ditty 0.9.1 → 0.10.1

data/spec/spec_helper.rb

@@ -1,5 +1,9 @@
 # frozen_string_literal: true
 
+require 'dotenv'
+Dotenv.load('.env.test')
+Dotenv.overload('.env.test.local')
+
 ENV['APP_ENV'] ||= 'test'
 ENV['RACK_ENV'] ||= 'test'
 require 'simplecov'
@@ -16,7 +20,7 @@ require 'database_cleaner'
 require 'timecop'
 
 if ENV['DATABASE_URL'] == 'sqlite::memory:'
-  folder = File.expand_path(File.dirname(__FILE__) + '/../migrate')
+  folder = File.expand_path("#{File.dirname(__FILE__)}/../migrate")
   Sequel.extension :migration
   Sequel::Migrator.apply(DB, folder)
 

data/views/403.haml

@@ -1,2 +1,2 @@
-%p.lead
+%p.lead.text-center
   Your user is not allowed access to the requested URL.

data/views/500.haml

@@ -0,0 +1,11 @@
+%p.lead.text-center
+  A call to Elasticsearch failed unexpectedly.
+
+- if current_user.admin?
+  %p
+    The error was:
+    %bt
+    = error.message
+  - if current_user.super_admin?
+    %pre
+      %code= error.backtrace.join("\n")

data/views/audit_logs/index.haml

@@ -1,17 +1,17 @@
-= haml :'partials/search'
 .row
-  .col-12
+  .col-md-12
+    = haml :'partials/search'
     %table.table.table-striped.table-bordered.table-hover
       %thead.thead-dark
         %tr
-          %th User email
-          %th Action
-          %th Details
-          %th IP Address
-          %th Browser
-          %th Device
-          %th Platform
-          %th Created at
+          %th= "User #{sort_ui(:user)}"
+          %th= "Action #{sort_ui(:action)}"
+          %th= "Details #{sort_ui(:details)}"
+          %th= "IP Address #{sort_ui(:ip_address)}"
+          %th= "Browser #{sort_ui(:browser)}"
+          %th= "Device #{sort_ui(:device)}"
+          %th= "Platform #{sort_ui(:platform)}"
+          %th= "Created At #{sort_ui(:created_at)}"
       %tbody
         - if list.count > 0
           - list.all.each do |entity|
@@ -32,4 +32,5 @@
           %tr
             %td.text-center{ colspan: 4 } No records
 
-    =pagination(list, base_path)
+- if list.count > 0
+  = pagination(list, base_path)

data/views/auth/forgot_password.haml

@@ -1,27 +1,32 @@
 .container
-  .card.o-hidden.border-0.shadow-lg.my-5
-    .card-body.p-0
-      / Nested Row within Card Body
-      .row
-        .col-lg-6.d-none.d-lg-block.bg-password-image
-        .col-lg-6
-          .p-5
-            .text-center
-              %h1.h4.text-gray-900.mb-2
-                Forgot Your Password?
-              %p.mb-4
-                We get it, stuff happens. Just enter your email address below and we'll send you a link to reset your password!
-            = form_tag("#{settings.map_path}/auth/forgot-password", attributes: { class: 'user' }) do
-              .form-group
-                %input.form-control.form-control-user{ type: 'email',  placeholder: 'Enter Email Address...' }
-              %button.btn.btn-primary.btn-user.btn-block{ type: 'submit' }
-                Reset Password
-            %hr
-            - if policy(::Ditty::User).register?
-              .text-center
-                %a.small{ href: "#{settings.map_path}/auth/register" } Create an Account!
-            .text-center
-              %a.small{ href: "#{settings.map_path}/auth/login" } Already have an account? Login!
-
+  / Outer Row
   .row.justify-content-center
     .col-xl-10.col-lg-12.col-md-9
+      .card.card-default.o-hidden.border-0.shadow-lg.my-5
+        .card-body.p-0
+          / Nested Row within Card Body
+          .row
+            .col-lg-6.d-none.d-lg-block.bg-password-image
+            .col-lg-6
+              .p-5
+                .text-center
+                  %h1.h4.text-gray-900.mb-2
+                    Forgot Your Password?
+                  %p.mb-4
+                    We get it, stuff happens. Just enter your email address below and we'll send you a link to reset your password!
+                .small
+                  = haml :'partials/notifications'
+                = form_tag("#{settings.map_path}/auth/forgot-password", attributes: { class: 'user' }) do
+                  .form-group
+                    %input.form-control.form-control-user{ name: 'email', type: 'email',  placeholder: 'Enter Email Address...' }
+                  %button.btn.btn-primary.btn-user.btn-block{ type: 'submit' }
+                    Reset Password
+                %hr
+                - if policy(::Ditty::User).register?
+                  .text-center
+                    %a.small{ href: "#{settings.map_path}/auth/register" } Create an Account!
+                .text-center
+                  %a.small{ href: "#{settings.map_path}/auth/login" } Already have an account? Login!
+
+      .row.justify-content-center
+        .col-xl-10.col-lg-12.col-md-9

