zena 0.15.2 → 0.16.0
Sign up to get free protection for your applications and to get access to all the features.
- data/.gitignore +20 -0
- data/CREDITS +27 -0
- data/Capfile +3 -0
- data/DEVELOPERS +46 -0
- data/History.txt +15 -0
- data/MIT-LICENSE +19 -0
- data/Rakefile +44 -0
- data/TODO +24 -0
- data/TODO_ZENA_1_0 +23 -0
- data/app/controllers/application_controller.rb +3 -0
- data/app/controllers/documents_controller.rb +22 -56
- data/app/controllers/nodes_controller.rb +42 -27
- data/app/controllers/pings_controller.rb +19 -0
- data/app/controllers/relations_controller.rb +5 -1
- data/app/controllers/sites_controller.rb +1 -46
- data/app/controllers/user_sessions_controller.rb +47 -0
- data/app/controllers/users_controller.rb +1 -0
- data/app/controllers/versions_controller.rb +25 -7
- data/app/controllers/virtual_classes_controller.rb +1 -1
- data/app/helpers/application_helper.rb +1 -1
- data/app/models/comment.rb +2 -1
- data/app/models/contact_content.rb +2 -2
- data/app/models/data_entry.rb +5 -6
- data/app/models/document.rb +14 -10
- data/app/models/document_content.rb +4 -6
- data/app/models/iformat.rb +2 -2
- data/app/models/image_content.rb +6 -9
- data/app/models/node.rb +106 -164
- data/app/models/page.rb +0 -20
- data/app/models/site.rb +42 -12
- data/app/models/template.rb +3 -8
- data/app/models/template_content.rb +2 -0
- data/app/models/text_document.rb +13 -8
- data/app/models/user.rb +47 -100
- data/app/models/user_session.rb +4 -0
- data/app/models/version.rb +1 -1
- data/app/views/comments/create.rjs +3 -3
- data/app/views/comments/edit.rjs +1 -1
- data/app/views/comments/update.rjs +1 -1
- data/app/views/nodes/_import_results.rhtml +1 -1
- data/app/views/nodes/create.rjs +3 -3
- data/app/views/templates/document_create_tabs/_file.rhtml +1 -2
- data/app/views/templates/document_create_tabs/_import.rhtml +7 -2
- data/app/views/templates/edit_tabs/_document.rhtml +1 -3
- data/app/views/templates/edit_tabs/_image.rhtml +1 -3
- data/app/views/versions/_tr.rhtml +1 -1
- data/app/views/versions/edit.rhtml +2 -26
- data/bin/zena +6 -1
- data/bricks/delayed_job/README +18 -0
- data/bricks/delayed_job/migrate/20091104191643_create_delayed_jobs_table.rb +19 -0
- data/bricks/delayed_job/misc/init.rb +8 -0
- data/bricks/delayed_job/misc/tasks.rb +2 -0
- data/bricks/math/patch/application_helper.rb +1 -1
- data/bricks/sphinx/MIT-LICENSE +19 -0
- data/bricks/sphinx/README +19 -0
- data/bricks/sphinx/lib/use_sphinx.rb +78 -0
- data/bricks/sphinx/migrate/20091102171258_add_delta_for_sphinx.rb +9 -0
- data/bricks/sphinx/misc/deploy.rb +20 -0
- data/bricks/sphinx/misc/sphinx.yml +12 -0
- data/bricks/sphinx/misc/tasks.rb +21 -0
- data/bricks/sphinx/patch/node.rb +8 -0
- data/bricks/tags/lib/has_tags.rb +5 -3
- data/bricks/tags/test/zafu/tags.yml +13 -1
- data/config/bricks.yml +35 -0
- data/config/deploy.rb +8 -1
- data/config/environment.rb +1 -1
- data/config/environments/production.rb +1 -1
- data/config/gems.yml +28 -5
- data/config/sphinx.yml +12 -0
- data/db/init/base/skins/default/Node-+popupLayout.zafu +1 -16
- data/db/migrate/20091026161708_add_persistence_token.rb +13 -0
- data/db/migrate/20091101184952_add_session_table.rb +16 -0
- data/db/migrate/20091123175137_add_single_access_token.rb +9 -0
- data/db/migrate/20091124161608_rebuild_fullpath.rb +11 -0
- data/db/schema.rb +21 -8
- data/doc/README_FOR_APP +24 -0
- data/doc/fixtures.graffle +19568 -0
- data/doc/fixtures.pdf +0 -0
- data/doc/template/LICENSE +184 -0
- data/doc/template/README +37 -0
- data/doc/template/allison.css +283 -0
- data/doc/template/allison.js +307 -0
- data/doc/template/allison.rb +260 -0
- data/doc/template/cache/BODY +588 -0
- data/doc/template/cache/CLASS_INDEX +4 -0
- data/doc/template/cache/CLASS_PAGE +1 -0
- data/doc/template/cache/FILE_INDEX +4 -0
- data/doc/template/cache/FILE_PAGE +1 -0
- data/doc/template/cache/FONTS +1 -0
- data/doc/template/cache/FR_INDEX_BODY +1 -0
- data/doc/template/cache/IMGPATH +1 -0
- data/doc/template/cache/INDEX +1 -0
- data/doc/template/cache/JAVASCRIPT +307 -0
