lean_cms 0.2.12

data/app/models/lean_cms/post.rb

@@ -0,0 +1,65 @@
+module LeanCms
+  class Post < ApplicationRecord
+    self.table_name = 'lean_cms_posts'
+
+    has_paper_trail
+
+    belongs_to :author, class_name: 'User'
+    belongs_to :last_edited_by, class_name: 'User', optional: true
+
+    has_rich_text :body
+    has_one_attached :featured_image
+    has_one :meta_tag, as: :taggable, class_name: 'LeanCms::MetaTag', dependent: :destroy
+
+    enum :status, { draft: 0, published: 1 }
+    enum :content_type, { blog: 0, portfolio: 1 }, prefix: :content
+
+    validates :title, :slug, presence: true
+    validates :slug, uniqueness: true
+    validates :status, presence: true
+
+    scope :published, -> { where(status: :published).where('published_at <= ?', Time.current) }
+    scope :recent, -> { order(published_at: :desc) }
+    scope :blog_posts, -> { content_blog }
+    scope :portfolio_items, -> { content_portfolio }
+
+    before_validation :generate_slug, if: -> { slug.blank? }
+    before_validation :set_published_at, if: -> { status_changed? && published? && published_at.nil? }
+
+    # Class method to find by slug
+    def self.find_by_slug!(slug)
+      find_by!(slug: slug)
+    end
+
+    # Check if post is published
+    def published?
+      status == 'published' && published_at.present? && published_at <= Time.current
+    end
+
+    # Get excerpt or truncated body
+    def excerpt_or_body(length: 200)
+      excerpt.presence || body.to_plain_text.truncate(length)
+    end
+
+    private
+
+    def generate_slug
+      return if title.blank?
+
+      base_slug = title.parameterize
+      slug_candidate = base_slug
+      counter = 1
+
+      while LeanCms::Post.where(slug: slug_candidate).where.not(id: id).exists?
+        slug_candidate = "#{base_slug}-#{counter}"
+        counter += 1
+      end
+
+      self.slug = slug_candidate
+    end
+
+    def set_published_at
+      self.published_at = Time.current
+    end
+  end
+end

data/app/models/lean_cms/session.rb

@@ -0,0 +1,7 @@
+module LeanCms
+  class Session < ApplicationRecord
+    self.table_name = "lean_cms_sessions"
+
+    belongs_to :user, class_name: "User"
+  end
+end

