RubyGems - trusty-cms - Versions diffs - 3.8.0 → 3.8.1 - Mend

trusty-cms 3.8.0 → 3.8.1

Files changed (53) hide show

checksums.yaml +4 -4
data/Gemfile.lock +100 -92
data/app/assets/images/admin/default_forgot_password.svg +1 -0
data/app/assets/images/admin/default_reset_password.svg +1 -0
data/app/assets/images/admin/default_safe_login.svg +1 -0
data/app/assets/javascripts/admin.js +0 -1
data/app/assets/javascripts/admin/modernizr.js +3 -409
data/app/assets/stylesheets/admin/partials/_forms.scss +39 -0
data/app/assets/stylesheets/admin/partials/_layout.scss +8 -0
data/app/assets/stylesheets/admin/partials/_validations.scss +6 -13
data/app/controllers/admin/assets_controller.rb +7 -0
data/app/controllers/admin/preferences_controller.rb +1 -1
data/app/controllers/admin/resource_controller.rb +6 -0
data/app/controllers/admin/users_controller.rb +3 -2
data/app/controllers/application_controller.rb +5 -7
data/app/controllers/site_controller.rb +2 -1
data/app/controllers/social_mailer_controller.rb +2 -1
data/app/models/legacy_user.rb +6 -0
data/app/models/user.rb +39 -68
data/app/models/user_action_observer.rb +4 -2
data/app/views/admin/configuration/show.html.haml +2 -7
data/app/views/admin/layouts/_site_chooser.html.haml +1 -1
data/app/views/admin/pages/_node.html.haml +2 -2
data/app/views/admin/preferences/edit.html.haml +9 -14
data/app/views/admin/users/_form.html.haml +8 -15
data/app/views/admin/users/index.html.haml +0 -1
data/app/views/devise/passwords/edit.html.haml +23 -0
data/app/views/devise/passwords/new.html.haml +14 -0
data/app/views/devise/sessions/new.html.haml +25 -0
data/app/views/devise/shared/_links.html.haml +16 -0
data/app/views/layouts/application.html.haml +1 -1
data/config/application.rb +1 -0
data/config/initializers/devise.rb +310 -0
data/config/routes.rb +6 -10
data/db/migrate/20200117141251_create_admin_users.rb +51 -0
data/lib/generators/extension_controller/templates/controller.rb +1 -1
data/lib/login_system.rb +40 -44
data/lib/tasks/upgrade_to_devise.rake +22 -0
data/lib/trusty_cms.rb +1 -1
data/lib/trusty_cms/admin_ui.rb +3 -3
data/lib/trusty_cms/engine.rb +2 -0
data/lib/trusty_cms/setup.rb +0 -1
data/trusty_cms.gemspec +1 -0
data/vendor/extensions/clipped-extension/clipped_extension.rb +0 -2
data/vendor/extensions/multi-site-extension/lib/multi_site/site_chooser_helper.rb +1 -1
data/vendor/extensions/snippets-extension/snippets_extension.rb +0 -2
metadata +27 -8
data/app/assets/javascripts/admin/cookie.js +0 -80
data/app/controllers/admin/password_resets_controller.rb +0 -31
data/app/controllers/admin/welcome_controller.rb +0 -47
data/app/views/admin/password_resets/edit.html.haml +0 -27
data/app/views/admin/password_resets/new.html.haml +0 -12
data/app/views/password_mailer/password_reset.html.haml +0 -8

