RubyGems - pages_core - Versions diffs - 3.13.0 → 3.15.0 - Mend

pages_core 3.13.0 → 3.15.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (257) hide show

checksums.yaml +4 -4
data/VERSION +1 -1
data/app/assets/builds/pages_core/admin-dist.js +19 -8
data/app/assets/builds/pages_core/admin-dist.js.map +4 -4
data/app/assets/builds/pages_core/admin.css +704 -388
data/app/assets/fonts/Inter-Black.woff2 +0 -0
data/app/assets/fonts/Inter-BlackItalic.woff2 +0 -0
data/app/assets/fonts/Inter-Bold.woff2 +0 -0
data/app/assets/fonts/Inter-BoldItalic.woff2 +0 -0
data/app/assets/fonts/Inter-ExtraBold.woff2 +0 -0
data/app/assets/fonts/Inter-ExtraBoldItalic.woff2 +0 -0
data/app/assets/fonts/Inter-ExtraLight.woff2 +0 -0
data/app/assets/fonts/Inter-ExtraLightItalic.woff2 +0 -0
data/app/assets/fonts/Inter-Italic.woff2 +0 -0
data/app/assets/fonts/Inter-Light.woff2 +0 -0
data/app/assets/fonts/Inter-LightItalic.woff2 +0 -0
data/app/assets/fonts/Inter-Medium.woff2 +0 -0
data/app/assets/fonts/Inter-MediumItalic.woff2 +0 -0
data/app/assets/fonts/Inter-Regular.woff2 +0 -0
data/app/assets/fonts/Inter-SemiBold.woff2 +0 -0
data/app/assets/fonts/Inter-SemiBoldItalic.woff2 +0 -0
data/app/assets/fonts/Inter-Thin.woff2 +0 -0
data/app/assets/fonts/Inter-ThinItalic.woff2 +0 -0
data/app/assets/fonts/InterDisplay-Black.woff2 +0 -0
data/app/assets/fonts/InterDisplay-BlackItalic.woff2 +0 -0
data/app/assets/fonts/InterDisplay-Bold.woff2 +0 -0
data/app/assets/fonts/InterDisplay-BoldItalic.woff2 +0 -0
data/app/assets/fonts/InterDisplay-ExtraBold.woff2 +0 -0
data/app/assets/fonts/InterDisplay-ExtraBoldItalic.woff2 +0 -0
data/app/assets/fonts/InterDisplay-ExtraLight.woff2 +0 -0
data/app/assets/fonts/InterDisplay-ExtraLightItalic.woff2 +0 -0
data/app/assets/fonts/InterDisplay-Italic.woff2 +0 -0
data/app/assets/fonts/InterDisplay-Light.woff2 +0 -0
data/app/assets/fonts/InterDisplay-LightItalic.woff2 +0 -0
data/app/assets/fonts/InterDisplay-Medium.woff2 +0 -0
data/app/assets/fonts/InterDisplay-MediumItalic.woff2 +0 -0
data/app/assets/fonts/InterDisplay-Regular.woff2 +0 -0
data/app/assets/fonts/InterDisplay-SemiBold.woff2 +0 -0
data/app/assets/fonts/InterDisplay-SemiBoldItalic.woff2 +0 -0
data/app/assets/fonts/InterDisplay-Thin.woff2 +0 -0
data/app/assets/fonts/InterDisplay-ThinItalic.woff2 +0 -0
data/app/assets/fonts/InterVariable-Italic.woff2 +0 -0
data/app/assets/fonts/InterVariable.woff2 +0 -0
data/app/assets/stylesheets/pages_core/admin/components/archive.css +1 -1
data/app/assets/stylesheets/pages_core/admin/components/attachments.css +22 -34
data/app/assets/stylesheets/pages_core/admin/components/base.css +1 -68
data/app/assets/stylesheets/pages_core/admin/components/forms.css +107 -48
data/app/assets/stylesheets/pages_core/admin/components/header.css +56 -58
data/app/assets/stylesheets/pages_core/admin/components/image_editor.css +35 -24
data/app/assets/stylesheets/pages_core/admin/components/image_grid.css +28 -27
data/app/assets/stylesheets/pages_core/admin/components/image_uploader.css +5 -5
data/app/assets/stylesheets/pages_core/admin/components/layout.css +7 -1
data/app/assets/stylesheets/pages_core/admin/components/list_table.css +24 -15
data/app/assets/stylesheets/pages_core/admin/components/page_tree.css +63 -104
data/app/assets/stylesheets/pages_core/admin/components/pagination.css +12 -13
data/app/assets/stylesheets/pages_core/admin/components/search.css +1 -16
data/app/assets/stylesheets/pages_core/admin/components/sidebar.css +5 -11
data/app/assets/stylesheets/pages_core/admin/components/tag_editor.css +22 -36
data/app/assets/stylesheets/pages_core/admin/components/toast.css +1 -2
data/app/assets/stylesheets/pages_core/admin/components/toolbar.css +10 -10
