locomotivecms_steam 1.5.0.beta3 → 1.5.0.rc0

data/lib/locomotive/steam/middlewares/locale.rb

@@ -10,7 +10,7 @@ module Locomotive::Steam
     #   /index      => locale = :en (default one)
     #
     #   /en/index?locale=fr => locale = :fr
-    #   /index      => redirection to /en if the locale in session is :en
+    #   /index      => redirection to /en if the locale in cookie is :en
     #
     class Locale < ThreadSafe
 
@@ -19,7 +19,9 @@ module Locomotive::Steam
       def _call
         env['steam.path']   = request.path_info
 
-        env['steam.locale'] = session[session_key_name] = services.locale = extract_locale
+        env['steam.locale'] = services.locale = extract_locale
+
+        set_locale_cookie
 
         log "Locale used: #{locale.upcase}"
 
@@ -34,7 +36,7 @@ module Locomotive::Steam
         # Regarding the index page (basically, "/"), we've to see if we could
         # guess the locale from the headers the browser sends to us.
         locale = if is_index_page?
-          locale_from_params || locale_from_session || locale_from_header
+          locale_from_params || locale_from_cookie || locale_from_header
         else
           locale_from_path || locale_from_params
         end
@@ -75,20 +77,23 @@ module Locomotive::Steam
         end
       end
 
-      def locale_from_session
-        if locale = session[session_key_name]
-          env['steam.locale_in_session'] = true
+      def locale_from_cookie
+        if locale = services.cookie.get(cookie_key_name)
 
-          log 'Locale extracted from the session'
+          log 'Locale extracted from the cookie'
 
           locale.to_sym
         end
       end
 
-      # The preview urls for all the sites share the same domain, so session[:locale]
+      def set_locale_cookie
+        services.cookie.set(cookie_key_name, {'value': locale, 'path': '/', 'max_age': 1.year})
+      end
+
+      # The preview urls for all the sites share the same domain, so cookie[:locale]
       # would be the same for all the preview urls and this is not good.
       # This is why we need to use a different key.
-      def session_key_name
+      def cookie_key_name
         live_editing? ? "steam-locale-#{site.handle}" : 'steam-locale'
       end
 

data/lib/locomotive/steam/models/associations/belongs_to.rb

@@ -21,6 +21,12 @@ module Locomotive::Steam
         :"#{__name__}_id"
       end
 
+      def __attach__(entity)
+        # setting a default nil value for the target key
+        entity[__target_key__] ||= nil
+        super
+      end
+
     end
 
   end

data/lib/locomotive/steam/server.rb

@@ -63,6 +63,7 @@ module Locomotive::Steam
           Middlewares::Locale,
           Middlewares::LocaleRedirection,
           Middlewares::Redirection,
+          Middlewares::ImpersonatedEntry,
           Middlewares::Auth,
           Middlewares::PrivateAccess,
           Middlewares::Path,

data/lib/locomotive/steam/services.rb

@@ -75,7 +75,7 @@ module Locomotive
         end
 
         register :action do
-          Steam::ActionService.new(current_site, email, content_entry: content_entry, api: external_api, redirection: page_redirection)
+          Steam::ActionService.new(current_site, email, content_entry: content_entry, api: external_api, redirection: page_redirection, cookie: cookie)
         end
 
         register :content_entry do
@@ -142,10 +142,18 @@ module Locomotive
           Steam::AuthService.new(current_site, content_entry, email)
         end
 
+        register :recaptcha do
+          Steam::RecaptchaService.new(current_site, request)
+        end
+
         register :cache do
           Steam::NoCacheService.new
         end
 
+        register :cookie do
+          Steam::CookieService.new(request)
+        end
+
         register :configuration do
           Locomotive::Steam.configuration
         end

data/lib/locomotive/steam/services/action_service.rb

@@ -11,7 +11,7 @@ module Locomotive
 
     class ActionService
 
-      SERVICES = %w(content_entry api redirection)
+      SERVICES = %w(content_entry api redirection cookie)
 
