fat_free_crm 0.17.3 → 0.18.0

data/app/controllers/admin/field_groups_controller.rb

@@ -80,6 +80,13 @@ class Admin::FieldGroupsController < Admin::ApplicationController
   protected
 
   def field_group_params
-    params[:field_group].permit!
+    params.require(:field_group).permit(
+      :name,
+      :label,
+      :position,
+      :hint,
+      :tag_id,
+      :klass_name
+    )
   end
 end

data/app/controllers/admin/fields_controller.rb

@@ -43,10 +43,10 @@ class Admin::FieldsController < Admin::ApplicationController
   def create
     as = field_params[:as]
     @field =
-      if as =~ /pair/
+      if as.match?(/pair/)
         CustomFieldPair.create_pair(params).first
       elsif as.present?
-        klass = Field.lookup_class(as).classify.constantize
+        klass = find_class(Field.lookup_class(as))
         klass.create(field_params)
       else
         Field.new(field_params).tap(&:valid?)
@@ -59,7 +59,7 @@ class Admin::FieldsController < Admin::ApplicationController
   # PUT /fields/1.xml                                                    AJAX
   #----------------------------------------------------------------------------
   def update
-    if field_params[:as] =~ /pair/
+    if field_params[:as].match?(/pair/)
       @field = CustomFieldPair.update_pair(params).first
     else
       @field = Field.find(params[:id])
@@ -102,7 +102,7 @@ class Admin::FieldsController < Admin::ApplicationController
                Field.find(id).tap { |f| f.as = as }
              else
                field_group_id = field[:field_group_id]
-               klass = Field.lookup_class(as).classify.constantize
+               klass = find_class(Field.lookup_class(as))
                klass.new(field_group_id: field_group_id, as: as)
       end
 

data/app/controllers/admin/groups_controller.rb

@@ -62,7 +62,7 @@ class Admin::GroupsController < Admin::ApplicationController
   protected
 
   def group_params
-    params[:group].permit!
+    params.require(:group).permit(:name, user_ids: [])
   end
 
   def setup_current_tab

data/app/controllers/admin/tags_controller.rb

@@ -68,7 +68,7 @@ class Admin::TagsController < Admin::ApplicationController
   protected
 
   def tag_params
-    params[:tag].permit!
+    params.require(:tag).permit(:name, :taggings_count)
   end
 
   def setup_current_tab

data/app/controllers/application_controller.rb

@@ -281,4 +281,15 @@ class ApplicationController < ActionController::Base
       render plain: ''
     end
   end
+
+  def find_class(asset)
+    Rails.application.eager_load! unless Rails.application.config.cache_classes
+    classes = ActiveRecord::Base.descendants.map(&:name)
+    find = classes.find { |m| m == asset.classify }
+    if find
+      find.safe_constantize
+    else
+      raise "Unknown resource"
+    end
+  end
 end

data/app/controllers/authentications_controller.rb

@@ -21,7 +21,7 @@ class AuthenticationsController < ApplicationController
 
   #----------------------------------------------------------------------------
   def create
-    @authentication = Authentication.new(params[:authentication].permit(:username, :password, :remember_me))
+    @authentication = Authentication.new(params[:authentication].permit(:username, :password, :remember_me).to_h)
 
     if @authentication.save && !@authentication.user.suspended?
       flash[:notice] = t(:msg_welcome)

data/app/controllers/comments_controller.rb

@@ -15,7 +15,7 @@ class CommentsController < ApplicationController
   def index
     @commentable = extract_commentable_name(params)
     if @commentable
-      @asset = @commentable.classify.constantize.my(current_user).find(params[:"#{@commentable}_id"])
+      @asset = find_class(@commentable).my(current_user).find(params[:"#{@commentable}_id"])
       @comments = @asset.comments.order("created_at DESC")
     end
     respond_with(@comments) do |format|
@@ -35,9 +35,9 @@ class CommentsController < ApplicationController
   def edit
     @comment = Comment.find(params[:id])
 
-    model = @comment.commentable_type
+    model = find_class(@comment.commentable_type)
     id = @comment.commentable_id
-    unless model.constantize.my(current_user).find_by_id(id)
+    unless model.my(current_user).find_by_id(id)
       respond_to_related_not_found(model.downcase)
     end
   end
@@ -51,13 +51,13 @@ class CommentsController < ApplicationController
       comment_params.merge(user_id: current_user.id)
     )
     # Make sure commentable object exists and is accessible to the current user.
-    model = @comment.commentable_type
+    model = find_class(@comment.commentable_type)
     id = @comment.commentable_id
-    if model.constantize.my(current_user).find_by_id(id)
+    if model.my(current_user).find_by_id(id)
       @comment.save
       respond_with(@comment)
     else
-      respond_to_related_not_found(model.downcase)
+      respond_to_related_not_found(model.name.downcase)
     end
   end
 
