pages_core 3.5.1 → 3.6.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/README.md +7 -13
- data/app/assets/javascripts/pages/{admin.es6.jsx → admin.jsx} +2 -4
- data/app/assets/javascripts/pages/admin/components.jsx +2 -0
- data/app/assets/javascripts/pages/admin/components/attachment.jsx +130 -0
- data/app/assets/javascripts/pages/admin/components/attachment_editor.jsx +131 -0
- data/app/assets/javascripts/pages/admin/components/attachments.jsx +211 -0
- data/app/assets/javascripts/pages/admin/components/date_range_select.jsx +174 -0
- data/app/assets/javascripts/pages/admin/components/drag_uploader.jsx +174 -0
- data/app/assets/javascripts/pages/admin/components/editable_image.jsx +57 -0
- data/app/assets/javascripts/pages/admin/components/file_upload_button.jsx +44 -0
- data/app/assets/javascripts/pages/admin/components/focal_point.jsx +82 -0
- data/app/assets/javascripts/pages/admin/components/grid_image.jsx +124 -0
- data/app/assets/javascripts/pages/admin/components/image_editor.jsx +496 -0
- data/app/assets/javascripts/pages/admin/components/image_grid.jsx +301 -0
- data/app/assets/javascripts/pages/admin/components/image_uploader.jsx +171 -0
- data/app/assets/javascripts/pages/admin/components/modal.jsx +48 -0
- data/app/assets/javascripts/pages/admin/components/modal_store.jsx +20 -0
- data/app/assets/javascripts/pages/admin/components/page_dates.jsx +58 -0
- data/app/assets/javascripts/pages/admin/components/page_files.jsx +14 -0
- data/app/assets/javascripts/pages/admin/components/page_images.jsx +16 -0
- data/app/assets/javascripts/pages/admin/components/{page_tree.es6.jsx → page_tree.jsx} +7 -37
- data/app/assets/javascripts/pages/admin/components/{page_tree_node.es6.jsx → page_tree_node.jsx} +32 -10
- data/app/assets/javascripts/pages/admin/components/page_tree_store.jsx +203 -0
- data/app/assets/javascripts/pages/admin/components/rich_text_area.jsx +63 -0
- data/app/assets/javascripts/pages/admin/components/rich_text_toolbar.jsx +58 -0
- data/app/assets/javascripts/pages/admin/components/toast.jsx +37 -0
- data/app/assets/javascripts/pages/admin/components/toast_store.jsx +52 -0
- data/app/assets/javascripts/pages/admin/features/{content_tabs.es6.jsx → content_tabs.jsx} +11 -2
- data/app/assets/javascripts/pages/admin/features/{edit_page.es6.jsx → edit_page.jsx} +7 -51
- data/app/assets/javascripts/pages/admin/features/rich_text.jsx +14 -0
- data/app/assets/javascripts/pages/admin/features/{tag_editor.es6.jsx → tag_editor.jsx} +0 -0
- data/app/assets/javascripts/pages/admin/lib/{tree.es6.jsx → tree.jsx} +0 -0
- data/app/assets/javascripts/pages/{login_form.es6.jsx → login_form.jsx} +0 -0
- data/app/assets/stylesheets/pages/admin.scss +9 -13
- data/app/assets/stylesheets/pages/admin/components/archive.scss +6 -0
- data/app/assets/stylesheets/pages/admin/components/attachments.scss +130 -0
- data/app/assets/stylesheets/pages/admin/components/buttons.scss +18 -0
- data/app/assets/stylesheets/pages/admin/components/forms.scss +99 -21
- data/app/assets/stylesheets/pages/admin/components/header.scss +16 -28
- data/app/assets/stylesheets/pages/admin/components/image_editor.scss +195 -0
- data/app/assets/stylesheets/pages/admin/components/image_grid.scss +181 -0
- data/app/assets/stylesheets/pages/admin/components/image_uploader.scss +53 -0
- data/app/assets/stylesheets/pages/admin/components/links.scss +1 -1
- data/app/assets/stylesheets/pages/admin/components/list_table.scss +8 -5
- data/app/assets/stylesheets/pages/admin/components/login.scss +2 -8
- data/app/assets/stylesheets/pages/admin/components/modal.scss +91 -0
- data/app/assets/stylesheets/pages/admin/components/page_tree.scss +12 -6
- data/app/assets/stylesheets/pages/admin/components/pagination.scss +34 -16
- data/app/assets/stylesheets/pages/admin/components/sidebar.scss +9 -6
- data/app/assets/stylesheets/pages/admin/components/tag_editor.scss +20 -15
- data/app/assets/stylesheets/pages/admin/components/textarea.scss +1 -71
- data/app/assets/stylesheets/pages/admin/components/toast.scss +51 -0
- data/app/assets/stylesheets/pages/admin/components/toolbar.scss +108 -0
- data/app/assets/stylesheets/pages/admin/controllers/pages.scss +9 -21
- data/app/assets/stylesheets/pages/admin/controllers/users.scss +2 -2
