drg_cms 0.5.52.12 → 0.5.52.16
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/app/assets/javascripts/drg_cms/drg_cms.js +17 -2
- data/app/assets/stylesheets/drg_cms/drg_cms.css +16 -3
- data/app/assets/stylesheets/drg_cms/select-multiple.css +1 -1
- data/app/controllers/cmsedit_controller.rb +56 -16
- data/app/controllers/dc_application_controller.rb +83 -1
- data/app/controllers/dc_common_controller.rb +2 -52
- data/app/forms/all_options.yml +27 -4
- data/app/forms/cms_menu.yml +5 -0
- data/app/forms/dc_gallery.yml +53 -0
- data/app/forms/dc_link.yml +16 -10
- data/app/forms/dc_menu_item.yml +5 -0
- data/app/forms/dc_page.yml +1 -2
- data/app/forms/dc_removed_url.yml +42 -0
- data/app/helpers/cmsedit_helper.rb +63 -22
- data/app/helpers/dc_application_helper.rb +35 -11
- data/app/helpers/dc_gallery_renderer.rb +94 -0
- data/app/helpers/dc_page_renderer.rb +20 -3
- data/app/helpers/dc_poll_renderer.rb +6 -7
- data/app/models/concerns/dc_page_concern.rb +1 -1
- data/app/models/dc_filter.rb +15 -7
- data/app/models/dc_gallery.rb +64 -0
- data/app/models/dc_link.rb +1 -0
- data/app/models/dc_memory.rb +19 -4
- data/app/models/dc_page.rb +1 -1
- data/app/models/dc_removed_url.rb +54 -0
- data/app/models/drgcms_form_fields.rb +5 -1649
- data/app/models/drgcms_form_fields/check_box.rb +69 -0
- data/app/models/drgcms_form_fields/comment.rb +49 -0
- data/app/models/drgcms_form_fields/date_picker.rb +102 -0
- data/app/models/drgcms_form_fields/date_select.rb +68 -0
- data/app/models/drgcms_form_fields/date_time_picker.rb +87 -0
- data/app/models/drgcms_form_fields/datetime_select.rb +73 -0
- data/app/models/drgcms_form_fields/drgcms_field.rb +241 -0
- data/app/models/drgcms_form_fields/drgcms_form_fields.rb +25 -0
- data/app/models/drgcms_form_fields/embedded.rb +84 -0
- data/app/models/drgcms_form_fields/file_select.rb +70 -0
- data/app/models/drgcms_form_fields/hidden_field.rb +52 -0
- data/app/models/drgcms_form_fields/html_field.rb +70 -0
- data/app/models/drgcms_form_fields/journal_diff.rb +60 -0
- data/app/models/drgcms_form_fields/link_to.rb +69 -0
- data/app/models/drgcms_form_fields/multitext_autocomplete.rb +195 -0
- data/app/models/drgcms_form_fields/number_field.rb +83 -0
- data/app/models/drgcms_form_fields/password_field.rb +62 -0
- data/app/models/drgcms_form_fields/readonly.rb +79 -0
- data/app/models/drgcms_form_fields/select.rb +164 -0
- data/app/models/drgcms_form_fields/submit_tag.rb +58 -0
- data/app/models/drgcms_form_fields/text_area.rb +68 -0
- data/app/models/drgcms_form_fields/text_autocomplete.rb +143 -0
- data/app/models/drgcms_form_fields/text_field.rb +56 -0
- data/app/models/drgcms_form_fields/text_with_select.rb +92 -0
- data/app/models/drgcms_form_fields/tree_select.rb +150 -0
- data/config/locales/drgcms_en.yml +1 -0
- data/config/locales/drgcms_sl.yml +2 -1
- data/config/locales/models_en.yml +42 -6
- data/config/locales/models_sl.yml +38 -3
- data/lib/drg_cms.rb +1 -1
- data/lib/drg_cms/version.rb +1 -1
- data/lib/tasks/dc_cleanup.rake +1 -1
- metadata +33 -4
