we5-browsercms 3.0.2 → 3.0.5
Sign up to get free protection for your applications and to get access to all the features.
- data/README.markdown +1 -0
- data/app/controllers/cms/content_block_controller.rb +25 -2
- data/app/controllers/cms/content_controller.rb +31 -2
- data/app/controllers/cms/dashboard_controller.rb +2 -1
- data/app/controllers/cms/error_handling.rb +9 -2
- data/app/controllers/cms/links_controller.rb +2 -0
- data/app/controllers/cms/pages_controller.rb +22 -18
- data/app/controllers/cms/section_nodes_controller.rb +1 -1
- data/app/controllers/cms/sections_controller.rb +12 -7
- data/app/controllers/cms/sessions_controller.rb +17 -10
- data/app/controllers/cms/users_controller.rb +8 -6
- data/app/helpers/cms/application_helper.rb +2 -6
- data/app/helpers/cms/menu_helper.rb +118 -146
- data/app/helpers/cms/page_helper.rb +2 -2
- data/app/models/attachment.rb +2 -2
- data/app/models/forgot_password_mailer.rb +12 -0
- data/app/models/group.rb +13 -2
- data/app/models/guest_user.rb +9 -3
- data/app/models/link.rb +2 -2
- data/app/models/page.rb +1 -1
- data/app/models/section.rb +7 -2
- data/app/models/user.rb +35 -17
- data/app/portlets/forgot_password_portlet.rb +27 -0
- data/app/portlets/reset_password_portlet.rb +28 -0
- data/app/views/cms/blocks/_toolbar_for_member.html.erb +3 -3
- data/app/views/cms/blocks/index.html.erb +11 -6
- data/app/views/cms/content/show.html.erb +3 -3
- data/app/views/cms/forgot_password_mailer/reset_password.text.html.erb +3 -0
- data/app/views/cms/forgot_password_mailer/reset_password.text.plain.erb +3 -0
- data/app/views/cms/menus/_menu.html.erb +9 -0
- data/app/views/cms/menus/_menu_item.html.erb +11 -0
- data/app/views/cms/pages/_edit_connector.html.erb +1 -1
- data/app/views/cms/pages/_edit_container.html.erb +1 -1
- data/app/views/cms/section_nodes/_node.html.erb +1 -1
- data/app/views/cms/sections/_form.html.erb +36 -34
- data/app/views/cms/shared/access_denied.html.erb +3 -0
- data/app/views/cms/users/change_password.html.erb +8 -6
- data/app/views/cms/users/index.html.erb +1 -1
- data/app/views/cms/users/show.html.erb +50 -0
- data/app/views/layouts/_cms_toolbar.html.erb +1 -1
- data/app/views/layouts/_page_toolbar.html.erb +7 -7
- data/app/views/layouts/cms/administration.html.erb +24 -7
- data/app/views/portlets/forgot_password/_form.html.erb +5 -0
- data/app/views/portlets/forgot_password/render.html.erb +14 -0
- data/app/views/portlets/reset_password/_form.html.erb +3 -0
- data/app/views/portlets/reset_password/render.html.erb +24 -0
- data/{we5-browsercms.gemspec → browsercms.gemspec} +72 -54
- data/db/migrate/20091109175123_browsercms_3_0_5.rb +9 -0
- data/lib/acts_as_list.rb +8 -4
- data/lib/cms/acts/content_block.rb +1 -1
- data/lib/cms/authentication/controller.rb +26 -7
- data/lib/cms/behaviors/attaching.rb +3 -3
- data/lib/cms/behaviors/publishing.rb +12 -1
- data/lib/cms/behaviors/rendering.rb +17 -4
- data/lib/cms/behaviors/versioning.rb +2 -2
- data/lib/cms/routes.rb +4 -0
- data/lib/tasks/cms.rake +0 -18
- data/public/javascripts/cms/content_library.js +36 -0
- data/public/javascripts/cms/sitemap.js +21 -9
- data/public/stylesheets/cms/form_layout.css +16 -2
- data/public/stylesheets/cms/nav.css +4 -3
- data/test/functional/cms/content_block_controller_test.rb +120 -0
- data/test/functional/cms/content_controller_test.rb +135 -80