- data/doc/template/cache/METHOD_INDEX +4 -0
- data/doc/template/cache/METHOD_LIST +1 -0
- data/doc/template/cache/SRC_PAGE +1 -0
- data/doc/template/cache/STYLE +283 -0
- data/doc/template/cache/URL +1 -0
- data/doc/zafu_changes.yml +29 -0
- data/lib/base_additions.rb +1 -1
- data/lib/bricks.rb +9 -0
- data/lib/bricks/loader.rb +86 -0
- data/lib/bricks/requirements_validation.rb +71 -0
- data/lib/tasks/zena.rake +42 -4
- data/lib/zafu/action.rb +285 -0
- data/lib/zafu/ajax.rb +93 -0
- data/lib/zafu/attributes.rb +117 -0
- data/lib/zafu/calendar.rb +159 -0
- data/lib/zafu/context.rb +330 -0
- data/lib/zafu/core/html.rb +102 -0
- data/lib/zafu/core/move_to_parser.rb +167 -0
- data/lib/zafu/dates.rb +58 -0
- data/lib/zafu/display.rb +502 -0
- data/lib/zafu/eval.rb +66 -0
- data/lib/zafu/experimental.rb +66 -0
- data/lib/zafu/i18n.rb +64 -0
- data/lib/zafu/meta.rb +25 -0
- data/lib/zafu/refactor.rb +73 -0
- data/lib/zafu/support/context.rb +265 -0
- data/lib/zafu/support/dom.rb +145 -0
- data/lib/zafu/support/erb.rb +62 -0
- data/lib/zafu/support/flow.rb +401 -0
- data/lib/zafu/support/forms.rb +461 -0
- data/lib/zafu/support/links.rb +306 -0
- data/lib/zafu_parser.rb +26 -2
- data/lib/zena.rb +34 -15
- data/lib/zena/acts/multiversion.rb +2 -2
- data/lib/zena/acts/secure.rb +41 -30
- data/lib/zena/app.rb +7 -10
- data/lib/zena/controller/test_case.rb +12 -7
- data/lib/zena/crypto_provider/initial.rb +15 -0
- data/lib/zena/db.rb +6 -1
- data/lib/zena/deploy.rb +34 -6
- data/lib/zena/deploy/logrotate_app.rhtml +9 -0
- data/lib/zena/deploy/logrotate_host.rhtml +34 -0
- data/lib/zena/deploy/template.rb +1 -9
- data/lib/zena/foxy_parser.rb +1 -1
- data/lib/zena/info.rb +3 -1
- data/lib/zena/migrator.rb +1 -1
- data/lib/zena/parser.rb +12 -4
- data/lib/zena/parser/zazen_rules.rb +6 -6
- data/lib/zena/parser/zena_rules.rb +1 -7
- data/lib/zena/routes.rb +5 -5
- data/lib/zena/test_controller.rb +7 -2
- data/lib/zena/unit/test_case.rb +6 -8
- data/lib/zena/use/ajax.rb +10 -10
- data/lib/zena/use/authlogic.rb +93 -0
- data/lib/zena/use/dyn_attributes.rb +5 -0
- data/lib/zena/use/html_tags.rb +16 -34
- data/lib/zena/use/i18n.rb +4 -1
- data/lib/zena/use/node_query_finders.rb +8 -4
- data/lib/zena/use/refactor.rb +8 -20
- data/lib/zena/use/relations.rb +1 -0
- data/lib/zena/use/rendering.rb +4 -2
- data/lib/zena/use/search.rb +52 -0
- data/lib/zena/use/test_helper.rb +27 -28
- data/lib/zena/use/upload.rb +188 -0
- data/lib/zena/use/urls.rb +16 -14
- data/lib/zena/use/zafu.rb +16 -63
- data/lib/zena/use/zazen.rb +8 -8
- data/lib/zena/view/test_case.rb +8 -4
- data/locale/en/LC_MESSAGES/zena.mo +0 -0
- data/locale/en/zena.po +3 -3
- data/public/.htaccess +40 -0
- data/public/javascripts/upload-progress.js +17 -8
- data/public/javascripts/zena.js +8 -2
- data/public/stylesheets/popup.css +1 -0
- data/script/about +3 -0
- data/script/apache_logging +25 -0
- data/script/breakpointer +3 -0
- data/script/console +3 -0
- data/script/dbconsole +3 -0
- data/script/destroy +3 -0
- data/script/generate +3 -0
- data/script/performance/benchmarker +3 -0
- data/script/performance/profiler +3 -0
- data/script/plugin +3 -0
- data/script/process/inspector +3 -0
- data/script/process/reaper +3 -0
- data/script/process/spawner +3 -0
- data/script/runner +3 -0
- data/script/server +3 -0
- data/script/set_revision +29 -0
- data/spec/controllers/versions_controller_spec.rb +11 -0
- data/test/fixtures/files/Node-test.zafu +1 -1
- data/test/functional/nodes_controller_test.rb +25 -0
- data/test/functional/pings_controller_test.rb +8 -0
- data/test/functional/user_sessions_controller_test.rb +59 -0
- data/test/functional/users_controller_test.rb +81 -19
- data/test/helpers/node_query/filters.yml +5 -0
- data/test/helpers/node_query_test.rb +3 -3
- data/test/integration/multiple_hosts_test.rb +1 -1
- data/test/integration/navigation_test.rb +1 -1
- data/test/sites/complex/users.yml +1 -1
- data/test/sites/ocean/users.yml +3 -3
- data/test/sites/zena/users.yml +5 -4
- data/test/test_zena.rb +38 -38
- data/test/unit/cached_page_test.rb +2 -2
