zena 0.16.9 → 1.0.0.beta1
Sign up to get free protection for your applications and to get access to all the features.
- data/.gitignore +16 -3
- data/CREDITS +8 -4
- data/History.txt +12 -15
- data/app/controllers/application_controller.rb +1 -0
- data/app/controllers/columns_controller.rb +130 -0
- data/app/controllers/documents_controller.rb +16 -4
- data/app/controllers/groups_controller.rb +1 -5
- data/app/controllers/iformats_controller.rb +1 -5
- data/app/controllers/nodes_controller.rb +116 -41
- data/app/controllers/preferences_controller.rb +2 -0
- data/app/controllers/relations_controller.rb +1 -5
- data/app/controllers/sites_controller.rb +1 -5
- data/app/controllers/user_sessions_controller.rb +8 -3
- data/app/controllers/users_controller.rb +23 -11
- data/app/controllers/versions_controller.rb +29 -46
- data/app/controllers/virtual_classes_controller.rb +20 -12
- data/app/helpers/documents_helper.rb +5 -1
- data/app/models/attachment.rb +41 -0
- data/app/models/base_contact.rb +79 -0
- data/app/models/cache.rb +2 -2
- data/app/models/cached_page.rb +5 -4
- data/app/models/column.rb +90 -0
- data/app/models/comment.rb +3 -1
- data/app/models/contact_content.rb +5 -5
- data/app/models/contact_version.rb +2 -2
- data/app/models/data_entry.rb +9 -8
- data/app/models/discussion.rb +4 -0
- data/app/models/document.rb +170 -42
- data/app/models/document_content.rb +5 -9
- data/app/models/group.rb +4 -3
- data/app/models/idx_nodes_ml_string.rb +5 -0
- data/app/models/idx_nodes_string.rb +5 -0
- data/app/models/idx_template.rb +35 -0
- data/app/models/iformat.rb +4 -4
- data/app/models/image.rb +193 -26
- data/app/models/link.rb +1 -1
- data/app/models/node.rb +358 -338
- data/app/models/note.rb +2 -4
- data/app/models/page.rb +10 -8
- data/app/models/reference.rb +1 -1
- data/app/models/relation.rb +40 -1
- data/app/models/relation_proxy.rb +37 -40
- data/app/models/role.rb +19 -0
- data/app/models/site.rb +54 -24
- data/app/models/skin.rb +1 -16
- data/app/models/template.rb +92 -62
- data/app/models/template_content.rb +12 -6
- data/app/models/text_document.rb +69 -36
- data/app/models/text_document_content.rb +3 -3
- data/app/models/user.rb +34 -13
- data/app/models/version.rb +47 -291
- data/app/models/virtual_class.rb +26 -29
- data/app/views/columns/_add.html.erb +6 -0
- data/app/views/columns/_form.html.erb +36 -0
- data/app/views/columns/_li.html.erb +11 -0
- data/app/views/columns/create.rjs +8 -0
- data/app/views/columns/destroy.rjs +6 -0
- data/app/views/columns/edit.html.erb +5 -0
- data/app/views/columns/index.html.erb +15 -0
- data/app/views/columns/new.html.erb +2 -0
- data/app/views/columns/show.rjs +1 -0
- data/app/views/columns/update.rjs +5 -0
- data/app/views/comments/_li.rhtml +1 -1
- data/app/views/comments/create.rjs +1 -1
- data/app/views/comments/index.rhtml +1 -1
- data/app/views/comments/publish.rjs +1 -1
- data/app/views/comments/remove.rjs +1 -1
- data/app/views/data_entries/_li.html.erb +1 -1
- data/app/views/discussions/create.rjs +1 -1
- data/app/views/documents/_crop.rhtml +4 -4
- data/app/views/documents/crop_form.rjs +1 -1
- data/app/views/documents/new.rhtml +1 -1
- data/app/views/documents/show.rhtml +4 -4
- data/app/views/groups/_form.rhtml +1 -1
- data/app/views/groups/index.rhtml +1 -1
- data/app/views/iformats/_form.rhtml +1 -1
- data/app/views/iformats/create.rjs +1 -1
- data/app/views/iformats/index.rhtml +1 -1
- data/app/views/links/create.rjs +1 -1
- data/app/views/links/destroy.rjs +1 -1
- data/app/views/links/show.rjs +1 -1
- data/app/views/nodes/_dates.rhtml +2 -2
- data/app/views/nodes/_gallery.rhtml +2 -2
- data/app/views/nodes/_list_nodes.rhtml +2 -2
- data/app/views/nodes/_parent.rhtml +1 -1
- data/app/views/nodes/_position.rhtml +2 -2
- data/app/views/nodes/_results.rhtml +1 -1
- data/app/views/nodes/create.rjs +1 -4
- data/app/views/nodes/destroy.erb +0 -0
- data/app/views/nodes/import.rhtml +1 -1
- data/app/views/nodes/save_text.rjs +3 -3
- data/app/views/nodes/table_update.rjs +1 -2
- data/app/views/nodes/update.rjs +1 -1
- data/app/views/relations/_form.erb +15 -15
- data/app/views/relations/_li.erb +5 -11
- data/app/views/relations/create.rjs +1 -1
- data/app/views/relations/index.erb +1 -1
- data/app/views/sites/_form.erb +3 -3
- data/app/views/sites/_li.erb +1 -1
- data/app/views/sites/index.erb +1 -1
- data/app/views/templates/document_create_tabs/_file.rhtml +3 -3
- data/app/views/templates/document_create_tabs/_template.rhtml +9 -9
- data/app/views/templates/document_create_tabs/{_text_doc.rhtml → _text_document.rhtml} +4 -4
- data/app/views/templates/edit_tabs/{_contact.rhtml → _basecontact.rhtml} +2 -2
- data/app/views/templates/edit_tabs/_document.rhtml +3 -3
- data/app/views/templates/edit_tabs/_help.rhtml +2 -2
- data/app/views/templates/edit_tabs/_image.rhtml +4 -4
- data/app/views/templates/edit_tabs/_template.rhtml +6 -6
- data/app/views/templates/edit_tabs/_text.rhtml +1 -1
- data/app/views/templates/edit_tabs/_textdocument.rhtml +4 -4
- data/app/views/templates/edit_tabs/_title.rhtml +9 -14
- data/app/views/users/_form.rhtml +1 -1
- data/app/views/users/change_info.rjs +1 -1
- data/app/views/users/change_password.rjs +1 -1
- data/app/views/users/index.rhtml +1 -1
- data/app/views/users/preferences.html.erb +10 -4
- data/app/views/users/update.rjs +1 -1
- data/app/views/versions/_list.rhtml +1 -1
- data/app/views/versions/_tr.rhtml +1 -1
- data/app/views/versions/backup.rjs +1 -1
- data/app/views/versions/destroy.rjs +6 -2
- data/app/views/versions/diff.rjs +1 -1
- data/app/views/versions/edit.rhtml +14 -6
- data/app/views/versions/preview.rjs +1 -1
- data/app/views/versions/show.rjs +1 -1
- data/app/views/virtual_classes/_add.erb +1 -1
- data/app/views/virtual_classes/_form.erb +15 -10
- data/app/views/virtual_classes/_li.erb +13 -7
- data/app/views/virtual_classes/create.rjs +2 -2
- data/app/views/virtual_classes/edit.html.erb +7 -0
- data/app/views/virtual_classes/index.erb +2 -2
- data/app/views/zafu/default/Node-+adminLayout.zafu +47 -0
- data/app/views/zafu/default/Node-+index.zafu +1 -0
