lean_cms 0.2.12

data/app/components/lean_cms/cards_section_component.html.erb

@@ -0,0 +1,237 @@
+<% cache cache_key, expires_in: 1.hour do %>
+  <% cards_data = cards %>
+  <% if cards_data.empty? %>
+    <% return %>
+  <% end %>
+
+  <% if can_edit_cms? && field %>
+    <%= content_tag(:div, class: 'cms-inline-field relative', data: data_attributes) do %>
+      <div class="grid md:grid-cols-<%= grid_cols %> gap-<%= gap %> <%= container_class %>"<% if scroll_animate %> data-controller="scroll-animate" data-scroll-animate-stagger-value="<%= stagger_delay %>"<% end %>>
+    <% cards_data.each do |card| %>
+      <%
+        # Parse card data (handle both string and symbol keys)
+        icon = card['icon'] || card[:icon]
+        icon_color = card['icon_color'] || card[:icon_color]
+        bg_color = card['bg_color'] || card[:bg_color]
+        heading = card['heading'] || card[:heading]
+        text = card['text'] || card[:text]
+        alignment = text_align || card['alignment'] || card[:alignment] || 'center'
+        use_image = card['use_image'] == true || card['use_image'] == 'true'
+        image_id = card['image_id'] || card[:image_id]
+        card_image = nil
+        
+        # Get image attachment if use_image is true and image_id is present
+        if use_image && image_id.present? && field
+          card_image = field.card_image(image_id)
+        end
+
+        # Determine styling classes
+        text_align_class = case alignment
+          when 'left' then 'text-left'
+          when 'right' then 'text-right'
+          else 'text-center'
+        end
+
+        # Handle gradient backgrounds (skip if ignore_card_bg is true)
+        has_gradient = !ignore_card_bg && bg_color&.include?('gradient')
+        bg_gradient_class = if ignore_card_bg
+          nil
+        else
+          case bg_color
+            when 'gradient-red'
+              'bg-gradient-to-br from-[#b82025] to-[#a01c20] text-white'
+            when 'gradient-blue'
+              'bg-gradient-to-br from-[#2563eb] to-[#1e40af] text-white'
+            else
+              nil
+          end
+        end
+
+        # Regular background color (skip if ignore_card_bg is true)
+        bg_style = nil
+        is_dark_bg = false
+        if !ignore_card_bg && !has_gradient && bg_color&.start_with?('#')
+          bg_style = "background-color: #{bg_color};"
+          # Detect actual brightness so light colors (e.g. #dbeafe) get dark text
+          hex_match = bg_color.match(/#([0-9a-f]{2})([0-9a-f]{2})([0-9a-f]{2})/i)
+          if hex_match
+            r, g, b = hex_match[1].to_i(16), hex_match[2].to_i(16), hex_match[3].to_i(16)
+            brightness = (r * 299 + g * 587 + b * 114) / 1000
+            is_dark_bg = brightness < 128
+          end
+        end
+
+        # Determine if we need light text (for dark backgrounds or gradients)
+        use_light_text = !ignore_card_bg && (has_gradient || is_dark_bg)
+      %>
+
+      <div class="<%= card_class %> <%= bg_gradient_class %> <%= text_align_class %>"
+           <% if bg_style %>style="<%= bg_style %>"<% end %>>
+
+        <%# Render image or icon if present %>
+        <% if use_image && card_image %>
+          <%# Display uploaded image - resize to 512x512 for retina displays, CSS will scale down %>
+          <div class="w-<%= icon_size %> h-<%= icon_size %>
+                      <%= alignment == 'center' ? 'mx-auto' : '' %>
+                      mb-<%= alignment == 'center' ? '4' : '6' %>
+                      flex items-center justify-center">
+            <%= image_tag card_image.variant(resize_to_limit: [512, 512]), 
+                class: "w-full h-full object-contain",
+                alt: heading.presence || 'Card image' %>
+          </div>
+        <% elsif icon.present? %>
+          <% if icon_bg_gradient %>
+            <%# Red gradient icon box (like landing page service cards) %>
+            <div class="w-<%= icon_size %> h-<%= icon_size %>
+                        rounded-xl
+                        flex items-center justify-center
+                        <%= alignment == 'center' ? 'mx-auto' : '' %>
+                        mb-6"
+                 style="background: linear-gradient(135deg, #b82025, #d92028);">
+              <%= helpers.render_card_icon(icon, 'white', true) %>
+            </div>
+          <% else %>
+            <div class="w-<%= icon_size %> h-<%= icon_size %>
+                        <%= use_light_text ? 'bg-white/20' : (bg_color&.start_with?('#') ? '' : "bg-#{bg_color}") %>
+                        rounded-<%= icon_shape %>
+                        flex items-center justify-center
+                        <%= alignment == 'center' ? 'mx-auto' : '' %>
+                        mb-<%= alignment == 'center' ? '4' : '6' %>">
+              <%= helpers.render_card_icon(icon, icon_color, use_light_text) %>
+            </div>
+          <% end %>
+        <% end %>
+
+        <%# Render heading %>
+        <% if heading.present? %>
+          <h3 class="text-<%= alignment == 'center' ? 'xl' : '2xl' %> font-bold mb-<%= alignment == 'center' ? '2' : '4' %>
+                     <%= use_light_text ? 'text-white' : 'text-slate-800' %>">
+            <%= heading %>
+          </h3>
+        <% end %>
+
+        <%# Render text/description %>
+        <% if text.present? %>
+          <p class="leading-relaxed <%= use_light_text ? 'text-white opacity-90' : 'text-slate-500' %>">
+            <%= text %>
+          </p>
