' : '' %> <%= node_type %> node">
11
+ <td id="<%= node_type %>_<%= node.id %>" class="<%= node_type == "section" && node.root? ? 'root' : '' %> <%= node_type %> node <%= 'non-editable' unless current_user.able_to_edit?(node) %>">
12
12
  <%= icon %>
13
13
  <div><%= h(node.name) %></div>
14
14
  </td>
@@ -11,46 +11,48 @@
11
11
  </div>
12
12
  </div>
13
13
 
14
- <div class="checkbox_group fields" style="float: left; width: 100%">
15
- <label>Public Permissions</label>
16
- <%= hidden_field_tag "section[group_ids][]", "", :id => nil %>
17
- <div class="checkboxes">
18
- <% for group in public_groups %>
19
- <div class="checkbox_fields">
20
- <%= check_box_tag "section[group_ids][]", group.id,
21
- @section.groups.include?(group), :class => "public_group_ids", :id => "public_group_ids_#{group.id}", :tabindex => next_tabindex %>
22
- <label for="public_group_ids_<%= group.id %>"><%= group.name %></label>
23
- </div>
24
- <% end %>
25
- <div class="instructions">Which &ldquo;Public&rdquo; groups can view pages in this section?</div>
26
- <div class="check_uncheck">
27
- <%= link_to_check_all 'input.public_group_ids' %>,
28
- <%= link_to_uncheck_all 'input.public_group_ids' %>
14
+ <% able_to?(:administrate) do %>
15
+ <div class="checkbox_group fields" style="float: left; width: 100%">
16
+ <label>Public Permissions</label>
17
+ <%= hidden_field_tag "section[group_ids][]", "", :id => nil %>
18
+ <div class="checkboxes">
19
+ <% for group in public_groups %>
20
+ <div class="checkbox_fields">
21
+ <%= check_box_tag "section[group_ids][]", group.id,
22
+ @section.groups.include?(group), :class => "public_group_ids", :id => "public_group_ids_#{group.id}", :tabindex => next_tabindex %>
23
+ <label for="public_group_ids_<%= group.id %>"><%= group.name %></label>
24
+ </div>
25
+ <% end %>
26
+ <div class="instructions">Which &ldquo;Public&rdquo; groups can view pages in this section?</div>
27
+ <div class="check_uncheck">
28
+ <%= link_to_check_all 'input.public_group_ids' %>,
29
+ <%= link_to_uncheck_all 'input.public_group_ids' %>
30
+ </div>
29
31
  </div>
30
32
  </div>
31
- </div>
32
33
 
33
- <br clear="all" />
34
+ <br clear="all" />
34
35
 
35
- <div class="checkbox_group fields" style="float: left; width: 100%">
36
- <label>CMS Permissions</label>
37
- <%= hidden_field_tag "section[group_ids][]", "", :id => nil %>
38
- <div class="checkboxes">
39
- <% for group in cms_groups %>
40
- <div class="checkbox_fields">
41
- <%= check_box_tag "section[group_ids][]", group.id,
42
- @section.groups.include?(group), :class => "cms_group_ids", :id => "cms_group_ids_#{group.id}", :tabindex => next_tabindex %>
43
- <label for="cms_group_ids_<%= group.id %>"><%= group.name %></label>
44
- </div>
45
- <% end %>
46
- <div class="instructions">Which &ldquo;CMS&rdquo; groups can edit pages and content in this section?</div>
47
- <div class="check_uncheck">
48
- <%= link_to_check_all 'input.cms_group_ids' %>,
49
- <%= link_to_uncheck_all 'input.cms_group_ids' %>
36
+ <div class="checkbox_group fields" style="float: left; width: 100%">
37
+ <label>CMS Permissions</label>
38
+ <%= hidden_field_tag "section[group_ids][]", "", :id => nil %>
39
+ <div class="checkboxes">
40
+ <% for group in cms_groups %>
41
+ <div class="checkbox_fields">
42
+ <%= check_box_tag "section[group_ids][]", group.id,
43
+ @section.groups.include?(group), :class => "cms_group_ids", :id => "cms_group_ids_#{group.id}", :tabindex => next_tabindex %>
44
+ <label for="cms_group_ids_<%= group.id %>"><%= group.name %></label>
45
+ </div>
46
+ <% end %>
47
+ <div class="instructions">Which &ldquo;CMS&rdquo; groups can edit pages and content in this section?</div>
48
+ <div class="check_uncheck">
49
+ <%= link_to_check_all 'input.cms_group_ids' %>,
50
+ <%= link_to_uncheck_all 'input.cms_group_ids' %>
51
+ </div>
50
52
  </div>
51
53
  </div>
52
- </div>
53
- <br clear="all" />
54
+ <br clear="all" />
55
+ <% end %>
54
56
 