data/app/assets/stylesheets/pages_core/admin/components/totp.css +26 -0
data/app/assets/stylesheets/pages_core/admin/controllers/pages.css +37 -51
data/app/assets/stylesheets/pages_core/admin/global/fonts.css +271 -0
data/app/assets/stylesheets/pages_core/admin/global/typography.css +109 -0
data/app/assets/stylesheets/pages_core/admin/vars.css +1 -3
data/app/assets/stylesheets/pages_core/admin.postcss.css +1 -0
data/app/controllers/admin/account_recoveries_controller.rb +87 -0
data/app/controllers/admin/invites_controller.rb +3 -2
data/app/controllers/admin/otp_secrets_controller.rb +45 -0
data/app/controllers/admin/pages_controller.rb +22 -42
data/app/controllers/admin/recovery_codes_controller.rb +32 -0
data/app/controllers/admin/sessions_controller.rb +65 -0
data/app/controllers/admin/users_controller.rb +2 -8
data/app/controllers/concerns/pages_core/authentication.rb +12 -10
data/app/controllers/concerns/pages_core/error_reporting.rb +1 -1
data/app/controllers/concerns/pages_core/page_parameters.rb +29 -0
data/app/controllers/concerns/pages_core/policies_helper.rb +1 -1
data/app/controllers/concerns/pages_core/preview_pages_controller.rb +20 -20
data/app/controllers/pages_core/admin_controller.rb +1 -3
data/app/controllers/pages_core/frontend/pages_controller.rb +2 -6
data/app/formatters/pages_core/html_formatter.rb +2 -4
data/app/helpers/admin/menu_helper.rb +5 -4
data/app/helpers/admin/pages_helper.rb +1 -21
data/app/helpers/pages_core/admin/admin_helper.rb +13 -3
data/app/helpers/pages_core/admin/content_tabs_helper.rb +1 -2
data/app/helpers/pages_core/admin/labelled_field_helper.rb +1 -1
data/app/helpers/pages_core/frontend_helper.rb +1 -1
data/app/helpers/pages_core/images_helper.rb +10 -8
data/app/helpers/pages_core/labelled_form_builder.rb +2 -7
data/app/helpers/pages_core/page_path_helper.rb +1 -1
data/app/javascript/components/Attachments/Attachment.tsx +20 -18
data/app/javascript/components/Attachments/AttachmentEditor.tsx +11 -9
data/app/javascript/components/{Attachments.jsx → Attachments/List.tsx} +58 -63
data/app/javascript/components/Attachments/useAttachments.ts +15 -0
data/app/javascript/components/Attachments.tsx +14 -0
data/app/javascript/components/DateRangeSelect.tsx +105 -0
data/app/javascript/components/DateTimeSelect.tsx +136 -0
data/app/javascript/components/EditableImage.tsx +11 -9
data/app/javascript/components/FileUploadButton.tsx +7 -7
data/app/javascript/components/ImageCropper/FocalPoint.tsx +9 -12
data/app/javascript/components/ImageCropper/Image.tsx +10 -8
data/app/javascript/components/ImageCropper/Toolbar.tsx +11 -12
data/app/javascript/components/ImageCropper/useCrop.ts +24 -53
data/app/javascript/components/ImageCropper.tsx +10 -15
data/app/javascript/components/ImageEditor/Form.tsx +12 -8
data/app/javascript/components/ImageEditor.tsx +12 -7
data/app/javascript/components/ImageGrid/DragElement.tsx +9 -12
data/app/javascript/components/{ImageGrid.jsx → ImageGrid/Grid.tsx} +62 -71
data/app/javascript/components/ImageGrid/GridImage.tsx +22 -23
data/app/javascript/components/ImageGrid/Placeholder.tsx +2 -2
data/app/javascript/components/ImageGrid/useImageGrid.ts +26 -0
data/app/javascript/components/ImageGrid.tsx +15 -0
data/app/javascript/components/ImageUploader.tsx +35 -22
data/app/javascript/components/LabelledField.tsx +34 -0
data/app/javascript/components/Modal.tsx +2 -2
data/app/javascript/components/PageForm/Block.tsx +81 -0
data/app/javascript/components/PageForm/Content.tsx +54 -0
data/app/javascript/components/PageForm/Dates.tsx +66 -0
data/app/javascript/components/PageForm/Files.tsx +28 -0
data/app/javascript/components/PageForm/Form.tsx +41 -0