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
|
-
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
2
|
+
SHA256:
|
3
|
+
metadata.gz: 4830c6ed53c032e56282ba2b6b2b2e3a3c98630e45ee6a96a3d1f03531081738
|
4
|
+
data.tar.gz: e9bf50040f3dce41deb7b97b4927a58aace756a4060cdfe64e6424188cdb66ae
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: e5f93f0426f8cda2ff394d3233372cd056dbcd0cd140507d392b7db47e68ba57cf47e1f4696ae2da9c4ff2b9ea3331e186750fd88a07221bc0557056c4c47c4d
|
7
|
+
data.tar.gz: 2cd13d6c58e907e6d2133681387d9bb760e5a5a57e34ad25d694737f86cb5fc7ecc74e60adbf12a67e7e1cb3dfe8b23dc35e1463f5e22ce71beb9b5055080424
|
@@ -322,7 +322,7 @@ $(document).ready( function() {
|
|
322
322
|
$('#iframe_cms').load( function() {
|
323
323
|
// alert('bla 1');
|
324
324
|
new_height = this.contentWindow.document.body.offsetHeight + 50;
|
325
|
-
if (new_height < 500
|
325
|
+
if (new_height < 500 && new_height > 60) new_height = 500;
|
326
326
|
this.style.height = new_height + 'px';
|
327
327
|
// scroll to top
|
328
328
|
$('#iframe_cms').dc_scroll_view();
|
@@ -346,7 +346,7 @@ $(document).ready( function() {
|
|
346
346
|
*******************************************************************/
|
347
347
|
$('.dc-link-ajax').on('click', function(e) {
|
348
348
|
// check HTML5 validations
|
349
|
-
if (!$("form")[0].checkValidity() ) {
|
349
|
+
if ($("form")[0] && !$("form")[0].checkValidity() ) {
|
350
350
|
$("form")[0].reportValidity();
|
351
351
|
return false;
|
352
352
|
}
|
@@ -381,6 +381,21 @@ $(document).ready( function() {
|
|
381
381
|
}
|
382
382
|
|
383
383
|
});
|
384
|
+
});
|
385
|
+
|
386
|
+
/*******************************************************************
|
387
|
+
will open a new window with URL specified.
|
388
|
+
********************************************************************/
|
389
|
+
$('.dc-window-open').on('click', function(e) {
|
390
|
+
var url = this.getAttribute("data-url");
|
391
|
+
var title = this.getAttribute("title");
|
392
|
+
var w = 1000;
|
393
|
+
var h = 800;
|
394
|
+
var left = (screen.width/2)-(w/2);
|
395
|
+
var top = (screen.height/2)-(h/2);
|
396
|
+
var win = window.open(url, title, 'toolbar=no, location=no, directories=no, status=no, menubar=no, scrollbars=yes, resizable=no, copyhistory=no, width='+w+', height='+h+', top='+top+', left='+left);
|
397
|
+
win.focus();
|
398
|
+
// $('#bpopup').bPopup({ loadUrl: url, speed: 650, transition: 'slideDown' });
|
384
399
|
});
|
385
400
|
|
386
401
|
/*******************************************************************
|
@@ -93,6 +93,7 @@ padding: 6px 4px;
|
|
93
93
|
border: solid 2px #ddd;
|
94
94
|
border-radius: 2px;
|
95
95
|
font: 14px helvetica;
|
96
|
+
max-width: 100%;
|
96
97
|
}
|
97
98
|
|
98
99
|
textarea:focus, input:focus, select:focus {
|
@@ -270,9 +271,10 @@ display: inline-table;
|
|
270
271
|
#data-fields {margin: 5px;}
|
271
272
|
|
272
273
|
.dc-link {
|
273
|
-
|
274
|
-
|
274
|
+
font-weight: bold;
|
275
|
+
color: #666;
|
275
276
|
text-align: center;
|
277
|
+
padding: 6px;
|
276
278
|
border-radius: 2px;
|
277
279
|