data/config/routes.rb CHANGED Viewed

@@ -1,6 +1,6 @@
 TrustyCms::Application.routes.draw do
   root to: 'site#show_page'
+  devise_for :users, module: :devise
   get '/rad_social/mail' => 'social_mailer#social_mail_form', as: :rad_social_mail_form
   post '/rad_social/mail' => 'social_mailer#create_social_mail', as: :rad_create_social_mail
   TrustyCms::Application.config.enabled_extensions.each { |ext|
@@ -19,7 +19,6 @@ TrustyCms::Application.routes.draw do
     resources :snippets do
       get :remove, on: :member
     end
-    resources :password_resets
     post 'save-table-position' => "pages#save_table_position", as: "save_tables_position"
     resources :assets do
@@ -28,7 +27,7 @@ TrustyCms::Application.routes.draw do
       post :regenerate, on: :collection
       put :refresh, on: :member
     end
-    resources :page_attachments, :only => [:new] do
+    resources :page_attachments, only: [:new] do
       get :remove, on: :member
     end
     resources :pages do
@@ -38,10 +37,12 @@ TrustyCms::Application.routes.draw do
   end
   match 'admin/preview' => 'admin/pages#preview', :as => :preview, :via => [:post, :put]
+  get 'admin' => 'admin/pages#index'
   namespace :admin do
     resource :preferences
-    resource :configuration, :controller => 'configuration'
-    resources :extensions, :only => :index
+    resource :configuration, controller: 'configuration'
+    resources :extensions, only: :index
     resources :page_parts
     resources :page_fields
     match '/reference/:type(.:format)' => 'references#show', :as => :reference, :via => :get
@@ -55,12 +56,7 @@ TrustyCms::Application.routes.draw do
     end
   end
-  get 'admin' => 'admin/welcome#index', :as => :admin
-  get 'admin/welcome' => 'admin/welcome#index', :as => :welcome
-  match 'admin/login' => 'admin/welcome#login', :as => :login, :via => [:get, :post]
-  get 'admin/logout' => 'admin/welcome#logout', :as => :logout
   get 'error/404' => 'site#not_found', :as => :not_found
   get 'error/500' => 'site#error', :as => :error
   get '*url' => 'site#show_page'
 end

data/db/migrate/20200117141251_create_admin_users.rb ADDED Viewed

@@ -0,0 +1,51 @@
+class CreateAdminUsers < ActiveRecord::Migration[5.2]
+  def change
+    create_table(:admins) do |t|
+      ## Database authenticatable
+      t.string :email,              null: false, default: ""
+      t.string :encrypted_password, null: false, default: ""
+      ## Recoverable
+      t.string   :reset_password_token
+      t.datetime :reset_password_sent_at
+      ## Rememberable
+      t.datetime :remember_created_at
+      ## Trackable
+      t.integer  :sign_in_count, default: 0, null: false
+      t.datetime :current_sign_in_at
+      t.datetime :last_sign_in_at
+      t.string     :current_sign_in_ip
+      t.string     :last_sign_in_ip
+      ## Confirmable
+      t.string   :confirmation_token
+      t.datetime :confirmed_at
+      t.datetime :confirmation_sent_at
+      t.string   :unconfirmed_email # Only if using reconfirmable
+      ## Lockable
+      t.integer  :failed_attempts, default: 0, null: false # Only if lock strategy is :failed_attempts
+      t.string   :unlock_token # Only if unlock strategy is :email or :both
+      t.datetime :locked_at
+      # Customization
+      t.string :first_name
+      t.string :last_name
+      t.boolean :admin
+      t.boolean :designer
+      t.boolean :content_editor
+      t.integer :site_id
+      t.integer :updated_by_id
+      t.text    :notes
+      t.timestamps
+    end
+    add_index :admins, :email,                unique: true
+    add_index :admins, :reset_password_token, unique: true
+    add_index :admins, :confirmation_token,   unique: true
+    add_index :admins, :unlock_token,         unique: true
+  end
+end

data/lib/generators/extension_controller/templates/controller.rb CHANGED Viewed

@@ -1,7 +1,7 @@
 class <%= class_name %>Controller < ApplicationController
   # Remove this line if your controller should only be accessible to users
   # that are logged in:
-  no_login_required
+  #  no_login_required
 <% for action in actions -%>
   def <%= action %>

