camaleon_cms 2.2.1 → 2.3.0
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of camaleon_cms might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/README.md +16 -3
- data/app/apps/plugins/attack/admin_controller.rb +1 -9
- data/app/apps/plugins/attack/attack_helper.rb +1 -9
- data/app/apps/plugins/attack/config/custom_models.rb +1 -1
- data/app/apps/plugins/attack/models/attack.rb +1 -10
- data/app/apps/plugins/authoring_post/authoring_post_helper.rb +51 -0
- data/app/apps/plugins/authoring_post/config/config.json +24 -0
- data/app/apps/plugins/front_cache/admin_controller.rb +0 -8
- data/app/apps/plugins/front_cache/config/initializer.rb +1 -1
- data/app/apps/plugins/front_cache/front_cache_helper.rb +0 -8
- data/app/apps/plugins/visibility_post/visibility_post_helper.rb +1 -9
- data/app/apps/themes/camaleon_first/main_helper.rb +1 -9
- data/app/apps/themes/default/default_helper.rb +1 -9
- data/app/apps/themes/default/views/partials/_forms.html.erb +1 -1
- data/app/apps/themes/new/custom_helper.rb +1 -9
- data/app/assets/javascripts/camaleon_cms/admin/_custom_fields.js +3 -3
- data/app/controllers/camaleon_cms/admin/appearances/nav_menus_controller.rb +2 -10
- data/app/controllers/camaleon_cms/admin/appearances/themes_controller.rb +0 -8
- data/app/controllers/camaleon_cms/admin/appearances/widgets/assign_controller.rb +1 -9
- data/app/controllers/camaleon_cms/admin/appearances/widgets/main_controller.rb +2 -10
- data/app/controllers/camaleon_cms/admin/appearances/widgets/sidebar_controller.rb +2 -10
- data/app/controllers/camaleon_cms/admin/categories_controller.rb +2 -12
- data/app/controllers/camaleon_cms/admin/comments_controller.rb +0 -8
- data/app/controllers/camaleon_cms/admin/installers_controller.rb +1 -9
- data/app/controllers/camaleon_cms/admin/media_controller.rb +2 -10
- data/app/controllers/camaleon_cms/admin/plugins_controller.rb +0 -8
- data/app/controllers/camaleon_cms/admin/post_tags_controller.rb +2 -12
- data/app/controllers/camaleon_cms/admin/posts/drafts_controller.rb +2 -10
- data/app/controllers/camaleon_cms/admin/posts_controller.rb +7 -15
- data/app/controllers/camaleon_cms/admin/sessions_controller.rb +2 -10
- data/app/controllers/camaleon_cms/admin/settings/custom_fields_controller.rb +5 -12
- data/app/controllers/camaleon_cms/admin/settings/post_types_controller.rb +1 -9
- data/app/controllers/camaleon_cms/admin/settings/sites_controller.rb +2 -10
- data/app/controllers/camaleon_cms/admin/settings_controller.rb +1 -9
- data/app/controllers/camaleon_cms/admin/user_roles_controller.rb +2 -10
- data/app/controllers/camaleon_cms/admin/users_controller.rb +3 -11
- data/app/controllers/camaleon_cms/admin_controller.rb +0 -8
- data/app/controllers/camaleon_cms/apps/plugins_admin_controller.rb +0 -8
- data/app/controllers/camaleon_cms/apps/plugins_front_controller.rb +0 -8
- data/app/controllers/camaleon_cms/apps/themes_admin_controller.rb +0 -8
- data/app/controllers/camaleon_cms/apps/themes_front_controller.rb +0 -8
- data/app/controllers/camaleon_cms/camaleon_controller.rb +0 -8
- data/app/controllers/camaleon_cms/frontend_controller.rb +17 -27
- data/app/controllers/concerns/camaleon_cms/frontend_concern.rb +2 -10
- data/app/decorators/camaleon_cms/application_decorator.rb +1 -9
- data/app/decorators/camaleon_cms/category_decorator.rb +0 -8
- data/app/decorators/camaleon_cms/custom_field_decorator.rb +0 -8
- data/app/decorators/camaleon_cms/custom_fields_concern.rb +1 -9
- data/app/decorators/camaleon_cms/metas_decorator_methods.rb +1 -9
- data/app/decorators/camaleon_cms/nav_menu_item_decorator.rb +0 -8
- data/app/decorators/camaleon_cms/plugin_decorator.rb +0 -8
- data/app/decorators/camaleon_cms/post_comment_decorator.rb +0 -8
