caboose-cms 0.3.78 → 0.3.79
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +8 -8
- data/app/controllers/caboose/page_permissions_controller.rb +38 -0
- data/app/controllers/caboose/pages_controller.rb +8 -1
- data/app/controllers/caboose/register_controller.rb +10 -8
- data/app/helpers/caboose/pages_helper.rb +15 -0
- data/app/models/caboose/role.rb +19 -2
- data/app/views/caboose/pages/_admin_header.html.erb +14 -0
- data/app/views/caboose/pages/admin_edit_permissions.html.erb +46 -0
- data/app/views/caboose/roles/index.html.erb +1 -0
- data/app/views/caboose/roles/new.html.erb +27 -23
- data/config/routes.rb +8 -1
- data/lib/caboose/version.rb +1 -1
- metadata +4 -2
checksums.yaml
CHANGED
@@ -1,15 +1,15 @@
|
|
1
1
|
---
|
2
2
|
!binary "U0hBMQ==":
|
3
3
|
metadata.gz: !binary |-
|
4
|
-
|
4
|
+
MDQ3YWIwOGVhM2Q3Yjc3ODgyMmUwNTVhMzVmMWQzNzgxMWQ1NzM4OA==
|
5
5
|
data.tar.gz: !binary |-
|
6
|
-
|
6
|
+
MjBlZmZiMzA1MzgwZDgyYjYxNjEyYzRmNWZmMTM2OWY5MGU1MDc5Zg==
|
7
7
|
!binary "U0hBNTEy":
|
8
8
|
metadata.gz: !binary |-
|
9
|
-
|
10
|
-
|
11
|
-
|
9
|
+
NmQ2NzI0ZTQ3OWQ4OGM4N2QzMTdhMjQzODAwNjk3YmMwMWE4ZDRhMzQ5OTQ4
|
10
|
+
ODg3ZjBjZWVhZDJmZGZiZmEwM2UwOGI2NWI4ZTA2MjA2Mzk3NzY1YTUwYjdh
|
11
|
+
ZDg1YmIxODI0YzIxMDliNjQzOGFjNjk3M2Q0NjY4ODliN2VjMWE=
|
12
12
|
data.tar.gz: !binary |-
|
13
|
-
|
14
|
-
|
15
|
-
|
13
|
+
MWMyN2ZlN2NkMWE1ZDQzZGU0MmJhYjc1YTJjNDAyZjJmMTRmNTIyYmU1MjUz
|
14
|
+
MTE4ZGZmZGUyOGUwMjQ2ZTE5MzdhOGQyODUzYjI0YWI1YzcxMmUwMjQxZDll
|
15
|
+
Zjk1YzBkNzE5ZjBhZWVmNmI4NzI0ZDc0MjBmZGMxNTE3Zjk0ZmY=
|
@@ -0,0 +1,38 @@
|
|
1
|
+
|
2
|
+
module Caboose
|
3
|
+
class PagePermissionsController < ApplicationController
|
4
|
+
|
5
|
+
# POST /admin/page-permissions
|
6
|
+
def admin_add
|
7
|
+
return unless user_is_allowed('pages', 'add')
|
8
|
+
|
9
|
+
resp = Caboose::StdClass.new
|
10
|
+
page_id = params[:page_id]
|
11
|
+
role_id = params[:role_id]
|
12
|
+
action = params[:action2]
|
13
|
+
|
14
|
+
if !PagePermission.where(:page_id => page_id, :role_id => role_id, :action => action).exists?