- data/test/unit/comment_test.rb +0 -1
- data/test/unit/document_test.rb +23 -11
- data/test/unit/helpers/ping_helper_test.rb +4 -0
- data/test/unit/multiversion_test.rb +24 -16
- data/test/unit/node_test.rb +32 -93
- data/test/unit/note_test.rb +9 -0
- data/test/unit/page_test.rb +2 -2
- data/test/unit/secure_test.rb +2 -12
- data/test/unit/site_test.rb +43 -24
- data/test/unit/template_test.rb +45 -3
- data/test/unit/text_document_test.rb +4 -3
- data/test/unit/user_test.rb +13 -33
- data/test/unit/zena/db_test.rb +8 -0
- data/test/unit/zena/parser/zazen.yml +4 -4
- data/test/unit/zena/use/dates_view_methods_test.rb +2 -1
- data/test/unit/zena/use/html_tags_test.rb +12 -4
- data/test/unit/zena/use/refactor_test.rb +4 -3
- data/test/unit/zena/use/rendering_test.rb +1 -0
- data/test/unit/zena/use/upload_test.rb +76 -0
- data/test/unit/zena/use/urls_test.rb +4 -0
- data/test/unit/zena/use/zafu_test.rb +8 -0
- data/test/unit/zena/workflow/status_version_test.rb +6 -0
- data/test/unit/zena/zena_tags/ajax.yml +4 -4
- data/test/unit/zena/zena_tags/basic.yml +21 -10
- data/test/unit/zena/zena_tags/relations.yml +0 -6
- data/test/unit/zena/zena_tags/rubyless.yml +35 -0
- data/test/unit/zena/zena_tags/zazen.yml +4 -4
- data/test/unit/zena/zena_tags_test.rb +36 -4
- data/vendor/TextMate/Zena.tmbundle/Commands/Run all yaml tests.tmCommand +1 -1
- data/vendor/TextMate/Zena.tmbundle/Commands/Run focused yaml test.tmCommand +2 -3
- data/vendor/TextMate/Zena.tmbundle/Support/RubyMate/catch_exception.rb +39 -0
- data/vendor/TextMate/Zena.tmbundle/Support/RubyMate/run_script.rb +102 -58
- data/vendor/TextMate/Zena.tmbundle/Support/RubyMate/stdin_dialog.rb +14 -0
- data/vendor/TextMate/Zena.tmbundle/info.plist +2 -0
- data/zena.gemspec +2085 -0
- metadata +265 -90
- data/app/controllers/sessions_controller.rb +0 -41
- data/app/views/sites/zena_up.html.erb +0 -11
- data/config/database.yml +0 -40
- data/db/production.sqlite3 +0 -0
- data/lib/bricks/patcher.rb +0 -68
- data/lib/zena/parser/zena_tags.rb +0 -3562
- data/lib/zena/use/authentification.rb +0 -120
- data/public/images/ext/contact_pv.png +0 -0
- data/public/images/ext/other_pv.png +0 -0
- data/public/images/ext/page_pv.png +0 -0
- data/public/images/ext/page_tiny.png +0 -0
- data/public/images/ext/pdf_pv.png +0 -0
- data/public/images/ext/post_pv.png +0 -0
- data/public/images/ext/post_tiny.png +0 -0
- data/public/images/ext/project_pv.png +0 -0
- data/public/images/ext/project_tiny.png +0 -0
- data/public/images/ext/tag_pv.png +0 -0
- data/public/images/ext/zip_pv.png +0 -0
- data/tasks/ann.rake +0 -80
- data/tasks/bones.rake +0 -20
- data/tasks/gem.rake +0 -201
- data/tasks/git.rake +0 -40
- data/tasks/notes.rake +0 -27
- data/tasks/post_load.rake +0 -34
- data/tasks/rdoc.rake +0 -51
- data/tasks/rubyforge.rake +0 -55
- data/tasks/setup.rb +0 -292
- data/tasks/spec.rake +0 -54
- data/tasks/svn.rake +0 -47
- data/tasks/test.rake +0 -40
- data/tasks/zentest.rake +0 -36
- data/test/fixtures/comments.yml +0 -126
- data/test/fixtures/contact_contents.yml +0 -132
- data/test/fixtures/data_entries.yml +0 -65
- data/test/fixtures/discussions.yml +0 -48
- data/test/fixtures/document_contents.yml +0 -108
- data/test/fixtures/dyn_attributes.yml +0 -66
- data/test/fixtures/groups.yml +0 -86
- data/test/fixtures/groups_users.yml +0 -81
- data/test/fixtures/iformats.yml +0 -29
- data/test/fixtures/links.yml +0 -313
- data/test/fixtures/nodes.yml +0 -2592
- data/test/fixtures/relations.yml +0 -126
- data/test/fixtures/sites.yml +0 -58
- data/test/fixtures/template_contents.yml +0 -172
- data/test/fixtures/users.yml +0 -167
- data/test/fixtures/versions.yml +0 -1911
- data/test/fixtures/virtual_classes.yml +0 -87
- data/test/fixtures/zips.yml +0 -15
- data/test/functional/sessions_controller_test.rb +0 -73
data/app/models/template.rb
CHANGED
@@ -29,8 +29,7 @@ class Template < TextDocument
|
|
29
29
|
|
30
30
|
private
|
31
31
|
|
32
|
-
def
|
33
|
-
|
32
|
+
def set_defaults
|
34
33
|
# only set name from version title on creation
|
35
34
|
if name_changed?