data/app/models/lean_cms/setting.rb

@@ -0,0 +1,156 @@
+class LeanCms::Setting < ApplicationRecord
+  self.table_name = 'lean_cms_settings'
+
+  has_paper_trail
+  has_one_attached :file
+
+  validates :key, presence: true, uniqueness: true
+
+  class << self
+    def get(key, default = nil)
+      Rails.cache.fetch("lean_cms_setting/#{key}", expires_in: 1.hour) do
+        setting = find_by(key: key)
+        setting&.value || default
+      end
+    end
+
+    def set(key, value)
+      setting = find_or_initialize_by(key: key)
+      setting.value = value.to_s
+      PaperTrail.request(whodunnit: LeanCms::Current.user&.id&.to_s) do
+        setting.save!
+      end
+      Rails.cache.delete("lean_cms_setting/#{key}")
+      value
+    end
+
+    # Returns the ActiveStorage URL for the uploaded favicon (host-configured
+    # override), or nil if no favicon has been uploaded. Callers should fall
+    # back to the gem's default sloth favicon when this returns nil.
+    def site_favicon_url
+      setting = find_by(key: "site_favicon")
+      return nil unless setting&.file&.attached?
+      Rails.application.routes.url_helpers.rails_blob_path(setting.file, only_path: true)
+    end
+
+    # Attaches a new favicon file (e.g. from params[:site_favicon]).
+    def update_site_favicon!(file_param)
+      return if file_param.blank?
+      setting = find_or_create_by!(key: "site_favicon") { |s| s.value = "uploaded" }
+      setting.file.purge if setting.file.attached?
+      setting.file.attach(file_param)
+    end
+
+    def remove_site_favicon!
+      setting = find_by(key: "site_favicon")
+      setting&.file&.purge if setting&.file&.attached?
+    end
+
+    # Bypass cache - use for settings that must take effect immediately (e.g. cookie consent)
+    def get_uncached(key, default = nil)
+      setting = find_by(key: key)
+      setting&.value || default
+    end
+
+    def enabled?(key)
+      get(key, 'false') == 'true'
+    end
+
+    # JSON storage helpers
+    def get_json(key, default = {})
+      raw = get(key)
+      return default if raw.blank?
+      JSON.parse(raw)
+    rescue JSON::ParserError
+      default
+    end
+
+    def set_json(key, value)
+      set(key, value.to_json)
+    end
+
+    # Site information convenience methods
+
+    # Returns structured address data as hash
+    def site_address_data
+      get_json('site_address', {
+        'street1' => '',
+        'street2' => '',
+        'city' => '',
+        'state' => '',
+        'zip' => ''
+      })
+    end
+
+    # Returns formatted address string for display
+    def site_address
+      data = site_address_data
+      parts = []
+      parts << data['street1'] if data['street1'].present?
+      parts << data['street2'] if data['street2'].present?
+
+      city_state_zip = []
+      city_state_zip << data['city'] if data['city'].present?
+      city_state_zip << data['state'] if data['state'].present?
+      city_state_zip << data['zip'] if data['zip'].present?
+
+      parts << city_state_zip.join(', ') if city_state_zip.any?
+      parts.join("\n")
+    end
+
+    # Returns single-line formatted address
+    def site_address_single_line
+      data = site_address_data
+      parts = []
+      parts << data['street1'] if data['street1'].present?
+      parts << data['street2'] if data['street2'].present?
+
+      city_state = []
+      city_state << data['city'] if data['city'].present?
+      city_state << data['state'] if data['state'].present?
+
+      location = city_state.join(', ')
+      location += " #{data['zip']}" if data['zip'].present?
+
+      parts << location if location.present?
+      parts.join(', ')
+    end
+
+    def site_phone
+      get('site_phone', '')
+    end
+
+    def site_email
+      get('site_email', '')
+    end
+
+    def business_hours
+      get_json('business_hours', { 'hours' => [], 'note' => '' })
+    end
+
+    # Content lock methods for sync workflow
+    def content_locked?
+      enabled?('content_locked')
+    end
+
+    def lock_content!(reason = nil)
+      set('content_locked', 'true')
+      set('content_locked_at', Time.current.iso8601)
+      set('content_locked_reason', reason) if reason
+    end
+
+    def unlock_content!
+      set('content_locked', 'false')
+      Rails.cache.delete("lean_cms_setting/content_locked_at")
+      Rails.cache.delete("lean_cms_setting/content_locked_reason")
+    end
+
+    def content_lock_info
+      return nil unless content_locked?
+      {
+        locked_at: get('content_locked_at'),
+        reason: get('content_locked_reason', 'Content sync in progress')
+      }
+    end
+  end
+end

data/app/policies/lean_cms/application_policy.rb

@@ -0,0 +1,35 @@
+# frozen_string_literal: true
+
+module LeanCms
+  class ApplicationPolicy
+    attr_reader :user, :record
+
+    def initialize(user, record)
+      @user = user
+      @record = record
+    end
+
+    def index?   = false
+    def show?    = false
+    def create?  = false
+    def new?     = create?
+    def update?  = false
+    def edit?    = update?
+    def destroy? = false
+
+    class Scope
+      def initialize(user, scope)
+        @user  = user
+        @scope = scope
+      end
+
+      def resolve
+        raise NoMethodError, "You must define #resolve in #{self.class}"
+      end
+
+      private
+
+      attr_reader :user, :scope
+    end
+  end
+end

