caboose-cms 0.7.33 → 0.7.34

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: eee3bd393d5eb753c883fd555d241aa3d790640a
-  data.tar.gz: f6fa71d9f3932d75862609bbc75d0b1cc171db97
+  metadata.gz: ad726ea9ae8002183c916fbbe27f5920f42c5623
+  data.tar.gz: 9a5f03ca20598b8313552babc6e1bc5def46e964
 SHA512:
-  metadata.gz: f57e8f2ec6374e8f43bf3a235415544844fbd250f92c576b629ab802ec740f785314dd7cb36ef843e21a4abfb459983c56c44fea0abcadce65a99ddfdda45e20
-  data.tar.gz: 7ee62db868c39619c6ab397fb733ee4a09962ebdc7c44005683b6fb1eecfbe6abe7a87e4441ed8d7bba116a2ae0455d3d52b6ab5a701077b9802ff06c75d703d
+  metadata.gz: 0a354c9e62f5c36d828a80eda967e178ee460593960f7738d10b86e0c39caf722640c8217c902d30e5d7d9ab160dcc0125c66b64a50c3a26581a4d1b0905cb03
+  data.tar.gz: 40d5eef0ba22c2151fc84cf0adcdd50ff7c601f1b5859d647ae72f190f94771e65c6056a4fab05115d59368485eac18d966c69ba43003dcaee70478b6788ff35

data/app/controllers/caboose/application_controller.rb

@@ -162,7 +162,7 @@ module Caboose
     # Returns the currently logged in user
     def logged_in_user
       if (!logged_in?)
-        return User.logged_out_user
+        return User.logged_out_user(@site.id)
       end
       #return nil if !logged_in?
       return session["app_user"]

data/app/controllers/caboose/pages_controller.rb

@@ -45,9 +45,9 @@ module Caboose
         return
       end
 
-      user = logged_in_user            
+      user = logged_in_user      
       if !user.is_allowed(page, 'view')                
-        if user.id == User::LOGGED_OUT_USER_ID	
+        if user.id == User.logged_out_user_id(@site.id)
           redirect_to "/modal/login?return_url=" + URI.encode(request.fullpath)		  		
           return
         else

data/app/models/caboose/page.rb

@@ -163,7 +163,7 @@ class Caboose::Page < ActiveRecord::Base
 
     # Allow a user id to be sent instead of a user object
     user = User.find(user) if user.is_a?(Integer)
-    user.role_ids = [Role.logged_out_role_id] if user.role_ids.nil?
+    user.role_ids = [Role.logged_out_role_id(user.site_id)] if user.role_ids.nil?
 
     t = PagePermission.table    
     reqs = nil

data/app/models/caboose/role.rb

@@ -17,38 +17,37 @@ class Caboose::Role < ActiveRecord::Base
     :site_id
   attr_accessor :children
      
-  def self.admin_role
-    return self.where('name' => 'Admin').first
+  def self.admin_role(site_id)
+    return self.where(:site_id => site_id, :name => 'Admin').first
   end
   
-  def self.admin_role_id
-    return self.where('name' => 'Admin').limit(1).pluck(:id)[0]
+  def self.admin_role_id(site_id)
+    return self.where(:site_id => site_id, :name => 'Admin').limit(1).pluck(:id)[0]
   end
   
-  def self.logged_out_role
-    return self.where('name' => 'Everyone Logged Out').first
+  def self.logged_out_role(site_id)
+    return self.where(:site_id => site_id, :name => 'Everyone Logged Out').first
   end
   
-  def self.logged_out_role_id
-    return self.where('name' => 'Everyone Logged Out').limit(1).pluck(:id)[0]
+  def self.logged_out_role_id(site_id)
+    return self.where(:site_id => site_id, :name => 'Everyone Logged Out').limit(1).pluck(:id)[0]
   end
   
-  def self.logged_in_role
-    return self.where('name' => 'Everyone Logged In').first
+  def self.logged_in_role(site_id)
+    return self.where(:site_id => site_id, :name => 'Everyone Logged In').first
   end
   
-  def self.logged_in_role_id
-    return self.where('name' => 'Everyone Logged In').limit(1).pluck(:id)[0]
+  def self.logged_in_role_id(site_id)
+    return self.where(:site_id => site_id, :name => 'Everyone Logged In').limit(1).pluck(:id)[0]
   end
   