data/app/javascript/components/PageForm/Images.tsx +28 -0
data/app/javascript/components/PageForm/LocaleLinks.tsx +36 -0
data/app/javascript/components/PageForm/Metadata.tsx +67 -0
data/app/javascript/components/PageForm/Options.tsx +180 -0
data/app/javascript/components/PageForm/PageDescription.tsx +48 -0
data/app/javascript/components/PageForm/PathSegment.tsx +65 -0
data/app/javascript/components/PageForm/TabPanel.tsx +21 -0
data/app/javascript/components/PageForm/Tabs.tsx +33 -0
data/app/javascript/components/PageForm/UnconfiguredContent.tsx +42 -0
data/app/javascript/components/PageForm/pageParams.ts +95 -0
data/app/javascript/components/PageForm/preview.ts +23 -0
data/app/javascript/components/PageForm/usePage.ts +169 -0
data/app/javascript/components/PageForm/useTabs.ts +46 -0
data/app/javascript/components/PageForm.tsx +163 -0
data/app/javascript/components/PageImages.tsx +7 -9
data/app/javascript/components/PageTree/Draggable.tsx +40 -39
data/app/javascript/components/PageTree/Node.tsx +62 -56
data/app/javascript/components/PageTree/PageName.tsx +28 -0
data/app/javascript/components/PageTree.tsx +65 -53
data/app/javascript/components/{RichTextArea.jsx → RichTextArea.tsx} +98 -79
data/app/javascript/components/RichTextToolbarButton.tsx +4 -6
data/app/javascript/components/TagEditor/AddTagForm.tsx +19 -12
data/app/javascript/components/TagEditor/Editor.tsx +32 -0
data/app/javascript/components/TagEditor/Tag.tsx +6 -4
data/app/javascript/components/TagEditor/useTags.ts +58 -0
data/app/javascript/components/TagEditor.tsx +8 -58
data/app/javascript/components/Toast.tsx +3 -3
data/app/javascript/components/drag/draggedOrder.ts +22 -14
data/app/javascript/components/drag/useDragCollection.ts +35 -30
data/app/javascript/components/drag/useDragUploader.ts +32 -21
data/app/javascript/components/drag/useDraggable.ts +7 -6
data/app/javascript/components/drag.ts +0 -1
data/app/javascript/components.ts +1 -3
data/app/javascript/features/RichText.tsx +2 -3
data/app/javascript/features/contentTabs.ts +79 -0
data/app/javascript/index.ts +5 -14
data/app/javascript/lib/Tree.ts +31 -45
data/app/javascript/lib/request.ts +11 -11
data/app/javascript/stores/useToastStore.ts +1 -1
data/app/javascript/types/Attachments.ts +29 -0
data/app/javascript/types/Crop.ts +36 -0
data/app/javascript/types/Drag.ts +34 -0
data/app/javascript/types/Images.ts +47 -0
data/app/javascript/types/PageEditor.ts +26 -0
data/app/javascript/types/Pages.ts +75 -0
data/app/javascript/types/Tags.ts +9 -0
data/app/javascript/types/Template.ts +24 -0
data/app/javascript/types/Trees.ts +19 -0
data/app/javascript/types.ts +2 -25
data/app/mailers/admin_mailer.rb +2 -2
data/app/models/attachment.rb +1 -1
data/app/models/concerns/pages_core/authenticable_user.rb +63 -0
data/app/models/concerns/pages_core/emailable.rb +16 -0
data/app/models/concerns/pages_core/page_model/templateable.rb +2 -16
data/app/models/invite.rb +2 -6
data/app/models/otp_secret.rb +101 -0
data/app/models/page.rb +0 -3
data/app/models/user.rb +2 -68
data/app/policies/page_policy.rb +6 -2
data/app/policies/user_policy.rb +4 -0
data/app/resources/admin/page_resource.rb +95 -0
data/app/resources/admin/page_tree_resource.rb +27 -0
data/app/resources/admin/template_configuration_resource.rb +50 -0
data/app/views/admin/account_recoveries/new.html.erb +22 -0
data/app/views/admin/account_recoveries/show.html.erb +37 -0
data/app/views/admin/invites/show.html.erb +1 -1
data/app/views/admin/news/_sidebar.html.erb +2 -4
data/app/views/admin/news/index.html.erb +0 -1
data/app/views/admin/otp_secrets/create.html.erb +7 -0
data/app/views/admin/otp_secrets/new.html.erb +60 -0
data/app/views/admin/pages/_form.html.erb +10 -30
