cms-fortress 1.2.2 → 1.3.0.rc1

data/app/controllers/cms/fortress/users_controller.rb

@@ -1,57 +1,60 @@
 class Cms::Fortress::UsersController < Comfy::Admin::Cms::BaseController
-  before_filter do
+  before_action do
     authorize! :manage, Cms::Fortress::User
   end
+  before_action :set_user, :valid_super, only: [:show, :edit, :update, :destroy]
+  before_action :check_super, only: [:super, :new_super]
 
   # GET /cms/fortress/users
   # GET /cms/fortress/users.json
   def index
-    @cms_fortress_users = Cms::Fortress::User.all
+    @super_user = false
+    @cms_fortress_users = @site.users
+  end
 
-    respond_to do |format|
-      format.html # index.html.erb
-      format.json { render json: @cms_fortress_users }
-    end
+  def super
+    @super_user = true
+    @cms_fortress_users = Cms::Fortress::User.all_super
+    render action: :index
   end
 
   # GET /cms/fortress/users/1
   # GET /cms/fortress/users/1.json
   def show
-    @cms_fortress_user = Cms::Fortress::User.find(params[:id])
-
-    respond_to do |format|
-      format.html # show.html.erb
-      format.json { render json: @cms_fortress_user }
-    end
   end
 
   # GET /cms/fortress/users/new
   # GET /cms/fortress/users/new.json
   def new
-    @cms_fortress_user = Cms::Fortress::User.new
+    @super_user = false
+    @cms_fortress_user = @site.users.build(type_id: 2)
+  end
 
-    respond_to do |format|
-      format.html # new.html.erb
-      format.json { render json: @cms_fortress_user }
-    end
+  def new_super
+    @super_user = true
+    @cms_fortress_user = Cms::Fortress::User.new(type_id: 1)
+    render action: :new
   end
 
   # GET /cms/fortress/users/1/edit
   def edit
-    @cms_fortress_user = Cms::Fortress::User.find(params[:id])
   end
 
   # POST /cms/fortress/users
   # POST /cms/fortress/users.json
   def create
-    @cms_fortress_user = Cms::Fortress::User.new(user_params)
-
-    respond_to do |format|
-      if @cms_fortress_user.save
-        flash[:success] = "User was successfully created."
-        format.html { redirect_to cms_fortress_users_path }
+    @cms_fortress_user = @site.users.build(user_params)
+    raise CanCan::AccessDenied.new("Your are not allowed to create a super user.") if @cms_fortress_user.type.eql?(:super_user) && !current_cms_fortress_user.type.eql?(:super_user)
+    @cms_fortress_user.site_id = nil if @cms_fortress_user.type.eql?(:super_user)
+
+    if @cms_fortress_user.save
+      flash[:success] = "User was successfully created."
+      respond_to do |format|
+        format.html { redirect_to @cms_fortress_user.type.eql?(:super_user) ? super_cms_fortress_users_path : cms_fortress_users_path }
         format.json { render json: @cms_fortress_user, status: :created, location: @cms_fortress_user }
-      else
+      end
+    else
+      respond_to do |format|
         format.html { render action: "new" }
         format.json { render json: @cms_fortress_user.errors, status: :unprocessable_entity }
       end
@@ -61,9 +64,10 @@ class Cms::Fortress::UsersController < Comfy::Admin::Cms::BaseController
   # PUT /cms/fortress/users/1
   # PUT /cms/fortress/users/1.json
   def update
-    @cms_fortress_user = Cms::Fortress::User.find(params[:id])
-
     user = user_params
+
+    raise CanCan::AccessDenied.new("Your are not allowed to create a super user.") if user[:type_id].eql?(1) && !current_cms_fortress_user.type.eql?(:super_user)
+
     if user[:password].blank?
       user.delete(:password)
       user.delete(:password_confirmation) if user[:password_confirmation].blank?
@@ -72,7 +76,7 @@ class Cms::Fortress::UsersController < Comfy::Admin::Cms::BaseController
     respond_to do |format|
       if @cms_fortress_user.update_attributes(user)
         flash[:success] = "User was successfully updated."
-        format.html { redirect_to cms_fortress_users_path }
+        format.html { redirect_to @cms_fortress_user.type.eql?(:super_user) ? super_cms_fortress_users_path : cms_fortress_users_path }
         format.json { head :no_content }
       else
         format.html { render action: "edit" }
@@ -84,18 +88,31 @@ class Cms::Fortress::UsersController < Comfy::Admin::Cms::BaseController
   # DELETE /cms/fortress/users/1
   # DELETE /cms/fortress/users/1.json
   def destroy
-    @cms_fortress_user = Cms::Fortress::User.find(params[:id])
     @cms_fortress_user.destroy
 