background: transparent linear-gradient(to bottom, #FFF 0%, #F2F2F2 100%) repeat scroll 0% 0%;
|
278
280
|
border: 1px solid #eee;
|
@@ -281,7 +283,9 @@ border: 1px solid #eee;
|
|
281
283
|
.dc-link:hover {
|
282
284
|
background: #ddd;
|
283
285
|
border: 1px solid #ddd;
|
284
|
-
transition: 0.3s;
|
286
|
+
transition: 0.3s;
|
287
|
+
color: #000;
|
288
|
+
cursor: pointer;
|
285
289
|
}
|
286
290
|
|
287
291
|
.dc-link:hover a {
|
@@ -289,6 +293,15 @@ border: 1px solid #eee;
|
|
289
293
|
transition: 0.3s;
|
290
294
|
}
|
291
295
|
|
296
|
+
.dc-link-no {
|
297
|
+
text-align: left;
|
298
|
+
font-weight: bold;
|
299
|
+
padding: 6px;
|
300
|
+
border-radius: 2px;
|
301
|
+
color: #fff;
|
302
|
+
background: #ddd;
|
303
|
+
}
|
304
|
+
|
292
305
|
.dc-link-ajax {
|
293
306
|
text-align: left;
|
294
307
|
font-weight: bold;
|
@@ -207,18 +207,17 @@ def check_filter_options() #:nodoc:
|
|
207
207
|
=end
|
208
208
|
# pagination if required
|
209
209
|
per_page = (@form['result_set']['per_page'] || 30).to_i
|
210
|
-
if per_page > 0
|
211
|
-
@records = @records.page(session[table_name][:page]).per(per_page)
|
212
|
-
end
|
210
|
+
@records = @records.page(session[table_name][:page]).per(per_page) if per_page > 0
|
213
211
|
end
|
214
212
|
|
215
213
|
########################################################################
|
216
|
-
#
|
214
|
+
# Process index action for normal collections.
|
217
215
|
########################################################################
|
218
|
-
def
|
216
|
+
def process_collections #:nodoc
|
219
217
|
# If result_set is not defined on form, then it will fail. :return_to should know where to go
|
220
218
|
if @form['result_set'].nil?
|
221
|
-
|
219
|
+
process_return_to(params[:return_to] || 'reload')
|
220
|
+
return true
|
222
221
|
end
|
223
222
|
# for now enable only filtering of top level documents
|
224
223
|
if @tables.size == 1
|
@@ -232,7 +231,8 @@ def index
|
|
232
231
|
# something iz wrong. flash[] should have explanation.
|
233
232
|
if @records.class == FalseClass
|
234
233
|
@records = []
|
235
|
-
|
234
|
+
render(action: :index)
|
235
|
+
return true
|
236
236
|
end
|
237
237
|
# pagination but only if not already set
|
238
238
|
unless (@form['table'] == 'dc_memory' or @records.options[:limit])
|
@@ -253,8 +253,35 @@ def index
|
|
253
253
|
end
|
254
254
|
end
|
255
255
|
end
|
256
|
-
|
257
|
-
|
256
|
+
false
|
257
|
+
end
|
258
|
+
|
259
|
+
########################################################################
|
260
|
+
# Process index action for in memory data.
|
261
|
+
########################################################################
|
262
|
+
def process_in_memory #:nodoc
|
263
|
+
@records = []
|
264
|
+
# result set is defined by filter method in control object
|
265
|
+
if (method = @form['result_set']['filter'])
|
266
|
+
send(method) if respond_to?(method)
|
267
|
+
end
|
268
|
+
# result set is defined by class method
|
269
|
+
if (klass_method = @form['result_set']['filter_method'])
|
270
|
+
_klass, method = klass_method.split('.')