- data/app/decorators/camaleon_cms/post_decorator.rb +0 -8
- data/app/decorators/camaleon_cms/post_tag_decorator.rb +0 -8
- data/app/decorators/camaleon_cms/post_type_decorator.rb +0 -8
- data/app/decorators/camaleon_cms/site_decorator.rb +0 -8
- data/app/decorators/camaleon_cms/term_taxonomy_decorator.rb +0 -8
- data/app/decorators/camaleon_cms/theme_decorator.rb +0 -8
- data/app/decorators/camaleon_cms/user_decorator.rb +0 -8
- data/app/decorators/camaleon_cms/widget_decorator.rb +0 -8
- data/app/helpers/camaleon_cms/admin/application_helper.rb +1 -9
- data/app/helpers/camaleon_cms/admin/breadcrumb_helper.rb +1 -9
- data/app/helpers/camaleon_cms/admin/category_helper.rb +1 -9
- data/app/helpers/camaleon_cms/admin/custom_fields_helper.rb +1 -9
- data/app/helpers/camaleon_cms/admin/menus_helper.rb +0 -8
- data/app/helpers/camaleon_cms/admin/post_type_helper.rb +1 -9
- data/app/helpers/camaleon_cms/camaleon_helper.rb +0 -8
- data/app/helpers/camaleon_cms/captcha_helper.rb +0 -8
- data/app/helpers/camaleon_cms/comment_helper.rb +1 -1
- data/app/helpers/camaleon_cms/content_helper.rb +1 -9
- data/app/helpers/camaleon_cms/frontend/application_helper.rb +0 -8
- data/app/helpers/camaleon_cms/frontend/nav_menu_helper.rb +0 -8
- data/app/helpers/camaleon_cms/frontend/seo_helper.rb +0 -8
- data/app/helpers/camaleon_cms/frontend/site_helper.rb +0 -8
- data/app/helpers/camaleon_cms/hooks_helper.rb +0 -8
- data/app/helpers/camaleon_cms/html_helper.rb +0 -8
- data/app/helpers/camaleon_cms/plugins_helper.rb +12 -16
- data/app/helpers/camaleon_cms/session_helper.rb +0 -8
- data/app/helpers/camaleon_cms/short_code_helper.rb +0 -8
- data/app/helpers/camaleon_cms/site_helper.rb +0 -8
- data/app/helpers/camaleon_cms/theme_helper.rb +0 -8
- data/app/helpers/camaleon_cms/uploader_helper.rb +0 -8
- data/app/helpers/camaleon_cms/user_roles_helper.rb +1 -9
- data/app/mailers/camaleon_cms/html_mailer.rb +0 -8
- data/app/models/camaleon_cms/ability.rb +6 -8
- data/app/models/camaleon_cms/category.rb +0 -8
- data/app/models/camaleon_cms/custom_field.rb +1 -9
- data/app/models/camaleon_cms/custom_field_group.rb +0 -8
- data/app/models/camaleon_cms/custom_fields_relationship.rb +1 -9
- data/app/models/camaleon_cms/meta.rb +1 -9
- data/app/models/camaleon_cms/nav_menu.rb +0 -8
- data/app/models/camaleon_cms/nav_menu_item.rb +1 -9
- data/app/models/camaleon_cms/plugin.rb +0 -8
- data/app/models/camaleon_cms/post.rb +1 -9
- data/app/models/camaleon_cms/post_comment.rb +1 -10
- data/app/models/camaleon_cms/post_default.rb +6 -14
- data/app/models/camaleon_cms/post_relationship.rb +1 -9
- data/app/models/camaleon_cms/post_tag.rb +0 -8
- data/app/models/camaleon_cms/post_type.rb +1 -9
- data/app/models/camaleon_cms/site.rb +2 -10
- data/app/models/camaleon_cms/term_relationship.rb +0 -9
- data/app/models/camaleon_cms/term_taxonomy.rb +3 -11
- data/app/models/camaleon_cms/theme.rb +0 -8
- data/app/models/camaleon_cms/user.rb +3 -13
- data/app/models/camaleon_cms/user_relationship.rb +1 -9
- data/app/models/camaleon_cms/user_role.rb +0 -8
- data/app/models/camaleon_cms/widget.rb +1 -9
- data/app/models/camaleon_cms/widget/assigned.rb +1 -9
- data/app/models/camaleon_cms/widget/main.rb +1 -9
- data/app/models/camaleon_cms/widget/sidebar.rb +0 -8
- data/app/models/concerns/camaleon_cms/categories_tags_for_posts.rb +1 -9
- data/app/models/concerns/camaleon_cms/custom_fields_read.rb +2 -10
- data/app/models/concerns/camaleon_cms/metas.rb +6 -14
- data/app/models/plugins.rb +0 -8
- data/app/models/themes.rb +0 -8
- data/app/uploaders/camaleon_cms_aws_uploader.rb +1 -1
- data/app/uploaders/camaleon_cms_local_uploader.rb +2 -2
- data/app/uploaders/camaleon_cms_uploader.rb +1 -1
- data/app/views/camaleon_cms/admin/posts/form.html.erb +1 -1