- data/app/views/{templates/defaults/+login.zafu → zafu/default/Node-+login.zafu} +9 -7
- data/app/views/zafu/default/Node-+notFound.zafu +14 -0
- data/app/views/zafu/default/Node-+popupLayout.zafu +24 -0
- data/app/views/zafu/default/Node-+search.zafu +23 -0
- data/app/views/zafu/default/Node.zafu +95 -0
- data/bin/zena +0 -2
- data/bricks/captcha/lib/bricks/captcha.rb +62 -0
- data/bricks/captcha/zena/init.rb +11 -0
- data/bricks/data2pdf/.document +5 -0
- data/bricks/data2pdf/README +19 -0
- data/bricks/data2pdf/Rakefile +36 -0
- data/bricks/data2pdf/VERSION +1 -0
- data/bricks/data2pdf/lib/data2pdf.rb +60 -0
- data/bricks/data2pdf/lib/engines/prince.rb +39 -0
- data/bricks/data2pdf/lib/engines/xhtml2pdf.rb +41 -0
- data/bricks/data2pdf/lib/install.rb +111 -0
- data/bricks/data2pdf/test/engines/test_prince.rb +14 -0
- data/bricks/data2pdf/test/engines/test_xhtml2pdf.rb +14 -0
- data/bricks/data2pdf/test/fixtures/application.css +241 -0
- data/bricks/data2pdf/test/fixtures/contact.html +153 -0
- data/bricks/data2pdf/test/fixtures/pisa-default.css +207 -0
- data/bricks/data2pdf/test/fixtures/sheet1.css +207 -0
- data/bricks/data2pdf/test/fixtures/sheet2.css +207 -0
- data/bricks/data2pdf/test/fixtures/simple-html.html +337 -0
- data/bricks/data2pdf/test/fixtures/simple-text.txt +1 -0
- data/bricks/data2pdf/test/helper.rb +23 -0
- data/bricks/data2pdf/test/shoulda_macros/shoulda_data2pdf.rb +91 -0
- data/bricks/data2pdf/test/unit/test_rendering.rb +37 -0
- data/bricks/math/{patch/application_helper.rb → lib/bricks/math.rb} +0 -4
- data/bricks/math/zena/init.rb +4 -0
- data/bricks/sphinx/README +2 -2
- data/bricks/sphinx/lib/use_sphinx.rb +7 -11
- data/bricks/sphinx/{misc → zena}/deploy.rb +0 -0
- data/bricks/sphinx/{patch/node.rb → zena/init.rb} +1 -3
- data/bricks/sphinx/{migrate → zena/migrate}/20091102171258_add_delta_for_sphinx.rb +0 -0
- data/bricks/sphinx/{misc → zena}/sphinx.yml +0 -0
- data/bricks/sphinx/{misc → zena}/tasks.rb +0 -0
- data/bricks/tags/lib/{has_tags.rb → bricks/tags.rb} +12 -24
- data/bricks/tags/zena/init.rb +21 -0
- data/bricks/tags/{test → zena/test}/sites/zena/links.yml +0 -0
- data/bricks/tags/{test → zena/test}/unit/tags_test.rb +1 -1
- data/bricks/tags/zena/test/zafu/tags.yml +41 -0
- data/bricks/worker/README +2 -2
- data/bricks/worker/{misc → zena}/deploy.rb +0 -0
- data/bricks/worker/{misc → zena}/init.rb +2 -1
- data/bricks/worker/{migrate → zena/migrate}/20091104191643_create_delayed_jobs_table.rb +0 -0
- data/bricks/worker/{misc → zena}/tasks.rb +0 -0
- data/bricks/worker/{misc → zena}/worker +0 -0
- data/config/bricks.yml +2 -0
- data/config/deploy.rb +2 -7
- data/config/environment.rb +3 -5
- data/config/gems.yml +9 -4
- data/db/20100628074512_zena0x_to1x.rb +223 -0
- data/db/init/base/help.en.zml +3 -3
- data/db/init/base/help.fr.zml +3 -3
- data/db/init/base/skins.zml +2 -2
- data/db/init/base/skins/default.zml +4 -4
- data/db/init/base/skins/default/Node-+adminLayout.zafu +8 -7
- data/db/init/base/skins/default/Node-+login.zafu +9 -7
- data/db/init/base/skins/default/Node-+search.zafu +4 -1
- data/db/init/base/skins/default/Node-tree.zafu +3 -3
- data/db/init/base/skins/default/Node.zafu +20 -20
- data/db/init/base/skins/default/Project.zafu +1 -1
- data/db/init/base/skins/default/notes.zafu +5 -5
- data/db/init/base/skins/default/style.css +17 -12
- data/db/migrate/001_create_base.rb +1 -1
- data/db/migrate/008_user_status.rb +1 -1
- data/db/migrate/020_create_participation.rb +3 -3
- data/db/migrate/024_correct_vclass_kpath.rb +5 -3
- data/db/migrate/025_move_tag_into_vclass.rb +7 -5
- data/db/migrate/030_redit_auto_publish_site_settings.rb +2 -2
- data/db/migrate/032_caches_context_as_hash.rb +4 -2
- data/db/migrate/046_fix_zazen_image_tag.rb +2 -2
- data/db/migrate/047_change_default_link_id_to_zero.rb +4 -2
- data/db/migrate/20090825201159_insert_zero_link.rb +1 -1
- data/db/migrate/20090924141459_zafu_fix_sept09.rb +2 -2
- data/db/migrate/20100125062254_add_dynamo_to_version.rb +9 -0
- data/db/migrate/20100201133242_remove_default_status_on_version.rb +9 -0
- data/db/migrate/20100208194210_create_attachments.rb +17 -0
- data/db/migrate/20100210112319_change_dynamo_to_property.rb +9 -0
- data/db/migrate/20100320145726_transform_template_contents_into_index.rb +13 -0
- data/db/migrate/20100328125634_change_skin_name_to_id.rb +31 -0
- data/db/migrate/20100417061257_add_properties_to_sites.rb +9 -0
- data/db/migrate/20100419163149_rename_name_to_node_name.rb +9 -0
- data/db/migrate/20100422091606_change_v_class_table_into_roles.rb +27 -0
- data/db/migrate/20100422094048_node_habtm_roles.rb +13 -0
- data/db/migrate/20100422115935_create_columns.rb +15 -0
- data/db/migrate/20100513181529_add_site_id_to_columns.rb +9 -0
- data/db/migrate/20100519091711_add_index_definition_to_columns.rb +9 -0
- data/db/migrate/20100519091940_create_idx_nodes_string.rb +14 -0
- data/db/migrate/20100519232432_create_idx_nodes_ml_string.rb +15 -0
- data/db/migrate/20100525113858_add_porperties_to_users.rb +9 -0
- data/db/migrate/20100526090140_renamed_contact_model_to_base_contact.rb +13 -0
- data/db/migrate/20100527130937_change_column_index_to_string.rb +9 -0
- data/db/migrate/20100531135128_add_fulltext_builder_fields.rb +28 -0
- data/doc/zafu_changes.yml +2 -2
- data/lib/bricks/loader.rb +48 -26
- data/lib/exif_data.rb +21 -1
- data/lib/gettext_strings.rb +8 -1
- data/lib/tasks/zena.rake +55 -20
- data/lib/version_off.rb +323 -0
- data/lib/zazen_parser.rb +9 -0
- data/lib/zena.rb +13 -14
- data/lib/zena/acts/enrollable.rb +232 -0
- data/lib/zena/acts/secure.rb +86 -506
- data/lib/zena/acts/secure_node.rb +483 -0
- data/lib/zena/acts/serializable.rb +149 -0
- data/lib/zena/app.rb +36 -23
- data/lib/zena/code_syntax.rb +26 -2
- data/lib/zena/controller/test_case.rb +23 -2
- data/lib/zena/core_ext/file_utils.rb +3 -3
- data/lib/zena/core_ext/string.rb +2 -2
- data/lib/zena/db.rb +180 -24
- data/lib/zena/deploy.rb +140 -183
- data/lib/zena/deploy/awstats.conf.rhtml +4 -4
- data/lib/zena/deploy/httpd.rhtml +1 -2
