glib-web 0.6.1 → 0.6.5

data/app/policies/glib/application_policy.rb

@@ -1,191 +1,191 @@
-# The main purpose of this is for security. If it is important to display useful error message or to provide a "banana", then
-# it's better to perform an explicit check (e.g. as a validation in the model or using a before_action).
-module Glib
-  class ApplicationPolicy
-    attr_reader :user, :record, :policy_name, :controller, :request, :params
-    class_attribute :should_exist_attributes, instance_writer: false, default: []
-
-    private
-      def initialize(user, record, policy_name, controller, request, params, attributes: {})
-        @user = user
-        @record = record
-        @controller = controller
-        @request = request
-        # Don't get params from request because we might not have a proper request object. This might execute in Sidekiq.
-        # See Presenter::Model::inside_mock_controller()
-        @params = params
-        @policy_name = policy_name
-
-        if attributes.present? && controller.action_name != 'index'
-          self.class.module_eval { attr_accessor(*attributes.keys) }
-          attributes.each do |key, value|
-            send("#{key}=", value)
-          end
-        end
-
-        if controller.user_signed_in?
-          should_exist_attributes.each do |attribute|
-            if try(attribute).blank? && !['index'].include?(controller.action_name)
-              raise "Attribute #{attribute} is blank, policy will not working properly"
-            end
-          end
-        end
-      end
-
-      class << self
-        attr_reader :catch_all
-
-        def inherited(base)
-          base.should_exist_attributes = should_exist_attributes.dup
-          super
-        end
-
-        # This is to define the authorization logic for an action (or a group of actions). It's different from controller's
-        # authorize().
-        private  # Used by child
-          def authorize(*actions, &block)
-            actions.each do |action|
-              if action == :glib_all
-                # Serve as a catch-all to all actions that have not been specified in the policy.
-                @catch_all = block
-              else
-                method_name = "#{action}?"
-                # Avoid accidentally redefining multiple times from child policies. But it's okay if the child policy
-                # wants to override the parent's authorization method.
-                raise "Action authorization has been declared: #{action}" if instance_methods(false).include?(method_name.to_sym)
-                define_method method_name, &block
-              end
-            end
-          end
-
-          def should_exist(*attributes)
-            should_exist_attributes.push(*attributes)
-          end
-      end
-
-    private
-      def catch_all
-        self.class.catch_all
-      end
-
-    private
-      # To ensure the block is called on the policy's instance instead class.
-      def call_catch_all
-        instance_eval(&catch_all)
-      end
-
-      authorize :index do
-        # We need this line because in `index` action, this method will be called instead of method_missing().
-        # Having this line ensures that the catch_all behaviour works according to the priority below:
-        # - child_policy#index?
-        # - child_policy#manage? -- catch_all
-        # - application_policy@index?
-        return call_catch_all if catch_all
-
-        false
-      end
-
-      authorize :show do
-        return call_catch_all if catch_all
-
-        scope.where(id: record.id).exists?
-      end
-
-      authorize :create do
-        return call_catch_all if catch_all
-
-        false
-      end
-
-      authorize :new do
-        return call_catch_all if catch_all
-
-        create?
-      end
-
-      authorize :update do
-        return call_catch_all if catch_all
-
-        false
-      end
-
-      authorize :edit do
-        return call_catch_all if catch_all
-
-        update?
-      end
-
-      authorize :destroy do
-        return call_catch_all if catch_all
-
-        false
-      end
-
-    public
-    def method_missing(name, *args, &block)
-      if name.to_s.end_with?('?') && catch_all
-        call_catch_all
-      else
-        super
-      end
-    end
-
-    public
-    def scope
-      policy_scope_class = Pundit::PolicyFinder.new(@policy_name).scope
-      return unless policy_scope_class
-
-      controller.policy_scope(record.class, policy_scope_class: policy_scope_class)
-    end
-
-    public
-    def self.args_builder
-      Proc.new { |controller| [] }
-    end
-
-    public
-    def helpers
-      controller.helpers
-    end
-
-    # TODO: Remove. Deprecated
-    # private  # Used by child
-    # def public?
-    #   true
-    # end
-
-    class Scope
-      attr_reader :user, :scope
-
-      def initialize(user, scope)
-        @user = user
-        @scope = scope
-      end
-
-      # def current_user
-      #   user
-      # end
-
-      # To be overridden
-      def resolve
-        scope.none
-      end
-    end
-
-    private  # Used by child
-      def everyone
-        true
-      end
-
-      # def current_user
-      #   user
-      # end
-
-      # TODO: Bad pattern. Implement explicit policy parameter instead.
-      # - E.g. can? :destroy, :service_subscription_auto_renewal, { service_subscription: @service_subscription }
-      # - E.g. super class: :service_subscription_auto_renewal, { service_subscription: @service_subscription }
-      def controller_var(name)
-        controller.instance_variable_get(:"@#{name}")
