Class: Caboose::PagesController

Inherits:
ApplicationController show all
Defined in:
app/controllers/caboose/pages_controller.rb

Instance Method Summary collapse

Methods inherited from ApplicationController

#admin_add, #admin_bulk_add, #admin_bulk_delete, #admin_bulk_update, #admin_edit, #admin_json, #admin_json_single, #before_before_action, #hashify_query_string, #init_cart, #logged_in?, #logged_in_user, #login_user, #logout_user, #parse_url_params, #reject_param, #under_construction_or_forwarding_domain?, #user_is_allowed, #user_is_allowed_to, #validate_cookie, #validate_token, #var, #verify_logged_in

Instance Method Details

#admin_block_optionsObject

GET /admin/pages/:id/block-options



530
531
532
533
534
535
536
537
538
 
# File 'app/controllers/caboose/pages_controller.rb', line 530

def admin_block_options
  return unless user_is_allowed('pages', 'edit')      
  
  options = []
  Block.where("parent_id is null and page_id = ?", params[:id]).reorder(:sort_order).all.each do |b|
    admin_block_options_helper(options, b, "") 
  end      
  render :json => options
end

#admin_block_options_helper(options, b, prefix) ⇒ Object 



540
541
542
543
544
545
 
# File 'app/controllers/caboose/pages_controller.rb', line 540

def admin_block_options_helper(options, b, prefix)
  options << { 'value' => b.id, 'text' => "#{prefix}#{b.title}" }      
  b.children.each do |b2|
    admin_block_options_helper(options, b2, "#{prefix} - ")        
  end      
end

#admin_content_format_optionsObject

GET /admin/pages/format-options



513
514
515
516
517
518
519
520
 
# File 'app/controllers/caboose/pages_controller.rb', line 513

def admin_content_format_options
  options = [
    { 'value' => 'html', 'text' => 'html' },
    { 'value' => 'text', 'text' => 'text' },
    { 'value' => 'ruby', 'text' => 'ruby' }
  ]
  render json: options 		
end

#admin_createObject

POST /admin/pages



272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
 
# File 'app/controllers/caboose/pages_controller.rb', line 272

def admin_create
  return unless user_is_allowed('pages', 'add')

  resp = Caboose::StdClass.new({
      'error' => nil,
      'redirect' => nil
  })
        
  parent_id = params[:parent_id]
  title = params[:title]      

  if (title.strip.length == 0)
    resp.error = "A page title is required."
  elsif (!logged_in_user.is_allowed('all', 'all') && 
    !Page.page_ids_with_permission(logged_in_user, 'edit'   ).include?(parent_id) &&
    !Page.page_ids_with_permission(logged_in_user, 'approve').include?(parent_id))
    resp.error = "You don't have permission to add a page there."
  end
  if (!resp.error.nil?)
    render :json => resp
    return
  end
  	
  parent = Caboose::Page.find(parent_id)                  		
  page = Caboose::Page.new      
  
  if parent.nil?
    d = Domain.where(:domain => request.host_with_port).first.site_id
    page.site_id = d.site_id
  else      
    page.site_id = parent.site_id
  end
  
  page.title = title
  page.parent_id = parent_id      
  page.hide = true
  page.content_format = Caboose::Page::CONTENT_FORMAT_HTML

  i = 0
  begin 
    page.slug = Page.slug(page.title + (i > 0 ? " #{i}" : ""))
    page.uri = parent.parent_id == -1 ? page.slug : "#{parent.uri}/#{page.slug}"
    i = i+1
  end while (Page.where(:uri => page.uri).count > 0 && i < 10)

  page.save
  
  # Create the top level block for the page
  bt = BlockType.find(params[:block_type_id])
  Block.create(:page_id => page.id, :block_type_id => params[:block_type_id], :name => bt.name)
  
  # Set the new page's permissions		  
  viewers = Caboose::PagePermission.where({ :page_id => parent.id, :action => 'view' }).pluck(:role_id)
  editors = Caboose::PagePermission.where({ :page_id => parent.id, :action => 'edit' }).pluck(:role_id)
  Caboose::Page.update_authorized_for_action(page.id, 'view', viewers)
  Caboose::Page.update_authorized_for_action(page.id, 'edit', editors)