- data/test/functional/cms/links_controller_test.rb +89 -1
- data/test/functional/cms/pages_controller_test.rb +138 -0
- data/test/functional/cms/section_nodes_controller_test.rb +45 -5
- data/test/functional/cms/sections_controller_test.rb +148 -1
- data/test/functional/cms/sessions_controller_test.rb +26 -2
- data/test/functional/cms/users_controller_test.rb +49 -2
- data/test/integration/cms/password_management_test.rb +57 -0
- data/test/test_helper.rb +3 -1
- data/test/unit/behaviors/attaching_test.rb +26 -0
- data/test/unit/helpers/menu_helper_test.rb +118 -278
- data/test/unit/models/group_test.rb +6 -0
- data/test/unit/models/user_test.rb +127 -29
- metadata +20 -3
data/app/models/user.rb
CHANGED
@@ -11,8 +11,7 @@ class User < ActiveRecord::Base
|
|
11
11
|
validates_presence_of :email
|
12
12
|
#validates_length_of :email, :within => 6..100 #r@a.wk
|
13
13
|
#validates_uniqueness_of :email, :case_sensitive => false
|
14
|
-
validates_format_of :email, :with =>
|
15
|
-
|
14
|
+
validates_format_of :email, :with => /^([^@\s]+)@((?:[-a-z0-9]+\.)+[a-z]{2,})$/i, :message => "should be an email address, ex. xx@xx.com"
|
16
15
|
attr_accessible :login, :email, :name, :first_name, :last_name, :password, :password_confirmation, :expires_at
|
17
16
|
|
18
17
|
has_many :user_group_memberships
|
@@ -89,12 +88,12 @@ class User < ActiveRecord::Base
|
|
89
88
|
@viewable_sections ||= Section.find(:all, :include => {:groups => :users}, :conditions => ["users.id = ?", id])
|
90
89
|
end
|
91
90
|
|
92
|
-
def
|
93
|
-
@
|
91
|
+
def modifiable_sections
|
92
|
+
@modifiable_sections ||= Section.find(:all, :include => {:groups => [:group_type, :users]}, :conditions => ["users.id = ? and group_types.cms_access = ?", id, true])
|
94
93
|
end
|
95
94
|
|
96
|
-
#Expects a list of names of Permissions
|
97
|
-
#true if the user has any of the permissions
|
95
|
+
# Expects a list of names of Permissions
|
96
|
+
# true if the user has any of the permissions
|
98
97
|
def able_to?(*required_permissions)
|
99
98
|
perms = required_permissions.map(&:to_sym)
|
100
99
|
permissions.any? do |p|
|
@@ -102,24 +101,43 @@ class User < ActiveRecord::Base
|
|
102
101
|
end
|
103
102
|
end
|
104
103
|
|
105
|
-
#Expects object to be an object or a section
|
106
|
-
#If it's a section, that will be used
|
107
|
-
#If it's not a section, it will call section on the object
|
108
|
-
#returns true if any of the sections of the groups the user is in matches the page's section.
|
104
|
+
# Expects object to be an object or a section
|
105
|
+
# If it's a section, that will be used
|
106
|
+
# If it's not a section, it will call section on the object
|
107
|
+
# returns true if any of the sections of the groups the user is in matches the page's section.
|
109
108
|
def able_to_view?(object)
|
110
109
|
section = object.is_a?(Section) ? object : object.section
|
111
|
-
|
110
|
+
viewable_sections.include?(section) || groups.cms_access.count > 0
|
111
|
+
end
|
112
|
+
|
113
|
+
def able_to_modify?(object)
|
114
|
+
case object
|
115
|
+
when Section
|
116
|
+
modifiable_sections.include?(object)
|
117
|
+
when Page, Link
|
118
|
+
modifiable_sections.include?(object.section)
|
119
|
+
else
|
120
|
+
if object.class.respond_to?(:connectable?) && object.class.connectable?