|
271
|
+
klass = _klass.classify.constantize
|
272
|
+
@records = klass.send(method) if klass.respond_to?(method)
|
273
|
+
end
|
274
|
+
false
|
275
|
+
end
|
276
|
+
|
277
|
+
########################################################################
|
278
|
+
# Indx action
|
279
|
+
########################################################################
|
280
|
+
def index
|
281
|
+
redirected = (@form['table'] == 'dc_memory' ? process_in_memory : process_collections)
|
282
|
+
return if redirected
|
283
|
+
#
|
284
|
+
call_callback_method(@form['result_set']['footer'] || 'dc_footer')
|
258
285
|
respond_to do |format|
|
259
286
|
format.html { render action: :index }
|
260
287
|
format.js { render partial: :result }
|
@@ -471,7 +498,9 @@ def update
|
|
471
498
|
params[:return_to] = 'index' if params[:commit] == t('drgcms.save&back') # save & back
|
472
499
|
@parms['action'] = 'update'
|
473
500
|
# Process return_to link
|
474
|
-
return process_return_to(params[:return_to]) if params[:return_to]
|
501
|
+
return process_return_to(params[:return_to]) if params[:return_to]
|
502
|
+
else
|
503
|
+
return render action: :edit
|
475
504
|
end
|
476
505
|
else
|
477
506
|
flash[:error] = t('drgcms.not_authorized')
|
@@ -505,6 +534,7 @@ def destroy
|
|
505
534
|
when !ok2delete then
|
506
535
|
flash[:error] = t('drgcms.not_authorized')
|
507
536
|
return index
|
537
|
+
|
508
538
|
when params['operation'].nil? then
|
509
539
|
# Process before delete callback
|
510
540
|
if (m = callback_method('before_delete') )
|
@@ -517,13 +547,18 @@ def destroy
|
|
517
547
|
save_journal(:delete)
|
518
548
|
flash[:info] = t('drgcms.record_deleted')
|
519
549
|
# Process after delete callback
|
520
|
-
if (m = callback_method('after_delete') )
|
550
|
+
if (m = callback_method('after_delete') )
|
551
|
+
call_callback_method(m)
|
552
|
+
elsif params['after-delete'].to_s.match('return_to')
|
553
|
+
params[:return_to] = params['after-delete']
|
554
|
+
end
|
521
555
|
# Process return_to link
|
522
556
|
return process_return_to(params[:return_to]) if params[:return_to]
|
523
557
|
else
|
524
558
|
flash[:error] = dc_error_messages_for(@record)
|
525
559
|
end
|
526
560
|
return index
|
561
|
+
|
527
562
|
# deaktivate document
|
528
563
|
when params['operation'] == 'disable' then
|
529
564
|
if @record.respond_to?('active')
|
@@ -533,6 +568,7 @@ def destroy
|
|
533
568
|
@record.save
|
534
569
|
flash[:info] = t('drgcms.doc_disabled')
|
535
570
|
end
|
571
|
+
|
536
572
|
# reaktivate document
|
537
573
|
when params['operation'] == 'enable' then
|
538
574
|
if @record.respond_to?('active')
|
@@ -542,6 +578,10 @@ def destroy
|
|
542
578
|
@record.save
|
543
579
|
flash[:info] = t('drgcms.doc_enabled')
|
544
580
|
end
|
581
|
+
|
582
|
+
# reorder documents
|
583
|
+
when params['operation'] == 'reorder' then
|
584
|
+
|
545
585
|
end
|
546
586
|
#
|
547
587
|
@parms['action'] = 'update'
|
@@ -588,8 +628,7 @@ def read_drg_cms_form
|
|
588
628
|
# split ids passed when embedded document
|
589
629
|
ids = params[:ids].to_s.strip.downcase
|
590
630
|
@ids = ids.split(';').inject([]) { |r,v| r << v }
|
591
|
-
#
|
592
|
-
dc_deprecate("Parameter :formname will be deprecated in future. Use :form_name instead") if params[:formname]
|
631
|
+
# form_name defaults to last table specified
|
593
632
|
form_name = params[:form_name] || @tables.last[1]
|
594
633
|
@form = YAML.load_file( dc_find_form_file(form_name) ) rescue nil
