trusty-cms 4.1.2 → 4.1.7

data/app/assets/javascripts/rad_social/rad_ajax_form.js

@@ -16,6 +16,9 @@ function RadAjaxForm(form) {
             type: "POST",
             url: form.find('input[name=submit_url]').attr('value'),
             data: form.serialize(),
+            beforeSend: function ( xhr ) {
+              xhr.setRequestHeader("X-CSRF-Token", $('meta[name=csrf-token]').attr('content'));
+            },
             success: function(data, status, xhr) {
                 form.find(".loader").removeClass('ajax-loader');
                 form.find(".loader-small").removeClass('ajax-loader-small');

data/app/assets/javascripts/rad_social/rad_email.js

@@ -1,6 +1,5 @@
 //= require jquery
 //= require 'rad_social/jquery.validate.min'
 //= require 'rad_social/rad_ajax_form'
-//= require 'rad_social/captcha'
 //= require 'rad_social/rad_email_validator'
 //= require 'rad_social/rad_email_form'

data/app/assets/javascripts/rad_social/rad_email_form.js

@@ -63,17 +63,12 @@ $(document).ready(function() {
     $('#rs-from_name').val('');
     $('#rs-to').val('');
     $('#rs-message').val($('#rs-base-message').val());
-    var captcha = new Captcha("#recaptcha-container");
-    captcha.reload();
   }
 
-function processFailure(xhr)
-{
-    var captcha = new Captcha("#recaptcha-container");
+  function processFailure(xhr) {
     var error_msg = xhr.getResponseHeader("ErrorMsg");
     displayErrorMessage(error_msg);
-    captcha.reload();
-}
+  }
 
 function displayErrorMessage(msg) {
     var error_msg_div = $('.rad-email-error');

data/app/assets/stylesheets/admin/partials/_content.scss

@@ -1,13 +1,12 @@
 main {
   float: left;
   grid-area: content;
-  padding: 1em 0 1em 1em;
   width: 100%;
 }
 
 .reversed main {
   .content {
-    padding: 1em 0;
+    padding: 1em;
   }
 }
 

data/app/assets/stylesheets/rad_social/rad_screen.scss

@@ -55,10 +55,6 @@
   float: right;
 }
 
-.rad-email-form .captcha-container {
-  padding: 10px 0px;
-}
-
 .rad-email-form input.std_input {
   margin-bottom: 10px;
 }

data/app/controllers/admin/assets_controller.rb

@@ -1,15 +1,15 @@
 class Admin::AssetsController < Admin::ResourceController
-  paginate_models(:per_page => 50)
-  COMPRESS_FILE_TYPE = ["image/jpeg", "image/png", "image/gif", "image/svg+xml"]
+  paginate_models(per_page: 50)
+  COMPRESS_FILE_TYPE = ['image/jpeg', 'image/png', 'image/gif', 'image/svg+xml'].freeze
 
   def index
-    assets = Asset.order("created_at DESC")
+    assets = Asset.order('created_at DESC')
     @page = Page.find(params[:page_id]) if params[:page_id]
 
     @term = params[:search] || ''
     assets = assets.matching(@term) if @term && !@term.blank?
 
-    @types = params[:filter] ? params[:filter].split(",") : []
+    @types = params[:filter] ? params[:filter].split(',') : []
     if @types.include?('all')
       params[:filter] = nil
     elsif @types.any?
@@ -18,36 +18,36 @@ class Admin::AssetsController < Admin::ResourceController
 
     @assets = paginated? ? assets.paginate(pagination_parameters) : assets.all
     respond_to do |format|
-
-      format.js {
+      format.js do
         @page = Page.find_by_id(params[:page_id])
-        render :partial => 'asset_table', :locals => {:with_pagination => true}
-      }
-      format.html {
+        render partial: 'asset_table', locals: { with_pagination: true }
+      end
+      format.html do
         render
-      }
+      end
     end
   end
 
