pages_core 3.4.2

data/app/models/page_image.rb

@@ -0,0 +1,62 @@
+# encoding: utf-8
+
+class PageImage < ActiveRecord::Base
+  belongs_to :page
+  belongs_to_image :image
+
+  validates_presence_of :page_id
+
+  accepts_nested_attributes_for :image
+  validates_associated :image
+
+  acts_as_list scope: :page
+
+  localizable
+
+  validate do |page_image|
+    if page_image.page && page_image.page.page_images.count < 1
+      page_image.primary = true
+    end
+  end
+
+  after_save do |page_image|
+    if page_image.primary_changed?
+
+      # Make sure only one PageImage can be the primary,
+      # then update image_id on the page.
+      if page_image.primary?
+        PageImage.where
+        page_image.page
+          .page_images
+          .where("id != ?", page_image.id)
+          .update_all(primary: false)
+        page_image.page.update(image_id: page_image.image_id)
+
+      # Clear image_id on the page if primary is toggled off
+      else
+        page_image.page.update(image_id: nil)
+      end
+    end
+  end
+
+  after_destroy do |page_image|
+    page_image.page.update(image_id: nil) if page_image.primary?
+  end
+
+  class << self
+    def cleanup!
+      all.each do |page_image|
+        page_image.destroy unless page_image.image
+      end
+    end
+  end
+
+  def image
+    super.localize!(locale)
+  end
+
+  def to_json(options = {})
+    options = { include: [:image] }.merge(options)
+    super(options)
+  end
+end

data/app/models/password_reset_token.rb

@@ -0,0 +1,38 @@
+class PasswordResetToken < ActiveRecord::Base
+  belongs_to :user
+  before_create :ensure_token
+  before_create :ensure_expiration
+
+  validates :user_id, presence: true
+
+  scope :active,  -> { where("expires_at >= ?", Time.now) }
+  scope :expired, -> { where("expires_at < ?", Time.now) }
+
+  class << self
+    def default_expiration
+      24.hours
+    end
+
+    def expire!
+      expired.delete_all
+    end
+
+    def find_by_token(token)
+      active.where(token: token).first
+    end
+  end
+
+  def expired?
+    expires_at < Time.now
+  end
+
+  private
+
+  def ensure_expiration
+    self.expires_at ||= Time.now + self.class.default_expiration
+  end
+
+  def ensure_token
+    self.token ||= SecureRandom.hex(32)
+  end
+end

data/app/models/role.rb

@@ -0,0 +1,51 @@
+class Role < ActiveRecord::Base
+  belongs_to :user
+  validates :name,
+            presence:   true,
+            uniqueness: { scope: :user_id },
+            inclusion:  { in: proc { Role.roles.map(&:name) } }
+
+  class << self
+    def define(name, description, default = false)
+      if roles.map(&:name).include?(name.to_s)
+        fail ArgumentError, "Tried to define role :#{role}, " \
+          "but a role by that name already exists"
+      else
+        roles << OpenStruct.new(
+          name: name.to_s,
+          description: description,
+          default: default
+        )
+      end
+    end
+
+    def roles
+      @roles ||= default_roles
+    end
+
+    def names
+      all.map(&:name)
+    end
+
+    protected
+
+    def default_roles
+      [
+        OpenStruct.new(
+          name: "users", description: "Can manage users", default: false
+        ),
+        OpenStruct.new(
+          name: "pages", description: "Can manage pages", default: true
+        )
+      ]
+    end
+  end
+
+  def name=(new_name)
+    super(new_name.to_s)
+  end
+
+  def to_s
+    name.humanize
+  end
+end