data/app/views/admin/pages/_search_bar.html.erb +1 -1
data/app/views/admin/pages/edit.html.erb +1 -57
data/app/views/admin/pages/index.html.erb +1 -1
data/app/views/admin/pages/new.html.erb +1 -44
data/app/views/admin/recovery_codes/_codes.html.erb +14 -0
data/app/views/admin/recovery_codes/create.html.erb +7 -0
data/app/views/admin/recovery_codes/new.html.erb +11 -0
data/app/views/admin/sessions/_otp_form.html.erb +13 -0
data/app/views/admin/sessions/new.html.erb +31 -0
data/app/views/admin/sessions/verify_otp.html.erb +19 -0
data/app/views/admin/users/_access_control.html.erb +5 -1
data/app/views/admin/users/_list.html.erb +12 -7
data/app/views/admin/users/edit.html.erb +31 -1
data/app/views/admin/users/new.html.erb +1 -1
data/app/views/admin_mailer/account_recovery.text.erb +10 -0
data/app/views/layouts/admin/_header.html.erb +3 -5
data/app/views/layouts/admin/_page_header.html.erb +1 -2
data/app/views/layouts/admin/_toast.html.erb +12 -0
data/app/views/layouts/admin.html.erb +2 -2
data/config/locales/en.yml +11 -7
data/config/routes.rb +13 -12
data/db/migrate/20240126160700_add_2fa_fields.rb +26 -0
data/db/migrate/20240129201300_remove_password_reset_tokens.rb +13 -0
data/db/migrate/20240131140700_change_email_to_citext.rb +18 -0
data/db/migrate/20240201160700_remove_persistent_data.rb +7 -0
data/db/migrate/20240508145300_remove_categories.rb +21 -0
data/lib/pages_core/configuration/base.rb +2 -2
data/lib/pages_core/templates/configuration.rb +1 -1
data/lib/pages_core/templates/configuration_proxy.rb +2 -2
data/lib/pages_core/templates/template_configuration.rb +11 -1
data/lib/pages_core/templates.rb +6 -4
data/lib/pages_core/version.rb +1 -1
data/lib/pages_core.rb +6 -0
data/lib/rails/generators/pages_core/frontend/templates/javascript/lib/gridOverlay.ts +6 -7
data/lib/rails/generators/pages_core/frontend/templates/javascript/lib/responsiveEmbeds.ts +17 -12
data/lib/rails/generators/pages_core/rspec/rspec_generator.rb +0 -2
data/lib/rails/generators/pages_core/rspec/templates/rails_helper.rb +3 -4
metadata +143 -35
data/app/assets/stylesheets/pages_core/admin/components/login.css +0 -33
data/app/controllers/admin/categories_controller.rb +0 -56
data/app/controllers/admin/password_resets_controller.rb +0 -85
data/app/controllers/concerns/pages_core/admin/persistent_params.rb +0 -75
data/app/controllers/sessions_controller.rb +0 -27
data/app/helpers/pages_core/admin/page_blocks_helper.rb +0 -66
data/app/helpers/pages_core/admin/page_json_helper.rb +0 -23
data/app/javascript/components/DateRangeSelect.jsx +0 -225
data/app/javascript/components/PageDates.jsx +0 -73
data/app/javascript/components/PageFiles.jsx +0 -25
data/app/javascript/components/PageTree/types.ts +0 -15
data/app/javascript/components/drag/types.ts +0 -28
data/app/javascript/controllers/EditPageController.ts +0 -22
data/app/javascript/controllers/LoginController.ts +0 -32
data/app/javascript/controllers/MainController.ts +0 -74
data/app/javascript/controllers/PageOptionsController.js +0 -67
data/app/models/category.rb +0 -22
data/app/models/page_category.rb +0 -6
data/app/models/password_reset_token.rb +0 -34
data/app/views/admin/pages/_edit_content.html.erb +0 -19
data/app/views/admin/pages/_edit_files.html.erb +0 -4
data/app/views/admin/pages/_edit_images.html.erb +0 -4
data/app/views/admin/pages/_edit_metadata.html.erb +0 -35
data/app/views/admin/pages/_edit_options.html.erb +0 -91
data/app/views/admin/password_resets/show.html.erb +0 -21
data/app/views/admin/users/login.html.erb +0 -65
data/app/views/admin_mailer/password_reset.text.erb +0 -11
data/lib/rails/generators/pages_core/rspec/templates/mailer_macros.rb +0 -11

