radiant-reader-extension 1.3.13 → 2.0.0.rc4

data/lib/site_controller_extensions.rb

@@ -0,0 +1,35 @@
+module SiteControllerExtensions
+  
+  def self.included(base)
+    base.class_eval {
+      # NB. to control access without disabling the cache we have overridden Page.cache? 
+      # to return false for any page that has a group association. 
+      
+      def find_page_with_group_check(url)
+        page = find_page_without_group_check(url)
+        raise ReaderGroup::PermissionDenied if page && !page.visible_to?(current_reader)
+        page
+      end
+        
+      def show_page_with_group_check
+        show_page_without_group_check
+      rescue ReaderGroup::PermissionDenied
+        if current_reader
+          flash[:error] = t("reader_extension.access_denied")
+          redirect_to reader_permission_denied_url
+        else
+          flash[:explanation] = t("reader_extension.page_not_public")
+          flash[:error] = t("reader_extension.please_log_in")
+          store_location
+          redirect_to reader_login_url
+        end
+      end
+        
+      alias_method_chain :find_page, :group_check
+      alias_method_chain :show_page, :group_check
+    }
+  end
+end
+
+
+

data/public/javascripts/reader.js

@@ -45,7 +45,7 @@
 		  var url = self.attr('href');
 		  if (url) {
   		  self.addClass('waiting');
-        $.get(url, function (result) { self.replaceWith($(result)); });
+        $.get(url, function (result) { self.replaceWith($(result)); }, 'html');
 		  }
 		});
 		return this;

data/public/stylesheets/sass/reader.sass

@@ -1,11 +1,12 @@
 @import compass/css3
 
 $dark: #4d4e53
-$mid: #8c8d8e        
+$mid: #8c8d8e
 $pale: #afafaf
 $paler: #bdbdbd
 $verypale: #d6d6d4
-$accent = #d1005d
+$accent: #d1005d
+$warning: red
 
 =functional
   font-family: helvetica, arial, sans-serif
@@ -23,7 +24,7 @@ div.error, div.notice
   top: 50px
   right: 50px
   +border-radius
-  +box-shadow
+  +box-shadow($dark 2px 2px 4px)
   color: white
   padding: 1px 1em
   a.closer
@@ -55,15 +56,20 @@ p.administrative
   color: $pale
 
 img.gravatar
-  +box-shadow
+  +box-shadow($dark 2px 2px 4px)
   border: 3px solid white
   &.thumbnail
     margin: 2px 10px 10px 0
   &.big
     margin: 8px 10px 4px 0
   &.tiny
-    margin: 0 6px 4px 0
+    margin: 3px 6px 4px 0
     border: 1px solid white
+  &.left
+    float: left
+  &.right
+    float: right
+    margin: 8px 0 4px 10px
 
 form.friendly
   margin: 0 0 2em 0
@@ -82,10 +88,13 @@ form.friendly
   input.standard
     width: 95%
   span.formnote
+    +small
     color: $mid
   label
     &.required
       font-weight: bold
+  div.hidden, div.innocuous
+    display: none
   span.password
     display: block
     width: 95%
@@ -97,16 +106,17 @@ form.friendly
   span.error-with-field
     input, select
       border: 1px solid red
-      color: red
+      color: $warning
     span.error
+      +small
       line-height: 1.4
-      background-color: $accent
+      background-color: $warning
       color: white
       padding: 3px 6px
       margin: -5px 0 0 6px
       cursor: pointer
       +border-radius
-      +box-shadow
+      +box-shadow($dark 2px 2px 4px)
       a.closer
         margin-left: 10px
         color: white

data/radiant-reader-extension.gemspec

@@ -1,184 +1,38 @@
-# Generated by jeweler
-# DO NOT EDIT THIS FILE DIRECTLY
-# Instead, edit Jeweler::Tasks in Rakefile, and run the gemspec command
 # -*- encoding: utf-8 -*-
+$:.push File.expand_path("../lib", __FILE__)
+require "radiant-reader-extension"
 
