zen 0.2.7 → 0.2.8

data/lib/zen/package/sections/lib/sections/view/admin/section-entries/index.xhtml

@@ -2,21 +2,22 @@
     <header>
         <h1>#{get_breadcrumbs}</h1>
     </header>
-    
-    <form method="post" action="#{@form_delete_url}">
+
+    <form method="post"
+    action="#{Sections::Controller::SectionEntries.r(:delete)}">
         <input type="hidden" name="csrf_token" value="#{get_csrf_token}" />
-        
-        <?r if @entries and !@entries.empty? ?>
-        
-        <table class="table">
+
+        <?r if !@entries.empty? ?>
+
+        <table>
             <thead>
                 <tr>
                     <?r if user_authorized?([:delete]) ?>
-                    <th>
+                    <th class="no_sort">
                         <input type="checkbox" />
                     </th>
                     <?r end ?>
-                    
+
                     <th>#{lang('section_entries.labels.id')}</th>
                     <th>#{lang('section_entries.labels.title')}</th>
                     <th>#{lang('section_entries.labels.slug')}</th>
@@ -30,59 +31,66 @@
                 <tr>
                     <?r if user_authorized?([:delete]) ?>
                     <td>
-                        <input type="checkbox" name="section_entry_ids[]" value="#{entry.id}" />
+                        <input type="checkbox" name="section_entry_ids[]"
+                        value="#{entry.id}" />
                     </td>
                     <?r end ?>
-                    
+
                     <td>#{entry.id}</td>
-                    
+
                     <?r if user_authorized?([:update]) ?>
                     <td>
-                        #{anchor_to(
-                          entry.title, 
-                          Sections::Controller::SectionEntries.r(:edit, @section_id, entry.id)
+                        #{Sections::Controller::SectionEntries.a(
+                          entry.title, :edit, @section_id, entry.id
                         )}
                     </td>
                     <?r else ?>
                     <td>#{entry.title}</td>
                     <?r end ?>
-                    
+
                     <td>#{entry.slug}</td>
-                    <td>#{@status_hash[entry.status]}</td>
-                    <td>#{entry.created_at.strftime(session[:user].date_format)}</td>
                     <td>
-                        #{
-                          if entry.updated_at
+                        #{lang(
+                        "section_entries.special.status_hash.#{entry. \
+                          section_entry_status.name}"
+                        )}
+                    </td>
+                    <td>
+                        #{entry.created_at.strftime(session[:user].date_format)}
+                    </td>
+                    <td>
+                        #{if entry.updated_at
                             entry.updated_at.strftime(session[:user].date_format)
-                          end
-                        }
+                          end}
                     </td>
                 </tr>
                 <?r end ?>
             </tbody>
         </table>
-        
+
+        #{
+        if @entries.respond_to?(:navigation) and @entries.page_count > 1
+          @entries.navigation
+        end
+        }
+
         <?r else ?>
         <p>#{lang('section_entries.messages.no_entries')}</p>
         <?r end ?>
-        
-        <div class="clearfix">
-            
-            <?r if user_authorized?([:create]) ?>
-            <div class="button">
-                #{anchor_to(
-                  lang('section_entries.buttons.new'), 
-                  Sections::Controller::SectionEntries.r(:new, @section_id)
-                )}
-            </div>
-            <?r end ?>
-            
-            <?r if user_authorized?([:delete]) and @entries and !@entries.empty? ?>
-            <div class="button">
-                <input type="submit" value="#{lang('section_entries.buttons.delete')}" />
-            </div>
-            <?r end ?>
+
+        <?r if user_authorized?([:create]) ?>
+        <div class="button">
+            #{Sections::Controller::SectionEntries.a(
+              lang('section_entries.buttons.new'), :new, @section_id
+            )}
+        </div>
+        <?r end ?>
+
+        <?r if user_authorized?([:delete]) and !@entries.empty? ?>
+        <div class="button">
+            <input type="submit"
+            value="#{lang('section_entries.buttons.delete')}" />
         </div>
+        <?r end ?>
     </form>
-    
 </article>

data/lib/zen/package/sections/migrations/1308672298_use_id_for_default_section.rb