|
121
|
+
object.connected_pages.all? { |page| able_to_modify?(page) }
|
122
|
+
else
|
123
|
+
true
|
124
|
+
end
|
125
|
+
end
|
126
|
+
end
|
127
|
+
|
128
|
+
# Expects node to be a Section, Page or Link
|
129
|
+
# Returns true if the specified node, or any of its ancestor sections, is editable by any of
|
130
|
+
# the user's 'CMS User' groups.
|
131
|
+
def able_to_edit?(object)
|
132
|
+
able_to?(:edit_content) && able_to_modify?(object)
|
112
133
|
end
|
113
134
|
|
114
|
-
|
115
|
-
|
116
|
-
#that the user is in match the section.
|
117
|
-
def able_to_edit?(section)
|
118
|
-
!!(editable_sections.include?(section) && able_to?(:edit_content))
|
135
|
+
def able_to_publish?(object)
|
136
|
+
able_to?(:publish_content) && able_to_modify?(object)
|
119
137
|
end
|
120
138
|
|
121
139
|
def able_to_edit_or_publish_content?
|
122
140
|
able_to?(:edit_content, :publish_content)
|
123
141
|
end
|
124
142
|
|
125
|
-
end
|
143
|
+
end
|
@@ -0,0 +1,27 @@
|
|
1
|
+
class ForgotPasswordPortlet < Portlet
|
2
|
+
require 'digest/sha1'
|
3
|
+
|
4
|
+
def render
|
5
|
+
flash[:forgot_password] = {}
|
6
|
+
|
7
|
+
return unless request.method == :post
|
8
|
+
user = User.find_by_email(params[:email])
|
9
|
+
|
10
|
+
unless user
|
11
|
+
flash[:forgot_password][:error] = "We were unable to verify your account. Please make sure your email address is accurate."
|
12
|
+
return
|
13
|
+
end
|
14
|
+
|
15
|
+
user.reset_token = generate_reset_token
|
16
|
+
if user.save
|
17
|
+
flash[:forgot_password][:notice] = "Your password has been sent to #{params[:email]}"
|
18
|
+
ForgotPasswordMailer.deliver_reset_password(self.reset_password_url + '?token=' + user.reset_token, user.email)
|
19
|
+
end
|
20
|
+
end
|
21
|
+
|
22
|
+
private
|
23
|
+
def generate_reset_token
|
24
|
+
Digest::SHA1.hexdigest(Time.now.to_s.split(//).sort_by {rand}.join)
|
25
|
+
end
|
26
|
+
|
27
|
+
end
|
@@ -0,0 +1,28 @@
|
|
1
|
+
class ResetPasswordPortlet < Portlet
|
2
|
+
|
3
|
+
def render
|
4
|
+
flash[:reset_password] = {}
|
5
|
+
|
6
|
+
unless params[:token]
|
7
|
+
flash[:reset_password][:error] = "No password token given"
|
8
|
+
return
|
9
|
+
end
|
10
|
+
|
11
|
+
@user = User.find_by_reset_token(params[:token])
|
12
|
+
|
13
|
+
unless @user
|
14
|
+
flash[:reset_password][:notice] = "Invalid password token"
|
15
|
+
return
|
16
|
+
end
|
17
|
+
|
18
|
+
if request.method == :post
|
19
|
+
@user.password = params[:password]
|
20
|
+
@user.password_confirmation = params[:password_confirmation]
|
21
|
+
|
22
|
+
if @user.save
|
23
|
+
flash[:reset_password][:notice] = 'Password has been reset'
|
24
|
+
end
|
25
|
+
end
|
26
|
+
end
|
27
|
+
|
28
|
+
end
|
@@ -1,7 +1,7 @@
|
|
1
1
|
<% able_to? :publish_content do -%>
|
2
2
|
<% if @block.respond_to?(:live?) && !@block.live? %>
|
3
3
|
