zena 0.15.2 → 0.16.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (284) hide show
  1. data/.gitignore +20 -0
  2. data/CREDITS +27 -0
  3. data/Capfile +3 -0
  4. data/DEVELOPERS +46 -0
  5. data/History.txt +15 -0
  6. data/MIT-LICENSE +19 -0
  7. data/Rakefile +44 -0
  8. data/TODO +24 -0
  9. data/TODO_ZENA_1_0 +23 -0
  10. data/app/controllers/application_controller.rb +3 -0
  11. data/app/controllers/documents_controller.rb +22 -56
  12. data/app/controllers/nodes_controller.rb +42 -27
  13. data/app/controllers/pings_controller.rb +19 -0
  14. data/app/controllers/relations_controller.rb +5 -1
  15. data/app/controllers/sites_controller.rb +1 -46
  16. data/app/controllers/user_sessions_controller.rb +47 -0
  17. data/app/controllers/users_controller.rb +1 -0
  18. data/app/controllers/versions_controller.rb +25 -7
  19. data/app/controllers/virtual_classes_controller.rb +1 -1
  20. data/app/helpers/application_helper.rb +1 -1
  21. data/app/models/comment.rb +2 -1
  22. data/app/models/contact_content.rb +2 -2
  23. data/app/models/data_entry.rb +5 -6
  24. data/app/models/document.rb +14 -10
  25. data/app/models/document_content.rb +4 -6
  26. data/app/models/iformat.rb +2 -2
  27. data/app/models/image_content.rb +6 -9
  28. data/app/models/node.rb +106 -164
  29. data/app/models/page.rb +0 -20
  30. data/app/models/site.rb +42 -12
  31. data/app/models/template.rb +3 -8
  32. data/app/models/template_content.rb +2 -0
  33. data/app/models/text_document.rb +13 -8
  34. data/app/models/user.rb +47 -100
  35. data/app/models/user_session.rb +4 -0
  36. data/app/models/version.rb +1 -1
  37. data/app/views/comments/create.rjs +3 -3
  38. data/app/views/comments/edit.rjs +1 -1
  39. data/app/views/comments/update.rjs +1 -1
  40. data/app/views/nodes/_import_results.rhtml +1 -1
  41. data/app/views/nodes/create.rjs +3 -3
  42. data/app/views/templates/document_create_tabs/_file.rhtml +1 -2
  43. data/app/views/templates/document_create_tabs/_import.rhtml +7 -2
  44. data/app/views/templates/edit_tabs/_document.rhtml +1 -3
  45. data/app/views/templates/edit_tabs/_image.rhtml +1 -3
  46. data/app/views/versions/_tr.rhtml +1 -1
  47. data/app/views/versions/edit.rhtml +2 -26
  48. data/bin/zena +6 -1
  49. data/bricks/delayed_job/README +18 -0
  50. data/bricks/delayed_job/migrate/20091104191643_create_delayed_jobs_table.rb +19 -0
  51. data/bricks/delayed_job/misc/init.rb +8 -0
  52. data/bricks/delayed_job/misc/tasks.rb +2 -0
  53. data/bricks/math/patch/application_helper.rb +1 -1
  54. data/bricks/sphinx/MIT-LICENSE +19 -0
  55. data/bricks/sphinx/README +19 -0
  56. data/bricks/sphinx/lib/use_sphinx.rb +78 -0
  57. data/bricks/sphinx/migrate/20091102171258_add_delta_for_sphinx.rb +9 -0
  58. data/bricks/sphinx/misc/deploy.rb +20 -0
  59. data/bricks/sphinx/misc/sphinx.yml +12 -0
  60. data/bricks/sphinx/misc/tasks.rb +21 -0
  61. data/bricks/sphinx/patch/node.rb +8 -0
  62. data/bricks/tags/lib/has_tags.rb +5 -3
  63. data/bricks/tags/test/zafu/tags.yml +13 -1
  64. data/config/bricks.yml +35 -0
  65. data/config/deploy.rb +8 -1
  66. data/config/environment.rb +1 -1
  67. data/config/environments/production.rb +1 -1
  68. data/config/gems.yml +28 -5
  69. data/config/sphinx.yml +12 -0
  70. data/db/init/base/skins/default/Node-+popupLayout.zafu +1 -16
  71. data/db/migrate/20091026161708_add_persistence_token.rb +13 -0
  72. data/db/migrate/20091101184952_add_session_table.rb +16 -0
  73. data/db/migrate/20091123175137_add_single_access_token.rb +9 -0
  74. data/db/migrate/20091124161608_rebuild_fullpath.rb +11 -0
  75. data/db/schema.rb +21 -8
  76. data/doc/README_FOR_APP +24 -0
  77. data/doc/fixtures.graffle +19568 -0
  78. data/doc/fixtures.pdf +0 -0
  79. data/doc/template/LICENSE +184 -0
  80. data/doc/template/README +37 -0
  81. data/doc/template/allison.css +283 -0
  82. data/doc/template/allison.js +307 -0
  83. data/doc/template/allison.rb +260 -0
  84. data/doc/template/cache/BODY +588 -0
  85. data/doc/template/cache/CLASS_INDEX +4 -0
  86. data/doc/template/cache/CLASS_PAGE +1 -0
  87. data/doc/template/cache/FILE_INDEX +4 -0
  88. data/doc/template/cache/FILE_PAGE +1 -0
  89. data/doc/template/cache/FONTS +1 -0
  90. data/doc/template/cache/FR_INDEX_BODY +1 -0
  91. data/doc/template/cache/IMGPATH +1 -0
  92. data/doc/template/cache/INDEX +1 -0
  93. data/doc/template/cache/JAVASCRIPT +307 -0
