browsercms 3.0.2 → 3.0.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (64) hide show
  1. data/app/controllers/cms/content_block_controller.rb +25 -2
  2. data/app/controllers/cms/content_controller.rb +31 -2
  3. data/app/controllers/cms/dashboard_controller.rb +2 -1
  4. data/app/controllers/cms/error_handling.rb +9 -2
  5. data/app/controllers/cms/links_controller.rb +2 -0
  6. data/app/controllers/cms/pages_controller.rb +22 -18
  7. data/app/controllers/cms/section_nodes_controller.rb +1 -1
  8. data/app/controllers/cms/sections_controller.rb +12 -7
  9. data/app/controllers/cms/sessions_controller.rb +17 -10
  10. data/app/controllers/cms/users_controller.rb +8 -6
  11. data/app/helpers/cms/application_helper.rb +2 -6
  12. data/app/helpers/cms/menu_helper.rb +118 -146
  13. data/app/helpers/cms/page_helper.rb +2 -2
  14. data/app/models/attachment.rb +2 -2
  15. data/app/models/group.rb +13 -2
  16. data/app/models/guest_user.rb +9 -3
  17. data/app/models/link.rb +2 -2
  18. data/app/models/page.rb +1 -1
  19. data/app/models/section.rb +7 -2
  20. data/app/models/user.rb +35 -17
  21. data/app/views/cms/blocks/_toolbar_for_member.html.erb +3 -3
  22. data/app/views/cms/blocks/index.html.erb +11 -6
  23. data/app/views/cms/content/show.html.erb +3 -3
  24. data/app/views/cms/menus/_menu.html.erb +9 -0
  25. data/app/views/cms/menus/_menu_item.html.erb +11 -0
  26. data/app/views/cms/pages/_edit_connector.html.erb +1 -1
  27. data/app/views/cms/pages/_edit_container.html.erb +1 -1
  28. data/app/views/cms/section_nodes/_node.html.erb +1 -1
  29. data/app/views/cms/sections/_form.html.erb +36 -34
  30. data/app/views/cms/shared/access_denied.html.erb +3 -0
  31. data/app/views/cms/users/change_password.html.erb +8 -6
  32. data/app/views/cms/users/index.html.erb +1 -1
  33. data/app/views/cms/users/show.html.erb +50 -0
  34. data/app/views/layouts/_cms_toolbar.html.erb +1 -1
  35. data/app/views/layouts/_page_toolbar.html.erb +7 -7
  36. data/app/views/layouts/cms/administration.html.erb +24 -7
  37. data/browsercms.gemspec +13 -7
  38. data/lib/acts_as_list.rb +8 -4
  39. data/lib/cms/acts/content_block.rb +1 -1
  40. data/lib/cms/authentication/controller.rb +26 -7
  41. data/lib/cms/behaviors/attaching.rb +3 -3
  42. data/lib/cms/behaviors/publishing.rb +12 -1
  43. data/lib/cms/behaviors/rendering.rb +17 -4
  44. data/lib/cms/behaviors/versioning.rb +2 -2
  45. data/lib/cms/routes.rb +4 -0
  46. data/lib/tasks/cms.rake +0 -18
  47. data/public/javascripts/cms/content_library.js +36 -0
  48. data/public/javascripts/cms/sitemap.js +21 -9
  49. data/public/stylesheets/cms/form_layout.css +16 -2
  50. data/public/stylesheets/cms/nav.css +4 -3
  51. data/test/functional/cms/content_block_controller_test.rb +120 -0
  52. data/test/functional/cms/content_controller_test.rb +135 -80
  53. data/test/functional/cms/links_controller_test.rb +89 -1
  54. data/test/functional/cms/pages_controller_test.rb +138 -0
  55. data/test/functional/cms/section_nodes_controller_test.rb +45 -5
  56. data/test/functional/cms/sections_controller_test.rb +148 -1
  57. data/test/functional/cms/sessions_controller_test.rb +26 -2
  58. data/test/functional/cms/users_controller_test.rb +49 -2
  59. data/test/test_helper.rb +3 -1
  60. data/test/unit/behaviors/attaching_test.rb +26 -0
  61. data/test/unit/helpers/menu_helper_test.rb +118 -278
  62. data/test/unit/models/group_test.rb +6 -0
  63. data/test/unit/models/user_test.rb +127 -29
  64. metadata +12 -4
data/lib/tasks/cms.rake CHANGED
@@ -9,24 +9,6 @@ end
9
9
 