- data/app/views/camaleon_cms/admin/sessions/forgot.html.erb +1 -1
- data/app/views/camaleon_cms/admin/sessions/login.html.erb +1 -1
- data/app/views/camaleon_cms/admin/sessions/register.html.erb +1 -1
- data/app/views/camaleon_cms/admin/users/form.html.erb +1 -1
- data/app/views/camaleon_cms/default_theme/partials/_forms.html.erb +1 -1
- data/app/views/layouts/camaleon_cms/admin.html.erb +1 -1
- data/app/views/layouts/camaleon_cms/admin/_ajax.html.erb +1 -1
- data/config/initializers/action_view.rb +33 -17
- data/config/initializers/active_record_extension.rb +0 -8
- data/config/initializers/assets.rb +2 -9
- data/config/initializers/custom_initializers.rb +0 -8
- data/config/locales/camaleon_cms/admin/en.yml +12 -12
- data/db/migrate/20150611161134_post_table_into_utf8.rb +22 -14
- data/db/migrate/20151212095328_add_confirm_token_to_users.rb +3 -3
- data/db/migrate/20160504155653_move_first_name_of_users.rb +3 -3
- data/lib/camaleon_cms/engine.rb +1 -2
- data/lib/camaleon_cms/version.rb +1 -1
- data/lib/plugin_routes.rb +1 -2
- metadata +4 -30
@@ -1,11 +1,3 @@
|
|
1
|
-
=begin
|
2
|
-
Camaleon CMS is a content management system
|
3
|
-
Copyright (C) 2015 by Owen Peredo Diaz
|
4
|
-
Email: owenperedo@gmail.com
|
5
|
-
This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
|
6
|
-
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
|
7
|
-
See the GNU Affero General Public License (GPLv3) for more details.
|
8
|
-
=end
|
9
1
|
class CamaleonCms::Admin::CategoriesController < CamaleonCms::AdminController
|
10
2
|
add_breadcrumb I18n.t("camaleon_cms.admin.sidebar.contents")
|
11
3
|
before_action :set_post_type
|
@@ -25,7 +17,7 @@ class CamaleonCms::Admin::CategoriesController < CamaleonCms::AdminController
|
|
25
17
|
end
|
26
18
|
|
27
19
|
def update
|
28
|
-
if @category.update(params
|
20
|
+
if @category.update(params.require(:category).permit!)
|
29
21
|
@category.set_options(params[:meta])
|
30
22
|
@category.set_field_values(params[:field_options])
|
31
23
|
flash[:notice] = t('camaleon_cms.admin.post_type.message.updated')
|
@@ -36,8 +28,7 @@ class CamaleonCms::Admin::CategoriesController < CamaleonCms::AdminController
|
|
36
28
|
end
|
37
29
|
|
38
30
|
def create
|
39
|
-
|
40
|
-
@category = @post_type.categories.new(data_term)
|
31
|
+
@category = @post_type.categories.new(params.require(:category).permit!)
|
41
32
|
if @category.save
|
42
33
|
@category.set_options(params[:meta])
|
43
34
|
@category.set_field_values(params[:field_options])
|
@@ -55,7 +46,6 @@ class CamaleonCms::Admin::CategoriesController < CamaleonCms::AdminController
|
|
55
46
|
|
56
47
|
def destroy
|
57
48
|
flash[:notice] = t('camaleon_cms.admin.post_type.message.deleted') if @category.destroy
|
58
|
-
|
59
49
|
redirect_to action: :index
|
60
50
|
end
|
61
51
|
|
@@ -1,11 +1,3 @@
|
|
1
|
-
=begin
|
2
|
-
Camaleon CMS is a content management system
|
3
|
-
Copyright (C) 2015 by Owen Peredo Diaz
|
4
|
-
Email: owenperedo@gmail.com
|
5
|
-
This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
|
6
|
-
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
|
7
|
-
See the GNU Affero General Public License (GPLv3) for more details.
|
8
|
-
=end
|
9
1
|
class CamaleonCms::Admin::CommentsController < CamaleonCms::AdminController
|
10
2
|
include CamaleonCms::CommentHelper
|
11
3
|
add_breadcrumb I18n.t("camaleon_cms.admin.sidebar.comments"), :cama_admin_comments_url
|
@@ -1,11 +1,3 @@
|
|
1
|
-
=begin
|
2
|
-
Camaleon CMS is a content management system
|
3
|
-
Copyright (C) 2015 by Owen Peredo Diaz
|
4
|
-
Email: owenperedo@gmail.com
|
5
|
-
This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
|
6
|
-
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
|
7
|
-
See the GNU Affero General Public License (GPLv3) for more details.