@@ -0,0 +1,40 @@
+Sequel.migration do
+  # Updates the database with the changes specified in the block.
+  up do
+    # Make sure the settings table has been migrated
+    ::Zen::Plugin.plugin(:settings, :migrate)
+
+    if !Zen.database[:sections].all.empty?
+      default_section = Zen.database[:settings] \
+        .filter(:name => 'default_section') \
+        .all[0][:value]
+
+      default_section = Zen.database[:sections] \
+        .filter(:slug => default_section) \
+        .all[0][:id]
+
+      # Change the slug to an ID
+      Zen.database[:settings].filter(:name => 'default_section') \
+        .update(:value => default_section)
+    end
+  end
+
+  # Reverts the changes made in the up() block.
+  down do
+    default_section = Zen.database[:settings] \
+      .filter(:name => 'default_section') \
+      .all[0][:value]
+
+    section = Zen.database[:sections] \
+      .filter(:id => default_section) \
+      .all[0]
+
+    if !section.nil?
+      default_section = section[:slug]
+
+      # Change the ID back to a slug
+      Zen.database[:settings].filter(:name => 'default_section') \
+        .update(:value => default_section)
+    end
+  end
+end

data/lib/zen/package/sections/migrations/1308813320_section_entry_statuses.rb

@@ -0,0 +1,58 @@
+Sequel.migration do
+  # Updates the database with the changes specified in the block.
+  up do
+    create_table(:section_entry_statuses) do
+      primary_key :id
+
+      String :name, :null => false, :unique => true
+    end
+
+    # Get all existing entries
+    entries = Zen.database[:section_entries].all
+
+    # Replace the status column
+    drop_column(:section_entries, :status)
+
+    alter_table(:section_entries) do
+      add_foreign_key(
+        :section_entry_status_id, 
+        :section_entry_statuses, 
+        :on_delete => :cascade,
+        :on_update => :cascade,
+        :key       => :id
+      )
+    end
+
+    # Insert the statuses and migrate the existing entries
+    ['published', 'draft'].each do |status|
+      status_id = Zen.database[:section_entry_statuses].insert(:name => status)
+
+      entries.each do |entry|
+        if entry[:status] === status
+          Zen.database[:section_entries].filter(:id => entry[:id]) \
+            .update(:section_entry_status_id => status_id)
+        end
+      end
+    end
+  end
+  
+  # Reverts the changes made in the up() block.
+  down do
+    statuses = {}
+    entries  = Zen.database[:section_entries].all
+
+    Zen.database[:section_entry_statuses].all.each do |status|
+      statuses[status[:id]] = status[:name]
+    end
+
+    drop_column(:section_entries, :section_entry_status_id)
+    add_column(:section_entries, :status, String, :default => 'draft')
+
+    entries.each do |entry|
+      Zen.database.filter(:id => entry[:id]) \
+        .update(:status => statuses[entry[:section_entry_status_id]])
+    end
+
+    drop_table(:section_entry_statuses)
+  end
+end

data/lib/zen/package/settings/lib/settings/controller/settings.rb

@@ -15,7 +15,7 @@ module Settings
       map '/admin/settings'
 
       # Load all required Javascript files
-      javascript ['zen/tabs']
+      javascript ['zen/lib/tabs']
 
       before_all do
         csrf_protection(:save, :delete) do
@@ -60,9 +60,7 @@ module Settings
       # @since  0.1
       #
       def index
-        if !user_authorized?([:read, :update])
-          respond(lang('zen_general.errors.not_authorized'), 403)
-        end
+        require_permissions(:read, :update)
 
         set_breadcrumbs(lang('settings.titles.index'))
 