- data/lib/zena/deploy/stats.vhost.rhtml +7 -7
- data/lib/zena/deploy/vhost.rhtml +1 -1
- data/lib/zena/deploy/vhost_www.rhtml +4 -4
- data/lib/zena/foxy_parser.rb +345 -295
- data/lib/zena/info.rb +1 -2
- data/lib/zena/integration/test_case.rb +70 -0
- data/lib/zena/loader/yaml_loader.rb +80 -0
- data/lib/zena/migrator.rb +2 -2
- data/lib/zena/parser.rb +19 -17
- data/lib/zena/parser/zafu_rules.rb +7 -0
- data/lib/zena/parser/zafu_tags.rb +2 -2
- data/lib/zena/parser/zazen_rules.rb +9 -29
- data/lib/zena/parser/zena_rules.rb +2 -2
- data/lib/zena/refactor/act_as_content.rb +6 -0
- data/lib/zena/routes.rb +9 -3
- data/lib/zena/site_worker.rb +48 -0
- data/lib/zena/test_controller.rb +49 -12
- data/lib/zena/use.rb +47 -0
- data/lib/zena/use/action.rb +230 -0
- data/lib/zena/use/ajax.rb +287 -13
- data/lib/zena/use/authlogic.rb +28 -12
- data/lib/zena/use/calendar.rb +2 -2
- data/lib/zena/use/conditional.rb +41 -0
- data/lib/zena/use/context.rb +187 -0
- data/lib/zena/use/dates.rb +87 -30
- data/lib/zena/use/display.rb +598 -0
- data/lib/zena/use/dyn_attributes.rb +4 -4
- data/lib/zena/use/error_rendering.rb +3 -1
- data/lib/zena/use/fixtures.rb +56 -22
- data/lib/zena/use/forms.rb +584 -0
- data/lib/zena/use/fulltext.rb +90 -0
- data/lib/zena/use/grid.rb +12 -7
- data/lib/zena/use/html_tags.rb +8 -459
- data/lib/zena/use/i18n.rb +172 -109
- data/lib/zena/use/image_builder.rb +1 -2
- data/lib/zena/use/ml_index.rb +56 -0
- data/lib/zena/use/nested_attributes_alias.rb +2 -2
- data/lib/zena/use/node_name.rb +94 -0
- data/lib/zena/use/query_builder.rb +355 -0
- data/lib/zena/use/query_comment.rb +63 -73
- data/lib/zena/use/query_node.rb +404 -317
- data/lib/zena/use/recursion.rb +71 -0
- data/lib/zena/use/refactor.rb +27 -40
- data/lib/zena/use/relations.rb +9 -3
- data/lib/zena/use/rendering.rb +143 -116
- data/lib/zena/use/search.rb +79 -21
- data/lib/zena/use/test_helper.rb +17 -9
- data/lib/zena/use/upload.rb +1 -1
- data/lib/zena/use/urls.rb +534 -28
- data/lib/zena/use/version_hash.rb +154 -0
- data/lib/zena/use/workflow.rb +635 -0
- data/lib/zena/use/zafu_attributes.rb +205 -0
- data/lib/zena/use/zafu_eval.rb +21 -0
- data/lib/zena/use/zafu_safe_definitions.rb +36 -0
- data/lib/zena/use/zafu_templates.rb +459 -0
- data/lib/zena/use/zazen.rb +53 -23
- data/lib/zena/view/test_case.rb +56 -7
- data/lib/zena/webdav_adapter.rb +8 -8
- data/lib/zena/zafu_compiler.rb +25 -0
- data/locale/de/LC_MESSAGES/zena.mo +0 -0
- data/locale/de/zena.mo +0 -0
- data/locale/de/zena.po +920 -781
- data/locale/en/LC_MESSAGES/zena.mo +0 -0
- data/locale/en/zena.mo +0 -0
- data/locale/en/zena.po +530 -405
- data/locale/fr/LC_MESSAGES/zena.mo +0 -0
- data/locale/fr/zena.mo +0 -0
- data/locale/fr/zena.po +588 -432
- data/locale/zena.pot +391 -353
- data/old_zafu/action.rb +129 -0
- data/{lib/zafu → old_zafu}/ajax.rb +0 -24
- data/{lib/zafu → old_zafu}/attributes.rb +2 -2
- data/{lib/zafu → old_zafu}/calendar.rb +1 -1
- data/{lib/zafu → old_zafu}/context.rb +4 -8
- data/{lib/zafu → old_zafu}/core/html.rb +1 -1
- data/old_zafu/core/move_to_parser.rb +74 -0
- data/old_zafu/dates.rb +20 -0
- data/{lib/zafu → old_zafu}/display.rb +33 -146
- data/{lib/zafu → old_zafu}/eval.rb +0 -0
- data/{lib/zafu → old_zafu}/experimental.rb +1 -1
- data/{lib/zafu → old_zafu}/i18n.rb +1 -1
- data/{lib/zafu → old_zafu}/meta.rb +0 -0
- data/old_zafu/query_node.rb +278 -0
- data/{lib/zafu → old_zafu}/refactor.rb +2 -12
- data/old_zafu/support/context.rb +146 -0
- data/{lib/zafu → old_zafu}/support/dom.rb +1 -43
- data/{lib/zafu → old_zafu}/support/erb.rb +0 -0
- data/{lib/zafu → old_zafu}/support/flow.rb +1 -13
- data/old_zafu/support/forms.rb +7 -0
- data/old_zafu/support/links.rb +75 -0
- data/{lib → old_zafu}/zafu_parser.rb +2 -2
- data/public/images/attach_window.png +0 -0
- data/public/images/dettach_window.png +0 -0
- data/public/images/ext/{contact.png → basecontact.png} +0 -0
- data/public/images/toggle_off.png +0 -0
- data/public/images/toggle_on.png +0 -0
- data/public/images/window/bottom_left.png +0 -0
- data/public/images/window/bottom_mid.png +0 -0
- data/public/images/window/bottom_right.png +0 -0
- data/public/images/window/center_left.png +0 -0
- data/public/images/window/center_right.png +0 -0
- data/public/images/window/close.png +0 -0
- data/public/images/window/maximize.png +0 -0
- data/public/images/window/minimize.png +0 -0
- data/public/images/window/overlay.png +0 -0
- data/public/images/window/sizer.png +0 -0
- data/public/images/window/top_left.png +0 -0
- data/public/images/window/top_mid.png +0 -0
- data/public/images/window/top_right.png +0 -0
- data/public/javascripts/builder.js +1 -3
- data/public/javascripts/controls.js +3 -5
- data/public/javascripts/dragdrop.js +5 -8
- data/public/javascripts/effects.js +6 -15
- data/public/javascripts/prototype.js +1574 -1020
- data/public/javascripts/scriptaculous.js +13 -7
- data/public/javascripts/slider.js +5 -7
- data/public/javascripts/sound.js +6 -4
- data/public/javascripts/unittest.js +69 -71
- data/public/javascripts/window.js +1843 -0
- data/public/javascripts/zena.js +216 -16
- data/public/stylesheets/admin.css +18 -13
- data/public/stylesheets/default.css +18 -17
- data/public/stylesheets/popup.css +4 -4
- data/public/stylesheets/window.css +155 -0
- data/public/stylesheets/zena.css +9 -8
- data/test/custom_queries/complex.host.yml +8 -8
- data/test/fixtures/files/Node-test.zafu +11 -11
- data/test/fixtures/files/import.tgz +0 -0
- data/test/fixtures/files/simple.zml.gz +0 -0
- data/test/fixtures/import/photos.en.zml +3 -3
- data/test/fixtures/import/photos/bird.jpg.en.zml +1 -1
- data/test/fixtures/import/photos/bird.jpg.fr.zml +1 -1
- data/test/fixtures/import/simple.zml +2 -2
- data/test/functional/application_controller_test.rb +2 -41
- data/test/functional/columns_controller_test.rb +140 -0
- data/test/functional/data_entries_controller_test.rb +1 -1
- data/test/functional/documents_controller_test.rb +88 -5
- data/test/functional/nodes_controller_commit_test.rb +71 -0
- data/test/functional/nodes_controller_test.rb +393 -93