- data/app/assets/stylesheets/pages/admin/vars.scss +26 -4
- data/app/controller_dummies/admin/admin_controller.rb +0 -2
- data/app/controller_dummies/application_controller.rb +2 -4
- data/app/controller_dummies/attachments_controller.rb +2 -0
- data/app/controller_dummies/frontend_controller.rb +0 -2
- data/app/controller_dummies/images_controller.rb +0 -2
- data/app/controller_dummies/page_files_controller.rb +0 -2
- data/app/controller_dummies/pages_controller.rb +0 -2
- data/app/controller_dummies/sitemaps_controller.rb +0 -2
- data/app/controllers/admin/attachments_controller.rb +48 -0
- data/app/controllers/admin/categories_controller.rb +2 -5
- data/app/controllers/admin/images_controller.rb +25 -19
- data/app/controllers/admin/invites_controller.rb +16 -26
- data/app/controllers/admin/pages_controller.rb +50 -32
- data/app/controllers/admin/password_resets_controller.rb +11 -18
- data/app/controllers/admin/users_controller.rb +16 -22
- data/app/controllers/concerns/pages_core/admin/news_page_controller.rb +21 -14
- data/app/controllers/concerns/pages_core/authentication.rb +0 -2
- data/app/controllers/concerns/pages_core/domain_based_cache.rb +0 -2
- data/app/controllers/concerns/pages_core/error_renderer.rb +33 -0
- data/app/controllers/concerns/pages_core/policies_helper.rb +9 -13
- data/app/controllers/concerns/pages_core/preview_pages_controller.rb +3 -5
- data/app/controllers/concerns/pages_core/process_titler.rb +1 -3
- data/app/controllers/concerns/pages_core/rss_controller.rb +0 -2
- data/app/controllers/errors_controller.rb +52 -26
- data/app/controllers/pages_core/admin_controller.rb +22 -13
- data/app/controllers/pages_core/attachments_controller.rb +36 -0
- data/app/controllers/pages_core/{application_controller.rb → base_controller.rb} +16 -5
- data/app/controllers/pages_core/frontend/page_files_controller.rb +5 -24
- data/app/controllers/pages_core/frontend/pages_controller.rb +4 -8
- data/app/controllers/pages_core/frontend_controller.rb +0 -2
- data/app/controllers/pages_core/images_controller.rb +0 -2
- data/app/controllers/pages_core/sitemaps_controller.rb +3 -5
- data/app/controllers/sessions_controller.rb +3 -15
- data/app/formatters/pages_core/html_formatter.rb +60 -16
- data/app/formatters/pages_core/link_renderer.rb +15 -0
- data/app/helpers/admin/admin_helper.rb +0 -2
- data/app/helpers/admin/menu_helper.rb +2 -4
- data/app/helpers/admin/pages_helper.rb +47 -9
- data/app/helpers/application_helper.rb +0 -2
- data/app/helpers/frontend_helper.rb +0 -2
- data/app/helpers/pages_core/admin/admin_helper.rb +75 -20
- data/app/helpers/pages_core/admin/form_builder.rb +36 -0
- data/app/helpers/pages_core/admin/labelled_field_helper.rb +6 -8
- data/app/helpers/pages_core/admin/tag_editor_helper.rb +0 -2
- data/app/helpers/pages_core/application_helper.rb +1 -2
- data/app/helpers/pages_core/attachments_helper.rb +36 -0
- data/app/helpers/pages_core/form_builder.rb +7 -11
- data/app/helpers/pages_core/frontend_helper.rb +0 -6
- data/app/helpers/pages_core/head_tags_helper.rb +8 -4
- data/app/helpers/pages_core/images_helper.rb +0 -2
- data/app/helpers/pages_core/meta_tags_helper.rb +3 -5
- data/app/helpers/pages_core/open_graph_tags_helper.rb +1 -3
- data/app/helpers/pages_core/page_path_helper.rb +14 -9
- data/app/jobs/pages_core/autopublish_job.rb +0 -2
- data/app/jobs/pages_core/sweep_cache_job.rb +0 -2
- data/app/mailers/admin_mailer.rb +3 -16
- data/app/models/attachment.rb +76 -0
- data/app/models/autopublisher.rb +3 -3
- data/app/models/category.rb +0 -3
- data/app/models/concerns/pages_core/has_roles.rb +1 -2
- data/app/models/concerns/pages_core/humanizable_param.rb +4 -4
- data/app/models/concerns/pages_core/page_model/attachments.rb +39 -0
- data/app/models/concerns/pages_core/page_model/autopublishable.rb +0 -2
- data/app/models/concerns/pages_core/page_model/dated_page.rb +59 -0
- data/app/models/concerns/pages_core/page_model/images.rb +12 -15
- data/app/models/concerns/pages_core/page_model/localizable.rb +10 -3
- data/app/models/concerns/pages_core/page_model/pathable.rb +8 -10
- data/app/models/concerns/pages_core/page_model/redirectable.rb +0 -2
- data/app/models/concerns/pages_core/page_model/sortable.rb +1 -3
- data/app/models/concerns/pages_core/page_model/status.rb +1 -3
