proclaim 0.5.6 → 0.6.0

data/app/controllers/proclaim/comments_controller.rb

@@ -1,7 +1,7 @@
-require_dependency "proclaim/application_controller"
+#require_dependency "proclaim/application_controller"
 
 module Proclaim
-	class CommentsController < ApplicationController
+	class CommentsController < Proclaim::ApplicationController
 		before_action :authenticate_author, only: [:destroy]
 		after_action :verify_authorized
 		before_action :set_comment, only: [:update, :destroy]
@@ -9,41 +9,16 @@ module Proclaim
 		def create
 			@comment = Comment.new(comment_params)
 
-			subscription = nil
-			if subscription_params and subscription_params[:subscribe]
-				subscription = Subscription.new(name: @comment.author,
-				                                email: subscription_params[:email],
-				                                post: @comment.post)
-			end
-
 			errors = Array.new
 			options = Hash.new
 			options[:success_json] = lambda {comment_json(@comment)}
 			options[:failure_json] = lambda {errors}
 			options[:operation] = lambda do
-				respond_to do |format|
-					begin
-						# Wrap saving the comment in a transaction, so if the
-						# subscription fails to save, the comment doesn't save either
-						# (and vice-versa).
-						Comment.transaction do
-							@comment.save!
-
-							if subscription
-								subscription.save!
-							end
-
-							return true
-						end
-					rescue ActiveRecord::RecordInvalid
-						errors += @comment.errors.full_messages
-
-						if subscription
-							errors += subscription.errors.full_messages
-						end
-
-						return false
-					end
+				if @comment.save
+					return true
+				else
+					errors += @comment.errors.full_messages
+					return false
 				end
 			end
 
@@ -91,17 +66,13 @@ module Proclaim
 
 		# Only allow a trusted parameter "white list" through.
 		def comment_params
-			params.require(:comment).permit(:body,
-			                                :author,
-			                                :post_id,
-			                                :parent_id)
-		end
-
-		def subscription_params
-			if params[:subscription]
-				params.require(:subscription).permit(:subscribe,
-			                                        :email)
+			p = params.require(:comment).permit(
+				:body, :author, :post_id, :parent_id,
+				subscription_attributes: [:email])
+			if params[:subscribe] && p.include?('subscription_attributes')
+				p[:subscription_attributes].merge!({name: p[:author]})
 			end
+			p
 		end
 
 		def antispam_params

data/app/controllers/proclaim/posts_controller.rb

@@ -1,7 +1,7 @@
-require_dependency "proclaim/application_controller"
+#require_dependency "proclaim/application_controller"
 
 module Proclaim
-	class PostsController < ApplicationController
+	class PostsController < Proclaim::ApplicationController
 		before_action :authenticate_author, except: [:index, :show]
 		after_action :verify_authorized
 		after_action :verify_policy_scoped, only: :index
@@ -15,19 +15,13 @@ module Proclaim
 
 		# GET /posts/1
 		def show
-			begin
-				authorize @post
-
-				# If an old id or a numeric id was used to find the record, then
-				# the request path will not match the post_path, and we should do
-				# a 301 redirect that uses the current friendly id.
-				if request.path != post_path(@post)
-					return redirect_to @post, status: :moved_permanently
-				end
-			rescue Pundit::NotAuthorizedError
-				# Don't leak that this resource actually exists. Turn the
-				# "permission denied" into a "not found"
-				raise ActiveRecord::RecordNotFound
+			authorize @post
+
+			# If an old id or a numeric id was used to find the record, then
+			# the request path will not match the post_path, and we should do
+			# a 301 redirect that uses the current friendly id.
+			if request.path != post_path(@post)
+				return redirect_to @post, status: :moved_permanently
 			end
 		end
 
@@ -47,22 +41,13 @@ module Proclaim
 			@post = Post.new(post_params)
 			@post.author = current_author
 
+			if params[:publish] == "true"
+				@post.publish
+			end
+
 			authorize @post
 