55
57
  <div class="buttons">
56
58
  <%= lt_button_wrapper(f.submit("Save", :class => "submit", :tabindex => next_tabindex)) %>
@@ -0,0 +1,3 @@
1
+ <% page_title "Access Denied" %>
2
+ <%= content_for :functions, "<h1>#{ @page_title }</h1>" %>
3
+ <p>Sorry, you do not have permission to access this page.</p>
@@ -1,10 +1,12 @@
1
1
  <% @page_title = @toolbar_title = "Set New Password" %>
2
- <% content_for :toolbar_links do %>
3
- <%= link_to(span_tag("List All"), url_for(:controller => "users", :action => "index"), :id => "list_all_button", :class => "button") %>
4
- <%= link_to(span_tag("Edit User"), url_for(:controller => "users", :action => "edit", :id => @user.id), :id => "edit_user_button", :class => "button") %>
5
- <% end %>
2
+ <% able_to? :administrate do %>
3
+ <% content_for :toolbar_links do %>
4
+ <%= link_to(span_tag("List All"), url_for(:controller => "users", :action => "index"), :id => "list_all_button", :class => "button") %>
5
+ <%= link_to(span_tag("Edit User"), url_for(:controller => "users", :action => "edit", :id => @user.id), :id => "edit_user_button", :class => "button") %>
6
+ <% end %>
6
7
 
7
- <%= content_for :functions, render(:partial => "toolbar") %>
8
+ <%= content_for :functions, render(:partial => "toolbar") %>
9
+ <% end %>
8
10
 
9
11
  <% content_for :html_head do %>
10
12
  <%= stylesheet_link_tag('cms/form_layout') %>
@@ -16,4 +18,4 @@
16
18
  <div class="buttons">
17
19
  <%= lt_button_wrapper(f.submit("Save", :class => "submit")) %>
18
20
  </div>
19
- <% end %>
21
+ <% end %>
@@ -26,7 +26,7 @@
26
26
  <% @users.each do |user|%>
27
27
  <tr>
28
28
  <td class="first"></td>
29
- <td><div class="dividers"><%= link_to "#{user.first_name} #{user.last_name}", [:cms, user] %></div></td>
29
+ <td><div class="dividers"><%= link_to "#{user.first_name} #{user.last_name}", edit_cms_user_path(user) %></div></td>
30
30
  <td><div class="dividers"><%= link_to user.email, "mailto:#{user.email}" %></div></td>
31
31
  <td>
32
32
  <div class="dividers">
@@ -0,0 +1,50 @@
1
+ <% @page_title = @toolbar_title = h(@user.login) %>
2
+
3
+ <% content_for :toolbar_links do %>
4
+ <%= link_to(span_tag("List All"), cms_users_path,
5
+ :id => "list_all_button",
6
+ :class => "button") if current_user.able_to?(:administrate) %>
7
+ <%= link_to(span_tag("Change Password"), [:change_password, :cms, @user],
8
+ :id => "change_password_button",
9
+ :class => "button") %>
10
+ <% end %>
11
+
12
+ <% content_for :functions do %>
13
+ <%= render(:partial => "toolbar") %>
14
+ <% end %>
15
+
16
+ <% content_for :html_head do %>
17
+ <%= stylesheet_link_tag('cms/form_layout') %>
18
+ <% end %>
19
+
20
+ <div class="faux_form">
21
+ <div class="fields">
22
+ <span class="label">Username</span>
23
+ <%=h @user.login %>
24
+ </div>
25
+
26
+ <div class="fields">
27
+ <span class="label">Email</span>
28
+ <%=h @user.email %>
29
+ </div>
30
+
31
+ <div class="fields">
32
+ <span class="label">First name</span>
33
+ <%=h @user.first_name %>
34
+ </div>
35
+
36
+ <div class="fields">
37
+ <span class="label">Last name</span>
38
+ <%=h @user.last_name %>
39
+ </div>
40
+
41
+ <div class="fields">
42
+ <span class="label">Groups</span>
43
+
44
+ <ul>
45
+ <% @user.groups.each do |group| -%>
46
+ <li><%= group.name %></li>
47
+ <% end -%>
48
+ </ul>
49
+ </div>
50
+ </div>
@@ -8,7 +8,7 @@
8
8
  <% able_to?(:administrate) do %><li><%= link_to image_tag("/images/cms/nav_admin#{'_on' if tab == :administration}.gif", :id => 'nav_admin_img'), cms_administration_path, :target => "_top" %></li><% end %>
9
9
  </ul>
10
10
  <ul id="userlinks">
11
- <li id="user_info"><%= image_tag "cms/icons/user.png" %><span><%= current_user.full_name %></span></li>
11
+ <li id="user_info"><a href="<%= current_user.able_to?(:administrate) ? edit_cms_user_path(current_user) : cms_user_path(current_user) %>" target="_top"><%= image_tag "cms/icons/user.png" %> <%= current_user.full_name %></a></li>
12
12
  <li><%= link_to "Logout", cms_logout_path, :class => "http_delete", :target => "_top" %></li>
13
13
  </ul>
14
14
  <% flash_class, flash_message = flash.to_a.first %>
@@ -50,30 +50,30 @@
50
50
  <%= link_to "<span>Publish</span>",
51
51
  @page.live? ? '#' : publish_cms_page_path(@page),
52
52
  :id => "publish_button",
53
- :class => "http_put button#{' disabled' if !current_user.able_to?(:publish_content) || @page.version != @page.draft.version || @page.live?} left",
53
+ :class => "http_put button#{' disabled' if !current_user.able_to?(:publish_content) || !current_user.able_to_edit?(@page) || @page.version != @page.draft.version || @page.live?} left",
54
54
  :target => "_top" %>
55
55
 
