caboose-cms 0.0.7 → 0.1.0

data/app/assets/stylesheets/caboose/tinymce.css

@@ -0,0 +1,25 @@
+
+body, td, pre {
+    color: #000000;
+    font-family: Verdana,Arial,Helvetica,sans-serif;
+    font-size: inherit;
+}
+body {
+    background: none repeat scroll 0 0 #FFFFFF;
+}
+body.mceForceColors {
+    background: none repeat scroll 0 0 #FFFFFF;
+    color: #000000;
+}
+body.mceBrowserDefaults {
+    background: none repeat scroll 0 0 transparent;
+    color: inherit;
+    font-family: inherit;
+    font-size: inherit;
+}
+h1 { font-size: inherit; }
+h2 { font-size: inherit; }
+h3 { font-size: inherit; }
+h4 { font-size: inherit; }
+h5 { font-size: inherit; }
+h6 { font-size: inherit; }

data/app/controllers/caboose/pages_controller.rb

@@ -15,7 +15,6 @@ module Caboose
       
       # Find the page with an exact URI match 
       page = Page.page_with_uri(request.fullpath, false)
-      Caboose.log(page)
       
 		  if (!page)
 		  	asset
@@ -41,22 +40,8 @@ module Caboose
 		  page.content = Caboose.plugin_hook('page_content', page.content)
 		  @page = page
 		  @user = user
-		  is_admin = @user.is_allowed('all', 'all')
-		  
 		  @crumb_trail = Caboose::Page.crumb_trail(@page)
 		  @subnav = Caboose::Page.subnav(@page, session['use_redirect_urls'], @user)
-      @actions = Caboose::Page.permissible_actions(@user.id, @page.id)
-      @tasks = {}
-      @page_tasks = {}
-      
-      if (@actions.include?('edit') || is_admin)
-      	@page_tasks["/pages/#{@page.id}/sitemap"]       = 'Site Map This Page'
-      	@page_tasks["/pages/#{@page.id}/edit"]          = 'Edit Page Content'
-      	@page_tasks["/pages/#{@page.id}/edit-settings"] = 'Edit Page Settings'
-      end
-      if (@user.is_allowed('pages', 'add') || is_admin)
-        @page_tasks["/pages/new?parent_id=#{@page.id}"] = 'New Page'
-      end
       
       #@subnav.links = @tasks.collect {|href, task| {'href' => href, 'text' => task, 'is_current' => uri == href}}
   
@@ -86,9 +71,9 @@ module Caboose
 		    return
 		  end
 		  
-		  Caboose.log(Caboose::assets_path, 'Caboose::assets_path')
+		  #Caboose.log(Caboose::assets_path, 'Caboose::assets_path')
 		  path = Caboose::assets_path.join("#{asset.id}.#{asset.extension}")
-		  Caboose.log("Sending asset #{path}")
+		  #Caboose.log("Sending asset #{path}")
 		  #send_file(path)
 		  #send_file(path, :filename => "your_document.pdf", :type => "application/pdf")
 		  		    
@@ -110,14 +95,37 @@ module Caboose
       return if !user_is_allowed('pages', 'add')
       @pages = Page.new
       @parent_id = params[:parent_id].nil? ? params[:parent_id] : -1
-      render :layout => 'caboose/caboose'
+      render :layout => 'caboose/admin'
+    end
+    
+    # GET /pages/1/redirect
+    def redirect
+      @page = Page.find(params[:id])
+      redirect_to "/#{@page.uri}"
     end
     
     # GET /pages/1/edit
     def edit
       return if !user_is_allowed('pages', 'edit')
       @page = Page.find(params[:id])
-      render :layout => 'caboose/caboose'
+      
+      session['caboose_station_state'] = 'left'
+      session['caboose_station_open_tabs'] = ['pages']
+      session['caboose_station_return_url'] = "/#{@page.uri}"
+      
+      render :layout => 'caboose/admin'
+    end
+    
+    # GET /pages/1/edit-settings
+    def edit_settings
+      return if !user_is_allowed('pages', 'edit')
+      @page = Page.find(params[:id])
+      
+      session['caboose_station_state'] = 'left'
+      session['caboose_station_open_tabs'] = ['pages']
+      session['caboose_station_return_url'] = "/#{@page.uri}"
+      
+      render :layout => 'caboose/admin'
     end
     