- data/app/models/concerns/pages_core/page_model/templateable.rb +2 -4
- data/app/models/concerns/pages_core/page_model/tree.rb +24 -5
- data/app/models/concerns/pages_core/sweepable.rb +0 -2
- data/app/models/concerns/pages_core/taggable.rb +4 -3
- data/app/models/image.rb +1 -0
- data/app/models/invite.rb +0 -10
- data/app/models/page.rb +17 -21
- data/app/models/page_builder.rb +0 -2
- data/app/models/page_category.rb +0 -2
- data/app/models/page_exporter.rb +87 -0
- data/app/models/page_file.rb +24 -48
- data/app/models/page_image.rb +3 -37
- data/app/models/page_path.rb +0 -2
- data/app/models/password_reset_token.rb +0 -4
- data/app/models/role.rb +15 -2
- data/app/models/tag.rb +15 -6
- data/app/models/tagging.rb +1 -3
- data/app/models/user.rb +29 -25
- data/app/policies/page_file_policy.rb +13 -17
- data/app/policies/page_image_policy.rb +13 -17
- data/app/policies/page_policy.rb +26 -26
- data/app/policies/policy.rb +2 -8
- data/app/policies/user_policy.rb +32 -32
- data/app/serializers/admin/attachment_serializer.rb +29 -0
- data/app/serializers/admin/image_serializer.rb +53 -6
- data/app/serializers/admin/page_file_serializer.rb +6 -0
- data/app/serializers/admin/page_image_serializer.rb +1 -1
- data/app/serializers/page_export_serializer.rb +30 -0
- data/app/serializers/page_file_export_serializer.rb +4 -0
- data/app/serializers/page_image_export_serializer.rb +40 -0
- data/app/serializers/page_image_serializer.rb +2 -0
- data/app/services/pages_core/create_user_service.rb +36 -0
- data/app/services/pages_core/invite_service.rb +41 -0
- data/app/views/admin/images/show.json.jbuilder +6 -0
- data/app/views/admin/pages/_edit_content.html.erb +7 -0
- data/app/views/admin/pages/_edit_files.html.erb +8 -0
- data/app/views/admin/pages/_edit_images.html.erb +8 -95
- data/app/views/admin/pages/_edit_options.html.erb +7 -15
- data/app/views/admin/pages/_list_item.html.erb +50 -0
- data/app/views/admin/pages/deleted.html.erb +42 -0
- data/app/views/admin/pages/edit.html.erb +9 -94
- data/app/views/admin/pages/index.html.erb +9 -12
- data/app/views/admin/pages/new.html.erb +2 -1
- data/app/views/admin/pages/news.html.erb +59 -45
- data/app/views/admin/password_resets/show.html.erb +6 -9
- data/app/views/admin/users/_access_control.html.erb +4 -1
- data/app/views/admin/users/_list.html.erb +12 -7
- data/app/views/admin/users/edit.html.erb +5 -11
- data/app/views/admin/users/login.html.erb +58 -15
- data/app/views/admin/users/show.html.erb +1 -1
- data/app/views/admin_mailer/invite.text.erb +1 -1
- data/app/views/admin_mailer/password_reset.text.erb +1 -1
- data/app/views/errors/401.html.erb +6 -0
- data/app/views/errors/403.html.erb +1 -1
- data/app/views/errors/500.html.erb +11 -6
- data/app/views/errors/500_critical.html.erb +1 -1
- data/app/views/feeds/pages.rss.builder +1 -3
- data/app/views/layouts/admin.html.erb +83 -83
- data/app/views/layouts/admin/_analytics.html.erb +1 -3
- data/app/views/layouts/admin/_header.html.erb +2 -2
- data/app/views/layouts/errors.html.erb +3 -7
- data/config/locales/en.yml +12 -0
- data/config/routes.rb +38 -55
- data/db/migrate/20111219033112_create_pages_tables.rb +6 -8
- data/db/migrate/20120627033112_rename_textbits.rb +1 -3
- data/db/migrate/20121010055412_drop_removed_tables.rb +1 -3
- data/db/migrate/20130130053932_add_queue_to_delayed_jobs.rb +1 -3
- data/db/migrate/20130303053932_remove_filter_from_localizations.rb +1 -3
- data/db/migrate/20130303160632_remove_imagesets.rb +1 -3
- data/db/migrate/20130303161732_remove_sms_subscribers.rb +1 -3
- data/db/migrate/20130823133208_update_page_redirect_to.rb +1 -3
- data/db/migrate/20140203183900_create_roles.rb +1 -1
- data/db/migrate/20140414150500_change_locale_names.rb +1 -3
- data/db/migrate/20140604142100_remove_openid_url.rb +1 -1
- data/db/migrate/20140920231700_convert_images_to_dis.rb +1 -1
- data/db/migrate/20140922124600_convert_page_files_to_dis.rb +1 -1
- data/db/migrate/20141004003100_create_password_reset_tokens.rb +1 -1
- data/db/migrate/20141006181300_remove_user_cruft.rb +1 -1
- data/db/migrate/20141007173000_create_invites.rb +1 -1
- data/db/migrate/20150204130800_update_delayed_job_table.rb +1 -1
- data/db/migrate/20150401131300_localize_images.rb +1 -1
- data/db/migrate/20150520174300_add_meta_image_to_page.rb +1 -1