56
56
  <%= link_to "<span>Assign</span>",
57
57
  new_cms_page_task_path(@page),
58
58
  :id => "assign_button",
59
- :class => "button#{ ' disabled' if @page.assigned_to == current_user} middle",
59
+ :class => "button#{ ' disabled' if @page.assigned_to == current_user || !current_user.able_to_edit?(@page) } middle",
60
60
  :target => "_top" %>
61
61
 
62
62
  <%= link_to "<span>Complete Task</span>",
63
63
  @page.current_task ? complete_cms_task_path(@page.current_task) : '#',
64
64
  :id => "complete_task_button",
65
- :class => "http_put button#{ ' disabled' unless @page.assigned_to == current_user} right",
65
+ :class => "http_put button#{ ' disabled' if @page.assigned_to != current_user || !current_user.able_to_edit?(@page) } right",
66
66
  :target => "_top" %>
67
67
 
68
68
  <%= link_to "<span>Edit Properties</span>",
69
69
  [:edit, :cms, @page],
70
70
  :id => "edit_properties_button",
71
- :class => "spacer button",
71
+ :class => "spacer button#{ ' disabled' unless current_user.able_to_edit?(@page) }",
72
72
  :target => "_top" %>
73
73
 
74
74
  <%= link_to "<span>List Versions</span>",
75
75
  versions_cms_page_path(@page),
76
- :class => "spacer button",
76
+ :class => "spacer button#{ ' disabled' unless current_user.able_to_edit?(@page) }",
77
77
  :target => "_top" %>
78
78
 