data/views/auth/ldap.haml

@@ -1,7 +1,7 @@
 .row
   .col-sm-2
   .col-sm-8
-    .card.card-default
+    .card.card-default.shadow
       .card-body
         = form_tag("#{settings.map_path}/auth/ldap/callback", attributes: { class: '' }) do
           .form-group

data/views/auth/login.haml

@@ -2,7 +2,7 @@
   / Outer Row
   .row.justify-content-center
     .col-xl-10.col-lg-12.col-md-9
-      .card.o-hidden.border-0.shadow-lg.my-5
+      .card.card-default.o-hidden.border-0.shadow-lg.my-5
         .card-body.p-0
           / Nested Row within Card Body
           .row
@@ -11,6 +11,8 @@
               .p-5
                 .text-center
                   %h1.h4.text-gray-900.mb-4 Welcome Back!
+                .small
+                  = haml :'partials/notifications'
                 - ::Ditty::Services::Authentication.providers.each do |name|
                   - provider = ::Ditty::Services::Authentication[name]
                   - next if provider[:login_prompt].nil?
@@ -18,6 +20,5 @@
                     %a.btn.btn-block.btn-secondary{ href: "#{settings.map_path}/auth/#{name}" }
                       %i.fab.fw{ class: "fa-#{provider[:icon] || 'key'}"}
                       = provider[:login_prompt]
-                = haml :'partials/notifications'
                 - if ::Ditty::Services::Authentication.provides? 'identity'
                   = haml :'auth/identity'

data/views/auth/register.haml

@@ -1,5 +1,5 @@
 .container
-  .card.o-hidden.border-0.shadow-lg.my-5
+  .card.card-default.o-hidden.border-0.shadow-lg.my-5
     .card-body.p-0
       / Nested Row within Card Body
       .row
@@ -8,7 +8,8 @@
           .p-5
             .text-center
               %h1.h4.text-gray-900.mb-4 Create an Account!
-            = haml :'partials/notifications'
+            .small
+              = haml :'partials/notifications'
             - ::Ditty::Services::Authentication.providers.each do |name|
               - provider = ::Ditty::Services::Authentication[name]
               - next if provider[:register_prompt].nil?