- data/test/functional/note_controller_test.rb +5 -5
- data/test/functional/relations_controller_test.rb +1 -1
- data/test/functional/users_controller_test.rb +72 -14
- data/test/functional/versions_controller_test.rb +9 -8
- data/test/functional/virtual_classes_controller_test.rb +142 -65
- data/test/integration/multiple_hosts_test.rb +28 -20
- data/test/integration/navigation_test.rb +121 -83
- data/test/integration/query_node/basic.yml +128 -0
- data/test/integration/query_node/comments.yml +23 -0
- data/test/integration/query_node/complex.yml +111 -0
- data/test/integration/query_node/dates.yml +22 -0
- data/test/integration/query_node/errors.yml +12 -0
- data/test/integration/query_node/filters.yml +123 -0
- data/test/integration/query_node/properties.yml +41 -0
- data/test/integration/query_node/relations.yml +75 -0
- data/test/integration/query_node_test.rb +189 -0
- data/test/integration/xml_api_test.rb +166 -0
- data/test/integration/zafu_compiler/action.yml +67 -0
- data/test/integration/zafu_compiler/ajax.yml +263 -0
- data/test/{unit/zena/zena_tags → integration/zafu_compiler}/apphelper.yml +0 -0
- data/test/integration/zafu_compiler/asset.yml +13 -0
- data/test/integration/zafu_compiler/basic.yml +518 -0
- data/test/integration/zafu_compiler/calendar.yml +35 -0
- data/test/{unit/zena/zena_tags → integration/zafu_compiler}/complex.yml +16 -16
- data/test/integration/zafu_compiler/conditional.yml +173 -0
- data/test/{unit/zena/zena_tags → integration/zafu_compiler}/data.yml +3 -3
- data/test/integration/zafu_compiler/dates.yml +58 -0
- data/test/integration/zafu_compiler/display.yml +273 -0
- data/test/integration/zafu_compiler/errors.yml +79 -0
- data/test/{unit/zena/zena_tags → integration/zafu_compiler}/eval.yml +6 -2
- data/test/integration/zafu_compiler/forms.yml +130 -0
- data/test/integration/zafu_compiler/i18n.yml +107 -0
- data/test/integration/zafu_compiler/later.yml +31 -0
- data/test/integration/zafu_compiler/off/off.yml +15 -0
- data/test/integration/zafu_compiler/recursion.yml +28 -0
- data/test/integration/zafu_compiler/relations.yml +487 -0
- data/test/integration/zafu_compiler/roles.yml +28 -0
- data/test/{unit/zena/zena_tags → integration/zafu_compiler}/rubyless.yml +10 -9
- data/test/integration/zafu_compiler/safe_definitions.yml +65 -0
- data/test/integration/zafu_compiler/search.yml +13 -0
- data/test/integration/zafu_compiler/security.yml +30 -0
- data/test/integration/zafu_compiler/site.yml +14 -0
- data/test/integration/zafu_compiler/urls.yml +189 -0
- data/test/integration/zafu_compiler/user.yml +32 -0
- data/test/integration/zafu_compiler/version.yml +47 -0
- data/test/integration/zafu_compiler/workflow.yml +36 -0
- data/test/integration/zafu_compiler/zafu_attributes.yml +169 -0
- data/test/{unit/zena/zena_tags → integration/zafu_compiler}/zazen.yml +7 -3
- data/test/{unit/zena/zena_tags_test.rb → integration/zafu_compiler_test.rb} +137 -57
- data/test/sites/complex/nodes.yml +48 -47
- data/test/sites/complex/{virtual_classes.yml → roles.yml} +2 -1
- data/test/sites/ocean/nodes.yml +7 -7
- data/test/sites/ocean/versions.yml +30 -21
- data/test/sites/zena/columns.yml +12 -0
- data/test/sites/zena/nodes.yml +33 -32
- data/test/sites/zena/{virtual_classes.yml → roles.yml} +11 -1
- data/test/sites/zena/sites.yml +4 -1
- data/test/sites/zena/users.yml +5 -4
- data/test/sites/zena/versions.yml +398 -279
- data/test/test_helper.rb +2 -1
- data/test/test_zena.rb +3 -8
- data/test/unit/after_commit_test.rb +103 -0
- data/test/unit/attachment_test.rb +266 -0
- data/test/unit/base_contact_test.rb +242 -0
- data/test/unit/cached_page_test.rb +6 -6
- data/test/unit/column_test.rb +77 -0
- data/test/unit/comment_test.rb +1 -1
- data/test/unit/data_entry_test.rb +8 -2
- data/test/unit/document_test.rb +393 -211
- data/test/unit/exif_data_test.rb +1 -1
- data/test/unit/iformat_test.rb +9 -9
- data/test/unit/image_test.rb +358 -284
- data/test/unit/multi_version_test.rb +4 -0
- data/test/unit/multiversion_test.rb +2 -1013
- data/test/unit/node_name_test.rb +137 -0
- data/test/unit/node_test.rb +374 -461
- data/test/unit/note_test.rb +23 -23
- data/test/unit/page_test.rb +23 -23
- data/test/unit/project_test.rb +2 -2
- data/test/unit/relation_proxy_test.rb +25 -6
- data/test/unit/relation_test.rb +156 -24
- data/test/unit/role_test.rb +122 -0
- data/test/unit/section_test.rb +2 -2
- data/test/unit/site_test.rb +48 -12
- data/test/unit/skin_test.rb +0 -13
- data/test/unit/template_test.rb +361 -314
- data/test/unit/text_document_test.rb +105 -33
- data/test/unit/transparent_version_test.rb +4 -0
- data/test/unit/user_test.rb +10 -10
- data/test/unit/version_test.rb +209 -301
- data/test/unit/virtual_class_test.rb +21 -29
- data/test/unit/workflow_test.rb +1075 -0
- data/test/unit/zena/acts/enrollable_test.rb +211 -0
- data/test/unit/{secure_test.rb → zena/acts/secure_test.rb} +190 -105
- data/test/unit/zena/acts/serializable_test.rb +85 -0
- data/test/unit/zena/db_test.rb +27 -14
- data/test/unit/zena/parser/zazen.yml +1 -1
- data/test/unit/zena/use/action_test.rb +109 -0
- data/test/unit/zena/use/calendar_test.rb +8 -8
- data/test/unit/zena/use/dates_test.rb +10 -0
- data/test/unit/zena/use/dates_view_methods_test.rb +8 -12
- data/test/unit/zena/use/fulltext_test.rb +82 -0
- data/test/unit/zena/use/html_tags_test.rb +225 -201
- data/test/unit/zena/use/i18n_test.rb +56 -26
- data/test/unit/zena/use/ml_index_test.rb +129 -0
- data/test/unit/zena/use/nested_attributes_alias_view_test.rb +10 -10
- data/test/unit/zena/use/query_node_test.rb +104 -0
- data/test/unit/zena/use/refactor_test.rb +4 -15
- data/test/unit/zena/use/rendering_test.rb +23 -16
- data/test/unit/zena/use/upload_test.rb +2 -2
- data/test/unit/zena/use/urls_test.rb +2 -0
- data/test/unit/zena/use/version_hash_test.rb +126 -0
- data/test/unit/zena/use/zafu_template_test.rb +135 -0
- data/test/unit/zena/use/zazen_test.rb +85 -61
- data/vendor/plugins/gettext_i18n_rails/README.markdown +26 -22
- data/vendor/plugins/gettext_i18n_rails/Rakefile +31 -5
- data/vendor/plugins/gettext_i18n_rails/VERSION +1 -0
