caboose-cms 0.7.33 → 0.7.34

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: eee3bd393d5eb753c883fd555d241aa3d790640a
4
- data.tar.gz: f6fa71d9f3932d75862609bbc75d0b1cc171db97
3
+ metadata.gz: ad726ea9ae8002183c916fbbe27f5920f42c5623
4
+ data.tar.gz: 9a5f03ca20598b8313552babc6e1bc5def46e964
5
5
  SHA512:
6
- metadata.gz: f57e8f2ec6374e8f43bf3a235415544844fbd250f92c576b629ab802ec740f785314dd7cb36ef843e21a4abfb459983c56c44fea0abcadce65a99ddfdda45e20
7
- data.tar.gz: 7ee62db868c39619c6ab397fb733ee4a09962ebdc7c44005683b6fb1eecfbe6abe7a87e4441ed8d7bba116a2ae0455d3d52b6ab5a701077b9802ff06c75d703d
6
+ metadata.gz: 0a354c9e62f5c36d828a80eda967e178ee460593960f7738d10b86e0c39caf722640c8217c902d30e5d7d9ab160dcc0125c66b64a50c3a26581a4d1b0905cb03
7
+ data.tar.gz: 40d5eef0ba22c2151fc84cf0adcdd50ff7c601f1b5859d647ae72f190f94771e65c6056a4fab05115d59368485eac18d966c69ba43003dcaee70478b6788ff35
@@ -162,7 +162,7 @@ module Caboose
162
162
  # Returns the currently logged in user
163
163
  def logged_in_user
164
164
  if (!logged_in?)
165
- return User.logged_out_user
165
+ return User.logged_out_user(@site.id)
166
166
  end
167
167
  #return nil if !logged_in?
168
168
  return session["app_user"]
@@ -45,9 +45,9 @@ module Caboose
45
45
  return
46
46
  end
47
47
 
48
- user = logged_in_user
48
+ user = logged_in_user
49
49
  if !user.is_allowed(page, 'view')
50
- if user.id == User::LOGGED_OUT_USER_ID
50
+ if user.id == User.logged_out_user_id(@site.id)
51
51
  redirect_to "/modal/login?return_url=" + URI.encode(request.fullpath)
52
52
  return
53
53
  else
@@ -163,7 +163,7 @@ class Caboose::Page < ActiveRecord::Base
163
163
 
164
164
  # Allow a user id to be sent instead of a user object
165
165
  user = User.find(user) if user.is_a?(Integer)
166
- user.role_ids = [Role.logged_out_role_id] if user.role_ids.nil?
166
+ user.role_ids = [Role.logged_out_role_id(user.site_id)] if user.role_ids.nil?
167
167
 
168
168
  t = PagePermission.table
169
169
  reqs = nil
@@ -17,38 +17,37 @@ class Caboose::Role < ActiveRecord::Base
17
17
  :site_id
18
18
  attr_accessor :children
19
19
 
20
- def self.admin_role
21
- return self.where('name' => 'Admin').first
20
+ def self.admin_role(site_id)
21
+ return self.where(:site_id => site_id, :name => 'Admin').first
22
22
  end
23
23
 
24
- def self.admin_role_id
25
- return self.where('name' => 'Admin').limit(1).pluck(:id)[0]
24
+ def self.admin_role_id(site_id)
25
+ return self.where(:site_id => site_id, :name => 'Admin').limit(1).pluck(:id)[0]
26
26
  end
27
27
 
28
- def self.logged_out_role
29
- return self.where('name' => 'Everyone Logged Out').first
28
+ def self.logged_out_role(site_id)
29
+ return self.where(:site_id => site_id, :name => 'Everyone Logged Out').first
30
30
  end
31
31
 
32
- def self.logged_out_role_id
33
- return self.where('name' => 'Everyone Logged Out').limit(1).pluck(:id)[0]
32
+ def self.logged_out_role_id(site_id)
33
+ return self.where(:site_id => site_id, :name => 'Everyone Logged Out').limit(1).pluck(:id)[0]
34
34
  end
35
35
 
36
- def self.logged_in_role
37
- return self.where('name' => 'Everyone Logged In').first
36
+ def self.logged_in_role(site_id)
37
+ return self.where(:site_id => site_id, :name => 'Everyone Logged In').first
38
38
  end
39
39
 
40
- def self.logged_in_role_id
41
- return self.where('name' => 'Everyone Logged In').limit(1).pluck(:id)[0]
40
+ def self.logged_in_role_id(site_id)
41
+ return self.where(:site_id => site_id, :name => 'Everyone Logged In').limit(1).pluck(:id)[0]
42
42
  end
43
43
 