data/views/auth/reset_password.haml

@@ -1,19 +1,36 @@
-.row
-  .col-md-2
-  .col-md-8
-    .card.card-default
-      .card-body
-        = edit_form_tag("#{settings.map_path}/auth/reset-password") do
-          %input{ name: 'token', value: params[:token], type: 'hidden' }
-          - if identity.errors[:password] && identity.errors[:password].include?('is not strong enough')
-            .alert.alert-warning
-              %p Make sure your password is at least 8 characters long, and including the following
-              %ul
-                %li Upper- and lowercase letters
-                %li Numbers
-                %li Special Characters
-          = form_control(:password, identity, type: 'password', placeholder: 'Your password', group: 'identity')
-          = form_control(:password_confirmation, identity, type: 'password', label: 'Confirm Password', placeholder: 'Confirm your password', group: 'identity')
-          %button.btn.btn-primary{ type: 'submit' }
-            Reset Password
-  .col-md-2
+.container
+  / Outer Row
+  .row.justify-content-center
+    .col-xl-10.col-lg-12.col-md-9
+      .card.card-default.o-hidden.border-0.shadow-lg.my-5
+        .card-body.p-0
+          / Nested Row within Card Body
+          .row
+            .col-lg-6.d-none.d-lg-block.bg-password-image
+            .col-lg-6
+              .p-5
+                .text-center
+                  %h1.h4.text-gray-900.mb-2
+                    Reset your Password
+                = edit_form_tag("#{settings.map_path}/auth/reset-password") do
+                  %input{ name: 'token', value: params[:token], type: 'hidden' }
+                  - if identity.errors[:password] && identity.errors[:password].include?('is not strong enough')
+                    .alert.alert-warning
+                      %p Make sure your password is at least 8 characters long, and including the following
+                      %ul
+                        %li Upper- and lowercase letters
+                        %li Numbers
+                        %li Special Characters
+                  = form_control(:password, identity, type: 'password', placeholder: 'Your password', group: 'identity')
+                  = form_control(:password_confirmation, identity, type: 'password', label: 'Confirm Password', placeholder: 'Confirm your password', group: 'identity')
+                  %button.btn.btn-primary{ type: 'submit' }
+                    Reset Password
+                %hr
+                - if policy(::Ditty::User).register?
+                  .text-center
+                    %a.small{ href: "#{settings.map_path}/auth/register" } Create an Account!
+                .text-center
+                  %a.small{ href: "#{settings.map_path}/auth/login" } Already have an account? Login!
+
+      .row.justify-content-center
+        .col-xl-10.col-lg-12.col-md-9

data/views/blank.haml

@@ -5,6 +5,7 @@
     %meta{ 'http-equiv' => 'X-UA-Compatible', 'content' => 'IE=edge,chrome=1' }
     %meta{ name: 'viewport', content: 'width=device-width, initial-scale=1' }
     %meta{ name: 'theme-color', content: '#ffffff' }
+    = Rack::Csrf.csrf_metatag(env)
     %link{ rel: 'manifest', href: '/manifest.json' }
     %link{ rel: 'icon', type: 'image/png', sizes: '32x32', href: '/images/favicon-32x32.png' }
     %link{ rel: 'icon', type: 'image/png', sizes: '16x16', href: '/images/favicon-16x16.png' }

data/views/embedded.haml

@@ -5,6 +5,7 @@
     %meta{ 'http-equiv' => 'X-UA-Compatible', 'content' => 'IE=edge,chrome=1' }
     %meta{ name: 'viewport', content: 'width=device-width, initial-scale=1' }
     %meta{ name: 'theme-color', content: '#ffffff' }
+    = Rack::Csrf.csrf_metatag(env)
     %link{ rel: 'manifest', href: '/manifest.json' }
     %link{ rel: 'icon', type: 'image/png', sizes: '32x32', href: '#{request.base_url}/images/favicon-32x32.png' }
     %link{ rel: 'icon', type: 'image/png', sizes: '16x16', href: '#{request.base_url}/images/favicon-16x16.png' }
@@ -20,14 +21,9 @@
     %meta{ name: 'author', content: '' }
 
     / Le styles
-    %link{ rel: 'stylesheet', href: 'https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css', media: 'screen' }
-    %link{ rel: 'stylesheet', href: 'https://cdnjs.cloudflare.com/ajax/libs/startbootstrap-sb-admin-2/3.3.7+1/css/sb-admin-2.min.css', media: 'screen' }
-    %link{ rel: 'stylesheet', href: 'https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css', media: 'screen' }
-    /[if lt IE 9] <script src="https://cdnjs.cloudflare.com/ajax/libs/html5shiv/3.7.3/html5shiv.min.js"></script>
-    /[if lt IE 9] <script src="https://cdnjs.cloudflare.com/ajax/libs/respond.js/1.4.2/respond.min.js"></script>
-
-    %script{ type: 'text/javascript', src: 'https://cdnjs.cloudflare.com/ajax/libs/jquery/3.1.0/jquery.min.js' }
-    %script{ type: 'text/javascript', src: 'https://cdnjs.cloudflare.com/ajax/libs/startbootstrap-sb-admin-2/3.3.7+1/js/sb-admin-2.min.js' }
+    %link{ rel: 'stylesheet', href: '/css/sb-admin-2.min.css', media: 'screen' }
+    %link{ rel: 'stylesheet', href: '/css/styles.css', media: 'screen' }
+    %link{ rel: 'stylesheet', href: 'https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.2/css/all.min.css', media: 'screen' }
   %body
     .container-fluid
       .row
@@ -37,6 +33,16 @@
       = yield
 