+        <% end %>
+      </div>
+    <% end %>
+    <% end %>
+  <% else %>
+    <div class="grid md:grid-cols-<%= grid_cols %> gap-<%= gap %> <%= container_class %>"<% if scroll_animate %> data-controller="scroll-animate" data-scroll-animate-stagger-value="<%= stagger_delay %>"<% end %>>
+      <% cards_data.each do |card| %>
+        <%
+          # Parse card data (handle both string and symbol keys)
+          icon = card['icon'] || card[:icon]
+          icon_color = card['icon_color'] || card[:icon_color]
+          bg_color = card['bg_color'] || card[:bg_color]
+          heading = card['heading'] || card[:heading]
+          text = card['text'] || card[:text]
+          alignment = text_align || card['alignment'] || card[:alignment] || 'center'
+          use_image = card['use_image'] == true || card['use_image'] == 'true'
+          image_id = card['image_id'] || card[:image_id]
+          card_image = nil
+          
+          # Get image attachment if use_image is true and image_id is present
+          if use_image && image_id.present? && field
+            card_image = field.card_image(image_id)
+          end
+
+          # Determine styling classes
+          text_align_class = case alignment
+            when 'left' then 'text-left'
+            when 'right' then 'text-right'
+            else 'text-center'
+          end
+
+          # Handle gradient backgrounds (skip if ignore_card_bg is true)
+          has_gradient = !ignore_card_bg && bg_color&.include?('gradient')
+          bg_gradient_class = if ignore_card_bg
+            nil
+          else
+            case bg_color
+              when 'gradient-red'
+                'bg-gradient-to-br from-[#b82025] to-[#a01c20] text-white'
+              when 'gradient-blue'
+                'bg-gradient-to-br from-blue-600 to-blue-800 text-white'
+              else
+                nil
+            end
+          end
+
+          # Regular background color (skip if ignore_card_bg is true)
+          bg_style = nil
+          is_dark_bg = false
+          if !ignore_card_bg && !has_gradient && bg_color&.start_with?('#')
+            bg_style = "background-color: #{bg_color};"
+            # Detect actual brightness so light colors (e.g. #dbeafe) get dark text
+            hex_match = bg_color.match(/#([0-9a-f]{2})([0-9a-f]{2})([0-9a-f]{2})/i)
+            if hex_match
+              r, g, b = hex_match[1].to_i(16), hex_match[2].to_i(16), hex_match[3].to_i(16)
+              brightness = (r * 299 + g * 587 + b * 114) / 1000
+              is_dark_bg = brightness < 128
+            end
+          end
+
+          # Determine if we need light text (for dark backgrounds or gradients)
+          use_light_text = !ignore_card_bg && (has_gradient || is_dark_bg)
+        %>
+
+        <div class="<%= card_class %> <%= bg_gradient_class %> <%= text_align_class %>"
+             <% if bg_style %>style="<%= bg_style %>"<% end %>>
+
+          <%# Render image or icon if present %>
+          <% if use_image && card_image %>
+            <%# Display uploaded image - resize to 512x512 for retina displays, CSS will scale down %>
+            <div class="w-<%= icon_size %> h-<%= icon_size %>
+                        <%= alignment == 'center' ? 'mx-auto' : '' %>
+                        mb-<%= alignment == 'center' ? '4' : '6' %>
+                        flex items-center justify-center">
+              <%= image_tag card_image.variant(resize_to_limit: [512, 512]), 
+                  class: "w-full h-full object-contain",
+                  alt: heading.presence || 'Card image' %>
+            </div>
+          <% elsif icon.present? %>
+            <% if icon_bg_gradient %>
+              <%# Red gradient icon box (like landing page service cards) %>
+              <div class="w-<%= icon_size %> h-<%= icon_size %>
+                          rounded-xl
+                          flex items-center justify-center
+                          <%= alignment == 'center' ? 'mx-auto' : '' %>
+                          mb-6"
+                   style="background: linear-gradient(135deg, #b82025, #a01c20);">
+                <%= helpers.render_card_icon(icon, 'white', true) %>
+              </div>
+            <% else %>
+              <div class="w-<%= icon_size %> h-<%= icon_size %>
+                          <%= use_light_text ? 'bg-white/20' : (bg_color&.start_with?('#') ? '' : "bg-#{bg_color}") %>
+                          rounded-<%= icon_shape %>
+                          flex items-center justify-center
+                          <%= alignment == 'center' ? 'mx-auto' : '' %>
+                          mb-<%= alignment == 'center' ? '4' : '6' %>">
+                <%= helpers.render_card_icon(icon, icon_color, use_light_text) %>
+              </div>
+            <% end %>
+          <% end %>
+
+          <%# Render heading %>
+          <% if heading.present? %>
+            <h3 class="text-<%= alignment == 'center' ? 'xl' : '2xl' %> font-bold mb-<%= alignment == 'center' ? '2' : '4' %>
+                       <%= use_light_text ? 'text-white' : 'text-slate-800' %>">
+              <%= heading %>
+            </h3>
+          <% end %>
+
+          <%# Render text/description %>
+          <% if text.present? %>
+            <p class="leading-relaxed <%= use_light_text ? 'text-white opacity-90' : 'text-slate-500' %>">
+              <%= text %>
+            </p>
+          <% end %>
+        </div>
+      <% end %>
+    </div>
+  <% end %>
+<% end %>