|
36
35
|
new_name = self.name
|
@@ -63,7 +62,7 @@ class Template < TextDocument
|
|
63
62
|
content = version.content
|
64
63
|
content.mode = content.mode.url_name if content.mode
|
65
64
|
|
66
|
-
if content.klass
|
65
|
+
if !content.klass.blank?
|
67
66
|
# update name
|
68
67
|
content.format = 'html' if content.format.blank?
|
69
68
|
self[:name] = name_from_content(:format => content.format, :mode => content.mode, :klass => content.klass)
|
@@ -102,12 +101,8 @@ END_TXT
|
|
102
101
|
end
|
103
102
|
end
|
104
103
|
end
|
105
|
-
end
|
106
104
|
|
107
|
-
|
108
|
-
def document_before_validation
|
109
|
-
rewrite_klass_mode_format
|
110
|
-
content = version.content
|
105
|
+
super
|
111
106
|
end
|
112
107
|
|
113
108
|
def valid_section
|
data/app/models/text_document.rb
CHANGED
@@ -13,7 +13,7 @@ class TextDocument < Document
|
|
13
13
|
class << self
|
14
14
|
# Return true if a new text document can be created with the content_type. Used by the superclass Document to choose the corret subclass when creating a new object.
|
15
15
|
def accept_content_type?(content_type)
|
16
|
-
(content_type =~ /^(text)/ && TYPE_TO_EXT[content_type.chomp] != ['rtf']) || (content_type =~ /x-javascript/)
|
16
|
+
(content_type =~ /^(text)/ && Zena::TYPE_TO_EXT[content_type.chomp] != ['rtf']) || (content_type =~ /x-javascript/)
|
17
17
|
end
|
18
18
|
|
19
19
|
def version_class
|
@@ -68,6 +68,8 @@ class TextDocument < Document
|
|
68
68
|
else
|
69
69
|
if new_src = helper.send(:template_url_for_asset, :src => src, :current_folder=>current_folder, :parse_assets => true)
|
70
70
|
"url(#{quote}#{new_src}#{quote})"
|
71
|
+
elsif !(src =~ /\.\./) && File.exist?(File.join(SITES_ROOT, current_site.public_path, src))
|
72
|
+
"url(#{quote}#{src}?#{File.mtime(File.join(SITES_ROOT, current_site.public_path, src)).to_i}#{quote})"
|
71
73
|
else
|
72
74
|
errors.add('asset', '{{asset}} not found', :asset => src.inspect)
|
73
75
|
"url(#{quote}#{src}#{quote})"
|
@@ -93,17 +95,20 @@ class TextDocument < Document
|
|
93
95
|
$&
|
94
96
|
else
|
95
97
|
quote, url = $1, $2
|
96
|
-
if url =~ /\A\/\w\w
|
98
|
+
if url =~ /\A\/\w\w\/.*?(\d+)(_\w+|)\./
|
97
99
|
zip, mode = $1, $2
|
98
|
-
|
100
|
+
if asset = secure(Node) { Node.find_by_zip(zip) }
|
101
|
+
if asset.fullpath =~ /\A#{current_folder}\/(.+)/
|
102
|
+
"url(#{quote}#{$1}#{mode}.#{asset.version.content.ext}#{quote})"
|
103
|
+
else
|
104
|
+
"url(#{quote}/#{asset.fullpath}#{mode}.#{asset.version.content.ext}#{quote})"
|
105
|
+
end
|
106
|
+
else
|
99
107
|
errors.add('asset', '{{zip}} not found', :zip => zip)
|
100
108
|
"url(#{quote}#{url}#{quote})"
|
101
109
|
end
|
102
|
-
|
103
|
-
|
104
|
-
else
|
105
|
-
"url(#{quote}/#{asset.fullpath}#{mode}.#{asset.version.content.ext}#{quote})"
|
106
|
-
end
|
110
|
+
elsif File.exist?(File.join(SITES_ROOT, current_site.public_path, url.sub(/\?\d+\Z/,'')))
|
111
|
+
"url(#{quote}#{url.sub(/\?\d+\Z/,'')}#{quote})"
|
107
112
|
else
|
108
113
|
# bad format
|
109
114
|
errors.add('base', "cannot unparse asset url #{url.inspect}")
|
data/app/models/user.rb
CHANGED
@@ -1,5 +1,7 @@
|
|
1
1
|
require 'digest/sha1'
|
2
2
|
require 'tzinfo'
|
3
|
+
require 'authlogic/crypto_providers/bcrypt'
|
4
|
+
|
3
5
|
=begin rdoc
|
4
6
|
There are two special users in each site :
|
5
7
|
[anon] Anonymous user. Used to set defaults for newly created users.