- data/db/migrate/20150904164200_add_pinned_to_tags.rb +1 -1
- data/db/migrate/20151002174800_create_page_paths.rb +2 -2
- data/db/migrate/20151021103400_drop_binaries_table.rb +1 -1
- data/db/migrate/20151204151000_remove_page_content_order.rb +1 -1
- data/db/migrate/20160330220900_rename_pages_categories.rb +1 -1
- data/db/migrate/20160405202700_change_localization_limit.rb +1 -1
- data/db/migrate/20170716040500_remove_page_comments.rb +23 -0
- data/db/migrate/20170716213400_remove_sessions.rb +15 -0
- data/db/migrate/20180207134000_add_dates_to_pages.rb +11 -0
- data/db/migrate/20190211154800_create_attachments.rb +73 -0
- data/lib/pages_core.rb +6 -9
- data/lib/pages_core/admin_menu_item.rb +0 -2
- data/lib/pages_core/archive_finder.rb +21 -15
- data/lib/pages_core/attachment_embedder.rb +38 -0
- data/lib/pages_core/cache_sweeper.rb +14 -23
- data/lib/pages_core/configuration.rb +0 -2
- data/lib/pages_core/configuration/base.rb +0 -2
- data/lib/pages_core/configuration/pages.rb +2 -8
- data/lib/pages_core/digest_verifier.rb +70 -0
- data/lib/pages_core/engine.rb +6 -13
- data/lib/pages_core/extensions.rb +0 -3
- data/lib/pages_core/extensions/string_extensions.rb +0 -2
- data/lib/pages_core/page_path_constraint.rb +0 -2
- data/lib/pages_core/pages_plugin.rb +0 -2
- data/lib/pages_core/plugin.rb +0 -2
- data/lib/pages_core/pub_sub.rb +36 -0
- data/lib/pages_core/templates.rb +0 -2
- data/lib/pages_core/templates/block_configuration.rb +1 -3
- data/lib/pages_core/templates/configuration.rb +88 -10
- data/lib/pages_core/templates/configuration_handler.rb +6 -4
- data/lib/pages_core/templates/configuration_proxy.rb +4 -2
- data/lib/pages_core/templates/controller_actions.rb +0 -2
- data/lib/pages_core/templates/template_configuration.rb +41 -37
- data/lib/pages_core/version.rb +1 -3
- data/lib/rails/generators/pages_core/frontend/frontend_generator.rb +10 -17
- data/lib/rails/generators/pages_core/frontend/templates/application.js.erb +1 -2
- data/lib/rails/generators/pages_core/frontend/templates/{application.css.scss.erb → application.scss.erb} +0 -0
- data/lib/rails/generators/pages_core/frontend/templates/{base.css.scss.erb → base.scss.erb} +0 -0
- data/lib/rails/generators/pages_core/frontend/templates/{breakpoints.css.scss.erb → breakpoints.scss.erb} +0 -0
- data/lib/rails/generators/pages_core/frontend/templates/clearfix.scss.erb +7 -0
- data/lib/rails/generators/pages_core/frontend/templates/layout.html.erb +0 -3
- data/lib/rails/generators/pages_core/install/install_generator.rb +4 -15
- data/lib/rails/generators/pages_core/install/templates/application_controller.rb +1 -3
- data/lib/rails/generators/pages_core/install/templates/application_helper.rb +0 -2
- data/lib/rails/generators/pages_core/install/templates/cache_sweeper_initializer.rb +0 -5
- data/lib/rails/generators/pages_core/install/templates/delayed_job_initializer.rb +0 -2
- data/lib/rails/generators/pages_core/install/templates/frontend_controller.rb +0 -2
- data/lib/rails/generators/pages_core/install/templates/frontend_helper.rb +0 -2
- data/lib/rails/generators/pages_core/install/templates/page_templates_initializer.rb +7 -15
- data/lib/rails/generators/pages_core/install/templates/pages_controller.rb +0 -2
- data/lib/rails/generators/pages_core/install/templates/pages_initializer.rb +2 -19
- data/lib/rails/generators/pages_core/rspec/rspec_generator.rb +2 -4
- data/lib/rails/generators/pages_core/rspec/templates/factories.rb +1 -1
- data/lib/rails/generators/pages_core/rspec/templates/spec_helper.rb +4 -13
- data/lib/tasks/pages.rake +0 -62
- data/lib/tasks/pages/cache.rake +6 -2
- data/lib/tasks/pages/export.rake +9 -0
- data/lib/tasks/pages/page_paths.rake +0 -2
- data/lib/tasks/pages/update.rake +0 -2
- data/template.rb +3 -3
- data/vendor/assets/javascripts/ReactCrop.min.js +1 -0
- data/vendor/assets/javascripts/reflux.min.js +1 -1
- data/vendor/assets/stylesheets/ReactCrop.css +167 -0
- metadata +200 -175
- data/app/assets/javascripts/pages/admin/components.es6.jsx +0 -1
- data/app/assets/javascripts/pages/admin/components/page_tree_actions.es6.jsx +0 -8
- data/app/assets/javascripts/pages/admin/components/page_tree_store.es6.jsx +0 -161
- data/app/assets/javascripts/pages/admin/features/editable_image.es6.jsx +0 -145
