casein 4.0.0 → 5.0.0.0

data/app/controllers/casein/{user_sessions_controller.rb → admin_user_sessions_controller.rb}

@@ -1,7 +1,5 @@
 module Casein
-  class UserSessionsController < Casein::CaseinController
-    
-    unloadable
+  class AdminUserSessionsController < Casein::CaseinController
     
     skip_before_filter :authorise, :only => [:new, :create]
     before_filter :requires_no_session_user, :except => [:destroy]
@@ -9,13 +7,12 @@ module Casein
     layout 'casein_auth'
   
     def new
-      @user_session = Casein::UserSession.new
+      @admin_user_session = Casein::AdminUserSession.new
     end
   
     def create
-      @user_session = Casein::UserSession.new params[:casein_user_session]
-      if @user_session.save
-        flash[:notice] = "Login successful"
+      @admin_user_session = Casein::AdminUserSession.new params[:casein_admin_user_session]
+      if @admin_user_session.save
         redirect_back_or_default :controller => :casein, :action => :index
       else
         render :action => :new
@@ -23,9 +20,8 @@ module Casein
     end
   
     def destroy
-      current_user_session.destroy
-      flash[:notice] = "Logout successful"
-      redirect_back_or_default new_casein_user_session_url
+      current_admin_user_session.destroy
+      redirect_back_or_default new_casein_admin_user_session_url
     end
 
   private

data/app/controllers/casein/admin_users_controller.rb

@@ -0,0 +1,124 @@
+require 'securerandom'
+
+module Casein
+  class AdminUsersController < Casein::CaseinController
+
+    before_filter :needs_admin, :except => [:show, :destroy, :update, :update_password]
+    before_filter :needs_admin_or_current_user, :only => [:show, :destroy, :update, :update_password]
+ 
+    def index
+      @casein_page_title = "Users"
+      @users = Casein::AdminUser.order(sort_order(:login)).paginate :page => params[:page]
+    end
+ 
+    def new
+      @casein_page_title = "Add a new user"
+    	@casein_admin_user = Casein::AdminUser.new
+    	@casein_admin_user.time_zone = Rails.configuration.time_zone
+    end
+  
+    def create
+
+      generate_random_password if params[:generate_random_password]
+
+      @casein_admin_user = Casein::AdminUser.new casein_admin_user_params
+    
+      if @casein_admin_user.save
+        flash[:notice] = "An email has been sent to " + @casein_admin_user.name + " with the new account details"
+        redirect_to casein_admin_users_path
+      else
+        flash.now[:warning] = "There were problems when trying to create a new user"
+        render :action => :new
+      end
+    end
+  
+    def show
+    	@casein_admin_user = Casein::AdminUser.find params[:id]
+    	@casein_page_title = @casein_admin_user.name + " > View user"
+    end
+ 
+    def update
+      @casein_admin_user = Casein::AdminUser.find params[:id]
+      @casein_page_title = @casein_admin_user.name + " > Update user"
+
+      if @casein_admin_user.update_attributes casein_admin_user_params
+        flash[:notice] = @casein_admin_user.name + " has been updated"
+      else
+        flash.now[:warning] = "There were problems when trying to update this user"
+        render :action => :show
+        return
+      end
+      
+      if @session_user.is_admin?
+        redirect_to casein_admin_users_path
+      else
+        redirect_to :controller => :casein, :action => :index
+      end
+    end
+ 
+    def update_password
+      @casein_admin_user = Casein::AdminUser.find params[:id]
+      @casein_page_title = @casein_admin_user.name + " > Update password"
+       
+      if @casein_admin_user.valid_password? params[:form_current_password]
+        if params[:casein_admin_user][:password].blank? && params[:casein_admin_user][:password_confirmation].blank?
+          flash[:warning] = "New password cannot be blank"
+        elsif @casein_admin_user.update_attributes casein_admin_user_params
+          flash[:notice] = "Your password has been changed"
+        else
+          flash[:warning] = "There were problems when trying to change your password"
+        end
+      else
+        flash[:warning] = "The current password is incorrect"
+      end
+      
+      redirect_to :action => :show
+    end
+ 
+    def reset_password
+      @casein_admin_user = Casein::AdminUser.find params[:id]
+      @casein_page_title = @casein_admin_user.name + " > Reset password"
+       
+      if params[:generate_random_password].blank? && params[:casein_admin_user][:password].blank? && params[:casein_admin_user][:password_confirmation].blank?
+        flash[:warning] = "New password cannot be blank"
+      else
+        generate_random_password if params[:generate_random_password]
+        @casein_admin_user.notify_of_new_password = true unless (@casein_admin_user.id == @session_user.id && params[:generate_random_password].blank?)
+
+        if @casein_admin_user.update_attributes casein_admin_user_params
+          unless @casein_admin_user.notify_of_new_password
+            flash[:notice] = "Your password has been reset"
+          else    
+            flash[:notice] = "Password has been reset and " + @casein_admin_user.name + " has been notified by email"
+          end
+        else
+          flash[:warning] = "There were problems when trying to reset this user's password"
+        end
+      end
+
+      redirect_to :action => :show
+    end
+ 
+    def destroy
+      user = Casein::AdminUser.find params[:id]
+      if user.is_admin? == false || Casein::AdminUser.has_more_than_one_admin
+        user.destroy
+        flash[:notice] = user.name + " has been deleted"
+      end
+      redirect_to casein_admin_users_path
+    end
+
+    private
+
+      def generate_random_password
+        random_password = random_string = SecureRandom.hex
+        params[:casein_admin_user] = Hash.new if params[:casein_admin_user].blank?
+        params[:casein_admin_user].merge! ({:password => random_password, :password_confirmation => random_password})
+      end
+
+      def casein_admin_user_params
+        params.require(:casein_admin_user).permit(:login, :name, :email, :time_zone, :access_level, :password, :password_confirmation)
+      end
+ 
+  end
+end

