imagine_cms 3.0.0 → 3.0.1

data/README.rdoc

@@ -1,6 +1,6 @@
 =About Imagine CMS
 
-Imagine CMS is a content management system developed by {Bigger Bird Creative, Inc.}[https://www.biggerbird.com] in 2006 for its clients. Other systems came with a learning curve: fine for daily users, but clients who only used it once a month or so would never remember how to use the system the next time they logged in. Simpler systems didn't allow us enough flexibility as designers and developers.
+Imagine CMS is a web content management system developed by {Bigger Bird Creative, Inc.}[https://www.biggerbird.com] in 2006 for its clients. Other CMSes came with a learning curve: not a problem for daily users, but clients who only used it once a month or so would forget everything by the next time they logged in. Simpler systems didn't have enough functionality to allow us to do what we wanted to do as designers and developers. Thus, we created a CMS that is easy for clients to use, stays out of our way, and provides useful automation.
 
 =Demo
 
@@ -22,17 +22,17 @@ Of the three original phases of this project, two remain:
 
 =Current Status
 
-Imagine 3.0 is finally ready for production use internally at Bigger Bird, but it's not quite ready for general use yet. Probably still buggy, not all functionality has been properly exercised, and there are no tests yet, I'll tackle this for 4.0 as we modernize the internals.
+Imagine 3.0 is finally ready for production use internally at Bigger Bird, but it's not quite ready for general use yet. Probably still buggy, not all functionality has been properly exercised, and there are no tests yet, I'll tackle this for 4.0 as I modernize the internals.
 
-One major feature is still missing: browser-based editing of view layouts and stylesheets. While convenient, this was probably not ever a good idea, so I'm working on a better solution.
+One major feature is still missing: browser-based editing of view layouts and stylesheets. While convenient, this was probably not ever a good idea, so I'm working on a better solution. I've also added a new feature, uploaded images and files can be stored on S3 (galleries still live on the local disk).
 
-Unless you are interested in contributing to development, it might be best to wait until the second phase of this project (Imagine 4). Why? Well, the purpose of Imagine 3 is strictly to port legacy sites to Rails 3.2 as simply as possible. Imagine 3 will always be held back by its need to remain compatible with legacy installations dating back to 2006. The ERB templating language can be dangerous (it allows all Ruby, including shell escapes), and the editor (powered by an ancient version of Dojo) is Firefox-only. It also uses Prototype, which has become a bit unfashionable these days.
+Unless you are already familiar with Imagine and/or interested in contributing to development, it might be best to wait until the second phase of this project (Imagine 4). Why? Well, the purpose of Imagine 3 is strictly to port legacy sites to Rails 3.2 as simply as possible. Imagine 3 will always be held back by its need to remain compatible with legacy installations dating back to 2006. The ERB templating language can be dangerous (it allows all Ruby, including shell escapes), and the editor (powered by an ancient version of Dojo) is still Firefox-only. It also uses Prototype, which has become a bit unfashionable these days.
 
 Imagine 4 will be a clean break from all of these "traditions," and thus will be a good time to get on board.
 
 =Hosting
 
-Imagine 3 can run on most "standard" Rails hosting platforms, anything that uses Passenger, Unicorn, etc. On hosts that don't allow/recommend writing to the local filesystem (e.g. Heroku) you won't be able to use photo galleries or page caching, but other features should work (this has not been tested).
+Imagine 3 can run on most "standard" Rails hosting platforms, anything that uses Passenger, Unicorn, etc. On hosts that don't allow (or recommend) writing to the local filesystem (e.g. Heroku) you won't be able to use photo galleries or page caching, but other features should work (this has not been tested).
 
 =Getting Help
 

data/app/controllers/cms/content_controller.rb

@@ -300,9 +300,9 @@ module Cms # :nodoc:
       
       # send feed
       response.headers["Content-Type"] = "application/rss+xml"
-      response.headers["Last-Modified"] = @pages.first.published_date.httpdate rescue Time.now
+      response.headers["Last-Modified"] = (@pages.first.published_date.httpdate rescue Time.now).to_s
       
-      render :layout => false
+      render 'rss_feed.xml', :layout => false
     end
     
     def preview_template

data/app/controllers/management/users_controller.rb

@@ -13,6 +13,10 @@ class Management::UsersController < Management::ApplicationController
     @users = User.all
   end
   