10
10
  namespace :cms do
11
11
 
12
- desc "DEPRECATED"
13
- task :install do
14
- puts "This task has been deprecated, please use 'rake install' instead"
15
- end
16
-
17
- desc "Bumps the build number in lib/cms/init.rb"
18
- task :bump_build_number do
19
- init_file = Rails.root.join("lib/cms/init.rb")
20
- s = File.read(init_file)
21
- open(init_file, 'w') do |f|
22
- f << s.sub(/def build_number; (\d+) end/) do |s|
23
- new_build_number = $1.to_i + 1
24
- puts "Build number bumped to #{new_build_number}"
25
- "def build_number; #{new_build_number} end"
26
- end
27
- end
28
- end
29
-
30
12
  desc "Generate guides for the CMS"
31
13
  task :guides do
32
14
  require 'rubygems'
@@ -0,0 +1,36 @@
1
+ jQuery(function($){
2
+
3
+ //----- Helper Functions -----------------------------------------------------
4
+ //In all of this code, we are defining functions that we use later
5
+ //None of this actually manipulates the DOM in any way
6
+
7
+ //This is used to get the id part of an elementId
8
+ //For example, if you have section_node_5,
9
+ //you pass this 'section_node_5', 'section_node'
10
+ //and this returns 5
11
+ var getId = function(elementId, s) {
12
+ return elementId.replace(s,'')
13
+ }
14
+
15
+
16
+ var nodeOnDoubleClick = function() {
17
+ if($('#edit_button').hasClass('disabled')) {
18
+ //$('#view_button').click()
19
+ location.href = $('#view_button')[0].href
20
+ } else {
21
+ //$('#edit_button').click()
22
+ location.href = $('#edit_button')[0].href
23
+ }
24
+ }
25
+
26
+ var addNodeOnDoubleClick = function() {
27
+ $('#blocks tr').dblclick(nodeOnDoubleClick)
28
+ }
29
+
30
+ //----- Init -----------------------------------------------------------------
31
+ //In other words, stuff that happens when the page loads
32
+ //This is where we actually manipulate the DOM, fire events, etc.
33
+
34
+ addNodeOnDoubleClick()
35
+
36
+ })
@@ -187,15 +187,26 @@ jQuery(function($){
187
187
  }
188
188
 
189
189
  var enableButtonsForNode = function(node) {
190
- var id = getId(node.id, /(section|page|link)_/)
191
- if($(node).hasClass('section')) {
192
- enableButtonsForSection(id)
193
- } else if($(node).hasClass('page')) {
194
- enableButtonsForPage(id)
195
- } else if($(node).hasClass('link')) {
196
- enableButtonsForLink(id)
197
- }
198
- }
190
+ var id = getId(node.id, /(section|page|link)_/);
191
+ if(!$(node).is(".non-editable")) {
192
+ if($(node).hasClass('section')) {
193
+ enableButtonsForSection(id);
194
+ } else if($(node).hasClass('page')) {
195
+ enableButtonsForPage(id);
196
+ } else if($(node).hasClass('link')) {
197
+ enableButtonsForLink(id);
198
+ }
199
+ }else if($(node).hasClass('page')) {
200
+ $('#edit-button')
201
+ .html('<span>View Page</span>')
202
+ .removeClass('disabled')
203
+ .attr('href','/cms/pages/'+id)
204
+ .unbind('click')
205
+ .click(function(){return true});
206
+ } else {
207
+ $('#properties-button').attr('href','/cms/sitemap');
208
+ }
209
+ };
199
210
 
200
211
  var enableButtonsForSection = function(id) {
201
212
  $('#properties-button')
@@ -253,6 +264,7 @@ jQuery(function($){
253
264
 
254
265
  var enableButtonsForPage = function(id) {
255
266
  $('#edit-button')
267
+ .html('<span>Edit Page</span>')
256
268
  .removeClass('disabled')
257
269
  .attr('href','/cms/pages/'+id)
258
270
  .unbind('click')
@@ -1,6 +1,6 @@
1
1
  @import url(/stylesheets/cms/selectbox.css);
2
2
 
3
- form {
3
+ form, .faux_form {
4
4
  font-size: 10pt;
5
5
  font-family: "Trebuchet MS", Helvetica, Verdana, Arial, sans-serif;
6
6
  color:#485561;
@@ -21,6 +21,19 @@ padding: 10px 0;
21
21
  background: url(/images/cms/dashed.gif) repeat-x 100% 100%;
22
22
  }
23
23
 
24
+ /* Fake forms */
25
+ .faux_form .fields {
26
+ padding: 22px 0 10px 0;
27
+ font-size: 12px;
28
+ overflow: hidden;
29
+ }
30
+ .faux_form .fields .label {
31
+ padding: 0 0 12px 0;
32
+ float: left;
33
+ width: 140px;
34
+ font-weight: bold;
35
+ }
36
+
24
37
  /* LABELS */
25
38
  .text_fields label,
26
39
  .textarea_fields label,
@@ -39,7 +52,8 @@ font-size: 12px;
39
52
  .select_fields label,
40
53
  .text_editor_fields label,
41
54
  .file_fields label,
42
- .checkboxes label
55
+ .checkboxes label,
56
+ .faux_label
43
57
  {
44
58
  font-weight: bold;
45
59
  font-size: 12px;
@@ -70,13 +70,14 @@ color: #666;
70
70
  font-weight: bold;
71
71
  }
72
72
 
