RubyGems - spina - Versions diffs - 2.1.1 → 2.3.2 - Mend

spina 2.1.1 → 2.3.2

Potentially problematic release.

This version of spina might be problematic. Click here for more details.

Files changed (76) hide show

data/app/components/spina/media_picker/modal_component.html.erb CHANGED Viewed

@@ -25,7 +25,7 @@
         </div>
         <div class="md:w-72 p-4 border-t rounded-b-lg md:rounded-none md:border-t-0 border-gray-200 flex flex-col justify-between bg-gray-100 md:bg-opacity-50 md:rounded-l-lg">
-          <div class="hidden md:block md:mb-6">
+          <div class="hidden md:block md:mb-6 overflow-scroll">
             <%= link_to helpers.spina.admin_media_picker_path, class: "font-medium w-full text-sm px-3 py-2 rounded-lg flex items-center justify-between #{media_folder_classes(nil)}", data: {turbo_frame: "media_picker"} do %>
               <div class="flex items-center">
                 <%= helpers.heroicon("collection", style: :solid, class: "w-5 h-5 mr-2 text-spina-light") %>
@@ -36,7 +36,7 @@
                 <%= image_count %>
               </div>
             <% end %>
             <% media_folders.each do |media_folder| %>
               <%= link_to helpers.spina.admin_media_picker_path(media_folder_id: media_folder.id), class: "font-medium w-full text-gray-600 text-sm px-3 py-2 cursor-pointer rounded-lg flex items-center justify-between #{media_folder_classes(media_folder)}", data: {turbo_frame: "media_picker"} do %>
                 <div class="flex items-center">

data/app/controllers/concerns/spina/api/paginable.rb ADDED Viewed

@@ -0,0 +1,44 @@
+module Spina
+  module Api
+    module Paginable
+      extend ActiveSupport::Concern
+      private
+        def pagination(records)
+          paginated_records = records.page(params[:page]).per(params[:per_page])
+          [paginated_records, {
+            meta: pagination_meta(paginated_records),
+            links: pagination_links(paginated_records)
+          }]
+        end
+        def pagination_meta(paginated_records)
+          {
+            current_page: paginated_records.current_page,
+            total: paginated_records.total_count,
+            per_page: paginated_records.limit_value,
+            path: view_context.url_for(only_path: true)
+          }
+        end
+        def pagination_links(paginated_records)
+          {
+            first: path_to_first_page,
+            prev: view_context.path_to_prev_page(paginated_records),
+            next: view_context.path_to_next_page(paginated_records),
+            last: path_to_last_page(paginated_records)
+          }
+        end
+        def path_to_first_page
+          view_context.url_for(page: 1, per_page: params[:per_page], only_path: true)
+        end
+        def path_to_last_page(paginated_records)
+          view_context.url_for(page: paginated_records.total_pages, per_page: params[:per_page], only_path: true)
+        end
+    end
+  end
+end

data/app/controllers/concerns/spina/current_account.rb ADDED Viewed

@@ -0,0 +1,17 @@
+module Spina
+  module CurrentAccount
+    extend ActiveSupport::Concern
+    included do
+      before_action :current_account
+      helper_method :current_account
+    end
+    private
+      def current_account
+        Spina::Current.account ||= ::Spina::Account.first
+      end
+  end
+end

data/app/controllers/concerns/spina/current_theme.rb ADDED Viewed

@@ -0,0 +1,17 @@
+module Spina
+  module CurrentTheme
+    extend ActiveSupport::Concern
+    included do
+      before_action :current_theme
+      helper_method :current_theme
+    end
+    private
+      def current_theme
+        Spina::Current.theme ||= ::Spina::Theme.find_by_name(current_account.theme)
+      end
+  end
+end

data/app/controllers/spina/admin/admin_controller.rb CHANGED Viewed

@@ -1,13 +1,14 @@
 module Spina
   module Admin
     class AdminController < ActionController::Base
-      include Spina::CurrentMethods
+      include Spina.config.authentication.constantize
+      include Spina::CurrentAccount, Spina::CurrentTheme
       helper Spina::Engine.helpers
       before_action :add_view_path
       before_action :set_admin_locale
-      before_action :authorize_spina_user
+      before_action :authenticate
       admin_section :content
@@ -25,14 +26,6 @@ module Spina
         def set_admin_locale
           I18n.locale = I18n.default_locale
         end
-        def authorize_spina_user
-          redirect_to admin_login_path, flash: {information: I18n.t('spina.notifications.login')} unless current_spina_user
-        end
-        def authorize_admin
-          render status: 401 unless current_spina_user.admin?
-        end
         def add_view_path
           prepend_view_path Spina::Engine.root.join('app/views/spina/admin')

data/app/controllers/spina/admin/pages_controller.rb CHANGED Viewed

@@ -11,11 +11,11 @@ module Spina
         if params[:resource_id]
           @resource = Resource.find(params[:resource_id])
-          @page_templates = Current.theme.new_page_templates(recommended: @resource.view_template)
+          @page_templates = Spina::Current.theme.new_page_templates(recommended: @resource.view_template)
           @pages = @resource.pages.active.roots.includes(:translations)
         else
           @pages = Page.active.sorted.roots.main.includes(:translations)
-          @page_templates = Current.theme.new_page_templates
+          @page_templates = Spina::Current.theme.new_page_templates
         end
       end