  94. data/doc/template/cache/METHOD_INDEX +4 -0
  95. data/doc/template/cache/METHOD_LIST +1 -0
  96. data/doc/template/cache/SRC_PAGE +1 -0
  97. data/doc/template/cache/STYLE +283 -0
  98. data/doc/template/cache/URL +1 -0
  99. data/doc/zafu_changes.yml +29 -0
  100. data/lib/base_additions.rb +1 -1
  101. data/lib/bricks.rb +9 -0
  102. data/lib/bricks/loader.rb +86 -0
  103. data/lib/bricks/requirements_validation.rb +71 -0
  104. data/lib/tasks/zena.rake +42 -4
  105. data/lib/zafu/action.rb +285 -0
  106. data/lib/zafu/ajax.rb +93 -0
  107. data/lib/zafu/attributes.rb +117 -0
  108. data/lib/zafu/calendar.rb +159 -0
  109. data/lib/zafu/context.rb +330 -0
  110. data/lib/zafu/core/html.rb +102 -0
  111. data/lib/zafu/core/move_to_parser.rb +167 -0
  112. data/lib/zafu/dates.rb +58 -0
  113. data/lib/zafu/display.rb +502 -0
  114. data/lib/zafu/eval.rb +66 -0
  115. data/lib/zafu/experimental.rb +66 -0
  116. data/lib/zafu/i18n.rb +64 -0
  117. data/lib/zafu/meta.rb +25 -0
  118. data/lib/zafu/refactor.rb +73 -0
  119. data/lib/zafu/support/context.rb +265 -0
  120. data/lib/zafu/support/dom.rb +145 -0
  121. data/lib/zafu/support/erb.rb +62 -0
  122. data/lib/zafu/support/flow.rb +401 -0
  123. data/lib/zafu/support/forms.rb +461 -0
  124. data/lib/zafu/support/links.rb +306 -0
  125. data/lib/zafu_parser.rb +26 -2
  126. data/lib/zena.rb +34 -15
  127. data/lib/zena/acts/multiversion.rb +2 -2
  128. data/lib/zena/acts/secure.rb +41 -30
  129. data/lib/zena/app.rb +7 -10
  130. data/lib/zena/controller/test_case.rb +12 -7
  131. data/lib/zena/crypto_provider/initial.rb +15 -0
  132. data/lib/zena/db.rb +6 -1
  133. data/lib/zena/deploy.rb +34 -6
  134. data/lib/zena/deploy/logrotate_app.rhtml +9 -0
  135. data/lib/zena/deploy/logrotate_host.rhtml +34 -0
  136. data/lib/zena/deploy/template.rb +1 -9
  137. data/lib/zena/foxy_parser.rb +1 -1
  138. data/lib/zena/info.rb +3 -1
  139. data/lib/zena/migrator.rb +1 -1
  140. data/lib/zena/parser.rb +12 -4
  141. data/lib/zena/parser/zazen_rules.rb +6 -6
  142. data/lib/zena/parser/zena_rules.rb +1 -7
  143. data/lib/zena/routes.rb +5 -5
  144. data/lib/zena/test_controller.rb +7 -2
  145. data/lib/zena/unit/test_case.rb +6 -8
  146. data/lib/zena/use/ajax.rb +10 -10
  147. data/lib/zena/use/authlogic.rb +93 -0
  148. data/lib/zena/use/dyn_attributes.rb +5 -0
  149. data/lib/zena/use/html_tags.rb +16 -34
  150. data/lib/zena/use/i18n.rb +4 -1
  151. data/lib/zena/use/node_query_finders.rb +8 -4
  152. data/lib/zena/use/refactor.rb +8 -20
  153. data/lib/zena/use/relations.rb +1 -0
  154. data/lib/zena/use/rendering.rb +4 -2
  155. data/lib/zena/use/search.rb +52 -0
  156. data/lib/zena/use/test_helper.rb +27 -28
  157. data/lib/zena/use/upload.rb +188 -0
  158. data/lib/zena/use/urls.rb +16 -14
  159. data/lib/zena/use/zafu.rb +16 -63
  160. data/lib/zena/use/zazen.rb +8 -8
  161. data/lib/zena/view/test_case.rb +8 -4
  162. data/locale/en/LC_MESSAGES/zena.mo +0 -0
  163. data/locale/en/zena.po +3 -3
  164. data/public/.htaccess +40 -0
  165. data/public/javascripts/upload-progress.js +17 -8
  166. data/public/javascripts/zena.js +8 -2
  167. data/public/stylesheets/popup.css +1 -0
  168. data/script/about +3 -0
  169. data/script/apache_logging +25 -0
  170. data/script/breakpointer +3 -0
  171. data/script/console +3 -0
  172. data/script/dbconsole +3 -0
  173. data/script/destroy +3 -0
  174. data/script/generate +3 -0
  175. data/script/performance/benchmarker +3 -0
  176. data/script/performance/profiler +3 -0
  177. data/script/plugin +3 -0
  178. data/script/process/inspector +3 -0
  179. data/script/process/reaper +3 -0
  180. data/script/process/spawner +3 -0
  181. data/script/runner +3 -0
  182. data/script/server +3 -0
  183. data/script/set_revision +29 -0
  184. data/spec/controllers/versions_controller_spec.rb +11 -0
  185. data/test/fixtures/files/Node-test.zafu +1 -1
  186. data/test/functional/nodes_controller_test.rb +25 -0
  187. data/test/functional/pings_controller_test.rb +8 -0
  188. data/test/functional/user_sessions_controller_test.rb +59 -0
  189. data/test/functional/users_controller_test.rb +81 -19
  190. data/test/helpers/node_query/filters.yml +5 -0
  191. data/test/helpers/node_query_test.rb +3 -3
  192. data/test/integration/multiple_hosts_test.rb +1 -1
  193. data/test/integration/navigation_test.rb +1 -1
  194. data/test/sites/complex/users.yml +1 -1
  195. data/test/sites/ocean/users.yml +3 -3