     / Placed at the end of the document so the pages load faster
-    %script{ type: 'text/javascript', src: 'https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js' }
-    %script{ type: 'text/javascript', src: 'https://cdnjs.cloudflare.com/ajax/libs/react/15.4.1/react.min.js' }
-    %script{ type: 'text/javascript', src: 'https://cdnjs.cloudflare.com/ajax/libs/Chart.js/2.6.0/Chart.bundle.min.js' }
+    %script{ type: 'text/javascript', src: 'https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js' }
+    %script{ type: 'text/javascript', src: 'https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.3.1/js/bootstrap.min.js' }
+    %script{ type: 'text/javascript', src: 'https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js' }
+    %script{ type: 'text/javascript', src: 'https://cdnjs.cloudflare.com/ajax/libs/jquery-easing/1.4.1/jquery.easing.min.js' }
+    / %script{ type: 'text/javascript', src: 'https://cdnjs.cloudflare.com/ajax/libs/react/16.8.6/umd/react.production.min.js' }
+    %script{ type: 'text/javascript', src: 'https://cdnjs.cloudflare.com/ajax/libs/Chart.js/2.8.0/Chart.min.js' }
+    %script{ type: 'text/javascript', src: 'https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.7/js/select2.min.js' }
+    %script{ type: 'text/javascript', src: '/js/sb-admin-2.min.js' }
+    %script{ type: 'text/javascript', src: '/js/scripts.js' }
+    :javascript
+        $(function() {
+            $('.select2').select2();
+        });

data/views/layout.haml

@@ -5,6 +5,7 @@
     %meta{ 'http-equiv' => 'X-UA-Compatible', 'content' => 'IE=edge,chrome=1' }
     %meta{ name: 'viewport', content: 'width=device-width, initial-scale=1' }
     %meta{ name: 'theme-color', content: '#ffffff' }
+    = Rack::Csrf.csrf_metatag(env)
     %link{ rel: 'manifest', href: '/manifest.json' }
     %link{ rel: 'icon', type: 'image/png', sizes: '32x32', href: '/images/favicon-32x32.png' }
     %link{ rel: 'icon', type: 'image/png', sizes: '16x16', href: '/images/favicon-16x16.png' }
@@ -24,6 +25,20 @@
     %link{ rel: 'stylesheet', href: '/css/styles.css', media: 'screen' }
     %link{ rel: 'stylesheet', href: 'https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.2/css/all.min.css', media: 'screen' }
   %body#page-top
+    / Logout Modal
+    #logoutModal.modal.fade{ tabindex: -1, role: 'dialog', 'aria-hidden': 'true' }
+      .modal-dialog{ role: 'document' }
+        .modal-content
+          .modal-header
+            %h5.modal-title Ready to Leave?
+            %button.close{ type: 'button', 'data-dismiss': 'modal', 'aria-label': 'Close' }
+              %span{ 'aria-hidden': 'true' } ×
+          .modal-body
+            Select "Logout" below if you are ready to end your current session.
+          .modal-footer
+            %button.btn.btn-secondary{ type: 'button', 'data-dismiss': 'modal' } Cancel
+            = delete_form_tag("#{settings.map_path}/auth") do
+              %button.btn.btn-primary{ type: 'submit' } Logout
     / Page Wrapper
     #wrapper
       = haml :'partials/sidebar', locals: { title: (defined?(title) ? title : 'Ditty') }
@@ -36,14 +51,6 @@
             / .row
             /   .col-md-12
             = haml :'partials/notifications'
-            - if defined?(title) || defined?(actions)
-              .row
-                .col-md-9
-                  %h1.text-dark.mb-2= defined?(title) ? title : ' '
-                .col-md-3.text-right.mt-1
-                  = haml :'partials/actions', locals: { actions: defined?(actions) ? actions : {} }
-            - else
-              %div{ style: 'padding-top: 20px' }
 