|
8
|
-
=end
|
9
1
|
class CamaleonCms::Admin::InstallersController < CamaleonCms::CamaleonController
|
10
2
|
skip_before_action :cama_site_check_existence
|
11
3
|
skip_before_action :cama_before_actions
|
@@ -37,4 +29,4 @@ class CamaleonCms::Admin::InstallersController < CamaleonCms::CamaleonController
|
|
37
29
|
def installer_verification
|
38
30
|
redirect_to cama_root_url unless CamaleonCms::Site.count == 0
|
39
31
|
end
|
40
|
-
end
|
32
|
+
end
|
@@ -1,14 +1,6 @@
|
|
1
|
-
=begin
|
2
|
-
Camaleon CMS is a content management system
|
3
|
-
Copyright (C) 2015 by Owen Peredo Diaz
|
4
|
-
Email: owenperedo@gmail.com
|
5
|
-
This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
|
6
|
-
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
|
7
|
-
See the GNU Affero General Public License (GPLv3) for more details.
|
8
|
-
=end
|
9
1
|
class CamaleonCms::Admin::MediaController < CamaleonCms::AdminController
|
10
|
-
|
11
|
-
|
2
|
+
skip_before_action :admin_logged_actions, except: [:index, :download_private_file], raise: false
|
3
|
+
skip_before_action :verify_authenticity_token, only: :upload, raise: false
|
12
4
|
before_action :init_media_vars, except: :download_private_file
|
13
5
|
|
14
6
|
# render media section
|
@@ -1,11 +1,3 @@
|
|
1
|
-
=begin
|
2
|
-
Camaleon CMS is a content management system
|
3
|
-
Copyright (C) 2015 by Owen Peredo Diaz
|
4
|
-
Email: owenperedo@gmail.com
|
5
|
-
This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
|
6
|
-
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
|
7
|
-
See the GNU Affero General Public License (GPLv3) for more details.
|
8
|
-
=end
|
9
1
|
class CamaleonCms::Admin::PluginsController < CamaleonCms::AdminController
|
10
2
|
before_action :validate_role
|
11
3
|
add_breadcrumb I18n.t("camaleon_cms.admin.sidebar.plugins")
|
@@ -1,11 +1,3 @@
|
|
1
|
-
=begin
|
2
|
-
Camaleon CMS is a content management system
|
3
|
-
Copyright (C) 2015 by Owen Peredo Diaz
|
4
|
-
Email: owenperedo@gmail.com
|
5
|
-
This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
|
6
|
-
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
|
7
|
-
See the GNU Affero General Public License (GPLv3) for more details.
|
8
|
-
=end
|
9
1
|
class CamaleonCms::Admin::PostTagsController < CamaleonCms::AdminController
|
10
2
|
add_breadcrumb I18n.t("camaleon_cms.admin.sidebar.contents")
|
11
3
|
before_action :set_post_type
|
@@ -13,7 +5,6 @@ class CamaleonCms::Admin::PostTagsController < CamaleonCms::AdminController
|
|
13
5
|
|
14
6
|
def index
|
15
7
|
@post_tags = @post_type.post_tags
|
16
|
-
|
17
8
|
@post_tags = @post_tags.paginate(:page => params[:page], :per_page => current_site.admin_per_page)
|
18
9
|
end
|
19
10
|
|
@@ -28,7 +19,7 @@ class CamaleonCms::Admin::PostTagsController < CamaleonCms::AdminController
|
|
28
19
|
|
29
20
|
# save changes of a post tag
|
30
21
|
def update
|
31
|
-
if @post_tag.update(params
|
22
|
+
if @post_tag.update(params.require(:post_tag).permit!)
|
32
23
|
@post_tag.set_options(params[:meta]) if params[:meta].present?
|
33
24
|
@post_tag.set_field_values(params[:field_options])
|
34
25
|
flash[:notice] = t('camaleon_cms.admin.post_type.message.updated')
|
@@ -40,8 +31,7 @@ class CamaleonCms::Admin::PostTagsController < CamaleonCms::AdminController
|
|
40
31
|
|
41
32
|
# render post tag create form
|
42
33
|
def create
|
43
|
-
|
44
|
-
@post_tag = @post_type.post_tags.new(data_term)
|
34
|
+
@post_tag = @post_type.post_tags.new(params.require(:post_tag).permit!)
|
45
35
|
if @post_tag.save
|
46
36
|
@post_tag.set_options(params[:meta]) if params[:meta].present?
|
47
37
|
@post_tag.set_field_values(params[:field_options])
|
@@ -1,11 +1,3 @@
|
|
1
|
-
=begin
|
2
|
-
Camaleon CMS is a content management system
|
3
|
-
Copyright (C) 2015 by Owen Peredo Diaz
|
4
|
-
Email: owenperedo@gmail.com
|
5
|
-
This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
|
6
|
-
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
|
7
|
-
See the GNU Affero General Public License (GPLv3) for more details.