  196. data/test/sites/zena/users.yml +5 -4
  197. data/test/test_zena.rb +38 -38
  198. data/test/unit/cached_page_test.rb +2 -2
  199. data/test/unit/comment_test.rb +0 -1
  200. data/test/unit/document_test.rb +23 -11
  201. data/test/unit/helpers/ping_helper_test.rb +4 -0
  202. data/test/unit/multiversion_test.rb +24 -16
  203. data/test/unit/node_test.rb +32 -93
  204. data/test/unit/note_test.rb +9 -0
  205. data/test/unit/page_test.rb +2 -2
  206. data/test/unit/secure_test.rb +2 -12
  207. data/test/unit/site_test.rb +43 -24
  208. data/test/unit/template_test.rb +45 -3
  209. data/test/unit/text_document_test.rb +4 -3
  210. data/test/unit/user_test.rb +13 -33
  211. data/test/unit/zena/db_test.rb +8 -0
  212. data/test/unit/zena/parser/zazen.yml +4 -4
  213. data/test/unit/zena/use/dates_view_methods_test.rb +2 -1
  214. data/test/unit/zena/use/html_tags_test.rb +12 -4
  215. data/test/unit/zena/use/refactor_test.rb +4 -3
  216. data/test/unit/zena/use/rendering_test.rb +1 -0
  217. data/test/unit/zena/use/upload_test.rb +76 -0
  218. data/test/unit/zena/use/urls_test.rb +4 -0
  219. data/test/unit/zena/use/zafu_test.rb +8 -0
  220. data/test/unit/zena/workflow/status_version_test.rb +6 -0
  221. data/test/unit/zena/zena_tags/ajax.yml +4 -4
  222. data/test/unit/zena/zena_tags/basic.yml +21 -10
  223. data/test/unit/zena/zena_tags/relations.yml +0 -6
  224. data/test/unit/zena/zena_tags/rubyless.yml +35 -0
  225. data/test/unit/zena/zena_tags/zazen.yml +4 -4
  226. data/test/unit/zena/zena_tags_test.rb +36 -4
  227. data/vendor/TextMate/Zena.tmbundle/Commands/Run all yaml tests.tmCommand +1 -1
  228. data/vendor/TextMate/Zena.tmbundle/Commands/Run focused yaml test.tmCommand +2 -3
  229. data/vendor/TextMate/Zena.tmbundle/Support/RubyMate/catch_exception.rb +39 -0
  230. data/vendor/TextMate/Zena.tmbundle/Support/RubyMate/run_script.rb +102 -58
  231. data/vendor/TextMate/Zena.tmbundle/Support/RubyMate/stdin_dialog.rb +14 -0
  232. data/vendor/TextMate/Zena.tmbundle/info.plist +2 -0
  233. data/zena.gemspec +2085 -0
  234. metadata +265 -90
  235. data/app/controllers/sessions_controller.rb +0 -41
  236. data/app/views/sites/zena_up.html.erb +0 -11
  237. data/config/database.yml +0 -40
  238. data/db/production.sqlite3 +0 -0
  239. data/lib/bricks/patcher.rb +0 -68
  240. data/lib/zena/parser/zena_tags.rb +0 -3562
  241. data/lib/zena/use/authentification.rb +0 -120
  242. data/public/images/ext/contact_pv.png +0 -0
  243. data/public/images/ext/other_pv.png +0 -0
  244. data/public/images/ext/page_pv.png +0 -0
  245. data/public/images/ext/page_tiny.png +0 -0
  246. data/public/images/ext/pdf_pv.png +0 -0
  247. data/public/images/ext/post_pv.png +0 -0
  248. data/public/images/ext/post_tiny.png +0 -0
  249. data/public/images/ext/project_pv.png +0 -0
  250. data/public/images/ext/project_tiny.png +0 -0
  251. data/public/images/ext/tag_pv.png +0 -0
  252. data/public/images/ext/zip_pv.png +0 -0
  253. data/tasks/ann.rake +0 -80
  254. data/tasks/bones.rake +0 -20
  255. data/tasks/gem.rake +0 -201
  256. data/tasks/git.rake +0 -40
  257. data/tasks/notes.rake +0 -27
  258. data/tasks/post_load.rake +0 -34
  259. data/tasks/rdoc.rake +0 -51
  260. data/tasks/rubyforge.rake +0 -55
  261. data/tasks/setup.rb +0 -292
  262. data/tasks/spec.rake +0 -54
  263. data/tasks/svn.rake +0 -47
  264. data/tasks/test.rake +0 -40
  265. data/tasks/zentest.rake +0 -36
  266. data/test/fixtures/comments.yml +0 -126
  267. data/test/fixtures/contact_contents.yml +0 -132
  268. data/test/fixtures/data_entries.yml +0 -65
  269. data/test/fixtures/discussions.yml +0 -48
  270. data/test/fixtures/document_contents.yml +0 -108
  271. data/test/fixtures/dyn_attributes.yml +0 -66
  272. data/test/fixtures/groups.yml +0 -86
  273. data/test/fixtures/groups_users.yml +0 -81
  274. data/test/fixtures/iformats.yml +0 -29
  275. data/test/fixtures/links.yml +0 -313
  276. data/test/fixtures/nodes.yml +0 -2592
  277. data/test/fixtures/relations.yml +0 -126
  278. data/test/fixtures/sites.yml +0 -58
  279. data/test/fixtures/template_contents.yml +0 -172
  280. data/test/fixtures/users.yml +0 -167
  281. data/test/fixtures/versions.yml +0 -1911
  282. data/test/fixtures/virtual_classes.yml +0 -87
  283. data/test/fixtures/zips.yml +0 -15
  284. data/test/functional/sessions_controller_test.rb +0 -73
@@ -29,8 +29,7 @@ class Template < TextDocument
29
29
 