data/app/models/tag.rb

@@ -0,0 +1,64 @@
+# encoding: utf-8
+
+class Tag < ActiveRecord::Base
+  include PagesCore::HumanizableParam
+  has_many :taggings
+
+  scope :pinned, -> { where(pinned: true) }
+  scope :sorted, -> { order("pinned DESC, name ASC") }
+
+  class << self
+    def tags_and_suggestions_for(taggable, options = {})
+      options = default_options.merge(options)
+      tags = (taggable.tags.sorted + pinned.sorted).uniq
+      if tags.count < options[:limit]
+        suggested = suggestions(tags, options)
+        tags = tags.to_a + suggested[0...(options[:limit] - tags.length)]
+      end
+      tags
+    end
+
+    def parse(*tags)
+      Array(tags).flatten
+        .map { |tag| tag.is_a?(Tag) ? tag.name : tag }
+        .map { |tag| tag.split(",") }
+        .flatten
+        .map(&:strip)
+    end
+
+    private
+
+    def suggestions(tags, options = {})
+      Tag.joins(:taggings)
+        .select("`tags`.*, COUNT(`tags`.id) AS counter")
+        .group("`tags`.id")
+        .order("counter DESC")
+        .limit(options[:limit])
+        .reject { |t| tags.include?(t) }
+    end
+
+    def default_options
+      { limit: 100 }
+    end
+  end
+
+  def tagged
+    @tagged ||= taggings.collect(&:taggable)
+  end
+
+  def on(taggable)
+    taggings.create(taggable: taggable)
+  end
+
+  def ==(other)
+    super || name == other.to_s
+  end
+
+  def to_param
+    humanized_param(name)
+  end
+
+  def to_s
+    name
+  end
+end

data/app/models/tagging.rb

@@ -0,0 +1,22 @@
+# encoding: utf-8
+
+class Tagging < ActiveRecord::Base
+  belongs_to :tag
+  belongs_to :taggable, polymorphic: true
+
+  validates_presence_of :taggable_id, :taggable_type
+  validates :tag_id,
+            presence: true,
+            uniqueness: { scope: [:taggable_type, :taggable_id] }
+
+  def self.tagged_class(taggable)
+    ActiveRecord::Base.send(
+      :class_of_active_record_descendant,
+      taggable.class
+    ).to_s
+  end
+
+  def self.find_taggable(tagged_class, tagged_id)
+    tagged_class.constantize.find(tagged_id)
+  end
+end

data/app/models/user.rb

@@ -0,0 +1,131 @@
+# encoding: utf-8
+
+class User < ActiveRecord::Base
+  include PagesCore::HasRoles
+
+  attr_accessor :password, :confirm_password
+
+  belongs_to :creator, class_name: "User", foreign_key: "created_by"
+  has_many :created_users, class_name: "User", foreign_key: "created_by"
+  has_many :pages
+  has_many :password_reset_tokens, dependent: :destroy
+  has_many :roles, dependent: :destroy
+  has_many :invites, dependent: :destroy
+  belongs_to_image :image, foreign_key: :image_id
+
+  serialize :persistent_data
+
+  validates :username,
+            presence: true,
+            uniqueness: { case_sensitive: false }
+
+  validates :name,
+            presence: true
+
+  validates :email,
+            presence: true,
+            format: { with: /\A([^@\s]+)@((?:[-a-z0-9]+\.)+[a-z]{2,})\Z/i },
+            uniqueness: { case_sensitive: false }
+
+  validates :password, presence: true, on: :create
+  validates :password, length: { minimum: 8 }, allow_blank: true
+
+  validate :confirm_password_must_match
+
+  before_validation :ensure_username
+  before_validation :hash_password
+  before_create :ensure_first_user_has_all_roles
+
+  after_save ThinkingSphinx::RealTime.callback_for(:user)
+
+  scope :by_name,     -> { order("name ASC") }
+  scope :activated,   -> { by_name.includes(:roles).where(activated: true) }
+  scope :deactivated, -> { by_name.includes(:roles).where(activated: false) }
+
+  class << self
+    def authenticate(email, password:)
+      user = User.find_by_username_or_email(email)
+      user if user.try { |u| u.authenticate!(password) }
+    end
+
+    # Finds a user by either username or email address.
+    def find_by_username_or_email(string)
+      where(username: string.to_s).first ||
+        where(email: string.to_s).first
+    end
+  end
+
+  def authenticate!(password)
+    if can_login? && valid_password?(password)
+      rehash_password!(password) if password_needs_rehash?
+      true
+    else
+      false
+    end
+  end
+
+  def can_login?
+    self.activated?
+  end
+
+  def mark_active!
+    return if last_login_at && last_login_at > 10.minutes.ago
+    update_columns(last_login_at: Time.now)
+  end
+
+  def name_and_email
+    "#{name} <#{email}>"
+  end
+
+  def online?
+    (last_login_at && last_login_at > 15.minutes.ago) ? true : false
+  end
+
+  def realname
+    name
+  end
+
+  private
+
+  def confirm_password_must_match
+    return if password.blank? || password == confirm_password
+    errors.add(:confirm_password, "does not match")
+  end
+
+  def encrypt_password(password)
+    BCrypt::Password.create(password)
+  end
+
+  def ensure_username
+    self.username ||= email
+  end
+
+  def ensure_first_user_has_all_roles
+    return if User.any?
+    self.activated = true
+    Role.roles.each do |role|
+      roles.new(name: role.name)
+    end
+  end
+
+  def hash_password
+    self.hashed_password = encrypt_password(password) unless password.blank?
+  end
+
+  def password_needs_rehash?
+    hashed_password.length <= 40
+  end
+
+  def rehash_password!(password)
+    update(hashed_password: encrypt_password(password))
+  end
+
+  def valid_password?(password)
+    if hashed_password.length <= 40
+      return true if hashed_password == Digest::SHA1.hexdigest(password)
+    else
+      return true if BCrypt::Password.new(hashed_password) == password
+    end
+    false
+  end
+end