             = yield
 
@@ -56,6 +63,7 @@
     / Placed at the end of the document so the pages load faster
     %script{ type: 'text/javascript', src: 'https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js' }
     %script{ type: 'text/javascript', src: 'https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.3.1/js/bootstrap.min.js' }
+    %script{ type: 'text/javascript', src: 'https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js' }
     %script{ type: 'text/javascript', src: 'https://cdnjs.cloudflare.com/ajax/libs/jquery-easing/1.4.1/jquery.easing.min.js' }
     / %script{ type: 'text/javascript', src: 'https://cdnjs.cloudflare.com/ajax/libs/react/16.8.6/umd/react.production.min.js' }
     %script{ type: 'text/javascript', src: 'https://cdnjs.cloudflare.com/ajax/libs/Chart.js/2.8.0/Chart.min.js' }

data/views/partials/actions.haml

@@ -1,14 +1,15 @@
-- if actions.count > 1
-  - link, text = actions.shift
-  .btn-group.text-right
-    %a.btn.btn-primary{ href: link }= text
-    %button.btn.btn-primary.dropdown-toggle{ type: 'button', id: 'actions-toggle', data: { toggle: 'dropdown' } }
-      %span.caret
-      %span.sr-only Toggle Dropdown
-    %ul.dropdown-menu{ 'aria-labelledby': 'actions-toggle' }
-      -actions.each do |k, v|
-        %li
-          %a{ href: k }= v
-- elsif actions.count > 0
-  -actions.each do |k, v|
-    %a.btn.btn-primary{ href: k }= v
+- if defined?(actions)
+  - if actions.count > 1
+    - link, text = actions.shift
+    .btn-group.text-right
+      %a.btn.btn-primary{ href: link }= text
+      %button.btn.btn-primary.dropdown-toggle{ type: 'button', id: 'actions-toggle', data: { toggle: 'dropdown' } }
+        %span.caret
+        %span.sr-only Toggle Dropdown
+      %ul.dropdown-menu{ 'aria-labelledby': 'actions-toggle' }
+        -actions.each do |k, v|
+          %li
+            %a{ href: k }= v
+  - elsif actions.count > 0
+    -actions.each do |k, v|
+      %a.btn.btn-primary{ href: k }= v

data/views/partials/filter_control.haml

@@ -1,6 +1,6 @@
 .form-group{ class: total_filters.to_i > 4 ? 'col-3' : 'col-md'}
   %label{ for: "filter_#{name}" }= label
-  %select.form-control{ name: name, id: "filter_#{name}" }
+  %select.form-control.select2{ style: 'width: 100%', name: name, id: "filter_#{name}" }
     %option{ value: '' } -- Select One --
     - options.each do |k,v| k ||= v;  v ||= k;
       %option{ value: k, selected: (params[name].eql? k)}= v

data/views/partials/footer.haml

@@ -1,5 +1,13 @@
 / Footer
 %footer.sticky-footer.bg-light
   .container.my-auto
-    .copyright.text-center.my-auto.text-dark
-      %span Copyright © Ditty.io 2019
+    -if ENV['SKIP_BRANDING'].blank?
+      .copyright.text-center.my-auto.text-dark
+        %p
+          Copyright ©
+          %a{ href: 'https://hackerpla.net/requestd', target: '_blank' }
+            HackerPlanet
+          2020
+        %p.mb-0
+          %a{ href: 'https://hackerpla.net/requestd', target: '_blank' }
+            %img.rounded{ src: 'http://hackerpla.net/wp-content/uploads/2014/07/HP_1C_128x128.png', height: 60 }