-      end
-  end
-end
+# The main purpose of this is for security. If it is important to display useful error message or to provide a "banana", then
+# it's better to perform an explicit check (e.g. as a validation in the model or using a before_action).
+module Glib
+  class ApplicationPolicy
+    attr_reader :user, :record, :policy_name, :controller, :request, :params
+    class_attribute :should_exist_attributes, instance_writer: false, default: []
+
+    private
+      def initialize(user, record, policy_name, controller, request, params, attributes: {})
+        @user = user
+        @record = record
+        @controller = controller
+        @request = request
+        # Don't get params from request because we might not have a proper request object. This might execute in Sidekiq.
+        # See Presenter::Model::inside_mock_controller()
+        @params = params
+        @policy_name = policy_name
+
+        if attributes.present? && controller.action_name != 'index'
+          self.class.module_eval { attr_accessor(*attributes.keys) }
+          attributes.each do |key, value|
+            send("#{key}=", value)
+          end
+        end
+
+        if controller.user_signed_in?
+          should_exist_attributes.each do |attribute|
+            if try(attribute).blank? && !['index'].include?(controller.action_name)
+              raise "Attribute #{attribute} is blank, policy will not working properly"
+            end
+          end
+        end
+      end
+
+      class << self
+        attr_reader :catch_all
+
+        def inherited(base)
+          base.should_exist_attributes = should_exist_attributes.dup
+          super
+        end
+
+        # This is to define the authorization logic for an action (or a group of actions). It's different from controller's
+        # authorize().
+        private  # Used by child
+          def authorize(*actions, &block)
+            actions.each do |action|
+              if action == :glib_all
+                # Serve as a catch-all to all actions that have not been specified in the policy.
+                @catch_all = block
+              else
+                method_name = "#{action}?"
+                # Avoid accidentally redefining multiple times from child policies. But it's okay if the child policy
+                # wants to override the parent's authorization method.
+                raise "Action authorization has been declared: #{action}" if instance_methods(false).include?(method_name.to_sym)
+                define_method method_name, &block
+              end
+            end
+          end
+
+          def should_exist(*attributes)
+            should_exist_attributes.push(*attributes)
+          end
+      end
+
+    private
+      def catch_all
+        self.class.catch_all
+      end
+
+    private
+      # To ensure the block is called on the policy's instance instead class.
+      def call_catch_all
+        instance_eval(&catch_all)
+      end
+
+      authorize :index do
+        # We need this line because in `index` action, this method will be called instead of method_missing().
+        # Having this line ensures that the catch_all behaviour works according to the priority below:
+        # - child_policy#index?
+        # - child_policy#manage? -- catch_all
+        # - application_policy@index?
+        return call_catch_all if catch_all
+
+        false
+      end
+
+      authorize :show do
+        return call_catch_all if catch_all
+
+        scope.where(id: record.id).exists?
+      end
+
+      authorize :create do
+        return call_catch_all if catch_all
+
+        false
+      end
+
+      authorize :new do
+        return call_catch_all if catch_all
+
+        create?
+      end
+
+      authorize :update do
+        return call_catch_all if catch_all
+
+        false
+      end
+
+      authorize :edit do
+        return call_catch_all if catch_all
+
+        update?
+      end
+
+      authorize :destroy do
+        return call_catch_all if catch_all
+
+        false
+      end
+
+    public
+    def method_missing(name, *args, &block)
+      if name.to_s.end_with?('?') && catch_all
+        call_catch_all
+      else
+        super
+      end
+    end
+
+    public
+    def scope
+      policy_scope_class = Pundit::PolicyFinder.new(@policy_name).scope
+      return unless policy_scope_class
+
+      controller.policy_scope(record.class, policy_scope_class: policy_scope_class)
+    end
+
+    public
+    def self.args_builder
+      Proc.new { |controller| [] }
+    end
+
+    public
+    def helpers
+      controller.helpers
+    end
+
+    # TODO: Remove. Deprecated
+    # private  # Used by child
+    # def public?
+    #   true
+    # end
+
+    class Scope
+      attr_reader :user, :scope
+
+      def initialize(user, scope)
+        @user = user
+        @scope = scope
+      end
+
+      # def current_user
+      #   user
+      # end
+
+      # To be overridden
+      def resolve
+        scope.none
+      end
+    end
+
+    private  # Used by child
+      def everyone
+        true
+      end
+
+      # def current_user
+      #   user
+      # end
+
+      # TODO: Bad pattern. Implement explicit policy parameter instead.
+      # - E.g. can? :destroy, :service_subscription_auto_renewal, { service_subscription: @service_subscription }
+      # - E.g. super class: :service_subscription_auto_renewal, { service_subscription: @service_subscription }
+      def controller_var(name)
+        controller.instance_variable_get(:"@#{name}")
+      end
+  end
+end