data/app/models/concerns/pages_core/page_model/templateable.rb CHANGED Viewed

@@ -29,21 +29,6 @@ module PagesCore
           template
       end
-      def unconfigured_blocks
-        blocks = (localizations.where(locale:).pluck(:name)
-                               .map(&:to_sym) -
-                  configured_blocks) &
-                 PagesCore::Templates::TemplateConfiguration.all_blocks
-        if block_given?
-          blocks.each do |block_name|
-            yield block_name, template_config.block(block_name)
-          end
-        end
-        blocks
-      end
       private
       def configured_blocks
@@ -69,8 +54,9 @@ module PagesCore
       end
       def base_template
+        reject_words = %w[index list archive liste arkiv]
         template.split("_")
-                .reject { |w| %w[index list archive liste arkiv].include?(w) }
+                .reject { |w| reject_words.include?(w) }
                 .join(" ")
       end

data/app/models/invite.rb CHANGED Viewed

@@ -1,6 +1,7 @@
 # frozen_string_literal: true
 class Invite < ApplicationRecord
+  include PagesCore::Emailable
   include PagesCore::HasRoles
   belongs_to :user
@@ -8,11 +9,6 @@ class Invite < ApplicationRecord
   before_validation :ensure_token
-  validates :email,
-            presence: true,
-            format: { with: /\A([^@\s]+)@((?:[-a-z0-9]+\.)+[a-z]{2,})\Z/i },
-            uniqueness: { case_sensitive: false }
   validates :token, presence: true
   validate :user_already_exists
@@ -24,7 +20,7 @@ class Invite < ApplicationRecord
   end
   def user_already_exists
-    return unless User.find_by_email(email)
+    return unless User.find_by(email:)
     errors.add(:email, :taken)
   end

data/app/models/otp_secret.rb ADDED Viewed

@@ -0,0 +1,101 @@
+# frozen_string_literal: true
+class OtpSecret
+  attr_reader :user, :secret
+  def initialize(user)
+    @user = user
+    @secret = user.otp_secret
+  end
+  def account_name
+    user.email
+  end
+  def disable!
+    user.update(otp_enabled: false,
+                otp_secret: nil,
+                last_otp_at: nil,
+                recovery_codes: [])
+  end
+  def enable!(recovery_codes)
+    user.update(otp_enabled: true,
+                otp_secret: secret,
+                last_otp_at: Time.zone.now,
+                recovery_codes:)
+  end
+  def generate
+    @secret = ROTP::Base32.random
+  end
+  def generate_recovery_codes
+    Array.new(10) { SecureRandom.alphanumeric(16) }
+  end
+  def provisioning_uri
+    totp.provisioning_uri(account_name)
+  end
+  def regenerate_recovery_codes!
+    generate_recovery_codes.tap do |recovery_codes|
+      user.update(recovery_codes:)
+    end
+  end
+  def signed_message
+    message_verifier.generate(
+      { user_id: user.id, secret: }, expires_in: 1.hour
+    )
+  end
+  def validate_otp!(code)
+    return false unless valid_otp?(code)
+    user.update(last_otp_at: Time.zone.now)
+    true
+  end
+  def validate_otp_or_recovery_code!(code)
+    if /^[\d]{6}$/.match?(code)
+      validate_otp!(code)
+    else
+      validate_recovery_code!(code)
+    end
+  end
+  def validate_recovery_code!(code)
+    user.use_recovery_code!(code)
+  end
+  def verify(params)
+    @secret = verify_secret(params[:signed_message])
+    valid_otp?(params[:otp])
+  end
+  private
+  def message_verifier
+    Rails.application.message_verifier(:otp_secret)
+  end
+  def totp
+    ROTP::TOTP.new(secret, issuer: PagesCore.config.site_name)
+  end
+  def valid_otp?(otp)
+    if user.otp_enabled?
+      totp.verify(otp, after: user.last_otp_at, drift_behind: 10)
+    else
+      totp.verify(otp, drift_behind: 10)
+    end
+  end
+  def verify_secret(signed)
+    payload = message_verifier.verify(signed).symbolize_keys
+    raise "Wrong user" unless payload[:user_id] == user.id
+    payload[:secret]
+  end
+end

data/app/models/page.rb CHANGED Viewed

@@ -25,9 +25,6 @@ class Page < ApplicationRecord
              optional: true,
              inverse_of: :pages
-  has_many :page_categories, dependent: :destroy
-  has_many :categories, through: :page_categories
   validates(:unique_name,
             format: { with: /\A[\w\d_-]+\z/,
                       allow_blank: true },