+  def new
+    @user = User.new
+  end
+  
   def create
     @user = User.new
     @user.username = params[:user][:username]
@@ -34,6 +38,17 @@ class Management::UsersController < Management::ApplicationController
   end
   
   def edit
+    return update if request.post?
+    
+    user = authenticate_user
+    unless user.is_superuser || user.can_manage_users || user.id.to_s == params[:id]
+      render :layout => true, :text => "Sorry, you don't have permission to access this section." and return false
+    end
+    
+    @user = User.find(params[:id])
+  end
+  
+  def update
     user = authenticate_user
     unless user.is_superuser || user.can_manage_users || user.id.to_s == params[:id]
       render :layout => true, :text => "Sorry, you don't have permission to access this section." and return false
@@ -41,28 +56,27 @@ class Management::UsersController < Management::ApplicationController
     
     @user = User.find(params[:id])
     
-    if request.post?
+    if user.is_superuser || user.can_manage_users
+      params[:user].each { |k,v| @user.send("#{k}=", v) }
+    elsif user.id.to_s == params[:id]
+      @user.first_name = params[:user][:first_name]
+      @user.last_name = params[:user][:last_name]
+      @user.email_address = params[:user][:email_address]
+      @user.password = params[:user][:password]
+      @user.password_confirmation = params[:user][:password_confirmation]
+    end
+    
+    if @user.save
+      flash[:notice] = 'User updated successfully. Please note that the user must log out and log back in for permission changes to take effect.'
+      user = authenticate_user
       if user.is_superuser || user.can_manage_users
-        params[:user].each { |k,v| @user.send("#{k}=", v) }
-      elsif user.id.to_s == params[:id]
-        @user.first_name = params[:user][:first_name]
-        @user.last_name = params[:user][:last_name]
-        @user.email_address = params[:user][:email_address]
-        @user.password = params[:user][:password]
-        @user.password_confirmation = params[:user][:password_confirmation]
-      end
-      
-      if @user.save
-        flash[:notice] = 'User updated successfully. Please note that the user must log out and log back in for permission changes to take effect.'
-        user = authenticate_user
-        if user.is_superuser || user.can_manage_users
-          redirect_to :action => 'index'
-        else
-          redirect_to :controller => '/manage/default', :action => 'index'
-        end
+        redirect_to :action => 'index'
       else
-        flash.now[:error] = @user.errors.full_messages
+        redirect_to :controller => '/manage/default', :action => 'index'
       end
+    else
+      flash.now[:error] = @user.errors.full_messages
+      render :action => 'edit'
     end
   end
   

data/app/views/cms/content/rss_feed.xml.builder

@@ -0,0 +1,28 @@
+xml.instruct!
+xml.rss :version => "2.0", 'xmlns:content' => "http://purl.org/rss/1.0/modules/content/" do
+  xml.channel do
+    xml.title params[:page_list_name]
+      xml.link url_for(:only_path => false,
+                       :controller => '/cms/content', :action => 'show',
+                       :content_path => @pg.path.split('/'))
+      xml.lastBuildDate CGI.rfc1123_date(@most_recent_pub_date ? @most_recent_pub_date.published_date : Time.now)
+      xml.language "en-us"
+      xml.description h(@pg.summary)
+      @pages.each do |page|
+        xml.item do
+          xml.title page.title
+          xml.link url_for(:only_path => false,
+                           :controller => '/cms/content', :action => 'show',
+                           :content_path => page.path.split('/'))
+          xml.description strip_tags(@page_contents[page.id])
+          xml.tag!('content:encoded') do
+            xml.cdata! @page_contents[page.id]
+          end
+          xml.pubDate CGI.rfc1123_date(page.published_date)
+          xml.guid url_for(:only_path => false,
+                           :controller => '/cms/content', :action => 'show',
+                           :content_path => page.path.split('/'))
+      end
+    end
+  end
+end

data/app/views/management/users/edit.html.erb

@@ -1,66 +1,54 @@
 <%= flash_message %>
 
-<%= form_tag do %>
+<%= form_for(@user) do |f| %>
 <table>
   <tr>
     <td>First name:</td>
-    <td><%= text_field :user, :first_name %></td>
+    <td><%= f.text_field :first_name %></td>
   </tr>
   <tr>
     <td>Last name:</td>
-    <td><%= text_field :user, :last_name %></td>
+    <td><%= f.text_field :last_name %></td>
   </tr>
   <tr>
     <td>Email address:</td>
-    <td><%= text_field :user, :email_address %></td>
+    <td><%= f.text_field :email_address %></td>
   </tr>
   