- data/app/assets/javascripts/pages/admin/features/modal.es6.jsx +0 -90
- data/app/assets/javascripts/pages/admin/features/page_images.es6.jsx +0 -338
- data/app/assets/javascripts/pages/admin/features/rich_text.es6.jsx +0 -124
- data/app/assets/javascripts/pages/admin/lib/ajax_extensions.es6.jsx +0 -21
- data/app/assets/javascripts/pages/admin/lib/center_on_screen.es6.jsx +0 -22
- data/app/assets/stylesheets/pages/admin/components/editable_image.scss +0 -18
- data/app/assets/stylesheets/pages/admin/components/images.scss +0 -155
- data/app/assets/stylesheets/pages/admin/print.scss +0 -17
- data/app/controllers/admin/page_comments_controller.rb +0 -61
- data/app/controllers/admin/page_files_controller.rb +0 -79
- data/app/controllers/admin/page_images_controller.rb +0 -111
- data/app/controllers/concerns/pages_core/add_comments_controller.rb +0 -67
- data/app/controllers/concerns/pages_core/exception_handler.rb +0 -137
- data/app/controllers/concerns/pages_core/search_pages_controller.rb +0 -40
- data/app/helpers/pages_core/login_helper.rb +0 -14
- data/app/indices/page_file_index.rb +0 -9
- data/app/indices/page_index.rb +0 -29
- data/app/indices/user_index.rb +0 -11
- data/app/models/concerns/pages_core/page_model/commentable.rb +0 -29
- data/app/models/concerns/pages_core/page_model/searchable.rb +0 -41
- data/app/models/page_comment.rb +0 -18
- data/app/serializers/page_tree_serializer.rb +0 -15
- data/app/views/admin/pages/_edit_comments.html.erb +0 -37
- data/app/views/admin/pages/_pagelisting.html.erb +0 -63
- data/app/views/admin/users/_login_form.html.erb +0 -47
- data/app/views/admin_mailer/comment_notification.text.erb +0 -7
- data/lib/pages_core/extensions/hash_extensions.rb +0 -23
- data/lib/pages_core/file_embedder.rb +0 -40
- data/lib/pages_core/paginates.rb +0 -102
- data/lib/rails/generators/pages_core/frontend/templates/hidpi.css.scss.erb +0 -8
- data/lib/rails/generators/pages_core/install/templates/thinking_sphinx.yml +0 -12
- data/lib/tasks/db.rake +0 -96
- data/lib/tasks/pages/assets.rake +0 -65
- data/vendor/assets/javascripts/jquery.dimscreen.js +0 -77
- data/vendor/assets/javascripts/jquery.fieldselection.js +0 -59
@@ -1,19 +1,10 @@
|
|
1
|
-
# encoding: utf-8
|
2
|
-
|
3
1
|
module Admin
|
4
2
|
class UsersController < Admin::AdminController
|
5
|
-
before_action :require_authentication, except: [
|
6
|
-
before_action :require_no_users, only: [
|
3
|
+
before_action :require_authentication, except: %i[new create login]
|
4
|
+
before_action :require_no_users, only: %i[new create]
|
7
5
|
before_action(
|
8
6
|
:find_user,
|
9
|
-
only: [
|
10
|
-
)
|
11
|
-
|
12
|
-
require_authorization(
|
13
|
-
User,
|
14
|
-
proc { @user },
|
15
|
-
member: [:delete_image, :update, :destroy, :edit],
|
16
|
-
collection: [:index, :deactivated, :new, :create]
|
7
|
+
only: %i[edit update show destroy delete_image]
|
17
8
|
)
|
18
9
|
|
19
10
|
def index
|
@@ -36,7 +27,7 @@ module Admin
|
|
36
27
|
end
|
37
28
|
|
38
29
|
def create
|
39
|
-
@user =
|
30
|
+
@user = PagesCore::CreateUserService.call(user_params)
|
40
31
|
if @user.valid?
|
41
32
|
authenticate!(@user)
|
42
33
|
redirect_to admin_default_url
|
@@ -45,14 +36,12 @@ module Admin
|
|
45
36
|
end
|
46
37
|
end
|
47
38
|
|
48
|
-
def show
|
49
|
-
end
|
39
|
+
def show; end
|
50
40
|
|
51
|
-
def edit
|
52
|
-
end
|
41
|
+
def edit; end
|
53
42
|
|
54
43
|
def update
|
55
|
-
if @user.update(
|
44
|
+
if @user.update(user_params_with_roles)
|
56
45
|
flash[:notice] = "Your changed to #{@user.name} were saved."
|
57
46
|
redirect_to admin_users_url
|
58
47
|
else
|
@@ -83,16 +72,21 @@ module Admin
|
|
83
72
|
end
|
84
73
|
|
85
74
|
def user_params
|
86
|
-
permitted_params = [
|
87
|
-
|
75
|
+
permitted_params = %i[
|
76
|
+
name email image image_id
|
88
77
|
]
|
89
78
|
permitted_params += [:activated, role_names: []] if policy(User).manage?
|
90
|
-
if
|
91
|
-
permitted_params += [
|
79
|
+
if User.none? || (@user && policy(@user).change_password?)
|
80
|
+
permitted_params += %i[password confirm_password]
|
92
81
|
end
|
93
82
|
params.require(:user).permit(permitted_params)
|
94
83
|
end
|
95
84
|
|
85
|
+
def user_params_with_roles
|
86
|
+
return user_params unless policy(User).manage?