@@ -85,7 +85,15 @@ class CommentsController < ApplicationController
 
   def comment_params
     return {} unless params[:comment]
-    params[:comment].permit!
+    params.require(:comment).permit(
+      :user_id,
+      :commentable_type,
+      :commentable_id,
+      :private,
+      :title,
+      :comment,
+      :state
+    )
   end
 
   private

data/app/controllers/entities/campaigns_controller.rb

@@ -196,8 +196,13 @@ class CampaignsController < EntitiesController
                              other: 0
     ]
     Setting.campaign_status.each do |key|
-      @campaign_status_total[key] = Campaign.my(current_user).where(status: key.to_s).count
-      @campaign_status_total[:other] -= @campaign_status_total[key]
+      @campaign_status_total[key] = 0
+    end
+
+    status_counts = Campaign.my(current_user).where(status: Setting.campaign_status).group(:status).count
+    status_counts.each do |key, total|
+      @campaign_status_total[key.to_sym] = total
+      @campaign_status_total[:other] -= total
     end
     @campaign_status_total[:other] += @campaign_status_total[:all]
   end

data/app/controllers/entities/leads_controller.rb

@@ -248,10 +248,17 @@ class LeadsController < EntitiesController
                            all: Lead.my(current_user).count,
                            other: 0
       ]
+
       Setting.lead_status.each do |key|
-        @lead_status_total[key] = Lead.my(current_user).where(status: key.to_s).count
-        @lead_status_total[:other] -= @lead_status_total[key]
+        @lead_status_total[key] = 0
+      end
+
+      status_counts = Lead.my(current_user).where(status: Setting.lead_status).group(:status).count
+      status_counts.each do |key, total|
+        @lead_status_total[key.to_sym] = total
+        @lead_status_total[:other] -= total
       end
+
       @lead_status_total[:other] += @lead_status_total[:all]
     end
   end

data/app/controllers/entities/opportunities_controller.rb

@@ -169,6 +169,10 @@ class OpportunitiesController < EntitiesController
 
   private
 
+  def order_by_attributes(scope, order)
+    scope.weighted_sort.order(order)
+  end
+
   #----------------------------------------------------------------------------
   alias get_opportunities get_list_of_records
 
@@ -207,9 +211,16 @@ class OpportunitiesController < EntitiesController
                                  all: Opportunity.my(current_user).count,
                                  other: 0
       ]
+      stages = []
       @stage.each do |_value, key|
-        @opportunity_stage_total[key] = Opportunity.my(current_user).where(stage: key.to_s).count
-        @opportunity_stage_total[:other] -= @opportunity_stage_total[key]
+        stages << key
+        @opportunity_stage_total[key] = 0
+      end
+
+      stage_counts = Opportunity.my(current_user).where(stage: stages).group(:stage).count
+      stage_counts.each do |key, total|
+        @opportunity_stage_total[key.to_sym] = total
+        @opportunity_stage_total[:other] -= total
       end
       @opportunity_stage_total[:other] += @opportunity_stage_total[:all]
     end

data/app/controllers/entities_controller.rb

@@ -22,7 +22,7 @@ class EntitiesController < ApplicationController
   # Common attach handler for all core controllers.
   #----------------------------------------------------------------------------
   def attach
-    @attachment = params[:assets].classify.constantize.find(params[:asset_id])
+    @attachment = find_class(params[:assets]).find(params[:asset_id])
     @attached = entity.attach!(@attachment)
     entity.reload
 
@@ -32,7 +32,7 @@ class EntitiesController < ApplicationController
   # Common discard handler for all core controllers.
   #----------------------------------------------------------------------------
   def discard
-    @attachment = params[:attachment].constantize.find(params[:attachment_id])
+    @attachment = find_class(params[:attachment]).find(params[:attachment_id])
     entity.discard!(@attachment)
     entity.reload
 
@@ -152,16 +152,16 @@ class EntitiesController < ApplicationController
       scope = scope.state(filter) if filter.present?
     end
 
-    scope = scope.text_search(query)              if query.present?
+    scope = scope.text_search(query) if query.present?
     scope = scope.tagged_with(tags, on: :tags) if tags.present?
 
