spree_core 0.40.3 → 0.40.4

Sign up to get free protection for your applications and to get access to all the features.
@@ -1,6 +1,8 @@
1
1
  class Admin::BaseController < Spree::BaseController
2
2
  ssl_required
3
3
 
4
+ before_filter :check_alerts if Rails.env.production?
5
+
4
6
  helper :search
5
7
  helper 'admin/navigation'
6
8
  layout 'admin'
@@ -8,6 +10,35 @@ class Admin::BaseController < Spree::BaseController
8
10
  before_filter :parse_date_params
9
11
 
10
12
  protected
13
+ def check_alerts
14
+ return unless current_user and should_check_alerts?
15
+
16
+ unless session.has_key? :alerts
17
+ begin
18
+ session[:alerts] = Spree::Alert.current(request.host)
19
+ filter_dismissed_alerts
20
+ Spree::Config.set :last_check_for_spree_alerts => DateTime.now.to_s
21
+ rescue
22
+ session[:alerts] = nil
23
+ end
24
+ end
25
+ end
26
+
27
+ def should_check_alerts?
28
+ return false if not Spree::Config[:check_for_spree_alerts]
29
+
30
+ last_check = Spree::Config[:last_check_for_spree_alerts]
31
+ return true if last_check.blank?
32
+
33
+ DateTime.parse(last_check) < 12.hours.ago
34
+ end
35
+
36
+ def filter_dismissed_alerts
37
+ return unless session[:alerts]
38
+ dismissed = (Spree::Config[:dismissed_spree_alerts] || '').split(',')
39
+ session[:alerts].reject! { |a| dismissed.include? a.id.to_s }
40
+ end
41
+
11
42
  def render_js_for_destroy
12
43
  render :partial => "/admin/shared/destroy"
13
44
  flash.notice = nil
@@ -35,6 +35,9 @@ class AppConfiguration < Configuration
35
35
  preference :cache_static_content, :boolean, :default => true
36
36
  preference :use_content_controller, :boolean, :default => true
37
37
  preference :allow_checkout_on_gateway_error, :boolean, :default => false
38
+ preference :check_for_spree_alerts, :boolean, :default => true
39
+ preference :dismissed_spree_alerts, :string, :default => ''
40
+ preference :last_check_for_spree_alerts, :string, :default => nil
38
41
 
39
42
  validates :name, :presence => true, :uniqueness => true
40
43
 
@@ -90,10 +90,14 @@ class ProductGroup < ActiveRecord::Base
90
90
  end
91
91
 
92
92
  def add_scope(scope_name, arguments=[])
93
- self.product_scopes << ProductScope.new({
94
- :name => scope_name.to_s,
95
- :arguments => [*arguments]
96
- })
93
+ if scope_name.to_s !~ /eval|send|system|[^a-z0-9_!?]/
94
+ self.product_scopes << ProductScope.new({
95
+ :name => scope_name.to_s,
96
+ :arguments => [*arguments]
97
+ })
98
+ else
99
+ raise ArgumentError.new("'#{scope_name}` can't be used as scope")
100
+ end
97
101
  self
98
102
  end
99
103
 
@@ -0,0 +1,13 @@
1
+ class Spree::Alert < ActiveResource::Base
2
+ self.site = "http://alerts.spreecommerce.com/"
3
+ self.format = :json
4
+
5
+ def self.current(host)
6
+ find(:all, :params => { :version => Spree.version,
7
+ :name => Spree::Config[:site_name],
8
+ :host => host,
9
+ :rails_env => Rails.env,
10
+ :rails_version => Rails.version })
11
+ end
12
+ end
13
+
@@ -28,6 +28,14 @@
28
28
  </label>
29
29
  </p>
30
30
 
31
+ <p>
32
+ <label>
33
+ <input name="preferences[check_for_spree_alerts]" type="hidden" value="0" />
34
+ <%= check_box_tag('preferences[check_for_spree_alerts]', "1", Spree::Config[:check_for_spree_alerts]) %>
35
+ <%= t('spree_alert_checking') %>
36
+ </label>
37
+ </p>
38
+
31
39
  <p class="form-buttons">
32
40
  <%= button t('update') %>
33
41
  <%= t("or") %> <%= link_to t("cancel"), admin_general_settings_url %>
@@ -4,25 +4,30 @@
4
4
 