|
8
|
-
=end
|
9
1
|
class CamaleonCms::Admin::Posts::DraftsController < CamaleonCms::Admin::PostsController
|
10
2
|
before_action :set_post_data_params, only: [:create, :update]
|
11
3
|
|
@@ -39,7 +31,7 @@ class CamaleonCms::Admin::Posts::DraftsController < CamaleonCms::Admin::PostsCon
|
|
39
31
|
@post_draft.attributes = @post_data
|
40
32
|
r = {post: @post_draft, post_type: @post_type}; hooks_run("update_post", r)
|
41
33
|
if @post_draft.save(validate: false)
|
42
|
-
@post_draft.set_params(params[:meta], params[:field_options],
|
34
|
+
@post_draft.set_params(params[:meta], params[:field_options], params[:options])
|
43
35
|
hooks_run("updated_post_draft", {post: @post_draft, post_type: ""})
|
44
36
|
msg = {draft: {id: @post_draft.id}}
|
45
37
|
else
|
@@ -53,7 +45,7 @@ class CamaleonCms::Admin::Posts::DraftsController < CamaleonCms::Admin::PostsCon
|
|
53
45
|
|
54
46
|
private
|
55
47
|
def set_post_data_params
|
56
|
-
post_data = params
|
48
|
+
post_data = params.require(:post).permit!
|
57
49
|
post_data[:status] = 'draft'
|
58
50
|
post_data[:post_parent] = params[:post_id]
|
59
51
|
post_data[:user_id] = cama_current_user.id unless post_data[:user_id].present?
|
@@ -1,17 +1,9 @@
|
|
1
|
-
=begin
|
2
|
-
Camaleon CMS is a content management system
|
3
|
-
Copyright (C) 2015 by Owen Peredo Diaz
|
4
|
-
Email: owenperedo@gmail.com
|
5
|
-
This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
|
6
|
-
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
|
7
|
-
See the GNU Affero General Public License (GPLv3) for more details.
|
8
|
-
=end
|
9
1
|
class CamaleonCms::Admin::PostsController < CamaleonCms::AdminController
|
10
2
|
add_breadcrumb I18n.t("camaleon_cms.admin.sidebar.contents")
|
11
3
|
before_action :set_post_type, :except => [:ajax]
|
12
4
|
before_action :set_post, only: ['show','edit','update','destroy']
|
13
|
-
|
14
|
-
|
5
|
+
skip_before_action :admin_logged_actions, only: [:trash, :restore, :destroy, :ajax], raise: false
|
6
|
+
skip_before_action :verify_authenticity_token, only: [:ajax], raise: false
|
15
7
|
|
16
8
|
def index
|
17
9
|
authorize! :posts, @post_type
|
@@ -74,13 +66,13 @@ class CamaleonCms::Admin::PostsController < CamaleonCms::AdminController
|
|
74
66
|
authorize! :create_post, @post_type
|
75
67
|
post_data = get_post_data(true)
|
76
68
|
CamaleonCms::Post.drafts.find(post_data[:draft_id]).destroy rescue nil
|
77
|
-
@post = @post_type.posts.
|
69
|
+
@post = @post_type.posts.new(post_data)
|
78
70
|
r = {post: @post, post_type: @post_type}; hooks_run("create_post", r)
|
79
71
|
@post = r[:post]
|
80
|
-
if @post.
|
72
|
+
if @post.save
|
81
73
|
@post.set_metas(params[:meta])
|
82
74
|
@post.set_field_values(params[:field_options])
|
83
|
-
@post.
|
75
|
+
@post.set_options(params[:options])
|
84
76
|
flash[:notice] = t('camaleon_cms.admin.post.message.created', post_type: @post_type.decorate.the_title)
|
85
77
|
r = {post: @post, post_type: @post_type}; hooks_run("created_post", r)
|
86
78
|
redirect_to action: :edit, id: @post.id
|
@@ -108,7 +100,7 @@ class CamaleonCms::Admin::PostsController < CamaleonCms::AdminController
|
|
108
100
|
if @post.update(post_data)
|
109
101
|
@post.set_metas(params[:meta])
|
110
102
|
@post.set_field_values(params[:field_options])
|
111
|
-
@post.
|
103
|
+
@post.set_options(params[:options])
|
112
104
|
hooks_run("updated_post", {post: @post, post_type: @post_type})
|
113
105
|
flash[:notice] = t('camaleon_cms.admin.post.message.updated', post_type: @post_type.decorate.the_title)
|
114
106
|
redirect_to action: :edit, id: @post.id
|
@@ -188,7 +180,7 @@ class CamaleonCms::Admin::PostsController < CamaleonCms::AdminController
|
|
188
180
|
# return common params data for posts
|
189
181
|
# is_create: indicate if this info is for create a new post
|
190
182
|
def get_post_data(is_create = false)
|
191
|
-
post_data = params
|
183
|
+
post_data = params.require(:post).permit!