- data/vendor/plugins/gettext_i18n_rails/gettext_i18n_rails.gemspec +64 -0
- data/vendor/plugins/gettext_i18n_rails/init.rb +7 -3
- data/vendor/plugins/gettext_i18n_rails/lib/gettext_i18n_rails.rb +5 -6
- data/vendor/plugins/gettext_i18n_rails/lib/gettext_i18n_rails/active_record.rb +6 -2
- data/vendor/plugins/gettext_i18n_rails/lib/gettext_i18n_rails/backend.rb +1 -1
- data/vendor/plugins/gettext_i18n_rails/lib/gettext_i18n_rails/model_attributes_finder.rb +2 -2
- data/vendor/plugins/gettext_i18n_rails/{tasks → lib/tasks}/gettext_rails_i18n.rake +10 -9
- data/vendor/plugins/gettext_i18n_rails/spec/gettext_i18n_rails/action_controller_spec.rb +7 -3
- data/vendor/plugins/gettext_i18n_rails/spec/gettext_i18n_rails/active_record_spec.rb +7 -5
- data/vendor/plugins/gettext_i18n_rails/spec/gettext_i18n_rails/backend_spec.rb +7 -7
- data/vendor/plugins/gettext_i18n_rails/spec/gettext_i18n_rails_spec.rb +4 -0
- data/vendor/plugins/gettext_i18n_rails/spec/spec_helper.rb +11 -9
- data/vendor/plugins/mysql_timezone_utc/init.rb +1 -0
- data/vendor/plugins/mysql_timezone_utc/lib/mysql_timezone_utc.rb +14 -0
- data/vendor/plugins/postgresql_timezone_utc/init.rb +1 -0
- data/vendor/plugins/postgresql_timezone_utc/lib/postgresql_timezone_utc.rb +14 -0
- data/zena.gemspec +281 -123
- metadata +354 -160
- data/app/models/contact.rb +0 -32
- data/app/models/document_version.rb +0 -13
- data/app/models/image_version.rb +0 -21
- data/app/models/text_document_version.rb +0 -29
- data/app/views/templates/defaults/+adminLayout.zafu +0 -69
- data/bricks/captcha/patch/application_controller.rb +0 -10
- data/bricks/captcha/patch/application_helper.rb +0 -32
- data/bricks/captcha/patch/site.rb +0 -2
- data/bricks/captcha/zafu/captcha.rb +0 -29
- data/bricks/tags/patch/node.rb +0 -15
- data/bricks/tags/test/zafu/tags.yml +0 -40
- data/db/schema.rb +0 -295
- data/lib/zafu/action.rb +0 -285
- data/lib/zafu/core/move_to_parser.rb +0 -167
- data/lib/zafu/dates.rb +0 -58
- data/lib/zafu/support/context.rb +0 -265
- data/lib/zafu/support/forms.rb +0 -461
- data/lib/zafu/support/links.rb +0 -306
- data/lib/zena/acts/multiversion.rb +0 -755
- data/lib/zena/fix/mysql_connection.rb +0 -17
- data/lib/zena/use/query_node_finders.rb +0 -91
- data/lib/zena/use/zafu.rb +0 -514
- data/test/helpers/query_node/basic.yml +0 -149
- data/test/helpers/query_node/comments.yml +0 -18
- data/test/helpers/query_node/complex.yml +0 -98
- data/test/helpers/query_node/filters.yml +0 -110
- data/test/helpers/query_node/relations.yml +0 -43
- data/test/helpers/query_node_test.rb +0 -116
- data/test/sites/ocean/contact_contents.yml +0 -19
- data/test/sites/ocean/template_contents.yml +0 -8
- data/test/sites/zena/contact_contents.yml +0 -55
- data/test/sites/zena/document_contents.yml +0 -76
- data/test/sites/zena/dyn_attributes.yml +0 -43
- data/test/sites/zena/template_contents.yml +0 -103
- data/test/unit/contact_content_test.rb +0 -33
- data/test/unit/contact_test.rb +0 -39
- data/test/unit/contact_version_test.rb +0 -48
- data/test/unit/document_content_test.rb +0 -110
- data/test/unit/document_version_test.rb +0 -11
- data/test/unit/dyn_attributes_test.rb +0 -229
- data/test/unit/image_content_test.rb +0 -154
- data/test/unit/image_version_test.rb +0 -18
- data/test/unit/template_content_test.rb +0 -9
- data/test/unit/text_document_version_test.rb +0 -37
- data/test/unit/zena/use/zafu_test.rb +0 -41
- data/test/unit/zena/zena_tags/ajax.yml +0 -233
- data/test/unit/zena/zena_tags/basic.yml +0 -1306
- data/test/unit/zena/zena_tags/errors.yml +0 -71
- data/test/unit/zena/zena_tags/relations.yml +0 -405
@@ -0,0 +1,483 @@
|
|
1
|
+
module Zena
|
2
|
+
module Acts
|
3
|
+
module SecureNode
|
4
|
+
|
5
|
+
# this is called when the module is extended into the Node class
|
6
|
+
def acts_as_secure_node
|
7
|
+
belongs_to :rgroup, :class_name=>'Group', :foreign_key=>'rgroup_id'
|
8
|
+
belongs_to :wgroup, :class_name=>'Group', :foreign_key=>'wgroup_id'
|
9
|
+
belongs_to :dgroup, :class_name=>'Group', :foreign_key=>'dgroup_id'
|
10
|
+
belongs_to :user
|
11
|
+
before_validation :secure_reference_before_validation
|
12
|
+
# we move all before_validation on update and create here so that it is triggered before multiversion's before_validation
|
13
|
+
before_validation :secure_before_validation
|
14
|
+
|
15
|
+
validate :record_must_be_secured
|
16
|
+
#validate {|r| r.errors.add(:base, 'record not secured') unless r.instance_variable_get(:@visitor)}
|
17
|
+
validate_on_update {|r| r.errors.add('site_id', 'cannot change') if r.site_id_changed? }
|
18
|
+
|
19
|
+
validate_on_create :secure_on_create
|
20
|
+
validate_on_update :secure_on_update
|
21
|
+
|
22
|
+
before_save :secure_before_save
|
23
|
+
after_save :secure_after_save
|
24
|
+
|
25
|
+
before_destroy :secure_on_destroy
|
26
|
+
|
27
|
+
include Zena::Acts::SecureNode::InstanceMethods
|
28
|
+
|
29
|
+
class << self
|
30
|
+
|
31
|
+
# kpath is a class shortcut to avoid tons of 'OR type = Page OR type = Document'
|
32
|
+
# we build this path with the first letter of each class. The example bellow
|
33
|
+
# shows how the kpath is built:
|
34
|
+
# class hierarchy
|
35
|
+
# Node --> N
|
36
|
+
# Note --> NN Page --> NP
|
37
|
+
# Document Form Section
|
38
|
+
# NPD NPF NPP
|
39
|
+
# So now, to get all Pages, your sql becomes : WHERE kpath LIKE 'NP%'
|
40
|
+
# to get all Documents : WHERE kpath LIKE 'NPD%'
|
41
|
+
# all pages without Documents : WHERE kpath LIKE 'NP%' AND NOT LIKE 'NPD%'
|
42
|
+
attr_accessor :kpath
|
43
|
+
|
44
|
+
def kpath
|
45
|
+
@kpath ||= make_kpath
|
46
|
+
end
|
47
|
+
|
48
|
+
private
|
49
|
+
def make_kpath
|
50
|
+
superclass.respond_to?(:kpath) ? (superclass.kpath + ksel) : ksel
|
51
|
+
end
|
52
|
+
end
|
53
|
+
|
54
|
+
extend Zena::Acts::SecureNode::ClassMethods
|
55
|
+
end
|
56
|
+
|
57
|
+
module InstanceMethods
|
58
|
+
include RubyLess
|
59
|
+
safe_method :public? => Boolean, :empty? => Boolean
|
60
|
+
|
61
|
+
def record_must_be_secured
|
62
|
+
errors.add(:base, 'record not secured') unless secured?