30
30
  private
31
31
 
32
- def rewrite_klass_mode_format
33
-
32
+ def set_defaults
34
33
  # only set name from version title on creation
35
34
  if name_changed?
36
35
  new_name = self.name
@@ -63,7 +62,7 @@ class Template < TextDocument
63
62
  content = version.content
64
63
  content.mode = content.mode.url_name if content.mode
65
64
 
66
- if content.klass
65
+ if !content.klass.blank?
67
66
  # update name
68
67
  content.format = 'html' if content.format.blank?
69
68
  self[:name] = name_from_content(:format => content.format, :mode => content.mode, :klass => content.klass)
@@ -102,12 +101,8 @@ END_TXT
102
101
  end
103
102
  end
104
103
  end
105
- end
106
104
 
107
- # Overwrite document behaviour.
108
- def document_before_validation
109
- rewrite_klass_mode_format
110
- content = version.content
105
+ super
111
106
  end
112
107
 
113
108
  def valid_section
@@ -1,4 +1,6 @@
1
1
  class TemplateContent < ActiveRecord::Base
2
+ include Zena::Use::Upload::UploadedFile
3
+
2
4
  include RubyLess::SafeClass
3
5
  safe_attribute :tkpath, :skin_name, :mode, :klass
4
6
  safe_method :ext => String, :format => String, :content_type => String, :filename => String
@@ -13,7 +13,7 @@ class TextDocument < Document
13
13
  class << self
14
14
  # Return true if a new text document can be created with the content_type. Used by the superclass Document to choose the corret subclass when creating a new object.
15
15
  def accept_content_type?(content_type)
16
- (content_type =~ /^(text)/ && TYPE_TO_EXT[content_type.chomp] != ['rtf']) || (content_type =~ /x-javascript/)
16
+ (content_type =~ /^(text)/ && Zena::TYPE_TO_EXT[content_type.chomp] != ['rtf']) || (content_type =~ /x-javascript/)
17
17
  end
18
18
 