  # Send back the response
  resp.redirect = "/admin/pages/#{page.id}"
  render json: resp
end

#admin_deleteObject

DELETE /admin/pages/1



464
465
466
467
468
469
470
471
472
473
 
# File 'app/controllers/caboose/pages_controller.rb', line 464

def admin_delete
  return unless user_is_allowed('pages', 'delete')
  p = Page.find(params[:id])
  p.destroy
  
  resp = StdClass.new({
    'redirect' => '/admin/pages'
  })
  render json: resp
end

#admin_delete_formObject

GET /admin/pages/:page_id/delete



457
458
459
460
461
 
# File 'app/controllers/caboose/pages_controller.rb', line 457

def admin_delete_form
  return unless user_is_allowed('pages', 'delete')
  @page = Page.find(params[:id])      
  render :layout => 'caboose/admin'      
end

#admin_edit_block_orderObject

GET /admin/pages/:id/block-order



203
204
205
206
207
 
# File 'app/controllers/caboose/pages_controller.rb', line 203

def admin_edit_block_order
  return unless user_is_allowed('pages', 'edit')
  @page = Page.find(params[:id])
  render :layout => 'caboose/admin'
end

#admin_edit_child_sort_orderObject

GET /admin/pages/:id/child-order



250
251
252
253
254
 
# File 'app/controllers/caboose/pages_controller.rb', line 250

def admin_edit_child_sort_order
  return unless user_is_allowed('pages', 'edit')
  @page = Page.find(params[:id])
  render :layout => 'caboose/admin'
end

#admin_edit_contentObject

GET /admin/pages/:id/content



173
174
175
176
177
178
179
180
181
 
# File 'app/controllers/caboose/pages_controller.rb', line 173

def admin_edit_content
  return unless user_is_allowed('pages', 'edit')      
  @page = Page.find(params[:id])
  if @page.block.nil?      
    redirect_to "/admin/pages/#{@page.id}/layout"
    return
  end
  @editing = true
end

#admin_edit_cssObject

GET /admin/pages/:id/css



229
230
231
232
233
 
# File 'app/controllers/caboose/pages_controller.rb', line 229

def admin_edit_css
  return unless user_is_allowed('pages', 'edit')
  @page = Page.find(params[:id])
  render :layout => 'caboose/admin'
end

#admin_edit_generalObject

GET /admin/pages/:id/edit



158
159
160
161
162
163
 
# File 'app/controllers/caboose/pages_controller.rb', line 158

def admin_edit_general
  return if !user_is_allowed('pages', 'edit')
  #return if !Page.is_allowed(logged_in_user, params[:id], 'edit')            
  @page = Page.find(params[:id])
  render :layout => 'caboose/admin'
end

#admin_edit_jsObject

GET /admin/pages/:id/js



236
237
238
239
240
 
# File 'app/controllers/caboose/pages_controller.rb', line 236

def admin_edit_js
  return unless user_is_allowed('pages', 'edit')
  @page = Page.find(params[:id])
  render :layout => 'caboose/admin'
end

#admin_edit_layoutObject

GET /admin/pages/:id/layout



184
185
186
187
188
 
# File 'app/controllers/caboose/pages_controller.rb', line 184

def admin_edit_layout
  return unless user_is_allowed('pages', 'edit')      
  @page = Page.find(params[:id])
  render :layout => 'caboose/admin'
end

#admin_edit_permissionsObject

GET /admin/pages/:id/permissions



166
167
168
169
170
 
# File 'app/controllers/caboose/pages_controller.rb', line 166

def admin_edit_permissions
  return unless user_is_allowed('pages', 'edit')
  @page = Page.find(params[:id])
  render :layout => 'caboose/admin'
end

#admin_edit_seoObject

GET /admin/pages/:id/seo



243
244
245
246
247
 
# File 'app/controllers/caboose/pages_controller.rb', line 243

def admin_edit_seo
  return unless user_is_allowed('pages', 'edit')
  @page = Page.find(params[:id])
  render :layout => 'caboose/admin'
end