 Gem::Specification.new do |s|
-  s.name = %q{radiant-reader-extension}
-  s.version = "1.3.13"
+  s.name        = "radiant-reader-extension"
+  s.version     = RadiantReaderExtension::VERSION
+  s.platform    = Gem::Platform::RUBY
+  s.authors     = RadiantReaderExtension::AUTHORS
+  s.email       = RadiantReaderExtension::EMAIL
+  s.homepage    = RadiantReaderExtension::URL
+  s.summary     = RadiantReaderExtension::SUMMARY
+  s.description = RadiantReaderExtension::DESCRIPTION
 
-  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
-  s.authors = ["spanner"]
-  s.date = %q{2011-02-16}
-  s.description = %q{Centralises reader/member/user registration and management tasks for the benefit of other extensions}
-  s.email = %q{will@spanner.org}
-  s.extra_rdoc_files = [
-    "README.md"
-  ]
-  s.files = [
-    ".gitignore",
-     "README.md",
-     "Rakefile",
-     "VERSION",
-     "app/controllers/admin/messages_controller.rb",
-     "app/controllers/admin/reader_configuration_controller.rb",
-     "app/controllers/admin/readers_controller.rb",
-     "app/controllers/messages_controller.rb",
-     "app/controllers/password_resets_controller.rb",
-     "app/controllers/reader_action_controller.rb",
-     "app/controllers/reader_activations_controller.rb",
-     "app/controllers/reader_sessions_controller.rb",
-     "app/controllers/readers_controller.rb",
-     "app/helpers/reader_helper.rb",
-     "app/models/message.rb",
-     "app/models/message_function.rb",
-     "app/models/message_reader.rb",
-     "app/models/reader.rb",
-     "app/models/reader_notifier.rb",
-     "app/models/reader_session.rb",
-     "app/views/admin/messages/_form.html.haml",
-     "app/views/admin/messages/_help.html.haml",
-     "app/views/admin/messages/_list_function.haml",
-     "app/views/admin/messages/_message_description.html.haml",
-     "app/views/admin/messages/edit.html.haml",
-     "app/views/admin/messages/index.haml",
-     "app/views/admin/messages/new.html.haml",
-     "app/views/admin/messages/preview.html.haml",
-     "app/views/admin/messages/show.html.haml",
-     "app/views/admin/reader_configuration/edit.html.haml",
-     "app/views/admin/reader_configuration/show.html.haml",
-     "app/views/admin/readers/_avatar.html.haml",
-     "app/views/admin/readers/_form.html.haml",
-     "app/views/admin/readers/_password_fields.html.haml",
-     "app/views/admin/readers/edit.html.haml",
-     "app/views/admin/readers/index.html.haml",
-     "app/views/admin/readers/new.html.haml",
-     "app/views/admin/readers/remove.html.haml",
-     "app/views/admin/sites/_choose_reader_layout.html.haml",
-     "app/views/messages/preview.html.haml",
-     "app/views/messages/show.html.haml",
-     "app/views/password_resets/create.html.haml",
-     "app/views/password_resets/edit.html.haml",
-     "app/views/password_resets/new.html.haml",
-     "app/views/reader_activations/_activation_required.haml",
-     "app/views/reader_activations/show.html.haml",
-     "app/views/reader_notifier/message.html.haml",
-     "app/views/reader_sessions/_login_form.html.haml",
-     "app/views/reader_sessions/new.html.haml",
-     "app/views/readers/_contributions.html.haml",
-     "app/views/readers/_controls.html.haml",
-     "app/views/readers/_extra_controls.html.haml",
-     "app/views/readers/_flasher.html.haml",
-     "app/views/readers/_form.html.haml",
-     "app/views/readers/_standard_parts.html.haml",
-     "app/views/readers/edit.html.haml",
-     "app/views/readers/index.html.haml",
-     "app/views/readers/login.html.haml",
-     "app/views/readers/new.html.haml",
-     "app/views/readers/permission_denied.html.haml",
-     "app/views/readers/show.html.haml",
-     "config/initializers/radiant_config.rb",