data/app/controllers/spina/admin/password_resets_controller.rb CHANGED Viewed

@@ -3,7 +3,7 @@ module Spina
     class PasswordResetsController < AdminController
       layout "spina/admin/sessions"
-      skip_before_action :authorize_spina_user
+      skip_before_action :authenticate
       def new
       end

data/app/controllers/spina/admin/sessions_controller.rb CHANGED Viewed

@@ -1,7 +1,7 @@
 module Spina
   module Admin
     class SessionsController < AdminController
-      skip_before_action :authorize_spina_user
+      skip_before_action :authenticate
       def new
       end

data/app/controllers/spina/admin/users_controller.rb CHANGED Viewed

@@ -1,6 +1,7 @@
 module Spina
   module Admin
     class UsersController < AdminController
+      before_action :authorize_authentication_module
       before_action :authorize_admin, except: [:index]
       before_action :set_user, only: [:edit, :update, :destroy]
@@ -47,7 +48,7 @@ module Spina
       end
       def destroy
-        if @user != current_spina_user
+        if @user != current_spina_user
           @user.destroy
           redirect_to spina.admin_users_url, flash: {success: t('spina.users.deleted')}
         end
@@ -66,6 +67,15 @@ module Spina
         def set_user
           @user = User.find(params[:id])
         end
+        def authorize_authentication_module
+          render status: 401 unless Spina.config.authentication == "Spina::Authentication::Sessions"
+        end
+        def authorize_admin
+          render status: 401 unless current_spina_user.admin?
+        end
     end
   end
 end

data/app/controllers/spina/api/api_controller.rb ADDED Viewed

@@ -0,0 +1,29 @@
+module Spina
+  module Api
+    class ApiController < ActionController::Base
+      include Spina::CurrentAccount, Spina::CurrentTheme
+      protect_from_forgery unless: -> { request.format.json? }
+      rescue_from ActiveRecord::RecordNotFound, with: :render_404
+      TOKEN = Spina.config.api_key
+      before_action :authenticate_api
+      private
+        def render_404
+          render json: {error: "Not Found"}, status: :not_found
+        end
+        def authenticate_api
+          head :not_found and return if TOKEN.blank?
+          authenticate_or_request_with_http_token do |token, options|
+            ActiveSupport::SecurityUtils.secure_compare(token, TOKEN)
+          end
+        end
+    end
+  end
+end

data/app/controllers/spina/api/images_controller.rb ADDED Viewed

@@ -0,0 +1,12 @@
+module Spina
+  module Api
+    class ImagesController < ApiController
+      def show
+        @image = Spina::Image.find(params[:id])
+        render json: Spina::Api::ImageSerializer.new(@image, {params: {view_context: view_context}}).serializable_hash.to_json
+      end
+    end
+  end
+end

data/app/controllers/spina/api/navigations_controller.rb ADDED Viewed

@@ -0,0 +1,20 @@
+module Spina
+  module Api
+    class NavigationsController < ApiController
+      include Paginable
+      def index
+        navigations = Navigation.order(:id)
+        paginated = pagination(navigations)
+        render json: Spina::Api::NavigationSerializer.new(paginated.first, paginated.last.merge(fields: {navigation: [:name, :label]})).serializable_hash.to_json
+      end
+      def show
+        @navigation = Navigation.find(params[:id])
+        render json: Spina::Api::NavigationSerializer.new(@navigation).serializable_hash.to_json
+      end
+    end
+  end
+end

data/app/controllers/spina/api/pages_controller.rb ADDED Viewed

@@ -0,0 +1,26 @@
+module Spina
+  module Api
+    class PagesController < ApiController
+      include Paginable
+      before_action :set_resource
+      def index
+        pages = Page.live.includes(:translations).where(resource: @resource).order(:created_at)
+        render json: Spina::Api::PageSerializer.new(*pagination(pages)).serializable_hash.to_json
+      end
+      def show
+        @page = Page.live.where(resource: @resource).find(params[:id])
+        render json: Spina::Api::PageSerializer.new(@page).serializable_hash.to_json
+      end
+      private
+        def set_resource
+          @resource = Spina::Resource.find(params[:resource_id]) if params[:resource_id].present?
+        end
+    end
+  end
+end

data/app/controllers/spina/api/resources_controller.rb ADDED Viewed

@@ -0,0 +1,19 @@
+module Spina
+  module Api
+    class ResourcesController < ApiController
+      include Paginable
+      def index
+        resources = Resource.order(:id)
+        render json: Spina::Api::ResourceSerializer.new(*pagination(resources)).serializable_hash.to_json
+      end
+      def show
+        @resource = Resource.find(params[:id])
+        render json: Spina::Api::ResourceSerializer.new(@resource).serializable_hash.to_json
+      end
+    end
+  end
+end