|
192
184
|
post_data[:user_id] = cama_current_user.id if is_create
|
193
185
|
post_data[:status] == 'pending' if post_data[:status] == 'published' && cannot?(:publish_post, @post_type)
|
194
186
|
post_data[:data_tags] = params[:tags].to_s
|
@@ -1,13 +1,5 @@
|
|
1
|
-
=begin
|
2
|
-
Camaleon CMS is a content management system
|
3
|
-
Copyright (C) 2015 by Owen Peredo Diaz
|
4
|
-
Email: owenperedo@gmail.com
|
5
|
-
This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
|
6
|
-
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
|
7
|
-
See the GNU Affero General Public License (GPLv3) for more details.
|
8
|
-
=end
|
9
1
|
class CamaleonCms::Admin::SessionsController < CamaleonCms::CamaleonController
|
10
|
-
|
2
|
+
skip_before_action :cama_authenticate, raise: false
|
11
3
|
before_action :before_hook_session
|
12
4
|
after_action :after_hook_session
|
13
5
|
before_action :verificate_register_permission, only: [:register]
|
@@ -111,7 +103,7 @@ class CamaleonCms::Admin::SessionsController < CamaleonCms::CamaleonController
|
|
111
103
|
if params[:user].present?
|
112
104
|
params[:user][:role] = PluginRoutes.system_info["default_user_role"]
|
113
105
|
params[:user][:is_valid_email] = false if current_site.need_validate_email?
|
114
|
-
user_data = params
|
106
|
+
user_data = params.require(:user).permit!
|
115
107
|
result = cama_register_user(user_data, params[:meta])
|
116
108
|
if result[:result] == false && result[:type] == :captcha_error
|
117
109
|
@user.errors[:captcha] = t('camaleon_cms.admin.users.message.error_captcha')
|
@@ -1,11 +1,3 @@
|
|
1
|
-
=begin
|
2
|
-
Camaleon CMS is a content management system
|
3
|
-
Copyright (C) 2015 by Owen Peredo Diaz
|
4
|
-
Email: owenperedo@gmail.com
|
5
|
-
This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
|
6
|
-
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
|
7
|
-
See the GNU Affero General Public License (GPLv3) for more details.
|
8
|
-
=end
|
9
1
|
class CamaleonCms::Admin::Settings::CustomFieldsController < CamaleonCms::Admin::SettingsController
|
10
2
|
add_breadcrumb I18n.t("camaleon_cms.admin.sidebar.custom_fields"), :cama_admin_settings_custom_fields_path
|
11
3
|
before_action :set_custom_field_group, only: [:show,:edit,:update,:destroy]
|
@@ -74,8 +66,9 @@ class CamaleonCms::Admin::Settings::CustomFieldsController < CamaleonCms::Admin:
|
|
74
66
|
private
|
75
67
|
|
76
68
|
def set_post_data
|
77
|
-
@post_data = params
|
78
|
-
@post_data[:object_class], @post_data[:objectid] = @post_data
|
69
|
+
@post_data = params.require(:custom_field_group).permit!
|
70
|
+
@post_data[:object_class], @post_data[:objectid] = @post_data.delete(:assign_group).split(',')
|
71
|
+
@caption = @post_data.delete(:caption)
|
79
72
|
end
|
80
73
|
|
81
74
|
def set_custom_field_group
|
@@ -89,8 +82,8 @@ class CamaleonCms::Admin::Settings::CustomFieldsController < CamaleonCms::Admin:
|
|
89
82
|
|
90
83
|
# return boolean: true if all fields were saved successfully
|
91
84
|
def _save_fields(group)
|
92
|
-
errors_saved, all_fields = group.add_fields(params
|
93
|
-
group.set_option('caption', @
|
85
|
+
errors_saved, all_fields = group.add_fields(params.require(:fields).permit!, params.require(:field_options).permit!)
|
86
|
+
group.set_option('caption', @caption)
|
94
87
|
if errors_saved.present?
|
95
88
|
flash[:error] = "<b>#{t('camaleon_cms.errors_found_msg', default: 'Several errors were found, please check.')}</b><br>#{errors_saved.map{|field| "#{field.name}: " + "#{field.errors.messages.map{|k,v| "#{k.to_s.titleize}: #{v.join('|')}"}.join(', ')}" }.join('<br>')}"
|
96
89
|
else
|
@@ -1,11 +1,3 @@
|
|
1
|
-
=begin
|
2
|
-
Camaleon CMS is a content management system
|
3
|
-
Copyright (C) 2015 by Owen Peredo Diaz
|
4
|
-
Email: owenperedo@gmail.com
|
5
|
-
This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
|
6
|
-
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
|
7
|
-
See the GNU Affero General Public License (GPLv3) for more details.