data/lib/login_system.rb CHANGED Viewed

@@ -2,58 +2,59 @@ module LoginSystem
   def self.included(base)
     base.extend ClassMethods
     base.class_eval do
-        prepend_before_action :authenticate
-        prepend_before_action :authorize
-      helper_method :current_user
+      #prepend_before_action :authenticate
+      #prepend_before_action :authorize
+      #helper_method :current_user
     end
   end
   protected
-    def current_user
-      @current_user ||= (login_from_session || login_from_cookie || login_from_http)
-    end
+    # def current_user
+    # end
-    def current_user=(value=nil)
-      if value && value.is_a?(User)
-        @current_user = value
-        session['user_id'] = value.id
-      else
-        @current_user = nil
-        session['user_id'] = nil
-      end
-      @current_user
-    end
+    # def current_user=(value=nil)
+    #   if value && value.is_a?(User)
+    #     @current_user = value
+    #     session['user_id'] = value.id
+    #   else
+    #     @current_user = nil
+    #     session['user_id'] = nil
+    #   end
+    #   @current_user
+    # end
     def authenticate
       #puts _process_action_callbacks.map(&:filter)
-      if current_user
-        session['user_id'] = current_user.id
-        true
-      else
-        session[:return_to] = request.original_url
-        respond_to do |format|
-          format.html { redirect_to login_url }
-          format.any(:xml,:json) { request_http_basic_authentication }
-        end
-        false
-      end
+      # if current_user
+      #   session['user_id'] = current_user.id
+      #   true
+      # else
+      #   session[:return_to] = request.original_url
+      #   respond_to do |format|
+      #     format.html { redirect_to login_url }
+      #     format.any(:xml,:json) { request_http_basic_authentication }
+      #   end
+      #   false
+      # end
+      true
     end
     def authorize
       #puts _process_action_callbacks.map(&:filter)
-      action = action_name.to_s.intern
-      if user_has_access_to_action?(action)
-        true
-      else
-        permissions = self.class.controller_permissions[action]
-        flash[:error] = permissions[:denied_message] || 'Access denied.'
-        respond_to do |format|
-          format.html { redirect_to(permissions[:denied_url] || { :action => :index }) }
-          format.any(:xml, :json) { head :forbidden }
-        end
-        false
-      end
+      # action = action_name.to_s.intern
+      # if user_has_access_to_action?(action)
+      #   true
+      # else
+      #   permissions = self.class.controller_permissions[action]
+      #   flash[:error] = permissions[:denied_message] || 'Access denied.'
+      #   respond_to do |format|
+      #     format.html { redirect_to(permissions[:denied_url] || { :action => :index }) }
+      #     format.any(:xml, :json) { head :forbidden }
+      #   end
+      #   false
+      # end
+      true
     end
     def user_has_access_to_action?(action)
@@ -85,11 +86,6 @@ module LoginSystem
     end
   module ClassMethods
-    def no_login_required
-      skip_before_action :authenticate
-      skip_before_action :authorize
-      # puts _process_action_callbacks.map(&:filter)
-    end
     def login_required?
       filter_chain.any? {|f| f.method == :authenticate || f.method == :authorize }

data/lib/tasks/upgrade_to_devise.rake ADDED Viewed

@@ -0,0 +1,22 @@
+# frozen_string_literal: true
+# Define a namespace for the task
+namespace :import do
+  desc 'Imports the legacy user data into the Devise Admin table'
+  task admins: :environment do
+    LegacyUser.all.each do |legacy|
+      u = User.new(
+        email: legacy.email,
+        first_name: legacy.name.split(' ')[0],
+        last_name: legacy.name.split(' ')[1],
+        password: 'PleaseChangeMe1!',
+        password_confirmation: 'PleaseChangeMe1!',
+        admin: legacy.admin,
+        designer: legacy.designer,
+        content_editor: legacy.content_editor,
+        notes: legacy.notes
+      )
+      u.save!
+    end
+  end
+end

data/lib/trusty_cms.rb CHANGED Viewed

@@ -2,6 +2,6 @@ TRUSTY_CMS_ROOT = File.expand_path(File.join(File.dirname(__FILE__), "..")) unle
 unless defined? TrustyCms::VERSION
   module TrustyCms
-    VERSION = '3.8.0'
+    VERSION = '3.8.1'
   end
 end

data/lib/trusty_cms/admin_ui.rb CHANGED Viewed

@@ -183,13 +183,13 @@ module TrustyCms
       OpenStruct.new.tap do |user|
         user.preferences = RegionSet.new do |preferences|
           preferences.main.concat %w{edit_header edit_form}
-          preferences.form.concat %w{edit_name edit_email edit_username edit_password edit_locale}
+          preferences.form.concat %w{edit_first_name edit_last_name edit_email edit_password}
           preferences.form_bottom.concat %w{edit_buttons}
         end
         user.edit = RegionSet.new do |edit|
           edit.main.concat %w{edit_header edit_form}
-          edit.form.concat %w{edit_name edit_email edit_username edit_password
-                              edit_roles edit_locale edit_notes}
+          edit.form.concat %w{edit_first_name edit_last_name edit_email edit_password
+                              edit_roles edit_notes}
           edit.form_bottom.concat %w{edit_buttons edit_timestamp}
         end
         user.index = RegionSet.new do |index|

data/lib/trusty_cms/engine.rb CHANGED Viewed

@@ -21,3 +21,5 @@ module TrustyCms
 end
 require 'ckeditor'
+require 'devise'

data/lib/trusty_cms/setup.rb CHANGED Viewed

@@ -17,7 +17,6 @@ module TrustyCms
     def bootstrap(config)
       @config = config
       @admin = create_admin_user(config[:admin_name], config[:admin_username], config[:admin_password])
-      UserActionObserver.current_user = @admin
       load_default_configuration
       # load_database_template(config[:database_template])
       announce "Finished."