|
595
634
|
return unless @form
|
@@ -621,9 +660,10 @@ def check_authorization
|
|
621
660
|
# Just show menu
|
622
661
|
# return show if params[:action] == 'show'
|
623
662
|
return login if params[:id].in?(%w(login logout))
|
663
|
+
table = params[:table].to_s.strip.downcase
|
624
664
|
# request shouldn't pass
|
625
|
-
if
|
626
|
-
!dc_user_can(DcPermission::CAN_VIEW)
|
665
|
+
if table != 'dc_memory' and
|
666
|
+
(session[:user_roles].nil? or table.size < 3 or !dc_user_can(DcPermission::CAN_VIEW))
|
627
667
|
return render(action: 'error', locals: { error: t('drgcms.not_authorized')} )
|
628
668
|
end
|
629
669
|
|
@@ -729,7 +769,7 @@ def callback_method(key) #:nodoc:
|
|
729
769
|
when params['data'] && params['data'][data_key] then params['data'][data_key]
|
730
770
|
# if dc_ + key method is present in model then it will be called automatically
|
731
771
|
when respond_to?('dc_' + key) then 'dc_' + key
|
732
|
-
when params[
|
772
|
+
when params[data_key] then params[data_key]
|
733
773
|
else nil
|
734
774
|
end
|
735
775
|
#
|
@@ -206,12 +206,20 @@ def dc_user_can(permission, table=params[:table])
|
|
206
206
|
end
|
207
207
|
|
208
208
|
####################################################################
|
209
|
-
# Detects if called from mobile agent according to http://detectmobilebrowsers.com/
|
209
|
+
# Detects if called from mobile agent according to http://detectmobilebrowsers.com/
|
210
|
+
# and set session[:is_mobile]
|
211
|
+
#
|
212
|
+
# Detect also if caller is a robot and set session[:is_robot]
|
210
213
|
####################################################################
|
211
214
|
def dc_set_is_mobile
|
212
215
|
is_mobile = request.user_agent ? /(android|bb\d+|meego).+mobile|avantgo|bada\/|blackberry|blazer|compal|elaine|fennec|hiptop|iemobile|ip(hone|od)|iris|kindle|lge |maemo|midp|mmp|netfront|opera m(ob|in)i|palm( os)?|phone|p(ixi|re)\/|plucker|pocket|psp|series(4|6)0|symbian|treo|up\.(browser|link)|vodafone|wap|windows (ce|phone)|xda|xiino/i.match(request.user_agent) || /1207|6310|6590|3gso|4thp|50[1-6]i|770s|802s|a wa|abac|ac(er|oo|s\-)|ai(ko|rn)|al(av|ca|co)|amoi|an(ex|ny|yw)|aptu|ar(ch|go)|as(te|us)|attw|au(di|\-m|r |s )|avan|be(ck|ll|nq)|bi(lb|rd)|bl(ac|az)|br(e|v)w|bumb|bw\-(n|u)|c55\/|capi|ccwa|cdm\-|cell|chtm|cldc|cmd\-|co(mp|nd)|craw|da(it|ll|ng)|dbte|dc\-s|devi|dica|dmob|do(c|p)o|ds(12|\-d)|el(49|ai)|em(l2|ul)|er(ic|k0)|esl8|ez([4-7]0|os|wa|ze)|fetc|fly(\-|_)|g1 u|g560|gene|gf\-5|g\-mo|go(\.w|od)|gr(ad|un)|haie|hcit|hd\-(m|p|t)|hei\-|hi(pt|ta)|hp( i|ip)|hs\-c|ht(c(\-| |_|a|g|p|s|t)|tp)|hu(aw|tc)|i\-(20|go|ma)|i230|iac( |\-|\/)|ibro|idea|ig01|ikom|im1k|inno|ipaq|iris|ja(t|v)a|jbro|jemu|jigs|kddi|keji|kgt( |\/)|klon|kpt |kwc\-|kyo(c|k)|le(no|xi)|lg( g|\/(k|l|u)|50|54|\-[a-w])|libw|lynx|m1\-w|m3ga|m50\/|ma(te|ui|xo)|mc(01|21|ca)|m\-cr|me(rc|ri)|mi(o8|oa|ts)|mmef|mo(01|02|bi|de|do|t(\-| |o|v)|zz)|mt(50|p1|v )|mwbp|mywa|n10[0-2]|n20[2-3]|n30(0|2)|n50(0|2|5)|n7(0(0|1)|10)|ne((c|m)\-|on|tf|wf|wg|wt)|nok(6|i)|nzph|o2im|op(ti|wv)|oran|owg1|p800|pan(a|d|t)|pdxg|pg(13|\-([1-8]|c))|phil|pire|pl(ay|uc)|pn\-2|po(ck|rt|se)|prox|psio|pt\-g|qa\-a|qc(07|12|21|32|60|\-[2-7]|i\-)|qtek|r380|r600|raks|rim9|ro(ve|zo)|s55\/|sa(ge|ma|mm|ms|ny|va)|sc(01|h\-|oo|p\-)|sdk\/|se(c(\-|0|1)|47|mc|nd|ri)|sgh\-|shar|sie(\-|m)|sk\-0|sl(45|id)|sm(al|ar|b3|it|t5)|so(ft|ny)|sp(01|h\-|v\-|v )|sy(01|mb)|t2(18|50)|t6(00|10|18)|ta(gt|lk)|tcl\-|tdg\-|tel(i|m)|tim\-|t\-mo|to(pl|sh)|ts(70|m\-|m3|m5)|tx\-9|up(\.b|g1|si)|utst|v400|v750|veri|vi(rg|te)|vk(40|5[0-3]|\-v)|vm40|voda|vulc|vx(52|53|60|61|70|80|81|83|85|98)|w3c(\-| )|webc|whit|wi(g |nc|nw)|wmlb|wonu|x700|yas\-|your|zeto|zte\-/i.match(request.user_agent[0..3])