   <tr>
     <td>Username:</td>
-    <td><%= text_field :user, :username %></td>
+    <td><%= f.text_field :username %></td>
   </tr>
   <tr>
     <td>New Password:</td>
-    <td><%= password_field :user, :password %></td>
+    <td><%= f.password_field :password %></td>
   </tr>
   <tr>
     <td>Confirm:</td>
-    <td><%= password_field :user, :password_confirmation %></td>
+    <td><%= f.password_field :password_confirmation %></td>
   </tr>
   
-  <tr>
-    <td>Administrator:</td>
-    <td><%= check_box :user, :is_superuser %></td>
-  </tr>
-  
-  <tr>
-    <td colspan="2">-- OR -- </td>
-  </tr>
-  
-  <tr>
-    <td>Manage Restaurants:</td>
-    <td><%= check_box :user, :can_manage_restaurants %></td>
-  </tr>
-  <tr>
-    <td>Manage Recipes:</td>
-    <td><%= check_box :user, :can_manage_recipes %></td>
-  </tr>
-  <tr>
-    <td>Manage Blog Posts:</td>
-    <td><%= check_box :user, :can_manage_blog %></td>
-  </tr>
-  <tr>
-    <td>Manage Requests:</td>
-    <td><%= check_box :user, :can_manage_reqs %></td>
-  </tr>
-  <tr>
-    <td>Manage Members:</td>
-    <td><%= check_box :user, :can_manage_members %></td>
-  </tr>
-  <tr>
-    <td>Manage Users:</td>
-    <td><%= check_box :user, :can_manage_users %></td>
-  </tr>
+  <%- if @user.username != session[:user_username] -%>
+    <tr>
+      <td>This user is allowed to:</td>
+      <td>
+        <%= f.check_box :can_manage_cms %>
+          <label for="user_can_manage_cms">Create and edit web site content</label><br/>
+        <%- if UseCmsAccessLevels -%>
+        <%= f.check_box :can_manage_cms_publishing, :style => 'margin-left: 20px;' %>
+          <label for="user_can_manage_cms_publishing">Publish new page versions and create new pages</label><br/>
+          <div style="margin-left: 40px;" title="Example: /programs/abc, /about/news">
+            <label for="user_cms_allowed_sections">...but only in these sections (leave blank for unrestricted access):</label><br/>
+            <%= f.text_field :cms_allowed_sections, :style => 'width: 350px;' %>
+          </div>
+        <%= f.check_box :can_manage_cms_full_access, :style => 'margin-left: 20px;' %>
+          <label for="user_can_manage_cms_full_access">Edit templates and snippets</label><br/>
+        <%- end -%>
+        <%= f.check_box :can_manage_users %>
+          <label for="user_can_manage_users">Create users and control their access</label><br/>
+      </td>
+    </tr>
+  <%- end -%>
   
   <tr>
     <td></td>

data/app/views/management/users/index.html.erb

@@ -1,6 +1,6 @@
 <h2>CMS &raquo; Users</h2>
 
-<p><%= button_to 'Create New User', :action => 'create' %></p>
+<p><%= button_to 'Create New User', new_user_path, :method => :get %></p>
 
 <%= flash_message %>
 

data/app/views/management/users/{create.html.erb → new.html.erb}

@@ -2,32 +2,32 @@
 
 <%= flash_message %>
 
-<%= form_tag do %>
+<%= form_for(@user) do |f| %>
 <table>
   <tr>
     <td>First name:</td>
-    <td><%= text_field :user, :first_name %></td>
+    <td><%= f.text_field :first_name %></td>
   </tr>
   <tr>
     <td>Last name:</td>
-    <td><%= text_field :user, :last_name %></td>
+    <td><%= f.text_field :last_name %></td>
   </tr>
   <tr>
     <td>Email address:</td>
-    <td><%= text_field :user, :email_address %></td>
+    <td><%= f.text_field :email_address %></td>
   </tr>
   