data/app/policies/lean_cms/page_content_policy.rb

@@ -0,0 +1,31 @@
+# frozen_string_literal: true
+
+module LeanCms
+  class PageContentPolicy < ApplicationPolicy
+    def index?
+      user.can_edit_pages?
+    end
+
+    def show?
+      user.can_edit_pages?
+    end
+
+    def update?
+      user.can_edit_pages?
+    end
+
+    def edit?
+      update?
+    end
+
+    class Scope < ApplicationPolicy::Scope
+      def resolve
+        if user.can_edit_pages?
+          scope.all
+        else
+          scope.none
+        end
+      end
+    end
+  end
+end

data/app/policies/lean_cms/post_policy.rb

@@ -0,0 +1,37 @@
+# frozen_string_literal: true
+
+module LeanCms
+  class PostPolicy < ApplicationPolicy
+    def index?
+      user.can_edit_blog?
+    end
+
+    def show?
+      user.can_edit_blog?
+    end
+
+    def create?
+      user.can_edit_blog?
+    end
+
+    def update?
+      return false unless user.can_edit_blog?
+      # Super admins can edit any post, others can only edit their own
+      user.is_super_admin? || record.author_id == user.id
+    end
+
+    def destroy?
+      update?
+    end
+
+    class Scope < ApplicationPolicy::Scope
+      def resolve
+        if user.can_edit_blog?
+          scope.all
+        else
+          scope.none
+        end
+      end
+    end
+  end
+end

data/app/policies/lean_cms/setting_policy.rb

@@ -0,0 +1,17 @@
+# frozen_string_literal: true
+
+module LeanCms
+  class SettingPolicy < ApplicationPolicy
+    def edit?
+      user.can_access_settings?
+    end
+
+    def update?
+      user.can_access_settings?
+    end
+
+    def update_override?
+      user.can_access_settings?
+    end
+  end
+end