|
87
|
+
{ role_names: [] }.merge(user_params)
|
88
|
+
end
|
89
|
+
|
96
90
|
def require_no_users
|
97
91
|
return unless User.any?
|
98
92
|
flash[:error] = "Account holder already exists"
|
@@ -1,5 +1,3 @@
|
|
1
|
-
# encoding: utf-8
|
2
|
-
|
3
1
|
module PagesCore
|
4
2
|
module Admin
|
5
3
|
module NewsPageController
|
@@ -7,16 +5,27 @@ module PagesCore
|
|
7
5
|
|
8
6
|
included do
|
9
7
|
before_action :require_news_pages, only: [:news]
|
10
|
-
before_action :find_news_pages, only: [
|
8
|
+
before_action :find_news_pages, only: %i[news new_news]
|
11
9
|
end
|
12
10
|
|
13
11
|
def news
|
14
12
|
@archive_finder = archive_finder(@news_pages, @locale)
|
15
|
-
@year, @month = year_and_month(@archive_finder)
|
16
|
-
@year ||= Time.zone.now.year
|
17
|
-
@month ||= Time.zone.now.month
|
18
13
|
|
19
|
-
|
14
|
+
unless params[:year]
|
15
|
+
redirect_to(news_admin_pages_path(@locale,
|
16
|
+
(@archive_finder.latest_year ||
|
17
|
+
Time.zone.now.year)))
|
18
|
+
return
|
19
|
+
end
|
20
|
+
|
21
|
+
@year = params[:year]&.to_i
|
22
|
+
@month = params[:month]&.to_i
|
23
|
+
|
24
|
+
@pages = (if @month
|
25
|
+
@archive_finder.by_year_and_month(@year, @month)
|
26
|
+
else
|
27
|
+
@archive_finder.by_year(@year)
|
28
|
+
end).paginate(per_page: 50, page: params[:page])
|
20
29
|
end
|
21
30
|
|
22
31
|
def new_news
|
@@ -35,7 +44,9 @@ module PagesCore
|
|
35
44
|
end
|
36
45
|
|
37
46
|
def find_news_pages
|
38
|
-
@news_pages = Page.news_pages
|
47
|
+
@news_pages = Page.news_pages
|
48
|
+
.in_locale(@locale)
|
49
|
+
.reorder("parent_page_id ASC, position ASC")
|
39
50
|
return if @news_pages.any?
|
40
51
|
redirect_to(admin_pages_url(@locale))
|
41
52
|
end
|
@@ -46,12 +57,8 @@ module PagesCore
|
|
46
57
|
redirect_to(admin_pages_url(@locale))
|
47
58
|
end
|
48
59
|
|
49
|
-
def
|
50
|
-
|
51
|
-
[params[:year], params[:month]].map(&:to_i)
|
52
|
-
else
|
53
|
-
archive_finder.latest_year_and_month
|
54
|
-
end
|
60
|
+
def latest_year
|
61
|
+
archive_finder.latest_year_and_month.first || Time.zone.now.year
|
55
62
|
end
|
56
63
|
end
|
57
64
|
end
|
@@ -0,0 +1,33 @@
|
|
1
|
+
module PagesCore
|
2
|
+
module ErrorRenderer
|
3
|
+
extend ActiveSupport::Concern
|
4
|
+
# Renders a fancy error page from app/views/errors. If the error name
|
5
|
+
# is numeric, it will also be set as the response status. Example:
|
6
|
+
#
|
7
|
+
# render_error 404
|
8
|
+
#
|
9
|
+
def render_error(error, options = {})
|
10
|
+
options[:status] ||= error if error.is_a? Numeric
|
11
|
+
respond_to do |format|
|
12
|
+
format.html do
|
13
|
+
options[:layout] = error_layout(error, options)
|
14
|
+
@email = current_user.try(&:email) || ""
|
15
|
+
render({ template: "errors/#{error}" }.merge(options))
|
16
|
+
end
|
17
|
+
format.any { head options[:status] }
|
18
|
+
end
|
19
|
+
true
|
20
|
+
end
|
21
|
+
|
22
|
+
protected
|
23
|
+
|
24
|
+
def error_layout(error, options = {})
|
25
|
+
return options[:layout] if options.key?(:layout)
|
26
|
+
if error == 404 && PagesCore.config.error_404_layout?