       BUILT_IN_FUNCTIONS = %w(
         getProp
@@ -84,11 +84,11 @@ module Locomotive
       end
 
       def get_cookies_prop_lambda(liquid_context)
-        -> (name) { liquid_context.registers[:cookies][name.to_s].as_json }
+        -> (name) { cookie_service.get(name.to_s) }
       end
 
       def set_cookies_prop_lambda(liquid_context)
-        -> (name, value) { liquid_context.registers[:cookies][name.to_s] = value.to_s }
+        -> (name, values) { cookie_service.set(name.to_s, values) }
       end
 
       def all_entries_lambda(liquid_context)

data/lib/locomotive/steam/services/auth_service.rb

@@ -30,7 +30,7 @@ module Locomotive
       def sign_in(options, request)
         entry = entries.all(options.type, options.id_field => options.id).first
 
-        if entry && entry.send(options.password_field)
+        if entry && (entry.send(options.password_field).present?)
           hashed_password = entry[:"#{options.password_field}_hash"]
           password        = ::BCrypt::Engine.hash_secret(options.password, entry.send(options.password_field).try(:salt))
           same_password   = secure_compare(password, hashed_password)

data/lib/locomotive/steam/services/content_entry_service.rb

@@ -24,6 +24,16 @@ module Locomotive
         end
       end
 
+      def build(type_slug, attributes)
+        with_repository(type_slug) do |_repository|
+          _attributes = prepare_attributes(_repository.content_type, attributes)
+
+          entry = _repository.build(_attributes)
+
+          i18n_decorate { entry }
+        end
+      end
+
       # Warning: do not work with localized and file fields
       def create(type_slug, attributes, as_json = false)
         with_repository(type_slug) do |_repository|
@@ -144,7 +154,7 @@ module Locomotive
         # check if the entry has unique values for its
         # fields marked as unique
         content_type_repository.look_for_unique_fields(entry.content_type).each do |name, _|
-          if _repository.exists?(name => entry.send(name))
+          if _repository.exists?(name => entry.send(name), :"_id.ne" => entry._id)
             entry.errors.add(name, :taken)
           end
         end

data/lib/locomotive/steam/services/cookie_service.rb

@@ -0,0 +1,25 @@
+module Locomotive
+  module Steam
+
+    class CookieService
+
+      def initialize(request)
+        @request = request
+        @cookies = request.env['steam.cookies']
+      end
+
+      def set(key, vals)
+        @cookies[key] = vals
+      end
+
+      def get(key)
+        if @cookies.include?(key)
+          @cookies[key]['value']
+        else
+          @request.cookies[key]
+        end
+      end
+
+    end
+  end
+end

data/lib/locomotive/steam/services/page_finder_service.rb

@@ -16,6 +16,11 @@ module Locomotive
       def match(path)
         decorate do
           repository.matching_fullpath(path_combinations(path))
+        end.sort do |page_1, page_2|
+          # normal pages have priority over the templatized ones if they're not in the same "folder"
+          same_folder?(page_1, page_2) ?
+            page_1.position <=> page_2.position :
+            (page_2.fullpath.include?(WILDCARD) ? 0 : 1) <=> (page_1  .fullpath.include?(WILDCARD) ? 0 : 1)
         end
       end
 
@@ -58,6 +63,13 @@ module Locomotive
         _path_combinations(path.split('/'))
       end
 
+      def same_folder?(page_1, page_2)
+        (path_1 = page_1.fullpath.split('/')).pop
+        (path_2 = page_2.fullpath.split('/')).pop
+
+        path_1.join('/') == path_2.join('/')
+      end
+
       def _path_combinations(segments, can_include_template = true)
         return nil if segments.empty?
         segment = segments.shift

data/lib/locomotive/steam/services/recaptcha_service.rb

@@ -0,0 +1,33 @@
+require 'httparty'
+
+module Locomotive
+  module Steam
+
+    # This service supports Google Recaptcha or any API compatible with Google
+    class RecaptchaService
+
+      GOOGLE_API_URL = 'https://www.google.com/recaptcha/api/siteverify'.freeze
+
+      def initialize(site, request)
+        @api      = site.metafields.dig(:google, :recaptcha_api_url) || GOOGLE_API_URL
+        @secret   = site.metafields.dig(:google, :recaptcha_secret)
+        @ip       = request.ip
+      end
+
+      def verify(response_code)
+        # save a HTTP query if there is no code
+        return false if response_code.blank?
+
+        _response = HTTParty.get(@api, { query: {
+          secret:   @secret,
+          response: response_code,
+          remoteip: @ip
+        }})
+
+        _response.parsed_response['success']
+      end
+
+    end
+
+  end
+end