19
19
  def version_class
@@ -68,6 +68,8 @@ class TextDocument < Document
68
68
  else
69
69
  if new_src = helper.send(:template_url_for_asset, :src => src, :current_folder=>current_folder, :parse_assets => true)
70
70
  "url(#{quote}#{new_src}#{quote})"
71
+ elsif !(src =~ /\.\./) && File.exist?(File.join(SITES_ROOT, current_site.public_path, src))
72
+ "url(#{quote}#{src}?#{File.mtime(File.join(SITES_ROOT, current_site.public_path, src)).to_i}#{quote})"
71
73
  else
72
74
  errors.add('asset', '{{asset}} not found', :asset => src.inspect)
73
75
  "url(#{quote}#{src}#{quote})"
@@ -93,17 +95,20 @@ class TextDocument < Document
93
95
  $&
94
96
  else
95
97
  quote, url = $1, $2
96
- if url =~ /\A\/\w\w.*?(\d+)(_\w+|)\./
98
+ if url =~ /\A\/\w\w\/.*?(\d+)(_\w+|)\./
97
99
  zip, mode = $1, $2
98
- unless asset = secure(Node) { Node.find_by_zip(zip) }
100
+ if asset = secure(Node) { Node.find_by_zip(zip) }
101
+ if asset.fullpath =~ /\A#{current_folder}\/(.+)/
102
+ "url(#{quote}#{$1}#{mode}.#{asset.version.content.ext}#{quote})"
103
+ else
104
+ "url(#{quote}/#{asset.fullpath}#{mode}.#{asset.version.content.ext}#{quote})"
105
+ end
106
+ else
99
107
  errors.add('asset', '{{zip}} not found', :zip => zip)
100
108
  "url(#{quote}#{url}#{quote})"
101
109
  end
102
- if asset.fullpath =~ /\A#{current_folder}\/(.+)/
103
- "url(#{quote}#{$1}#{mode}.#{asset.version.content.ext}#{quote})"
104
- else
105
- "url(#{quote}/#{asset.fullpath}#{mode}.#{asset.version.content.ext}#{quote})"
106
- end
110
+ elsif File.exist?(File.join(SITES_ROOT, current_site.public_path, url.sub(/\?\d+\Z/,'')))
111
+ "url(#{quote}#{url.sub(/\?\d+\Z/,'')}#{quote})"
107
112
  else
108
113
  # bad format
109
114
  errors.add('base', "cannot unparse asset url #{url.inspect}")
@@ -1,5 +1,7 @@
1
1
  require 'digest/sha1'
2
2
  require 'tzinfo'
3
+ require 'authlogic/crypto_providers/bcrypt'
4
+
3
5
  =begin rdoc
4
6
  There are two special users in each site :
5
7
  [anon] Anonymous user. Used to set defaults for newly created users.
@@ -21,12 +23,24 @@ things they can/cannot do :
21
23
  TODO: when a user is 'destroyed', pass everything he owns to another user or just mark the user as 'deleted'...
22
24
  =end
23
25
  class User < ActiveRecord::Base
26
+
27
+ acts_as_authentic do |c|
28
+ #c.transition_from_crypto_providers = Zena::InitialCryptoProvider
29
+ #c.crypto_provider = Authlogic::CryptoProviders::BCrypt
30
+ c.crypto_provider = Zena::CryptoProvider::Initial
31
+ c.validate_email_field = false
32
+ c.validate_login_field = false
33
+ c.require_password_confirmation = false
34
+ c.validate_password_field = false
35
+ end
36
+
24
37
  include RubyLess::SafeClass
38
+
25
39
  safe_attribute :login, :name, :first_name, :email, :time_zone, :created_at, :updated_at
26
40
  safe_method :initials => String, :fullname => String, :status => Number, :status_name => String
27
41
 
28
- zafu_context :contact => "Contact"
29
- attr_accessible :login, :password, :lang, :first_name, :name, :email, :time_zone, :status, :group_ids, :site_ids
42
+ safe_context :contact => 'Contact'
43
+ attr_accessible :login, :lang, :first_name, :name, :email, :time_zone, :status, :group_ids, :site_ids, :crypted_password, :password
30
44
  attr_accessor :visited_node_ids
31
45
  attr_accessor :ip
32
46
 
@@ -45,11 +59,6 @@ class User < ActiveRecord::Base
45
59
  validates_presence_of :site_id
46
60
  before_create :create_contact
47
61
 
48
- def contact_with_secure
49
- @contact ||= secure(Contact) { contact_without_secure }
50
- end
51
- alias_method_chain :contact, :secure
52
-
53
62
  Status = {
54
63
  :su => 80,
55
64
  :admin => 60, # can create other users, manage site, etc
@@ -63,54 +72,8 @@ class User < ActiveRecord::Base
63
72
 