73
- #nav ul#userlinks li a, #nav ul#userlinks li span {
74
- padding: 8px 19px 11px 19px;
73
+ #nav ul#userlinks li a {
74
+ padding: 4px 19px 11px 19px;
75
75
  background: url(/images/cms/usercontrols_bg_cap.png) no-repeat 100% 0;
76
76
  color: #666;
77
77
  display: block;
78
78
  float: left;
79
79
  text-decoration: none;
80
+ line-height: 18px;
80
81
  }
81
82
 
82
83
  #nav ul#userlinks li span {
@@ -88,7 +89,7 @@ padding: 9px 10px;
88
89
  }
89
90
  #nav ul#userlinks li#user_info img {
90
91
  float:left;
91
- margin: 4px 0 0 5px;
92
+ margin: 0 5px 0 0;
92
93
  }
93
94
 
94
95
  #nav .cmssearch {
@@ -0,0 +1,120 @@
1
+ require File.join(File.dirname(__FILE__), '/../../test_helper')
2
+
3
+ class PermissionsForContentBlockControllerTest < ActionController::TestCase
4
+ include Cms::ControllerTestHelper
5
+ tests Cms::ContentBlockController
6
+
7
+ # We're stubbing a lot because we *just* want to isolate the behaviour for checking permissions
8
+ def setup
9
+ login_as_cms_admin
10
+ @user = User.first
11
+ @controller.stubs(:current_user).returns(@user)
12
+ @controller.stubs(:render)
13
+ @controller.stubs(:model_class).returns(ContentBlock)
14
+ @controller.stubs(:set_default_category)
15
+ @controller.stubs(:blocks_path).returns("/cms/content_block")
16
+ @controller.stubs(:redirect_to_first).returns("/cms/content_block")
17
+
18
+ @block = stub_everything("block")
19
+ @block.stubs(:as_of_draft_version).returns(@block)
20
+ @block.stubs(:as_of_version).returns(@block)
21
+ @block.stubs(:connected_pages).returns(stub(:all => stub))
22
+
23
+ ContentBlock.stubs(:find).returns(@block)
24
+ ContentBlock.stubs(:new).returns(@block)
25
+ ContentBlock.stubs(:paginate)
26
+ end
27
+
28
+ def expect_access_denied
29
+ @controller.expects(:render).with(has_entry(:status => 403))
30
+ end
31
+
32
+ def expect_success
33
+ expect_access_denied.never
34
+ end
35
+
36
+ test "GET index allows any user" do
37
+ expect_success
38
+ get :index
39
+ end
40
+
41
+ test "GET show allows any user" do
42
+ expect_success
43
+ get :show, :id => 5
44
+ end
45
+
46
+ test "GET new allows any user" do
47
+ expect_success
48
+ get :new
49
+ end
50
+
51
+ test "POST create allows any user" do
52
+ expect_success
53
+ post :create
54
+ end
55
+
56
+ test "GET version allows any user" do
57
+ expect_success
58
+ get :version, :id => 5, :version => 3
59
+ end
60
+
61
+ test "GET versions allows any user" do
62
+ expect_success
63
+ get :versions, :id => 5
64
+ end
65
+
66
+ test "GET usages allows any user" do
67
+ expect_success
68
+ get :usages, :id => 5
69
+ end
70
+
71
+ test "GET edit allows only users who are able to edit the block" do
72
+ @user.stubs(:able_to_edit?).with(@block).returns(false)
73
+ expect_access_denied
74
+ get :edit, :id => 5
75
+
76
+ @user.stubs(:able_to_edit?).with(@block).returns(true)
77
+ expect_success
78
+ get :edit, :id => 5
79
+ end
80
+
81
+ test "PUT update allows only users who are able to edit the block" do
82
+ @user.stubs(:able_to_edit?).with(@block).returns(false)
83
+ expect_access_denied
84
+ put :update, :id => 5
85
+
86
+ @user.stubs(:able_to_edit?).with(@block).returns(true)
87
+ expect_success
88
+ put :update, :id => 5
89
+ end
90
+
91
+ test "DELETE destroy allows only users who are able to publish the block" do
92
+ @user.stubs(:able_to_publish?).with(@block).returns(false)
93
+ expect_access_denied
94
+ delete :destroy, :id => 5
95
+
96
+ @user.stubs(:able_to_publish?).with(@block).returns(true)
97
+ expect_success
98
+ delete :destroy, :id => 5
99
+ end
100
+
101
+ test "PUT publish allows only users who are able to publish the block" do
102
+ @user.stubs(:able_to_publish?).with(@block).returns(false)
103
+ expect_access_denied
104
+ put :publish, :id => 5
105
+
106
+ @user.stubs(:able_to_publish?).with(@block).returns(true)
107
+ expect_success
108
+ put :publish, :id => 5
109
+ end
110
+
111
+ test "PUT revert_to allows only users who are able to publish the block" do
112
+ @user.stubs(:able_to_publish?).with(@block).returns(false)
113
+ expect_access_denied
114
+ put :revert_to, :id => 5, :version => 1
115
+
116
+ @user.stubs(:able_to_publish?).with(@block).returns(true)
117
+ expect_success
118
+ put :revert_to, :id => 5, :version => 1
119
+ end
120
+ end