data/lib/locomotive/steam/services/translator_service.rb

@@ -15,23 +15,22 @@ module Locomotive
       def translate(input, options = {})
         locale  = options['locale'] || self.current_locale
         scope   = options.delete('scope')
+        key     = scope.present? ? "#{scope.gsub('.', '_')}_#{input}" : input
 
-        if scope.blank?
-          input = "#{input}_#{pluralize_prefix(options['count'])}" if options['count']
+        key     = "#{key}_#{pluralize_prefix(options['count'])}" if options['count']
 
-          values = find_values_by_key(input)
+        values  = find_values_by_key(key)
 
-          # FIXME: important to check if the returned value is nil (instead of nil + false)
-          # false being reserved for an existing key but without provided translation)
-          if (translation = values[locale.to_s]).present?
-            _translate(translation, options)
-          else
-            Locomotive::Common::Logger.warn "Missing translation '#{input}' for the '#{locale}' locale".yellow
-            ActiveSupport::Notifications.instrument('steam.missing_translation', input: input, locale: locale)
-            input
-          end
+        # FIXME: important to check if the returned value is nil (instead of nil + false)
+        # false being reserved for an existing key but without provided translation)
+        if (translation = values[locale.to_s]).present?
+          _translate(translation, options)
+        elsif output = I18n.t(input, scope: scope&.split('.'), locale: locale, default: nil)
+          output
         else
-          I18n.t(input, scope: scope.split('.'), locale: locale)
+          Locomotive::Common::Logger.warn "Missing translation '#{input}' for the '#{locale}' locale".yellow
+          ActiveSupport::Notifications.instrument('steam.missing_translation', input: input, locale: locale)
+          input
         end
       end
 

data/lib/locomotive/steam/version.rb

@@ -3,6 +3,6 @@
 # 1.0.0.alpha < 1.0.0.alpha1 < 1.0.0.beta < 1.0.0.beta2 < 1.0.0.beta11 < 1.0.0.rc1 < 1.0.0
 module Locomotive
   module Steam
-    VERSION = '1.5.0.beta3'
+    VERSION = '1.5.0.rc0'
   end
 end

data/spec/integration/liquid/filters/translate_spec.rb

@@ -48,6 +48,13 @@ describe Locomotive::Steam::Liquid::Filters::Translate do
 
     end
 
+    describe 'shortcut alias' do
+
+      let(:source) { "{{ 'welcome_message' | t: 'fr', 'locomotive.default' }}" }
+      it { expect(translator).to receive(:translate).with('welcome_message', 'locale' => 'fr', 'scope' => 'locomotive.default'); subject }
+
+    end
+
   end
 
   describe 'pluralization' do

data/spec/integration/repositories/content_entry_repository_spec.rb

@@ -79,6 +79,10 @@ describe Locomotive::Steam::ContentEntryRepository do
         before { target_repository.scope.locale = :fr }
         subject { target_repository.all(band: nil) }
         it { expect(subject.size).to eq 2 }
+
+        describe 'set a nil value to the attribute storing the id of the related element' do
+          it { expect(subject.map(&:band_id)).to eq([nil, nil]) }
+        end
       end
     end
 

data/spec/integration/server/auth_spec.rb

@@ -152,9 +152,16 @@ describe 'Authentication' do
       'authenticated_entry_id'    => 'john'
     } }
 
