caboose-cms 0.3.78 → 0.3.79

checksums.yaml

@@ -1,15 +1,15 @@
 ---
 !binary "U0hBMQ==":
   metadata.gz: !binary |-
-    OWRkNWIyNDE0NGQ1YTFlOWZjNDcxOTYxZjNiZDc2YmI5M2VkYzdhNw==
+    MDQ3YWIwOGVhM2Q3Yjc3ODgyMmUwNTVhMzVmMWQzNzgxMWQ1NzM4OA==
   data.tar.gz: !binary |-
-    N2QzYmUzM2U2N2VkNmRjOWE5YTEzYWYzODc4NWJlNzgxYmUyYzAxNQ==
+    MjBlZmZiMzA1MzgwZDgyYjYxNjEyYzRmNWZmMTM2OWY5MGU1MDc5Zg==
 !binary "U0hBNTEy":
   metadata.gz: !binary |-
-    MzQ3YzVmYzdhNzFlZWNhYTE1ZmI2ODY5NTM5NzAxYjVhYjFhZjQ2ZTcxMzJm
-    YjAwZDEyMGM4ZWJhZjNkZjA4NTdjNDVmYTVkYmVjODU5MjQ3NTFjM2ZhNTM2
-    NWYzN2MxZTY0YWUyYTc2Nzk0ZDg0OTU0MGJkODMyYzdjODM1OGY=
+    NmQ2NzI0ZTQ3OWQ4OGM4N2QzMTdhMjQzODAwNjk3YmMwMWE4ZDRhMzQ5OTQ4
+    ODg3ZjBjZWVhZDJmZGZiZmEwM2UwOGI2NWI4ZTA2MjA2Mzk3NzY1YTUwYjdh
+    ZDg1YmIxODI0YzIxMDliNjQzOGFjNjk3M2Q0NjY4ODliN2VjMWE=
   data.tar.gz: !binary |-
-    ZmZkZDY3NzIzMTNmYTMzNjdlZDBiNDljMmI2NjRlOTg1NjFlYWY2ODExZWQw
-    YWNlNjZjNjI5NmM2OGY0NWM3OTVkMWJkMDdkNmY1MjczMDVkYTE3ZjQyYTNi
-    MjM3NmVlNzBmYWIyYzJjMjUyZjk3YzgwZGJlZDA5M2MzYTVjYzk=
+    MWMyN2ZlN2NkMWE1ZDQzZGU0MmJhYjc1YTJjNDAyZjJmMTRmNTIyYmU1MjUz
+    MTE4ZGZmZGUyOGUwMjQ2ZTE5MzdhOGQyODUzYjI0YWI1YzcxMmUwMjQxZDll
+    Zjk1YzBkNzE5ZjBhZWVmNmI4NzI0ZDc0MjBmZGMxNTE3Zjk0ZmY=

data/app/controllers/caboose/page_permissions_controller.rb

@@ -0,0 +1,38 @@
+
+module Caboose
+  class PagePermissionsController < ApplicationController
+    
+    # POST /admin/page-permissions
+    def admin_add
+      return unless user_is_allowed('pages', 'add')
+
+      resp = Caboose::StdClass.new      
+      page_id = params[:page_id]
+      role_id = params[:role_id]
+      action = params[:action2]
+      
+      if !PagePermission.where(:page_id => page_id, :role_id => role_id, :action => action).exists?
+        PagePermission.create(:page_id => page_id, :role_id => role_id, :action => action)
+      end
+      
+      resp.success = true      
+      render :json => resp
+    end
+
+    # DELETE /admin/page-permissions
+    # DELETE /admin/page-permissions/:id
+    def admin_delete
+      return unless user_is_allowed('pages', 'edit')
+
+      if params[:id]
+        PagePermission.find(params[:id]).destroy
+      else        
+        PagePermission.where(:page_id => params[:page_id], :role_id => params[:role_id], :action => params[:action2]).destroy_all
+      end
+            
+      resp = StdClass.new('success' => true)        
+      render :json => true
+    end
+		
+  end
+end

data/app/controllers/caboose/pages_controller.rb

@@ -22,7 +22,7 @@ module Caboose
       user = logged_in_user
       if !user.is_allowed(page, 'view')
         if user.id == User.logged_out_user_id	
-          redirect_to "/login?return_url=" + URI.encode(request.fullpath)		  		
+          redirect_to "/modal/login?return_url=" + URI.encode(request.fullpath)		  		
           return
         else
           page.title = 'Access Denied'
@@ -119,6 +119,13 @@ module Caboose
       @page = Page.find(params[:id])
       render :layout => 'caboose/admin'
     end
+    
+    # GET /admin/pages/:id/permissions
+    def admin_edit_permissions
+      return unless user_is_allowed('pages', 'edit')
+      @page = Page.find(params[:id])
+      render :layout => 'caboose/admin'
+    end
      