@@ -71,7 +69,8 @@ module Settings
 
         # Organize the settings so that each item is a child
         # item of it's group.
-        ::Settings::Plugin::Settings::Registered[:settings].each do |name, setting|
+        ::Settings::Plugin::Settings::Registered[:settings].each \
+        do |name, setting|
           if !@settings_ordered.key?(setting.group)
             @settings_ordered[setting.group] = []
           end
@@ -93,9 +92,7 @@ module Settings
       # @since  0.1
       #
       def save
-        if !user_authorized?([:update])
-          respond(lang('zen_general.errors.not_authorized'), 403)
-        end
+        require_permissions(:update)
 
         post = request.params.dup
         post.delete('csrf_token')

data/lib/zen/package/settings/lib/settings/model/setting.rb

@@ -3,48 +3,13 @@ module Settings
   #:nodoc:
   module Model
     ##
-    # Model that represents a single setting. This model is also used to retrieve
-    # all possible values for a certain settngs. This is done by calling a method
-    # that matches the format get_SETTING-NAME_values. For example, a setting named "theme"
-    # would result in a call to Settings::Model::Setting#get_theme_values.
-    #
-    # In order to add new method you'll have to monkey patch this model as following:
-    #
-    #     class Setting < Sequel::Model
-    #       def self.get_my_setting_values
-    #         # Do something and return it...
-    #       end
-    #     end
+    # Model that represents a single setting.
     #
     # @author Yorick Peterse
     # @since  0.1
-    # @todo   Monkey patching a model in order to get possible values isn't the nicest way
-    # of solving this problem but it does allow for extra flexibility. It might be a good
-    # idea to refactor this and put it in it's own class/plugin/whatever.
     #
     class Setting < Sequel::Model
-      ##
-      # Retrieves all settings and returns them as a key/value hash.
-      #
-      # @author Yorick Peterse
-      # @since  0.1
-      # @return [Hash] key/value hash containing all settings and their values.
-      #
-      def self.get_settings
-        settings = {}
-        
-        self.all.each do |s|
-          if s.value.nil?
-            value = s.default
-          else
-            value = s.value
-          end
-          
-          settings[s.name.to_sym] = value
-        end
-        
-        return settings
-      end
+
     end # Setting
   end # Model
 end # Settings

data/lib/zen/package/settings/lib/settings/plugin/setting_base.rb

@@ -37,7 +37,7 @@ module Settings
       attr_accessor :type
       
       # The possible values for the setting
-      attr_accessor :values
+      attr_writer :values
       
       # The default value of the setting
       attr_accessor :default
@@ -111,6 +111,23 @@ module Settings
 
         return val
       end
+
+      ##
+      # Retrieves the possible values for the setting. If the value is a Proc or Lambda 
+      # (or anything else that responds to call()) it will be called and it's return 
+      # value is used.
+      # 
+      # @author Yorick Peterse
+      # @since  0.2.8
+      # @return [Mixed]
+      #
+      def values
+        if @values.respond_to?(:call)
+          return @values.call
+        else
+          return @values
+        end
+      end
     end # SettingBase
   end # Plugin
 end # Settings

data/lib/zen/package/settings/lib/settings/plugin/settings.rb

@@ -206,16 +206,22 @@ module Settings
           name = name.to_s
 
           if !settings.include?(name)
-            # Insert the new setting
-            Setting.new(
-              :name    => setting.name   , :group => setting.group,
-              :default => setting.default, :type  => setting.type
-            ).save
+            # For some reason using the Settings model generates nil errors 
+            # when this method is called from a migration so we'll insert them
+            # the non-model way.
+            Zen.database[:settings].insert(
+              :name    => setting.name,
+              :group   => setting.group,
+              :default => setting.default,
+              :type    => setting.type
+            )
 
           # Update everything but the value
           else
-            Setting.filter[:name => setting.name].update(
-              :group => setting.group, :default => setting.default, :type => setting.type
+            Zen.database[:settings].filter[:name => setting.name].update(
+              :group   => setting.group, 
+              :default => setting.default, 
+              :type    => setting.type
             )
           end
         end

data/lib/zen/package/settings/lib/settings/view/admin/settings/index.xhtml

@@ -14,7 +14,8 @@
     </div>
  
     #{
-    form_for(@settings_ordered, :method => :post, :action => @form_save_url, :id => :setting_form) do |f|
+    form_for(@settings_ordered, :method => :post, :action => @form_save_url, 
+    :id => :setting_form) do |f|
       f.input_hidden(:csrf_token, get_csrf_token)
 