data/app/views/layouts/lean_cms/application.html.erb

@@ -0,0 +1,114 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <meta charset="UTF-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1.0">
+  <title><%= content_for?(:title) ? "#{yield(:title)} - " : "" %>Lean CMS - <%= LeanCms.site_name %></title>
+  <%= csrf_meta_tags %>
+  <%= csp_meta_tag %>
+
+  <link rel="icon" type="image/png" sizes="16x16" href="<%= asset_path("lean_cms/sloth-favicon-16.png") %>">
+  <link rel="icon" type="image/png" sizes="32x32" href="<%= asset_path("lean_cms/sloth-favicon-32.png") %>">
+  <link rel="icon" type="image/png" sizes="64x64" href="<%= asset_path("lean_cms/sloth-favicon-64.png") %>">
+  <link rel="apple-touch-icon" href="<%= asset_path("lean_cms/sloth-favicon-64.png") %>">
+
+  <%= stylesheet_link_tag "tailwind", "data-turbo-track": "reload" %>
+  <%= stylesheet_link_tag "application", "data-turbo-track": "reload" %>
+  <%= stylesheet_link_tag "actiontext", "data-turbo-track": "reload" %>
+  <%= javascript_importmap_tags %>
+
+  <!-- Alpine.js for dropdown functionality -->
+  <script defer src="https://cdn.jsdelivr.net/npm/alpinejs@3.x.x/dist/cdn.min.js"></script>
+
+  <link rel="preconnect" href="https://fonts.googleapis.com">
+  <link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
+  <link href="https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700;800&display=swap" rel="stylesheet">
+
+  <style>
+    :root {
+      --cms-primary: <%= LeanCms.primary_color %>;
+      --cms-secondary: <%= LeanCms.secondary_color %>;
+      --cms-primary-dark: <%= darken_color(LeanCms.primary_color, 10) %>;
+      --cms-gray-50: #f8fafc;
+      --cms-gray-100: #f1f5f9;
+      --cms-gray-200: #e2e8f0;
+      --cms-gray-300: #cbd5e1;
+      --cms-gray-400: #94a3b8;
+      --cms-gray-500: #64748b;
+      --cms-gray-600: #475569;
+      --cms-gray-700: #334155;
+      --cms-gray-800: #1e293b;
+      --cms-gray-900: #0f172a;
+    }
+
+    body {
+      font-family: 'Inter', -apple-system, BlinkMacSystemFont, 'Segoe UI', sans-serif;
+    }
+
+    /* Ensure all interactive elements have pointer cursor */
+    a, button, [role="button"], input[type="submit"], input[type="button"] {
+      cursor: pointer;
+    }
+  </style>
+</head>
+<body class="bg-gray-50 antialiased">
+  <div class="flex h-screen overflow-hidden">
+    <!-- Sidebar -->
+    <%= render 'lean_cms/shared/sidebar' %>
+
+    <!-- Main Content -->
+    <div class="flex-1 flex flex-col overflow-hidden">
+      <!-- Top Header -->
+      <%= render 'lean_cms/shared/header' %>
+
+      <!-- Content Lock Banner -->
+      <% if content_locked? %>
+        <% lock_info = content_lock_info %>
+        <div class="bg-amber-50 border-b border-amber-300 px-6 py-3 flex items-center justify-between">
+          <div class="flex items-center gap-3">
+            <svg class="w-5 h-5 text-amber-600 flex-shrink-0" fill="none" stroke="currentColor" viewBox="0 0 24 24">
+              <path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M12 15v2m-6 4h12a2 2 0 002-2v-6a2 2 0 00-2-2H6a2 2 0 00-2 2v6a2 2 0 002 2zm10-10V7a4 4 0 00-8 0v4h8z"/>
+            </svg>
+            <div>
+              <span class="font-semibold text-amber-800">Content editing is locked.</span>
+              <span class="text-amber-700 ml-1"><%= lock_info[:reason] %></span>
+              <% if lock_info[:locked_at].present? %>
+                <span class="text-amber-600 text-sm ml-2">Locked <%= time_ago_in_words(Time.parse(lock_info[:locked_at])) %> ago.</span>
+              <% end %>
+            </div>
+          </div>
+          <%= button_to 'Unlock', lean_cms_unlock_content_path, method: :post,
+                class: "text-sm font-medium px-3 py-1 rounded bg-amber-200 hover:bg-amber-300 text-amber-900 transition-colors" %>
+        </div>
+      <% end %>
+
+      <!-- Content Area -->
+      <main class="flex-1 overflow-y-auto bg-gray-50 p-6 pb-20">
+        <% if notice.present? %>
+          <div class="mb-4 bg-green-50 border border-green-200 text-green-800 px-4 py-3 rounded-lg flex items-center justify-between" role="alert">
+            <span><%= notice %></span>
+            <button type="button" class="text-green-600 hover:text-green-800" onclick="this.parentElement.remove()">
+              <svg class="w-5 h-5" fill="currentColor" viewBox="0 0 20 20">
+                <path fill-rule="evenodd" d="M4.293 4.293a1 1 0 011.414 0L10 8.586l4.293-4.293a1 1 0 111.414 1.414L11.414 10l4.293 4.293a1 1 0 01-1.414 1.414L10 11.414l-4.293 4.293a1 1 0 01-1.414-1.414L8.586 10 4.293 5.707a1 1 0 010-1.414z" clip-rule="evenodd"/>
+              </svg>
+            </button>
+          </div>
+        <% end %>
+
+        <% if alert.present? %>
+          <div class="mb-4 bg-red-50 border border-red-200 text-red-800 px-4 py-3 rounded-lg flex items-center justify-between" role="alert">
+            <span><%= alert %></span>
+            <button type="button" class="text-red-600 hover:text-red-800" onclick="this.parentElement.remove()">
+              <svg class="w-5 h-5" fill="currentColor" viewBox="0 0 20 20">
+                <path fill-rule="evenodd" d="M4.293 4.293a1 1 0 011.414 0L10 8.586l4.293-4.293a1 1 0 111.414 1.414L11.414 10l4.293 4.293a1 1 0 01-1.414 1.414L10 11.414l-4.293 4.293a1 1 0 01-1.414-1.414L8.586 10 4.293 5.707a1 1 0 010-1.414z" clip-rule="evenodd"/>
+              </svg>
+            </button>
+          </div>
+        <% end %>
+
+        <%= yield %>
+      </main>
+    </div>
+  </div>
+</body>
+</html>