<%= link_to span_tag('Publish'), block_path(:publish),
|
4
|
-
:class => "http_put button left",
|
4
|
+
:class => "http_put button left#{' disabled' unless current_user.able_to_publish?(@block)}",
|
5
5
|
:id => "publish_button" %>
|
6
6
|
<% else %>
|
7
7
|
<%= link_to span_tag('Publish'), "#",
|
@@ -15,7 +15,7 @@
|
|
15
15
|
:id => "view_button" %>
|
16
16
|
|
17
17
|
<%= link_to span_tag('Edit Content'), block_path(:edit),
|
18
|
-
:class => "button right#{ ' off' if action_name == 'edit'}",
|
18
|
+
:class => "button right#{ ' off' if action_name == 'edit'}#{' disabled' unless current_user.able_to_edit?(@block)}",
|
19
19
|
:id => "edit_button" %>
|
20
20
|
|
21
21
|
<%= link_to span_tag("Add New Content"), new_block_path,
|
@@ -33,6 +33,6 @@
|
|
33
33
|
<% end %>
|
34
34
|
|
35
35
|
<%= link_to span_tag("<span class=\"delete_img\"> </span>Delete"), block_path,
|
36
|
-
:class => "http_delete confirm_with_title button",
|
36
|
+
:class => "http_delete confirm_with_title button#{' disabled' unless current_user.able_to_publish?(@block)}",
|
37
37
|
:title => "Are you sure you want to delete '#{@block.name}'?",
|
38
38
|
:id => "delete_button" %>
|
@@ -1,4 +1,5 @@
|
|
1
1
|
<% content_for(:html_head) do %>
|
2
|
+
<%= javascript_include_tag "cms/content_library" %>
|
2
3
|
<% javascript_tag do %>
|
3
4
|
jQuery(function($){
|
4
5
|
var collectionName = '<%= content_type.model_class.name.underscore.pluralize %>'
|
@@ -11,12 +12,14 @@
|
|
11
12
|
var match = this.id.match(/(.*)_(\d+)/)
|
12
13
|
var type = match[1]
|
13
14
|
var id = match[2]
|
15
|
+
var editable = !$(this).hasClass("non-editable")
|
16
|
+
var publishable = !$(this).hasClass("non-publishable")
|
14
17
|
$('table.data tbody tr').removeClass('selected')
|
15
18
|
$(this).addClass('selected')
|
16
19
|
$('#functions .button').addClass('disabled').attr('href','#')
|
17
20
|
$('#add_button').removeClass('disabled').attr('href', '/cms/'+collectionName+'/new')
|
18
21
|
$('#view_button').removeClass('disabled').attr('href', '/cms/'+collectionName+'/'+id)
|
19
|
-
$('#edit_button').removeClass('disabled').attr('href', '/cms/'+collectionName+'/'+id+'/edit')
|
22
|
+
if (editable) $('#edit_button').removeClass('disabled').attr('href', '/cms/'+collectionName+'/'+id+'/edit')
|
20
23
|
<% if content_type.model_class.versioned? %>
|
21
24
|
$('#revisions_button').removeClass('disabled').attr('href', '/cms/'+collectionName+'/'+id+'/versions')
|
22
25
|
<% else %>
|
@@ -28,12 +31,14 @@
|
|
28
31
|
$('#delete_button').addClass('disabled')
|
29
32
|
.attr('title', $.trim(cannot_be_deleted_message.text()))
|
30
33
|
} else {
|
31
|
-
|
32
|
-
|
33
|
-
|
34
|
+
if (publishable) {
|
35
|
+
$('#delete_button').removeClass('disabled')
|
36
|
+
.attr('href', '/cms/'+collectionName+'/'+id)
|
37
|
+
.attr('title', 'Are You Sure You Want To Delete This Record?')