     respond_to do |format|
-      format.html { redirect_to cms_fortress_users_url }
+      format.html { redirect_to @cms_fortress_user.type.eql?(:super_user) ? super_cms_fortress_users_path : cms_fortress_users_path }
       format.json { head :no_content }
     end
   end
 
   private
 
+  def valid_super
+    raise CanCan::AccessDenied.new("Your are not authorised to execute this process.") if @cms_fortress_user.type.eql?(:super_user) && !current_cms_fortress_user.type.eql?(:super_user)
+    @super_user = @cms_fortress_user.type.eql?(:super_user)
+  end
+
+  def check_super
+    raise CanCan::AccessDenied.new("Your are not authorised to execute this process.") unless current_cms_fortress_user.type.eql?(:super_user)
+    # @super_user = current_cms_fortress_user.type.eql?(:super_user)
+  end
+
+  def set_user
+    @cms_fortress_user = Cms::Fortress::User.find(params[:id]) # @site.users.where(id: params[:id]).first
+  end
+
   def user_params
-    params.require(:cms_fortress_user).permit(:last_name, :first_name, :email, :role_id, :password, :password_confirmation)
+    params.require(:cms_fortress_user).permit(:last_name, :first_name, :email, :type_id, :role_id, :password, :password_confirmation)
   end
 end

data/app/helpers/cms/fortress/application_helper.rb

@@ -1,4 +1,12 @@
+require 'cms/fortress/settings'
+require 'cms/fortress/error'
+
 module Cms::Fortress::ApplicationHelper
+
+  def dashboard_widget(title, collection)
+    render partial: "cms/fortress/shared/dashboard_widget", locals: {title: title, collection: collection}
+  end
+
   def role_display(command)
     res = command.split(".")
     raw "#{content_tag(:strong, t("cms.fortress.roles.#{res.first}")) } / #{ res[1..-1].map {|r| t("cms.fortress.roles.#{r}")}.join(" - ") }"
@@ -19,18 +27,38 @@ module Cms::Fortress::ApplicationHelper
   def back_path
     case controller_name
     when "pages"
-      comfy_admin_cms_site_pages_path
+      comfy_admin_cms_site_pages_path(@site)
     when "files"
-      comfy_admin_cms_site_files_path
+      comfy_admin_cms_site_files_path(@site)
     when "layouts"
-      comfy_admin_cms_site_layouts_path
+      comfy_admin_cms_site_layouts_path(@site)
     when "snippets"
-      comfy_admin_cms_site_snippets_path
+      comfy_admin_cms_site_snippets_path(@site)
     else
       ""
     end
   end
 