data/trusty_cms.gemspec CHANGED Viewed

@@ -26,6 +26,7 @@ a general purpose content managment system--not merely a blogging engine.}
   s.add_dependency 'acts_as_tree',    '>= 2.6.1', '< 2.9.0'
   s.add_dependency 'ckeditor',        '>= 4.2.2', '< 4.3.0'
   s.add_dependency 'delocalize',      '>= 0.2', '< 2.0'
+  s.add_dependency 'devise'
   s.add_dependency 'execjs',          '~> 2.7'
   s.add_dependency 'haml',            '~> 5.0'
   s.add_dependency 'haml-rails',      '~> 1.0.0'

data/vendor/extensions/clipped-extension/clipped_extension.rb CHANGED Viewed

@@ -9,8 +9,6 @@ class ClippedExtension < TrustyCms::Extension
         TrustyCms::AdminUI.send :include, ClippedAdminUI unless defined? admin.asset         # defines shards for extension of the asset-admin interface
         Admin::PagesController.send :helper, Admin::AssetsHelper                           # currently only provides a description of asset sizes
         Page.send :include, AssetTags                                                      # radius tags for selecting sets of assets and presenting each one
-        UserActionObserver.instance.send :add_observer!, Asset                             # the usual creator- and updater-stamping
         AssetType.new :image, :icon => 'image', :default_radius_tag => 'image', :processors => [:thumbnail], :styles => :standard, :extensions => %w[jpg jpeg png gif], :mime_types => %w[image/png image/x-png image/jpeg image/pjpeg image/jpg image/gif]
         AssetType.new :video, :icon => 'video', :processors => [:frame_grab], :styles => :standard, :mime_types => %w[application/x-mp4 video/mpeg video/quicktime video/x-la-asf video/x-ms-asf video/x-msvideo video/x-sgi-movie video/x-flv flv-application/octet-stream video/3gpp video/3gpp2 video/3gpp-tt video/BMPEG video/BT656 video/CelB video/DV video/H261 video/H263 video/H263-1998 video/H263-2000 video/H264 video/JPEG video/MJ2 video/MP1S video/MP2P video/MP2T video/mp4 video/MP4V-ES video/MPV video/mpeg4 video/mpeg4-generic video/nv video/parityfec video/pointer video/raw video/rtx video/ogg video/webm]
         AssetType.new :audio, :icon => 'audio', :mime_types => %w[audio/mpeg audio/mpg audio/ogg application/ogg audio/x-ms-wma audio/vnd.rn-realaudio audio/x-wav]

data/vendor/extensions/multi-site-extension/lib/multi_site/site_chooser_helper.rb CHANGED Viewed

@@ -1,7 +1,7 @@
 module MultiSite::SiteChooserHelper
 def sites_chooser_thing
-  return "" unless admin? && defined?(Site) && defined?(controller) && controller.sited_model? && controller.template_name == 'index' && Site.several?
+  return "" unless current_user.admin? && defined?(Site) && defined?(controller) && controller.sited_model? && controller.template_name == 'index' && Site.several?
   options = Site.all.map{ |site| "<li>" + link_to( site.name, "#{request.path}?site_id=#{site.id}", :class => site == current_site ? 'fg' : '') + "</li>" }.join("")
   chooser = %{<div id="site_chooser">}
   #chooser << link_to("sites", admin_sites_url, {:id => 'show_site_list', :class => 'expandable'})