-     "config/locales/en.yml",
-     "config/routes.rb",
-     "db/migrate/001_create_readers.rb",
-     "db/migrate/002_extend_sites.rb",
-     "db/migrate/003_reader_honorifics.rb",
-     "db/migrate/004_user_readers.rb",
-     "db/migrate/005_last_login.rb",
-     "db/migrate/007_adapt_for_authlogic.rb",
-     "db/migrate/20090921125653_reader_messages.rb",
-     "db/migrate/20090924164413_functional_messages.rb",
-     "db/migrate/20090925081225_standard_messages.rb",
-     "db/migrate/20091006102438_message_visibility.rb",
-     "db/migrate/20091010083503_registration_config.rb",
-     "db/migrate/20091019124021_message_functions.rb",
-     "db/migrate/20091020133533_forenames.rb",
-     "db/migrate/20091020135152_contacts.rb",
-     "db/migrate/20091111090819_ensure_functional_messages_visible.rb",
-     "db/migrate/20091119092936_messages_have_layout.rb",
-     "db/migrate/20100922152338_lock_versions.rb",
-     "db/migrate/20101004074945_unlock_version.rb",
-     "db/migrate/20101019094714_message_sent_date.rb",
-     "lib/controller_extensions.rb",
-     "lib/reader_admin_ui.rb",
-     "lib/reader_site.rb",
-     "lib/reader_tags.rb",
-     "lib/rfc822.rb",
-     "lib/tasks/reader_extension_tasks.rake",
-     "public/images/admin/chk_off.png",
-     "public/images/admin/chk_on.png",
-     "public/images/admin/delta.png",
-     "public/images/furniture/no_gravatar.png",
-     "public/javascripts/reader.js",
-     "public/stylesheets/sass/admin/reader.sass",
-     "public/stylesheets/sass/reader.sass",
-     "radiant-reader-extension.gemspec",
-     "reader_extension.rb",
-     "spec/controllers/admin/messages_controller_spec.rb",
-     "spec/controllers/admin/readers_controller_spec.rb",
-     "spec/controllers/password_resets_controller_spec.rb",
-     "spec/controllers/reader_activations_controller_spec.rb",
-     "spec/controllers/readers_controller_spec.rb",
-     "spec/datasets/messages_dataset.rb",
-     "spec/datasets/reader_layouts_dataset.rb",
-     "spec/datasets/reader_sites_dataset.rb",
-     "spec/datasets/readers_dataset.rb",
-     "spec/lib/reader_admin_ui_spec.rb",
-     "spec/lib/reader_site_spec.rb",
-     "spec/matchers/reader_login_system_matcher.rb",
-     "spec/models/message_spec.rb",
-     "spec/models/reader_notifier_spec.rb",
-     "spec/models/reader_spec.rb",
-     "spec/spec.opts",
-     "spec/spec_helper.rb"
-  ]
-  s.homepage = %q{http://github.com/spanner/radiant-reader-extension}
-  s.rdoc_options = ["--charset=UTF-8"]
-  s.require_paths = ["lib"]
-  s.rubygems_version = %q{1.3.7}
-  s.summary = %q{User-services extension for Radiant CMS}
-  s.test_files = [
-    "spec/controllers/admin/messages_controller_spec.rb",
-     "spec/controllers/admin/readers_controller_spec.rb",
-     "spec/controllers/password_resets_controller_spec.rb",
-     "spec/controllers/reader_activations_controller_spec.rb",
-     "spec/controllers/readers_controller_spec.rb",
-     "spec/datasets/messages_dataset.rb",
-     "spec/datasets/reader_layouts_dataset.rb",
-     "spec/datasets/reader_sites_dataset.rb",
-     "spec/datasets/readers_dataset.rb",
-     "spec/lib/reader_admin_ui_spec.rb",
-     "spec/lib/reader_site_spec.rb",
-     "spec/matchers/reader_login_system_matcher.rb",
-     "spec/models/message_spec.rb",
-     "spec/models/reader_notifier_spec.rb",
-     "spec/models/reader_spec.rb",
-     "spec/spec_helper.rb"
-  ]
-
-  if s.respond_to? :specification_version then
-    current_version = Gem::Specification::CURRENT_SPECIFICATION_VERSION
-    s.specification_version = 3
+  s.add_dependency 'radiant-layouts-extension', "~> 0.9.1"
+  s.add_dependency 'radiant-mailer_layouts-extension', "~> 0.1.1"
+  s.add_dependency 'authlogic', "~> 2.1.6"
+  s.add_dependency 'sanitize', "~> 2.0.1"
 