data/app/controllers/casein/casein_controller.rb

@@ -3,8 +3,6 @@ require 'authlogic'
 module Casein
   class CaseinController < ApplicationController
 
-    unloadable
-
     require 'casein/casein_helper'
     include Casein::CaseinHelper
 
@@ -13,11 +11,11 @@ module Casein
 
     layout 'casein_main'
    
-    helper_method :current_user_session, :current_user
+    helper_method :current_admin_user_session, :current_user
     before_filter :authorise
     before_filter :set_time_zone
     
-    ActionView::Base.field_error_proc = proc { |input, instance| "<span class='formError'>#{input}</span>".html_safe }
+    ActionView::Base.field_error_proc = proc { |input, instance| "#{input}".html_safe }
 
     def index		
   		redirect_to casein_config_dashboard_url
@@ -32,7 +30,7 @@ module Casein
     def authorise    
       unless current_user
         session[:return_to] = request.fullpath
-        redirect_to new_casein_user_session_url
+        redirect_to new_casein_admin_user_session_url
         return false
       end
     end
@@ -41,14 +39,14 @@ module Casein
       Time.zone = current_user.time_zone if current_user
     end
   
-    def current_user_session
-      return @current_user_session if defined?(@current_user_session)
-      @current_user_session = Casein::UserSession.find
+    def current_admin_user_session
+      return @current_admin_user_session if defined?(@current_admin_user_session)
+      @current_admin_user_session = Casein::AdminUserSession.find
     end
 
     def current_user
       return @session_user if defined?(@session_user)
-      @session_user = current_user_session && current_user_session.user
+      @session_user = current_admin_user_session && current_admin_user_session.admin_user
     end
   
     def needs_admin
@@ -68,5 +66,9 @@ module Casein
       session[:return_to] = nil
     end
 
+    def sort_order(default)
+      "#{(params[:c] || default.to_s).gsub(/[\s;'\"]/,'')} #{'ASC' if params[:d] == 'up'} #{'DESC' if params[:d] == 'down'}"
+    end
+
   end
 end

data/app/controllers/casein/password_resets_controller.rb

@@ -1,15 +1,13 @@
 module Casein
   class PasswordResetsController < Casein::CaseinController
   
-    unloadable
-  
     skip_before_filter :authorise
     before_filter :load_user_using_perishable_token, :only => [:edit, :update]
 
     layout 'casein_auth'
     
     def create
-      users = Casein::User.where(:email => params[:recover_email]).all
+      users = Casein::AdminUser.where(:email => params[:recover_email]).all
 
       if users.length > 0
         users.each do |user|
@@ -25,7 +23,7 @@ module Casein
         flash[:warning] = "There is no user with that email"
       end
 
-      redirect_to new_casein_user_session_url
+      redirect_to new_casein_admin_user_session_url
     end
 
     def edit
@@ -34,16 +32,16 @@ module Casein
 
     def update
       
-      if params[:casein_user][:password].empty? || params[:casein_user][:password_confirmation].empty?
+      if params[:casein_admin_user][:password].empty? || params[:casein_admin_user][:password_confirmation].empty?
         flash.now[:warning] = "A field has been left empty"
       else
       