data/vendor/extensions/snippets-extension/snippets_extension.rb CHANGED Viewed

@@ -36,8 +36,6 @@ class SnippetsExtension < TrustyCms::Extension
     admin.snippet       ||= TrustyCms::AdminUI.load_default_snippet_regions
-    UserActionObserver.instance.send :add_observer!, ::Snippet
     tab 'Design' do
       add_item "Snippets", "/admin/snippets"
     end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: trusty-cms
 version: !ruby/object:Gem::Version
-  version: 3.8.0
+  version: 3.8.1
 platform: ruby
 authors:
 - TrustyCms CMS dev team
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2020-01-27 00:00:00.000000000 Z
+date: 2020-01-29 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: acts_as_list
@@ -84,6 +84,20 @@ dependencies:
     - - "<"
       - !ruby/object:Gem::Version
         version: '2.0'
+- !ruby/object:Gem::Dependency
+  name: devise
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: execjs
   requirement: !ruby/object:Gem::Requirement
@@ -457,6 +471,9 @@ files:
 - app/assets/images/admin/copy.png
 - app/assets/images/admin/css_icon.png
 - app/assets/images/admin/database_icon.png
+- app/assets/images/admin/default_forgot_password.svg
+- app/assets/images/admin/default_reset_password.svg
+- app/assets/images/admin/default_safe_login.svg
 - app/assets/images/admin/delete.png
 - app/assets/images/admin/document_icon.png
 - app/assets/images/admin/document_thumbnail.png
@@ -550,7 +567,6 @@ files:
 - app/assets/javascripts/admin/assets.js
 - app/assets/javascripts/admin/assets_admin.js
 - app/assets/javascripts/admin/autopopulate-breadcrumb.js
-- app/assets/javascripts/admin/cookie.js
 - app/assets/javascripts/admin/datecheck.js
 - app/assets/javascripts/admin/dropdown.js
 - app/assets/javascripts/admin/jquery.cookie.js
@@ -621,14 +637,12 @@ files:
 - app/controllers/admin/page_fields_controller.rb
 - app/controllers/admin/page_parts_controller.rb
 - app/controllers/admin/pages_controller.rb
-- app/controllers/admin/password_resets_controller.rb
 - app/controllers/admin/preferences_controller.rb
 - app/controllers/admin/references_controller.rb
 - app/controllers/admin/resource_controller.rb
 - app/controllers/admin/sites_controller.rb
 - app/controllers/admin/snippets_controller.rb
 - app/controllers/admin/users_controller.rb
-- app/controllers/admin/welcome_controller.rb
 - app/controllers/application_controller.rb
 - app/controllers/site_controller.rb
 - app/controllers/social_mailer_controller.rb
@@ -659,6 +673,7 @@ files:
 - app/models/file_not_found_page.rb
 - app/models/haml_filter.rb
 - app/models/layout.rb
+- app/models/legacy_user.rb
 - app/models/menu_renderer.rb
 - app/models/old_page_attachment.rb
 - app/models/page.rb
@@ -718,8 +733,6 @@ files:
 - app/views/admin/pages/index.html.haml
 - app/views/admin/pages/new.html.haml
 - app/views/admin/pages/remove.html.haml
-- app/views/admin/password_resets/edit.html.haml
-- app/views/admin/password_resets/new.html.haml
 - app/views/admin/preferences/edit.html.haml
 - app/views/admin/references/_tag_reference.haml
 - app/views/admin/references/filters.haml
@@ -751,11 +764,14 @@ files:
 - app/views/admin/users/new.html.haml
 - app/views/admin/users/remove.html.haml
 - app/views/admin/welcome/login.html.haml
+- app/views/devise/passwords/edit.html.haml
+- app/views/devise/passwords/new.html.haml
+- app/views/devise/sessions/new.html.haml
+- app/views/devise/shared/_links.html.haml
 - app/views/layouts/application.html.haml
 - app/views/layouts/mail.html.haml
 - app/views/layouts/mailer.text.haml
 - app/views/layouts/trusty.html.haml
-- app/views/password_mailer/password_reset.html.haml
 - app/views/rad_social_mailer/social_mail.html.haml
 - app/views/rad_social_mailer/social_mail_form.html.haml
 - app/views/site/not_found.html.haml
@@ -776,6 +792,7 @@ files:
 - config/environments/test.rb
 - config/initializers/active_record_extensions.rb
 - config/initializers/assets.rb
+- config/initializers/devise.rb
 - config/initializers/interpolation.rb
 - config/initializers/kraken.rb
 - config/initializers/response_cache_timeout.rb
@@ -856,6 +873,7 @@ files:
 - db/migrate/20120209231801_change_pages_allowed_children_cache_to_text.rb
 - db/migrate/20160527141249_add_password_reset_to_users.rb
 - db/migrate/20161027141250_add_position_to_pages.rb
+- db/migrate/20200117141251_create_admin_users.rb
 - db/schema.rb
 - lib/active_record_extensions/active_record_extensions.rb
 - lib/annotatable.rb
@@ -970,6 +988,7 @@ files:
 - lib/tasks/radiant_config.rake
 - lib/tasks/snippets_extension_tasks.rake
 - lib/tasks/translate.rake
+- lib/tasks/upgrade_to_devise.rake
 - lib/translation_support.rb
 - lib/trusty_cms.rb
 - lib/trusty_cms/admin_ui.rb