data/app/policies/invite_policy.rb

@@ -0,0 +1,29 @@
+class InvitePolicy < Policy
+  def index?
+    true
+  end
+
+  def reorder?
+    user.role?(:users)
+  end
+
+  def new?
+    user.role?(:users)
+  end
+
+  def show?
+    true
+  end
+
+  def edit?
+    user.role?(:users)
+  end
+
+  def accept?
+    true
+  end
+
+  def policies?
+    user.role?(:users)
+  end
+end

data/app/policies/page_file_policy.rb

@@ -0,0 +1,25 @@
+class PageFilePolicy < Policy
+  module Collection
+    def index?
+      true
+    end
+
+    def reorder?
+      user.role?(:pages)
+    end
+
+    def new?
+      user.role?(:pages)
+    end
+  end
+
+  module Member
+    def show?
+      true
+    end
+
+    def edit?
+      user.role?(:pages)
+    end
+  end
+end

data/app/policies/page_image_policy.rb

@@ -0,0 +1,25 @@
+class PageImagePolicy < Policy
+  module Collection
+    def index?
+      true
+    end
+
+    def reorder?
+      user.role?(:pages)
+    end
+
+    def new?
+      user.role?(:pages)
+    end
+  end
+
+  module Member
+    def show?
+      true
+    end
+
+    def edit?
+      user.role?(:pages)
+    end
+  end
+end

data/app/policies/page_policy.rb

@@ -0,0 +1,33 @@
+class PagePolicy < Policy
+  module Collection
+    def index?
+      true
+    end
+
+    def news?
+      true
+    end
+
+    def new?
+      user.role?(:pages)
+    end
+
+    def new_news?
+      create?
+    end
+
+    def reorder_pages?
+      create?
+    end
+  end
+
+  module Member
+    def show?
+      true
+    end
+
+    def edit?
+      user.role?(:pages)
+    end
+  end
+end

data/app/policies/policy.rb

@@ -0,0 +1,64 @@
+class Policy
+  module DefaultPolicy
+    def index
+      false
+    end
+
+    def new?
+      false
+    end
+
+    def create?
+      new?
+    end
+
+    def show?
+      false
+    end
+
+    def edit?
+      false
+    end
+
+    def update?
+      edit?
+    end
+
+    def destroy?
+      edit?
+    end
+  end
+
+  include DefaultPolicy
+
+  attr_reader :user, :record
+
+  def initialize(user, record = nil)
+    @user = user
+    @record = record
+  end
+
+  class << self
+    def for(user, object)
+      if object.is_a?(Class)
+        "#{object}Policy".constantize.collection(user)
+      else
+        "#{object.class}Policy".constantize.member(user, object)
+      end
+    end
+
+    def collection(user)
+      policy = new(user)
+      const_defined?(:Collection) &&
+        policy.extend(const_get(:Collection))
+      policy
+    end
+
+    def member(user, record)
+      policy = new(user, record)
+      const_defined?(:Member) &&
+        policy.extend(const_get(:Member))
+      policy
+    end
+  end
+end