data/app/components/lean_cms/cards_section_component.rb

@@ -0,0 +1,71 @@
+module LeanCms
+  class CardsSectionComponent < BaseComponent
+    attr_reader :section, :grid_cols, :gap, :container_class, :card_class, :icon_size, 
+                :icon_shape, :icon_bg_gradient, :text_align, :ignore_card_bg, 
+                :scroll_animate, :stagger_delay
+
+    def initialize(section:, page: nil, grid_cols: 3, gap: 8, container_class: '', 
+                   card_class: 'bg-white rounded-xl p-8 shadow-sm hover:shadow-md transition-shadow',
+                   icon_size: 12, icon_shape: 'lg', icon_bg_gradient: false,
+                   text_align: nil, ignore_card_bg: false, scroll_animate: false,
+                   stagger_delay: 150, **options)
+      super(page: page)
+      @section = section
+      @grid_cols = grid_cols
+      @gap = gap
+      @container_class = container_class
+      @card_class = card_class
+      @icon_size = icon_size
+      @icon_shape = icon_shape
+      @icon_bg_gradient = icon_bg_gradient
+      @text_align = text_align
+      @ignore_card_bg = ignore_card_bg
+      @scroll_animate = scroll_animate
+      @stagger_delay = stagger_delay
+      @options = options
+    end
+
+    private
+
+    def cache_key
+      super("#{section}_cards")
+    end
+
+    def cards
+      if page.is_a?(LeanCms::Page) && page.page_contents.loaded?
+        content_record = page.page_contents.find { |pc| pc.section == section.to_s && pc.key == 'cards' }
+        return [] unless content_record&.cards?
+        content_record.display_value
+      else
+        page_key = page.is_a?(LeanCms::Page) ? page.slug : page.to_s
+        Rails.cache.fetch("page_cards/#{page_key}/#{section}", expires_in: 1.hour) do
+          content_record = if page.is_a?(LeanCms::Page)
+            LeanCms::PageContent.find_by(page_id: page.id, section: section, key: 'cards')
+          else
+            LeanCms::PageContent.find_by("page = ? AND section = ? AND key = ?", page.to_s, section.to_s, 'cards')
+          end
+          return [] unless content_record&.cards?
+          content_record.display_value
+        end
+      end
+    end
+
+    def field
+      @field ||= find_field(section, 'cards')
+    end
+
+    def data_attributes
+      return {} unless can_edit_cms? && field
+
+      {
+        controller: 'inline-edit',
+        inline_edit_field_id_value: field.id,
+        inline_edit_type_value: 'cards',
+        inline_edit_inline_value: false,
+        inline_edit_page_value: page_slug,
+        inline_edit_section_value: section,
+        inline_edit_key_value: 'cards'
+      }
+    end
+  end
+end