     # GET /admin/pages/:id/content
     def admin_edit_content

data/app/controllers/caboose/register_controller.rb

@@ -26,24 +26,26 @@ module Caboose
         pass1       = params[:pass1]
         pass2       = params[:pass2]
                           
-        if (first_name.nil? || first_name.strip.length == 0)
+        if first_name.nil? || first_name.strip.length == 0
           resp.error = "Your first name is required."
-        elsif (last_name.nil? || last_name.strip.length == 0)
+        elsif last_name.nil? || last_name.strip.length == 0
           resp.error = "Your last name is required."
-        elsif (email.nil? || email.strip.length == 0)
+        elsif email.nil? || email.strip.length == 0
           resp.error = "Your email address is required."
-        elsif (phone.nil? || phone.strip.length < 10)
-          resp.error = "Your phone number is required."
-        elsif (pass1.nil? || pass1.strip.length < 8)
+        elsif User.where(:email => email.strip.downcase).exists?
+          resp.error = "A user with that email address already exists."
+        elsif phone.nil? || phone.strip.length < 10
+          resp.error = "Your phone number is required. Please include your area code."
+        elsif pass1.nil? || pass1.strip.length < 8
           resp.error = "Your password must be at least 8 characters."
-        elsif (pass2.nil? || pass1 != pass2)
+        elsif pass2.nil? || pass1 != pass2
           resp.error = "Your passwords don't match."
         else
           
           u = Caboose::User.new
           u.first_name    = first_name
           u.last_name     = last_name
-          u.email         = email
+          u.email         = email.strip.downcase
           u.phone         = phone
           u.password      = Digest::SHA1.hexdigest(Caboose::salt + pass1)
           u.date_created  = DateTime.now

data/app/helpers/caboose/pages_helper.rb

@@ -24,5 +24,20 @@ module Caboose
       return "var _gaq = _gaq || [];\n_gaq.push(['_setCustomVar', 1, 'caboose_ab_variants', #{Caboose.json(AbTesting.analytics_string)}]);"            
     end
     
+    def pages_roles_with_prefix(top_roles, prefix)
+      arr = []
+      top_roles.each do |r|        
+        arr = pages_roles_with_prefix_helper(arr, r, prefix, "")
+      end
+    end
+    
+    def pages_roles_with_prefix_helper(arr, role, prefix, str)      
+      arr << "#{str}#{role.name}"
+      role.children.each do |r|
+        arr = pages_roles_with_prefix_helper(arr, r, prefix, "#{prefix}#{str}")
+      end
+      return arr
+    end
+          
   end
 end

data/app/models/caboose/role.rb

@@ -75,6 +75,23 @@ class Caboose::Role < ActiveRecord::Base
     return self.where(:parent_id => -1).reorder("name").all
   end
   
+  def self.flat_tree(prefix = '-')
+    arr = []
+    self.tree.each do |r|
+      arr += self.flat_tree_helper(r, prefix, '')
+    end
+    return arr
+  end
+  
+  def self.flat_tree_helper(role, prefix, str)
+    role.name = "#{str}#{role.name}"
+    arr = [role]
+    role.children.each do |r|
+      arr += self.flat_tree_helper(r, prefix, "#{str}#{prefix}")
+    end
+    return arr
+  end
+  
   def is_ancestor_of?(role)    
     if (role.is_a?(Integer) || role.is_a?(String))
       role_id = role.to_i
@@ -90,6 +107,6 @@ class Caboose::Role < ActiveRecord::Base
   def is_child_of?(role)    
     role = Role.find(role) if role.is_a?(Integer)
     return role.is_ancestor_of?(self)      
-  end
-	
+  end    
+    	
 end