       @settings_ordered.each do |group, items|

data/lib/zen/package/users/lib/users.rb

@@ -1,3 +1,5 @@
+Ramaze::HelpersHelper.options.paths.push(__DIR__('users'))
+
 require __DIR__('users/model/user')
 require __DIR__('users/model/user_group')
 require __DIR__('users/model/access_rule')
@@ -28,7 +30,7 @@ authorization."
     :title    => lang('users.titles.index'),
     :url      => 'admin/users',
     :children => [
-      {:title => lang('user_groups.titles.index') , :url => 'admin/user-groups' },
+      {:title => lang('user_groups.titles.index') , :url => 'admin/user-groups'},
       {:title => lang('access_rules.titles.index'), :url => 'admin/access-rules'}
     ]
   }]

data/lib/zen/package/users/lib/users/controller/access_rules.rb

@@ -3,8 +3,8 @@ module Users
   #:nodoc:
   module Controller
     ##
-    # Controller for managing access rules. Each access rule can be used to specify
-    # whether or not a user can edit or create something.
+    # Controller for managing access rules. Each access rule can be used to
+    # specify whether or not a user can edit or create something.
     #
     # The following permissions are available:
     #
@@ -19,9 +19,13 @@ module Users
     class AccessRules < Zen::Controller::AdminController
       include ::Users::Model
 
-      map('/admin/access-rules')
+      helper :users
+      map    '/admin/access-rules'
 
-      javascript ['users/access_rules']
+      javascript(
+        ['users/lib/access_rules', 'users/access_rules'],
+        :method => [:edit, :new]
+      )
 
       before_all do
         csrf_protection(:save, :delete) do
@@ -42,10 +46,6 @@ module Users
       def initialize
         super
 
-        @form_save_url   = AccessRules.r(:save)
-        @form_delete_url = AccessRules.r(:delete)
-        @rules_lang      = Zen::Language.load('access_rules')
-
         # Set the page title
         if !action.method.nil?
           method      = action.method.to_sym
@@ -56,32 +56,16 @@ module Users
           lang('access_rules.labels.user')       => 'div_user_id',
           lang('access_rules.labels.user_group') => 'div_user_group_id'
         }
-      end
 
-      ##
-      # Show an overview of all access rules and allow the current user
-      # to manage these groups.
-      #
-      # This method requires the following permissions:
-      #
-      # * read
-      #
-      # @author Yorick Peterse
-      # @since  0.1
-      #
-      def index
-        if !user_authorized?([:read])
-          respond(lang('zen_general.errors.not_authorized'), 403)
-        end
-
-        set_breadcrumbs(lang('access_rules.titles.index'))
-
-        @access_rules = AccessRule.all
+        @boolean_hash = {
+          true  => lang('zen_general.special.boolean_hash.true'),
+          false => lang('zen_general.special.boolean_hash.false')
+        }
       end
 
       ##
-      # Hook that's executed before the edit and new method. This hook is used to
-      # pre-process some data used in the form.
+      # Hook that's executed before the edit and new method. This hook is used
+      # to pre-process some data used in the form.
       #
       # @author Yorick Peterse
       # @since  0.2.5
@@ -100,7 +84,9 @@ module Users
         ::Zen::Package::Registered.each do |name, pkg|
           name                      = name.to_s
           @form_packages[name]      = name
-          @form_controllers[name] ||= {lang('access_rules.labels.all_controllers') => '*'}
+          @form_controllers[name] ||= {
+            lang('access_rules.labels.all_controllers') => '*'
+          }
 
           pkg.controllers.each do |key, value|
             @form_controllers[name][key] = value.to_s
@@ -112,6 +98,25 @@ module Users
         end
       end
 
+      ##
+      # Show an overview of all access rules and allow the current user
+      # to manage these groups.
+      #
+      # This method requires the following permissions:
+      #
+      # * read
+      #
+      # @author Yorick Peterse
+      # @since  0.1
+      #
+      def index
+        require_permissions(:read)
+
+        set_breadcrumbs(lang('access_rules.titles.index'))
+
+        @access_rules = paginate(AccessRule)
+      end
+
       ##
       # Edit an existing access rule.
       #
@@ -121,24 +126,24 @@ module Users
       # * update
       #
       # @author Yorick Peterse
-      # @param  [Integer] id The ID of the access rule to edit.
+      # @param  [Fixnum] id The ID of the access rule to edit.
       # @since  0.1
       #
       def edit(id)
-        if !user_authorized?([:read, :update])
-          respond(lang('zen_general.errors.not_authorized'), 403)
-        end
+        require_permissions(:read, :update)
 
         set_breadcrumbs(
-          anchor_to(lang('access_rules.titles.index'), AccessRules.r(:index)),
+          AccessRules.a(lang('access_rules.titles.index'), :index),
           lang('access_rules.titles.edit')
         )
 
         if flash[:form_data]
           @access_rule = flash[:form_data]
         else
-          @access_rule = AccessRule[id]
+          @access_rule = validate_access_rule(id)
         end
+
+        render_view(:form)
       end
 
