burp_cms 1.3.20 → 1.3.21
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/app/assets/packages/burp/editing/js/content-decorator.js +7 -5
- data/app/controllers/burp/application_controller.rb +3 -4
- data/app/controllers/burp/catch_all_controller.rb +3 -2
- data/app/controllers/burp/files_controller.rb +3 -3
- data/app/controllers/burp/pages_controller.rb +7 -7
- data/app/controllers/burp/static_controller.rb +1 -1
- data/app/lib/burp/access.rb +1 -2
- data/lib/burp/version.rb +1 -1
- data/lib/burp_cms.rb +11 -2
- metadata +6 -6
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 90816dfafb7b8d198d375659eded50e913cb071d
|
|
4
|
+
data.tar.gz: 699e7ab650690613be2e0eda642a03554e849511
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: d4b98fddc20fc618794efb84b183d1e8e3fc71a0822ba92fc57d8628a87bb495dc06e0a6696f839f264dac6f38446c7f3c29d20a43a77b8ea66323c3d94c65b2
|
|
7
|
+
data.tar.gz: 34ae4f281246c95e51a18c0b47440aa893557de93aa3423f85da1ca7a36a10902dc9d287d6eca3bdf2f81709b31647d449d7b5921e5e02430da0e58325b8b8a5
|
|
@@ -287,11 +287,13 @@
|
|
|
287
287
|
this.element.html("");
|
|
288
288
|
this.element.append(tempElement.children());
|
|
289
289
|
|
|
290
|
-
|
|
291
|
-
|
|
292
|
-
|
|
293
|
-
|
|
294
|
-
|
|
290
|
+
setTimeout(function() {
|
|
291
|
+
initializeMovable(_this, _this.element.find('> img'), function(element, positionClass) {
|
|
292
|
+
$(element).removeClass('left center right');
|
|
293
|
+
$(element).addClass(positionClass);
|
|
294
|
+
return element;
|
|
295
|
+
});
|
|
296
|
+
},10);
|
|
295
297
|
},
|
|
296
298
|
|
|
297
299
|
makeDroppable: function(elements, createCallback) {
|
|
@@ -2,7 +2,6 @@ module Burp
|
|
|
2
2
|
class ApplicationController < ActionController::Base
|
|
3
3
|
|
|
4
4
|
protect_from_forgery
|
|
5
|
-
before_filter :refresh_access
|
|
6
5
|
before_filter :authenticate
|
|
7
6
|
before_filter :init_body_classes
|
|
8
7
|
|
|
@@ -19,12 +18,12 @@ module Burp
|
|
|
19
18
|
|
|
20
19
|
private
|
|
21
20
|
|
|
22
|
-
def
|
|
23
|
-
Burp.
|
|
21
|
+
def access
|
|
22
|
+
@access ||= Burp.new_access_instance(request, self)
|
|
24
23
|
end
|
|
25
24
|
|
|
26
25
|
def authenticate
|
|
27
|
-
unless
|
|
26
|
+
unless access.may_skip_http_auth? || Rails.env == "test"
|
|
28
27
|
|
|
29
28
|
if !Rails.application.config.respond_to?(:burp_password) or !Rails.application.config.respond_to?(:burp_username)
|
|
30
29
|
raise "config.burp_username and config.burp_password are not set.\n\nYou can fix this by adding them to application.rb."
|
|
@@ -7,8 +7,9 @@ class Burp::CatchAllController < ApplicationController
|
|
|
7
7
|
@menu = Burp::Menu.find("main")
|
|
8
8
|
@burp_page_path = params[:burp_page_path] || request.path
|
|
9
9
|
@cms_page = Burp.find_page(@burp_page_path)
|
|
10
|
-
|
|
11
|
-
|
|
10
|
+
|
|
11
|
+
@access = self.respond_to?(:access) ? self.access : Burp.new_access_instance(request, self)
|
|
12
|
+
@access.may_view_page!(@cms_page)
|
|
12
13
|
|
|
13
14
|
raise ActionController::RoutingError.new('Page not Found') if @cms_page.nil?
