RubyGems - pages_core - Versions diffs - 3.6.2 → 3.7.0 - Mend

pages_core 3.6.2 → 3.7.0

Files changed (232) hide show

data/app/controllers/admin/password_resets_controller.rb CHANGED Viewed

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 module Admin
   class PasswordResetsController < Admin::AdminController
     before_action :find_password_reset_token, only: %i[show update]
@@ -42,11 +44,12 @@ module Admin
         admin_password_reset_with_token_url(
           password_reset, password_reset.token
         )
-      ).deliver_now
+      ).deliver_later
     end
     def find_user_by_email(email)
       return unless email
       User.login_name(params[:username])
     end
@@ -60,10 +63,10 @@ module Admin
     def find_password_reset_token
       @password_reset_token = begin
-                                PasswordResetToken.find(params[:id])
-                              rescue ActiveRecord::RecordNotFound
-                                nil
-                              end
+        PasswordResetToken.find(params[:id])
+      rescue ActiveRecord::RecordNotFound
+        nil
+      end
       return if valid_token?(@password_reset_token)
@@ -73,6 +76,7 @@ module Admin
     def check_for_expired_token
       return unless @password_reset_token.expired?
       @password_reset_token.destroy
       flash[:notice] = "Your password reset link has expired"
       redirect_to(login_admin_users_url)

data/app/controllers/admin/users_controller.rb CHANGED Viewed

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 module Admin
   class UsersController < Admin::AdminController
     before_action :require_authentication, except: %i[new create login]
@@ -19,6 +21,7 @@ module Admin
     def login
       return unless logged_in?
       redirect_to admin_default_url
     end
@@ -72,10 +75,11 @@ module Admin
     end
     def user_params
-      permitted_params = %i[
-        name email image image_id
-      ]
-      permitted_params += [:activated, role_names: []] if policy(User).manage?
+      permitted_params = %i[name email image image_id]
+      if policy(User).manage?
+        permitted_params += [:activated,
+                             { role_names: [] }]
+      end
       if User.none? || (@user && policy(@user).change_password?)
         permitted_params += %i[password confirm_password]
       end
@@ -84,11 +88,13 @@ module Admin
     def user_params_with_roles
       return user_params unless policy(User).manage?
       { role_names: [] }.merge(user_params)
     end
     def require_no_users
       return unless User.any?
       flash[:error] = "Account holder already exists"
       redirect_to(admin_users_url)
     end

data/app/controllers/concerns/pages_core/admin/news_page_controller.rb CHANGED Viewed

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 module PagesCore
   module Admin
     module NewsPageController
@@ -6,26 +8,19 @@ module PagesCore
       included do
         before_action :require_news_pages, only: [:news]
         before_action :find_news_pages, only: %i[news new_news]
+        before_action :find_year_and_month, only: %i[news]
       end
       def news
         @archive_finder = archive_finder(@news_pages, @locale)
-        unless params[:year]
+        unless @year
           redirect_to(news_admin_pages_path(@locale,
                                             (@archive_finder.latest_year ||
                                              Time.zone.now.year)))
           return
         end
-        @year = params[:year]&.to_i
-        @month = params[:month]&.to_i
-        @pages = (if @month
-                    @archive_finder.by_year_and_month(@year, @month)
-                  else
-                    @archive_finder.by_year(@year)
-                  end).paginate(per_page: 50, page: params[:page])
+        @pages = @archive_finder.by_year_and_maybe_month(@year, @month)
+                                .paginate(per_page: 50, page: params[:page])
       end
       def new_news
@@ -48,12 +43,19 @@ module PagesCore
                           .in_locale(@locale)
                           .reorder("parent_page_id ASC, position ASC")
         return if @news_pages.any?
         redirect_to(admin_pages_url(@locale))
       end
+      def find_year_and_month
+        @year = params[:year]&.to_i
+        @month = params[:month]&.to_i
+      end
       # Redirect away if no news pages has been configured
       def require_news_pages
         return if Page.news_pages.any?
         redirect_to(admin_pages_url(@locale))
       end