     # Ignore this order when doing advanced search
     unless advanced_search
       order = current_user.pref[:"#{controller_name}_sort_by"] || klass.sort_by
-      scope = scope.order(order)
+      scope = order_by_attributes(scope, order)
     end
 
-    @search_results_count = scope.count
+    @search_results_count = scope.size
 
     # Pagination is disabled for xls and csv requests
     unless wants.xls? || wants.csv?
@@ -178,6 +178,11 @@ class EntitiesController < ApplicationController
     scope
   end
 
+  #----------------------------------------------------------------------------
+  def order_by_attributes(scope, order)
+    scope.order(order)
+  end
+
   #----------------------------------------------------------------------------
   def update_recently_viewed
     entity.versions.create(event: :view, whodunnit: PaperTrail.whodunnit)

data/app/controllers/lists_controller.rb

@@ -33,6 +33,10 @@ class ListsController < ApplicationController
   protected
 
   def list_params
-    params[:list].permit!
+    params.require(:list).permit(
+      :name,
+      :url,
+      :user_id
+    )
   end
 end

data/app/controllers/tasks_controller.rb

@@ -173,7 +173,21 @@ class TasksController < ApplicationController
 
   def task_params
     return {} unless params[:task]
-    params[:task].permit!
+    params.require(:task).permit(
+      :user_id,
+      :assigned_to,
+      :completed_by,
+      :name,
+      :asset_id,
+      :asset_type,
+      :priority,
+      :category,
+      :bucket,
+      :due_at,
+      :completed_at,
+      :deleted_at,
+      :background_info
+    )
   end
 
   private

data/app/helpers/accounts_helper.rb

@@ -26,7 +26,7 @@ module AccountsHelper
   # and prepends the currently selected account, if any.
   #----------------------------------------------------------------------------
   def account_select(options = {})
-    options[:selected] = @account&.id || 0
+    options[:selected] = @account&.id.to_i
     accounts = ([@account.new_record? ? nil : @account] + Account.my(current_user).order(:name).limit(25)).compact.uniq
     collection_select :account, :id, accounts, :id, :name,
                       { include_blank: true },

data/app/helpers/application_helper.rb

@@ -7,7 +7,7 @@
 #------------------------------------------------------------------------------
 module ApplicationHelper
   def tabs(tabs = nil)
-    tabs ||= controller_path =~ /admin/ ? FatFreeCRM::Tabs.admin : FatFreeCRM::Tabs.main
+    tabs ||= controller_path.match?(/admin/) ? FatFreeCRM::Tabs.admin : FatFreeCRM::Tabs.main
     if tabs
       @current_tab ||= tabs.first[:text] # Select first tab by default.
       tabs.each { |tab| tab[:active] = (@current_tab == tab[:text] || @current_tab == tab[:url][:controller]) }
@@ -254,7 +254,7 @@ module ApplicationHelper
       if site == :skype
         url = "callto:" + url
       else
-        url = "http://" + url unless url =~ /^https?:\/\//
+        url = "http://" + url unless url.match?(/^https?:\/\//)
       end
       link_to(image_tag("#{site}.gif", size: "15x15"), h(url), "data-popup": true, title: t(:open_in_window, h(url)))
     end.compact.join("\n").html_safe

data/app/helpers/leads_helper.rb

@@ -11,7 +11,7 @@ module LeadsHelper
   #----------------------------------------------------------------------------
   def stars_for(lead)
     star = '★'
-    rating = lead.rating || 0
+    rating = lead.rating.to_i
     (star * rating).html_safe + content_tag(:font, (star * (RATING_STARS - rating)).html_safe, color: 'gainsboro')
   end
 