|
213
216
|
: false
|
214
217
|
session[:is_mobile] = is_mobile ? 1 : 0
|
218
|
+
#
|
219
|
+
if request.env["HTTP_USER_AGENT"] and request.env["HTTP_USER_AGENT"].match(/\(.*https?:\/\/.*\)/)
|
220
|
+
logger.info "ROBOT: #{Time.now.strftime('%Y.%m.%d %H:%M:%S')} id=#{@page.id} ip=#{request.remote_ip}."
|
221
|
+
session[:is_robot] = true
|
222
|
+
end
|
215
223
|
end
|
216
224
|
|
217
225
|
|
@@ -576,4 +584,78 @@ def dc_deprecate(msg)
|
|
576
584
|
ActiveSupport::Deprecation.warn("#{dc_get_site.name}: #{msg}")
|
577
585
|
end
|
578
586
|
|
587
|
+
####################################################################
|
588
|
+
# Clears all session data related to login.
|
589
|
+
####################################################################
|
590
|
+
def clear_login_data
|
591
|
+
session[:edit_mode] = 0
|
592
|
+
session[:user_id] = nil
|
593
|
+
session[:user_name] = nil
|
594
|
+
session[:user_roles] = nil
|
595
|
+
cookies.delete :remember_me
|
596
|
+
end
|
597
|
+
|
598
|
+
####################################################################
|
599
|
+
# Fills session with data related to successful login.
|
600
|
+
#
|
601
|
+
# @param [DcUser] user : User's document
|
602
|
+
# @param [Boolean] remember_me : false by default
|
603
|
+
####################################################################
|
604
|
+
def fill_login_data(user, remember_me=false)
|
605
|
+
session[:user_id] = user.id if user
|
606
|
+
session[:user_name] = user.name if user
|
607
|
+
session[:edit_mode] = 0
|
608
|
+
session[:user_roles] = []
|
609
|
+
# Every user has guest role
|
610
|
+
guest = DcPolicyRole.find_by(system_name: 'guest')
|
611
|
+
session[:user_roles] << guest.id if guest
|
612
|
+
return unless user and user.active
|
613
|
+
# special for SUPERADMIN
|
614
|
+
sa = DcPolicyRole.find_by(system_name: 'superadmin')
|
615
|
+
if sa and (role = user.dc_user_roles.find_by(dc_policy_role_id: sa.id))
|
616
|
+
session[:user_roles] << role.dc_policy_role_id
|
617
|
+
session[:edit_mode] = 2
|
618
|
+
return
|
619
|
+
end
|
620
|
+
# read default policy from site. Policy might be inherited
|
621
|
+
policy_site = dc_get_site()
|
622
|
+
policy_site = DcSite.find(policy_site.inherit_policy) if policy_site.inherit_policy
|
623
|
+
default_policy = policy_site.dc_policies.find_by(is_default: true)
|
624
|
+
# load user roles
|
625
|
+
user.dc_user_roles.each do |role|
|
626
|
+
next unless role.active
|
627
|
+
next if role.valid_from and role.valid_from > Time.now.end_of_day.to_date
|
628
|
+
next if role.valid_to and role.valid_to < Time.now.to_date
|
629
|
+
# check if role is active in this site
|
630
|
+
policy_role = default_policy.dc_policy_rules.find_by(dc_policy_role_id: role.dc_policy_role_id)
|
631
|
+
next unless policy_role
|
632
|
+
# set edit_mode
|
633
|
+
session[:edit_mode] = 1 if policy_role.permission > 1
|
634
|
+
session[:user_roles] << role.dc_policy_role_id
|
635
|
+
end
|
636
|
+
# Save remember me cookie if not CMS user and remember me is selected
|
637
|
+
if session[:edit_mode] == 0 and remember_me
|
638
|
+
cookies.signed[:remember_me] = { :value => user.id, :expires => 180.days.from_now}