data/app/controllers/spina/application_controller.rb CHANGED Viewed

@@ -1,5 +1,6 @@
 class Spina::ApplicationController < Spina.frontend_parent_controller.constantize
-  include Spina::CurrentMethods
+  include Spina.config.authentication.constantize
+  include Spina::CurrentAccount, Spina::CurrentTheme
   helper Spina::Engine.helpers

data/app/controllers/spina/pages_controller.rb CHANGED Viewed

@@ -1,18 +1,18 @@
 class Spina::PagesController < Spina::ApplicationController
   include Spina::Frontend
-  before_action :current_spina_user_can_view_page?
+  before_action :authorize_page
   helper_method :page
   def homepage
     render_with_template(page)
   end
   private
-    def current_spina_user_can_view_page?
-      raise ActiveRecord::RecordNotFound unless current_spina_user.present? || page.live?
+    def authorize_page
+      raise ActiveRecord::RecordNotFound unless page.live? || logged_in?
     end
 end

data/app/helpers/spina/attachments_helper.rb CHANGED Viewed

@@ -2,7 +2,7 @@ module Spina
   module AttachmentsHelper
     def file_url(file)
-      main_app.rails_service_blob_path(file.signed_id, file.filename)
+      main_app.url_for(file)
     end
   end

data/app/helpers/spina/images_helper.rb CHANGED Viewed

@@ -10,11 +10,7 @@ module Spina
       return "" if image.nil?
       # support both ImageProcessing gem macro :resize_to_limit and ImageMagick-specific :resize
-      resize_key = if !Spina.config.embedded_image_size.is_a?(Array)
-                     :resize
-                   else
-                     :resize_to_limit
-                   end
+      resize_key = Spina.config.embedded_image_size.is_a?(Array) ? :resize_to_limit : :resize
       main_app.url_for(image.variant(Hash[resize_key, Spina.config.embedded_image_size]))
     end

data/app/helpers/spina/spina_helper.rb CHANGED Viewed

@@ -1,16 +1,13 @@
 module Spina::SpinaHelper
-  def spina_include_tags
+  def spina_importmap_tags
     safe_join [
-      javascript_include_tag("stimulus/libraries/es-module-shims", type: "module"),
-      tag.script(type: "importmap-shim", src: asset_path("spina/importmap.json")),
-      javascript_include_tag("stimulus/libraries/stimulus", type: "module-shim"),
-      javascript_include_tag("spina/libraries/trix")
+      javascript_inline_importmap_tag(Spina.config.importmap),
+      javascript_importmap_shim_tag,
+      javascript_include_tag("spina/libraries/trix"),
+      javascript_import_module_tag("application")
     ], "\n"
   end
-  def autoloader_include_tag
-    javascript_include_tag("stimulus/loaders/autoloader", type: "module-shim")
-  end
 end

data/app/models/spina/page.rb CHANGED Viewed

@@ -53,7 +53,7 @@ module Spina
     end
     def slug
-      url_title&.parameterize
+      url_title.to_s.to_slug.transliterate(*Spina.config.transliterations).normalize.to_s
     end
     def homepage?

data/app/serializers/spina/api/base_serializer.rb ADDED Viewed

@@ -0,0 +1,6 @@
+module Spina::Api
+  class BaseSerializer
+    include JSONAPI::Serializer
+    singleton_class.include Spina::Engine.routes.url_helpers
+  end
+end

data/app/serializers/spina/api/image_serializer.rb ADDED Viewed

@@ -0,0 +1,20 @@
+module Spina::Api
+  class ImageSerializer < BaseSerializer
+    set_type :image
+    attributes :id
+    attribute :original_url do |image, params|
+      params[:view_context].main_app.url_for(image.file)
+    end
+    attribute :thumbnail_url do |image, params|
+      params[:view_context].main_app.url_for(image.variant(resize_to_fill: Spina.config.thumbnail_image_size))
+    end
+    attribute :embedded_image_size_url do |image, params|
+      resize_key = Spina.config.embedded_image_size.is_a?(Array) ? :resize_to_limit : :resize
+      params[:view_context].main_app.url_for(image.variant(Hash[resize_key, Spina.config.embedded_image_size]))
+    end
+  end
+end

data/app/serializers/spina/api/navigation_serializer.rb ADDED Viewed

@@ -0,0 +1,30 @@
+module Spina::Api
+  class NavigationSerializer < BaseSerializer
+    set_type :navigation
+    attributes :name, :label
+    attribute :tree do |navigation|
+      items_to_tree(navigation.navigation_items.sorted.roots.in_menu.live.joins(:page))
+    end
+    class << self
+      def items_to_tree(collection)
+        collection.map do |item|
+          {
+            depth: item.depth,
+            page: {
+              id: item.page_id,
+              menu_title: item.menu_title,
+              materialized_path: item.materialized_path
+            },
+            children: items_to_tree(item.children.sorted.in_menu.live.joins(:page))
+          }
+        end
+      end
+    end
+  end
+end