data/app/validators/email_typo_validator.rb

@@ -1,38 +1,38 @@
-class EmailTypoValidator < ActiveModel::EachValidator
-  COMMON_FORMAT = {
-    '\.\.' => '.',
-    '\.con\z' => '.com',
-    '\.coj\z' => '.com',
-    '\.vom\z' => '.com',
-    '\.xom\z' => '.com',
-    '\.com[a-z]\z' => '.com',
-    '\.con\.' => '.com.',
-    '\.orf\z' => '.org',
-    '\.orf\.' => '.org.',
-    '@hitmail\.' => '@hotmail.',
-    '@htomail\.' => '@hotmail.',
-    '@hotnail\.' => '@hotmail.',
-    '@hotmil\.' => '@hotmail.',
-    '@hotmal\.' => '@hotmail.',
-    '@hoymail\.' => '@hotmail.',
-    '@hormail\.' => '@hotmail.',
-    '@hotmsil\.' => '@hotmail.',
-    '@gail\.' => '@gmail.',
-    '@gnail\.' => '@gmail.',
-    '@gmil\.' => '@gmail.',
-    '@gmal\.' => '@gmail.',
-    '@gmai\.' => '@gmail.',
-    '@yahho\.' => '@yahoo.',
-    '@yaho\.' => '@yahoo.',
-  }
-
-  def validate_each(record, attribute, value)
-    COMMON_FORMAT.keys.each do |format_key|
-      regex = Regexp.new(format_key)
-      if match = regex.match(value)
-        record.errors.add(attribute, "Invalid, replace #{match[0]} with #{COMMON_FORMAT[format_key]}")
-        break
-      end
-    end
-  end
-end
+class EmailTypoValidator < ActiveModel::EachValidator
+  COMMON_FORMAT = {
+    '\.\.' => '.',
+    '\.con\z' => '.com',
+    '\.coj\z' => '.com',
+    '\.vom\z' => '.com',
+    '\.xom\z' => '.com',
+    '\.com[a-z]\z' => '.com',
+    '\.con\.' => '.com.',
+    '\.orf\z' => '.org',
+    '\.orf\.' => '.org.',
+    '@hitmail\.' => '@hotmail.',
+    '@htomail\.' => '@hotmail.',
+    '@hotnail\.' => '@hotmail.',
+    '@hotmil\.' => '@hotmail.',
+    '@hotmal\.' => '@hotmail.',
+    '@hoymail\.' => '@hotmail.',
+    '@hormail\.' => '@hotmail.',
+    '@hotmsil\.' => '@hotmail.',
+    '@gail\.' => '@gmail.',
+    '@gnail\.' => '@gmail.',
+    '@gmil\.' => '@gmail.',
+    '@gmal\.' => '@gmail.',
+    '@gmai\.' => '@gmail.',
+    '@yahho\.' => '@yahoo.',
+    '@yaho\.' => '@yahoo.',
+  }
+
+  def validate_each(record, attribute, value)
+    COMMON_FORMAT.keys.each do |format_key|
+      regex = Regexp.new(format_key)
+      if match = regex.match(value)
+        record.errors.add(attribute, "Invalid, replace #{match[0]} with #{COMMON_FORMAT[format_key]}")
+        break
+      end
+    end
+  end
+end