|
63
|
+
end
|
64
|
+
|
65
|
+
# Store visitor to produce scope when needed and to retrieve correct editions.
|
66
|
+
def visitor=(visitor)
|
67
|
+
@visitor = visitor
|
68
|
+
self
|
69
|
+
end
|
70
|
+
|
71
|
+
# Return true if the node can be viewed by all (public)
|
72
|
+
def public?
|
73
|
+
can_read?(visitor.site.anon,visitor.site.anon.group_ids) # visible by anonymous
|
74
|
+
end
|
75
|
+
|
76
|
+
# Return true if the node is properly secured (was loaded with secure)
|
77
|
+
def secured?
|
78
|
+
@visitor && @visitor == Thread.current[:visitor]
|
79
|
+
end
|
80
|
+
|
81
|
+
# Return true if the node is not a reference for any other nodes
|
82
|
+
def empty?
|
83
|
+
return true if new_record?
|
84
|
+
0 == self.class.count_by_sql("SELECT COUNT(*) FROM #{self.class.table_name} WHERE #{ref_field} = #{self[:id]}")
|
85
|
+
end
|
86
|
+
|
87
|
+
# people who can read:
|
88
|
+
# * super user
|
89
|
+
# * members of +read_group+ if the node is published and the current date is greater or equal to the publication date
|
90
|
+
# * members of +write_group+
|
91
|
+
def can_read?(vis = visitor, ugps=visitor.group_ids)
|
92
|
+
( vis.is_su? ) || # super user
|
93
|
+
( ugps.include?(rgroup_id) && publish_from && Time.now >= publish_from ) ||
|
94
|
+
( ugps.include?(wgroup_id) )
|
95
|
+
end
|
96
|
+
|
97
|
+
# people who can write:
|
98
|
+
# * super user
|
99
|
+
# * members of +write_group+ if there status is at least 'user'.
|
100
|
+
def can_write?(vis=visitor, ugps=visitor.group_ids)
|
101
|
+
( vis.is_su? ) || # super user
|
102
|
+
( ugps.include?(wgroup_id) && visitor.user?) # write group
|
103
|
+
end
|
104
|
+
|
105
|
+
# Returns true if the current visitor can see redactions (unpublished versions)
|
106
|
+
# of the node.
|
107
|
+
def can_see_redactions?(ugps = visitor.group_ids)
|
108
|
+
visitor.group_ids.include?(wgroup_id)
|
109
|
+
end
|
110
|
+
|
111
|
+
# The node has just been created so the creator can still delete it
|
112
|
+
# or move it around.
|
113
|
+
def draft?(vis=visitor)
|
114
|
+
!publish_from && visitor.id == user_id &&
|
115
|
+
visitor.user? && visitor.id == version.user_id &&
|
116
|
+
versions.count == 1
|
117
|
+
end
|
118
|
+
|
119
|
+
# The node has just been created so the creator can still delete it
|
120
|
+
# or move it around.
|
121
|
+
def draft_was_true?(vis=visitor)
|
122
|
+
!publish_from_was && visitor.id == user_id_was &&
|
123
|
+
visitor.user? && visitor.id == version.user_id_was &&
|
124
|
+
versions.count == 1
|
125
|
+
end
|
126
|
+
|
127
|
+
# Can alter node (move around, name, rwp groups, etc).
|
128
|
+
# * super user
|
129
|
+
# * members of +drive_group+ if member status is at least 'user'
|
130
|
+
def can_drive?(vis=visitor, ugps=visitor.group_ids)
|
131
|
+
( vis.is_su? ) || # super user
|
132
|
+
( vis.user? && (ugps.include?(dgroup_id) || draft?) )
|
133
|
+
end
|
134
|
+
|
135
|
+
# 'can_drive?' before attribute change
|
136
|
+
def can_drive_was_true?(vis=visitor, ugps=visitor.group_ids)
|
137
|
+
( vis.is_su? ) || # super user
|
138
|
+
( vis.user? && (ugps.include?(dgroup_id_was) || draft_was_true?) )
|
139
|
+
end
|
140
|
+
|
141
|
+
# 'can_drive?' without draft? exceptions
|
142
|
+
def full_drive?(vis=visitor, ugps=visitor.group_ids)
|
143
|
+
( vis.is_su? ) || # super user
|
144
|
+
( vis.user? && ugps.include?(dgroup_id) )
|
145
|
+
end
|
146
|
+
|
147
|
+
# 'full_drive?' before attribute change
|
148
|
+
def full_drive_was_true?(vis=visitor, ugps=visitor.group_ids)
|
149
|
+
( vis.is_su? ) || # super user
|
150
|
+
( vis.user? && ugps.include?(dgroup_id_was) )
|
151
|
+
end
|
152
|
+
|
153
|
+
def secure_before_validation
|
154
|
+
if new_record?
|
155
|
+
secure_before_validation_on_create
|
156
|
+
else
|
157
|
+
secure_before_validation_on_update
|
158
|
+
end
|
159
|
+
end
|
160
|
+
|
161
|
+
def secure_before_validation_on_create
|
162
|
+
# set defaults before validation
|
163
|
+
self[:site_id] = visitor.site.id
|
164
|
+
self[:user_id] = visitor.id
|
165
|
+
self[:ref_lang] = visitor.lang
|
166
|
+
|
167
|
+
[:rgroup_id, :wgroup_id, :dgroup_id, :skin].each do |sym|
|
168
|
+
# not defined => inherit
|
169
|
+
self[sym] ||= ref[sym]
|
170
|
+
end
|
171
|
+
|
172
|
+
if inherit.nil?