|
@@ -21,12 +23,24 @@ things they can/cannot do :
|
|
21
23
|
TODO: when a user is 'destroyed', pass everything he owns to another user or just mark the user as 'deleted'...
|
22
24
|
=end
|
23
25
|
class User < ActiveRecord::Base
|
26
|
+
|
27
|
+
acts_as_authentic do |c|
|
28
|
+
#c.transition_from_crypto_providers = Zena::InitialCryptoProvider
|
29
|
+
#c.crypto_provider = Authlogic::CryptoProviders::BCrypt
|
30
|
+
c.crypto_provider = Zena::CryptoProvider::Initial
|
31
|
+
c.validate_email_field = false
|
32
|
+
c.validate_login_field = false
|
33
|
+
c.require_password_confirmation = false
|
34
|
+
c.validate_password_field = false
|
35
|
+
end
|
36
|
+
|
24
37
|
include RubyLess::SafeClass
|
38
|
+
|
25
39
|
safe_attribute :login, :name, :first_name, :email, :time_zone, :created_at, :updated_at
|
26
40
|
safe_method :initials => String, :fullname => String, :status => Number, :status_name => String
|
27
41
|
|
28
|
-
|
29
|
-
attr_accessible :login, :
|
42
|
+
safe_context :contact => 'Contact'
|
43
|
+
attr_accessible :login, :lang, :first_name, :name, :email, :time_zone, :status, :group_ids, :site_ids, :crypted_password, :password
|
30
44
|
attr_accessor :visited_node_ids
|
31
45
|
attr_accessor :ip
|
32
46
|
|
@@ -45,11 +59,6 @@ class User < ActiveRecord::Base
|
|
45
59
|
validates_presence_of :site_id
|
46
60
|
before_create :create_contact
|
47
61
|
|
48
|
-
def contact_with_secure
|
49
|
-
@contact ||= secure(Contact) { contact_without_secure }
|
50
|
-
end
|
51
|
-
alias_method_chain :contact, :secure
|
52
|
-
|
53
62
|
Status = {
|
54
63
|
:su => 80,
|
55
64
|
:admin => 60, # can create other users, manage site, etc
|
@@ -63,54 +72,8 @@ class User < ActiveRecord::Base
|
|
63
72
|
|
64
73
|
|
65
74
|
class << self
|
66
|
-
|
67
|
-
|
68
|
-
make_visitor :login => login, :password => password, :host => host
|
69
|
-
end
|
70
|
-
|
71
|
-
# Return the logged in visitor from the session[:user] or the anonymous user if id is nil or does not match
|
72
|
-
def make_visitor(opts)
|
73
|
-
raise ActiveRecord::RecordNotFound.new("host not found #{opts[:host]}") unless
|
74
|
-
site = opts[:site] || Site.find_by_host(opts[:host])
|
75
|
-
|
76
|
-
if opts[:id] # session[:user]
|
77
|
-
conditions = ['users.id = ?', opts[:id]]
|
78
|
-
elsif opts[:login] # login
|
79
|
-
return nil if opts[:password].blank?
|
80
|
-
conditions = ['login = ? AND password = ?',opts[:login], hash_password(opts[:password])]
|
81
|
-
else # anonymous
|
82
|
-
conditions = ['users.id = ?', site[:anon_id]]
|
83
|
-
end
|
84
|
-
|
85
|
-
user = site.users.find(:first, :conditions => conditions)
|
86
|
-
|
87
|
-
if !user && opts[:id]
|
88
|
-
return make_visitor(:site => site) # anonymous user
|
89
|
-
end
|
90
|
-
return nil unless user
|
91
|
-
user.site = site
|
92
|
-
user.visit(site)
|
93
|
-
user.visit(user)
|
94
|
-
|
95
|
-
if user.reader?