data/app/helpers/opportunities_helper.rb

@@ -20,9 +20,9 @@ module OpportunitiesHelper
     summary << (opportunity.stage ? t(opportunity.stage) : t(:other))
     summary << number_to_currency(opportunity.weighted_amount, precision: 0)
     unless %w[won lost].include?(opportunity.stage)
-      amount << number_to_currency(opportunity.amount || 0, precision: 0)
+      amount << number_to_currency(opportunity.amount.to_f, precision: 0)
       amount << (opportunity.discount ? t(:discount_number, number_to_currency(opportunity.discount, precision: 0)) : t(:no_discount))
-      amount << t(:probability_number, (opportunity.probability || 0).to_s + '%')
+      amount << t(:probability_number, opportunity.probability.to_i.to_s + '%')
       summary << amount.join(' ')
     end
     summary << if opportunity.closes_on
@@ -37,11 +37,64 @@ module OpportunitiesHelper
   # and prepends the currently selected campaign, if any.
   #----------------------------------------------------------------------------
   def opportunity_campaign_select(options = {})
-    options[:selected] ||= @opportunity.campaign_id || 0
+    options[:selected] ||= @opportunity.campaign_id.to_i
     selected_campaign = Campaign.find_by_id(options[:selected])
     campaigns = ([selected_campaign] + Campaign.my(current_user).order(:name).limit(25)).compact.uniq
     collection_select :opportunity, :campaign_id, campaigns, :id, :name,
                       { selected: options[:selected], prompt: t(:select_a_campaign) },
                       style: 'width:330px;', class: 'select2'
   end
+
+  # Generates the inline revenue message for the opportunity list table.
+  #----------------------------------------------------------------------------
+  def opportunity_revenue_message(opportunity, detailed = false)
+    msg = []
+    won_or_lost = %w[won lost].include?(opportunity.stage)
+
+    if opportunity.weighted_amount != 0
+      msg << content_tag(:b, number_to_currency(opportunity.weighted_amount, precision: 0))
+    end
+
+    unless won_or_lost
+      if detailed
+        if opportunity.amount.to_f != 0
+          msg << number_to_currency(opportunity.amount.to_f, precision: 0)
+        end
+
+        if opportunity.discount.to_f != 0
+          msg << t(:discount) + ' ' + number_to_currency(opportunity.discount, precision: 0)
+        end
+      end
+
+      if opportunity.probability.to_i != 0
+        msg << t(:probability) + ' ' + opportunity.probability.to_s + '%'
+      end
+    end
+
+    msg << opportunity_closes_on_message(opportunity, won_or_lost)
+
+    msg.join(' | ').html_safe
+  end
+
+  private
+
+  def opportunity_closes_on_message(opportunity, won_or_lost)
+    if opportunity.closes_on
+      if won_or_lost
+        if opportunity.closes_on >= Date.today
+          t(:closing_date, l(opportunity.closes_on, format: :mmddyy))
+        else
+          t(:closed_ago_on, time_ago: distance_of_time_in_words(opportunity.closes_on, Date.today), date: l(opportunity.closes_on, format: :mmddyy))
+        end
+      elsif opportunity.closes_on > Date.today
+        t(:expected_to_close, time: distance_of_time_in_words(Date.today, opportunity.closes_on), date: l(opportunity.closes_on, format: :mmddyy))
+      elsif opportunity.closes_on == Date.today
+        content_tag(:span, t(:closes_today), class: 'warn')
+      else
+        content_tag(:span, t(:past_due, distance_of_time_in_words(opportunity.closes_on, Date.today)), class: 'warn')
+      end
+    else
+      t(:no_closing_date)
+    end
+  end
 end

data/app/helpers/tags_helper.rb

@@ -17,7 +17,7 @@ module TagsHelper
       elsif !query.include?(hashtag)
         query += " #{hashtag}"
       end
-      out << link_to_function(tag, "crm.search_tagged('#{escape_javascript(query)}', '#{model.class.to_s.tableize}')", title: tag)
+      out << link_to_function(tag, "crm.search_tagged('#{query}', '#{model.class.to_s.tableize}')", title: tag)
     end
   end
 

data/app/models/entities/lead.rb

@@ -104,13 +104,6 @@ class Lead < ActiveRecord::Base
     end
   end
 
-  # Deprecated: see update_with_lead_counters
-  #----------------------------------------------------------------------------
-  def update_with_permissions(attributes, _users = nil)
-    ActiveSupport::Deprecation.warn "lead.update_with_permissions is deprecated and may be removed from future releases, use user_ids and group_ids inside attributes instead and call lead.update_with_lead_counters"
-    update_with_lead_counters(attributes)
-  end
-
   # Update lead attributes taking care of campaign lead counters when necessary.
   #----------------------------------------------------------------------------
   def update_with_lead_counters(attributes)

data/app/models/entities/opportunity.rb

@@ -50,10 +50,11 @@ class Opportunity < ActiveRecord::Base
   scope :not_lost,    -> { where("opportunities.stage <> 'lost'") }
   scope :pipeline,    -> { where("opportunities.stage IS NULL OR (opportunities.stage != 'won' AND opportunities.stage != 'lost')") }
   scope :unassigned,  -> { where("opportunities.assigned_to IS NULL") }
+  scope :weighted_sort, -> { select('*, amount*probability') }
 
   # Search by name OR id
   scope :text_search, ->(query) {
-    if query =~ /\A\d+\z/
+    if query.match?(/\A\d+\z/)
       where('upper(name) LIKE upper(:name) OR opportunities.id = :id', name: "%#{query}%", id: query)
     else
       ransack('name_cont' => query).result
@@ -100,7 +101,7 @@ class Opportunity < ActiveRecord::Base
 
   #----------------------------------------------------------------------------
   def weighted_amount
-    ((amount || 0) - (discount || 0)) * (probability || 0) / 100.0
+    (amount.to_f - discount.to_f) * probability.to_i / 100.0
   end
 
   # Backend handler for [Create New Opportunity] form (see opportunity/create).