|
|
14
15
|
|
|
@@ -8,7 +8,7 @@ module Burp
|
|
|
8
8
|
|
|
9
9
|
def index
|
|
10
10
|
|
|
11
|
-
|
|
11
|
+
access.may_view_file_list! do
|
|
12
12
|
|
|
13
13
|
@files = FileModel.all
|
|
14
14
|
|
|
@@ -39,7 +39,7 @@ module Burp
|
|
|
39
39
|
if File.expand_path(file_path) != file_path
|
|
40
40
|
render :text => "403, Forbiden!", :status => 403, :content_type => "text/plain"
|
|
41
41
|
elsif File.exist?(file_path)
|
|
42
|
-
|
|
42
|
+
access.may_view_file!(file_path) do
|
|
43
43
|
|
|
44
44
|
headers["Cache-Control"] = "Public"
|
|
45
45
|
headers["Last-Modified"] = File.mtime(file_path).utc.rfc2822
|
|
@@ -56,7 +56,7 @@ module Burp
|
|
|
56
56
|
end
|
|
57
57
|
|
|
58
58
|
def create
|
|
59
|
-
|
|
59
|
+
access.may_upload_a_file! do
|
|
60
60
|
Util::UploadHandler.handle(params[:qqfile],request) do |file|
|
|
61
61
|
|
|
62
62
|
errors = []
|
|
@@ -2,14 +2,14 @@ module Burp
|
|
|
2
2
|
class PagesController < Burp::ApplicationController
|
|
3
3
|
|
|
4
4
|
def index
|
|
5
|
-
|
|
5
|
+
access.may_view_page_list! do
|
|
6
6
|
@pages = PageModel.all
|
|
7
7
|
end
|
|
8
8
|
end
|
|
9
9
|
|
|
10
10
|
def edit
|
|
11
11
|
@page = PageModel.find(("/"+params[:id]).gsub("/$root","/"))
|
|
12
|
-
|
|
12
|
+
access.may_edit_page!(@page) do
|
|
13
13
|
|
|
14
14
|
respond_to do |format|
|
|
15
15
|
format.html {}
|
|
@@ -21,7 +21,7 @@ module Burp
|
|
|
21
21
|
def show
|
|
22
22
|
path = ("/"+params[:id]).gsub("/$root","/")
|
|
23
23
|
@page = PageModel.find(path)
|
|
24
|
-
|
|
24
|
+
access.may_view_page_data!(@page) do
|
|
25
25
|
|
|
26
26
|
respond_to do |format|
|
|
27
27
|
format.html {
|
|
@@ -34,14 +34,14 @@ module Burp
|
|
|
34
34
|
|
|
35
35
|
def new
|
|
36
36
|
@page = PageModel.new
|
|
37
|
-
|
|
37
|
+
access.may_create_new_page! do
|
|
38
38
|
render :action => :edit
|
|
39
39
|
end
|
|
40
40
|
end
|
|
41
41
|
|
|
42
42
|
def create
|
|
43
43
|
|
|
44
|
-
|
|
44
|
+
access.may_create_new_page! do
|
|
45
45
|
|
|
46
46
|
@page = PageModel.new
|
|
47
47
|
|
|
@@ -73,7 +73,7 @@ module Burp
|
|
|
73
73
|
def update
|
|
74
74
|
|
|
75
75
|
@page = PageModel.find(("/"+params[:id]).gsub("/$root","/")) || PageModel.new(:path => ("/"+params[:id]).gsub("/$root","/"))
|
|
76
|
-
|
|
76
|
+
access.may_update_page!(@page) do
|
|
77
77
|
|
|
78
78
|
@page.title = params[:page][:title] if params[:page][:title]
|
|
79
79
|
@page.path = params[:page][:path] if params[:page][:path]
|
|
@@ -99,7 +99,7 @@ module Burp
|
|
|
99
99
|
def destroy
|
|
100
100
|
|
|
101
101
|
@page = PageModel.find(("/"+params[:id]).gsub("/$root","/"))
|
|
102
|
-
|
|
102
|
+
access.may_remove_page!(@page) do
|
|
103
103
|
|
|
104
104
|
@page.remove
|
|
105
105
|
redirect_to "/burp/pages/"
|
data/app/lib/burp/access.rb
CHANGED
data/lib/burp/version.rb
CHANGED
data/lib/burp_cms.rb
CHANGED
|
@@ -10,6 +10,7 @@ require "burp/version"
|
|
|
10
10
|
module Burp
|
|
11
11
|
|
|
12
12
|
@@content_directory = nil
|
|
13
|
+
@@access_builder = nil
|
|
13
14
|
|
|
14
15
|
|
|
15
16
|
def self.find_page(path)
|
|
@@ -21,8 +22,16 @@ module Burp
|
|
|
21
22
|
|
|
22
23
|
|
|
23
24
|
|
|
24
|
-
def self.
|
|
25
|
-
@@
|
|
25
|
+
def self.new_access_instance(request, controller)
|
|
26
|
+
if @@access_builder
|
|
27
|
+
@@access_builder.call(request, controller)
|
|
28
|
+
else
|
|
29
|
+
Burp::Access.new
|
|
30
|
+
end
|
|
31
|
+
end
|
|
32
|
+
|
|
33
|
+
def self.set_access_builder=(&block)
|
|
34
|
+
@@access_builder = block
|
|
26
35
|
end
|
|
27
36
|
|
|
28
37
|
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: burp_cms
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.3.
|
|
4
|
+
version: 1.3.21
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Darwin
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2013-
|
|
11
|
+
date: 2013-09-03 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: jquery-rails
|
|
@@ -56,16 +56,16 @@ dependencies:
|
|
|
56
56
|
name: mayi
|
|
57
57
|
requirement: !ruby/object:Gem::Requirement
|
|
58
58
|
requirements:
|
|
59
|
-
- -
|
|
59
|
+
- - '>='
|
|
60
60
|
- !ruby/object:Gem::Version
|
|
61
|
-
version:
|
|
61
|
+
version: '0'
|
|
62
62
|
type: :runtime
|
|
63
63
|
prerelease: false
|
|
64
64
|
version_requirements: !ruby/object:Gem::Requirement
|
|
65
65
|
requirements:
|
|
66
|
-
- -
|
|
66
|
+
- - '>='
|
|
67
67
|
- !ruby/object:Gem::Version
|
|
68
|
-
version:
|
|
68
|
+
version: '0'
|
|
69
69
|
- !ruby/object:Gem::Dependency
|
|
70
70
|
name: therubyracer
|
|
71
71
|
requirement: !ruby/object:Gem::Requirement
|