|
15
|
+
PagePermission.create(:page_id => page_id, :role_id => role_id, :action => action)
|
16
|
+
end
|
17
|
+
|
18
|
+
resp.success = true
|
19
|
+
render :json => resp
|
20
|
+
end
|
21
|
+
|
22
|
+
# DELETE /admin/page-permissions
|
23
|
+
# DELETE /admin/page-permissions/:id
|
24
|
+
def admin_delete
|
25
|
+
return unless user_is_allowed('pages', 'edit')
|
26
|
+
|
27
|
+
if params[:id]
|
28
|
+
PagePermission.find(params[:id]).destroy
|
29
|
+
else
|
30
|
+
PagePermission.where(:page_id => params[:page_id], :role_id => params[:role_id], :action => params[:action2]).destroy_all
|
31
|
+
end
|
32
|
+
|
33
|
+
resp = StdClass.new('success' => true)
|
34
|
+
render :json => true
|
35
|
+
end
|
36
|
+
|
37
|
+
end
|
38
|
+
end
|
@@ -22,7 +22,7 @@ module Caboose
|
|
22
22
|
user = logged_in_user
|
23
23
|
if !user.is_allowed(page, 'view')
|
24
24
|
if user.id == User.logged_out_user_id
|
25
|
-
redirect_to "/login?return_url=" + URI.encode(request.fullpath)
|
25
|
+
redirect_to "/modal/login?return_url=" + URI.encode(request.fullpath)
|
26
26
|
return
|
27
27
|
else
|
28
28
|
page.title = 'Access Denied'
|
@@ -119,6 +119,13 @@ module Caboose
|
|
119
119
|
@page = Page.find(params[:id])
|
120
120
|
render :layout => 'caboose/admin'
|
121
121
|
end
|
122
|
+
|
123
|
+
# GET /admin/pages/:id/permissions
|
124
|
+
def admin_edit_permissions
|
125
|
+
return unless user_is_allowed('pages', 'edit')
|
126
|
+
@page = Page.find(params[:id])
|
127
|
+
render :layout => 'caboose/admin'
|
128
|
+
end
|
122
129
|
|
123
130
|
# GET /admin/pages/:id/content
|
124
131
|
def admin_edit_content
|
@@ -26,24 +26,26 @@ module Caboose
|
|
26
26
|
pass1 = params[:pass1]
|
27
27
|
pass2 = params[:pass2]
|
28
28
|
|
29
|
-
if
|
29
|
+
if first_name.nil? || first_name.strip.length == 0
|
30
30
|
resp.error = "Your first name is required."
|
31
|
-
elsif
|
31
|
+
elsif last_name.nil? || last_name.strip.length == 0
|
32
32
|
resp.error = "Your last name is required."
|
33
|
-
elsif
|
33
|
+
elsif email.nil? || email.strip.length == 0
|
34
34
|
resp.error = "Your email address is required."
|
35
|
-
elsif (
|
36
|
-
resp.error = "
|
37
|
-
elsif
|
35
|
+
elsif User.where(:email => email.strip.downcase).exists?
|
36
|
+
resp.error = "A user with that email address already exists."
|
37
|
+
elsif phone.nil? || phone.strip.length < 10
|
38
|
+
resp.error = "Your phone number is required. Please include your area code."
|
39
|
+
elsif pass1.nil? || pass1.strip.length < 8
|
38
40
|
resp.error = "Your password must be at least 8 characters."
|
39
|
-
elsif
|
41
|
+
elsif pass2.nil? || pass1 != pass2
|
40
42
|
resp.error = "Your passwords don't match."