-			# Save here before potentially publishing, so we can save images
 			if @post.save
-
-				if params[:publish] == "true"
-					@post.publish
-					authorize @post # Re-authorize now that it's to be published
-				end
-
-				# Save and rewrite each image in Carrierwave's cache
-				@post.body = saved_and_rewrite_cached_images(@post.body)
-
-				# Save again, in case the body changed or it was published
-				@post.save
-
 				redirect_to @post, notice: 'Post was successfully created.'
 			else
 				render :new
@@ -80,12 +65,7 @@ module Proclaim
 
 			authorize @post
 
-			if @post.valid?
-				# Save and rewrite each image in Carrierwave's cache
-				@post.body = saved_and_rewrite_cached_images(@post.body)
-
-				@post.save
-
+			if @post.save
 				redirect_to @post, notice: 'Post was successfully updated.'
 			else
 				render :edit
@@ -102,6 +82,16 @@ module Proclaim
 
 		private
 
+		def user_not_authorized(exception)
+			if exception.policy.is_a? PostPolicy and exception.query == "show?"
+				# Don't leak that this resource actually exists. Turn the
+				# "permission denied" into a "not found"
+				raise ActiveRecord::RecordNotFound
+			else
+				super()
+			end
+		end
+
 		# Use callbacks to share common setup or constraints between actions.
 		def set_post
 			@post = Post.friendly.find(params[:id])
@@ -114,29 +104,7 @@ module Proclaim
 				params[:post][:title] = HTMLEntities.new.decode(Rails::Html::FullSanitizer.new.sanitize(params[:post][:title]))
 			end
 
-			params.require(:post).permit(:title,
-			                             :body,
-			                             images_attributes: [:id, :image, :_destroy])
-		end
-
-		def saved_and_rewrite_cached_images(body)
-			document = Nokogiri::HTML.fragment(body)
-			cache_path = ImageUploader.cache_dir
-			document.css("img").each do |image_tag|
-				url = image_tag.attributes["src"].value
-				if url.include? cache_path
-					cache_name = cache_name_from_url(url)
-					if cache_name
-						image = @post.images.build
-						image.image.retrieve_from_cache!(cache_name)
-						image.save
-
-						image_tag.attributes["src"].value = image.image.url
-					end
-				end
-			end
-
-			document.inner_html
+			params.require(:post).permit(:title, :body, :quill_body)
 		end
 	end
 end

data/app/controllers/proclaim/subscriptions_controller.rb

@@ -1,13 +1,13 @@
-require_dependency "proclaim/application_controller"
+#require_dependency "proclaim/application_controller"
 
 module Proclaim
-	class SubscriptionsController < ApplicationController
+	class SubscriptionsController < Proclaim::ApplicationController
 		after_action :verify_authorized
 		after_action :verify_policy_scoped, only: :index
 		before_action :set_subscription, only: [:show, :edit, :update, :destroy]
 
 		def index
-			@subscriptions = policy_scope(Subscription).order(:post_id, :name)
+			@subscriptions = policy_scope(Subscription).order(:comment_id, :name)
 			authorize Subscription
 		end
 

data/app/jobs/proclaim/application_job.rb

@@ -0,0 +1,4 @@
+module Proclaim
+  class ApplicationJob < ActiveJob::Base
+  end
+end

data/app/mailers/proclaim/application_mailer.rb

@@ -0,0 +1,5 @@
+module Proclaim
+	class ApplicationMailer < ActionMailer::Base
+		default from: Proclaim.mailer_sender || default_params[:from] || "from@example.com"
+	end
+end

data/app/mailers/proclaim/subscription_mailer.rb

@@ -1,10 +1,8 @@
 module Proclaim
-	class SubscriptionMailer < ActionMailer::Base
-		default from: Proclaim.mailer_sender || default_params[:from] || "from@example.com"
-
-		def welcome_email(subscription)
-			@subscription = subscription
+	class SubscriptionMailer < ApplicationMailer
+		before_action :set_subscription
 
+		def welcome_email
 			message = Premailer.new(render_to_string, with_html_string: true, base_url: root_url)
 			base_url = root_url.gsub(/\A.*:\/\//, '').gsub(/\A(.*?)\/*\z/, '\1')
 
@@ -14,30 +12,34 @@ module Proclaim
 			end
 		end
 
-		def new_comment_notification_email(subscription, comment)
-			@subscription = subscription
-			@comment = comment
+		def new_comment_notification_email
+			@comment = Comment.find(params[:comment_id])
 
 			message = Premailer.new(render_to_string, with_html_string: true, base_url: root_url)
 
 			mail to: @subscription.email,
-			     subject: "New Comment On \"#{@comment.post.title}\"" do |format|
-				format.html { message.to_inline_css }
-				format.text { message.to_plain_text }
+				subject: "New Comment On \"#{@comment.post.title}\"" do |format|
+					format.html { message.to_inline_css }
+					format.text { message.to_plain_text }
 			end
 		end
 