data/app/components/lean_cms/editable_content_component.html.erb

@@ -0,0 +1,15 @@
+<% if field&.rich_text? %>
+  <%# Rich text content %>
+  <% if can_edit_cms? && field %>
+    <%= content_tag(:div, raw(value), html_options.merge(class: css_classes, data: data_attributes)) %>
+  <% else %>
+    <%= raw(value) %>
+  <% end %>
+<% else %>
+  <%# Regular text content %>
+  <% if can_edit_cms? && field %>
+    <%= content_tag(tag, value, html_options.merge(class: css_classes, data: data_attributes)) %>
+  <% else %>
+    <%= content_tag(tag, value, html_options) %>
+  <% end %>
+<% end %>

data/app/components/lean_cms/editable_content_component.rb

@@ -0,0 +1,53 @@
+module LeanCms
+  class EditableContentComponent < BaseComponent
+    attr_reader :section, :key, :tag, :default, :html_options
+
+    def initialize(section:, key:, tag: :span, default: nil, page: nil, **html_options)
+      super(page: page)
+      @section = section
+      @key = key
+      @tag = tag
+      @default = default
+      @html_options = html_options
+    end
+
+    private
+
+    attr_reader :field
+
+    def field
+      @field ||= find_field(section, key)
+    end
+
+    def value
+      if field&.rich_text?
+        helpers.page_content_html(page, section, key, default: default)
+      else
+        field_value(section, key, default: default)
+      end
+    end
+
+    def inline_editable?
+      field&.text? || field&.url? || field&.color?
+    end
+
+    def data_attributes
+      return {} unless can_edit_cms? && field
+
+      {
+        controller: 'inline-edit',
+        inline_edit_field_id_value: field.id,
+        inline_edit_type_value: field.content_type,
+        inline_edit_inline_value: inline_editable?,
+        inline_edit_page_value: page_slug,
+        inline_edit_section_value: section,
+        inline_edit_key_value: key
+      }
+    end
+
+    def css_classes
+      base_classes = html_options[:class] || ''
+      can_edit_cms? && field ? "#{base_classes} cms-inline-field".strip : base_classes
+    end
+  end
+end

data/app/components/lean_cms/section_component.html.erb

@@ -0,0 +1,18 @@
+<% cache cache_key, expires_in: 1.hour do %>
+  <% if can_edit_cms? %>
+    <div class="cms-editable-section"
+         data-cms-section="<%= page_slug %>/<%= section %>"
+         data-controller="cms-sticky-overlay"
+         data-action="mouseenter->cms-sticky-overlay#mouseEnter mouseleave->cms-sticky-overlay#mouseLeave">
+      <%= content %>
+      <div class="cms-edit-overlay" data-cms-sticky-overlay-target="overlay">
+        <div class="cms-edit-controls">
+          <span class="cms-section-title"><%= full_title %></span>
+          <%= link_to 'Edit', edit_url, target: '_blank', class: 'cms-edit-button', data: { turbo: false } %>
+        </div>
+      </div>
+    </div>
+  <% else %>
+    <%= content %>
+  <% end %>
+<% end %>