data/app/views/caboose/pages/_admin_header.html.erb

@@ -1,4 +1,17 @@
 <% content_for :caboose_css do %>
+<style type='text/css'>
+
+p.uri {
+  background: #efefef;
+  border: #999 1px solid;
+  padding: 10px;
+  position: absolute;
+  top: 67px;
+  left: 0;
+  height: 16px;
+}
+
+</style>
 <% end %>
 <% content_for :caboose_js do %>
 <%
@@ -23,6 +36,7 @@
 <%
 tabs = {
   'General'         => "/admin/pages/#{@page.id}/edit",
+  'Permissions'     => "/admin/pages/#{@page.id}/permissions",
   'Content'         => "/admin/pages/#{@page.id}/content",     
   'Custom CSS'      => "/admin/pages/#{@page.id}/css", 
   'Custom JS'       => "/admin/pages/#{@page.id}/js", 

data/app/views/caboose/pages/admin_edit_permissions.html.erb

@@ -0,0 +1,46 @@
+
+<%= render :partial => 'caboose/pages/admin_header' %>
+
+<p class='uri'>URI: /<span id='uri'><%= @page.uri %></span></p>
+
+<table class='data' id='viewers'>
+<tr><th>Role</th><th>View</th><th>Edit</th></tr>
+<% Caboose::Role.flat_tree(' - ').each do |r| %>
+  <% next if r.id == 1 %>
+  <% may_view = Caboose::PagePermission.where(:role_id => r.id, :page_id => @page.id, :action => 'view').exists? %>
+  <% may_edit = Caboose::PagePermission.where(:role_id => r.id, :page_id => @page.id, :action => 'edit').exists? %>
+  <tr>
+    <td><label for='role_<%= r.id %>'><%= r.name %></td>
+    <td><input type='checkbox' id='role_<%= r.id %>' value='<%= r.id %>' <%= may_view ? "checked='true'" : '' %> onchange="toggle_page_permission(<%= r.id %>, $(this).prop('checked'), 'view');" /></td>
+    <td><input type='checkbox' id='role_<%= r.id %>' value='<%= r.id %>' <%= may_edit ? "checked='true'" : '' %> onchange="toggle_page_permission(<%= r.id %>, $(this).prop('checked'), 'edit');" /></td>
+  </tr>
+<% end %>
+</table>
+  
+<%= render :partial => 'caboose/pages/admin_footer' %>
+
+<% content_for :caboose_css do %>
+<style type='text/css'>
+#viewers input[type=checkbox] { position: relative; }
+#editors input[type=checkbox] { position: relative; }
+</style>
+<% end %>
+<% content_for :caboose_js do %>
+<script type='text/javascript'>
+
+function toggle_page_permission(role_id, checked, action)
+{              
+  $.ajax({
+    url: '/admin/page-permissions',
+    type: checked ? 'post' : 'delete',
+    data: { 
+      page_id: <%= @page.id %>, 
+      role_id: role_id, 
+      action2: action 
+    },
+    success: function(resp) {}
+  });
+}
+
+</script>
+<% end %>

data/app/views/caboose/roles/index.html.erb

@@ -1,4 +1,5 @@
 <h1>Roles</h1>
+<p><a href='/admin/roles/new'>New Role</a></p>
 
 <table class='data'>
   <tr>

data/app/views/caboose/roles/new.html.erb

@@ -1,35 +1,39 @@
 
 <h1>New role</h1>
-<div id='role_new_container'></div>
+
+<form action='/admin/roles' method='post' id='new_role_form'>
+<input type='hidden' name='authenticity_token' value='<%= form_authenticity_token %>' /> 
+<p><select name='parent_id'>
+  <option value=''>-- Select a parent role --</option>
+  <% Caboose::Role.flat_tree(' - ').each do |r| %>
+    <option value='<%= r.id %>'><%= r.name %></option>
+  <% end %>
+</select></p>
+<p><input type='text' name='name' id='name' placeholder='Name' value='' style='width: 200px;' /></p>
+<div id='message'></div>
+<p><input type='submit' value='Add Role' /></p>
+</form>
 
 <% content_for :caboose_js do %>
 <script type='text/javascript'>
 
-var role = false;
 $(document).ready(function() {
+  $('#new_role_form').submit(function() { add_role(); return false; });
+});
 