-    if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then
-      s.add_runtime_dependency(%q<radiant>, [">= 0.9.0"])
-      s.add_runtime_dependency(%q<radiant-layouts-extension>, [">= 0"])
-      s.add_runtime_dependency(%q<radiant-mailer_layouts-extension>, [">= 0"])
-      s.add_runtime_dependency(%q<authlogic>, [">= 0"])
-      s.add_runtime_dependency(%q<sanitize>, [">= 0"])
-    else
-      s.add_dependency(%q<radiant>, [">= 0.9.0"])
-      s.add_dependency(%q<radiant-layouts-extension>, [">= 0"])
-      s.add_dependency(%q<radiant-mailer_layouts-extension>, [">= 0"])
-      s.add_dependency(%q<authlogic>, [">= 0"])
-      s.add_dependency(%q<sanitize>, [">= 0"])
-    end
+  ignores = if File.exist?('.gitignore')
+    File.read('.gitignore').split("\n").inject([]) {|a,p| a + Dir[p] }
   else
-    s.add_dependency(%q<radiant>, [">= 0.9.0"])
-    s.add_dependency(%q<radiant-layouts-extension>, [">= 0"])
-    s.add_dependency(%q<radiant-mailer_layouts-extension>, [">= 0"])
-    s.add_dependency(%q<authlogic>, [">= 0"])
-    s.add_dependency(%q<sanitize>, [">= 0"])
+    []
   end
-end
+  s.files         = Dir['**/*'] - ignores
+  s.test_files    = Dir['test/**/*','spec/**/*','features/**/*'] - ignores
+  # s.executables   = Dir['bin/*'] - ignores
+  s.require_paths = ["lib"]
+
+  s.post_install_message = %{
+  Add this to your radiant project with:
+
+    config.gem 'radiant-reader-extension', :version => '~> #{RadiantReaderExtension::VERSION}'
+
+  and please remember to enable ActionMailer in your project's config/environment.rb.
+  }
 
+end

data/reader_extension.rb

@@ -1,18 +1,23 @@
 require_dependency 'application_controller'
+require 'radiant-reader-extension'
 
 class ReaderExtension < Radiant::Extension
-  version "1.3.13"
-  description "Provides reader/member/user registration and management functions"
-  url "http://spanner.org/radiant/reader"
+  version RadiantReaderExtension::VERSION
+  description RadiantReaderExtension::DESCRIPTION
+  url RadiantReaderExtension::URL
   
   extension_config do |config|
-    config.gem 'authlogic'
+    config.gem "authlogic"
     config.gem 'sanitize'
   end
   