64
73
 
65
74
  class << self
66
- # Returns the logged in user or nil if login and password do not match or if the user has no login access to the given host.
67
- def login(login, password, host)
68
- make_visitor :login => login, :password => password, :host => host
69
- end
70
-
71
- # Return the logged in visitor from the session[:user] or the anonymous user if id is nil or does not match
72
- def make_visitor(opts)
73
- raise ActiveRecord::RecordNotFound.new("host not found #{opts[:host]}") unless
74
- site = opts[:site] || Site.find_by_host(opts[:host])
75
-
76
- if opts[:id] # session[:user]
77
- conditions = ['users.id = ?', opts[:id]]
78
- elsif opts[:login] # login
79
- return nil if opts[:password].blank?
80
- conditions = ['login = ? AND password = ?',opts[:login], hash_password(opts[:password])]
81
- else # anonymous
82
- conditions = ['users.id = ?', site[:anon_id]]
83
- end
84
-
85
- user = site.users.find(:first, :conditions => conditions)
86
-
87
- if !user && opts[:id]
88
- return make_visitor(:site => site) # anonymous user
89
- end
90
- return nil unless user
91
- user.site = site
92
- user.visit(site)
93
- user.visit(user)
94
-
95
- if user.reader?
96
- unless Thread.current.respond_to?(:visitor)
97
- class << Thread.current
98
- attr_accessor :visitor
99
- end
100
- end
101
- Thread.current.visitor = user
102
- elsif !user.is_anon? && opts[:id]
103
- # not a reader, refuse login
104
- return make_visitor(:site => site)
105
- else
106
- # anon is not a reader, refuse anonymous user
107
- nil
108
- end
109
- end
110
-
111
- # Do not store clear passwords in the database (salted hash) :
112
- def hash_password(string)
113
- Digest::SHA1.hexdigest((string || '') + PASSWORD_SALT)
75
+ def find_allowed_user_by_login(login)
76
+ first(:conditions=>["login = ? and status > 0", login])
114
77
  end
115
78
 
116
79
  # Creates a new user without setting the defaults (used to create the first users of the site). Use
@@ -128,7 +91,14 @@ class User < ActiveRecord::Base
128
91
  end
129
92
  super(new_attrs)
130
93
  end
94
+
95
+ end
96
+
97
+ def contact_with_secure
98
+ @contact ||= secure(Contact) { contact_without_secure }
131
99
  end
100
+ alias_method_chain :contact, :secure
101
+
132
102
 
133
103
  # Each time a node is found using secure (Zena::Acts::Secure or Zena::Acts::SecureNode), this method is
134
104
  # called to set the visitor in the found object. This is also used to keep track of the opened nodes
@@ -157,28 +127,6 @@ class User < ActiveRecord::Base
157
127
  self[:email] || ""
158
128
  end
159
129
 
160
- # Store the password, using SHA1. You should change the default value of PASSWORD_SALT (in Zena::ROOT/lib/zena.rb). This makes it harder to use
161
- # rainbow tables to find clear passwords from hashed values.
162
- def password=(string)
163
- if string.blank?
164
- self[:password] = nil
165
- elsif string && string.length > 4
166
- self[:password] = User.hash_password(string)
167
- else
168
- @password_too_short = true
169
- end
170
- end
171
-
172
- # Never display the password (even the hash) outside.
173
- def password
174
- ""
175
- end
176
-
177
- # Test password
178
- def password_is?(str)
179
- self[:password] == User.hash_password(str)
180
- end
181
-
182
130
  def status_name
183
131
  Num_to_status[status].to_s
184
132
  end
@@ -191,13 +139,13 @@ class User < ActiveRecord::Base
191
139
  # Return true if the user is the anonymous user for the current visited site
192
140
  def is_anon?
193
141
  # tested in site_test
194
- current_site.anon_id == self[:id] && (!new_record? || self[:login].nil?) # (when creating a new site, anon_id == nil)
142
+ user_site.anon_id == self[:id] && (!new_record? || self[:login].nil?) # (when creating a new site, anon_id == nil)
195
143
  end
196
144
 
197
145
  # Return true if the user is the super user for the current visited site
198
146
  def is_su?
199
147
  # tested in site_test
200
- current_site.su_id == self[:id]
148
+ user_site.su_id == self[:id]
201
149
  end
202
150
 
203
151
  # Return true if the user's status is high enough to start editing nodes.
@@ -231,7 +179,7 @@ class User < ActiveRecord::Base
231
179
  # Returns a list of the group ids separated by commas for the user (this is used mainly in SQL clauses).
232
180
  def group_ids
233
181
  @group_ids ||= if is_admin?
234
- current_site.groups.map{|g| g[:id]}
182
+ site.groups.map{|g| g[:id]}
235
183
  else
236
184
  groups.find(:all, :order=>'name').map{ |g| g[:id] }
237
185
  end
@@ -287,20 +235,25 @@ class User < ActiveRecord::Base
287
235
  end
288
236
 
289
237
  private
238
+
239
+ def user_site
240
+ self.site || visitor.site # site when User is new
241
+ end
242
+
290
243
  def create_contact
291
244
  return unless visitor.site[:root_id] # do not try to create a contact if the root node is not created yet
292
245
 
293
246
  @contact = secure!(Contact) { Contact.new(
294
247
  # owner is the user except for anonymous and super user.
295
248
  # TODO: not sure this is a good idea...
296
- :user_id => (self[:id] == current_site[:anon_id] || self[:id] == current_site[:su_id]) ? visitor[:id] : self[:id],
249
+ :user_id => (self[:id] == site[:anon_id] || self[:id] == site[:su_id]) ? visitor[:id] : self[:id],
297
250
  :v_title => (name.blank? || first_name.blank?) ? login : fullname,
298
251
  :c_first_name => first_name,
299
252
  :c_name => (name || login ),
300
253
  :c_email => email,
301
254
  :v_status => Zena::Status[:pub]
302
255
  )}
303
- @contact[:parent_id] = current_site[:root_id]
256
+ @contact[:parent_id] = site[:root_id]
304
257
 