   def create
-    @assets, @page_attachments = [], []
+    @assets = []
+    @page_attachments = []
     compress = current_site.try(:compress) ? current_site.compress : true
     asset_params[:asset][:asset].to_a.each do |uploaded_asset|
-      if uploaded_asset.content_type == "application/octet-stream"
-        flash[:notice] = "Please only upload assets that have a valid extension in the name."
+      if uploaded_asset.content_type == 'application/octet-stream'
+        flash[:notice] = 'Please only upload assets that have a valid extension in the name.'
       else
         uploaded_asset = compress(uploaded_asset) if $kraken.api_key.present? && COMPRESS_FILE_TYPE.include?(uploaded_asset.content_type) && compress
-        @asset = Asset.create(:asset => uploaded_asset, :caption => asset_params[:asset][:caption])
+        @asset = Asset.create(asset: uploaded_asset, caption: asset_params[:asset][:caption])
         set_owner_or_editor
         if params[:for_attachment]
           @page = Page.find_by_id(params[:page_id]) || Page.new
-          @page_attachments << @page_attachment = @asset.page_attachments.build(:page => @page)
+          @page_attachments << @page_attachment = @asset.page_attachments.build(page: @page)
         end
         @assets << @asset
       end
     end
     if asset_params[:for_attachment]
-      render :partial => 'admin/page_attachments/attachment', :collection => @page_attachments
+      render partial: 'admin/page_attachments/attachment', collection: @page_attachments
     else
       response_for :create
     end
@@ -64,20 +64,21 @@ class Admin::AssetsController < Admin::ResourceController
     end
   end
 
-private
+  private
+
   def compress(uploaded_asset)
     data = $kraken.upload(uploaded_asset.tempfile.path, 'lossy' => true)
-    File.write(uploaded_asset.tempfile, open(data.kraked_url).read, { :mode => 'wb' })
+    File.write(uploaded_asset.tempfile, open(data.kraked_url).read, { mode: 'wb' })
     uploaded_asset
   end
 
   def set_owner_or_editor
-    @asset.created_by_id = current_user.id 
-    @asset.updated_by_id = current_user.id 
+    @asset.created_by_id = current_user.id
+    @asset.updated_by_id = current_user.id
     @asset.save! if @asset.id.present?
   end
 
   def asset_params
-    params.permit(:id, :for_attachment, :asset => [:caption, :for_attachment, :asset => []])
+    params.permit(:id, :for_attachment, asset: [:caption, :for_attachment, asset: []])
   end
 end

data/app/controllers/admin/configuration_controller.rb

@@ -1,5 +1,4 @@
 class Admin::ConfigurationController < ApplicationController
-
   # Admin::ConfigurationController handles the batch-updating of TrustyCms::Config entries.
   # It accepts any set of config name-value pairs but is accessible only to administrators.
   # Note that configuration is routed as a singular resource so we only deal with show/edit/update
@@ -8,9 +7,9 @@ class Admin::ConfigurationController < ApplicationController
   before_action :initialize_config
 
   only_allow_access_to :edit, :update,
-    :when => [:admin],
-    :denied_url => { :controller => 'admin/configuration', :action => 'show' },
-    :denied_message => 'You must have admin privileges to edit site configuration.'
+                       when: [:admin],
+                       denied_url: { controller: 'admin/configuration', action: 'show' },
+                       denied_message: 'You must have admin privileges to edit site configuration.'
 
   def show
     @user = current_user
@@ -27,24 +26,23 @@ class Admin::ConfigurationController < ApplicationController
         TrustyCms.config.transaction do
           params[:trusty_config].each_pair do |key, value|
             @trusty_config[key] = TrustyCms::Config.find_or_initialize_by(key: key)
-            @trusty_config[key].value = value      # validation sets errors on @trusty_config['key'] that the helper methods will pick up
+            @trusty_config[key].value = value # validation sets errors on @trusty_config['key'] that the helper methods will pick up
           end
-          redirect_to :action => :show
+          redirect_to action: :show
         end
       rescue ActiveRecord::RecordInvalid => e
-        flash[:error] = "Configuration error: please check the form"
-        render :action => :edit
+        flash[:error] = 'Configuration error: please check the form'
+        render action: :edit
       rescue TrustyCms::Config::ConfigError => e
         flash[:error] = "Configuration error: #{e}"
-        render :action => :edit
+        render action: :edit
       end
     end
   end
 
-protected
+  protected
 
   def initialize_config
     @trusty_config = {}
   end
-
 end

data/app/controllers/admin/extensions_controller.rb

@@ -1,8 +1,8 @@
 class Admin::ExtensionsController < ApplicationController
   only_allow_access_to :index,
-    :when => :admin,
-    :denied_url => { :controller => 'pages', :action => 'index' },
-    :denied_message => 'You must have administrative privileges to perform this action.'
+                       when: :admin,
+                       denied_url: { controller: 'pages', action: 'index' },
+                       denied_message: 'You must have administrative privileges to perform this action.'
 
