outpost-cms 0.0.3

data/lib/outpost/list/filter.rb

@@ -0,0 +1,37 @@
+##
+# Filter
+#
+module Outpost
+  module List
+    class Filter
+      BOOLEAN_COLLECT = [["Yes", 1], ["No", 0]]
+
+      attr_accessor :attribute, :collection, :title, :list
+      
+      def initialize(attribute, list, options={})
+        @attribute  = attribute.to_s
+        @list       = list
+        @title      = options[:title] || @attribute.titleize
+        
+        collection = options[:collection]
+        @collection = begin
+          case collection
+          when NilClass
+            # TODO Automatically detect column type
+          when Proc
+            collection
+          when Symbol
+            send "_#{collection}_collection"
+          end
+        end
+      end
+      
+
+      private
+      
+      def _boolean_collection
+        -> { BOOLEAN_COLLECT }
+      end
+    end
+  end
+end

data/lib/outpost/list.rb

@@ -0,0 +1,15 @@
+##
+# Outpost::List
+module Outpost
+  module List
+    extend ActiveSupport::Autoload
+
+    DEFAULT_ORDER     = "id"
+    DEFAULT_SORT_MODE = "desc"
+    DEFAULT_PER_PAGE  = 25
+
+    autoload :Base
+    autoload :Column
+    autoload :Filter
+  end
+end

data/lib/outpost/model/authentication.rb

@@ -0,0 +1,34 @@
+module Outpost
+  module Model
+    module Authentication
+      extend ActiveSupport::Concern
+
+      included do
+        has_secure_password
+
+        before_validation :downcase_email, if: -> { self.email_changed? }
+        validates :name, presence: true
+        validates Outpost.config.authentication_attribute, presence: true, uniqueness: true
+      end
+
+      module ClassMethods
+        def authenticate(login, unencrypted_password)
+          if user = self.send("find_by_#{Outpost.config.authentication_attribute}", login)
+            user.authenticate(unencrypted_password)
+          else
+            false
+          end
+        end
+      end
+
+      # Private: Downcase the user's e-mail
+      #
+      # Returns String of the e-mail
+      def downcase_email
+        if self.email.present?
+          self.email = self.email.downcase
+        end
+      end
+    end
+  end
+end

data/lib/outpost/model/authorization.rb

@@ -0,0 +1,32 @@
+module Outpost
+  module Model
+    module Authorization
+      extend ActiveSupport::Concern
+
+      included do
+        has_many :user_permissions
+        has_many :permissions, through: :user_permissions
+      end
+      # Check if a user can manage the passed-in resource(s)
+      #
+      # If multiple resources are passed in, a user must be
+      # allowed to manage ALL of them in order for this to
+      # return true.
+      #
+      # Constants must be passed in.
+      #
+      def can_manage?(*resources)
+        self.is_superuser? or (allowed_resources & resources) == resources
+      end
+
+      #
+      
+      def allowed_resources
+        @allowed_resources ||= begin
+          p = self.is_superuser? ? Permission.all : self.permissions
+          p.map { |p| p.resource.safe_constantize }.compact
+        end
+      end
+    end
+  end
+end

data/lib/outpost/model/identifier.rb

@@ -0,0 +1,39 @@
+##
+# Identifier
+#
+# Some unique keys which can be used for routing
+# and APIs
+module Outpost
+  module Model
+    module Identifier
+      extend ActiveSupport::Concern
+
+      
+      module ClassMethods
+        def content_key
+          if self.respond_to? :table_name
+            self.table_name.gsub(/_/, "/")
+          else
+            self.name.tableize
+          end
+        end
+        
+        # Wrappers for ActiveModel::Naming
+        # NewsStory => news_stories
+        def route_key
+          ActiveModel::Naming.route_key(self)
+        end
+        
+        # NewsStory => news_story
+        def singular_route_key
+          ActiveModel::Naming.singular_route_key(self)
+        end
+      end
+      
+      # Default obj_key pattern
+      def obj_key
+        @obj_key ||= [self.class.content_key,self.id || "new"].join(":")
+      end
+    end # Identifier
+  end # Model
+end # Outpost