|
173
|
+
if rgroup_id == ref.rgroup_id && wgroup_id == ref.wgroup_id && dgroup_id == ref.dgroup_id
|
174
|
+
self[:inherit] = 1
|
175
|
+
else
|
176
|
+
self[:inherit] = 0
|
177
|
+
end
|
178
|
+
end
|
179
|
+
true
|
180
|
+
end
|
181
|
+
|
182
|
+
def secure_before_validation_on_update
|
183
|
+
self[:kpath] = self.vclass.kpath if vclass_id_changed? or type_changed?
|
184
|
+
true
|
185
|
+
end
|
186
|
+
|
187
|
+
# Make sure the reference object (the one from which this object inherits) exists before validating.
|
188
|
+
def secure_reference_before_validation
|
189
|
+
if ref == nil
|
190
|
+
errors.add(ref_field, "invalid reference")
|
191
|
+
return false
|
192
|
+
end
|
193
|
+
true
|
194
|
+
end
|
195
|
+
|
196
|
+
# 1. validate the presence of a valid project (one in which the visitor has write access and project<>self !)
|
197
|
+
# 2. validate the presence of a valid reference (project or parent) (in which the visitor has write access and ref<>self !)
|
198
|
+
# 3. validate +drive_group+ value (same as parent or ref.can_drive? and valid)
|
199
|
+
# 4. validate +rw groups+ :
|
200
|
+
# a. if can_drive? : valid groups
|
201
|
+
# b. else inherit or private
|
202
|
+
# 5. validate the rest
|
203
|
+
def secure_on_create
|
204
|
+
case inherit
|
205
|
+
when 1
|
206
|
+
# force inheritance
|
207
|
+
self[:rgroup_id] = ref.rgroup_id
|
208
|
+
self[:wgroup_id] = ref.wgroup_id
|
209
|
+
self[:dgroup_id] = ref.dgroup_id
|
210
|
+
self[:skin ] = ref.skin
|
211
|
+
when 0
|
212
|
+
# custom access rights
|
213
|
+
if ref.full_drive?
|
214
|
+
errors.add('rgroup_id', "unknown group") unless visitor.group_ids.include?(rgroup_id)
|
215
|
+
errors.add('wgroup_id', "unknown group") unless visitor.group_ids.include?(wgroup_id)
|
216
|
+
errors.add('dgroup_id', "unknown group") unless visitor.group_ids.include?(dgroup_id)
|
217
|
+
else
|
218
|
+
errors.add('inherit', "custom access rights not allowed")
|
219
|
+
errors.add('rgroup_id', "you cannot change this") unless rgroup_id == ref.rgroup_id
|
220
|
+
errors.add('wgroup_id', "you cannot change this") unless wgroup_id == ref.wgroup_id
|
221
|
+
errors.add('dgroup_id', "you cannot change this") unless dgroup_id == ref.dgroup_id
|
222
|
+
errors.add('skin' , "you cannot change this") unless skin == ref.skin
|
223
|
+
end
|
224
|
+
else
|
225
|
+
errors.add(:inherit, "bad inheritance mode")
|
226
|
+
end
|
227
|
+
|
228
|
+
end
|
229
|
+
|
230
|
+
# 1. if dgroup changed from old, make sure user could do this and new group is valid
|
231
|
+
# 2. if owner changed from old, make sure only a user in 'admin' can do this
|
232
|
+
# 3. error if user cannot publish nor manage
|
233
|
+
# 4. parent/project changed ? verify 'publish access to new *and* old'
|
234
|
+
# 5. validate +rw groups+ :
|
235
|
+
# a. can change to 'inherit' if can_drive? or can_drive? and max_status < pub and does not have children
|
236
|
+
# b. can change to 'private' if can_drive?
|
237
|
+
# c. can change to 'custom' if can_drive?
|
238
|
+
# 6. validate the rest
|
239
|
+
def secure_on_update
|
240
|
+
if !changed_without_properties?
|
241
|
+
# Node hasn't been changed (only version edits)
|
242
|
+
return true
|
243
|
+
end
|
244
|
+
|
245
|
+
if !can_drive_was_true?
|
246
|
+
errors.add(:base, 'You do not have the rights to do this.') unless errors[:base]
|
247
|
+
return false
|
248
|
+
end
|
249
|
+
|
250
|
+
if user_id_changed?
|
251
|
+
if visitor.is_admin?
|
252
|
+
# only admin can change owners
|
253
|
+
unless secure(User) { User.find_by_id(user_id) }
|
254
|
+
errors.add(:user_id, 'unknown user')
|
255
|
+
end
|
256
|
+
else
|
257
|
+
errors.add(:user_id, 'Only admins can change owners')
|
258
|
+
end
|
259
|
+
end
|
260
|
+
|
261
|
+
return false unless ref_field_valid?
|
262
|
+
|
263
|
+
# verify groups
|
264
|
+
if inherit_changed? && !full_drive_was_true?
|
265
|
+
errors.add(:inherit, 'cannot be changed')
|
266
|
+
else
|
267
|
+
case inherit
|
268
|
+
when 1
|
269
|
+
# inherit rights
|
270
|
+
[:rgroup_id, :wgroup_id, :dgroup_id, :skin_id].each do |sym|
|
271
|
+
if self.send("#{sym}_changed?") && self[sym] != ref[sym]
|
272
|
+
# manual change of value not allowed without changing inherit mode
|
273
|
+
if !full_drive_was_true?
|
274
|
+
errors.add(sym.to_s, 'cannot be changed')
|
275
|
+
else
|
276
|
+
errors.add(sym.to_s, 'cannot be changed without changing inherit mode')
|
277
|
+
end
|
278
|
+
else
|
279
|
+
# in case parent changed, keep in sync
|
280
|
+
self[sym] = ref[sym]
|
281
|
+
end
|
282
|
+
end
|
283
|
+
when 0
|
284
|
+
# custom rights
|
285
|
+
[:rgroup_id, :wgroup_id, :dgroup_id].each do |sym|
|
286
|
+
if self.send("#{sym}_changed?") && !visitor.group_ids.include?(self[sym])
|
287
|
+
errors.add(sym.to_s, 'unknown group')
|
288
|
+
end
|
289
|
+
end
|
290
|
+
else
|
291
|
+
errors.add('inherit', 'bad inheritance mode')
|
292
|
+
end
|
293
|
+
end
|
294
|
+
end
|
295
|
+
|
296
|
+
# Prepare after save callbacks
|
297
|
+
def secure_before_save
|
298
|
+
@needs_inheritance_spread = !new_record? && (rgroup_id_changed? || wgroup_id_changed? || dgroup_id_changed? || skin_id_changed?)
|
299
|
+
true
|
300
|
+
end
|
301
|
+
|
302
|
+
# Verify validity of the reference field.
|
303
|
+
def ref_field_valid?
|
304
|
+
return true unless ref_field_id_changed?
|
305
|
+
# reference changed
|
306
|
+
if published_in_heirs_was_true?
|
307
|
+
# node or some children node was published, moves must be made with drive rights in both
|
308
|
+
# source and destination
|
309
|
+
if ref_field_id == self.id ||
|
310
|
+
secure_drive(ref_class) {
|
311
|
+
ref_class.count(:conditions => ['id IN (?)', [ref_field_id, ref_field_id_was]]) != 2
|
312
|
+
}
|
313
|
+
errors.add(ref_field, "invalid reference")
|
314
|
+
return false
|
315
|
+
end
|
316
|
+
else
|
317
|
+
# node was not visible to others, we need write access to both source and destination
|
318
|
+
if ref_field_id == self.id ||
|
319
|
+
secure_write(ref_class) {
|
320
|
+
ref_class.count(:conditions => ['id IN (?)', [ref_field_id, ref_field_id_was]]) != 2
|
321
|
+
}
|
322
|
+
errors.add(ref_field, "invalid reference")
|
323
|
+
return false
|
324
|
+
end
|
325
|
+
end
|
326
|
+
in_circular_reference? ? false : true
|
327
|
+
end
|
328
|
+
|
329
|
+
# Make sure there is no circular reference
|
330
|
+
# (any way to do this faster ?)
|
331
|
+
def in_circular_reference?