-  def is_allowed(resource, action)
-    
+  def is_allowed(resource, action)    
     # Check for the admin permission
     for perm in permissions
       return true if (perm.resource == "all" && perm.action == "all")
     end
         
-    if (resource.is_a?(Caboose::Page))
+    if (resource.is_a?(Caboose::Page))      
       for perm in page_permissions
         return true if (perm.page_id == resource.id && perm.action == action)
       end        

data/app/models/caboose/site.rb

@@ -108,17 +108,18 @@ class Caboose::Site < ActiveRecord::Base
   
   def init_users_and_roles
         
-    admin_user = Caboose::User.where(:username => 'admin', :site_id => self.id).first    
-    admin_user = Caboose::User.create(:username => 'admin', :email => 'admin@nine.is', :site_id => self.id, :password => Digest::SHA1.hexdigest(Caboose::salt + 'caboose')) if admin_user.nil?
-                          
-    admin_role = Caboose::Role.where(:site_id => self.id, :name => 'Admin').first    
-    admin_role = Caboose::Role.create(:site_id => self.id, :parent_id => -1, :name => 'Admin') if admin_role.nil?
-    
-    elo_role = Caboose::Role.where(:site_id => self.id, :name => 'Everyone Logged Out').first
-    elo_role = Caboose::Role.create(:site_id => self.id, :parent_id => -1, :name => 'Everyone Logged Out') if elo_role.nil?
-    
-    eli_role = Caboose::Role.where(:site_id => self.id, :name => 'Everyone Logged In').first
-    eli_role = Caboose::Role.create(:site_id => self.id, :parent_id => elo_role.id, :name => 'Everyone Logged In') if eli_role.nil?
+    admin_user = Caboose::User.where( :site_id => self.id, :username => 'admin').first    
+    admin_user = Caboose::User.create(:site_id => self.id, :username => 'admin', :email => 'admin@nine.is', :password => Digest::SHA1.hexdigest(Caboose::salt + 'caboose')) if admin_user.nil?                          
+    admin_role = Caboose::Role.where( :site_id => self.id, :name => 'Admin').first    
+    admin_role = Caboose::Role.create(:site_id => self.id, :parent_id => -1, :name => 'Admin') if admin_role.nil?    
+    elo_user   = Caboose::User.where( :site_id => self.id, :username => 'elo').first    
+    elo_user   = Caboose::User.create(:site_id => self.id, :username => 'elo', :email => 'elo@nine.is') if elo_user.nil?    
+    elo_role   = Caboose::Role.where( :site_id => self.id, :name => 'Everyone Logged Out').first
+    elo_role   = Caboose::Role.create(:site_id => self.id, :name => 'Everyone Logged Out', :parent_id => -1) if elo_role.nil?    
+    eli_user   = Caboose::User.where( :site_id => self.id, :username => 'eli').first    
+    eli_user   = Caboose::User.create(:site_id => self.id, :username => 'eli', :email => 'eli@nine.is') if eli_user.nil?    
+    eli_role   = Caboose::Role.where( :site_id => self.id, :name => 'Everyone Logged In').first
+    eli_role   = Caboose::Role.create(:site_id => self.id, :name => 'Everyone Logged In', :parent_id => elo_role.id) if eli_role.nil?
     
     # Make sure the admin role has the admin "all" permission
     admin_perm = Caboose::Permission.where(:resource => 'all', :action => 'all').first
@@ -128,6 +129,14 @@ class Caboose::Site < ActiveRecord::Base
     # Make sure the admin user is a member of the admin role
     rm = Caboose::RoleMembership.where(:role_id => admin_role.id, :user_id => admin_user.id).first
     rm = Caboose::RoleMembership.create(:role_id => admin_role.id, :user_id => admin_user.id) if rm.nil?
+    
+    # Make sure the elo user is a member of the elo role
+    rm = Caboose::RoleMembership.where( :role_id => elo_role.id, :user_id => elo_user.id).first
+    rm = Caboose::RoleMembership.create(:role_id => elo_role.id, :user_id => elo_user.id) if rm.nil?
+    
+    # Make sure the eli user is a member of the eli role
+    rm = Caboose::RoleMembership.where( :role_id => eli_role.id, :user_id => eli_user.id).first
+    rm = Caboose::RoleMembership.create(:role_id => eli_role.id, :user_id => eli_user.id) if rm.nil?
         
