noodall-ui 0.0.22 → 0.1.0

data/app/controllers/noodall/admin/assets_controller.rb

@@ -97,7 +97,6 @@ module Noodall
       end
 
       def create
-        logger.debug  request.inspect
         @asset = Asset.new(params[:asset])
 
         respond_to do |format|

data/app/controllers/noodall/nodes_controller.rb

@@ -1,12 +1,19 @@
 module Noodall
   class NodesController < ApplicationController
+    include Canable::Enforcers
     rescue_from MongoMapper::DocumentNotFound, ActionView::MissingTemplate, :with => :render_404
+    rescue_from Canable::Transgression, :with => :permission_denied
 
     def show
       if flash.any? or published_states_changed_since_global_update? or stale?(:last_modified => GlobalUpdateTime::Stamp.read, :public => true)
         permalink = params[:permalink].is_a?(String) ? params[:permalink] : params[:permalink].join('/')
-
         @node = Node.find_by_permalink(permalink)
+
+        #Check view permissions
+        enforce_view_permission(@node) if anybody_signed_in?
+        #Set cache control to private if this page has restricted permisions
+        response.cache_control[:public] = false if @node.viewable_groups.any?
+
         @page_title = @node.title
         @page_description = @node.description
         @page_keywords = @node.keywords
@@ -16,7 +23,6 @@ module Noodall
           format.any { render "nodes/#{@node.class.name.underscore}" }
         end
       end
-
     end
 
     def sitemap
@@ -32,7 +38,7 @@ module Noodall
       @page_title = 'Searching: '+ params[:q]
     end
 
-  protected
+    protected
 
     def published_states_changed_since_global_update?
       if Node.count(:published_at => { :$gte => GlobalUpdateTime::Stamp.read, :$lte => Time.zone.now }).zero? and Node.count(:published_to => { :$gte => GlobalUpdateTime::Stamp.read, :$lte => Time.zone.now }).zero?
@@ -45,11 +51,15 @@ module Noodall
 
     def render_404(exception = nil)
       if exception
-          logger.info "Rendering 404: #{exception.message}"
+        logger.info "Rendering 404: #{exception.message}"
       end
 
       render :file => "#{Rails.root}/public/404.html", :status => 404, :layout => false, :content_type => "text/html"
     end
 
+    def permission_denied
+      flash[:error] = "You do not have permission to do that"
+      redirect_to root_url
+    end
   end
 end

data/app/views/noodall/admin/nodes/show.html.erb

@@ -105,6 +105,10 @@
                   <th><%= f.label :destroyable_groups_list, "Delete" %></th>
                   <td><%= f.text_field :destroyable_groups_list, :class => "groups-completer" %></td>
                 </tr>
+                <tr>
+                  <th><%= f.label :viewable_groups_list, "View" %></th>
+                  <td><%= f.text_field :viewable_groups_list, :class => "groups-completer" %></td>
+                </tr>
               </tbody>
             </table>
             </span>

data/demo/controllers/application_controller.rb

@@ -19,4 +19,8 @@ class ApplicationController < ActionController::Base
   def authenticate_user!
     true
   end
+
+  def anybody_signed_in?
+    true
+  end
 end

data/demo/models/page_a.rb

@@ -6,4 +6,5 @@ class PageA < Noodall::Node
   small_slots 4
   wide_slots 3
 
+  searchable_keys :title, :body, :description, :keywords
 end

data/demo/models/page_b.rb

@@ -1,4 +1,5 @@
 class PageB < Noodall::Node
   main_slots 1
   wide_slots 3
+  searchable_keys :title, :body, :description, :keywords
 end

data/demo/models/page_c.rb

@@ -4,4 +4,5 @@ class PageC < Noodall::Node
 
   main_slots 1
   wide_slots 3
+  searchable_keys :title, :body, :description, :keywords
 end

data/demo/seeds.rb

@@ -3,6 +3,6 @@ Factory(:page_a, :title => "Home", :publish => true)
 5.times do |i|
   page = Factory(:page_c, :publish => true)
   4.times do |i|
-    Factory(:page_b, :publish => true, :parent => page)
+    Factory(:page_c, :publish => true, :parent => page)
   end
 end

data/demo/views/layouts/application.html.erb

@@ -3,7 +3,7 @@
 <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
 
 <!--
-  HTML5 - When your ready to do so 
+  HTML5 - When your ready to do so
   <!doctype html>
   <html lang="en">
 -->
@@ -12,12 +12,12 @@
 
 <title><%#= Settings.site_name %> - <%= page_title %></title>
 
-<!-- Always force latest IE rendering engine (even in intranet) & Chrome Frame 
+<!-- Always force latest IE rendering engine (even in intranet) & Chrome Frame
      Remove this if you use the .htaccess -->
 <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
 
 <!--  Mobile Viewport Fix
-      j.mp/mobileviewport & davidbcalhoun.com/2010/viewport-metatag 
+      j.mp/mobileviewport & davidbcalhoun.com/2010/viewport-metatag
 device-width : Occupy full width of the screen in its current orientation
 initial-scale = 1.0 retains dimensions instead of zooming out if page height > device height
 maximum-scale = 1.0 retains dimensions instead of zooming in if page width < device width
@@ -52,16 +52,16 @@ maximum-scale = 1.0 retains dimensions instead of zooming in if page width < dev
     google.load("jquery", "1.4");
     google.load("swfobject", "2.2");
   </script>
-  
+
   <%= javascript_include_tag 'rails', 'cufon-yui', 'fancybox', 'carousel.lite', 'application' %>
   <%= csrf_meta_tag %>
-  
+
 <!-- so:JavaScripts -->
 