79
79
  <% able_to? :publish_content do %>
@@ -83,7 +83,7 @@
83
83
  :id => "delete_button",
84
84
  :title => "Are you sure you want to delete '#{@page.name}'?",
85
85
  :target => "_top",
86
- :class => "spacer button confirm_with_title http_delete" %>
86
+ :class => "spacer button confirm_with_title http_delete#{ ' disabled' unless current_user.able_to_publish?(@page) }" %>
87
87
  <% else %>
88
88
  <%= link_to "<span>Revert to this Version</span>",
89
89
  revert_to_cms_page_path(@page, @page.version),
@@ -98,7 +98,7 @@
98
98
  <div class="visual_editor_label">Visual Editor:</div>
99
99
  <div class="visual_editor_value_container">
100
100
  <% if @mode == "edit" %>
101
- <div><span id="visual_editor_state">ON</span></div>
101
+ <div><span id="visual_editor_state"<%= ' title="You don\'t have permission to edit this page"' unless current_user.able_to_edit?(@page) %>>ON<%= '*' unless current_user.able_to_edit?(@page) %></span></div>
102
102
  <% else %>
103
103
  <div><span id="visual_editor_state">OFF</span></div>
104
104
  <% end %>
@@ -7,18 +7,29 @@
7
7
  <div id="wrapper">
8
8
  <%= render_cms_toolbar(:administration) %>
9
9
  <div id="main">
10
- <div class="top_cap_menu"></div>
11
- <div id="menu">
12
- <%= render :partial => 'cms/shared/admin_sidebar' %>
13
- </div>
14
- <div id="contentwrap">
10
+
11
+ <% if current_user.able_to?(:administrate) %>
12
+ <div class="top_cap_menu"></div>
13
+ <div id="menu">
14
+ <%= render :partial => 'cms/shared/admin_sidebar' %>
15
+ </div>
16
+ <div id="contentwrap">
17
+ <% else %>
18
+ <div class="top_cap"></div>
19
+ <div id="contentwrapbig">
20
+ <% end %>
21
+
15
22
  <div id="functions">
16
23
  <h1><%= @toolbar_title %></h1>
17
24
  <%= yield :functions %>
18
25
 
19
26
  </div>
20
27
  <br clear="all" />
21
- <div class="top_cap_content"></div>
28
+
29
+ <% able_to?(:administrate) do %>
30
+ <div class="top_cap_content"></div>
31
+ <% end %>
32
+
22
33
  <div id="content">
23
34
  <div class="pad">
24
35
  <%= yield %>
@@ -26,7 +37,13 @@
26
37
  </div>
27
38
  </div>
28
39
  <br clear="all" />
29
- <div class="bottom_cap_content"></div>
40
+
41
+ <% if current_user.able_to?(:administrate) %>
42
+ <div class="bottom_cap_content"></div>
43
+ <% else %>
44
+ <div class="bottom_cap"></div>
45
+ <% end %>
46
+
30
47
  <%= render :partial => 'layouts/cms/footer' %>
31
48
  </div>
32
49
  </div>
data/browsercms.gemspec CHANGED
@@ -1,15 +1,15 @@
1
1
  # Generated by jeweler
2
- # DO NOT EDIT THIS FILE
3
- # Instead, edit Jeweler::Tasks in Rakefile, and run `rake gemspec`
2
+ # DO NOT EDIT THIS FILE DIRECTLY
3
+ # Instead, edit Jeweler::Tasks in Rakefile, and run the gemspec command
4
4
  # -*- encoding: utf-8 -*-
5
5
 
6
6
  Gem::Specification.new do |s|
7
7
  s.name = %q{browsercms}
8
- s.version = "3.0.2"
8
+ s.version = "3.0.3"
9
9
 