     # POST /pages
@@ -261,6 +269,22 @@ module Caboose
       render json: resp
     end
     
+    def sitemap
+      parent_id = params[:parent_id]
+		  top_page = Page.index_page
+		  p = !parent_id.nil? ? Page.find(parent_id) : top_page
+		  options = []
+		  sitemap_helper2(top_page, options)		 	
+		  @options = options
+    end
+    
+    def sitemap_helper2(page, options, prefix = '')
+		  options << { 'value' => page.id, 'text' => prefix + page.title }
+		  page.children.each do |kid|
+		    sitemap_helper(kid, options, prefix + ' - ')
+		  end
+		end
+    
     def sitemap_options
 		  parent_id = params[:parent_id]
 		  top_page = Page.index_page

data/app/controllers/caboose/permissions_controller.rb

@@ -1,83 +1,101 @@
-class PermissionsController < ApplicationController
-  # GET /permissions
-  # GET /permissions.json
-  def index
-    @permissions = Permission.all
-
-    respond_to do |format|
-      format.html # index.html.erb
-      format.json { render json: @permissions }
+module Caboose
+  class PermissionsController < ApplicationController
+    layout 'caboose/admin'
+    
+    def before_action
+      @page = Page.page_with_uri('/admin')
     end
-  end
-
-  # GET /permissions/1
-  # GET /permissions/1.json
-  def show
-    @permission = Permission.find(params[:id])
-
-    respond_to do |format|
-      format.html # show.html.erb
-      format.json { render json: @permission }
+    
+    # GET /admin/permissions
+    def index
+      return if !user_is_allowed('permissions', 'view')
+      
+      @gen = PageBarGenerator.new(params, {
+    		  'resource'  => nil
+    		},{
+    		  'model'       => 'Caboose::Permission',
+    	    'sort'			  => 'resource, action',
+    		  'desc'			  => false,
+    		  'base_url'		=> '/admin/permissions'
+    	})
+    	@permissions = @gen.items    	
     end
-  end
-
-  # GET /permissions/new
-  # GET /permissions/new.json
-  def new
-    @permission = Permission.new
-
-    respond_to do |format|
-      format.html # new.html.erb
-      format.json { render json: @permission }
+  
+    # GET /admin/permissions/new
+    def new
+      return if !user_is_allowed('permissions', 'add')
+      @permission = Permission.new
     end
-  end
-
-  # GET /permissions/1/edit
-  def edit
-    @permission = Permission.find(params[:id])
-  end
-
-  # POST /permissions
-  # POST /permissions.json
-  def create
-    @permission = Permission.new(params[:permission])
-
-    respond_to do |format|
-      if @permission.save
-        format.html { redirect_to @permission, notice: 'Permission was successfully created.' }
-        format.json { render json: @permission, status: :created, location: @permission }
-      else
-        format.html { render action: "new" }
-        format.json { render json: @permission.errors, status: :unprocessable_entity }
-      end
+  
+    # GET /admin/permissions/1/edit
+    def edit
+      return if !user_is_allowed('permissions', 'edit')
+      @permission = Permission.find(params[:id])
     end
-  end
-
-  # PUT /permissions/1
-  # PUT /permissions/1.json
-  def update
-    @permission = Permission.find(params[:id])
-
-    respond_to do |format|
-      if @permission.update_attributes(params[:permission])
-        format.html { redirect_to @permission, notice: 'Permission was successfully updated.' }
-        format.json { head :no_content }
-      else
-        format.html { render action: "edit" }
-        format.json { render json: @permission.errors, status: :unprocessable_entity }
+  
+    # POST /admin/permissions
+    def create
+      return if !user_is_allowed('permissions', 'add')
+      
+      resp = StdClass.new({
+          'error' => nil,
+          'redirect' => nil
+      })
+      
+      perm = Permission.new()
+      perm.resource = params[:resource]
+      perm.action   = params[:action2]
+      
+      if (perm.resource.strip.length == 0)
+        resp.error = "The resource is required."
+      elsif (perm.action.strip.length == 0)
+        resp.error = "The action is required."
+      else      
+        perm.save
+        resp.redirect = "/admin/permissions/#{perm.id}/edit"
       end
+      render json: resp
     end
-  end
-
-  # DELETE /permissions/1
-  # DELETE /permissions/1.json
-  def destroy
-    @permission = Permission.find(params[:id])
-    @permission.destroy
+  
+    # PUT /admin/permissions/1
+    def update
+      return if !user_is_allowed('permissions', 'edit')
 