|
639
|
+
end
|
640
|
+
end
|
641
|
+
|
642
|
+
##########################################################################
|
643
|
+
# Will check if user's login data is stil valid and reload user roles.
|
644
|
+
#
|
645
|
+
# @param [Time] repeat_after : Check is repeated after time. This is by default performed every 24 hours.
|
646
|
+
##########################################################################
|
647
|
+
def dc_check_user_still_valid(repeat_after=1.day)
|
648
|
+
# not needed
|
649
|
+
return if session[:user_id].nil?
|
650
|
+
# last check more than a day ago
|
651
|
+
if (session[:user_chk] ||= Time.now) < repeat_after.ago
|
652
|
+
user_id = session[:user_id]
|
653
|
+
clear_login_data
|
654
|
+
# reload user roles
|
655
|
+
user = DcUser.find( user_id ) rescue nil
|
656
|
+
fill_login_data(user)
|
657
|
+
session[:user_chk] = Time.now
|
658
|
+
end
|
659
|
+
end
|
660
|
+
|
579
661
|
end
|
@@ -105,7 +105,7 @@ def process_login
|
|
105
105
|
return dc_render_404 unless ( params[:record] and params[:record][:username] and params[:record][:password] )
|
106
106
|
|
107
107
|
unless params[:record][:password].blank? #password must not be empty
|
108
|
-
user = DcUser.find_by(username: params[:record][:username])
|
108
|
+
user = DcUser.find_by(username: params[:record][:username], active: true)
|
109
109
|
if user and user.authenticate(params[:record][:password])
|
110
110
|
fill_login_data(user, params[:record][:remember_me].to_i == 1)
|
111
111
|
return redirect_to params[:return_to] || '/'
|
@@ -130,7 +130,7 @@ end
|
|
130
130
|
def login
|
131
131
|
if cookies.signed[:remember_me]
|
132
132
|
user = DcUser.find(cookies.signed[:remember_me])
|
133
|
-
if user
|
133
|
+
if user and user.active
|
134
134
|
fill_login_data(user, true)
|
135
135
|
return redirect_to params[:return_to]
|
136
136
|
|
@@ -282,54 +282,4 @@ def process_document(line, table, id, ids)
|
|
282
282
|
msg ? " ERROR! #{msg}" : " NEW. OK."