-        @reset_user.password = params[:casein_user][:password]
-        @reset_user.password_confirmation = params[:casein_user][:password_confirmation]
+        @reset_user.password = params[:casein_admin_user][:password]
+        @reset_user.password_confirmation = params[:casein_admin_user][:password_confirmation]
       
         if @reset_user.save
           flash[:notice] = "Password successfully updated"
-          redirect_to new_casein_user_session_url
+          redirect_to new_casein_admin_user_session_url
           return
         end
       end
@@ -55,11 +53,11 @@ module Casein
     
     def load_user_using_perishable_token
       
-      @reset_user = Casein::User.find_using_perishable_token params[:token]
+      @reset_user = Casein::AdminUser.find_using_perishable_token params[:token]
       
       unless @reset_user
         flash[:warning] = "Your account could not be located. Try to copy and paste the URL directly from the email."
-        redirect_to new_casein_user_session_url
+        redirect_to new_casein_admin_user_session_url
       end
     end
   end

data/app/helpers/casein/casein_helper.rb

@@ -1,18 +1,26 @@
 module Casein
   module CaseinHelper
 	
-	  def casein_get_version_info  
+    def casein_get_footer_string include_version = false
+      if include_version
+        "Running on #{link_to 'Casein', 'http://www.github.com/russellquinn/casein'} #{casein_get_full_version_string}, an open-source project.".html_safe
+      else
+        "Running on #{link_to 'Casein', 'http://www.github.com/russellquinn/casein'}, an open-source project.".html_safe
+      end
+    end
+
+	  def casein_get_version_info 
 	    YAML::load_file File.join(File.dirname(__FILE__), '..', '..', '..', 'PUBLIC_VERSION.yml')
 	  end
 	
   	def casein_get_full_version_string
   	  version_info = casein_get_version_info
-  	  "v.#{version_info['major']}.#{version_info['minor']}.#{version_info['patch']}"
+  	  "v#{version_info['major']}.#{version_info['minor']}.#{version_info['patch']}.#{version_info['build']}"
   	end
 	
   	def casein_get_short_version_string
   	  version_info = casein_get_version_info
-  	  "v.#{version_info['major']}"
+  	  "v#{version_info['major']}"
   	end
 	
   	def casein_generate_page_title
@@ -21,7 +29,7 @@ module Casein
   			return casein_config_website_name
   		end
 		
-  		@casein_page_title + " > " + casein_config_website_name
+  		casein_config_website_name + " > " + @casein_page_title  
   	end
 	
   	def casein_get_access_level_text level
@@ -38,6 +46,10 @@ module Casein
   	def casein_get_access_level_array
   	  [["Administrator", $CASEIN_USER_ACCESS_LEVEL_ADMIN], ["User", $CASEIN_USER_ACCESS_LEVEL_USER]]
   	end
+
+    def casein_pagination_details objs
+      " <small class='pagination-details'>/ page #{objs.current_page} of #{objs.total_pages}</small>".html_safe if objs.current_page && objs.total_pages > 1
+    end
 	
   	def casein_table_cell_link contents, link, options = {}
 	  
@@ -54,43 +66,77 @@ module Casein
   	    contents = truncate(contents, :length => options[:casein_truncate], :omission => "...")
   	  end
 	  
-    	"<div class='noLink'>#{contents}</div>".html_safe
+    	"<div class='no-link'>#{contents}</div>".html_safe
     end
 	
   	def casein_show_icon icon_name
-  		"<div class='icon'>".html_safe + image_tag("casein/icons/#{icon_name}.png", :alt => "") + "</div>".html_safe
+  		"<div class='icon'><span class='glyphicon glyphicon-#{icon_name}'></span></div>".html_safe
   	end
 	
   	def casein_show_row_icon icon_name
-      "<div class='iconRow'>".html_safe + image_tag("casein/icons/#{icon_name}.png", :alt => "") + "</div>".html_safe
+      "<div class='iconRow'><span class='glyphicon glyphicon-#{icon_name}'></span></div>".html_safe
   	end
+
+    def casein_format_date date, format = "%b %d, %Y"
+      date.strftime(format)
+    end
+
+    def casein_format_time time, format = "%H:%M"
+      time.strftime(format)
+    end
+
+    def casein_format_datetime datetime, format = "%b %d, %Y %H:%M"
+      datetime.strftime(format)
+    end
+
+    def casein_sort_link title, column, options = {}
+      condition = options[:unless] if options.has_key?(:unless)
+      icon_to_show_html = "<div class='table-header-icon'>&nbsp;</div>".html_safe
+      if params[:c].to_s == column.to_s
+        icon_to_show = params[:d] == 'down' ? 'chevron-up' : 'chevron-down'
+        icon_to_show_html = "<div class='table-header-icon glyphicon glyphicon-#{icon_to_show}'></div>".html_safe
+      end
+      sort_dir = params[:d] == 'down' ? 'up' : 'down'
+      link_to_unless(condition, title, request.parameters.merge({:c => column, :d => sort_dir})) + icon_to_show_html
+    end
+
+    def casein_yes_no_label value
+      if value
+        return "<span class='label label-success'>Yes</span>".html_safe
+      else
+        return "<span class='label label-danger'>No</span>".html_safe
+      end
+    end
+
+    def casein_no_yes_label value
+      if value
+        return "<span class='label label-danger'>Yes</span>".html_safe
+      else
+        return "<span class='label label-success'>No</span>".html_safe
+      end
+    end
 	