+  def topnav_resource_item(key, resource)
+    if ["divider", "dropdown-header"].include?(resource[:name])
+      title = resource[:title].nil? ? "" : t(resource[:title], site_name: @site.label)
+      content_tag(:li, title, class: resource[:name], role: "presentation")
+    else
+      if can? :view, "#{ key }.#{ resource[:name] }"
+        if path = resource_path(resource[:path])
+          topnav_item t(resource[:title]), path, current_page?(path)
+        end
+      end
+    end
+  end
+
+  def resource_path(path)
+    begin
+      eval(path)
+    rescue
+    end
+  end
+
   def media_files_path(type)
     if params[:site_id]
       if type.eql?(:image)
@@ -59,7 +87,7 @@ module Cms::Fortress::ApplicationHelper
 
   def topnav_item(title, path, is_current = false)
     css_class = is_current ? "active" : ""
-    content_tag(:li, link_to(title, path), class: css_class)
+    content_tag(:li, link_to(title, path), class: css_class, role: "presentation")
   end
 
   def leftnav_item(title, path, options = {})
@@ -85,5 +113,9 @@ module Cms::Fortress::ApplicationHelper
         map { |resource| resource[:name] }.
         include?(controller_name)
   end
+
+  def settings
+    Cms::Fortress::Settings.new(:global_settings)
+  end
 end
 

data/app/helpers/comfy/admin/cms/pages_helper.rb

@@ -0,0 +1,22 @@
+module Comfy::Admin::Cms::PagesHelper
+  def page_actions(page)
+    states = page.aasm.permissible_events
+    states.select! do |state|
+      can?(:manage, 'contents.page.'+state.to_s)
+    end
+    states
+  end
+
+  def cached_timeout_for_select
+    {
+        "Uncached" => 0,
+        "15 minutes" => 15.minutes,
+        "30 minutes" => 30.minutes,
+        "1 hour" => 1.hour,
+        "3 hours" => 3.hours,
+        "24 hours" => 1.day,
+        "15 days" => 15.days,
+        "30 days" => 30.days
+    }.map {|k,v| [k, v.to_i] }
+  end
+end

data/app/models/cms/fortress/error.rb

@@ -0,0 +1,17 @@
+module Cms::Fortress::Error
+  def self.log_error(name, message)
+    Rails.logger.fatal("[ERROR:] in #{name} with message: #{message}\n\n")
+  end
+
+  class MissingRoleConfigFile < StandardError
+    def initialize
+      Cms::Fortress::Error.log_error(self, "missing the roles.yml file in config/roles.yml")
+    end
+  end
+
+  class MissingSettingsFile < StandardError
+    def initialize
+      Cms::Fortress::Error.log_error(self, "missing cms-fortress settings file")
+    end
+  end
+end

data/app/models/cms/fortress/role.rb

@@ -4,6 +4,7 @@ class Cms::Fortress::Role < ActiveRecord::Base
   # attr_accessible :description, :name
   has_many :users
   has_many :role_details
+  belongs_to :site, class_name: "Comfy::Cms::Site", foreign_key: :site_id
   accepts_nested_attributes_for :role_details, allow_destroy: true
 
   def load_defaults
@@ -12,7 +13,7 @@ class Cms::Fortress::Role < ActiveRecord::Base
       load_from_file(file)
     else
       errors[:base] << I18n.t('cms.fortress.admin.errors.missing_roles_yaml_file')
-      raise Error::MissingRoleConfigurationFile
+      raise Cms::Fortress::Error::MissingRoleConfigurationFile
     end
   end
 

data/app/models/cms/fortress/settings.rb

@@ -0,0 +1,17 @@
+class Cms::Fortress::Settings < OpenStruct
+  def initialize(config_file_base_name)
+    @config_file_base_name = config_file_base_name
+    super(load_settings)
+  end
+
+  private
+
+  def load_settings
+    raise Cms::Fortress::Error::MissingSettingsFile unless config_file_exists?
+    YAML.load(ERB.new(File.read(Rails.root.join("config/cms/fortress", "#{@config_file_base_name}.yml"))).result)[Rails.env]
+  end
+
+  def config_file_exists?
+    File.exist?(File.join(Rails.root, "config/cms/fortress", "#{@config_file_base_name}.yml"))
+  end
+end

data/app/models/cms/fortress/user.rb

@@ -9,5 +9,22 @@ class Cms::Fortress::User < ActiveRecord::Base
          :recoverable, :rememberable, :trackable, :validatable, :timeoutable
 
   belongs_to :role
+  belongs_to :site, class_name: "Comfy::Cms::Site", foreign_key: :site_id
 