44
- def is_allowed(resource, action)
45
-
44
+ def is_allowed(resource, action)
46
45
  # Check for the admin permission
47
46
  for perm in permissions
48
47
  return true if (perm.resource == "all" && perm.action == "all")
49
48
  end
50
49
 
51
- if (resource.is_a?(Caboose::Page))
50
+ if (resource.is_a?(Caboose::Page))
52
51
  for perm in page_permissions
53
52
  return true if (perm.page_id == resource.id && perm.action == action)
54
53
  end
@@ -108,17 +108,18 @@ class Caboose::Site < ActiveRecord::Base
108
108
 
109
109
  def init_users_and_roles
110
110
 
111
- admin_user = Caboose::User.where(:username => 'admin', :site_id => self.id).first
112
- admin_user = Caboose::User.create(:username => 'admin', :email => 'admin@nine.is', :site_id => self.id, :password => Digest::SHA1.hexdigest(Caboose::salt + 'caboose')) if admin_user.nil?
113
-
114
- admin_role = Caboose::Role.where(:site_id => self.id, :name => 'Admin').first
115
- admin_role = Caboose::Role.create(:site_id => self.id, :parent_id => -1, :name => 'Admin') if admin_role.nil?
116
-
117
- elo_role = Caboose::Role.where(:site_id => self.id, :name => 'Everyone Logged Out').first
118
- elo_role = Caboose::Role.create(:site_id => self.id, :parent_id => -1, :name => 'Everyone Logged Out') if elo_role.nil?
119
-
120
- eli_role = Caboose::Role.where(:site_id => self.id, :name => 'Everyone Logged In').first
121
- eli_role = Caboose::Role.create(:site_id => self.id, :parent_id => elo_role.id, :name => 'Everyone Logged In') if eli_role.nil?
111
+ admin_user = Caboose::User.where( :site_id => self.id, :username => 'admin').first
112
+ admin_user = Caboose::User.create(:site_id => self.id, :username => 'admin', :email => 'admin@nine.is', :password => Digest::SHA1.hexdigest(Caboose::salt + 'caboose')) if admin_user.nil?
113
+ admin_role = Caboose::Role.where( :site_id => self.id, :name => 'Admin').first
114
+ admin_role = Caboose::Role.create(:site_id => self.id, :parent_id => -1, :name => 'Admin') if admin_role.nil?
115
+ elo_user = Caboose::User.where( :site_id => self.id, :username => 'elo').first
116
+ elo_user = Caboose::User.create(:site_id => self.id, :username => 'elo', :email => 'elo@nine.is') if elo_user.nil?
117
+ elo_role = Caboose::Role.where( :site_id => self.id, :name => 'Everyone Logged Out').first
118
+ elo_role = Caboose::Role.create(:site_id => self.id, :name => 'Everyone Logged Out', :parent_id => -1) if elo_role.nil?
119
+ eli_user = Caboose::User.where( :site_id => self.id, :username => 'eli').first
120
+ eli_user = Caboose::User.create(:site_id => self.id, :username => 'eli', :email => 'eli@nine.is') if eli_user.nil?
121
+ eli_role = Caboose::Role.where( :site_id => self.id, :name => 'Everyone Logged In').first
122
+ eli_role = Caboose::Role.create(:site_id => self.id, :name => 'Everyone Logged In', :parent_id => elo_role.id) if eli_role.nil?
122
123
 
123
124
  # Make sure the admin role has the admin "all" permission
124
125
  admin_perm = Caboose::Permission.where(:resource => 'all', :action => 'all').first
@@ -128,6 +129,14 @@ class Caboose::Site < ActiveRecord::Base
128
129
  # Make sure the admin user is a member of the admin role
129
130
  rm = Caboose::RoleMembership.where(:role_id => admin_role.id, :user_id => admin_user.id).first
130
131
  rm = Caboose::RoleMembership.create(:role_id => admin_role.id, :user_id => admin_user.id) if rm.nil?
132
+
133
+ # Make sure the elo user is a member of the elo role
134
+ rm = Caboose::RoleMembership.where( :role_id => elo_role.id, :user_id => elo_user.id).first
135
+ rm = Caboose::RoleMembership.create(:role_id => elo_role.id, :user_id => elo_user.id) if rm.nil?
136
+
137
+ # Make sure the eli user is a member of the eli role
138
+ rm = Caboose::RoleMembership.where( :role_id => eli_role.id, :user_id => eli_user.id).first
139
+ rm = Caboose::RoleMembership.create(:role_id => eli_role.id, :user_id => eli_user.id) if rm.nil?
131
140
 