5
5
  <table>
6
6
  <tr>
7
- <th scope="row"><%= t("site_name") %>:</th>
7
+ <th scope="row"><%= t("site_name") %>:</th>
8
8
  <td><%= Spree::Config[:site_name] %></td>
9
9
  </tr>
10
10
  <tr>
11
- <th scope="row"><%= t("site_url") %>:</th>
11
+ <th scope="row"><%= t("site_url") %>:</th>
12
12
  <td><%= Spree::Config[:site_url] %></td>
13
13
  </tr>
14
14
  <tr>
15
15
  <td colspan="2">
16
- <%= (Spree::Config[:allow_ssl_in_production] ? t("ssl_will_be_used_in_production_mode") : t("ssl_will_not_be_used_in_production_mode")) %>
16
+ <%= (Spree::Config[:allow_ssl_in_production] ? t("ssl_will_be_used_in_production_mode") : t("ssl_will_not_be_used_in_production_mode")) %>
17
17
  </td>
18
18
  </tr>
19
19
  <tr>
20
20
  <td colspan="2">
21
21
  <%= (Spree::Config[:allow_ssl_in_development_and_test] ? t("ssl_will_be_used_in_development_and_test_modes") : t("ssl_will_not_be_used_in_development_and_test_modes")) %>
22
- </td>
22
+ </td>
23
+ </tr>
24
+ <tr>
25
+ <td colspan="2">
26
+ <%= (Spree::Config[:check_for_spree_alerts] ? t("spree_alert_checking") : t("spree_alert_not_checking")) %>
27
+ </td>
23
28
  </tr>
24
29
  </table>
25
30
 
26
- <p><%= link_to_with_icon 'edit', t("edit"), edit_admin_general_settings_path %></p>
31
+ <p><%= link_to_with_icon 'edit', t("edit"), edit_admin_general_settings_path, :id => 'admin_general_settings_link' %></p>
27
32
 
28
33
 
@@ -0,0 +1,6 @@
1
+ <div class="alert <%= alert.severity.downcase %>">
2
+ <%= alert.message %> <%= link_to alert.url_name, alert.url if alert.url %>
3
+ <%= link_to 'X', dismiss_alert_admin_general_settings_path(:alert_id => alert.id),
4
+ :remote => true, :method => :post, :class => 'dismiss' %>
5
+ </div>
6
+
@@ -50,6 +50,7 @@
50
50
  <div class="flash notice"><%= self.notice %></div>
51
51
  <% end %>
52
52
 
53
+ <%= render :partial => 'admin/shared/alert', :collection => session[:alerts] %>
53
54
 
54
55
  <%= yield %>
55
56
 
@@ -881,6 +881,8 @@ en:
881
881
  ssl_will_be_used_in_production_mode: "SSL will be used in production mode"
882
882
  ssl_will_not_be_used_in_development_and_test_modes: "SSL will not be used in development and test mode if necessary."
883
883
  ssl_will_not_be_used_in_production_mode: "SSL will not be used in production mode"
884
+ spree_alert_checking: "Check for Spree security and release alerts"
885
+ spree_alert_not_checking: "Not checking for Spree security and release alerts"
884
886
  start: Start
885
887
  start_date: Valid from
886
888
  state: State
data/config/routes.rb CHANGED
@@ -149,7 +149,11 @@ Rails.application.routes.draw do
149
149
  end
150
150
  end
151
151
 
152
- resource :general_settings
152
+ resource :general_settings do
153
+ collection do
154
+ post :dismiss_alert
155
+ end
156
+ end
153
157
 
154
158
  resources :taxonomies do
155
159
  member do
data/lib/spree_core.rb CHANGED
@@ -67,7 +67,7 @@ end
67
67
 
68
68
  module Spree
69
69
  def self.version
70
- "0.40.3"
70
+ "0.40.4"
71
71
  end
72
72
  end
73
73
 