305
258
  unless @contact.save
306
259
  # What do we do with this error ?
@@ -321,10 +274,10 @@ class User < ActiveRecord::Base
321
274
  self[:site_id] = visitor.site[:id]
322
275
 
323
276
  if new_record?
324
- self.status = current_site.anon.status if status.blank?
325
- self.lang = current_site.anon.lang if lang.blank?
277
+ self.status = site.anon.status if status.blank?
278
+ self.lang = site.anon.lang if lang.blank?
326
279
  elsif status.blank?
327
- self.status = current_site.anon.status
280
+ self.status = site.anon.status
328
281
  end
329
282
 
330
283
  if login.blank? && !is_anon?
@@ -332,36 +285,30 @@ class User < ActiveRecord::Base
332
285
  end
333
286
  end
334
287
 
335
- # Returns the current site (self = visitor) or the visitor's site
336
- # FIXME: remove and use 'site'
337
- def current_site
338
- @site || visitor.site
339
- end
340
-
341
288
  # Validates that anon user does not have a login, that other users have a password
342
289
  # and that the login is unique for the sites the user belongs to.
343
290
  def valid_user
344
291
  self[:site_id] = visitor.site[:id]
345
292
 
346
- if !current_site.being_created? && !visitor.is_admin? && visitor[:id] != self[:id]
293
+ if !site.being_created? && !visitor.is_admin? && visitor[:id] != self[:id]
347
294
  errors.add('base', 'You do not have the rights to do this.')
348
295
  return false
349
296
  end
350
297
 
351
- errors.add('lang', 'not available') unless current_site.lang_list.include?(lang)
298
+ errors.add('lang', 'not available') unless site.lang_list.include?(lang)
352
299
 
353
300
  if is_anon?
354
301
  # Anonymous user *must* have an empty login
355
302
  self[:login] = nil
356
- self[:password] = nil
303
+ self[:crypted_password] = nil
357
304
  else
358
305
  if new_record?
359
306
  # Refuse to add a user in a site if already a user with same login.
360
- errors.add(:password, "can't be blank") if self[:password].nil? || self[:password] == ""
307
+ errors.add(:password, "can't be blank") if self[:crypted_password].nil? || self[:crypted_password] == ""
361
308
  else
362
309
  # get old password
363
310
  old = User.find(self[:id])
364
- self[:password] = old[:password] if self[:password].nil? || self[:password] == ""
311
+ self[:crypted_password] = old[:crypted_password] if self[:crypted_password].nil? || self[:crypted_password] == ""
365
312
  errors.add(:login, "can't be blank") if self[:login].blank?
366
313
  errors.add(:status, 'You do not have the rights to do this.') if self[:id] == visitor[:id] && old.is_admin? && self.status.to_i != old.status
367
314
  end
@@ -386,14 +333,14 @@ class User < ActiveRecord::Base
386
333
  def valid_groups #:doc:
387
334
  g_ids = @defined_group_ids || (new_record? ? [] : group_set_ids)
388
335
  g_ids.reject! { |g| g.blank? }
389
- g_ids << current_site.public_group_id
390
- g_ids << current_site.site_group_id unless is_anon?
336
+ g_ids << site.public_group_id
337
+ g_ids << site.site_group_id unless is_anon?
391
338
  g_ids.uniq!
392
339
  g_ids.compact!
393
340
  self.groups = []
394
341
  g_ids.each do |id|
395
342
  group = Group.find(id)
396
- unless current_site.being_created? || group.site_id == self.site_id
343
+ unless site.being_created? || group.site_id == self.site_id
397
344
  errors.add('group', 'not found')
398
345
  next
399
346
  end
@@ -403,7 +350,7 @@ class User < ActiveRecord::Base
403
350
 
404
351
  # Do not allow destruction of the site's special users.
405
352
  def dont_destroy_protected_users #:doc:
406
- raise Zena::AccessViolation, "su and Anonymous users cannot be destroyed !" if current_site.protected_user_ids.include?(id)
353
+ raise Zena::AccessViolation, "su and Anonymous users cannot be destroyed !" if site.protected_user_ids.include?(id)
407
354
  end
408
355
 
409
356
  def old
@@ -0,0 +1,4 @@
1
+ class UserSession < Authlogic::Session::Base
2
+ self.find_by_login_method = :find_allowed_user_by_login
3
+
4
+ end
@@ -38,7 +38,7 @@ class Version < ActiveRecord::Base
38
38
  :zip => Number, :user_zip => Number # FIXME: replace by 'id'....
39
39
  # writable
40
40
  attr_accessible :title, :text, :summary, :comment, :publish_from, :lang, :status, :content_attributes, :dyn_attributes
41
- zafu_context :author => "Contact", :user => "User", :node => "Node"
41
+ safe_context :author => 'Contact', :user => 'User', :node => 'Node'
42
42
 