132
141
  end
133
142
 
@@ -24,23 +24,31 @@ class Caboose::User < ActiveRecord::Base
24
24
  self.email = self.email.downcase if self.email
25
25
  end
26
26
 
27
- def self.logged_out_user
28
- #return self.where('username' => 'elo').first
29
- return self.where(:id => self::LOGGED_OUT_USER_ID).first
27
+ def self.logged_out_user(site_id)
28
+ return self.where(:site_id => site_id, :username => 'elo').first
29
+ #return self.where(:id => self::LOGGED_OUT_USER_ID).first
30
30
  end
31
31
 
32
- def self.logged_out_user_id
33
- #return self.where('username' => 'elo').limit(1).pluck(:id)[0]
34
- return self::LOGGED_OUT_USER_ID
32
+ def self.logged_out_user_id(site_id)
33
+ return self.where(:site_id => site_id, :username => 'elo').limit(1).pluck(:id)[0]
34
+ #return self::LOGGED_OUT_USER_ID
35
35
  end
36
36
 
37
37
  def is_allowed(resource, action)
38
- elo = Caboose::Role.logged_out_role
38
+
39
+ elo = Caboose::Role.logged_out_role(self.site_id)
39
40
  return true if elo.is_allowed(resource, action)
40
- eli = Caboose::Role.logged_in_role
41
+ eli = Caboose::Role.logged_in_role(self.site_id)
41
42
  return true if self.id != elo.id && eli.is_allowed(resource, action)
42
- for role in roles
43
- return true if role.is_allowed(resource, action)
43
+ for role in roles
44
+ Caboose.log("Checking permissions for #{role.name} role")
45
+ if role.is_allowed(resource, action)
46
+ Caboose.log("Role #{role.name} is allowed to view page")
47
+ return true
48
+ else
49
+ Caboose.log("Role #{role.name} is not allowed to view page")
50
+ end
51
+ #return true if role.is_allowed(resource, action)
44
52
  end
45
53
  return false;
46
54
  end
@@ -0,0 +1,18 @@
1
+ <!DOCTYPE html>
2
+ <html class="no-js" lang="en">
3
+ <head>
4
+ <meta charset="utf-8" />
5
+ <title>Caboose Admin</title>
6
+ <%= stylesheet_link_tag "caboose/admin", :media => "all" %>
7
+ <% if File.exists?("#{Rails.root}/app/assets/stylesheets/admin.css") %>
8
+ <%= stylesheet_link_tag "admin", :media => "all" %>
9
+ <% end %>
10
+ <%= yield :caboose_css %>
11
+ <%= csrf_meta_tags %>
12
+ </head>
13
+ <body>
14
+ <div id='content_wrapper'><div id='content'><%= yield %></div></div>
15
+ <%= javascript_include_tag "caboose/admin" %>
16
+ <%= yield :caboose_js %>
17
+ </body>
18
+ </html>
@@ -1,3 +1,3 @@
1
1
  module Caboose
2
- VERSION = '0.7.33'
2
+ VERSION = '0.7.34'
3
3
  end
@@ -2,6 +2,13 @@ require "caboose/version"
2
2
  require 'aws-sdk'
3
3
 
4
4
  namespace :caboose do
5
+
6
+ desc "Verify ELO and ELI roles exist for all sites"
7
+ task :init_site_users_and_roles => :environment do
8
+ Caboose::Site.all.each do |site|
9
+ site.init_users_and_roles
10
+ end
11
+ end
5
12
 
6
13
  desc "Update the on sale value for all products and variants"
7
14
  task :update_products_on_sale => :environment do
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: caboose-cms
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.7.33
4
+ version: 0.7.34
5
5
  platform: ruby
6
6
  authors:
7
7
  - William Barry
@@ -1140,6 +1140,7 @@ files:
1140
1140
  - app/views/layouts/caboose/_station_link.html.erb
1141
1141
  - app/views/layouts/caboose/_top_nav.html.erb
1142
1142
  - app/views/layouts/caboose/admin.html.erb
1143
+ - app/views/layouts/caboose/admin_empty.html.erb
1143
1144
  - app/views/layouts/caboose/application.html.erb
1144
1145
  - app/views/layouts/caboose/empty.html.erb
1145
1146
  - app/views/layouts/caboose/error404.html.erb