|
96
|
-
unless Thread.current.respond_to?(:visitor)
|
97
|
-
class << Thread.current
|
98
|
-
attr_accessor :visitor
|
99
|
-
end
|
100
|
-
end
|
101
|
-
Thread.current.visitor = user
|
102
|
-
elsif !user.is_anon? && opts[:id]
|
103
|
-
# not a reader, refuse login
|
104
|
-
return make_visitor(:site => site)
|
105
|
-
else
|
106
|
-
# anon is not a reader, refuse anonymous user
|
107
|
-
nil
|
108
|
-
end
|
109
|
-
end
|
110
|
-
|
111
|
-
# Do not store clear passwords in the database (salted hash) :
|
112
|
-
def hash_password(string)
|
113
|
-
Digest::SHA1.hexdigest((string || '') + PASSWORD_SALT)
|
75
|
+
def find_allowed_user_by_login(login)
|
76
|
+
first(:conditions=>["login = ? and status > 0", login])
|
114
77
|
end
|
115
78
|
|
116
79
|
# Creates a new user without setting the defaults (used to create the first users of the site). Use
|
@@ -128,7 +91,14 @@ class User < ActiveRecord::Base
|
|
128
91
|
end
|
129
92
|
super(new_attrs)
|
130
93
|
end
|
94
|
+
|
95
|
+
end
|
96
|
+
|
97
|
+
def contact_with_secure
|
98
|
+
@contact ||= secure(Contact) { contact_without_secure }
|
131
99
|
end
|
100
|
+
alias_method_chain :contact, :secure
|
101
|
+
|
132
102
|
|
133
103
|
# Each time a node is found using secure (Zena::Acts::Secure or Zena::Acts::SecureNode), this method is
|
134
104
|
# called to set the visitor in the found object. This is also used to keep track of the opened nodes
|
@@ -157,28 +127,6 @@ class User < ActiveRecord::Base
|
|
157
127
|
self[:email] || ""
|
158
128
|
end
|
159
129
|
|
160
|
-
# Store the password, using SHA1. You should change the default value of PASSWORD_SALT (in Zena::ROOT/lib/zena.rb). This makes it harder to use
|
161
|
-
# rainbow tables to find clear passwords from hashed values.
|
162
|
-
def password=(string)
|
163
|
-
if string.blank?
|
164
|
-
self[:password] = nil
|
165
|
-
elsif string && string.length > 4
|
166
|
-
self[:password] = User.hash_password(string)
|
167
|
-
else
|
168
|
-
@password_too_short = true
|
169
|
-
end
|
170
|
-
end
|
171
|
-
|
172
|
-
# Never display the password (even the hash) outside.
|
173
|
-
def password
|
174
|
-
""
|
175
|
-
end
|
176
|
-
|
177
|
-
# Test password
|
178
|
-
def password_is?(str)
|
179
|
-
self[:password] == User.hash_password(str)
|
180
|
-
end
|
181
|
-
|
182
130
|
def status_name
|
183
131
|
Num_to_status[status].to_s
|
184
132
|
end
|
@@ -191,13 +139,13 @@ class User < ActiveRecord::Base
|
|
191
139
|
# Return true if the user is the anonymous user for the current visited site
|
192
140
|
def is_anon?
|
193
141
|
# tested in site_test
|
194
|
-
|
142
|
+
user_site.anon_id == self[:id] && (!new_record? || self[:login].nil?) # (when creating a new site, anon_id == nil)
|
195
143
|
end
|
196
144
|
|
197
145
|
# Return true if the user is the super user for the current visited site
|
198
146
|
def is_su?
|
199
147
|
# tested in site_test
|
200
|
-
|
148
|
+
user_site.su_id == self[:id]
|
201
149
|
end
|
202
150
|
|
203
151
|
# Return true if the user's status is high enough to start editing nodes.
|
@@ -231,7 +179,7 @@ class User < ActiveRecord::Base
|
|
231
179
|
# Returns a list of the group ids separated by commas for the user (this is used mainly in SQL clauses).
|
232
180
|
def group_ids
|
233
181
|
@group_ids ||= if is_admin?
|
234
|
-
|
182
|
+
site.groups.map{|g| g[:id]}
|
235
183
|
else
|
236
184
|
groups.find(:all, :order=>'name').map{ |g| g[:id] }
|
237
185
|
end
|
@@ -287,20 +235,25 @@ class User < ActiveRecord::Base
|
|
287
235
|
end
|
288
236
|
|
289
237
|
private
|
238
|
+
|
239
|
+
def user_site
|
240
|
+
self.site || visitor.site # site when User is new
|
241
|
+
end
|
242
|
+
|
290
243
|
def create_contact
|
291
244
|
return unless visitor.site[:root_id] # do not try to create a contact if the root node is not created yet
|
292
245
|
|
293
246
|
@contact = secure!(Contact) { Contact.new(
|
294
247
|
# owner is the user except for anonymous and super user.
|
295
248
|
# TODO: not sure this is a good idea...
|
296
|
-
:user_id => (self[:id] ==
|
249
|
+
:user_id => (self[:id] == site[:anon_id] || self[:id] == site[:su_id]) ? visitor[:id] : self[:id],
|
297
250
|
:v_title => (name.blank? || first_name.blank?) ? login : fullname,
|
298
251
|
:c_first_name => first_name,
|
299
252
|
:c_name => (name || login ),
|
300
253
|
:c_email => email,
|
301
254
|
:v_status => Zena::Status[:pub]
|
302
255
|
)}
|
303
|
-
@contact[:parent_id] =
|
256
|
+
@contact[:parent_id] = site[:root_id]
|
304
257
|
|
305
258
|
unless @contact.save
|
306
259
|
# What do we do with this error ?
|
@@ -321,10 +274,10 @@ class User < ActiveRecord::Base
|
|
321
274
|
self[:site_id] = visitor.site[:id]
|
322
275
|
|
323
276
|
if new_record?