data/lib/outpost/model/methods.rb

@@ -0,0 +1,23 @@
+##
+# Outpost::Model::Methods
+#
+# This could be renamed to something more specific
+module Outpost
+  module Model
+    module Methods
+      extend ActiveSupport::Concern
+      
+      def persisted_record
+        @persisted_record ||= begin
+          # If this record isn't persisted, return nil
+          return nil if !self.persisted?
+        
+          # If attributes have been changed, then fetch
+          # the persisted record from the database
+          # Otherwise just use self
+          self.changed? ? self.class.find(self.id) : self
+        end
+      end
+    end # Methods
+  end # Model
+end # Outpost

data/lib/outpost/model/naming.rb

@@ -0,0 +1,63 @@
+##
+# Naming
+#
+# Some methods for naming things, and stuff
+module Outpost
+  module Model
+    module Naming
+      extend ActiveSupport::Concern
+      
+      module ClassMethods
+        # NewsStory => News Story
+        def to_title
+          self.name.demodulize.titleize
+        end
+      end
+      
+      # Convert any AR object into a human-readable title
+      # Tries the attributes in config.title_attributes
+      # And falls back to "BlogEntry #99"
+      #
+      # This allows us to get a human-readable title regardless
+      # of what an object's "title" attribute happens to be.
+      #
+      # To define your own set of attributes, do so with the config
+      #
+      #   Outpost.config.title_attributes = [:title, :full_name]
+      #
+      # The :simple_title method will automatically be added to the array
+      # and acts as the fallback.
+      #
+      # Usage:
+      #
+      #   story = NewsStory.last #=> NewsStory(id: 900, title: "Cool Story, Bro")
+      #   blog  = Blog.last      #=> Blog(id: 5, name: "Some Blog")
+      #   photo = Photo.last     #=> Photo(id: 10, url: "http://photos.com/kitty")
+      #
+      #   story.to_title  #=> "Cool Story, Bro"
+      #   blog.to_title   #=> "Some Blog"
+      #   photo.to_title  #=> "Photo #10"
+      #
+      def title_method
+        @title_method ||= begin
+          attributes = Outpost.config.title_attributes
+          attributes.find { |a| self.respond_to?(a) }
+        end
+      end
+      
+      def to_title
+        @to_title ||= self.send(self.title_method)
+      end
+      
+      def simple_title
+        @simple_title ||= begin
+          if self.new_record?
+            "New #{self.class.to_title}"
+          else
+            "#{self.class.to_title} ##{self.id}"
+          end
+        end
+      end
+    end # Naming
+  end # Model
+end # Outpost