43
43
  belongs_to :user
44
44
  before_validation :version_before_validation
@@ -16,13 +16,13 @@
16
16
  update_page_content(page, @comment)
17
17
  =begin
18
18
  if @comment.new_record?
19
- page.replace "#{params[:dom_id]}_form", :file => fullpath_from_template_url + "_form.erb"
19
+ page.replace "#{params[:dom_id]}_form", :file => template_path_from_template_url + "_form.erb"
20
20
  else
21
21
  pos = params[:position] || :before
22
22
  ref = params[:reference] || "#{params[:dom_id]}_add"
23
- page.insert_html pos.to_sym, ref, :file => fullpath_from_template_url + ".erb"
23
+ page.insert_html pos.to_sym, ref, :file => template_path_from_template_url + ".erb"
24
24
  @comment = Comment.new
25
- page.replace "#{params[:dom_id]}_form", :file => fullpath_from_template_url + "_form.erb"
25
+ page.replace "#{params[:dom_id]}_form", :file => template_path_from_template_url + "_form.erb"
26
26
  if params[:done]
27
27
  page << params[:done]
28
28
  else
@@ -1,2 +1,2 @@
1
- page.replace "#{params[:dom_id]}_#{@comment.zip}", :file => fullpath_from_template_url + "_form.erb"
1
+ page.replace "#{params[:dom_id]}_#{@comment.zip}", :file => template_path_from_template_url + "_form.erb"
2
2
  page << "$('#{params[:dom_id]}_form_t').focusFirstElement();"
@@ -1 +1 @@
1
- page.replace "#{params[:dom_id]}.#{@comment.zip}", :file => fullpath_from_template_url + ".erb"
1
+ page.replace "#{params[:dom_id]}.#{@comment.zip}", :file => template_path_from_template_url + ".erb"
@@ -12,7 +12,7 @@
12
12
  <% else -%>
13
13
  <td><%= node.errors.empty? ? (node[:create_or_update]) : 'error' %></td>
14
14
  <td><%= _('%{count} versions') % {:count => node.instance_variable_get(:@versions_count)} %></td>
15
- <td><%= !node.errors.empty? ? error_messages_for(node) : 'ok' %></td>
15
+ <td><%= !node.errors.empty? ? node.errors.map {|k,v| "[#{k}] #{v}"}.join(', ') : 'ok' %></td>
16
16
  <% end -%>
17
17
  </tr>
18
18
  <% end -%>
@@ -1,13 +1,13 @@
1
1
  update_page_content(page, @node)
2
2
  =begin
3
3
  if @node.new_record?
4
- page.replace "#{params[:dom_id]}_form", :file => fullpath_from_template_url + "_form.erb"
4
+ page.replace "#{params[:dom_id]}_form", :file => template_path_from_template_url + "_form.erb"
5
5
  else
6
6
  pos = params[:position] || :before
7
7
  ref = params[:reference] || "#{params[:dom_id]}_add"
8
- page.insert_html pos.to_sym, ref, :file => fullpath_from_template_url + ".erb"
8
+ page.insert_html pos.to_sym, ref, :file => template_path_from_template_url + ".erb"
9
9
  @node = @node.parent.new_child(:class => @node.class)
10
- page.replace "#{params[:dom_id]}_form", :file => fullpath_from_template_url + "_form.erb"
10
+ page.replace "#{params[:dom_id]}_form", :file => template_path_from_template_url + "_form.erb"
11
11
  if params[:done]
12
12
  page << params[:done]
13
13
  else
@@ -2,8 +2,7 @@
2
2
  <%= hidden_field 'node', 'parent_id', :value=>@node.parent_zip %>
3
3
  <p class="btn_validate"><input type="submit" value='<%= _('validate') %>'/></p>
4
4
 
5
- <label for='attachment'><%= _('file') %></label>
6
- <input id="attachment<%= @uuid %>" name="attachment" onchange="Zena.get_filename('attachment<%= @uuid %>','node_v_title'); $('node_v_title').focus(); $('node_v_title').select();" class='file' type="file" />
5
+ <%= upload_field %>
7
6
 
8
7
  <label for='node_name'><%= _('title') %></label>
9
8
  <input id='node_v_title' type='text' name='node[v_title]'/><br/>
@@ -1,9 +1,14 @@
1
1
  <%= upload_form_tag( :controller => 'nodes', :action => 'import', :id => @node.parent_zip ) %>
2
2
  <p class="btn_validate"><input type="submit" value='<%= _('validate') %>'/></p>
3
3
 
4
- <label for='attachment'><%= _('file') %></label>
5
- <input id="attachment<%= @uuid %>" name="attachment" class='file' type="file" />
4
+ <%= upload_field %>
5
+
6
6
 
7
7
  <label for='node_klass'><%= _('class of first element') %></label>
8
8
  <%= select('node', 'klass', Node.classes_for_form, :selected => 'Page' ) %><br/>
9
+
10
+ <% if @node.can_publish? && !visitor.site.auto_publish? %>
11
+ <label for='node_v_status'><%= _('publish nodes') %></label>
12
+ <small><input type='checkbox' name='node[v_status]' value='50'/> <%= _('pub') %></small><br/>
13
+ <% end -%>
9
14
  </form>