data/app/controllers/concerns/pages_core/admin/persistent_params.rb ADDED Viewed

@@ -0,0 +1,75 @@
+# frozen_string_literal: true
+module PagesCore
+  module Admin
+    module PersistentParams
+      extend ActiveSupport::Concern
+      included do
+        before_action :restore_persistent_params
+        after_action :save_persistent_params
+      end
+      protected
+      # Loads persistent params from user model and merges with session.
+      def restore_persistent_params
+        return unless current_user&.persistent_data?
+        session[:persistent_params] ||= {}
+        session[:persistent_params] = current_user.persistent_data.merge(
+          session[:persistent_params]
+        )
+      end
+      # Saves persistent params from session to User model if applicable.
+      def save_persistent_params
+        return unless current_user && session[:persistent_params]
+        current_user.persistent_data = session[:persistent_params]
+        current_user.save
+      end
+      def persistent_params(namespace)
+        session[:persistent_params] ||= {}
+        session[:persistent_params][namespace] ||= {}
+        session[:persistent_params][namespace]
+      end
+      def coerce_persistent_param(value)
+        case value
+        when "true"
+          true
+        when "false"
+          false
+        else
+          value
+        end
+      end
+      def get_persistent_param(namespace, key, default)
+        if params.key?(key)
+          params[key]
+        elsif persistent_params(namespace).key?(key)
+          persistent_params(namespace)[key]
+        else
+          default
+        end
+      end
+      # Get a persistent param
+      def persistent_param(key, default = nil, options = {})
+        key = key.to_s
+        namespace = options[:namespace] || self.class.to_s
+        value = coerce_persistent_param(
+          get_persistent_param(namespace, key, default)
+        )
+        persistent_params(namespace)[key] = value unless value.nil?
+        value
+      end
+    end
+  end
+end

data/app/controllers/concerns/pages_core/authentication.rb CHANGED Viewed

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 module PagesCore
   module Authentication
     extend ActiveSupport::Concern
@@ -33,13 +35,14 @@ module PagesCore
         user = User.where(id: session[:current_user_id]).first
       end
-      return unless user && user.can_login?
+      return unless user&.can_login?
       authenticate!(user)
     end
     def finalize_authenticated_session
       return unless current_user
       session[:current_user_id] = current_user.id
     end
   end

data/app/controllers/concerns/pages_core/error_renderer.rb CHANGED Viewed

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 module PagesCore
   module ErrorRenderer
     extend ActiveSupport::Concern
@@ -23,6 +25,7 @@ module PagesCore
     def error_layout(error, options = {})
       return options[:layout] if options.key?(:layout)
       if error == 404 && PagesCore.config.error_404_layout?
         PagesCore.config.error_404_layout
       else

data/app/controllers/concerns/pages_core/error_reporting.rb ADDED Viewed

@@ -0,0 +1,36 @@
+# frozen_string_literal: true
+module PagesCore
+  module ErrorReporting
+    extend ActiveSupport::Concern
+    included do
+      before_action :configure_sentry_context
+    end
+    protected
+    def configure_sentry_context
+      if Object.const_defined?("Sentry")
+        Sentry.set_user(current_user_context)
+        Sentry.set_tags(locale: params[:locale] || I18n.default_locale.to_s)
+        Sentry.set_extras(params: params.to_unsafe_h)
+      elsif Object.const_defined?("Raven")
+        configure_legacy_sentry_context
+      end
+    end
+    def configure_legacy_sentry_context
+      Raven.user_context(current_user_context)
+      Raven.tags_context(locale: params[:locale] || I18n.default_locale.to_s)
+      Raven.extra_context(params: params.to_unsafe_h)
+    end
+    def current_user_context
+      return { user_id: :guest } unless logged_in?
+      { user_id: current_user.id,
+        user_email: current_user.email }
+    end
+  end
+end

data/app/controllers/concerns/pages_core/policies_helper.rb CHANGED Viewed

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 module PagesCore
   module PoliciesHelper
     extend ActiveSupport::Concern
@@ -33,7 +35,8 @@ module PagesCore
     end
     def verify_policy(record)
-      return true if policy(record).public_send(action_name + "?")
+      return true if policy(record).public_send("#{action_name}?")
       raise PagesCore::NotAuthorized
     end
   end

data/app/controllers/concerns/pages_core/preview_pages_controller.rb CHANGED Viewed