   end
   

data/app/models/caboose/user.rb

@@ -24,23 +24,31 @@ class Caboose::User < ActiveRecord::Base
     self.email = self.email.downcase if self.email
   end
   
-  def self.logged_out_user
-    #return self.where('username' => 'elo').first
-    return self.where(:id => self::LOGGED_OUT_USER_ID).first
+  def self.logged_out_user(site_id)
+    return self.where(:site_id => site_id, :username => 'elo').first
+    #return self.where(:id => self::LOGGED_OUT_USER_ID).first
   end
   
-  def self.logged_out_user_id
-    #return self.where('username' => 'elo').limit(1).pluck(:id)[0]
-    return self::LOGGED_OUT_USER_ID
+  def self.logged_out_user_id(site_id)
+    return self.where(:site_id => site_id, :username => 'elo').limit(1).pluck(:id)[0]
+    #return self::LOGGED_OUT_USER_ID
   end
   
   def is_allowed(resource, action)
-    elo = Caboose::Role.logged_out_role
+    
+    elo = Caboose::Role.logged_out_role(self.site_id)
     return true if elo.is_allowed(resource, action)
-    eli = Caboose::Role.logged_in_role
+    eli = Caboose::Role.logged_in_role(self.site_id)
     return true if self.id != elo.id && eli.is_allowed(resource, action)
-    for role in roles      
-      return true if role.is_allowed(resource, action)
+    for role in roles
+      Caboose.log("Checking permissions for #{role.name} role")
+      if role.is_allowed(resource, action)
+        Caboose.log("Role #{role.name} is allowed to view page")
+        return true
+      else
+        Caboose.log("Role #{role.name} is not allowed to view page")
+      end
+      #return true if role.is_allowed(resource, action)
     end
     return false;
   end

data/app/views/layouts/caboose/admin_empty.html.erb

@@ -0,0 +1,18 @@
+<!DOCTYPE html> 
+<html class="no-js" lang="en">
+<head>
+<meta charset="utf-8" />
+<title>Caboose Admin</title>	
+<%= stylesheet_link_tag "caboose/admin", :media => "all" %>
+<% if File.exists?("#{Rails.root}/app/assets/stylesheets/admin.css") %>
+<%= stylesheet_link_tag "admin", :media => "all" %>
+<% end %>
+<%= yield :caboose_css %>
+<%= csrf_meta_tags %>
+</head>
+<body>
+<div id='content_wrapper'><div id='content'><%= yield %></div></div>
+<%= javascript_include_tag "caboose/admin" %>
+<%= yield :caboose_js %>
+</body>
+</html>

data/lib/caboose/version.rb

@@ -1,3 +1,3 @@
 module Caboose
-  VERSION = '0.7.33'
+  VERSION = '0.7.34'
 end

data/lib/tasks/caboose.rake

@@ -2,6 +2,13 @@ require "caboose/version"
 require 'aws-sdk'
 
 namespace :caboose do
+  
+  desc "Verify ELO and ELI roles exist for all sites"
+  task :init_site_users_and_roles => :environment do
+    Caboose::Site.all.each do |site|
+      site.init_users_and_roles
+    end    
+  end
 
   desc "Update the on sale value for all products and variants"
   task :update_products_on_sale => :environment do    

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: caboose-cms
 version: !ruby/object:Gem::Version
-  version: 0.7.33
+  version: 0.7.34
 platform: ruby
 authors:
 - William Barry
@@ -1140,6 +1140,7 @@ files:
 - app/views/layouts/caboose/_station_link.html.erb
 - app/views/layouts/caboose/_top_nav.html.erb
 - app/views/layouts/caboose/admin.html.erb
+- app/views/layouts/caboose/admin_empty.html.erb
 - app/views/layouts/caboose/application.html.erb
 - app/views/layouts/caboose/empty.html.erb
 - app/views/layouts/caboose/error404.html.erb