+  migrate_from 'Reader Group', 20110214101339
+  
   def activate
-    Reader
+    ActiveRecord::Base.send :include, GroupedModel                                # has_group mechanism for any model that can belong_to a group
     ApplicationController.send :include, ControllerExtensions                     # hooks up reader authentication and layout-chooser
+    SiteController.send :include, SiteControllerExtensions                        # access control based on group membership
+    Page.send :include, GroupedPage                                               # group associations and visibility decisions
     Site.send :include, ReaderSite if defined? Site                               # adds site scope and site-based layout-chooser
     Page.send :include, ReaderTags                                                # a few mailmerge-like radius tags for use in messages, or for greeting readers on (uncached) pages
     UserActionObserver.instance.send :add_observer!, Reader 
@@ -22,27 +27,30 @@ class ReaderExtension < Radiant::Extension
       Radiant::AdminUI.send :include, ReaderAdminUI
       Radiant::AdminUI.load_reader_extension_regions
     end
-        
-    if respond_to?(:tab)
-      tab("Readers") do
-        add_item("Readers", "/admin/readers")
-        add_item("Messages", "/admin/readers/messages")
-        add_item("Settings", "/admin/readers/reader_configuration")
-      end
-      tab("Settings") do
-        add_item("Reader", "/admin/readers/reader_configuration")
-      end
-    else
-      admin.tabs.add "Readers", "/admin/readers", :after => "Layouts", :visibility => [:all]
-      if admin.tabs['Readers'].respond_to?(:add_link)
-        admin.tabs['Readers'].add_link('readers', '/admin/readers')
-        admin.tabs['Readers'].add_link('messages', '/admin/readers/messages')
-        admin.tabs['Readers'].add_link('settings', '/admin/readers/reader_configuration')
-      end
+    
+    admin.page.edit.add :layout, "page_groups"
+    
+    tab("Readers") do
+      add_item("Readers", "/admin/readers")
+      add_item("Groups", "/admin/readers/groups")
+      add_item("Messages", "/admin/readers/messages")
+      add_item("Settings", "/admin/readers/reader_configuration")
+    end
+    tab("Settings") do
+      add_item("Reader", "/admin/readers/reader_configuration")
     end
   end
   
   def deactivate
-    admin.tabs.remove "Readers" unless respond_to? :tab
+
+  end
+end
+
+module ReaderGroup
+  class Exception < StandardError
+    def initialize(message = "Sorry: group problem"); super end
+  end
+  class PermissionDenied < Exception
+    def initialize(message = "Sorry: you don't have access to that"); super end
   end
 end

data/spec/controllers/admin/messages_controller_spec.rb

@@ -1,7 +1,7 @@
 require File.dirname(__FILE__) + "/../../spec_helper"
 
 describe Admin::MessagesController do
-  dataset :messages
+  dataset :readers
   
   it "should be a ResourceController" do
     controller.should be_kind_of(Admin::ResourceController)

data/spec/controllers/admin/readers_controller_spec.rb

@@ -1,7 +1,6 @@
 require File.dirname(__FILE__) + "/../../spec_helper"
 
 describe Admin::ReadersController do
-  dataset :users
   dataset :readers
   
   it "should be a ResourceController" do

data/spec/controllers/password_resets_controller_spec.rb

@@ -1,7 +1,7 @@
 require File.dirname(__FILE__) + '/../spec_helper'
 
 describe PasswordResetsController do
-  dataset :readers, :messages
+  dataset :readers
   
   before do
     controller.stub!(:request).and_return(request)

data/spec/controllers/reader_activations_controller_spec.rb

@@ -1,7 +1,7 @@
 require File.dirname(__FILE__) + '/../spec_helper'
 
 describe ReaderActivationsController do
-  dataset :messages
+  dataset :readers
   
   before do
     controller.stub!(:request).and_return(request)

data/spec/controllers/readers_controller_spec.rb

@@ -1,7 +1,7 @@
 require File.dirname(__FILE__) + '/../spec_helper'
 
 describe ReadersController do
-  dataset :readers, :messages
+  dataset :readers
   
   before do
     controller.stub!(:request).and_return(request)
@@ -11,6 +11,11 @@ describe ReadersController do
   end
     
   describe "with a get to new" do
+    before do
+      @reader = Reader.new
+      Reader.stub!(:new).and_return(@reader)
+    end
+    
     it "should render the registration screen" do
       get :new
       response.should be_success
@@ -18,38 +23,68 @@ describe ReadersController do
     end
     
     it "should generate a secret email field name" do
-      
+      newreader = Reader.new
+      Reader.stub!(:new).and_return(newreader)
+      Authlogic::Random.should_receive(:friendly_token).at_least(:once).and_return("hello_dolly")
+      get :new
+      newreader.email_field.should == "hello_dolly"
+      session[:email_field].should == "hello_dolly"
     end
   end
   
   describe "with a registration" do
-    before do
-      session[:email_field] = @email_field = 'randomstring'
-      post :create, :reader => {:name => "registering user", :password => "password", :password_confirmation => "password"}, :randomstring => 'registrant@spanner.org'
-      @reader = Reader.find_by_name('registering user')
-    end
     
