camaleon_cms 2.4.4.3 → 2.4.4.4

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 1d378954102d09373cdff4a55ad93f38a54a8562
-  data.tar.gz: a31be20e3fa56bc42569a571a655732b9f5fcf1f
+  metadata.gz: 5581bbe874bc02c0ad4eb795817fd82e431d3832
+  data.tar.gz: b0d2c74f1b22ba640260e100e57ea1ef64f87500
 SHA512:
-  metadata.gz: b0f69a80db88c10bfacff4464aa7b7f43d2a26b7b0ef287a28611b3803346a3e38702c5167ccf9a40eb6d6d45a4c039993d1e337fe4d317539fa658f0a8fdb58
-  data.tar.gz: a3e9bbc8e922365f3799e906b41249ba2e6c456372788c5881d3f23c77111a051872f6e75fb0ea3928f89dfd65e18d5779d36632a36d4d1a263b075d054176d0
+  metadata.gz: 612ed7bf329cd37631d1aa4456db2af076963f48417ec58068c9d4e5423969340fd489aa8b0d08e2a25e58fcbab0d3dff6c79e6bcb4f856f84c6ad05099e2f1d
+  data.tar.gz: 3ddbc96bc692151ca73990cd463a6e88f391d064765dc2b49dbf219f2f34b428d143750f683c08cd62eefa2a463831d148bd530348e772d00f33c84738e1d841