 <%= yield :head %>
 
-<!-- 
-    Asynchronous google analytics: mathiasbynens.be/notes/async-analytics-snippet 
+<!--
+    Asynchronous google analytics: mathiasbynens.be/notes/async-analytics-snippet
     change the UA-XXXXX-X to be your site's ID
     Now at the top cos google said so!
 -->
@@ -95,6 +95,7 @@ maximum-scale = 1.0 retains dimensions instead of zooming in if page width < dev
     <!-- so:main-navigation -->
 
     <div id="content">
+      <%= flash_messages %>
       <%= yield %>
     </div>
 
@@ -102,7 +103,7 @@ maximum-scale = 1.0 retains dimensions instead of zooming in if page width < dev
       <%= text_field_tag :q, params[:q], :value => 'Enter keyword(s) here'  %>
       <%= submit_tag 'Search' %>
     <% end %>
-    
+
     <div id="footer">
       <!-- so:main-navigation -->
         <ul class="nav" id="footer-nav">

data/features/step_definitions/asset_steps.rb

@@ -55,6 +55,7 @@ When /^I click the editor "([^"]*)" button$/ do |button_name|
 end
 
 When /^I click "([^"]*)" on an Asset$/ do |button_name|
+  sleep 3
   within('#browser-list ul li:first') do
     click_link button_name
   end

data/features/step_definitions/component_steps.rb

@@ -20,7 +20,7 @@ When /^(?:|I )fill in the following within the component:$/ do |fields|
   within "#fancybox-inner" do
     fields.rows_hash.each do |name, value|
       When %{I fill in "#{name}" with "#{value}"}
-    end 
+    end
   end
 end
 
@@ -28,6 +28,7 @@ When /^(?:|I )press "([^"]*)" within the component$/ do |button|
   within "#fancybox-inner" do
     click_button(button)
   end
+  sleep 3
 end
 
 When /^(?:|I )select an image from the asset library$/ do
@@ -59,7 +60,7 @@ Then /^I add some images to from the asset library$/ do
   5.times do |i|
     Factory(:asset, :title => "Image #{i}")
   end
-  page.find(:css, 'span.add-multi-asset').click 
+  page.find(:css, 'span.add-multi-asset').click
   3.times do |i|
     within "#asset-browser li:nth(#{i + 1})" do
       click_link "Add"

data/features/step_definitions/groups_access_steps.rb

@@ -2,15 +2,17 @@ Then /^I should be able to set the permissions on that content$/ do
   fill_in "Update", :with => "Them, Us, Things"
   fill_in "Delete", :with => "Us, Things, Stuff"
   fill_in "Publish", :with => "Us, Stuff"
+  fill_in "View", :with => "Us, Stuff"
   click_button "Publish"
   @_content.reload
   @_content.updatable_groups.should == ['Them', 'Us', 'Things']
   @_content.destroyable_groups.should == ['Us', 'Things', 'Stuff']
   @_content.publishable_groups.should == ['Us', 'Stuff']
+  @_content.viewable_groups.should == ['Us', 'Stuff']
 end
 
 Given(/^content's ([^\"]*) is set to "([^\"]*)" and "([^\"]*)"$/) do |permission, group1, group2|
-  @_content = Factory(:page_a, "#{permission.downcase.gsub(/e$/,'')}able_groups" => [group1, group2], :hide => true)
+  @_content = Factory(:page_a, "#{permission.downcase.gsub(/e$/,'')}able_groups" => [group1, group2], :publish => true)
 end
 
 Then(/^only users in the "([^\"]*)" and "([^\"]*)" should be able to ([^\"]*) content$/) do |group1, group2, actions|
@@ -37,6 +39,10 @@ Then(/^only users in the "([^\"]*)" and "([^\"]*)" should be able to ([^\"]*) co
         rescue Capybara::ElementNotFound => e
           raise Canable::Transgression # Raise this if we can't find the button
         end
+      when "View"
+        # Create a home page so there is something to redirect to
+        Factory(:home, :title => 'Home', :publish => true, :body => "Hello this is home")
+        visit node_path(@_content)
       end
     end
     Then %{I sign out} #Neeed to do this or remeber cookie gets in the way
@@ -60,6 +66,9 @@ Then(/^users not in the "([^\"]*)" and "([^\"]*)" should not be able to ([^\"]*)
   when "Publish"
     visit noodall_admin_node_path(@_content)
     lambda { click_button "Publish" }.should raise_error(Capybara::ElementNotFound)
+  when "View"
+    visit node_path(@_content)
+    page.should have_content("You do not have permission to do that")
   end
 end
 

data/lib/noodall/ui/version.rb

@@ -1,5 +1,5 @@
 module Noodall
   module UI
-    VERSION = "0.0.22"
+    VERSION = "0.1.0"
   end
 end

metadata

@@ -1,13 +1,13 @@
 --- !ruby/object:Gem::Specification 
 name: noodall-ui
 version: !ruby/object:Gem::Version 
-  hash: 51
+  hash: 27
   prerelease: 
   segments: 
   - 0
+  - 1
   - 0
-  - 22
-  version: 0.0.22
+  version: 0.1.0
 platform: ruby
 authors: 
 - Steve England
@@ -15,7 +15,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2011-01-06 00:00:00 +00:00
+date: 2011-01-12 00:00:00 +00:00
 default_executable: 
 dependencies: 
 - !ruby/object:Gem::Dependency