-    respond_to do |format|
-      format.html { redirect_to permissions_url }
-      format.json { head :no_content }
+      resp = StdClass.new     
+      perm = Permission.find(params[:id])
+    
+      save = true
+      params.each do |name,value|
+        case name
+    	  	when "resource"
+    	  	  perm.resource = value
+    	  	when "action2"
+    	  	  perm.action = value
+    	  end
+    	end
+    	
+    	resp.success = save && perm.save
+    	render json: resp
+    end
+  
+    # DELETE /admin/permissions/1
+    def destroy
+      return if !user_is_allowed('permissions', 'delete')
+      perm = Permission.find(params[:id])
+      perm.destroy
+      
+      resp = StdClass.new({
+        'redirect' => '/admin/permissions'
+      })
+      render json: resp
+    end
+    
+    # GET /admin/permissions/options
+    def options
+      return if !user_is_allowed('permissions', 'view')
+      perms = Permission.reorder('resource, action').all
+      options = perms.collect { |p| { 'value' => p.id, 'text' => "#{p.resource}_#{p.action}"}}
+      render json: options
     end
   end
 end

data/app/controllers/caboose/roles_controller.rb

@@ -1,7 +1,12 @@
 module Caboose
   class RolesController < ApplicationController
+    layout 'caboose/admin'
     
-    # GET /roles
+    def before_action
+      @page = Page.page_with_uri('/admin')
+    end
+    
+    # GET /admin/roles
     def index
       return if !user_is_allowed('roles', 'view')
       top_roles = Role.tree
@@ -10,20 +15,19 @@ module Caboose
       @roles = arr        
     end
     
-    # GET /roles/new
+    # GET /admin/roles/new
     def new
       return if !user_is_allowed('roles', 'add')
       @role = Role.new
     end
     
-    # GET /roles/1/edit
+    # GET /admin/roles/1/edit
     def edit
       return if !user_is_allowed('roles', 'edit')
       @role = Role.find(params[:id])
-      @users = User.users_with_role(@role.id)
     end
     
-    # POST /roles
+    # POST /admin/roles
     def create
       return if !user_is_allowed('roles', 'add')
       
@@ -37,65 +41,73 @@ module Caboose
       role.name = params[:name]    
       role.save
       
-      resp.redirect = "/roles/#{role.id}/edit"
+      resp.redirect = "/admin/roles/#{role.id}/edit"
       render json: resp
     end
     
-    # PUT /roles/1
+    # PUT /admin/roles/1
     def update
       return if !user_is_allowed('roles', 'edit')
       
       resp = StdClass.new     
       role = Role.find(params[:id])
-      name = params[:name]
-      value = params[:value]
       
       save = true
-      case name
-    		when "name"
-    		  role.name = value
-    		when "parent_id"			  
-    		  if (role.id == value)
-    		    resp.error = "You can't set the parent to be this role."
-    		    save = false
-    			#elsif (role.is_parent_of(value))
-    			#  resp.error = "You can't set the parent to be one of the child roles."
-    			#  save = false
-    			else
-    			  role.parent_id = value
-    			end
-    		when "users"
-    		  role.users = []
-    		  value.each { |uid| role.users << User.find(uid) } unless value.nil?
-    		  resp.attribute = { 'text' => role.users.collect{ |u| "#{u.first_name} #{u.last_name}" }.join(', ') }    		  
+      params.each do |name,value|
+        case name
+    	  	when "name"
+    	  	  role.name = value
+    	  	when "description"
+    	  	  role.description = value
+    	  	when "parent_id"
+    	  	  value = value.to_i
+    	  	  if (role.id == value)
+    	  	    resp.error = "You can't set the parent to be this role."
+    	  	    save = false
+    	  		elsif (role.is_ancestor_of?(value))
+    	  		  resp.error = "You can't set the parent to be one of the child roles."
+    	  		  save = false
+    	  		else
+    	  		  role.parent_id = value
+    	  		  if (value == -1)
+    	  		    resp.attributes = { 'parent_id' => { 'text' => '[No parent]' }}
+    	  		  else
+    	  		    p = Role.find(value)
+    	  		    resp.attributes = { 'parent_id' => { 'text' => p.name }}
+    	  		  end
+    	  		end    	  		
+    	  	when "members"
+    	  	  value = [] if value.nil? || value.length == 0
+    	  	  role.users = value.collect { |uid| User.find(uid) }
+    	  	  resp.attributes = { 'members' => { 'text' => role.users.collect{ |u| "#{u.first_name} #{u.last_name}" }.join('<br />') }}
+    	  end
     	end
     	