-		def new_post_notification_email(subscription, post)
-			@subscription = subscription
-			@post = post
+		def new_post_notification_email
+			@post = Post.find(params[:post_id])
 
 			message = Premailer.new(render_to_string, with_html_string: true, base_url: root_url)
 
 			mail to: @subscription.email,
-			     subject: "New Post: #{@post.title}" do |format|
-				format.html { message.to_inline_css }
-				format.text { message.to_plain_text }
+				subject: "New Post: #{@post.title}" do |format|
+					format.html { message.to_inline_css }
+					format.text { message.to_plain_text }
 			end
 		end
+
+		private
+
+		def set_subscription
+			@subscription = Subscription.find(params[:subscription_id])
+		end
 	end
 end

data/app/models/proclaim/application_record.rb

@@ -0,0 +1,5 @@
+module Proclaim
+  class ApplicationRecord < ActiveRecord::Base
+    self.abstract_class = true
+  end
+end

data/app/models/proclaim/comment.rb

@@ -15,12 +15,17 @@ module Proclaim
 	class Comment < ActiveRecord::Base
 		acts_as_tree order: 'created_at ASC', dependent: :destroy
 		belongs_to :post, inverse_of: :comments
+		has_one :subscription, inverse_of: :comment, dependent: :destroy
 		after_initialize :maintainPost
-		after_create :notifyPostSubscribers
+
+		# Using after_commit since we use deliver_later and re-load them from the database
+		after_create_commit :notifyPostSubscribers
 		after_create { Proclaim.notify_new_comment(self) }
 
 		validates_presence_of :body, :author, :post
 
+		accepts_nested_attributes_for :subscription, reject_if: :all_blank
+
 		private
 
 		def maintainPost

data/app/models/proclaim/post.rb

@@ -2,23 +2,23 @@
 #
 # Table name: proclaim_posts
 #
-#  id               :integer          not null, primary key
-#  author_id        :integer
-#  title            :string           default(""), not null
-#  body             :text             default(""), not null
-#  published        :boolean          default("f"), not null
-#  publication_date :datetime
-#  created_at       :datetime         not null
-#  updated_at       :datetime         not null
+#  id           :integer          not null, primary key
+#  author_id    :integer
+#  title        :string           default(""), not null
+#  body         :text             default(""), not null
+#  quill_body   :text             default(""), not null
+#  state        :string           default("draft"), not null
+#  slug         :string
+#  published_at :datetime
+#  created_at   :datetime         not null
+#  updated_at   :datetime         not null
 #
 
 module Proclaim
 	class Post < ActiveRecord::Base
 		belongs_to :author, class_name: Proclaim.author_class
 		has_many :comments, inverse_of: :post, dependent: :destroy
-		has_many :subscriptions, inverse_of: :post, dependent: :destroy
-		has_many :images, inverse_of: :post, dependent: :destroy
-		accepts_nested_attributes_for :images, allow_destroy: true
+		has_many :subscriptions, through: :comments
 
 		extend FriendlyId
 		friendly_id :slug_candidates, use: :history
@@ -40,13 +40,13 @@ module Proclaim
 		validates_presence_of :published_at, if: :published?
 		validates :published_at, absence: true, unless: :published?
 
-		validates_presence_of :title, :body, :author
+		validates_presence_of :title, :body, :quill_body, :author
 		validate :verifyBodyHtml
 
 		after_validation :move_friendly_id_error_to_title
 
-		before_save :sanitizeBody
-		after_save :notifyBlogSubscribersIfPublished
+		# Using after_commit since we use deliver_later and re-load them from the database
+		after_commit :notifyBlogSubscribersIfPublished, on: [:create, :update]
 
 		# Only save the slug history if the post is published
 		def create_slug
@@ -60,7 +60,7 @@ module Proclaim
 
 		attr_writer :excerpt_length
 		def excerpt_length
-			@excerpt_length || Proclaim.excerpt_length
+			@excerpt_length ||= Proclaim.excerpt_length
 		end
 
 		def body_plaintext
@@ -79,7 +79,10 @@ module Proclaim
 
 		def notifyPostSubscribers(newComment)
 			subscriptions.each do | subscription |
-				subscription.deliver_new_comment_notification_email(newComment)
+				# Don't notify the commenter of own comment
+				if subscription.comment_id != newComment.id
+					subscription.deliver_new_comment_notification_email(newComment)
+				end
 			end
 		end
 