data/lib/outpost/model/routing.rb

@@ -0,0 +1,138 @@
+module Outpost
+  module Model
+    # Routing
+    #
+    # Provides easy access to any object's admin paths,
+    # and any class's admin paths.
+    #
+    # These methods are just delegations to your app's routes.
+    #
+    # Provides alias methods for non-GET routes:
+    #
+    # * admin_index_path => admin_create_path
+    # * admin_show_path  => admin_update_path, admin_destroy_path
+    #
+    # So you can do, for example:
+    #
+    #   POST admin_create_path
+    #
+    # Which would make more sense than `POST admin_index_path`,
+    # even though they are the same path.
+    module Routing
+      extend ActiveSupport::Concern
+      
+      module ClassMethods
+        # /outpost/blog_entries/new
+        def admin_new_path
+          collection_route("new_outpost_#{self.singular_route_key}_path")
+        end
+        
+        # http://kpcc.org/outpost/blog_entries/new
+        def admin_new_url
+          collection_route("new_outpost_#{self.singular_route_key}_url")
+        end
+
+
+        # /outpost/blog_entries
+        def admin_index_path
+          collection_route("outpost_#{self.route_key}_path")
+        end
+        
+        alias_method :admin_create_path, :admin_index_path
+
+        # http://kpcc.org/outpost/blog_entries
+        def admin_index_url
+          collection_route("outpost_#{self.route_key}_url")
+        end
+
+        alias_method :admin_create_url, :admin_index_url
+
+
+        private
+
+        def collection_route(name)
+          Rails.application.routes.url_helpers.send(name)
+        end
+      end
+
+
+      # /outpost/blog_entries/20/edit
+      def admin_edit_path
+          member_route("edit_outpost_#{self.class.singular_route_key}_path")
+      end
+
+      # http://kpcc.org/outpost/blog_entries/20/edit
+      def admin_edit_url
+        member_route("edit_outpost_#{self.class.singular_route_key}_url")
+      end
+
+
+      # /outpost/blog_entries/20
+      def admin_show_path
+        member_route("outpost_#{self.class.singular_route_key}_path")
+      end
+
+      alias_method :admin_update_path, :admin_show_path
+      alias_method :admin_destroy_path, :admin_show_path
+
+      # http://kpcc.org/outpost/blog_entries/20
+      def admin_show_url
+        member_route("outpost_#{self.class.singular_route_key}_url")
+      end
+
+      alias_method :admin_update_url, :admin_show_url
+      alias_method :admin_destroy_url, :admin_show_url
+
+      
+      # Uses self.class::ROUTE_KEY to generate
+      # the front-end path to this object
+      # If an object doesn't have a front-end path,
+      # do not define a ROUTE_KEY on the class.
+      #
+      # If the object isn't public, then leave route_hash 
+      # empty as well.
+      def public_path(options={})
+        if self.route_hash.present? && defined?(self.class::ROUTE_KEY)
+          Rails.application.routes.url_helpers.send(
+            "#{self.class::ROUTE_KEY}_path", options.merge!(self.route_hash))
+        end
+      end
+
+      alias_method :link_path, :public_path
+      deprecate link_path: :public_path
+
+
+      # Override this method manually for each model.
+      # If the object isn't public, then don't override
+      # this method. #public_path checks for the presence
+      # of this object. By leaving it blank, you're also
+      # telling #public_path to be nil.
+      def route_hash
+        {}
+      end
+      
+
+      # http://scpr.org/blogs/2012/...
+      def public_url(options={})
+        if path = self.public_path(options)
+          File.join(
+            "http://#{Rails.application.default_url_options[:host]}", path)
+        end
+      end
+
+      alias_method :remote_link_path, :public_url
+      deprecate remote_link_path: :public_url
+
+
+      private
+
+      # Don't try to build a route if the ID is nil.
+      # Should we instead be checking persistence?
+      def member_route(name)
+        if self.id
+          Rails.application.routes.url_helpers.send(name, self.id)
+        end
+      end
+    end # Routing
+  end # Model
+end # Outpost

data/lib/outpost/model/serializer.rb

@@ -0,0 +1,27 @@
+module Outpost
+  module Model
+    module Serializer
+      extend ActiveSupport::Concern
+      
+      # This method should be overridden
+      # Don't override as_json unless you don't
+      # want its baked-in goodies
+      def json
+        {}
+      end
+      
+      # Define some defaults for as_json
+      # Override +#json+ to add attributes
+      # or override any of these.
+      def as_json(*args)
+        super.merge({
+          "id"         => self.obj_key, 
+          "obj_key"    => self.obj_key,
+          "link_path"  => self.public_path,
+          "to_title"   => self.to_title,
+          "edit_path"  => self.admin_edit_path
+        }).merge(self.json.stringify_keys!)
+      end
+    end # JSON
+  end # Model
+end # Outpost

data/lib/outpost/model.rb

@@ -0,0 +1,22 @@
+##
+# Outpost::Model
+module Outpost
+  module Model
+    extend ActiveSupport::Concern
+    extend ActiveSupport::Autoload
+    
+    autoload :Authentication
+    autoload :Authorization
+    autoload :Methods
+    autoload :Identifier
+    autoload :Routing
+    autoload :Naming
+    autoload :Serializer
+    
+    module ClassMethods
+      def outpost_model
+        include Methods, Identifier, Routing, Naming, Serializer
+      end
+    end # ClassMethods
+  end # Model
+end # Outpost

data/lib/outpost/test.rb

@@ -0,0 +1,21 @@
+# Some test helpers
+
+module Outpost
+  module Test
+    extend self
+
+    # Populate the permissions table.
+    # Especially useful when using truncation strategy.
+    def create_permissions
+      created = []
+
+      Outpost.config.registered_models.each do |model|
+        if !Permission.exists?(resource: model)
+          created << Permission.create(resource: model)
+        end
+      end
+
+      created
+    end
+  end
+end

data/lib/outpost/version.rb

@@ -0,0 +1,3 @@
+module Outpost
+  VERSION = "0.0.3"
+end

data/lib/outpost-cms.rb

@@ -0,0 +1,2 @@
+# Trick rubygems
+require 'outpost'