-    	resp.success = save && user.save
+    	resp.success = save && role.save
     	render json: resp
     end
     
-    # DELETE /roles/1
+    # DELETE /admin/roles/1
     def destroy
       return if !user_is_allowed('roles', 'delete')
       @role = Role.find(params[:id])
       @role.destroy
-    
-      respond_to do |format|
-        format.html { redirect_to roles_url }
-        format.json { head :no_content }
-      end
+      render json: { 'redirect' => '/admin/roles' }
     end
     
-    # GET /roles/options
+    # GET /admin/roles/options
     def options
       return if !user_is_allowed('roles', 'view')
       @top_roles = Role.tree
-      arr = []
-      @top_roles.each { |r| arr += add_role_options(r, 0) }
+      arr = [{ 
+        "value" => -1, 
+        "text" => 'Top Level'
+      }]
+      @top_roles.each { |r| arr += add_role_options(r, 1) }
       render json: arr.to_json    
     end
     
-    def add_role_options(role, level) 
+    def add_role_options(role, level)
       arr = [{ 
         "value" => role.id, 
         "text" => (" - " * level) + role.name 

data/app/controllers/caboose/settings_controller.rb

@@ -0,0 +1,100 @@
+module Caboose
+  class SettingsController < ApplicationController
+    layout 'caboose/admin'
+    
+    def before_action
+      @page = Page.page_with_uri('/admin')
+    end
+    
+    # GET /admin/settings
+    def index
+      return if !user_is_allowed('settings', 'view')
+      
+      @gen = PageBarGenerator.new(params, {
+    		  'name'        => nil,
+    		  'value'       => nil
+    		},{
+    		  'model'       => 'Caboose::Setting',
+    	    'sort'			  => 'name',
+    		  'desc'			  => false,
+    		  'base_url'		=> '/admin/settings'
+    	})
+    	@settings = @gen.items    	
+    end
+  
+    # GET /admin/settings/new
+    def new
+      return if !user_is_allowed('settings', 'add')
+      @setting = Setting.new
+    end
+  
+    # GET /admin/settings/1/edit
+    def edit
+      return if !user_is_allowed('settings', 'edit')
+      @setting = Setting.find(params[:id])
+    end
+  
+    # POST /admin/settings
+    def create
+      return if !user_is_allowed('settings', 'add')
+      
+      resp = StdClass.new({
+          'error' => nil,
+          'redirect' => nil
+      })
+      
+      setting = Setting.new()
+      setting.name  = params[:name]
+      setting.value = params[:value]
+      
+      if (setting.name.strip.length == 0)
+        resp.error = "The setting name is required."
+      else      
+        setting.save
+        resp.redirect = "/admin/settings/#{setting.id}/edit"
+      end
+      render json: resp
+    end
+  
+    # PUT /admin/settings/1
+    def update
+      return if !user_is_allowed('settings', 'edit')
+
+      resp = StdClass.new     
+      setting = Setting.find(params[:id])
+    
+      save = true
+      params.each do |name,value|
+        case name
+    	  	when "name"
+    	  	  setting.name = value
+    	  	when "value"
+    	  	  setting.value = value
+    	  end
+    	end
+    	
+    	resp.success = save && setting.save
+    	render json: resp
+    end
+  
+    # DELETE /admin/settings/1
+    def destroy
+      return if !user_is_allowed('settings', 'delete')
+      setting = Setting.find(params[:id])
+      setting.destroy
+      
+      resp = StdClass.new({
+        'redirect' => '/admin/settings'
+      })
+      render json: resp
+    end
+    
+    # GET /admin/settings/options
+    def options
+      return if !user_is_allowed('settings', 'view')
+      settings = Setting.reorder('name').all
+      options = settings.collect { |s| { 'value' => s.id, 'text' => s.name }}
+      render json: options
+    end
+  end
+end