data/app/models/user.rb CHANGED Viewed

@@ -1,10 +1,10 @@
 # frozen_string_literal: true
 class User < ApplicationRecord
+  include PagesCore::AuthenticableUser
+  include PagesCore::Emailable
   include PagesCore::HasRoles
-  attr_accessor :password, :confirm_password
   belongs_to(:creator,
              class_name: "User",
              foreign_key: "created_by",
@@ -16,54 +16,18 @@ class User < ApplicationRecord
            dependent: :nullify,
            inverse_of: :creator)
   has_many :pages, dependent: :nullify
-  has_many :password_reset_tokens, dependent: :destroy
   has_many :roles, dependent: :destroy
   has_many :invites, dependent: :destroy
   belongs_to_image :image, foreign_key: :image_id, optional: true
-  serialize :persistent_data
   validates :name, presence: true
-  validates :email,
-            presence: true,
-            format: { with: /\A([^@\s]+)@((?:[-a-z0-9]+\.)+[a-z]{2,})\Z/i },
-            uniqueness: { case_sensitive: false }
-  validates :password, presence: true, on: :create
-  validates :password, length: { minimum: 8 }, allow_blank: true
-  validate :confirm_password_must_match
-  before_validation :hash_password
   before_create :ensure_first_user_has_all_roles
   scope :by_name,     -> { order("name ASC") }
   scope :activated,   -> { by_name.includes(:roles).where(activated: true) }
   scope :deactivated, -> { by_name.includes(:roles).where(activated: false) }
-  class << self
-    def authenticate(email, password:)
-      user = User.find_by_email(email)
-      user if user.try { |u| u.authenticate!(password) }
-    end
-    def find_by_email(str)
-      find_by("LOWER(email) = ?", str.to_s.downcase)
-    end
-  end
-  def authenticate!(password)
-    return false unless can_login? && valid_password?(password)
-    rehash_password!(password) if password_needs_rehash?
-    true
-  end
-  def can_login?
-    activated?
-  end
   def mark_active!
     return if last_login_at && last_login_at > 10.minutes.ago
@@ -84,16 +48,6 @@ class User < ApplicationRecord
   private
-  def confirm_password_must_match
-    return if password.blank? || password == confirm_password
-    errors.add(:confirm_password, "does not match")
-  end
-  def encrypt_password(password)
-    BCrypt::Password.create(password)
-  end
   def ensure_first_user_has_all_roles
     return if User.any?
@@ -102,24 +56,4 @@ class User < ApplicationRecord
       roles.new(name: r.name) unless role?(r.name)
     end
   end
-  def hash_password
-    self.hashed_password = encrypt_password(password) if password.present?
-  end
-  def password_needs_rehash?
-    hashed_password.length <= 40
-  end
-  def rehash_password!(password)
-    update(hashed_password: encrypt_password(password))
-  end
-  def valid_password?(password)
-    if hashed_password.length <= 40
-      hashed_password == Digest::SHA1.hexdigest(password)
-    else
-      BCrypt::Password.new(hashed_password) == password
-    end
-  end
 end

data/app/policies/page_policy.rb CHANGED Viewed

@@ -18,7 +18,7 @@ class PagePolicy < Policy
   end
   def new?
-    user.role?(:pages)
+    user&.role?(:pages)
   end
   def show?
@@ -26,7 +26,11 @@ class PagePolicy < Policy
   end
   def edit?
-    user.role?(:pages)
+    user&.role?(:pages)
+  end
+  def edit2?
+    edit?
   end
   def move?

data/app/policies/user_policy.rb CHANGED Viewed

@@ -48,4 +48,8 @@ class UserPolicy < Policy
   def change_password?
     user == record
   end
+  def otp?
+    user == record
+  end
 end