data/views/partials/form_tag.haml

@@ -1,5 +1,5 @@
 %form{ { method: %i[get post].include?(form_verb.to_sym) ? form_verb : :post, action: url }.merge(attributes) }
-  = Rack::Csrf.csrf_tag(env) unless ENV['APP_ENV'] == 'test'
+  = Rack::Csrf.csrf_tag(env) unless form_verb.to_sym == :get || ENV['APP_ENV'] == 'test'
   - if form_verb.to_sym == :get && layout
     %input{ name: 'layout', value: layout, type: 'hidden' }
   - if %i[get post].include?(form_verb.to_sym) == false

data/views/partials/navitems.haml

@@ -1,31 +1,29 @@
 - if authenticated?
-  - Ditty::Components.components.each do |key, comp|
-    - next unless comp.respond_to?(:navigation) && comp.navigation.count.positive?
-    - if comp.respond_to?(:title)
-      .sidebar-heading= comp.title
-    - comp.navigation.each do |item|
-      - if item[:target].nil? || policy(item[:target]).list?
-        - if item[:group]
-          %li.nav-item
-            %a.nav-link.collapsed{ href: '#', 'data-toggle': 'collapse', 'data-target': "##{item[:group].parameterize}", 'aria-expanded': 'true', 'aria-controls': item[:group].parameterize }
-              - if item[:icon]
-                %i.fas.fa-fw{ class: "fa-#{item[:icon]}" }
-              %span= item[:group]
-            .collapse{ id: item[:group].parameterize, 'data-parent': '#accordionSidebar' }
-              .bg-white.py-2.collapse-inner.rounded
-                - item[:items].each do |sub_item|
-                  - next unless sub_item[:target] && policy(sub_item[:target]).list?
-                  %a.collapse-item{ href: "#{settings.map_path}#{sub_item[:link]}" }
-                    - if sub_item[:icon]
-                      %i.fa.fa-fw{ class: "fa-#{sub_item[:icon]}" }
-                    = sub_item[:text]
-        - else
-          %li.nav-item
-            %a.nav-link{ href: "#{settings.map_path}#{item[:link]}" }
-              - if item[:icon]
-                %i.fas.fa-fw{ class: "fa-#{item[:icon]}" }
-              %span= item[:text]
-    %hr.sidebar-divider
+  - Ditty::Components.navigation(request).each do |item|
+    - if item[:type] == 'divider'
+      %hr.sidebar-divider.my-0
+    - elsif item[:target].nil? || policy(item[:target]).list?
+      - if item[:group]
+        %li.nav-item
+          %a.nav-link.collapsed{ href: '#', 'data-toggle': 'collapse', 'data-target': "##{item[:group].parameterize}", 'aria-expanded': 'true', 'aria-controls': item[:group].parameterize }
+            - if item[:icon]
+              %i.fas.fa-fw{ class: "fa-#{item[:icon]}" }
+            %span= item[:group]
+          .collapse{ id: item[:group].parameterize, 'data-parent': '#accordionSidebar' }
+            .bg-white.py-2.collapse-inner.rounded
+              - item[:items].each do |sub_item|
+                - next unless sub_item[:target] && policy(sub_item[:target]).list?
+                %a.collapse-item{ href: "#{settings.map_path}#{sub_item[:link]}" }
+                  - if sub_item[:icon]
+                    %i.fa.fa-fw{ class: "fa-#{sub_item[:icon]}" }
+                  = sub_item[:text]
+      - else
+        %li.nav-item
+          %a.nav-link{ href: "#{settings.map_path}#{item[:link]}" }
+            - if item[:icon]
+              %i.fas.fa-fw{ class: "fa-#{item[:icon]}" }
+            %span= item[:text]
+  %hr.sidebar-divider.my-0
   %li.nav-item
     = delete_form_tag("#{settings.map_path}/auth", attributes: { id: 'logout-form' }) do
       %a.nav-link{ type: 'submit', onClick: 'document.getElementById("logout-form").submit()' }