data/README.md

@@ -39,7 +39,7 @@
 * Add the gem in your Gemfile
 
   ```
-  gem "camaleon_cms",  '>= 2.4.4.3' # Stable versions 2.4.4.2, 2.4.3.10, 2.4.3.6, 2.4.3.5, 2.4.3.2, 2.3.6, 2.2.1, 2.1.1, 2.1.0
+  gem "camaleon_cms",  '>= 2.4.4.4' # Stable versions 2.4.4.2, 2.4.3.10, 2.4.3.6, 2.4.3.5, 2.4.3.2, 2.3.6, 2.2.1, 2.1.1, 2.1.0
   # gem "camaleon_cms", github: 'owen2345/camaleon-cms' # current development version
   # gem 'draper', '~> 3' # only for Rails 5
   # verify (gem 'sass-rails', '~> 5.0') only for Rails 5

data/app/apps/plugins/attack/attack_helper.rb

@@ -50,6 +50,7 @@ module Plugins::Attack::AttackHelper
 
   private
   def attack_check_request
+    return unless current_site
     config = current_site.get_meta("attack_config")
     q = current_site.attack.where(browser_key: cama_get_session_id, path: attack_request_key)
     return unless config.present?

data/app/apps/plugins/authoring_post/authoring_post_helper.rb

@@ -40,7 +40,7 @@ module Plugins::AuthoringPost::AuthoringPostHelper
   end
 
   def plugin_authoring_authors_list(post)
-    author_id = post.new_record? ? current_user.id : post.author.id
+    author_id = post.new_record? ? cama_current_user.id : post.author.id
     ret = ''
     current_site.users.where('role <> ?', 'client').order(:username).each do |user|
       ret += "<option value='#{user.id}' #{user.id.eql?(author_id) ? 'selected' : ''}>#{user.username.titleize}#{user.fullname.eql?(user.username.titleize) ? '' : ' (' +  user.fullname + ')' }</option>"

data/app/controllers/camaleon_cms/admin/posts_controller.rb

@@ -30,7 +30,7 @@ class CamaleonCms::Admin::PostsController < CamaleonCms::AdminController
       posts_all = posts_all.where("LOWER(#{CamaleonCms::Post.table_name}.title) LIKE ?", "%#{params[:q]}%")
     end
     
-    posts_all = posts_all.where(user_id: current_user) if cannot?(:edit_other, @post_type) # filter only own contents 
+    posts_all = posts_all.where(user_id: cama_current_user) if cannot?(:edit_other, @post_type) # filter only own contents 
     
     @posts = posts_all
     params[:s] = 'published' unless params[:s].present?

data/app/controllers/camaleon_cms/admin/sessions_controller.rb

@@ -18,7 +18,7 @@ class CamaleonCms::Admin::SessionsController < CamaleonCms::CamaleonController
 
   def login_post
     data_user = user_permit_data
-    @user = current_site.users.by_username(data_user[:username]).first
+    @user = current_site.users.find_by_username(data_user[:username])
     captcha_validate = captcha_verify_if_under_attack("login")
     r = {user: @user, params: params, password: data_user[:password], captcha_validate: captcha_validate, stop_process: false}; hooks_run("user_before_login", r)
     return if r[:stop_process] # permit to redirect for data completion

data/app/controllers/camaleon_cms/admin/users_controller.rb

@@ -80,7 +80,7 @@ class CamaleonCms::Admin::UsersController < CamaleonCms::AdminController
   end
 
   def destroy
-    if current_user.id == @user.id
+    if cama_current_user.id == @user.id
       flash[:error] = t('camaleon_cms.admin.users.message.user_can_not_delete_own_account', default: 'User can not delete own account')
     elsif @user.destroy
       flash[:notice] = t('camaleon_cms.admin.users.message.deleted')
@@ -106,7 +106,7 @@ class CamaleonCms::Admin::UsersController < CamaleonCms::AdminController
 
   def user_params
     parameters = params.require(:user)
-    if current_user.role_grantor?(@user)
+    if cama_current_user.role_grantor?(@user)
       parameters.permit(:username, :email, :role, :first_name, :last_name)
     else
       parameters.permit(:username, :email, :first_name, :last_name)

data/app/controllers/camaleon_cms/camaleon_controller.rb

@@ -125,8 +125,10 @@ class CamaleonCms::CamaleonController < ApplicationController
       end
     end
   end
-
-  def current_user
-    cama_current_user
+  
+  unless ApplicationController.method_defined?(:current_user)
+    def current_user
+      cama_current_user
+    end
   end
 end

data/app/decorators/camaleon_cms/site_decorator.rb

@@ -88,7 +88,7 @@ class CamaleonCms::SiteDecorator < CamaleonCms::TermTaxonomyDecorator
   # return the user object with id or username = id_or_username from this site
   def the_user(id_or_username)
     return object.users.where(id: id_or_username).first.decorate rescue nil if id_or_username.is_a?(Integer)
-    return object.users.by_username(id_or_username).first.decorate rescue nil if id_or_username.is_a?(String)
+    return object.users.find_by_username(id_or_username).decorate rescue nil if id_or_username.is_a?(String)
   end
 
   # return all post types for this site

data/app/helpers/camaleon_cms/session_helper.rb

@@ -33,7 +33,7 @@ module CamaleonCms::SessionHelper
   # login a user using username and password
   # return boolean: true => authenticated, false => authentication failed
   def login_user_with_password(username, password)
-    @user = current_site.users.by_username(username).first
+    @user = current_site.users.find_by_username(username)
     r = {user: @user, params: params, password: password, captcha_validate: true}; hooks_run('user_before_login', r)
     @user && @user.authenticate(password)
   end

data/app/models/camaleon_cms/ability.rb

@@ -11,7 +11,7 @@ class CamaleonCms::Ability
       can :read, :all
     else
       # conditions:
-      current_user_role = user.get_role(current_site)
+      current_user_role = user.get_role(current_site) || current_site.user_roles.new
       @roles_manager ||= current_user_role.get_meta("_manager_#{current_site.id}", {}) || {}
       @roles_post_type ||= current_user_role.get_meta("_post_type_#{current_site.id}", {}) || {}
 

data/app/models/camaleon_cms/user.rb

@@ -7,12 +7,12 @@ unless PluginRoutes.static_system_info['user_model'].present?
     validates :email, :presence => true, :format => { :with => /\A[\w+\-.]+@[a-z\d\-.]+\.[a-z]+\z/i } #, :unless => Proc.new { |a| a.auth_social.present? }
     has_secure_password
 
-    def self.by_email(email)
-      where(['lower(email) = ?', email.to_s.downcase])
+    def self.find_by_email(email)
+      where(['lower(email) = ?', email.to_s.downcase]).take
     end
 
-    def self.by_username(username)
-      where(['lower(username) = ?', username.to_s.downcase])
+    def self.find_by_username(username)
+      where(['lower(username) = ?', username.to_s.downcase]).take
     end
   end
 end

data/app/views/camaleon_cms/admin/users/form.html.erb

@@ -54,7 +54,7 @@
                         <div class="">
                             <%= f.label "#{t('camaleon_cms.admin.table.role')}", class: "control-label" %>
                             <div class="">
-                                <%= f.select :role,current_site.user_roles.reorder(:name).decorate.map{|role| [role.the_title, role.slug]}, {}, {:class => "form-control required", disabled: !current_user.role_grantor?(@user)}%>
+                                <%= f.select :role,current_site.user_roles.reorder(:name).decorate.map{|role| [role.the_title, role.slug]}, {}, {:class => "form-control required", disabled: !cama_current_user.role_grantor?(@user)}%>
                             </div>
                         </div>
                         <hr>

data/app/views/camaleon_cms/admin/users/index.html.erb

@@ -36,7 +36,7 @@
                   <td><%= l(f.last_login_at, format: :long) if f.last_login_at.present? %></td>
                   <td>
                     <%= link_to raw('<i class="fa fa-pencil"></i>'), {action: :edit, id: f.id }, class: "btn btn-default btn-xs cama_ajax_request", title: "#{t('camaleon_cms.admin.button.edit')}" %>
-                    <% if current_user.id == f.id %>
+                    <% if cama_current_user.id == f.id %>
                         <%= link_to 'javascript:;', class: 'btn btn-danger btn-xs cama_ajax_request', disabled: true,
                                 title: t('camaleon_cms.admin.users.message.user_can_not_delete_own_account', default: 'User can not delete own account') do %>
                             <i class="fa fa-times"></i>

data/lib/camaleon_cms/version.rb

@@ -1,3 +1,3 @@
 module CamaleonCms
-  VERSION = '2.4.4.3'
+  VERSION = '2.4.4.4'
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: camaleon_cms
 version: !ruby/object:Gem::Version
-  version: 2.4.4.3
+  version: 2.4.4.4
 platform: ruby
 authors:
 - Owen Peredo Diaz
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2017-10-02 00:00:00.000000000 Z
+date: 2017-10-05 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bcrypt