data/app/validators/email_validator.rb

@@ -1,7 +1,7 @@
-class EmailValidator < ActiveModel::EachValidator
-  def validate_each(record, attribute, value)
-    unless value =~ /\A([^@\s]+)@((?:[-a-z0-9]+\.)+[a-z]{2,})\z/i
-      record.errors.add(attribute, :invalid)
-    end
-  end
-end
+class EmailValidator < ActiveModel::EachValidator
+  def validate_each(record, attribute, value)
+    unless value =~ /\A([^@\s]+)@((?:[-a-z0-9]+\.)+[a-z]{2,})\z/i
+      record.errors.add(attribute, :invalid)
+    end
+  end
+end

data/app/validators/url_validator.rb

@@ -1,20 +1,20 @@
-class UrlValidator < ActiveModel::EachValidator
-  def validate_each(record, attribute, value)
-    schemes = ['https', 'http']
-
-    begin
-      uri = URI.parse(value)
-      host = uri && uri.host
-      scheme = uri && uri.scheme
-
-      valid_scheme = host && scheme && schemes.include?(scheme)
-      valid_raw_url = scheme && value.match?(URI::regexp([scheme]))
-
-      unless valid_raw_url && valid_scheme
-        record.errors.add(attribute, :invalid)
-      end
-    rescue URI::InvalidURIError
-      record.errors.add(attribute, :invalid)
-    end
-  end
-end
+class UrlValidator < ActiveModel::EachValidator
+  def validate_each(record, attribute, value)
+    schemes = ['https', 'http']
+
+    begin
+      uri = URI.parse(value)
+      host = uri && uri.host
+      scheme = uri && uri.scheme
+
+      valid_scheme = host && scheme && schemes.include?(scheme)
+      valid_raw_url = scheme && value.match?(URI::regexp([scheme]))
+
+      unless valid_raw_url && valid_scheme
+        record.errors.add(attribute, :invalid)
+      end
+    rescue URI::InvalidURIError
+      record.errors.add(attribute, :invalid)
+    end
+  end
+end