data/app/resources/admin/page_resource.rb ADDED Viewed

@@ -0,0 +1,95 @@
+# frozen_string_literal: true
+module Admin
+  class PageResource
+    include Alba::Resource
+    include Rails.application.routes.url_helpers
+    include PagesCore::PagePathHelper
+    include DynamicImage::Helper
+    attributes :id, :starts_at, :ends_at, :all_day, :status, :published_at,
+               :pinned, :template, :unique_name, :feed_enabled, :news_page,
+               :parent_page_id, :user_id, :redirect_to
+    has_many :page_images, resource: Admin::PageImageResource
+    has_many :page_files, resource: Admin::PageFileResource
+    attribute :blocks do
+      PagesCore::Templates::TemplateConfiguration.all_blocks
+                                                 .index_with do |attr|
+        if object.template_config.block(attr)[:localized]
+          localized_attribute(object, attr)
+        else
+          object.send(attr)
+        end
+      end
+    end
+    attribute :errors do
+      object.errors.map do |e|
+        { attribute: e.attribute,
+          message: e.message }
+      end
+    end
+    attribute :urls do
+      if object.id?
+        localized_objects.filter(&:name?).each_with_object({}) do |p, obj|
+          obj[p.locale] = page_path(p.locale, p)
+          obj
+        end
+      else
+        {}
+      end
+    end
+    attribute :enabled_tags do
+      object.tags.map(&:name)
+    end
+    attribute :tags_and_suggestions do
+      Tag.tags_and_suggestions_for(object, limit: 20)
+         .map(&:name)
+    end
+    attribute :meta_image do
+      image_uploader(object.meta_image)
+    end
+    attribute :path_segment do
+      localized_attribute(object, :path_segment)
+    end
+    attribute :ancestors do
+      object.ancestors.map do |p|
+        { id: p.id,
+          name: localized_attribute(p, :name),
+          path_segment: localized_attribute(p, :path_segment) }
+      end
+    end
+    attribute :permissions do
+      [(:edit if Policy.for(params[:user], object).edit?),
+       (:create if Policy.for(params[:user], object).edit?)].compact
+    end
+    private
+    def image_uploader(image)
+      return { src: nil, image: nil } unless image
+      { src: dynamic_image_path(image, size: "500x"),
+        image: ::Admin::ImageResource.new(image).to_hash }
+    end
+    def localized_objects
+      object.locales.map { |l| object.localize(l) }
+    end
+    def localized_attribute(record, attr)
+      record.locales.index_with do |locale|
+        record.localize(locale).send(attr)
+      end
+    end
+  end
+end

data/app/resources/admin/page_tree_resource.rb ADDED Viewed

@@ -0,0 +1,27 @@
+# frozen_string_literal: true
+module Admin
+  class PageTreeResource
+    include Alba::Resource
+    attributes :id, :parent_page_id, :status, :news_page, :pinned,
+               :published_at
+    attribute :blocks do
+      { name: localized_attribute(object, :name) }
+    end
+    attribute :permissions do
+      [(:edit if Policy.for(params[:user], object).edit?),
+       (:create if Policy.for(params[:user], object).edit?)].compact
+    end
+    private
+    def localized_attribute(record, attr)
+      record.locales.index_with do |locale|
+        record.localize(locale).send(attr)
+      end
+    end
+  end
+end

data/app/resources/admin/template_configuration_resource.rb ADDED Viewed

@@ -0,0 +1,50 @@
+# frozen_string_literal: true
+module Admin
+  class TemplateConfigurationResource
+    include Alba::Resource
+    attributes :name, :template_name
+    attribute :blocks do
+      object.enabled_blocks.map do |block_name|
+        block(block_name)
+      end
+    end
+    attribute :metadata_blocks do
+      object.metadata_blocks.map do |block_name|
+        block(block_name)
+      end
+    end
+    attribute :images do
+      object.value(:images) || object.value(:image)
+    end
+    %i[dates tags files].each do |attr|
+      attribute attr do
+        object.value(attr)
+      end
+    end
+    private
+    def block(block_name)
+      reify_options(object.block(block_name).merge(name: block_name))
+    end
+    def reify_options(block)
+      return block unless block.key?(:options)
+      opts = block[:options]
+      opts = opts.call if opts.is_a?(Proc)
+      unless opts.present? && opts.first.is_a?(Array)
+        opts = opts.map { |v| [v, v] }
+      end
+      opts = ([["", nil]] + opts).uniq
+      block.merge(options: opts)
+    end
+  end
+end

data/app/views/admin/account_recoveries/new.html.erb ADDED Viewed

@@ -0,0 +1,22 @@
+<% content_for :page_title, "Account recovery" %>
+<% content_for :page_description, "Account recovery" %>
+<%= form_tag admin_account_recovery_path do %>
+  <h2>
+    Forgot your password or lost your authenticator?
+  </h2>
+  <p>
+    Don't worry, it happens.
+    Enter your email address below, and we'll send you a link where you
+    can recover your account.
+  </p>
+  <div class="field">
+    <label for="email">Email address</label>
+    <%= text_field_tag(:email, "", autocomplete: "email", autofocus: true) %>
+  </div>
+  <p>
+    <button type="submit">
+      Send
+    </button>
+  </p>
+<% end %>