-  role = new Model({
-    name: 'Role',
-    id: 'new',
-    listing_url: 'get /admin/roles',
-    create_url: 'post /admin/roles',
-    attributes: [
-      {
-        name: 'parent_id',
-        type: 'select',
-        value: -1,
-        text: "[No Parent]",
-        options_url: '/admin/roles/options' 
-      },
-      { 
-        name: 'name', 
-        type: 'text',
-        value: '' 
-      }
-    ]
+function add_role()
+{
+  $('#message').html("<p class='loading'>Adding role...</p>");
+  $.ajax({
+    url: '/admin/roles',
+    type: 'post',
+    data: $('#new_role_form').serialize(),
+    success: function(resp) {
+      if (resp.error) $('#message').html("<p class='note error'>" + resp.error + "</p>");
+      if (resp.redirect) window.location = resp.redirect;    
+    }
   });
-  
-});
+}
 
 </script>
 <% end %>

data/config/routes.rb

@@ -66,17 +66,24 @@ Caboose::Engine.routes.draw do
   get     "admin/pages/:id/delete"        => "pages#admin_delete_form"  
   get     "admin/pages/:id/sitemap"       => "pages#admin_sitemap"
   get     "admin/pages/:id/edit"          => "pages#admin_edit_general"
+  get     "admin/pages/:id/permissions"   => "pages#admin_edit_permissions"
   get     "admin/pages/:id/css"           => "pages#admin_edit_css"
   get     "admin/pages/:id/js"            => "pages#admin_edit_js"
   get     "admin/pages/:id/seo"           => "pages#admin_edit_seo" 
   get     "admin/pages/:id/block-order"   => "pages#admin_edit_block_order"
   put     "admin/pages/:id/block-order"   => "pages#admin_update_block_order"
   get     "admin/pages/:id/new-blocks"    => "pages#admin_new_blocks"
-  get     "admin/pages/:id/content"       => "pages#admin_edit_content"  
+  get     "admin/pages/:id/content"       => "pages#admin_edit_content"    
+  put     "admin/pages/:id/viewers"       => "pages#admin_update_viewers"
+  put     "admin/pages/:id/editors"       => "pages#admin_update_editors"
   put     "admin/pages/:id"               => "pages#admin_update"
   get     "admin/pages"                   => "pages#admin_index"
   post    "admin/pages"                   => "pages#admin_create"  
   delete  "admin/pages/:id"               => "pages#admin_delete"
+  
+  post    "admin/page-permissions"        => "page_permissions#admin_add"  
+  delete  "admin/page-permissions"        => "page_permissions#admin_delete"
+  delete  "admin/page-permissions/:id"    => "page_permissions#admin_delete"  
     
   get     "admin/pages/:page_id/blocks/new"        => "page_blocks#admin_new"
   get     "admin/pages/:page_id/blocks/render"     => "page_blocks#admin_render_all"

data/lib/caboose/version.rb

@@ -1,3 +1,3 @@
 module Caboose
-  VERSION = '0.3.78'
+  VERSION = '0.3.79'
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: caboose-cms
 version: !ruby/object:Gem::Version
-  version: 0.3.78
+  version: 0.3.79
 platform: ruby
 authors:
 - William Barry
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-03-24 00:00:00.000000000 Z
+date: 2014-03-25 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -227,6 +227,7 @@ files:
 - app/controllers/caboose/page_block_fields_controller.rb
 - app/controllers/caboose/page_block_types_controller.rb
 - app/controllers/caboose/page_blocks_controller.rb
+- app/controllers/caboose/page_permissions_controller.rb
 - app/controllers/caboose/pages_controller.rb
 - app/controllers/caboose/permissions_controller.rb
 - app/controllers/caboose/posts_controller.rb
@@ -316,6 +317,7 @@ files:
 - app/views/caboose/pages/admin_edit_css.html.erb
 - app/views/caboose/pages/admin_edit_general.html.erb
 - app/views/caboose/pages/admin_edit_js.html.erb
+- app/views/caboose/pages/admin_edit_permissions.html.erb
 - app/views/caboose/pages/admin_edit_seo.html.erb
 - app/views/caboose/pages/admin_index.html.erb
 - app/views/caboose/pages/admin_new.html.erb