|
38
|
+
}
|
34
39
|
}
|
35
40
|
<% able_to? :publish_content do -%>
|
36
|
-
if($(this).hasClass('draft')) {
|
41
|
+
if($(this).hasClass('draft') && publishable) {
|
37
42
|
$('#publish_button').removeClass('disabled').attr('href', '/cms/'+collectionName+'/'+id+'/publish?_redirect_to='+location.href)
|
38
43
|
}
|
39
44
|
<% end %>
|
@@ -85,7 +90,7 @@
|
|
85
90
|
col_ct += 1 if content_type.model_class.publishable? %>
|
86
91
|
<% @blocks.each do |b| %>
|
87
92
|
<% block = b.class.versioned? ? b.as_of_draft_version : b %>
|
88
|
-
<tr id="<%= block.class.name.underscore %>_<%= block.id %>" class="<%= block.class.name.underscore %> <%= block.class.publishable? && !block.published? ? 'draft' : 'published' %>">
|
93
|
+
<tr id="<%= block.class.name.underscore %>_<%= block.id %>" class="<%= block.class.name.underscore %> <%= block.class.publishable? && !block.published? ? 'draft' : 'published' %> <%= 'non-editable' unless current_user.able_to_edit?(block) %> <%= 'non-publishable' unless current_user.able_to_publish?(block) %>">
|
89
94
|
<td class="first"></td>
|
90
95
|
<% content_type.columns_for_index.each_with_index do |column, i| %>
|
91
96
|
<td class="<%= column[:label].gsub(' ', '').underscore %>">
|
@@ -12,9 +12,9 @@
|
|
12
12
|
<iframe src="<%=h cms_toolbar_path(:page_id => @page.id, :page_version => @page.version, :mode => @mode, :page_toolbar => @show_page_toolbar ? 1 : 0) %>" width="100%" height="<%= @show_page_toolbar ? 159 : 100 %>px" frameborder="0" marginwidth="0" marginheight="0" scrolling="no" name="cms_toolbar"></iframe>
|
13
13
|
<% end %>
|
14
14
|
|
15
|
-
<% @
|
16
|
-
<% content_for(
|
17
|
-
<%=
|
15
|
+
<% @_connectors.each_with_index do |connector, i| %>
|
16
|
+
<% content_for(connector.container.to_sym) do %>
|
17
|
+
<%= render_connector_and_connectable(connector, @_connectables[i]) %>
|
18
18
|
<% end %>
|
19
19
|
<% end %>
|
20
20
|
|
@@ -0,0 +1,9 @@
|
|
1
|
+
<div id="<%= css_id %>" class="<%= css_class %>">
|
2
|
+
<% unless items.empty?
|
3
|
+
%> <ul>
|
4
|
+
<% items.each_with_index do |item, i|
|
5
|
+
%><%= render :partial => "/cms/menus/menu_item", :object => item, :locals => { :depth => 1, :position => i + 1, :item_count => items.length }
|
6
|
+
%><% end
|
7
|
+
%> </ul>
|
8
|
+
<% end
|
9
|
+
%></div>
|
@@ -0,0 +1,11 @@
|
|
1
|
+
<% indent = (depth - 1) * 4
|
2
|
+
%><%= " "*(indent + 4) %><li id="<%= menu_item[:id] %>" class="depth-<%= depth %><%= ' first' if position == 1 %><%= ' last' if position == item_count %><%= ' on' if menu_item[:selected] %><%= ' open' unless menu_item[:children].blank? %>">
|
3
|
+
<%= " "*(indent + 6) %><a href="<%= menu_item[:url] %>"<%= ' target=#{menu_item[:target]}' if menu_item[:target] %>><%= menu_item[:name] %></a>
|
4
|
+
<% unless menu_item[:children].blank?