data/app/views/admin/account_recoveries/show.html.erb ADDED Viewed

@@ -0,0 +1,37 @@
+<% content_for :page_title, "Account recovery" %>
+<% content_for :page_description, "Please choose a new password to proceed" %>
+<% content_for :body_class, "login" %>
+<div class="login-form">
+  <%= form_for(@user,
+               url: admin_account_recovery_path,
+               builder: PagesCore::Admin::FormBuilder,
+               class: 'form') do |f| %>
+    <%= hidden_field_tag :token, @token %>
+    <%= f.labelled_password_field(:password,
+                                  autofocus: true,
+                                  autocomplete: "new-password") %>
+    <%= f.labelled_password_field(:password_confirmation,
+                                  autocomplete: "new-password") %>
+    <% if @user.otp_enabled? %>
+      <div class="field">
+        <label for="otp">6 digit code or recovery code</label>
+        <%= text_field_tag(:otp, "",
+                           autocomplete: "one-time-code",
+                           size: 6) %>
+      </div>
+      <p>
+        Lost your authenticator device? You can use one of your
+        emergency recovery codes instead.
+      </p>
+    <% end %>
+    <p>
+      <button type="submit">
+        Change password
+      </button>
+      or <%= link_to "Return to login screen", admin_login_path %>
+    </p>
+  <% end %>
+</div>

data/app/views/admin/invites/show.html.erb CHANGED Viewed

@@ -14,7 +14,7 @@
   <%= f.labelled_text_field :email, autocomplete: "email" %>
   <%= f.labelled_password_field(:password,
                                 autocomplete: "new-password") %>
-  <%= f.labelled_password_field(:confirm_password,
+  <%= f.labelled_password_field(:password_confirmation,
                                 autocomplete: "new-password") %>
   <p>
     <button type="submit">

data/app/views/admin/news/_sidebar.html.erb CHANGED Viewed

@@ -19,9 +19,8 @@
     <h2>
       <%= link_to_unless_current(
         year,
-        admin_news_index_path(locale, year: year, category: category&.slug)
+        admin_news_index_path(locale, year: year)
       ) %>
-      <%= ": #{@category.name}" if @category %>
       <span class="count">
         (<%= year_count %>)
       </span>
@@ -37,8 +36,7 @@
           <% else %>
             <%= link_to(
               month_name(month),
-              admin_news_index_path(locale, year: year, month: month,
-                                    category: category&.slug)
+              admin_news_index_path(locale, year: year, month: month)
             ) %>
             <span class="count">
               (<%= page_count %>)

data/app/views/admin/news/index.html.erb CHANGED Viewed

@@ -18,7 +18,6 @@
   <%= render(partial: "sidebar",
              locals: {
                locale: content_locale,
-               category: @category,
                news_pages: @news_pages,
                archive_finder: @archive_finder
              }) %>

data/app/views/admin/otp_secrets/create.html.erb ADDED Viewed

@@ -0,0 +1,7 @@
+<% content_for :page_title, "2FA enabled" %>
+<% content_for :page_description, "Two-factor authentication enabled" %>
+<div class="content">
+  <%= render(partial: "admin/recovery_codes/codes",
+             locals: { recovery_codes: @recovery_codes }) %>
+</div>

data/app/views/admin/otp_secrets/new.html.erb ADDED Viewed

@@ -0,0 +1,60 @@
+<% content_for :page_title, "Enable 2FA" %>
+<% content_for :page_description, "Enable two-factor authentication" %>
+<%= form_tag(admin_otp_secret_path, method: :post, class: "totp-enrollment") do |f| %>
+  <h2>
+    Scan the QR-code
+  </h2>
+  <p>
+    Use an authenticator app or browser extension to scan the QR code below.<br>
+    Don't have one? Some options are
+    <%= link_to("1Password", "https://1password.com/") %>,
+    <%= link_to("LastPass Authenticator", "https://www.lastpass.com/") %>,
+    <%= link_to("Microsoft Authenticator",
+                "https://www.microsoft.com/en-us/security/mobile-authenticator-app") %>
+    or
+    <%= link_to("Google Authenticator",
+                "https://support.google.com/accounts/answer/1066447") %>.
+  </p>
+  <div class="qr-code">
+    <%= qr_code(@otp_secret.provisioning_uri) %>
+  </div>
+  <p>
+    If you are unable to scan the code, you can enter the following
+    info instead:
+  </p>
+  <p>
+    <b>Account name:</b><br>
+    <%= @otp_secret.account_name %>
+  </p>
+  <p>
+    <b>Secret:</b><br>
+    <span class="otp-secret">
+      <%= @otp_secret.secret %>
+    </span>
+  </p>
+  <h2>
+    Enter the code from the app
+  </h2>
+  <div class="field">
+    <label for="otp">6 digit code</label>
+    <%= text_field_tag(:otp, "",
+                       autofocus: true,
+                       autocomplete: "one-time-code",
+                       size: 6) %>
+  </div>
+  <%= hidden_field_tag :signed_message, @otp_secret.signed_message %>
+  <p>
+    <button type="submit">
+      Verify
+    </button>
+  </p>
+<% end %>