10
10
  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
11
11
  s.authors = ["BrowserMedia"]
12
- s.date = %q{2009-10-06}
12
+ s.date = %q{2009-11-06}
13
13
  s.email = %q{github@browsermedia.com}
14
14
  s.extra_rdoc_files = [
15
15
  "LICENSE.txt",
@@ -155,6 +155,8 @@ Gem::Specification.new do |s|
155
155
  "app/views/cms/links/destroy.js.rjs",
156
156
  "app/views/cms/links/edit.html.erb",
157
157
  "app/views/cms/links/new.html.erb",
158
+ "app/views/cms/menus/_menu.html.erb",
159
+ "app/views/cms/menus/_menu_item.html.erb",
158
160
  "app/views/cms/page_routes/_form.html.erb",
159
161
  "app/views/cms/page_routes/edit.html.erb",
160
162
  "app/views/cms/page_routes/index.html.erb",
@@ -191,6 +193,7 @@ Gem::Specification.new do |s|
191
193
  "app/views/cms/shared/_pagination.html.erb",
192
194
  "app/views/cms/shared/_version_conflict_diff.html.erb",
193
195
  "app/views/cms/shared/_version_conflict_error.html.erb",
196
+ "app/views/cms/shared/access_denied.html.erb",
194
197
  "app/views/cms/shared/error.html.erb",
195
198
  "app/views/cms/tags/_form.html.erb",
196
199
  "app/views/cms/tags/render.html.erb",
@@ -205,6 +208,7 @@ Gem::Specification.new do |s|
205
208
  "app/views/cms/users/edit.html.erb",
206
209
  "app/views/cms/users/index.html.erb",
207
210
  "app/views/cms/users/new.html.erb",
211
+ "app/views/cms/users/show.html.erb",
208
212
  "app/views/layouts/_cms_toolbar.html.erb",
209
213
  "app/views/layouts/_page_toolbar.html.erb",
210
214
  "app/views/layouts/application.html.erb",
@@ -1168,6 +1172,7 @@ Gem::Specification.new do |s|
1168
1172
  "public/images/cms/usercontrols_bg.png",
1169
1173
  "public/images/cms/usercontrols_bg_cap.png",
1170
1174
  "public/javascripts/cms/application.js",
1175
+ "public/javascripts/cms/content_library.js",
1171
1176
  "public/javascripts/cms/editor.js",
1172
1177
  "public/javascripts/cms/sitemap.js",
1173
1178
  "public/javascripts/jquery-ui.js",
@@ -1228,12 +1233,11 @@ Gem::Specification.new do |s|
1228
1233
  "templates/demo.rb",
1229
1234
  "templates/module.rb"
1230
1235
  ]
1231
- s.has_rdoc = true
1232
1236
  s.homepage = %q{http://www.browsercms.org}
1233
1237
  s.rdoc_options = ["--charset=UTF-8"]
1234
1238
  s.require_paths = ["lib"]
1235
1239
  s.rubyforge_project = %q{browsercms}
1236
- s.rubygems_version = %q{1.3.1}
1240
+ s.rubygems_version = %q{1.3.5}
1237
1241
  s.summary = %q{BrowserCMS is a general purpose, open source Web Content Management System (CMS), written in Ruby on Rails.}
1238
1242
  s.test_files = [
1239
1243
  "test/functional/cms/file_blocks_controller_test.rb",
@@ -1248,6 +1252,7 @@ Gem::Specification.new do |s|
1248
1252
  "test/functional/cms/links_controller_test.rb",
1249
1253
  "test/functional/cms/dynamic_views_controller_test.rb",
1250
1254
  "test/functional/cms/categories_controller_test.rb",
1255
+ "test/functional/cms/content_block_controller_test.rb",
1251
1256
  "test/functional/cms/pages_controller_test.rb",
1252
1257
  "test/functional/cms/connectors_controller_test.rb",
1253
1258
  "test/functional/cms/home_controller_test.rb",
@@ -1303,7 +1308,7 @@ Gem::Specification.new do |s|
1303
1308
 
1304
1309
  if s.respond_to? :specification_version then
1305
1310
  current_version = Gem::Specification::CURRENT_SPECIFICATION_VERSION
1306
- s.specification_version = 2
1311
+ s.specification_version = 3
1307
1312
 
1308
1313
  if Gem::Version.new(Gem::RubyGemsVersion) >= Gem::Version.new('1.2.0') then
1309
1314
  else
@@ -1311,3 +1316,4 @@ Gem::Specification.new do |s|
1311
1316
  else
1312
1317
  end
1313
1318
  end
1319
+
data/lib/acts_as_list.rb CHANGED
@@ -61,7 +61,7 @@ module ActsAsList
61
61
 
62
62
  #{scope_condition_method}
63
63
 
64
- before_destroy :remove_from_list
64
+ before_destroy :remove_from_list_without_saving
65
65
  before_create :add_to_list_bottom
66
66
  EOV
67
67
  end
@@ -118,13 +118,17 @@ module ActsAsList
118
118
  end
119
119
 
120
120
  # Removes the item from the list.
121
- def remove_from_list
121
+ def remove_from_list(save = true)
122
122
  if in_list?
123
123
  decrement_positions_on_lower_items
124
- update_attribute position_column, nil
124
+ update_attribute(position_column, nil) if save
125
125
  end
126
126
  end
127
127
 