data/app/views/json_ui/garage/_nav_menu.json.jbuilder

@@ -1,72 +1,72 @@
-
-if local_assigns[:top_nav] || json_ui_app_is_web?
-  page.leftDrawer content: ->(drawer) do
-    drawer.header childViews: ->(header) do
-      header.button text: 'App', styleClasses: ['link', 'logo'], onClick: ->(action) do
-        action.windows_open url: root_url
-      end
-    end
-
-    drawer.rows builder: ->(menu) do
-
-      menu.button text: 'Pages', onClick: ->(action) do
-        action.windows_open url: json_ui_garage_url(path: 'pages/index')
-      end
-
-      menu.button text: 'Panels', onClick: ->(action) do
-        action.windows_open url: json_ui_garage_url(path: 'panels/index')
-      end
-
-      menu.button text: 'Lists', onClick: ->(action) do
-        action.windows_open url: json_ui_garage_url(path: 'lists/index')
-      end
-
-      menu.button text: 'Forms', onClick: ->(action) do
-        action.windows_open url: json_ui_garage_url(path: 'forms/index')
-      end
-
-      menu.button text: 'Views', onClick: ->(action) do
-        action.windows_open url: json_ui_garage_url(path: 'views/index')
-      end
-
-      menu.button text: 'Actions', onClick: ->(action) do
-        action.windows_open url: json_ui_garage_url(path: 'actions/index')
-      end
-
-      menu.button text: 'Tables (Web Only)', onClick: ->(action) do
-        action.windows_open url: json_ui_garage_url(path: 'tables/index')
-      end
-
-      menu.button text: 'Services', onClick: ->(action) do
-        action.windows_open url: json_ui_garage_url(path: 'services/index')
-      end
-
-      menu.divider
-      menu.label text: 'Misc Menu'
-
-      menu.button icon: 'notifications', text: 'Notifications', onClick: ->(action) do
-        action.windows_open url: json_ui_garage_url(path: 'notifications/index')
-      end
-
-      menu.button icon: 'list', text: 'UI Elements', onClick: ->(action) do
-        action.windows_open url: json_ui_garage_url
-      end
-
-      menu.button icon: 'refresh', text: 'Reload', onClick: ->(action) do
-        action.windows_reload
-      end
-
-      # Consider deprecating icon badge
-      # menu.button icon: { name: 'zoom_in', badge: '!' }, text: 'Diagnostics', onClick: ->(action) do
-      menu.button icon: 'zoom_in', text: 'Diagnostics', badgeContent: '!', onClick: ->(action) do
-        action.dialogs_alert message: %{
-          Bundle ID: #{json_ui_app_bundle_id || '<unknown>'}
-          App Version: #{json_ui_app_build_version || '<unknown>'}
-          Device OS: #{json_ui_app_device_os}
-        }
-      end
-
-    end
-  end
-
-end
+
+if local_assigns[:top_nav] || json_ui_app_is_web?
+  page.leftDrawer content: ->(drawer) do
+    drawer.header childViews: ->(header) do
+      header.button text: 'App', styleClasses: ['link', 'logo'], onClick: ->(action) do
+        action.windows_open url: root_url
+      end
+    end
+
+    drawer.rows builder: ->(menu) do
+
+      menu.button text: 'Pages', onClick: ->(action) do
+        action.windows_open url: json_ui_garage_url(path: 'pages/index')
+      end
+
+      menu.button text: 'Panels', onClick: ->(action) do
+        action.windows_open url: json_ui_garage_url(path: 'panels/index')
+      end
+
+      menu.button text: 'Lists', onClick: ->(action) do
+        action.windows_open url: json_ui_garage_url(path: 'lists/index')
+      end
+
+      menu.button text: 'Forms', onClick: ->(action) do
+        action.windows_open url: json_ui_garage_url(path: 'forms/index')
+      end
+
+      menu.button text: 'Views', onClick: ->(action) do
+        action.windows_open url: json_ui_garage_url(path: 'views/index')
+      end
+
+      menu.button text: 'Actions', onClick: ->(action) do
+        action.windows_open url: json_ui_garage_url(path: 'actions/index')
+      end
+
+      menu.button text: 'Tables (Web Only)', onClick: ->(action) do
+        action.windows_open url: json_ui_garage_url(path: 'tables/index')
+      end
+
+      menu.button text: 'Services', onClick: ->(action) do
+        action.windows_open url: json_ui_garage_url(path: 'services/index')
+      end
+
+      menu.divider
+      menu.label text: 'Misc Menu'
+
+      menu.button icon: 'notifications', text: 'Notifications', onClick: ->(action) do
+        action.windows_open url: json_ui_garage_url(path: 'notifications/index')
+      end
+
+      menu.button icon: 'list', text: 'UI Elements', onClick: ->(action) do
+        action.windows_open url: json_ui_garage_url
+      end
+
+      menu.button icon: 'refresh', text: 'Reload', onClick: ->(action) do
+        action.windows_reload
+      end
+
+      # Consider deprecating icon badge
+      # menu.button icon: { name: 'zoom_in', badge: '!' }, text: 'Diagnostics', onClick: ->(action) do
+      menu.button icon: 'zoom_in', text: 'Diagnostics', badgeContent: '!', onClick: ->(action) do
+        action.dialogs_alert message: %{
+          Bundle ID: #{json_ui_app_bundle_id || '<unknown>'}
+          App Version: #{json_ui_app_build_version || '<unknown>'}
+          Device OS: #{json_ui_app_device_os}
+        }
+      end
+
+    end
+  end
+
+end