-    it "should create a new reader" do
-      @reader.should_not be_nil
-    end
+    describe "that validates" do
+      before do
+        session[:email_field] = 'gibberish'
+        post :create, :reader => {:name => "registering user", :password => "password", :password_confirmation => "password"}, :gibberish => 'registrant@spanner.org'
+        @newreader = Reader.find_by_name("registering user")
+      end
+      it "should create a new reader" do
+        @newreader.should_not be_nil
+        @newreader.new_record?.should be_false
+        @newreader.should be_valid
+      end
 
-    it "should set the current reader" do
-      controller.send(:current_reader).should == @reader
-    end
+      it "should set the current reader" do
+        controller.send(:current_reader).should == @newreader
+      end
 
-    it "should have deobfuscated the email field" do
-      @reader.email.should == 'registrant@spanner.org'
-    end
+      it "should have deobfuscated the email field" do
+        @newreader.email.should == 'registrant@spanner.org'
+      end
 
-    if defined? Site
-      it "should have assigned the new reader to the current site" do
-        @reader.site.should == sites(:test)
+      it "should redirect to the please-activate page" do
+        response.should be_redirect
+        response.should redirect_to(reader_activation_url)
       end
     end
+    
+    describe "that does not validate" do
+      before do
+        session[:email_field] = 'gibberish'
+        @newreader = Reader.new
+        Reader.stub!(:new).and_return(@newreader)
+        post :create, :reader => {:name => "registering user", :password => "password", :password_confirmation => "passwrd"}, :gibberish => 'registrant@spanner.org'
+      end
+      
+      it "should not create the user" do
+        @newreader.new_record?.should be_true
+      end
 
-    it "should redirect to the please-activate page" do
-      response.should be_redirect
-      response.should redirect_to(reader_activation_url)
+      it "should not set the current reader" do
+        controller.send(:current_reader).should be_nil
+      end
+
+      it "should return to the registration form" do
+        response.should be_success
+        response.should render_template('new')
+      end
+      
+      it "should set validation error messages" do
+        @newreader.errors.should_not be_empty
+        @newreader.errors.on(:password).should_not be_empty
+      end
     end
     
     describe "with the trap field filled in" do
@@ -79,6 +114,14 @@ describe ReadersController do
         # controller.stub!(:current_reader_session).and_return(rsession)
       end
   
+      it "should route '/account' to my account" do
+        params_from(:get, '/account').should == {:controller => 'readers', :action => 'edit'}
+      end
+
+      it "should route '/profile' to my account" do
+        params_from(:get, '/profile').should == {:controller => 'readers', :action => 'show'}
+      end
+
       it "should consent to show another reader page" do 
         get :show, :id => reader_id(:visible)
         response.should be_success
@@ -123,9 +166,9 @@ describe ReadersController do
       login_as_reader(:normal)
     end
 
-    describe "that includes the correct password" do
+    describe "that is valid" do
       before do
-        put :update, {:id => reader_id(:normal), :reader => {:name => "New Name", :current_password => 'password'}}
+        put :update, {:id => reader_id(:normal), :reader => {:name => "New Name"}}
         @reader = readers(:normal)
       end
       
@@ -140,22 +183,6 @@ describe ReadersController do
       
     end
 
-    describe "that does not include the correct password" do
-      before do
-        put :update, {:id => reader_id(:normal), :reader => {:name => "New Name"}, :current_password => 'wrongo'}
-        @reader = readers(:normal)
-      end
-
-      it "should not update the reader" do 
-        @reader.name.should == 'Normal'
-      end
-
-      it "should re-render the edit form" do 
-        response.should be_success
-        response.should render_template("edit")
-      end
-    end
-
     describe "that does not validate" do
       before do
         put :update, {:id => reader_id(:normal), :reader => {:login => "visible@spanner.org"}, :current_password => 'password'}