|
8
|
-
=end
|
9
1
|
class CamaleonCms::Admin::Settings::PostTypesController < CamaleonCms::Admin::SettingsController
|
10
2
|
before_action :set_post_type, only: [:show,:edit,:update, :destroy]
|
11
3
|
before_action :set_data_term, only: [:create, :update]
|
@@ -51,7 +43,7 @@ class CamaleonCms::Admin::Settings::PostTypesController < CamaleonCms::Admin::Se
|
|
51
43
|
private
|
52
44
|
|
53
45
|
def set_data_term
|
54
|
-
data_term = params
|
46
|
+
data_term = params.require(:post_type).permit!
|
55
47
|
data_term[:data_options] = params[:meta]
|
56
48
|
@data_term = data_term
|
57
49
|
end
|
@@ -1,11 +1,3 @@
|
|
1
|
-
=begin
|
2
|
-
Camaleon CMS is a content management system
|
3
|
-
Copyright (C) 2015 by Owen Peredo Diaz
|
4
|
-
Email: owenperedo@gmail.com
|
5
|
-
This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
|
6
|
-
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
|
7
|
-
See the GNU Affero General Public License (GPLv3) for more details.
|
8
|
-
=end
|
9
1
|
class CamaleonCms::Admin::Settings::SitesController < CamaleonCms::Admin::SettingsController
|
10
2
|
before_action :set_site, only: [:show, :edit, :update, :destroy]
|
11
3
|
before_action :check_shared_status
|
@@ -29,7 +21,7 @@ class CamaleonCms::Admin::Settings::SitesController < CamaleonCms::Admin::Settin
|
|
29
21
|
|
30
22
|
def update
|
31
23
|
tmp = @site.slug
|
32
|
-
if @site.update(params
|
24
|
+
if @site.update(params.require(:site).permit!)
|
33
25
|
save_metas(@site)
|
34
26
|
flash[:notice] = t('camaleon_cms.admin.sites.message.updated')
|
35
27
|
if @site.id == Cama::Site.main_site.id && tmp != @site.slug
|
@@ -49,7 +41,7 @@ class CamaleonCms::Admin::Settings::SitesController < CamaleonCms::Admin::Settin
|
|
49
41
|
end
|
50
42
|
|
51
43
|
def create
|
52
|
-
site_data = params
|
44
|
+
site_data = params.require(:site).permit!
|
53
45
|
@site = CamaleonCms::Site.new(site_data)
|
54
46
|
if @site.save
|
55
47
|
save_metas(@site)
|
@@ -1,11 +1,3 @@
|
|
1
|
-
=begin
|
2
|
-
Camaleon CMS is a content management system
|
3
|
-
Copyright (C) 2015 by Owen Peredo Diaz
|
4
|
-
Email: owenperedo@gmail.com
|
5
|
-
This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
|
6
|
-
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
|
7
|
-
See the GNU Affero General Public License (GPLv3) for more details.
|
8
|
-
=end
|
9
1
|
class CamaleonCms::Admin::SettingsController < CamaleonCms::AdminController
|
10
2
|
before_action :validate_role, except: [:theme, :save_theme]
|
11
3
|
before_action :validate_role_theme, only: [:theme, :save_theme]
|
@@ -23,7 +15,7 @@ class CamaleonCms::Admin::SettingsController < CamaleonCms::AdminController
|
|
23
15
|
|
24
16
|
def site_saved
|
25
17
|
@site = current_site
|
26
|
-
if @site.update(params
|
18
|
+
if @site.update(params.require(:site).permit!)
|
27
19
|
@site.set_options(params[:meta]) if params[:meta].present?
|
28
20
|
@site.set_multiple_options(params[:options])
|
29
21
|
@site.set_field_values(params[:field_options])
|
@@ -1,11 +1,3 @@
|
|
1
|
-
=begin
|
2
|
-
Camaleon CMS is a content management system
|
3
|
-
Copyright (C) 2015 by Owen Peredo Diaz
|
4
|
-
Email: owenperedo@gmail.com
|
5
|
-
This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
|
6
|
-
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
|
7
|
-
See the GNU Affero General Public License (GPLv3) for more details.
|
8
|
-
=end
|
9
1
|
class CamaleonCms::Admin::UserRolesController < CamaleonCms::AdminController
|
10
2
|
before_action :validate_role
|
11
3
|
add_breadcrumb I18n.t("camaleon_cms.admin.sidebar.users"), :cama_admin_users_url
|
@@ -27,7 +19,7 @@ class CamaleonCms::Admin::UserRolesController < CamaleonCms::AdminController
|
|
27
19
|
end
|
28
20
|
|
29
21
|
def create
|
30
|
-
user_role_data = params
|
22
|
+
user_role_data = params.require(:user_role).permit!