   	# Styled form tag helpers
 	
   	def casein_text_field form, obj, attribute, options = {}
-  	  casein_form_tag_wrapper(form.text_field(attribute, strip_casein_options(options_hash_with_merged_classes(options, 'caseinTextField'))), form, obj, attribute, options).html_safe
+  	  casein_form_tag_wrapper(form.text_field(attribute, strip_casein_options(options_hash_with_merged_classes(options, 'form-control'))), form, obj, attribute, options).html_safe
   	end
 	
   	def casein_password_field form, obj, attribute, options = {}
-  		casein_form_tag_wrapper(form.password_field(attribute, strip_casein_options(options_hash_with_merged_classes(options, 'caseinTextField'))), form, obj, attribute, options).html_safe
+  		casein_form_tag_wrapper(form.password_field(attribute, strip_casein_options(options_hash_with_merged_classes(options, 'form-control'))), form, obj, attribute, options).html_safe
   	end
 	
   	def casein_text_area form, obj, attribute, options = {}
-  	  casein_form_tag_wrapper(form.text_area(attribute, strip_casein_options(options_hash_with_merged_classes(options, 'caseinTextArea'))), form, obj, attribute, options).html_safe
+  	  casein_form_tag_wrapper(form.text_area(attribute, strip_casein_options(options_hash_with_merged_classes(options, 'form-control'))), form, obj, attribute, options).html_safe
   	end
 	
   	def casein_text_area_big form, obj, attribute, options = {}
-  	 casein_form_tag_wrapper(form.text_area(attribute, strip_casein_options(options_hash_with_merged_classes(options, 'caseinTextAreaBig'))), form, obj, attribute, options).html_safe
+  	 casein_form_tag_wrapper(form.text_area(attribute, strip_casein_options(options_hash_with_merged_classes(options, 'form-control'))), form, obj, attribute, options).html_safe
   	end
 	
   	def casein_check_box form, obj, attribute, options = {}
-  	  form_tag = form.check_box(attribute, strip_casein_options(options))
-	  
-  	  if options.key? :casein_box_label
-  	    form_tag = "<div>" + form_tag + "<span class=\"rcText\">#{options[:casein_box_label]}</span></div>".html_safe
-  	  end
-	  
-  	  casein_form_tag_wrapper(form_tag, form, obj, attribute, options).html_safe
+  	  form_tag = "<div class='check-box'>#{form.check_box(attribute, strip_casein_options(options))}</div>".html_safe
+      casein_form_tag_wrapper(form_tag, form, obj, attribute, options).html_safe
   	end
 	
   	def casein_check_box_group form, obj, check_boxes = {}
@@ -100,7 +146,7 @@ module Casein
         form_tags += casein_check_box form, obj, check_box[0], check_box[1]
       end
     
-      casein_form_tag_wrapper form_tag, form, obj, attribute, options
+      casein_form_tag_wrapper(form_tag, form, obj, attribute, options)
     end
 	
   	def casein_radio_button form, obj, attribute, tag_value, options = {}
@@ -124,38 +170,47 @@ module Casein
     end
 	
   	def casein_select form, obj, attribute, option_tags, options = {}
-  		casein_form_tag_wrapper(form.select(attribute, option_tags, strip_casein_options(options), merged_class_hash(options, 'caseinSelect')), form, obj, attribute, options).html_safe
+  		casein_form_tag_wrapper(form.select(attribute, option_tags, strip_casein_options(options), merged_class_hash(options, 'form-control')), form, obj, attribute, options).html_safe
   	end
   	
   	def casein_time_zone_select form, obj, attribute, option_tags, options = {}
-  	  casein_form_tag_wrapper(form.time_zone_select(attribute, option_tags, strip_casein_options(options), merged_class_hash(options, 'caseinSelect')), form, obj, attribute, options).html_safe
+  	  casein_form_tag_wrapper(form.time_zone_select(attribute, option_tags, strip_casein_options(options), merged_class_hash(options, 'form-control')), form, obj, attribute, options).html_safe
   	end
 	