128
+ def remove_from_list_without_saving
129
+ self.remove_from_list(false)
130
+ end
131
+
128
132
  # Increase the position of this item without adjusting the rest of the list.
129
133
  def increment_position
130
134
  return unless in_list?
@@ -249,4 +253,4 @@ module ActsAsList
249
253
  self.update_attribute(position_column, position)
250
254
  end
251
255
  end
252
- end
256
+ end
@@ -28,4 +28,4 @@ module Cms
28
28
  end
29
29
  end
30
30
  end
31
- end
31
+ end
@@ -1,3 +1,27 @@
1
+ #
2
+ # Defines the authentication behavior for controllers in BrowserCMS. It can be added to any controller that needs to
3
+ # hook into the BrowserCMS Authentication behavior like so:
4
+ #
5
+ # class MySuperSecureController < ApplicationController
6
+ # include Cms::Authentication::Controller
7
+ #
8
+ # It is based off Restful_Authentication, and adds in behavior to deal with several concepts specific to BrowserCMS.
9
+ #
10
+ # (Note: 10/8/09 - I was comparing this to a very old version of the generated code from Restful_Authentication,
11
+ # so some of the following items may be 'stock' to that. (Especially #2)
12
+ #
13
+ # 1. Guests - These represents users that are not logged in. What guests can see and do can be modified via the CMS UI. Guests
14
+ # are not considered to be 'logged in'.
15
+ # 2. 'Current' User - The currently logged in user is stored in a thread local, and can be accessed anywhere via 'User.current'.
16
+ # This allows model code to easily record which user is making changes to records, for versioning, etc.
17
+ #
18
+ # 3. 'Admin' Access Denied Page - If users try to access a protected controller, they are redirected to the CMS administration Login page
19
+ # which may be different than the 'front end' user login page. (Cms::Controller handles that differently)
20
+ #
21
+ #
22
+ # To Dos: It appears as though we are storing the 'current' user in two places, @current_user and User.current. This is probably not DRY, but
23
+ # more testing would be needed.
24
+ #
1
25
  module Cms
2
26
  module Authentication
3
27
  module Controller
@@ -12,6 +36,7 @@ module Cms
12
36
  # If the user is not logged in, this will be set to the guest user, which represents a public
13
37
  # user, who will likely have more limited permissions
14
38
  def current_user
39
+ # Note: We have disabled basic_http_auth
15
40
  @current_user ||= begin
16
41
  User.current = (login_from_session || login_from_cookie || User.guest)
17
42
  end
@@ -61,7 +86,7 @@ module Cms
61
86
 
62
87
  # Redirect as appropriate when an access request fails.
63
88
  #
64
- # The default action is to redirect to the login screen.
89
+ # The default action is to redirect to the BrowserCMS admin login screen.
65
90
  #
66
91
  # Override this method in your controllers if you want to have special
67
92
  # behavior in case the user is not authorized
@@ -73,11 +98,6 @@ module Cms
73
98
  store_location
74
99
  redirect_to cms_login_path
75
100
  end
76
- # format.any doesn't work in rails version < http://dev.rubyonrails.org/changeset/8987
77
- # you may want to change format.any to e.g. format.any(:js, :xml)
78
- # format.any do
79
- # request_http_basic_authentication 'Web Password'
80
- # end
81
101
  end
82
102
  end
83
103
 
@@ -162,7 +182,6 @@ module Cms
162
182
 
163
183
  # Cookies shouldn't be allowed to persist past their freshness date,
164
184
  # and they should be changed at each login
165
-
166
185
  def valid_remember_cookie?
167
186
  return nil unless User.current
168
187
  (User.current.remember_token?) &&
@@ -118,14 +118,14 @@ module Cms
118
118
 
119
119
  # Override this method if you would like to override the way the section is set
120
120
  def set_attachment_section
121
- if new_record? && !attachment_file.blank?
121
+ if !attachment_file.blank?
122
122
  attachment.section = Section.root.first
123
123
  end
124
124
  end
125
125
 
126
126
  # Override this method if you would like to override the way file_path is set
127
127
  def set_attachment_file_path
128
- if new_record? && !attachment_file.blank?
128
+ if !attachment_file.blank?
129
129
  attachment.file_path = "/attachments/#{File.basename(attachment_file.original_filename).to_s.downcase}"
130
130
  end
131
131
  end
@@ -181,4 +181,4 @@ module Cms
181
181
  end
182
182
  end
183
183
  end
184
- end
184
+ end
@@ -23,7 +23,18 @@ module Cms
23
23
  after_save :publish_for_non_versioned
24
24
 