data/app/policies/user_policy.rb

@@ -0,0 +1,49 @@
+class UserPolicy < Policy
+  module Collection
+    def index?
+      true
+    end
+
+    def deactivated?
+      index?
+    end
+
+    def new?
+      (!User.any?) || user.role?(:users)
+    end
+
+    def create?
+      new?
+    end
+
+    def manage?
+      new?
+    end
+  end
+
+  module Member
+    def edit?
+      user == record || user.role?(:users)
+    end
+
+    def show?
+      edit?
+    end
+
+    def delete_image?
+      edit?
+    end
+
+    def policies?
+      user.role?(:users)
+    end
+
+    def destroy?
+      user.role?(:users)
+    end
+  end
+
+  def change_password?
+    user == record
+  end
+end

data/app/serializers/admin/image_serializer.rb

@@ -0,0 +1,10 @@
+module Admin
+  class ImageSerializer < ActiveModel::Serializer
+    attributes(
+      :id, :filename, :content_type, :content_hash, :content_length,
+      :colorspace, :real_width, :real_height, :crop_width, :crop_height,
+      :crop_start_x, :crop_start_y, :crop_gravity_x, :crop_gravity_y,
+      :alternative, :caption, :created_at, :updated_at
+    )
+  end
+end

data/app/serializers/admin/page_image_serializer.rb

@@ -0,0 +1,6 @@
+module Admin
+  class PageImageSerializer < ActiveModel::Serializer
+    attributes :id, :page_id, :image_id, :position, :primary
+    has_one :image
+  end
+end

data/app/serializers/page_image_serializer.rb

@@ -0,0 +1,38 @@
+class PageImageSerializer < ActiveModel::Serializer
+  include DynamicImage::Helper
+  attributes :id, :image_id, :primary, :filename
+  attributes :alternative, :caption, :created_at, :url
+
+  def name
+    object.image.name
+  end
+
+  def alternative
+    object.image.alternative
+  end
+
+  def caption
+    object.image.caption
+  end
+
+  def filename
+    object.image.filename
+  end
+
+  def size
+    object.image.crop_size
+  end
+
+  def created_at
+    object.image.created_at
+  end
+
+  def url
+    dynamic_image_path(
+      object.image,
+      size: "2000x2000",
+      crop: false,
+      upscale: false
+    )
+  end
+end

data/app/serializers/page_serializer.rb

@@ -0,0 +1,21 @@
+class PageSerializer < ActiveModel::Serializer
+  attributes :id, :param, :parent_page_id, :locale
+  attributes(*PagesCore::Templates::TemplateConfiguration.all_blocks)
+  attributes :published_at, :pinned
+
+  has_one :image
+  has_many :images
+  has_many :pages
+
+  def param
+    object.to_param
+  end
+
+  def image
+    object.page_images.where(primary: true).try(:first)
+  end
+
+  def images
+    object.page_images
+  end
+end

data/app/views/admin/invites/new.html.erb

@@ -0,0 +1,16 @@
+<%
+  self.page_title = "New invite"
+  self.page_description = "New invite"
+%>
+
+<% content_for(:sidebar) do %>
+  &nbsp;
+<% end %>
+
+<%= form_for [:admin, @invite], builder: PagesCore::FormBuilder do |f| %>
+  <%= f.labelled_text_field :email %>
+  <%= render partial: "admin/users/access_control", locals: { user: @user, f: f } %>
+  <button type="submit">
+    Send invite
+  </button>
+<% end %>