|
5
|
+
%><%= " "*(indent + 6) %><ul>
|
6
|
+
<% menu_item[:children].each_with_index do |item, i|
|
7
|
+
%><%= render :partial => "/cms/menus/menu_item", :object => item, :locals => { :depth => depth + 1, :position => i + 1, :item_count => menu_item[:children].length }
|
8
|
+
%><% end
|
9
|
+
%><%= " "*(indent + 6) %></ul>
|
10
|
+
<% end
|
11
|
+
%><%= " "*(indent + 4) %></li>
|
@@ -1,4 +1,4 @@
|
|
1
|
-
<div class="cms_edit_connectable" style="display: block; height: auto;
|
1
|
+
<div class="cms_edit_connectable" style="display: block; height: auto; position: relative; border: 1px solid #999; margin: 1px -6px 0 -6px; padding: 25px 5px 0 5px; background: url(/images/cms/containers/beta.png) repeat-x 0 0;">
|
2
2
|
<div style="display: block; width: 100%; position: absolute; top: 5px; left: 5px; height: 30px;">
|
3
3
|
<%= link_to image_tag("cms/pages/show_connectable.gif", :style => "text-decoration: none; padding: 0; background: none; margin: 0; float: none; border: none;"), cms_connectable_path(connectable), :title => "View this content (#{connectable.name})" , :style => "text-decoration: none; padding: 0 2px 0 0; background: none; margin: 0; float: none; border: none;"%>
|
4
4
|
<%= link_to image_tag("cms/pages/edit_connectable.gif", :style => "text-decoration: none; padding: 0; background: none; margin: 0; float: none; border: none;"), edit_cms_connectable_path(connectable, :_redirect_to => @page.path), :title => "Edit this content (#{connectable.name})" , :style => "text-decoration: none; padding: 0 2px 0 0; background: none; margin: 0; float: none; border: none;"%>
|
@@ -1,4 +1,4 @@
|
|
1
|
-
<div class="cms_edit_container" style="height: auto;
|
1
|
+
<div class="cms_edit_container" style="height: auto; background: url(/images/cms/containers/alpha.png) repeat-x 0 0; border: 1px solid #999; margin: -8px 0 0 -8px; padding: 24px 7px 1px 7px; position: relative;">
|
2
2
|
<div style="display: block; width: 100%; position: absolute; top: 5px; left: 5px; height: 30px;">
|
3
3
|
<%= link_to image_tag("cms/pages/add_connectable.gif", :style => "text-decoration: none; padding: 0; background: none; margin: 0; float: none; border: none;"), cms_content_types_path(:connect_to_page_id => @page, :connect_to_container => name), :title => "Add new content to this container (#{name})" , :style => "text-decoration: none; padding: 0 2px 0 0; background: none; margin: 0; float: none; border: none;"%>
|
4
4
|
<%= link_to image_tag("cms/pages/connect_connectable.gif", :style => "text-decoration: none; padding: 0; background: none; margin: 0; float: none; border: none;"), new_cms_connector_path(:page_id => @page, :container => name), :title => "Insert existing content into this container (#{name})" , :style => "text-decoration: none; padding: 0 2px 0 0; background: none; margin: 0; float: none; border: none;"%>
|
@@ -8,7 +8,7 @@
|
|
8
8
|
<table class="section_node <%= node_type %> <%= "movable" if current_user.able_to?(:publish_content) %>" width="100%" cellspacing="0" cellpadding="0">