|
41
43
|
else
|
42
44
|
|
43
45
|
u = Caboose::User.new
|
44
46
|
u.first_name = first_name
|
45
47
|
u.last_name = last_name
|
46
|
-
u.email = email
|
48
|
+
u.email = email.strip.downcase
|
47
49
|
u.phone = phone
|
48
50
|
u.password = Digest::SHA1.hexdigest(Caboose::salt + pass1)
|
49
51
|
u.date_created = DateTime.now
|
@@ -24,5 +24,20 @@ module Caboose
|
|
24
24
|
return "var _gaq = _gaq || [];\n_gaq.push(['_setCustomVar', 1, 'caboose_ab_variants', #{Caboose.json(AbTesting.analytics_string)}]);"
|
25
25
|
end
|
26
26
|
|
27
|
+
def pages_roles_with_prefix(top_roles, prefix)
|
28
|
+
arr = []
|
29
|
+
top_roles.each do |r|
|
30
|
+
arr = pages_roles_with_prefix_helper(arr, r, prefix, "")
|
31
|
+
end
|
32
|
+
end
|
33
|
+
|
34
|
+
def pages_roles_with_prefix_helper(arr, role, prefix, str)
|
35
|
+
arr << "#{str}#{role.name}"
|
36
|
+
role.children.each do |r|
|
37
|
+
arr = pages_roles_with_prefix_helper(arr, r, prefix, "#{prefix}#{str}")
|
38
|
+
end
|
39
|
+
return arr
|
40
|
+
end
|
41
|
+
|
27
42
|
end
|
28
43
|
end
|
data/app/models/caboose/role.rb
CHANGED
@@ -75,6 +75,23 @@ class Caboose::Role < ActiveRecord::Base
|
|
75
75
|
return self.where(:parent_id => -1).reorder("name").all
|
76
76
|
end
|
77
77
|
|
78
|
+
def self.flat_tree(prefix = '-')
|
79
|
+
arr = []
|
80
|
+
self.tree.each do |r|
|
81
|
+
arr += self.flat_tree_helper(r, prefix, '')
|
82
|
+
end
|
83
|
+
return arr
|
84
|
+
end
|
85
|
+
|
86
|
+
def self.flat_tree_helper(role, prefix, str)
|
87
|
+
role.name = "#{str}#{role.name}"
|
88
|
+
arr = [role]
|
89
|
+
role.children.each do |r|
|
90
|
+
arr += self.flat_tree_helper(r, prefix, "#{str}#{prefix}")
|
91
|
+
end
|
92
|
+
return arr
|
93
|
+
end
|
94
|
+
|
78
95
|
def is_ancestor_of?(role)
|
79
96
|
if (role.is_a?(Integer) || role.is_a?(String))
|
80
97
|
role_id = role.to_i
|
@@ -90,6 +107,6 @@ class Caboose::Role < ActiveRecord::Base
|
|
90
107
|
def is_child_of?(role)
|
91
108
|
role = Role.find(role) if role.is_a?(Integer)
|
92
109
|
return role.is_ancestor_of?(self)
|
93
|
-
end
|
94
|
-
|
110
|
+
end
|
111
|
+
|
95
112
|
end
|
@@ -1,4 +1,17 @@
|
|
1
1
|
<% content_for :caboose_css do %>
|
2
|
+
<style type='text/css'>
|
3
|
+
|
4
|
+
p.uri {
|
5
|
+
background: #efefef;
|
6
|
+
border: #999 1px solid;
|
7
|
+
padding: 10px;
|
8
|
+
position: absolute;
|
9
|
+
top: 67px;
|
10
|
+
left: 0;
|
11
|
+
height: 16px;
|
12
|
+
}
|
13
|
+
|
14
|
+
</style>
|
2
15
|
<% end %>
|
3
16
|
<% content_for :caboose_js do %>
|
4
17
|
<%
|
@@ -23,6 +36,7 @@
|
|
23
36
|
<%
|
24
37
|
tabs = {
|
25
38
|
'General' => "/admin/pages/#{@page.id}/edit",
|
39
|
+
'Permissions' => "/admin/pages/#{@page.id}/permissions",
|
26
40
|
'Content' => "/admin/pages/#{@page.id}/content",
|
27
41
|
'Custom CSS' => "/admin/pages/#{@page.id}/css",
|
28
42
|
'Custom JS' => "/admin/pages/#{@page.id}/js",
|
@@ -0,0 +1,46 @@
|
|
1
|
+
|
2
|
+
<%= render :partial => 'caboose/pages/admin_header' %>
|
3
|
+
|
4
|
+
<p class='uri'>URI: /<span id='uri'><%= @page.uri %></span></p>
|
5
|
+
|
6
|
+
<table class='data' id='viewers'>
|
7
|
+
<tr><th>Role</th><th>View</th><th>Edit</th></tr>
|
8
|
+
<% Caboose::Role.flat_tree(' - ').each do |r| %>