|
283
283
|
end
|
284
284
|
|
285
|
-
####################################################################
|
286
|
-
# Clears all session data related to login.
|
287
|
-
####################################################################
|
288
|
-
def clear_login_data
|
289
|
-
session[:edit_mode] = 0
|
290
|
-
session[:user_id] = nil
|
291
|
-
session[:user_name] = nil
|
292
|
-
session[:user_roles] = nil
|
293
|
-
cookies.delete :remember_me
|
294
|
-
end
|
295
|
-
|
296
|
-
####################################################################
|
297
|
-
# Fills session with data related to successful login.
|
298
|
-
####################################################################
|
299
|
-
def fill_login_data(user, remember_me)
|
300
|
-
session[:user_id] = user.id
|
301
|
-
session[:user_name] = user.name
|
302
|
-
session[:edit_mode] = 0
|
303
|
-
session[:user_roles] = []
|
304
|
-
|
305
|
-
# special for SUPERADMIN
|
306
|
-
sa = DcPolicyRole.find_by(system_name: 'superadmin')
|
307
|
-
if sa and (role = user.dc_user_roles.find_by(dc_policy_role_id: sa.id))
|
308
|
-
session[:user_roles] << role.dc_policy_role_id
|
309
|
-
session[:edit_mode] = 2
|
310
|
-
return
|
311
|
-
end
|
312
|
-
# Every user has guest role
|
313
|
-
guest = DcPolicyRole.find_by(system_name: 'guest')
|
314
|
-
session[:user_roles] << guest.id if guest
|
315
|
-
# read default policy from site
|
316
|
-
default_policy = dc_get_site().dc_policies.find_by(is_default: true)
|
317
|
-
# load user roles
|
318
|
-
user.dc_user_roles.each do |role|
|
319
|
-
next unless role.active
|
320
|
-
next if role.valid_from and role.valid_from > Time.now.end_of_day.to_date
|
321
|
-
next if role.valid_to and role.valid_to < Time.now.to_date
|
322
|
-
# check if role is active in this site
|
323
|
-
policy_role = default_policy.dc_policy_rules.find_by(dc_policy_role_id: role.dc_policy_role_id)
|
324
|
-
next unless policy_role
|
325
|
-
# set edit_mode
|
326
|
-
session[:edit_mode] = 1 if policy_role.permission > 1
|
327
|
-
session[:user_roles] << role.dc_policy_role_id
|
328
|
-
end
|
329
|
-
# Save remember me cookie if not CMS user and remember me is selected
|
330
|
-
if session[:edit_mode] == 0 and remember_me
|
331
|
-
cookies.signed[:remember_me] = { :value => user.id, :expires => 180.days.from_now}
|
332
|
-
end
|
333
|
-
end
|
334
|
-
|
335
285
|
end
|
data/app/forms/all_options.yml
CHANGED
@@ -27,6 +27,9 @@ index:
|
|
27
27
|
url: some_url
|
28
28
|
caption: Some caption
|
29
29
|
title: Text for mouse over
|
30
|
+
html:
|
31
|
+
class: dc-link-spinner
|
32
|
+
data-confirm: Confirm dialog text.
|
30
33
|
|
31
34
|
3:
|
32
35
|
type: link
|
@@ -41,6 +44,7 @@ index:
|
|
41
44
|
|
42
45
|
result_set:
|
43
46
|
filter: custom_filter
|
47
|
+
footer: custom_footer
|
44
48
|
actions_width: 100
|
45
49
|
per_page: 10
|
46
50
|
table_style: 'color: green;'
|
@@ -109,17 +113,36 @@ form:
|
|
109
113
|
actions:
|
110
114
|
5:
|
111
115
|
type: ajax
|
112
|
-
controller:
|
113
|
-
action:
|
116
|
+
controller: ctrl
|
117
|
+
action: action
|
114
118
|
method: (get),put,post
|
115
|
-
caption:
|
119
|
+
caption: ajax_call
|
120
|
+
when_new: false
|
121
|
+
5:
|
122
|
+
type: window
|
123
|
+
controller: cmsedit
|
124
|
+
form_name: form
|
125
|
+
table: table
|
126
|
+
action: edit
|
127
|
+
method: (get),put,post
|
128
|
+
caption: Edit linked document
|
129
|
+
when_new: false
|
130
|
+
params:
|
131
|
+
id:
|
132
|
+
object: record (can be omitted)
|
133
|
+
method: page_id
|
134
|
+
user:
|
135
|
+
object: session
|
136
|
+
method: user_id
|
137
|
+
|
116
138
|
6:
|
117
139
|
type: script
|
118
140
|
caption: Cancle
|
119
|
-
js: parent.reload();
|
141
|
+
js: parent.location.reload();
|
120
142
|
7:
|
121
143
|
type: submit
|
122
144
|
caption: Send
|
145
|
+
when_new: false
|
123
146
|
params:
|
124
147
|
before-save: send_mail
|
125
148
|
after-save: return_to parent.reload
|