|
9
9
|
<tr><td colspan="4" class="drop-before"></td></tr>
|
10
10
|
<tr<%= ' class="doubled"' if access_icon && hidden %>>
|
11
|
-
<td id="<%= node_type %>_<%= node.id %>" class="<%= node_type == "section" && node.root? ? 'root' : '' %> <%= node_type %> node">
|
11
|
+
<td id="<%= node_type %>_<%= node.id %>" class="<%= node_type == "section" && node.root? ? 'root' : '' %> <%= node_type %> node <%= 'non-editable' unless current_user.able_to_edit?(node) %>">
|
12
12
|
<%= icon %>
|
13
13
|
<div><%= h(node.name) %></div>
|
14
14
|
</td>
|
@@ -11,46 +11,48 @@
|
|
11
11
|
</div>
|
12
12
|
</div>
|
13
13
|
|
14
|
-
|
15
|
-
<
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
|
27
|
-
|
28
|
-
|
14
|
+
<% able_to?(:administrate) do %>
|
15
|
+
<div class="checkbox_group fields" style="float: left; width: 100%">
|
16
|
+
<label>Public Permissions</label>
|
17
|
+
<%= hidden_field_tag "section[group_ids][]", "", :id => nil %>
|
18
|
+
<div class="checkboxes">
|
19
|
+
<% for group in public_groups %>
|
20
|
+
<div class="checkbox_fields">
|
21
|
+
<%= check_box_tag "section[group_ids][]", group.id,
|
22
|
+
@section.groups.include?(group), :class => "public_group_ids", :id => "public_group_ids_#{group.id}", :tabindex => next_tabindex %>
|
23
|
+
<label for="public_group_ids_<%= group.id %>"><%= group.name %></label>
|
24
|
+
</div>
|
25
|
+
<% end %>
|
26
|
+
<div class="instructions">Which “Public” groups can view pages in this section?</div>
|
27
|
+
<div class="check_uncheck">
|
28
|
+
<%= link_to_check_all 'input.public_group_ids' %>,
|
29
|
+
<%= link_to_uncheck_all 'input.public_group_ids' %>
|
30
|
+
</div>
|
29
31
|
</div>
|
30
32
|
</div>
|
31
|
-
</div>
|
32
33
|
|
33
|
-
<br clear="all" />
|
34
|
+
<br clear="all" />
|
34
35
|
|
35
|
-
<div class="checkbox_group fields" style="float: left; width: 100%">
|
36
|
-
|
37
|
-
|
38
|
-
|
39
|
-
|
40
|
-
|
41
|
-
|
42
|
-
|
43
|
-
|
44
|
-
|
45
|
-
|
46
|
-
|
47
|
-
|
48
|
-
|
49
|
-
|
36
|
+
<div class="checkbox_group fields" style="float: left; width: 100%">
|
37
|
+
<label>CMS Permissions</label>
|
38
|
+
<%= hidden_field_tag "section[group_ids][]", "", :id => nil %>
|
39
|
+
<div class="checkboxes">
|
40
|
+
<% for group in cms_groups %>
|
41
|
+
<div class="checkbox_fields">
|
42
|
+
<%= check_box_tag "section[group_ids][]", group.id,
|
43
|
+
@section.groups.include?(group), :class => "cms_group_ids", :id => "cms_group_ids_#{group.id}", :tabindex => next_tabindex %>
|
44
|
+
<label for="cms_group_ids_<%= group.id %>"><%= group.name %></label>
|
45
|
+
</div>
|
46
|
+
<% end %>
|
47
|
+
<div class="instructions">Which “CMS” groups can edit pages and content in this section?</div>
|
48
|
+
<div class="check_uncheck">
|
49
|
+
<%= link_to_check_all 'input.cms_group_ids' %>,
|
50
|
+
<%= link_to_uncheck_all 'input.cms_group_ids' %>
|
51
|
+
</div>
|
50
52
|
</div>
|
51
53
|
</div>
|
52
|
-
|
53
|
-
|
54
|
+
<br clear="all" />
|
55
|
+
<% end %>
|
54
56
|
|
55
57
|
<div class="buttons">
|
56
58
|