data/app/views/layouts/lean_cms/auth.html.erb

@@ -0,0 +1,200 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <meta charset="UTF-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1.0">
+  <title><%= content_for?(:title) ? "#{yield(:title)} - " : "" %><%= LeanCms.site_name %></title>
+  <%= csrf_meta_tags %>
+  <%= csp_meta_tag %>
+
+  <link rel="icon" type="image/png" sizes="16x16" href="<%= asset_path("lean_cms/sloth-favicon-16.png") %>">
+  <link rel="icon" type="image/png" sizes="32x32" href="<%= asset_path("lean_cms/sloth-favicon-32.png") %>">
+  <link rel="icon" type="image/png" sizes="64x64" href="<%= asset_path("lean_cms/sloth-favicon-64.png") %>">
+  <link rel="apple-touch-icon" href="<%= asset_path("lean_cms/sloth-favicon-64.png") %>">
+
+  <link rel="preconnect" href="https://fonts.googleapis.com">
+  <link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
+  <link href="https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700;800&display=swap" rel="stylesheet">
+
+  <style>
+    /* Lean CMS auth pages — self-contained styling, no host CSS framework
+       required. The admin (post-login) layout assumes Tailwind. */
+
+    :root {
+      --lc-primary:   <%= LeanCms.primary_color %>;
+      --lc-secondary: <%= LeanCms.secondary_color %>;
+      --lc-ink:       #0f172a;
+      --lc-ink-soft:  #334155;
+      --lc-muted:     #64748b;
+      --lc-bg:        #f8fafc;
+      --lc-surface:   #ffffff;
+      --lc-border:    #e2e8f0;
+      --lc-red-bg:    #fef2f2;
+      --lc-red-fg:    #b91c1c;
+      --lc-grn-bg:    #f0fdf4;
+      --lc-grn-fg:    #15803d;
+    }
+
+    * { box-sizing: border-box; }
+    html, body { margin: 0; padding: 0; }
+    body {
+      font-family: 'Inter', -apple-system, BlinkMacSystemFont, 'Segoe UI', sans-serif;
+      background: var(--lc-bg);
+      color: var(--lc-ink);
+      min-height: 100vh;
+      display: flex;
+      flex-direction: column;
+      -webkit-font-smoothing: antialiased;
+      -moz-osx-font-smoothing: grayscale;
+    }
+
+    .lc-auth-main {
+      flex: 1;
+      display: flex;
+      align-items: center;
+      justify-content: center;
+      padding: 3rem 1rem;
+    }
+
+    .lc-auth-shell {
+      width: 100%;
+      max-width: 28rem;
+    }
+
+    .lc-auth-logo {
+      display: flex;
+      justify-content: center;
+      margin-bottom: 2rem;
+    }
+    .lc-auth-logo img { height: 3rem; width: auto; }
+
+    .lc-auth-card {
+      background: var(--lc-surface);
+      border: 1px solid var(--lc-border);
+      border-radius: 16px;
+      padding: 2rem;
+      box-shadow: 0 10px 30px -10px rgba(15, 23, 42, 0.08);
+    }
+
+    .lc-auth-title {
+      font-size: 1.5rem;
+      font-weight: 700;
+      color: var(--lc-ink);
+      margin: 0 0 0.5rem 0;
+    }
+    .lc-auth-lede {
+      font-size: 0.9375rem;
+      color: var(--lc-ink-soft);
+      margin: 0 0 1.5rem 0;
+    }
+
+    .lc-auth-flash {
+      padding: 0.625rem 0.875rem;
+      border-radius: 8px;
+      font-size: 0.875rem;
+      font-weight: 500;
+      margin-bottom: 1.25rem;
+    }
+    .lc-auth-flash--alert  { background: var(--lc-red-bg); color: var(--lc-red-fg); }