+  scope :all_super, -> { where(type_id: 1) }
+
+  def self.types
+    {
+      1 => :super_user,
+      2 => :site_user
+    }
+  end
+
+  def type
+    self.class.types[type_id]
+  end
+
+  def display_name
+    "#{ email } (#{ type.to_s.titleize })"
+  end
 end

data/app/models/cms_ability.rb

@@ -16,32 +16,39 @@ class CmsAbility
 
   def initialize(user)
 
-    if user && user.role && user.role.role_details
-      user.role.role_details.each do |role_detail|
-        can :view, role_detail.command if role_detail.can_view?
-        can :manage, role_detail.command if role_detail.can_manage?
+    if user
+      if user.type.eql?(:super_user)
+        can :manage, :all
+      else
+        if user.role && user.role.role_details
+          user.role.role_details.each do |role_detail|
+            can :view, role_detail.command if role_detail.can_view?
+            can :manage, role_detail.command if role_detail.can_manage?
 
-        if role_detail.can_manage?
-          case role_detail.command
-            when 'settings.roles'
-              can :manage, Cms::Fortress::Role
-            when 'settings.sites'
-              can :manage, Comfy::Cms::Site
-            when 'settings.users'
-              can :manage, Cms::Fortress::User
-            when 'contents.pages'
-              can :manage, Comfy::Cms::Page
-            when 'contents.files'
-              can :manage, Comfy::Cms::File
-            when 'designs.layouts'
-              can :manage, Comfy::Cms::Layout
-            when 'designs.snippets'
-              can :manage, Comfy::Cms::Snippet
-            else
-              setup_role(role_detail, user) if defined?(setup_role)
+            if role_detail.can_manage?
+              case role_detail.command
+                when 'settings.roles'
+                  can :manage, Cms::Fortress::Role, site_id: user.site_id
+                when 'settings.sites'
+                  can :update, Comfy::Cms::Site, site_id: user.site_id
+                when 'settings.users'
+                  can :manage, Cms::Fortress::User, site_id: user.site_id
+                when 'contents.pages'
+                  can :manage, Comfy::Cms::Page, site_id: user.site_id
+                when 'contents.files'
+                  can :manage, Comfy::Cms::File, site_id: user.site_id
+                when 'designs.layouts'
+                  can :manage, Comfy::Cms::Layout, site_id: user.site_id
+                when 'designs.snippets'
+                  can :manage, Comfy::Cms::Snippet, site_id: user.site_id
+                else
+                  setup_role(role_detail, user) if defined?(setup_role)
+              end
+            end
           end
         end
       end
+
     end
 
   end

data/app/views/cms/fortress/admin/dashboard.html.haml

@@ -0,0 +1,12 @@
+.page-header
+  %h2
+    = "#{ t(".title") } /"
+    = @site.label
+
+.container-fluid
+  .row
+    .col-sm-6
+      = dashboard_widget t(".draft_widget"), @site.pages.drafted.order(updated_at: :desc).limit(5)
+      = dashboard_widget t(".updated_pages"), @site.pages.order(updated_at: :desc).limit(5)
+    .col-sm-6
+      = dashboard_widget t(".reviewed_widget"), @site.pages.reviewed.order(updated_at: :desc).limit(5)