|
27
|
+
PagesCore.config.error_404_layout
|
28
|
+
else
|
29
|
+
"errors"
|
30
|
+
end
|
31
|
+
end
|
32
|
+
end
|
33
|
+
end
|
@@ -7,23 +7,19 @@ module PagesCore
|
|
7
7
|
end
|
8
8
|
|
9
9
|
module ClassMethods
|
10
|
-
def require_authorization(
|
11
|
-
|
10
|
+
def require_authorization(object: nil, instance: nil)
|
11
|
+
object ||= inferred_policy_class
|
12
|
+
|
12
13
|
before_action do |controller|
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
verify_policy_with_proc(controller, member)
|
18
|
-
end
|
14
|
+
instance_name = "@#{object.name.underscore}"
|
15
|
+
record = instance || controller.instance_variable_get(instance_name)
|
16
|
+
|
17
|
+
verify_policy_with_proc(controller, record || object)
|
19
18
|
end
|
20
19
|
end
|
21
20
|
|
22
|
-
def
|
23
|
-
|
24
|
-
collection: [:index, :new, :create],
|
25
|
-
member: [:show, :edit, :update, :destroy]
|
26
|
-
}
|
21
|
+
def inferred_policy_class
|
22
|
+
const_get(name.demodulize.gsub(/Controller$/, "").singularize)
|
27
23
|
end
|
28
24
|
end
|
29
25
|
|
@@ -1,5 +1,3 @@
|
|
1
|
-
# encoding: utf-8
|
2
|
-
|
3
1
|
module PagesCore
|
4
2
|
module PreviewPagesController
|
5
3
|
extend ActiveSupport::Concern
|
@@ -29,9 +27,9 @@ module PagesCore
|
|
29
27
|
end
|
30
28
|
|
31
29
|
def permitted_page_attributes
|
32
|
-
[
|
33
|
-
|
34
|
-
|
30
|
+
%i[template user_id status feed_enabled published_at
|
31
|
+
redirect_to image_link news_page
|
32
|
+
unique_name pinned parent_page_id]
|
35
33
|
end
|
36
34
|
|
37
35
|
def page_params
|
@@ -1,5 +1,3 @@
|
|
1
|
-
# encoding: utf-8
|
2
|
-
|
3
1
|
module PagesCore
|
4
2
|
module ProcessTitler
|
5
3
|
extend ActiveSupport::Concern
|
@@ -10,7 +8,7 @@ module PagesCore
|
|
10
8
|
end
|
11
9
|
|
12
10
|
class << self
|
13
|
-
|
11
|
+
attr_writer :number_of_requests
|
14
12
|
|
15
13
|
def original_title
|
16
14
|
@original_title ||= $PROGRAM_NAME
|
@@ -1,24 +1,21 @@
|
|
1
|
-
# encoding: utf-8
|
2
|
-
|
3
1
|
class ErrorsController < ::ApplicationController
|
4
2
|
layout "errors"
|
5
3
|
|
6
|
-
skip_before_action :verify_authenticity_token
|
7
|
-
|
8
4
|
def report
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
params[:description]
|
14
|
-
)
|
15
|
-
@error_id = session[:error_report]
|
5
|
+
report = decrypt_report(params[:error_report])
|
6
|
+
report[:user] = User.find_by(id: report[:user_id]) if report.key?(:user_id)
|
7
|
+
|
8
|
+
deliver_error_report(report, params[:email], params[:description])
|
16
9
|
end
|
17
10
|
|
18
11
|
def show
|
19
12
|
render_error params[:id].to_i
|
20
13
|
end
|
21
14
|
|
15
|
+
def forbidden
|
16
|
+
render_error 403
|
17
|
+
end
|
18
|
+
|
22
19
|
def not_found
|
23
20
|
render_error 404
|
24
21
|
end
|
@@ -27,8 +24,21 @@ class ErrorsController < ::ApplicationController
|
|
27
24
|
render_error 422
|
28
25
|
end
|
29
26
|
|
27
|
+
def unauthorized
|
28
|
+
render_error 401
|
29
|
+
end
|
30
|
+
|
30
31
|
def internal_error
|
31
|
-
|
32
|
+
exception = request.env["action_dispatch.exception"]
|
33
|
+
if !exception
|
34
|
+
render_error 500
|
35
|
+
elsif exception.is_a?(PagesCore::NotAuthorized)
|
36
|
+
render_error 403
|
37
|
+
else
|
38
|
+
@report = encrypt_report(error_report(request, exception))
|
39
|
+
wrapper = ActionDispatch::ExceptionWrapper.new(nil, exception)
|
40
|
+
render_error wrapper.status_code
|
41
|
+
end
|
32
42
|
end
|
33
43
|
|
34
44
|
private
|
@@ -37,21 +47,37 @@ class ErrorsController < ::ApplicationController
|
|
37
47
|
AdminMailer.error_report(report, from, description).deliver_now
|
38
48
|
end
|
39
49
|
|
40
|
-
def
|
41
|
-
|
42
|
-
|
43
|
-
|
44
|
-
|
45
|
-
|
46
|
-
|
47
|
-
|
48
|
-
|
49
|
-
|
50
|
+
def decrypt_report(str)
|
51
|
+
YAML.safe_load(report_encryptor.decrypt_and_verify(str))
|
52
|
+
end
|
53
|
+
|
54
|
+
def encrypt_report(report)
|
55
|
+
report_encryptor.encrypt_and_sign(report.to_yaml)
|
56
|
+
end
|
57
|
+
|
58
|
+
def error_report(request, exception)
|
59
|
+
{ message: exception.to_s,
|
60
|
+
url: request.original_url,
|
61
|
+
env: request.env.select { |_, v| v.is_a?(String) },
|
62
|
+
params: params.to_unsafe_h,
|
63
|
+
session: session.to_hash,
|
64
|
+
backtrace: exception_backtrace(exception),
|
65
|
+
timestamp: Time.now.utc,
|
66
|
+
user_id: current_user.try(&:id) }
|
67
|
+
end
|
68
|
+
|
69
|
+
def exception_backtrace(exception)
|
70
|
+
Rails.backtrace_cleaner.send(:filter, exception.backtrace)
|
50
71
|
end
|
51
72
|
|
52
|
-
def
|
53
|
-
|
54
|
-
|
55
|
-
|
73
|
+
def report_encryptor
|
74
|
+
ActiveSupport::MessageEncryptor.new(
|
75
|
+
ActiveSupport::CachingKeyGenerator.new(
|
76
|
+
ActiveSupport::KeyGenerator.new(
|
77
|
+
Rails.application.secrets.secret_key_base,
|
78
|
+
iterations: 1000
|
79
|
+
)
|
80
|
+
).generate_key("encrypted error report")
|
81
|
+
)