+    it 'redirect to the requested page' do
+      post '/account/sign-in', params, { 'rack.session' => rack_session }
+      expect(last_response.status).to eq 301
+      expect(last_response.location).to eq "/account/sign-in"
+    end
+
     it 'displays the profile page as described in the params' do
       post '/account/sign-in', params, { 'rack.session' => rack_session }
-      expect(last_response.body).to include "You've been signed out"
+      follow_redirect!
+      expect(last_response.body).to include "Sign in"
       expect(last_response.body).not_to include "You're already authenticated!"
     end
 

data/spec/integration/services/content_entry_service_spec.rb

@@ -76,6 +76,17 @@ describe Locomotive::Steam::ContentEntryService do
 
       after(:all) { Locomotive::Steam::Adapters::Filesystem::SimpleCacheStore.new.clear }
 
+      describe '#build' do
+
+        let(:attributes) { { name: 'John', email: 'john@doe.net', message: 'Hello world!' } }
+
+        subject { service.build('messages', attributes) }
+
+        it { expect(subject['name']).to eq 'John' }
+        it { expect(subject['errors'].blank?).to eq true }
+
+      end
+
       describe '#create' do
 
         let(:attributes) { { name: 'John', email: 'john@doe.net', message: 'Hello world!' } }

data/spec/support/helpers.rb

@@ -63,7 +63,7 @@ module Spec
 
       ActiveSupport::Notifications.unsubscribe(subscription)
 
-      return payload
+      payload
     end
 
   end

data/spec/unit/liquid/drops/section_content_proxy_spec.rb

@@ -46,6 +46,14 @@ describe Locomotive::Steam::Liquid::Drops::SectionContentProxy do
 
     end
 
+    context 'it outputs the target="_blank" A attribute if new window is true' do
+
+      subject { drop.before_method(:link).new_window_attribute }
+
+      it { is_expected.to eq('target="_blank"') }
+
+    end
+
   end
 
   describe 'image picker type setting' do

data/spec/unit/liquid/tags/action_spec.rb

@@ -6,7 +6,8 @@ describe Locomotive::Steam::Liquid::Tags::Action do
   let(:source)    { '{% action "random Javascript action" %}var foo = 42; setProp("foo", foo);{% endaction %}' }
   let(:assigns)   { {} }
   let(:registers) { { services: services } }
-  let(:services)  { Locomotive::Steam::Services.build_instance }
+  let(:request)   { instance_double('Request', env: {}) }
+  let(:services)  { Locomotive::Steam::Services.build_instance(request) }
   let(:context)   { ::Liquid::Context.new(assigns, {}, registers) }
 
   before { allow(services).to receive(:current_site).and_return(site) }

data/spec/unit/liquid/tags/global_section_spec.rb

@@ -2,7 +2,8 @@ require 'spec_helper'
 
 describe Locomotive::Steam::Liquid::Tags::GlobalSection do
 
-  let(:services)      { Locomotive::Steam::Services.build_instance(nil) }
+  let(:request)       { instance_double('Request', env: {}) }
+  let(:services)      { Locomotive::Steam::Services.build_instance(request) }
   let(:finder)        { services.section_finder }
   let(:source)        { 'Locomotive {% global_section header %}' }
   let(:live_editing)  { true }

data/spec/unit/liquid/tags/link_to_spec.rb

@@ -75,6 +75,13 @@ describe Locomotive::Steam::Liquid::Tags::PathTo do
 
       end
 
+      context 'with a custom CSS class' do
+
+        let(:source) { "{% link_to index, locale: 'fr', class: 'button' %}" }
+        it { is_expected.to eq '<a href="/fr" class="button">Accueil</a>' }
+
+      end
+
     end
 
     describe 'used as a block' do

data/spec/unit/liquid/tags/model_form_spec.rb

@@ -34,6 +34,13 @@ describe Locomotive::Steam::Liquid::Tags::ModelForm do
 
   end
 
+  describe 'with recaptcha' do
+
+    let(:source) { "{% model_form 'newsletter_addresses', recaptcha: true %}Newsletter Form{% endmodel_form %}" }
+    it { is_expected.to include %(<input type="hidden" name="g-recaptcha-response" id="g-recaptcha-response" />) }
+
+  end
+
   describe 'json enabled' do
 
     let(:source) { "{% model_form 'newsletter_addresses', json: true %}Newsletter Form{% endmodel_form %}" }