|
9
|
+
<% next if r.id == 1 %>
|
10
|
+
<% may_view = Caboose::PagePermission.where(:role_id => r.id, :page_id => @page.id, :action => 'view').exists? %>
|
11
|
+
<% may_edit = Caboose::PagePermission.where(:role_id => r.id, :page_id => @page.id, :action => 'edit').exists? %>
|
12
|
+
<tr>
|
13
|
+
<td><label for='role_<%= r.id %>'><%= r.name %></td>
|
14
|
+
<td><input type='checkbox' id='role_<%= r.id %>' value='<%= r.id %>' <%= may_view ? "checked='true'" : '' %> onchange="toggle_page_permission(<%= r.id %>, $(this).prop('checked'), 'view');" /></td>
|
15
|
+
<td><input type='checkbox' id='role_<%= r.id %>' value='<%= r.id %>' <%= may_edit ? "checked='true'" : '' %> onchange="toggle_page_permission(<%= r.id %>, $(this).prop('checked'), 'edit');" /></td>
|
16
|
+
</tr>
|
17
|
+
<% end %>
|
18
|
+
</table>
|
19
|
+
|
20
|
+
<%= render :partial => 'caboose/pages/admin_footer' %>
|
21
|
+
|
22
|
+
<% content_for :caboose_css do %>
|
23
|
+
<style type='text/css'>
|
24
|
+
#viewers input[type=checkbox] { position: relative; }
|
25
|
+
#editors input[type=checkbox] { position: relative; }
|
26
|
+
</style>
|
27
|
+
<% end %>
|
28
|
+
<% content_for :caboose_js do %>
|
29
|
+
<script type='text/javascript'>
|
30
|
+
|
31
|
+
function toggle_page_permission(role_id, checked, action)
|
32
|
+
{
|
33
|
+
$.ajax({
|
34
|
+
url: '/admin/page-permissions',
|
35
|
+
type: checked ? 'post' : 'delete',
|
36
|
+
data: {
|
37
|
+
page_id: <%= @page.id %>,
|
38
|
+
role_id: role_id,
|
39
|
+
action2: action
|
40
|
+
},
|
41
|
+
success: function(resp) {}
|
42
|
+
});
|
43
|
+
}
|
44
|
+
|
45
|
+
</script>
|
46
|
+
<% end %>
|
@@ -1,35 +1,39 @@
|
|
1
1
|
|
2
2
|
<h1>New role</h1>
|
3
|
-
|
3
|
+
|
4
|
+
<form action='/admin/roles' method='post' id='new_role_form'>
|
5
|
+
<input type='hidden' name='authenticity_token' value='<%= form_authenticity_token %>' />
|
6
|
+
<p><select name='parent_id'>
|
7
|
+
<option value=''>-- Select a parent role --</option>
|
8
|
+
<% Caboose::Role.flat_tree(' - ').each do |r| %>
|
9
|
+
<option value='<%= r.id %>'><%= r.name %></option>
|
10
|
+
<% end %>
|
11
|
+
</select></p>
|
12
|
+
<p><input type='text' name='name' id='name' placeholder='Name' value='' style='width: 200px;' /></p>
|
13
|
+
<div id='message'></div>
|
14
|
+
<p><input type='submit' value='Add Role' /></p>
|
15
|
+
</form>
|
4
16
|
|
5
17
|
<% content_for :caboose_js do %>
|
6
18
|
<script type='text/javascript'>
|
7
19
|
|
8
|
-
var role = false;
|
9
20
|
$(document).ready(function() {
|
21
|
+
$('#new_role_form').submit(function() { add_role(); return false; });
|
22
|
+
});
|
10
23
|
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
options_url: '/admin/roles/options'
|
23
|
-
},
|
24
|
-
{
|
25
|
-
name: 'name',
|
26
|
-
type: 'text',
|
27
|
-
value: ''
|
28
|
-
}
|
29
|
-
]
|
24
|
+
function add_role()
|
25
|
+
{
|
26
|
+
$('#message').html("<p class='loading'>Adding role...</p>");
|
27
|
+
$.ajax({
|
28
|
+
url: '/admin/roles',
|
29
|
+
type: 'post',
|
30
|
+
data: $('#new_role_form').serialize(),
|
31
|
+
success: function(resp) {
|
32
|
+
if (resp.error) $('#message').html("<p class='note error'>" + resp.error + "</p>");
|