|
324
|
-
self.status =
|
325
|
-
self.lang =
|
277
|
+
self.status = site.anon.status if status.blank?
|
278
|
+
self.lang = site.anon.lang if lang.blank?
|
326
279
|
elsif status.blank?
|
327
|
-
self.status =
|
280
|
+
self.status = site.anon.status
|
328
281
|
end
|
329
282
|
|
330
283
|
if login.blank? && !is_anon?
|
@@ -332,36 +285,30 @@ class User < ActiveRecord::Base
|
|
332
285
|
end
|
333
286
|
end
|
334
287
|
|
335
|
-
# Returns the current site (self = visitor) or the visitor's site
|
336
|
-
# FIXME: remove and use 'site'
|
337
|
-
def current_site
|
338
|
-
@site || visitor.site
|
339
|
-
end
|
340
|
-
|
341
288
|
# Validates that anon user does not have a login, that other users have a password
|
342
289
|
# and that the login is unique for the sites the user belongs to.
|
343
290
|
def valid_user
|
344
291
|
self[:site_id] = visitor.site[:id]
|
345
292
|
|
346
|
-
if !
|
293
|
+
if !site.being_created? && !visitor.is_admin? && visitor[:id] != self[:id]
|
347
294
|
errors.add('base', 'You do not have the rights to do this.')
|
348
295
|
return false
|
349
296
|
end
|
350
297
|
|
351
|
-
errors.add('lang', 'not available') unless
|
298
|
+
errors.add('lang', 'not available') unless site.lang_list.include?(lang)
|
352
299
|
|
353
300
|
if is_anon?
|
354
301
|
# Anonymous user *must* have an empty login
|
355
302
|
self[:login] = nil
|
356
|
-
self[:
|
303
|
+
self[:crypted_password] = nil
|
357
304
|
else
|
358
305
|
if new_record?
|
359
306
|
# Refuse to add a user in a site if already a user with same login.
|
360
|
-
errors.add(:password, "can't be blank") if self[:
|
307
|
+
errors.add(:password, "can't be blank") if self[:crypted_password].nil? || self[:crypted_password] == ""
|
361
308
|
else
|
362
309
|
# get old password
|
363
310
|
old = User.find(self[:id])
|
364
|
-
self[:
|
311
|
+
self[:crypted_password] = old[:crypted_password] if self[:crypted_password].nil? || self[:crypted_password] == ""
|
365
312
|
errors.add(:login, "can't be blank") if self[:login].blank?
|
366
313
|
errors.add(:status, 'You do not have the rights to do this.') if self[:id] == visitor[:id] && old.is_admin? && self.status.to_i != old.status
|
367
314
|
end
|
@@ -386,14 +333,14 @@ class User < ActiveRecord::Base
|
|
386
333
|
def valid_groups #:doc:
|
387
334
|
g_ids = @defined_group_ids || (new_record? ? [] : group_set_ids)
|
388
335
|
g_ids.reject! { |g| g.blank? }
|
389
|
-
g_ids <<
|
390
|
-
g_ids <<
|
336
|
+
g_ids << site.public_group_id
|
337
|
+
g_ids << site.site_group_id unless is_anon?
|
391
338
|
g_ids.uniq!
|
392
339
|
g_ids.compact!
|
393
340
|
self.groups = []
|
394
341
|
g_ids.each do |id|
|
395
342
|
group = Group.find(id)
|
396
|
-
unless
|
343
|
+
unless site.being_created? || group.site_id == self.site_id
|
397
344
|
errors.add('group', 'not found')
|
398
345
|
next
|
399
346
|
end
|
@@ -403,7 +350,7 @@ class User < ActiveRecord::Base
|
|
403
350
|
|
404
351
|
# Do not allow destruction of the site's special users.
|
405
352
|
def dont_destroy_protected_users #:doc:
|
406
|
-
raise Zena::AccessViolation, "su and Anonymous users cannot be destroyed !" if
|
353
|
+
raise Zena::AccessViolation, "su and Anonymous users cannot be destroyed !" if site.protected_user_ids.include?(id)
|
407
354
|
end
|
408
355
|
|
409
356
|
def old
|
data/app/models/version.rb
CHANGED
@@ -38,7 +38,7 @@ class Version < ActiveRecord::Base
|
|
38
38
|
:zip => Number, :user_zip => Number # FIXME: replace by 'id'....
|
39
39
|
# writable
|
40
40
|
attr_accessible :title, :text, :summary, :comment, :publish_from, :lang, :status, :content_attributes, :dyn_attributes
|
41
|
-
|
41
|
+
safe_context :author => 'Contact', :user => 'User', :node => 'Node'
|
42
42
|
|
43
43
|
belongs_to :user
|
44
44
|
before_validation :version_before_validation
|
@@ -16,13 +16,13 @@
|
|
16
16
|
update_page_content(page, @comment)
|
17
17
|
=begin
|
18
18
|
if @comment.new_record?