-  	def casein_collection_select form, obj, object, attribute, collection, value_method, text_method, options = {}
-  		casein_form_tag_wrapper(collection_select(object, attribute, collection, value_method, text_method, strip_casein_options(options), merged_class_hash(options, 'caseinSelect')), form, obj, attribute, options).html_safe
+  	def casein_collection_select form, obj, attribute, collection, value_method, text_method, options = {}
+  		casein_form_tag_wrapper(collection_select(obj, attribute, collection, value_method, text_method, strip_casein_options(options), merged_class_hash(options, 'form-control')), form, obj, attribute, options).html_safe
   	end
   	
   	def casein_date_select form, obj, attribute, options = {}
-  	  casein_form_tag_wrapper(form.date_select(attribute, strip_casein_options(options), merged_class_hash(options, 'caseinDateTimeSelect')), form, obj, attribute, options).html_safe
+  	  casein_form_tag_wrapper("<div class='casein-date-select'>".html_safe + form.date_select(attribute, strip_casein_options(options), merged_class_hash(options, 'form-control')) + "</div>".html_safe, form, obj, attribute, options).html_safe
   	end
 
   	def casein_time_select form, obj, attribute, options = {}
-  	  casein_form_tag_wrapper(form.time_select(attribute, strip_casein_options(options), merged_class_hash(options, 'caseinDateTimeSelect')), form, obj, attribute, options).html_safe
+  	  casein_form_tag_wrapper("<div class='casein-time-select'>".html_safe + form.time_select(attribute, strip_casein_options(options), merged_class_hash(options, 'form-control')) + "</div>".html_safe, form, obj, attribute, options).html_safe
   	end
 	
   	def casein_datetime_select form, obj, attribute, options = {}
-  	  casein_form_tag_wrapper(form.datetime_select(attribute, strip_casein_options(options), merged_class_hash(options, 'caseinDateTimeSelect')), form, obj, attribute, options).html_safe
+  	  casein_form_tag_wrapper("<div class='casein-datetime-select'>".html_safe + form.datetime_select(attribute, strip_casein_options(options), merged_class_hash(options, 'form-control')) + "</div>".html_safe, form, obj, attribute, options).html_safe
   	end
 	
   	def casein_file_field form, obj, object_name, attribute, options = {}
-  	  class_hash = merged_class_hash(options, 'caseinFileFieldContainer')
+  	  class_hash = merged_class_hash(options, 'form-control')
   	  contents = "<div class='#{class_hash[:class]}'>" + file_field(object_name, attribute, strip_casein_options(options)) + '</div>'
+
+      if options.key? :casein_contents_preview
+        contents = options[:casein_contents_preview].html_safe + contents.html_safe
+      end
+
   	  casein_form_tag_wrapper(contents, form, obj, attribute, options).html_safe
   	end
 	
   	def casein_hidden_field form, obj, attribute, options = {}
   	  form.hidden_field(attribute, strip_casein_options(options)).html_safe
   	end
+
+    def casein_custom_field form, obj, attribute, custom_contents, options = {}
+      casein_form_tag_wrapper(custom_contents, form, obj, attribute, options).html_safe
+    end
 	
   protected
 
@@ -186,15 +241,23 @@ module Casein
           human_attribute_name = options[:casein_label]
         end
 
-    		html = "<p>"
+        sublabel = ""
+
+        if options.key? :casein_sublabel
+          sublabel = " <small>#{options[:casein_sublabel]}</small>".html_safe
+        end
+
+    		html = ""
 
         if obj && obj.errors[attribute].any?
-    			html += "<span class='formError'>#{human_attribute_name} #{obj.errors[attribute].first}</span>".html_safe
+          html += "<div class='form-group has-error'>"
+    			html += form.label(attribute, "#{human_attribute_name} #{obj.errors[attribute].first}".html_safe, :class => "control-label")
     		else
-    			html += form.label(attribute, human_attribute_name)
+          html += "<div class='form-group'>"
+    			html += form.label(attribute, "#{human_attribute_name}#{sublabel}".html_safe, :class => "control-label")
     		end
 
-    		html += "</p>\n<p>#{form_tag}</p>"
+    		html += "<div class='well'>#{form_tag}</div></div>"
     end
   end
 end