25
25
  named_scope :published, :conditions => {:published => true}
26
- named_scope :unpublished, :conditions => {:published => false}
26
+ named_scope :unpublished, lambda {
27
+ if versioned?
28
+ { :joins => :versions,
29
+ :conditions =>
30
+ "#{connection.quote_table_name(version_table_name)}.#{connection.quote_column_name('version')} > " +
31
+ "#{connection.quote_table_name(table_name)}.#{connection.quote_column_name('version')}",
32
+ :select => "distinct #{connection.quote_table_name(table_name)}.*" }
33
+ else
34
+ { :conditions => { :published => false } }
35
+ end
36
+ }
37
+
27
38
  end
28
39
  end
29
40
  module ClassMethods
@@ -82,7 +82,7 @@ module Cms
82
82
 
83
83
  end
84
84
  module InstanceMethods
85
- def perform_render(controller)
85
+ def prepare_to_render(controller)
86
86
  # Give this renderable a reference to the controller
87
87
  @controller = controller
88
88
 
@@ -90,12 +90,21 @@ module Cms
90
90
 
91
91
  # This gives the view a reference to this object
92
92
  instance_variable_set(self.class.instance_variable_name_for_view, self)
93
-
93
+
94
94
  # This is like a controller action
95
95
  # We will call it if you have defined a render method
96
96
  # but if you haven't we won't
97
97
  render if respond_to?(:render)
98
+ end
98
99
 
100
+ def perform_render(controller)
101
+ return "Exception: #{@render_exception}" if @render_exception
102
+ unless @controller
103
+ # We haven't prepared to render. This should only happen when logged in, as we don't want
104
+ # errors to bubble up and prevent the page being edited in that case.
105
+ prepare_to_render(controller)
106
+ end
107
+
99
108
  # Create, Instantiate and Initialize the view
100
109
  view_class = Class.new(ActionView::Base)
101
110
  action_view = view_class.new(@controller.view_paths, {}, @controller)
@@ -108,7 +117,7 @@ module Cms
108
117
 
109
118
  # We want content_for to be called on the controller's view, not this inner view
110
119
  def action_view.content_for(name, content=nil, &block)
111
- controller.instance_variable_get("@template").content_for(name, content, &block)
120
+ @controller.instance_variable_get("@template").content_for(name, content, &block)
112
121
  end
113
122
 
114
123
  # Copy instance variables from this renderable object to it's view
@@ -122,6 +131,10 @@ module Cms
122
131
  end
123
132
  end
124
133
 
134
+ def render_exception=(exception)
135
+ @render_exception = exception
136
+ end
137
+
125
138
  protected
126
139
  def copy_instance_variables_from_controller!
127
140
  if @controller.respond_to?(:instance_variables_for_rendering)
@@ -141,4 +154,4 @@ module Cms
141
154
 
142
155
  end
143
156
  end
144
- end
157
+ end
@@ -110,7 +110,7 @@ module Cms
110
110
  def save(perform_validations=true)
111
111
  transaction do
112
112
  #logger.info "..... Calling valid?"
113
- return false unless valid?
113
+ return false unless !perform_validations || valid?
114
114
 
115
115
  if changed?
116
116
  #logger.info "..... Changes => #{changes.inspect}"
@@ -172,7 +172,7 @@ module Cms
172
172
  end
173
173
 
174
174
  def save!(perform_validations=true)
175
- save || raise(ActiveRecord::RecordNotSaved.new(errors.full_messages))
175
+ save(perform_validations) || raise(ActiveRecord::RecordNotSaved.new(errors.full_messages))
176
176
  end
177
177
 
178
178
  def draft
data/lib/cms/routes.rb CHANGED
@@ -119,6 +119,10 @@ module Cms::Routes
119
119
  :enable => :put
120
120
  }
121
121
 
122
+ if RAILS_ENV == "test" && File.expand_path(RAILS_ROOT) == File.expand_path(File.dirname(__FILE__) + "/../..")
123
+ cms.content_blocks :content_block
124
+ end
125
+
122
126
  end
123
127
 
124
128
  if PageRoute.table_exists?