data/app/components/lean_cms/section_component.rb

@@ -0,0 +1,35 @@
+module LeanCms
+  class SectionComponent < BaseComponent
+    attr_reader :section, :title
+
+    def initialize(section:, title: nil, page: nil, **options)
+      super(page: page)
+      @section = section
+      @title = title
+      @options = options
+    end
+
+    private
+
+    def cache_key
+      super(section)
+    end
+
+    def display_title
+      return title if title.present?
+      section.humanize
+    end
+
+    def page_title
+      page.is_a?(LeanCms::Page) ? page.title : page_slug.titleize
+    end
+
+    def full_title
+      "#{page_title} - #{display_title}"
+    end
+
+    def edit_url
+      @view_context.lean_cms_edit_page_content_path(page: page_slug, section: section)
+    end
+  end
+end

data/app/controllers/concerns/lean_cms/authentication.rb

@@ -0,0 +1,60 @@
+module LeanCms
+  module Authentication
+    extend ActiveSupport::Concern
+
+    included do
+      before_action :resume_session
+      before_action :require_authentication
+      helper_method :authenticated?, :current_user
+    end
+
+    class_methods do
+      def allow_unauthenticated_access(**options)
+        skip_before_action :require_authentication, **options
+      end
+    end
+
+    private
+
+    def authenticated?
+      LeanCms::Current.session.present?
+    end
+
+    def current_user
+      LeanCms::Current.user
+    end
+
+    def require_authentication
+      authenticated? || request_authentication
+    end
+
+    def resume_session
+      LeanCms::Current.session ||= find_session_by_cookie
+    end
+
+    def find_session_by_cookie
+      LeanCms::Session.find_by(id: cookies.signed[:session_id]) if cookies.signed[:session_id]
+    end
+
+    def request_authentication
+      session[:return_to_after_authenticating] = request.url
+      redirect_to lean_cms_new_session_path
+    end
+
+    def after_authentication_url
+      session.delete(:return_to_after_authenticating) || root_url
+    end
+
+    def start_new_session_for(user)
+      LeanCms::Session.create!(user: user, user_agent: request.user_agent, ip_address: request.remote_ip).tap do |session|
+        LeanCms::Current.session = session
+        cookies.signed.permanent[:session_id] = { value: session.id, httponly: true, same_site: :lax }
+      end
+    end
+
+    def terminate_session
+      LeanCms::Current.session.destroy
+      cookies.delete(:session_id)
+    end
+  end
+end

data/app/controllers/concerns/lean_cms/authorization.rb

@@ -0,0 +1,60 @@
+module LeanCms
+  module Authorization
+    extend ActiveSupport::Concern
+
+    included do
+      before_action :require_cms_access
+      helper_method :current_user
+    end
+
+    private
+
+    # Base access check - user must have at least one CMS permission
+    def require_cms_access
+      unless LeanCms::Current.user&.has_any_cms_permission?
+        redirect_to root_path, alert: "You do not have access to the CMS."
+      end
+    end
+
+    # Specific permission checks for controllers that need them
+    def require_page_editing
+      unless LeanCms::Current.user&.can_edit_pages?
+        redirect_to lean_cms_root_path, alert: "You do not have permission to edit pages."
+      end
+    end
+
+    def require_blog_editing
+      unless LeanCms::Current.user&.can_edit_blog?
+        redirect_to lean_cms_root_path, alert: "You do not have permission to edit blog posts."
+      end
+    end
+
+    def require_user_management
+      unless LeanCms::Current.user&.can_manage_users?
+        redirect_to lean_cms_root_path, alert: "You do not have permission to manage users."
+      end
+    end
+
+    def require_settings_access
+      unless LeanCms::Current.user&.can_access_settings?
+        redirect_to lean_cms_root_path, alert: "You do not have permission to access settings."
+      end
+    end
+
+    # Check if current user can edit a specific record
+    def can_edit?(record)
+      return true if LeanCms::Current.user&.is_super_admin?
+      return true if record.respond_to?(:author) && record.author == LeanCms::Current.user
+      false
+    end
+
+    def set_paper_trail_whodunnit
+      PaperTrail.request.whodunnit = LeanCms::Current.user&.id
+    end
+
+    # Helper method for views
+    def current_user
+      LeanCms::Current.user
+    end
+  end
+end