   def index
     @template_name = 'index' # for Admin::RegionsHelper

data/app/controllers/admin/layouts_controller.rb

@@ -1,8 +1,7 @@
 class Admin::LayoutsController < Admin::ResourceController
   paginate_models
   only_allow_access_to :index, :show, :new, :create, :edit, :update, :remove, :destroy,
-    :when => [:designer, :admin],
-    :denied_url => { :controller => 'admin/pages', :action => 'index' },
-    :denied_message => 'You must have designer privileges to perform this action.'
-
+                       when: %i[designer admin],
+                       denied_url: { controller: 'admin/pages', action: 'index' },
+                       denied_message: 'You must have designer privileges to perform this action.'
 end

data/app/controllers/admin/page_attachments_controller.rb

@@ -2,7 +2,7 @@ class Admin::PageAttachmentsController < Admin::ResourceController
   helper 'admin/assets'
 
   def new
-    render :partial => 'attachment', :object => model
+    render partial: 'attachment', object: model
   end
 
   def load_model
@@ -10,14 +10,14 @@ class Admin::PageAttachmentsController < Admin::ResourceController
       @asset = Asset.find(params[:asset_id])
       @page = page_attachment_params[:page_id].blank? ? Page.new : Page.find_by_id(page_attachment_params[:page_id])
     rescue ActiveRecord::RecordNotFound
-      render :nothing => true, :layout => false
+      render nothing: true, layout: false
     end
-    self.model = PageAttachment.new(:asset => @asset, :page => @page)
+    self.model = PageAttachment.new(asset: @asset, page: @page)
   end
 
-private
+  private
+
   def page_attachment_params
     params.permit(:asset_id, :page_id)
   end
-
 end

data/app/controllers/admin/page_fields_controller.rb

@@ -1,10 +1,10 @@
 class Admin::PageFieldsController < Admin::ResourceController
   def create
-    self.model.attributes = page_fields_params
+    model.attributes = page_fields_params
     @controller_name = 'page'
     @template_name = 'edit'
-    render :partial => "page_field", :object => model,
-      :locals => { :page_field_counter => params[:page_field_counter].to_i}
+    render partial: 'page_field', object: model,
+           locals: { page_field_counter: params[:page_field_counter].to_i }
   end
 
   private
@@ -12,5 +12,4 @@ class Admin::PageFieldsController < Admin::ResourceController
   def page_fields_params
     params.require(:page_field).permit(:name, :content, :page_id)
   end
-
 end

data/app/controllers/admin/page_parts_controller.rb

@@ -1,16 +1,15 @@
 class Admin::PagePartsController < Admin::ResourceController
   def create
-    self.model.attributes = page_parts_params
+    model.attributes = page_parts_params
     @controller_name = 'page'
     @template_name = 'edit'
-    render :partial => "page_part", :object => model,
-      :locals => {:page_part_counter => params[:index].to_i}
+    render partial: 'page_part', object: model,
+           locals: { page_part_counter: params[:index].to_i }
   end
 
-private
+  private
 
   def page_parts_params
     params.require(:page_part).permit(:name, :filter_id, :content)
   end
-
 end

data/app/controllers/admin/pages_controller.rb

@@ -1,7 +1,7 @@
 class Admin::PagesController < Admin::ResourceController
-  before_action :initialize_meta_rows_and_buttons, :only => [:new, :edit, :create, :update]
-  before_action :count_deleted_pages, :only => [:destroy]
-  rescue_from ActiveRecord::RecordInvalid, :with => :validation_error
+  before_action :initialize_meta_rows_and_buttons, only: %i[new edit create update]
+  before_action :count_deleted_pages, only: [:destroy]
+  rescue_from ActiveRecord::RecordInvalid, with: :validation_error
 
   class PreviewStop < ActiveRecord::Rollback
     def message
@@ -13,11 +13,11 @@ class Admin::PagesController < Admin::ResourceController
     r.plural.js do
       @level = params[:level].to_i
       @index = params[:index].to_i
-      @rendered_html = ""
+      @rendered_html = ''
       @template_name = 'index'
       self.models = Page.find(params[:page_id]).children.all
       response.headers['Content-Type'] = 'text/html;charset=utf-8'
-      render :action => 'children.html.haml', :layout => false
+      render action: 'children.html.haml', layout: false
     end
   end
 