33
|
+
if (resp.redirect) window.location = resp.redirect;
|
34
|
+
}
|
30
35
|
});
|
31
|
-
|
32
|
-
});
|
36
|
+
}
|
33
37
|
|
34
38
|
</script>
|
35
39
|
<% end %>
|
data/config/routes.rb
CHANGED
@@ -66,17 +66,24 @@ Caboose::Engine.routes.draw do
|
|
66
66
|
get "admin/pages/:id/delete" => "pages#admin_delete_form"
|
67
67
|
get "admin/pages/:id/sitemap" => "pages#admin_sitemap"
|
68
68
|
get "admin/pages/:id/edit" => "pages#admin_edit_general"
|
69
|
+
get "admin/pages/:id/permissions" => "pages#admin_edit_permissions"
|
69
70
|
get "admin/pages/:id/css" => "pages#admin_edit_css"
|
70
71
|
get "admin/pages/:id/js" => "pages#admin_edit_js"
|
71
72
|
get "admin/pages/:id/seo" => "pages#admin_edit_seo"
|
72
73
|
get "admin/pages/:id/block-order" => "pages#admin_edit_block_order"
|
73
74
|
put "admin/pages/:id/block-order" => "pages#admin_update_block_order"
|
74
75
|
get "admin/pages/:id/new-blocks" => "pages#admin_new_blocks"
|
75
|
-
get "admin/pages/:id/content" => "pages#admin_edit_content"
|
76
|
+
get "admin/pages/:id/content" => "pages#admin_edit_content"
|
77
|
+
put "admin/pages/:id/viewers" => "pages#admin_update_viewers"
|
78
|
+
put "admin/pages/:id/editors" => "pages#admin_update_editors"
|
76
79
|
put "admin/pages/:id" => "pages#admin_update"
|
77
80
|
get "admin/pages" => "pages#admin_index"
|
78
81
|
post "admin/pages" => "pages#admin_create"
|
79
82
|
delete "admin/pages/:id" => "pages#admin_delete"
|
83
|
+
|
84
|
+
post "admin/page-permissions" => "page_permissions#admin_add"
|
85
|
+
delete "admin/page-permissions" => "page_permissions#admin_delete"
|
86
|
+
delete "admin/page-permissions/:id" => "page_permissions#admin_delete"
|
80
87
|
|
81
88
|
get "admin/pages/:page_id/blocks/new" => "page_blocks#admin_new"
|
82
89
|
get "admin/pages/:page_id/blocks/render" => "page_blocks#admin_render_all"
|
data/lib/caboose/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: caboose-cms
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.3.
|
4
|
+
version: 0.3.79
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- William Barry
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2014-03-
|
11
|
+
date: 2014-03-25 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: rails
|
@@ -227,6 +227,7 @@ files:
|
|
227
227
|
- app/controllers/caboose/page_block_fields_controller.rb
|
228
228
|
- app/controllers/caboose/page_block_types_controller.rb
|
229
229
|
- app/controllers/caboose/page_blocks_controller.rb
|
230
|
+
- app/controllers/caboose/page_permissions_controller.rb
|
230
231
|
- app/controllers/caboose/pages_controller.rb
|
231
232
|
- app/controllers/caboose/permissions_controller.rb
|
232
233
|
- app/controllers/caboose/posts_controller.rb
|
@@ -316,6 +317,7 @@ files:
|
|
316
317
|
- app/views/caboose/pages/admin_edit_css.html.erb
|
317
318
|
- app/views/caboose/pages/admin_edit_general.html.erb
|
318
319
|
- app/views/caboose/pages/admin_edit_js.html.erb
|
320
|
+
- app/views/caboose/pages/admin_edit_permissions.html.erb
|
319
321
|
- app/views/caboose/pages/admin_edit_seo.html.erb
|
320
322
|
- app/views/caboose/pages/admin_index.html.erb
|
321
323
|
- app/views/caboose/pages/admin_new.html.erb
|