data/app/controllers/lean_cms/activity_controller.rb

@@ -0,0 +1,16 @@
+module LeanCms
+  class ActivityController < ApplicationController
+    skip_before_action :check_content_lock
+    before_action :require_settings_access
+
+    def index
+      @versions = PaperTrail::Version
+        .order(created_at: :desc)
+        .page(params[:page])
+        .per(20)
+
+      @versions = @versions.where(item_type: params[:item_type]) if params[:item_type].present?
+      @versions = @versions.where(whodunnit: params[:whodunnit]) if params[:whodunnit].present?
+    end
+  end
+end

data/app/controllers/lean_cms/application_controller.rb

@@ -0,0 +1,48 @@
+module LeanCms
+  class ApplicationController < ::ApplicationController
+    # Pundit is included here so the gem's admin controllers (UsersController
+    # most prominently) can call `authorize` / `policy_scope` without
+    # requiring the host's ApplicationController to include it. Hosts that
+    # want Pundit available in their own non-CMS controllers should still
+    # `include Pundit::Authorization` in their own ApplicationController.
+    include Pundit::Authorization
+
+    include LeanCms::Authorization
+
+    layout 'lean_cms/application'
+
+    before_action :set_paper_trail_whodunnit
+    before_action :check_content_lock, only: [:create, :update]
+
+    private
+
+    def can_edit?(resource)
+      return true if current_user&.is_super_admin?
+      return true if resource.respond_to?(:author) && resource.author_id == current_user&.id
+      false
+    end
+    helper_method :can_edit?
+
+    def content_locked?
+      LeanCms::Setting.content_locked?
+    end
+    helper_method :content_locked?
+
+    def content_lock_info
+      LeanCms::Setting.content_lock_info
+    end
+    helper_method :content_lock_info
+
+    def check_content_lock
+      return unless content_locked?
+
+      lock_info = content_lock_info
+      message = "Content editing is temporarily locked: #{lock_info[:reason]}"
+
+      respond_to do |format|
+        format.html { redirect_back fallback_location: lean_cms_dashboard_path, alert: message }
+        format.json { render json: { error: message, locked: true }, status: :locked }
+      end
+    end
+  end
+end

data/app/controllers/lean_cms/dashboard_controller.rb

@@ -0,0 +1,13 @@
+module LeanCms
+  class DashboardController < LeanCms::ApplicationController
+    skip_before_action :check_content_lock
+
+    def index
+      @recent_posts = LeanCms::Post.recent.limit(5)
+      @recent_submissions = LeanCms::FormSubmission.recent.limit(10)
+      @unread_submissions_count = LeanCms::FormSubmission.unread.count
+      @draft_posts_count = LeanCms::Post.draft.count
+      @published_posts_count = LeanCms::Post.published.count
+    end
+  end
+end

data/app/controllers/lean_cms/form_submissions_controller.rb

@@ -0,0 +1,37 @@
+module LeanCms
+  class FormSubmissionsController < LeanCms::ApplicationController
+    skip_before_action :check_content_lock
+    before_action :set_form_submission, only: [:show, :mark_as_read, :mark_as_replied, :destroy]
+
+    def index
+      @form_submissions = LeanCms::FormSubmission.recent
+      @form_submissions = @form_submissions.where(form_type: params[:form_type]) if params[:form_type].present?
+      @form_submissions = @form_submissions.where(status: params[:status]) if params[:status].present?
+    end
+
+    def show
+      @form_submission.mark_as_read! if @form_submission.unread?
+    end
+
+    def mark_as_read
+      @form_submission.mark_as_read!
+      redirect_to lean_cms_form_submissions_path, notice: 'Submission marked as read.'
+    end
+
+    def mark_as_replied
+      @form_submission.mark_as_replied!
+      redirect_to lean_cms_form_submissions_path, notice: 'Submission marked as replied.'
+    end
+
+    def destroy
+      @form_submission.destroy
+      redirect_to lean_cms_form_submissions_path, notice: 'Submission deleted successfully.'
+    end
+
+    private
+
+    def set_form_submission
+      @form_submission = LeanCms::FormSubmission.find(params[:id])
+    end
+  end
+end