@@ -34,8 +34,8 @@ class Admin::PagesController < Admin::ResourceController
 
   def preview
     render_preview
-  rescue PreviewStop => exception
-    render :text => exception.message unless @performed_render
+  rescue PreviewStop => e
+    render text: e.message unless @performed_render
   end
 
   def save_table_position
@@ -44,67 +44,66 @@ class Admin::PagesController < Admin::ResourceController
     head :ok
   end
 
-
   private
 
-    def validation_error(e)
-      flash[:error] = e.message
-      render :new
-    end
+  def validation_error(e)
+    flash[:error] = e.message
+    render :new
+  end
 
-    def assign_page_attributes
-      if params[:page_id].blank?
-        self.model.slug = '/'
-      end
-      self.model.parent_id = params[:page_id]
+  def assign_page_attributes
+    if params[:page_id].blank?
+      model.slug = '/'
     end
+    model.parent_id = params[:page_id]
+  end
 
-    def model_class
-      if Page.descendants.any? { |d| d.to_s == params[:page_class] }
-        verify_page_class(params[:page_class])
-      elsif params[:page_id]
-        Page.find(params[:page_id]).children
-      else
-        Page
-      end
+  def model_class
+    if Page.descendants.any? { |d| d.to_s == params[:page_class] }
+      verify_page_class(params[:page_class])
+    elsif params[:page_id]
+      Page.find(params[:page_id]).children
+    else
+      Page
     end
+  end
 
-    def render_preview
-      params.permit!
-      Page.transaction do
-        page_class = Page.descendants.include?(model_class) ? model_class : Page
-        if request.referer =~ %r{/admin/pages/(\d+)/edit}
-          page = Page.find($1).becomes(page_class)
-          layout_id = page.layout_id
-          page.update_attributes(params[:page])
-          page.published_at ||= Time.now
-        else
-          page = page_class.new(params[:page])
-          page.published_at = page.updated_at = page.created_at = Time.now
-          page.parent = Page.find($1) if request.referer =~ %r{/admin/pages/(\d+)/children/new}
-        end
-        page.pagination_parameters = pagination_parameters
-        process_with_exception(page)
+  def render_preview
+    params.permit!
+    Page.transaction do
+      page_class = Page.descendants.include?(model_class) ? model_class : Page
+      if request.referer =~ %r{/admin/pages/(\d+)/edit}
+        page = Page.find($1).becomes(page_class)
+        layout_id = page.layout_id
+        page.update_attributes(params[:page])
+        page.published_at ||= Time.now
+      else
+        page = page_class.new(params[:page])
+        page.published_at = page.updated_at = page.created_at = Time.now
+        page.parent = Page.find($1) if request.referer =~ %r{/admin/pages/(\d+)/children/new}
       end
+      page.pagination_parameters = pagination_parameters
+      process_with_exception(page)
     end
+  end
 
-    def process_with_exception(page)
-      page.process(request, response)
-      @performed_render = true
-      render template: 'site/show_page', layout: false
-      raise PreviewStop
-    end
+  def process_with_exception(page)
+    page.process(request, response)
+    @performed_render = true
+    render template: 'site/show_page', layout: false
+    raise PreviewStop
+  end
 
-    def count_deleted_pages
-      @count = model.children.count + 1
-    end
+  def count_deleted_pages
+    @count = model.children.count + 1
+  end
 
-    def initialize_meta_rows_and_buttons
-      @buttons_partials ||= []
-      @meta ||= []
-      @meta << {:field => "slug", :type => "text_field", :args => [{:class => 'textbox'}]}
-      @meta << {:field => "breadcrumb", :type => "text_field", :args => [{:class => 'textbox'}]}
-    end
+  def initialize_meta_rows_and_buttons
+    @buttons_partials ||= []
+    @meta ||= []
+    @meta << { field: 'slug', type: 'text_field', args: [{ class: 'textbox' }] }
+    @meta << { field: 'breadcrumb', type: 'text_field', args: [{ class: 'textbox' }] }
+  end
 
   def verify_page_class(page_class)
     if page_class.constantize.ancestors.include?(Page)