@@ -224,3 +224,9 @@ jQuery(".observe_field").live('change', function() {
224
224
  }
225
225
  );
226
226
  });
227
+
228
+ jQuery(document).ready(function() {
229
+ $('div.alert a.dismiss').click(function() {
230
+ $(this).parent().fadeOut();
231
+ });
232
+ });
@@ -577,3 +577,37 @@ table#product_scopes tr td table tr td {
577
577
  }
578
578
 
579
579
 
580
+ span.handle{
581
+ background-image: url(../../images/reorder.jpg);
582
+ display: inline-block;
583
+ width:14px;
584
+ height:15px;
585
+ }
586
+
587
+ .alert {
588
+ -moz-border-radius: 5px;
589
+ -webkit-border-radius: 5px;
590
+ border-radius: 5px;
591
+ font-size: 1.3em;
592
+ margin-bottom: 1em;
593
+ padding: 0.8em;
594
+ }
595
+ .alert a.dismiss {
596
+ float:right;
597
+ font-size: 0.8em;
598
+ }
599
+ .alert.release {
600
+ background: #ccddff url(../images/shadow_top.png) 0px -50px repeat-x;
601
+ color: #556699;
602
+ border: 1px solid #99aacc;
603
+ }
604
+ .alert.security {
605
+ background: #f4b4b4 url(../images/shadow_top.png) 0px -50px repeat-x;
606
+ color: #000000;
607
+ border: 1px solid #e75b5b;
608
+ }
609
+ .alert.news {
610
+ background: #ccffd4 url(../images/shadow_top.png) 0px -50px repeat-x;
611
+ color: #000000;
612
+ border: 1px solid #66ff7e;
613
+ }
metadata CHANGED
@@ -1,13 +1,13 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: spree_core
3
3
  version: !ruby/object:Gem::Version
4
- hash: 185
4
+ hash: 183
5
5
  prerelease:
6
6
  segments:
7
7
  - 0
8
8
  - 40
9
- - 3
10
- version: 0.40.3
9
+ - 4
10
+ version: 0.40.4
11
11
  platform: ruby
12
12
  authors:
13
13
  - Sean Schofield
@@ -15,8 +15,7 @@ autorequire:
15
15
  bindir: bin
16
16
  cert_chain: []
17
17
 
18
- date: 2011-02-17 00:00:00 -05:00
19
- default_executable:
18
+ date: 2011-10-21 00:00:00 Z
20
19
  dependencies:
21
20
  - !ruby/object:Gem::Dependency
22
21
  name: acts_as_list
@@ -369,6 +368,7 @@ files:
369
368
  - app/models/shipment.rb
370
369
  - app/models/shipping_category.rb
371
370
  - app/models/shipping_method.rb
371
+ - app/models/spree/alert.rb
372
372
  - app/models/state.rb
373
373
  - app/models/state_event.rb
374
374
  - app/models/state_monitor.rb
@@ -497,6 +497,7 @@ files:
497
497
  - app/views/admin/shared/_address.html.erb
498
498
  - app/views/admin/shared/_address_form.html.erb
499
499
  - app/views/admin/shared/_adjustments_table.html.erb
500
+ - app/views/admin/shared/_alert.html.erb
500
501
  - app/views/admin/shared/_calculator_fields.html.erb
501
502
  - app/views/admin/shared/_configuration_menu.html.erb
502
503
  - app/views/admin/shared/_destroy.js.erb
@@ -1055,7 +1056,6 @@ files:
1055
1056
  - public/stylesheets/jquery.autocomplete.css
1056
1057
  - public/stylesheets/scaffold.css
1057
1058
  - public/stylesheets/screen.css
1058
- has_rdoc: true
1059
1059
  homepage: http://spreecommerce.com
1060
1060
  licenses: []
1061
1061
 
@@ -1087,7 +1087,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
1087
1087
  requirements:
1088
1088
  - none
1089
1089
  rubyforge_project: spree_core
1090
- rubygems_version: 1.4.2
1090
+ rubygems_version: 1.8.10
1091
1091
  signing_key:
1092
1092
  specification_version: 3
1093
1093
  summary: Core e-commerce functionality for the Spree project.