|
332
|
+
loop_ids = [self[:id]]
|
333
|
+
curr_ref = ref_field_id
|
334
|
+
in_loop = false
|
335
|
+
while curr_ref != 0
|
336
|
+
if loop_ids.include?(curr_ref) # detect loops
|
337
|
+
in_loop = true
|
338
|
+
break
|
339
|
+
end
|
340
|
+
loop_ids << curr_ref
|
341
|
+
curr_ref = Zena::Db.fetch_attribute("SELECT #{ref_field} FROM #{self.class.table_name} WHERE id=#{curr_ref}").to_i
|
342
|
+
end
|
343
|
+
|
344
|
+
errors.add(ref_field, 'circular reference') if in_loop
|
345
|
+
in_loop
|
346
|
+
end
|
347
|
+
|
348
|
+
def secure_on_destroy
|
349
|
+
if new_record? || can_drive_was_true?
|
350
|
+
unless empty?
|
351
|
+
errors.add(:base, 'cannot be removed (contains subpages or data)')
|
352
|
+
false
|
353
|
+
else
|
354
|
+
true
|
355
|
+
end
|
356
|
+
else
|
357
|
+
errors.add(:base, 'You do not have the rights to destroy.')
|
358
|
+
false
|
359
|
+
end
|
360
|
+
end
|
361
|
+
|
362
|
+
# Reference to validate access rights
|
363
|
+
def ref
|
364
|
+
# new record and self as reference (creating root node)
|
365
|
+
return self if ref_field == :id && new_record?
|
366
|
+
if !@ref || (@ref.id != ref_field_id)
|
367
|
+
# no ref or ref changed
|
368
|
+
@ref = secure(ref_class) { ref_class.find_by_id(ref_field_id) }
|
369
|
+
end
|
370
|
+
if @ref && (self.new_record? || (:id == ref_field) || (self[:id] != @ref[:id] ))
|
371
|
+
# reference is accepted only if it is not the same as self or self is root (ref_field==:id set by Node)
|
372
|
+
@ref.freeze
|
373
|
+
else
|
374
|
+
nil
|
375
|
+
end
|
376
|
+
end
|
377
|
+
|
378
|
+
protected
|
379
|
+
|
380
|
+
def secure_after_save
|
381
|
+
spread_inheritance if @needs_inheritance_spread
|
382
|
+
true
|
383
|
+
end
|
384
|
+
|
385
|
+
# When the rwp groups are changed, spread this change to the 'children' with
|
386
|
+
# inheritance mode set to '1'. 17.2s
|
387
|
+
# FIXME: make a single pass for spread_inheritance and update section_id and project_id ?
|
388
|
+
# FIXME: should also remove cached pages...
|
389
|
+
def spread_inheritance(i = self[:id])
|
390
|
+
base_class.connection.execute "UPDATE nodes SET rgroup_id='#{rgroup_id}', wgroup_id='#{wgroup_id}', dgroup_id='#{dgroup_id}', skin_id='#{skin_id}' WHERE #{ref_field(false)}='#{i}' AND inherit='1'"
|
391
|
+
ids = nil
|
392
|
+
# FIXME: remove 'with_exclusive_scope' once scopes are clarified and removed from 'secure'
|
393
|
+
base_class.send(:with_exclusive_scope) do
|
394
|
+
ids = Zena::Db.fetch_ids("SELECT id FROM #{base_class.table_name} WHERE #{ref_field(true)} = '#{i.to_i}' AND inherit='1'")
|
395
|
+
end
|
396
|
+
|
397
|
+
ids.each { |i| spread_inheritance(i) }
|
398
|
+
end
|
399
|
+
|
400
|
+
# Return true if a heir is published.
|
401
|
+
def published_in_heirs?
|
402
|
+
pub = publish_from
|
403
|
+
return true if pub
|
404
|
+
heirs.each do |h|
|
405
|
+
break if pub = h.published_in_heirs?
|
406
|
+
end
|
407
|
+
return pub
|
408
|
+
end
|
409
|
+
|
410
|
+
# Return true if a heir is published.
|
411
|
+
def published_in_heirs_was_true?
|
412
|
+
pub = publish_from_was
|
413
|
+
return true if pub
|
414
|
+
heirs.each do |h|
|
415
|
+
break if pub = h.published_in_heirs?
|
416
|
+
end
|
417
|
+
return pub
|
418
|
+
end
|
419
|
+
|
420
|
+
private
|
421
|
+
|
422
|
+
# List of elements using the current element as a reference. Used to update
|
423
|
+
# the rwp groups if they inherit from the reference. Can be overwritten by sub-classes.
|
424
|
+
def heirs
|
425
|
+
# FIXME: remove 'with_exclusive_scope' once scopes are clarified and removed from 'secure'
|
426
|
+
base_class.send(:with_exclusive_scope) do
|
427
|
+
base_class.find(:all, :conditions=>["#{ref_field(true)} = ? AND inherit='1'" , self[:id] ] ) || []
|
428
|
+
end
|
429
|
+
end
|
430
|
+
|
431
|
+
# Reference class. Must be overwritten by sub-classes.
|
432
|
+
def ref_class
|
433
|
+
self.class
|
434
|
+
end
|
435
|
+
|
436
|
+
# Must be overwritten.
|
437
|
+
def base_class
|
438
|
+
self.class
|
439
|
+
end
|
440
|
+
|
441
|
+
# Reference foreign_key. Can be overwritten by sub-classes.
|
442
|
+
def ref_field(for_heirs=false)
|
443
|
+
:reference_id
|
444
|
+
end
|
445
|
+
|
446
|
+
def ref_field_id
|
447
|
+
self[ref_field]
|
448
|
+
end
|
449
|
+
|
450
|
+
def ref_field_id_was
|
451
|
+
self.send(:"#{ref_field}_was")
|
452
|
+
end
|
453
|
+
|
454
|
+
def ref_field_id_changed?
|
455
|
+
self.send(:"#{ref_field}_changed?")
|
456
|
+
end
|
457
|
+
|
458
|
+
end # InstanceMethods
|
459
|
+
|
460
|
+
module ClassMethods
|
461
|
+
|
462
|
+
# 'from' and 'joins' are removed: this method is used when receiving calls from zafu. Changing the source table removes
|
463
|
+
# the secure scope.
|
464
|
+
def clean_options(options)
|
465
|
+
options.reject do |k,v|
|
466
|
+
! [ :conditions, :select, :include, :offset, :limit, :order, :lock ].include?(k)
|
467
|
+
end
|
468
|
+
end
|
469
|
+
|
470
|
+
# kpath selector for the current class
|
471
|
+
def ksel
|
472
|
+
self.to_s[0..0]
|
473
|
+
end
|
474
|
+
|
475
|
+
# Replace Rails subclasses normal behavior
|
476
|
+
def type_condition
|
477
|
+
" #{table_name}.kpath LIKE '#{kpath}%' "
|
478
|
+
end
|
479
|
+
end # ClassMethods
|
480
|
+
|
481
|
+
end #SecureNode
|
482
|
+
end # Acts
|
483
|
+
end # Zena
|