+    .lc-auth-flash--notice { background: var(--lc-grn-bg); color: var(--lc-grn-fg); }
+
+    .lc-auth-form { display: flex; flex-direction: column; gap: 1.25rem; }
+
+    .lc-auth-field { display: flex; flex-direction: column; gap: 0.5rem; }
+    .lc-auth-field label {
+      font-size: 0.8125rem;
+      font-weight: 600;
+      color: var(--lc-ink-soft);
+    }
+    .lc-auth-input {
+      width: 100%;
+      padding: 0.75rem 0.875rem;
+      border: 2px solid var(--lc-border);
+      border-radius: 9px;
+      font-size: 0.9375rem;
+      font-family: inherit;
+      color: var(--lc-ink);
+      background: var(--lc-surface);
+      outline: none;
+      transition: border-color 0.15s ease, box-shadow 0.15s ease;
+    }
+    .lc-auth-input::placeholder { color: var(--lc-muted); }
+    .lc-auth-input:focus {
+      border-color: var(--lc-primary);
+      box-shadow: 0 0 0 3px color-mix(in srgb, var(--lc-primary) 20%, transparent);
+    }
+
+    .lc-auth-btn {
+      display: inline-flex;
+      align-items: center;
+      justify-content: center;
+      padding: 0.75rem 1.5rem;
+      border: none;
+      border-radius: 9px;
+      font-size: 0.9375rem;
+      font-weight: 600;
+      font-family: inherit;
+      cursor: pointer;
+      background: var(--lc-primary);
+      color: white;
+      transition: filter 0.15s ease, transform 0.05s ease;
+    }
+    .lc-auth-btn:hover { filter: brightness(0.92); }
+    .lc-auth-btn:active { transform: translateY(1px); }
+    .lc-auth-btn--block { width: 100%; }
+
+    .lc-auth-actions {
+      display: flex;
+      align-items: center;
+      justify-content: space-between;
+      gap: 1rem;
+      margin-top: 0.5rem;
+    }
+    @media (max-width: 420px) {
+      .lc-auth-actions { flex-direction: column; align-items: stretch; }
+      .lc-auth-actions .lc-auth-link { text-align: center; }
+    }
+
+    .lc-auth-link {
+      color: var(--lc-primary);
+      font-size: 0.875rem;
+      font-weight: 500;
+      text-decoration: none;
+    }
+    .lc-auth-link:hover { filter: brightness(0.85); text-decoration: underline; }
+
+    .lc-auth-meta {
+      text-align: center;
+      font-size: 0.75rem;
+      color: var(--lc-muted);
+      margin-top: 1.5rem;
+    }
+  </style>
+</head>
+<body>
+  <main class="lc-auth-main">
+    <div class="lc-auth-shell">
+      <% if LeanCms.site_logo_path.present? %>
+        <div class="lc-auth-logo">
+          <%= link_to image_tag(LeanCms.site_logo_path, alt: LeanCms.site_name),
+                "/",
+                title: "Back to #{LeanCms.site_name}" %>
+        </div>
+      <% end %>
+
+      <div class="lc-auth-card">
+        <% if alert = flash[:alert] %>
+          <p class="lc-auth-flash lc-auth-flash--alert" role="alert"><%= alert %></p>
+        <% end %>
+        <% if notice = flash[:notice] %>
+          <p class="lc-auth-flash lc-auth-flash--notice" role="status"><%= notice %></p>
+        <% end %>
+
+        <%= yield %>
+      </div>
+
+      <p class="lc-auth-meta"><%= LeanCms.site_name %></p>
+    </div>
+  </main>
+</body>
+</html>