@@ -110,17 +113,6 @@ module Proclaim
 			end
 		end
 
-		def sanitizeBody
-			unless Proclaim.editor_whitelist_tags.blank? and
-			       Proclaim.editor_whitelist_attributes.blank?
-				sanitizer = Rails::Html::WhiteListSanitizer.new
-				self.body = sanitizer.sanitize(
-				                   body,
-				                   tags: Proclaim.editor_whitelist_tags,
-				                   attributes: Proclaim.editor_whitelist_attributes)
-			end
-		end
-
 		def takeExcerptOf(text)
 			if excerpt_length >= text.length
 				return text
@@ -168,7 +160,7 @@ module Proclaim
 
 		def notifyBlogSubscribersIfPublished
 			# If we just published this post, notify the subscribers
-			if published? and state_changed?
+			if published? and saved_change_to_state?
 				Proclaim.notify_post_published(self)
 
 				Subscription.blog_subscriptions.each do | subscription |

data/app/models/proclaim/subscription.rb

@@ -3,7 +3,8 @@
 # Table name: proclaim_subscriptions
 #
 #  id         :integer          not null, primary key
-#  post_id    :integer
+#  comment_id :integer
+#  name       :string           default(""), not null
 #  email      :string
 #  created_at :datetime         not null
 #  updated_at :datetime         not null
@@ -11,33 +12,39 @@
 
 module Proclaim
 	class Subscription < ActiveRecord::Base
-		scope :blog_subscriptions, -> { where(post_id: nil) }
-		belongs_to :post, inverse_of: :subscriptions
+		scope :blog_subscriptions, -> { where(comment_id: nil) }
+		belongs_to :comment, inverse_of: :subscription, optional: true
 
-		after_create :deliver_welcome_email
+		# Get the comment's post as our own
+		delegate :post, to: :comment, allow_nil: true
+
+		# Using after_commit since we use deliver_later and re-load them from the database
+		after_create_commit :deliver_welcome_email
 		after_create { Proclaim.notify_new_subscription(self) }
 
 		# RFC-compliant email addresses are way nasty to match with regex, so why
 		# try? We'll be sending them an email anyway-- if they don't get it, they
 		# can re-subscribe. We'll just do an easy validation match here.
-		validates :email, uniqueness: { scope: :post_id, case_sensitive: false }, format: { with: /@/ }
+		validates :email, format: { with: /@/ }
 
 		validates_presence_of :name
 
-		# Subscriptions aren't required to belong to a post, but if we're given
-		# one it had better be valid
-		validates_presence_of :post, if: :post_id
+		# Subscriptions aren't required to belong to a comment, but if we're
+		# given one it had better be valid
+		validates_presence_of :comment, if: :comment_id
+
+		validate :email_is_unique
 
 		def deliver_welcome_email
-			SubscriptionMailer.welcome_email(self).deliver_later
+			SubscriptionMailer.with(subscription_id: id).welcome_email.deliver_later
 		end
 
 		def deliver_new_post_notification_email(post)
-			SubscriptionMailer.new_post_notification_email(self, post).deliver_later
+			SubscriptionMailer.with(subscription_id: id, post_id: post.id).new_post_notification_email.deliver_later
 		end
 
 		def deliver_new_comment_notification_email(comment)
-			SubscriptionMailer.new_comment_notification_email(self, comment).deliver_later
+			SubscriptionMailer.with(subscription_id: id, comment_id: comment.id).new_comment_notification_email.deliver_later
 		end
 
 		def token
@@ -60,5 +67,20 @@ module Proclaim
 		def self.create_token(subscription)
 			verifier.generate(subscription.id)
 		end
+
+		private
+
+		def email_is_unique
+			other_subscriptions = Subscription.where(email: email)
+			unless other_subscriptions.empty?
+				other_subscriptions.each do | other_subscription |
+					if comment.nil? && other_subscription.comment.nil?
+						errors.add(:email, "is already subscribed")
+					elsif comment.post == other_subscription.post
+						errors.add(:email, "is already subscribed to comments on this post")
+					end
+				end
+			end
+		end
 	end
 end