|
31
23
|
@user_role = current_site.user_roles.new(user_role_data)
|
32
24
|
if @user_role.save
|
33
25
|
@user_role.set_meta("_post_type_#{current_site.id.to_s}", defined?(params[:rol_values][:post_type]) ? params[:rol_values][:post_type] : {})
|
@@ -45,7 +37,7 @@ class CamaleonCms::Admin::UserRolesController < CamaleonCms::AdminController
|
|
45
37
|
end
|
46
38
|
|
47
39
|
def update
|
48
|
-
if @user_role.editable? && @user_role.update(params
|
40
|
+
if @user_role.editable? && @user_role.update(params.require(:user_role).permit!)
|
49
41
|
@user_role.set_meta("_post_type_#{current_site.id.to_s}", defined?(params[:rol_values][:post_type]) ? params[:rol_values][:post_type] : {})
|
50
42
|
@user_role.set_meta("_manager_#{current_site.id.to_s}", defined?(params[:rol_values][:post_type]) ? params[:rol_values][:manager] : {})
|
51
43
|
flash[:notice] = t('camaleon_cms.admin.users.message.rol_updated')
|
@@ -1,11 +1,3 @@
|
|
1
|
-
=begin
|
2
|
-
Camaleon CMS is a content management system
|
3
|
-
Copyright (C) 2015 by Owen Peredo Diaz
|
4
|
-
Email: owenperedo@gmail.com
|
5
|
-
This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
|
6
|
-
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
|
7
|
-
See the GNU Affero General Public License (GPLv3) for more details.
|
8
|
-
=end
|
9
1
|
class CamaleonCms::Admin::UsersController < CamaleonCms::AdminController
|
10
2
|
before_action :validate_role, except: [:profile, :profile_edit]
|
11
3
|
add_breadcrumb I18n.t("camaleon_cms.admin.sidebar.users"), :cama_admin_users_url
|
@@ -34,7 +26,7 @@ class CamaleonCms::Admin::UsersController < CamaleonCms::AdminController
|
|
34
26
|
end
|
35
27
|
|
36
28
|
def update
|
37
|
-
if @user.update(params
|
29
|
+
if @user.update(params.require(:user).permit!)
|
38
30
|
@user.set_metas(params[:meta]) if params[:meta].present?
|
39
31
|
@user.set_field_values(params[:field_options])
|
40
32
|
r = {user: @user, message: t('camaleon_cms.admin.users.message.updated'), params: params}; hooks_run('user_after_edited', r)
|
@@ -52,7 +44,7 @@ class CamaleonCms::Admin::UsersController < CamaleonCms::AdminController
|
|
52
44
|
# update som ajax requests from profile or user form
|
53
45
|
def updated_ajax
|
54
46
|
@user = current_site.users.find(params[:user_id])
|
55
|
-
render inline: @user.update(params
|
47
|
+
render inline: @user.update(params.require(:password).permit!) ? "" : @user.errors.full_messages.join(', ')
|
56
48
|
end
|
57
49
|
|
58
50
|
def edit
|
@@ -71,7 +63,7 @@ class CamaleonCms::Admin::UsersController < CamaleonCms::AdminController
|
|
71
63
|
end
|
72
64
|
|
73
65
|
def create
|
74
|
-
user_data = params
|
66
|
+
user_data = params.require(:user).permit!
|
75
67
|
@user = current_site.users.new(user_data)
|
76
68
|
if @user.save
|
77
69
|
@user.set_metas(params[:meta]) if params[:meta].present?
|
@@ -1,11 +1,3 @@
|
|
1
|
-
=begin
|
2
|
-
Camaleon CMS is a content management system
|
3
|
-
Copyright (C) 2015 by Owen Peredo Diaz
|
4
|
-
Email: owenperedo@gmail.com
|
5
|
-
This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
|
6
|
-
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
|
7
|
-
See the GNU Affero General Public License (GPLv3) for more details.
|
8
|
-
=end
|
9
1
|
class CamaleonCms::AdminController < CamaleonCms::CamaleonController
|
10
2
|
rescue_from CanCan::AccessDenied do |exception|
|
11
3
|
flash[:error] = "Error: #{exception.message}"
|
@@ -1,11 +1,3 @@
|
|
1
|
-
=begin
|
2
|
-
Camaleon CMS is a content management system
|
3
|
-
Copyright (C) 2015 by Owen Peredo Diaz
|
4
|
-
Email: owenperedo@gmail.com
|
5
|
-
This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
|
6
|
-
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
|
7
|
-
See the GNU Affero General Public License (GPLv3) for more details.
|
8
|
-
=end
|
9
1
|
class CamaleonCms::Apps::PluginsAdminController < CamaleonCms::AdminController
|
10
2
|
before_action :init_plugin
|
11
3
|
|