|
19
|
-
page.replace "#{params[:dom_id]}_form", :file =>
|
19
|
+
page.replace "#{params[:dom_id]}_form", :file => template_path_from_template_url + "_form.erb"
|
20
20
|
else
|
21
21
|
pos = params[:position] || :before
|
22
22
|
ref = params[:reference] || "#{params[:dom_id]}_add"
|
23
|
-
page.insert_html pos.to_sym, ref, :file =>
|
23
|
+
page.insert_html pos.to_sym, ref, :file => template_path_from_template_url + ".erb"
|
24
24
|
@comment = Comment.new
|
25
|
-
page.replace "#{params[:dom_id]}_form", :file =>
|
25
|
+
page.replace "#{params[:dom_id]}_form", :file => template_path_from_template_url + "_form.erb"
|
26
26
|
if params[:done]
|
27
27
|
page << params[:done]
|
28
28
|
else
|
data/app/views/comments/edit.rjs
CHANGED
@@ -1,2 +1,2 @@
|
|
1
|
-
page.replace "#{params[:dom_id]}_#{@comment.zip}", :file =>
|
1
|
+
page.replace "#{params[:dom_id]}_#{@comment.zip}", :file => template_path_from_template_url + "_form.erb"
|
2
2
|
page << "$('#{params[:dom_id]}_form_t').focusFirstElement();"
|
@@ -1 +1 @@
|
|
1
|
-
page.replace "#{params[:dom_id]}.#{@comment.zip}", :file =>
|
1
|
+
page.replace "#{params[:dom_id]}.#{@comment.zip}", :file => template_path_from_template_url + ".erb"
|
@@ -12,7 +12,7 @@
|
|
12
12
|
<% else -%>
|
13
13
|
<td><%= node.errors.empty? ? (node[:create_or_update]) : 'error' %></td>
|
14
14
|
<td><%= _('%{count} versions') % {:count => node.instance_variable_get(:@versions_count)} %></td>
|
15
|
-
<td><%= !node.errors.empty? ?
|
15
|
+
<td><%= !node.errors.empty? ? node.errors.map {|k,v| "[#{k}] #{v}"}.join(', ') : 'ok' %></td>
|
16
16
|
<% end -%>
|
17
17
|
</tr>
|
18
18
|
<% end -%>
|
data/app/views/nodes/create.rjs
CHANGED
@@ -1,13 +1,13 @@
|
|
1
1
|
update_page_content(page, @node)
|
2
2
|
=begin
|
3
3
|
if @node.new_record?
|
4
|
-
page.replace "#{params[:dom_id]}_form", :file =>
|
4
|
+
page.replace "#{params[:dom_id]}_form", :file => template_path_from_template_url + "_form.erb"
|
5
5
|
else
|
6
6
|
pos = params[:position] || :before
|
7
7
|
ref = params[:reference] || "#{params[:dom_id]}_add"
|
8
|
-
page.insert_html pos.to_sym, ref, :file =>
|
8
|
+
page.insert_html pos.to_sym, ref, :file => template_path_from_template_url + ".erb"
|
9
9
|
@node = @node.parent.new_child(:class => @node.class)
|
10
|
-
page.replace "#{params[:dom_id]}_form", :file =>
|
10
|
+
page.replace "#{params[:dom_id]}_form", :file => template_path_from_template_url + "_form.erb"
|
11
11
|
if params[:done]
|
12
12
|
page << params[:done]
|
13
13
|
else
|
@@ -2,8 +2,7 @@
|
|
2
2
|
<%= hidden_field 'node', 'parent_id', :value=>@node.parent_zip %>
|
3
3
|
<p class="btn_validate"><input type="submit" value='<%= _('validate') %>'/></p>
|
4
4
|
|
5
|
-
|
6
|
-
<input id="attachment<%= @uuid %>" name="attachment" onchange="Zena.get_filename('attachment<%= @uuid %>','node_v_title'); $('node_v_title').focus(); $('node_v_title').select();" class='file' type="file" />
|
5
|
+
<%= upload_field %>
|
7
6
|
|
8
7
|
<label for='node_name'><%= _('title') %></label>
|
9
8
|
<input id='node_v_title' type='text' name='node[v_title]'/><br/>
|
@@ -1,9 +1,14 @@
|
|
1
1
|
<%= upload_form_tag( :controller => 'nodes', :action => 'import', :id => @node.parent_zip ) %>
|
2
2
|
<p class="btn_validate"><input type="submit" value='<%= _('validate') %>'/></p>
|
3
3
|
|
4
|
-
|
5
|
-
|
4
|
+
<%= upload_field %>
|
5
|
+
|
6
6
|
|
7
7
|
<label for='node_klass'><%= _('class of first element') %></label>
|
8
8
|
<%= select('node', 'klass', Node.classes_for_form, :selected => 'Page' ) %><br/>
|
9
|
+
|
10
|
+
<% if @node.can_publish? && !visitor.site.auto_publish? %>
|
11
|
+
<label for='node_v_status'><%= _('publish nodes') %></label>
|
12
|
+
<small><input type='checkbox' name='node[v_status]' value='50'/> <%= _('pub') %></small><br/>
|
13
|
+
<% end -%>
|
9
14
|
</form>
|