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 module PagesCore
   module PreviewPagesController
     extend ActiveSupport::Concern
@@ -8,6 +10,7 @@ module PagesCore
     def preview
       redirect_to(page_url(@locale, @page)) && return unless logged_in?
       @page.attributes = page_params.merge(
         status: 2,
         published_at: Time.zone.now,

data/app/controllers/concerns/pages_core/process_titler.rb CHANGED Viewed

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 module PagesCore
   module ProcessTitler
     extend ActiveSupport::Concern

data/app/controllers/concerns/pages_core/rss_controller.rb CHANGED Viewed

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 module PagesCore
   module RssController
     extend ActiveSupport::Concern

data/app/controllers/concerns/pages_core/static_cache_controller.rb ADDED Viewed

@@ -0,0 +1,48 @@
+# frozen_string_literal: true
+module PagesCore
+  module StaticCacheController
+    extend ActiveSupport::Concern
+    module ClassMethods
+      def static_cache(*actions, permanent: false)
+        return unless perform_caching
+        if permanent
+          after_action :cache_static_page_permanently, only: actions
+        else
+          after_action :cache_static_page, only: actions
+        end
+      end
+      alias caches_page static_cache
+    end
+    def disable_static_cache!
+      @static_cache_disabled = true
+    end
+    private
+    def cache_static_page
+      return unless static_cache_allowed?
+      PagesCore::StaticCache.handler.cache_page(
+        self, request, response
+      )
+    end
+    def cache_static_page_permanently
+      return unless static_cache_allowed?
+      PagesCore::StaticCache.handler.cache_page_permanently(
+        self, request, response
+      )
+    end
+    def static_cache_allowed?
+      (request.get? || request.head?) && response.status == 200 &&
+        perform_caching && !@static_cache_disabled
+    end
+  end
+end

data/app/controllers/errors_controller.rb CHANGED Viewed

@@ -1,13 +1,8 @@
+# frozen_string_literal: true
 class ErrorsController < ::ApplicationController
   layout "errors"
-  def report
-    report = decrypt_report(params[:error_report])
-    report[:user] = User.find_by(id: report[:user_id]) if report.key?(:user_id)
-    deliver_error_report(report, params[:email], params[:description])
-  end
   def show
     render_error params[:id].to_i
   end
@@ -30,54 +25,11 @@ class ErrorsController < ::ApplicationController
   def internal_error
     exception = request.env["action_dispatch.exception"]
-    if !exception
-      render_error 500
-    elsif exception.is_a?(PagesCore::NotAuthorized)
-      render_error 403
-    else
-      @report = encrypt_report(error_report(request, exception))
+    if exception
       wrapper = ActionDispatch::ExceptionWrapper.new(nil, exception)
       render_error wrapper.status_code
+    else
+      render_error 500
     end
   end
-  private
-  def deliver_error_report(report, from, description)
-    AdminMailer.error_report(report, from, description).deliver_now
-  end
-  def decrypt_report(str)
-    YAML.safe_load(report_encryptor.decrypt_and_verify(str))
-  end
-  def encrypt_report(report)
-    report_encryptor.encrypt_and_sign(report.to_yaml)
-  end
-  def error_report(request, exception)
-    { message:   exception.to_s,
-      url:       request.original_url,
-      env:       request.env.select { |_, v| v.is_a?(String) },
-      params:    params.to_unsafe_h,
-      session:   session.to_hash,
-      backtrace: exception_backtrace(exception),
-      timestamp: Time.now.utc,
-      user_id:   current_user.try(&:id) }
-  end
-  def exception_backtrace(exception)
-    Rails.backtrace_cleaner.send(:filter, exception.backtrace)
-  end
-  def report_encryptor
-    ActiveSupport::MessageEncryptor.new(
-      ActiveSupport::CachingKeyGenerator.new(
-        ActiveSupport::KeyGenerator.new(
-          Rails.application.secrets.secret_key_base,
-          iterations: 1000
-        )
-      ).generate_key("encrypted error report")
-    )
-  end
 end