       ##
@@ -147,26 +152,27 @@ module Users
       # This method requires the following permissions:
       #
       # * read
-      # * create§
+      # * create
       #
       # @author Yorick Peterse
       # @since  0.1
       #
       def new
-        if !user_authorized?([:read, :create])
-          respond(lang('zen_general.errors.not_authorized'), 403)
-        end
+        require_permissions(:read, :create)
 
         set_breadcrumbs(
-          anchor_to(lang('access_rules.titles.index'), AccessRules.r(:index)),
+          AccessRules.a(lang('access_rules.titles.index'), :index),
           lang('access_rules.titles.new')
         )
 
         @access_rule = AccessRule.new
+
+        render_view(:form)
       end
 
       ##
-      # Saves or creates a new access rule based on the POST data and a field named 'id'.
+      # Saves or creates a new access rule based on the POST data and a field
+      # named 'id'.
       #
       # This method requires the following permissions:
       #
@@ -177,13 +183,17 @@ module Users
       # @since  0.1
       #
       def save
-        if !user_authorized?([:create, :update])
-          respond(lang('zen_general.errors.not_authorized'), 403)
-        end
-
         post = request.subset(
-          :id, :package, :read_access, :create_access, :update_access, :delete_access,
-          :user_id, :user_group_id, :controller, :rule_applies
+          :id,
+          :package,
+          :read_access,
+          :create_access,
+          :update_access,
+          :delete_access,
+          :user_id,
+          :user_group_id,
+          :controller,
+          :rule_applies
         )
 
         if post['rule_applies'] === 'div_user_id'
@@ -193,10 +203,14 @@ module Users
         end
 
         if post['id'] and !post['id'].empty?
-          @access_rule = AccessRule[post['id']]
+          require_permissions(:update)
+
+          access_rule = validate_access_rule(post['id'])
           save_action = :save
         else
-          @access_rule = AccessRule.new
+          require_permissions(:create)
+
+          access_rule = AccessRule.new
           save_action = :new
         end
 
@@ -207,7 +221,7 @@ module Users
         flash_error   = lang("access_rules.errors.#{save_action}")
 
         begin
-          @access_rule.update(post)
+          access_rule.update(post)
 
           # Flush the existing rules from the session
           session.delete(:access_rules)
@@ -216,12 +230,14 @@ module Users
           Ramaze::Log.error(e.inspect)
           message(:error, flash_error)
 
-          flash[:form_data]   = @access_rule
-          flash[:form_errors] = @access_rule.errors
+          flash[:form_data]   = access_rule
+          flash[:form_errors] = access_rule.errors
+
+          redirect_referrer
         end
 
-        if @access_rule.id
-          redirect(AccessRules.r(:edit, @access_rule.id))
+        if access_rule.id
+          redirect(AccessRules.r(:edit, access_rule.id))
         else
           redirect_referrer
         end
@@ -238,11 +254,10 @@ module Users
       # @since  0.1
       #
       def delete
-        if !user_authorized?([:delete])
-          respond(lang('zen_general.errors.not_authorized'), 403)
-        end
+        require_permissions(:delete)
 
-        if !request.params['access_rule_ids'] or request.params['access_rule_ids'].empty?
+        if !request.params['access_rule_ids'] \
+        or request.params['access_rule_ids'].empty?
           message(:error, lang('access_rules.errors.no_delete'))
           redirect_referrer
         end
@@ -257,6 +272,8 @@ module Users
           rescue => e
             Ramaze::Log.error(e.inspect)
             message(:error, lang('access_rules.errors.delete') % id)
+
+            redirect_referrer
           end
         end