|
56
82
|
end
|
57
83
|
end
|
@@ -1,9 +1,9 @@
|
|
1
|
-
# encoding: utf-8
|
2
|
-
|
3
1
|
# All admin controllers inherit Admin::AdminController, which provides layout,
|
4
2
|
# authorization and other common code for the Admin set of controllers.
|
5
3
|
module PagesCore
|
6
4
|
class AdminController < ::ApplicationController
|
5
|
+
protect_from_forgery with: :exception
|
6
|
+
|
7
7
|
before_action :set_i18n_locale
|
8
8
|
before_action :require_authentication
|
9
9
|
before_action :restore_persistent_params
|
@@ -59,15 +59,15 @@ module PagesCore
|
|
59
59
|
current_user.save
|
60
60
|
end
|
61
61
|
|
62
|
-
def secure_compare(
|
63
|
-
return false unless
|
64
|
-
return false unless
|
62
|
+
def secure_compare(compare, other)
|
63
|
+
return false unless compare && other
|
64
|
+
return false unless compare.bytesize == other.bytesize
|
65
65
|
|
66
|
-
l =
|
66
|
+
l = compare.unpack "C#{compare.bytesize}"
|
67
67
|
|
68
68
|
res = 0
|
69
|
-
|
70
|
-
res
|
69
|
+
other.each_byte { |byte| res |= byte ^ l.shift }
|
70
|
+
res.zero?
|
71
71
|
end
|
72
72
|
|
73
73
|
# --- HELPERS ---
|
@@ -84,25 +84,34 @@ module PagesCore
|
|
84
84
|
session[:persistent_params][namespace]
|
85
85
|
end
|
86
86
|
|
87
|
-
def coerce_persistent_param(
|
88
|
-
case
|
87
|
+
def coerce_persistent_param(value)
|
88
|
+
case value
|
89
89
|
when "true"
|
90
90
|
true
|
91
91
|
when "false"
|
92
92
|
false
|
93
93
|
else
|
94
|
-
|
94
|
+
value
|
95
95
|
end
|
96
96
|
end
|
97
97
|
|
98
98
|
# Get a persistent param
|
99
99
|
def persistent_param(key, default = nil, options = {})
|
100
|
+
key = key.to_s
|
100
101
|
namespace = options[:namespace] || self.class.to_s
|
101
102
|
|
102
|
-
value = coerce_persistent_param(
|
103
|
+
value = coerce_persistent_param(
|
104
|
+
if params.key?(key)
|
105
|
+
params[key]
|
106
|
+
elsif persistent_params(namespace).key?(key)
|
107
|
+
persistent_params(namespace)[key]
|
108
|
+
else
|
109
|
+
default
|
110
|
+
end
|
111
|
+
)
|
103
112
|
|
104
113
|
if !value.nil? || options[:preserve_nil]
|
105
|
-
persistent_params(namespace)[key] = value
|
114
|
+
persistent_params(namespace)[key.to_s] = value
|
106
115
|
end
|
107
116
|
|
108
117
|
value
|
@@ -0,0 +1,36 @@
|
|
1
|
+
module PagesCore
|
2
|
+
class AttachmentsController < ::ApplicationController
|
3
|
+
before_action :verify_signed_params
|
4
|
+
before_action :find_attachment, only: %i[show download]
|
5
|
+
|
6
|
+
caches_page :show
|
7
|
+
|
8
|
+
def show
|
9
|
+
send_attachment
|
10
|
+
end
|
11
|
+
|
12
|
+
def download
|
13
|
+
send_attachment disposition: "attachment"
|
14
|
+
end
|
15
|
+
|
16
|
+
private
|
17
|
+
|
18
|
+
def find_attachment
|
19
|
+
@attachment = Attachment.find(params[:id])
|
20
|
+
end
|
21
|
+
|
22
|
+
def send_attachment(disposition: "inline")
|
23
|
+
if stale?(etag: @attachment, last_modified: @attachment.updated_at)
|
24
|
+
send_data(@attachment.data,
|
25
|
+
filename: @attachment.filename,
|
26
|
+
type: @attachment.content_type,
|
27
|
+
disposition: disposition)
|
28
|
+
end
|
29
|
+
end
|
30
|
+
|
31
|
+
def verify_signed_params
|
32
|
+
key = params[:id].to_i.to_s
|
33
|
+
Attachment.verifier.verify(key, params[:digest])
|
34
|
+
end
|
35
|
+
end
|
36
|
+
end
|