data/app/views/cms/fortress/shared/_dashboard_widget.html.haml

@@ -0,0 +1,29 @@
+.panel-group(id="accordion-#{ title.parameterize }")
+  .panel.panel-default
+    .panel-heading
+      = title
+      %a.btn.btn-xs.btn-default.pull-right(data-toggle="collapse" href="#cl-#{ title.parameterize }" data-parent="#accordion-#{ title.parameterize }")
+        %span.glyphicon.glyphicon-minus
+
+    .panel-collapse.collapse.in(id="cl-#{ title.parameterize }")
+      .panel-body
+        %ul.list-group
+          - collection.each do |c|
+            %li.list-group-item
+              .row
+                .col-xs-6
+                  = c.label
+                  %br
+                  %small
+                    (
+                    = c.full_path
+                    )
+                .col-xs-6
+                  = link_to edit_comfy_admin_cms_site_page_path(@site, c), class: "btn btn-xs btn-default" do
+                    %span.glyphicon.glyphicon-edit
+                    Edit
+
+                  = link_to comfy_admin_cms_site_page_path(@site, c, preview: true), target: "_blank", method: :put, class: "btn btn-xs btn-default" do
+                    %span.glyphicon.glyphicon-search
+                    Preview
+

data/app/views/cms/fortress/shared/_menu.html.haml

@@ -1,17 +1,19 @@
-%nav.navbar.navbar-default(role="navigation")
-  .container-fluid
-    .navbar-header
-      %button.navbar-toggle(type="button" data-toggle="collapse" data-target="#main-nav")
-        %span.sr-only= t('cms.fortress.toggle_navigation')
-        %span.icon-bar
-        %span.icon-bar
-        %span.icon-bar
-      %a.navbar-brand(href="#")= t('cms.fortress.title')
-
-    .collapse.navbar-collapse#main-nav
-      %ul.nav.navbar-nav
-        - if default_theme?
+- if default_theme?
+  %nav.navbar.navbar-default(role="navigation")
+    .container-fluid
+      .navbar-header
+        %button.navbar-toggle(type="button" data-toggle="collapse" data-target="#main-nav")
+          %span.sr-only= t('cms.fortress.toggle_navigation')
+          %span.icon-bar
+          %span.icon-bar
+          %span.icon-bar
+        = link_to settings.title, settings.title_link, class: 'navbar-brand'
+
+      .collapse.navbar-collapse#main-nav
+        %ul.nav.navbar-nav
           - if @site && !@site.new_record?
+            %li= topnav_item "Dashboard", dashboard_site_path, current_page?(dashboard_site_path)
+
             - if Cms::Fortress.configuration.content_resources.any? {|resource| can? :view, "contents.#{resource[:name]}" }
               = topnav_item t("cms.fortress.contents"), |
                 @site && !@site.new_record? ? comfy_admin_cms_site_pages_path(@site) : comfy_admin_cms_sites_pages_path, |
@@ -25,19 +27,17 @@
             - if Cms::Fortress.configuration.settings_resources.any? {|resource| can? :view, "settings.#{resource[:name]}" }
               = topnav_item t("cms.fortress.settings"), comfy_admin_cms_sites_path, admin_page?
 
-        - else
-          = themed_partial('menu')
-
-        = render 'cms/fortress/admin/topnav'
-
-      - if current_cms_fortress_user
-        .btn-group.pull-right(style="margin-top: 8px;")
-          %button.btn.btn-default.dropdown-toggle(type="button" data-toggle="dropdown")
-            = current_cms_fortress_user.email
-            %span.caret
-          %ul.dropdown-menu(role="menu")
-            %li
-              = link_to t('cms.fortress.logout'), destroy_cms_fortress_user_session_path, :method => 'delete'
+          = render 'cms/fortress/admin/topnav'
 
+        - if current_cms_fortress_user
+          .btn-group.pull-right(style="margin-top: 8px;")
+            %button.btn.btn-default.dropdown-toggle(type="button" data-toggle="dropdown")
+              = current_cms_fortress_user.display_name
+              %span.caret
+            %ul.dropdown-menu(role="menu")
+              %li
+                = link_to t('cms.fortress.logout'), destroy_cms_fortress_user_session_path, :method => 'delete'
 
+- else
+  = themed_partial('menu')