<%= lt_button_wrapper(f.submit("Save", :class => "submit", :tabindex => next_tabindex)) %>
|
@@ -1,10 +1,12 @@
|
|
1
1
|
<% @page_title = @toolbar_title = "Set New Password" %>
|
2
|
-
<%
|
3
|
-
|
4
|
-
|
5
|
-
|
2
|
+
<% able_to? :administrate do %>
|
3
|
+
<% content_for :toolbar_links do %>
|
4
|
+
<%= link_to(span_tag("List All"), url_for(:controller => "users", :action => "index"), :id => "list_all_button", :class => "button") %>
|
5
|
+
<%= link_to(span_tag("Edit User"), url_for(:controller => "users", :action => "edit", :id => @user.id), :id => "edit_user_button", :class => "button") %>
|
6
|
+
<% end %>
|
6
7
|
|
7
|
-
<%= content_for :functions, render(:partial => "toolbar") %>
|
8
|
+
<%= content_for :functions, render(:partial => "toolbar") %>
|
9
|
+
<% end %>
|
8
10
|
|
9
11
|
<% content_for :html_head do %>
|
10
12
|
<%= stylesheet_link_tag('cms/form_layout') %>
|
@@ -16,4 +18,4 @@
|
|
16
18
|
<div class="buttons">
|
17
19
|
<%= lt_button_wrapper(f.submit("Save", :class => "submit")) %>
|
18
20
|
</div>
|
19
|
-
<% end %>
|
21
|
+
<% end %>
|
@@ -26,7 +26,7 @@
|
|
26
26
|
<% @users.each do |user|%>
|
27
27
|
<tr>
|
28
28
|
<td class="first"></td>
|
29
|
-
<td><div class="dividers"><%= link_to "#{user.first_name} #{user.last_name}",
|
29
|
+
<td><div class="dividers"><%= link_to "#{user.first_name} #{user.last_name}", edit_cms_user_path(user) %></div></td>
|
30
30
|
<td><div class="dividers"><%= link_to user.email, "mailto:#{user.email}" %></div></td>
|
31
31
|
<td>
|
32
32
|
<div class="dividers">
|
@@ -0,0 +1,50 @@
|
|
1
|
+
<% @page_title = @toolbar_title = h(@user.login) %>
|
2
|
+
|
3
|
+
<% content_for :toolbar_links do %>
|
4
|
+
<%= link_to(span_tag("List All"), cms_users_path,
|
5
|
+
:id => "list_all_button",
|
6
|
+
:class => "button") if current_user.able_to?(:administrate) %>
|
7
|
+
<%= link_to(span_tag("Change Password"), [:change_password, :cms, @user],
|
8
|
+
:id => "change_password_button",
|
9
|
+
:class => "button") %>
|
10
|
+
<% end %>
|
11
|
+
|
12
|
+
<% content_for :functions do %>
|
13
|
+
<%= render(:partial => "toolbar") %>
|
14
|
+
<% end %>
|
15
|
+
|
16
|
+
<% content_for :html_head do %>
|
17
|
+
<%= stylesheet_link_tag('cms/form_layout') %>
|
18
|
+
<% end %>
|
19
|
+
|
20
|
+
<div class="faux_form">
|
21
|
+
<div class="fields">
|
22
|
+
<span class="label">Username</span>
|
23
|
+
<%=h @user.login %>
|
24
|
+
</div>
|
25
|
+
|
26
|
+
<div class="fields">
|
27
|
+
<span class="label">Email</span>
|
28
|
+
<%=h @user.email %>
|
29
|
+
</div>
|
30
|
+
|
31
|
+
<div class="fields">
|
32
|
+
<span class="label">First name</span>
|
33
|
+
<%=h @user.first_name %>
|
34
|
+
</div>
|
35
|
+
|
36
|
+
<div class="fields">
|
37
|
+
<span class="label">Last name</span>
|
38
|
+
<%=h @user.last_name %>
|
39
|
+
</div>
|
40
|
+
|
41
|
+
<div class="fields">
|
42
|
+
<span class="label">Groups</span>
|
43
|
+
|
44
|
+
<ul>
|
45
|
+
<% @user.groups.each do |group| -%>
|
46
|
+
<li><%= group.name %></li>
|
47
|
+
<% end -%>
|
48
|
+
</ul>
|
49
|
+
</div>
|
50
|
+
</div>
|