data/lib/outpost.rb

@@ -0,0 +1,80 @@
+require "outpost/engine"
+
+require 'active_record'
+require 'action_controller'
+require 'action_view'
+require 'action_view/helpers/form_builder'
+
+require 'outpost/config'
+
+module Outpost
+  extend ActiveSupport::Autoload
+  
+  OBJ_KEY_REGEX = %r{([^:]+):(\d+)}
+
+  autoload :Controller
+  autoload :Model
+  autoload :Hook
+  autoload :Helpers
+  autoload :List
+  autoload :Breadcrumb, 'outpost/breadcrumbs'
+  autoload :Breadcrumbs
+
+  class << self
+    attr_writer :config
+    def config
+      @config ||= Outpost::Config.new
+    end
+
+    # TODO can we cache this in development?
+    def user_class
+      config.user_class.constantize
+    end
+
+    #--------------------
+    # Convert key from "app/model:id" to AppModel.find_by_id(id)
+    def obj_by_key(key)
+      if match = match_key(key)
+        model = model_classes[match[1]]
+        model.find_by_id(match[2]) if model
+      end
+    end
+
+    #--------------------
+    # Same as #obj_by_key, but raises ActiveRecord::RecordNotFound
+    # if no object is found or if key doesn't match.
+    def obj_by_key!(key)
+      obj_by_key(key) or raise ActiveRecord::RecordNotFound
+    end
+
+
+    private
+
+    def match_key(key)
+      key.to_s.match(OBJ_KEY_REGEX)
+    end
+
+    #--------------------
+    
+    def model_classes
+      @model_classes ||= begin
+        klasses = {}
+        
+        Outpost.config.registered_models.each do |name|
+          klass = name.constantize
+          klasses.merge!(klass.content_key => klass)
+        end
+        
+        klasses
+      end
+    end
+  end
+end
+
+if defined?(ActiveRecord::Base)
+  ActiveRecord::Base.send :include, Outpost::Model
+end
+
+if defined?(ActionController::Base)
+  ActionController::Base.send :include, Outpost::Controller
+end

data/lib/tasks/outpost_tasks.rake

@@ -0,0 +1,7 @@
+namespace :outpost do
+  desc "Update Permissions table with Outpost registered models"
+  task :permissions => [:environment] do
+    added = Outpost::Test.create_permissions
+    puts "Added: #{added}"
+  end
+end

data/spec/controllers/authentication_spec.rb

@@ -0,0 +1,62 @@
+require 'spec_helper'
+
+describe Outpost::PeopleController do
+  describe "current_user" do
+    it "looks up the ID stored in the session" do
+      user = create :user
+      controller.session[:user_id] = user.id
+      controller.current_user.should eq user
+    end
+    
+    it "only finds user where can_login is true" do
+      user = create :user, can_login: true
+      controller.session[:user_id] = user.id
+      controller.current_user.should eq user
+      
+      controller.instance_variable_set(:@current_user, nil)
+      nologin_user = create :user, can_login: false
+      controller.session[:user_id] = nologin_user.id
+      controller.current_user.should eq nil
+    end
+    
+    it "returns nil if session is blank" do
+      controller.session[:user_id] = nil
+      controller.current_user.should eq nil
+    end
+    
+    it "unsets the session and returns false if the user isn't found" do
+      controller.session[:user_id] = 999
+      controller.current_user.should eq nil
+      controller.session[:user_id].should eq nil
+      controller.instance_variable_get(:@current_user).should eq nil
+    end
+  end
+  
+  #-----------------
+  
+  describe "require_login" do
+    context "current_user true" do
+      it "returns nil" do
+        user = create :user
+        controller.stub(:current_user) { user }
+        controller.require_login.should eq nil
+      end
+    end
+    
+    context "current_user false" do      
+      before :each do
+        controller.stub(:current_user) { nil }
+        controller.request.stub(:fullpath) { "/home" }
+        get :index
+      end
+      
+      it "sets the return_to to the request path" do
+        controller.session[:return_to].should eq "/home"
+      end
+    
+      it "redirects to login path if current_user is false" do
+        controller.response.should redirect_to outpost_login_path
+      end
+    end
+  end
+end