   <tr>
     <td>Username:</td>
-    <td><%= text_field :user, :username %></td>
+    <td><%= f.text_field :username %></td>
   </tr>
   <tr>
     <td>Password:</td>
-    <td><%= password_field :user, :password %></td>
+    <td><%= f.password_field :password %></td>
   </tr>
   <tr>
     <td>Confirm:</td>
-    <td><%= password_field :user, :password_confirmation %></td>
+    <td><%= f.password_field :password_confirmation %></td>
   </tr>
   <tr>
     <td></td>

data/config/routes.rb

@@ -8,7 +8,17 @@ Rails.application.routes.draw do
   
   match 'manage/cms/preview_template'           => 'cms/content#preview_template'
   match 'manage/cms(/:action(/:id))'            => 'management/cms'
-  match 'manage/users(/:action(/:id))'          => 'management/users'
+  
+  # slowly convert to resourceful routes
+  # match 'manage/users(/:action(/:id))'          => 'management/users'
+  resources :users, :path => 'manage/users', :controller => 'management/users' do
+      member do
+        post :enable
+        post :disable
+        post :edit     # COMPAT: Remove for 3.1
+      end
+    end
+  # end
   
   match 'util/date_picker'                      => 'util#date_picker', :as => :date_picker
   

data/imagine_cms.gemspec

@@ -9,12 +9,17 @@ Gem::Specification.new do |s|
   s.name        = "imagine_cms"
   s.version     = ImagineCms::VERSION
   s.platform    = Gem::Platform::RUBY
-  s.authors     = ["Aaron Namba"]
-  s.email       = ["aaron@biggerbird.com"]
+  s.author      = "Aaron Namba"
+  s.email       = "aaron@biggerbird.com"
   s.homepage    = "https://github.com/anamba/imagine_cms"
   s.summary     = %q{Imagine Content Management System for Rails}
   s.description = %q{See README for details.}
 
+  s.required_ruby_version     = '>= 1.9.3'
+  s.required_rubygems_version = '>= 1.8.11'
+
+  s.license = 'AGPLv3'
+  
   s.rubyforge_project = "imagine_cms"
 
   s.files         = `git ls-files`.split("\n")

data/lib/imagine_cms/version.rb

@@ -1,3 +1,3 @@
 module ImagineCms
-  VERSION = "3.0.0"
+  VERSION = "3.0.1"
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: imagine_cms
 version: !ruby/object:Gem::Version
-  version: 3.0.0
+  version: 3.0.1
   prerelease: 
 platform: ruby
 authors:
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2012-12-01 00:00:00.000000000 Z
+date: 2012-12-05 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -172,8 +172,7 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 description: See README for details.
-email:
-- aaron@biggerbird.com
+email: aaron@biggerbird.com
 executables: []
 extensions: []
 extra_rdoc_files: []
@@ -350,6 +349,7 @@ files:
 - app/models/user.rb
 - app/models/user_group.rb
 - app/sweepers/cms_content_sweeper.rb
+- app/views/cms/content/rss_feed.xml.builder
 - app/views/imagine_cms/_dialogs.html.erb
 - app/views/imagine_cms/_header.html.erb
 - app/views/imagine_cms/_toolbar.html.erb
@@ -406,9 +406,9 @@ files:
 - app/views/management/default/index.html.erb
 - app/views/management/user/create_first.html.erb
 - app/views/management/user/login.html.erb
-- app/views/management/users/create.html.erb
 - app/views/management/users/edit.html.erb
 - app/views/management/users/index.html.erb
+- app/views/management/users/new.html.erb
 - app/views/management/users/permission_denied.html.erb
 - app/views/util/_calendar_days.html.erb
 - app/views/util/_calendar_month_year.html.erb
@@ -518,7 +518,8 @@ files:
 - test/test_helper.rb
 - vendor/.DS_Store
 homepage: https://github.com/anamba/imagine_cms
-licenses: []
+licenses:
+- AGPLv3
 post_install_message: 
 rdoc_options: []
 require_paths:
@@ -528,13 +529,13 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ! '>='
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 1.9.3
 required_rubygems_version: !ruby/object:Gem::Requirement
   none: false
   requirements:
   - - ! '>='
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 1.8.11
 requirements: []
 rubyforge_project: imagine_cms
 rubygems_version: 1.8.24