#admin_indexObject

GET /admin/pages



139
140
141
142
143
144
145
146
147
 
# File 'app/controllers/caboose/pages_controller.rb', line 139

def admin_index
  return if !user_is_allowed('pages', 'view')            
  @domain = Domain.where(:domain => request.host_with_port).first
  @home_page = @domain ? Page.index_page(@domain.site_id) : nil
  if @domain && @home_page.nil?
    @home_page = Caboose::Page.create(:site_id => @domain.site_id, :parent_id => -1, :title => 'Home')
  end
  render :layout => 'caboose/admin'      
end

#admin_newObject

GET /admin/pages/new



150
151
152
153
154
155
 
# File 'app/controllers/caboose/pages_controller.rb', line 150

def admin_new
  return unless user_is_allowed('pages', 'add')
  @parent_id = params[:parent_id] ? params[:parent_id] : Page.where(:site_id => @site.id, :parent_id => -1).first.id
  @parent = Page.find(@parent_id)
  render :layout => 'caboose/admin'
end

#admin_new_blocksObject

GET /admin/pages/:id/new-blocks



222
223
224
225
226
 
# File 'app/controllers/caboose/pages_controller.rb', line 222

def admin_new_blocks
  return unless user_is_allowed('pages', 'edit')
  @page = Page.find(params[:id])
  render :layout => 'caboose/admin'
end

#admin_page_uriObject

GET /admin/pages/:id/uri



523
524
525
526
527
 
# File 'app/controllers/caboose/pages_controller.rb', line 523

def admin_page_uri
    return unless user_is_allowed('pages', 'view')
    p = Page.find(params[:id])
    render :json => { 'uri' => p.uri }
end

#admin_robots_optionsObject

GET /admin/pages/robots-options



499
500
501
502
503
504
505
506
507
508
509
510
 
# File 'app/controllers/caboose/pages_controller.rb', line 499

def admin_robots_options
  options = [
    { 'value' => 'index'      , 'text' => 'index'     },
    { 'value' => 'noindex'    , 'text' => 'noindex'   },
    { 'value' => 'follow'     , 'text' => 'follow'    },
    { 'value' => 'nofollow'   , 'text' => 'nofollow'  },
    { 'value' => 'nosnippet'  , 'text' => 'nosnippet' },
    { 'value' => 'noodp'      , 'text' => 'noodp'     },
    { 'value' => 'noarchive'  , 'text' => 'noarchive' }
  ]
  render json: options 		
end

#admin_sitemapObject

GET /admin/pages/:page_id/sitemap



476
477
478
479
480
 
# File 'app/controllers/caboose/pages_controller.rb', line 476

def admin_sitemap
  return unless user_is_allowed('pages', 'delete')
  @page = Page.find(params[:id])
  render :layout => 'caboose/admin'
end

#admin_sitemap_optionsObject

GET /admin/pages/sitemap-options



483
484
485
486
487
488
489
 
# File 'app/controllers/caboose/pages_controller.rb', line 483

def admin_sitemap_options
  parent_id = params[:parent_id]
  p = parent_id ? Page.find(parent_id) : Page.index_page(@site.id)
  options = []
  sitemap_helper(p, options)     	  
  render :json => options 		
end

#admin_updateObject

PUT /admin/pages/:id



335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
 
# File 'app/controllers/caboose/pages_controller.rb', line 335

def admin_update
  return unless user_is_allowed('pages', 'edit')
  
  resp = StdClass.new({'attributes' => {}})
  page = Page.find(params[:id])
  
  save = true
  user = logged_in_user
  params.each do |name, value|
    case name
    when 'parent_id'
      value = value.to_i
      if page.id == value
        resp.error = "The page's parent cannot be itself."
      elsif Page.is_child(page.id, value)
        resp.error = "You can't set the current page's parent to be one of its child pages."
      elsif value != page.parent_id
        p = Page.find(value)
        if !user.is_allowed(p, 'edit')
          resp.error = "You don't have access to put the current page there."
        end
      end	
      if resp.error
        save = false
      else
        page.parent = Page.find(value)
        page.save
        Page.update_uri(page)
        resp.attributes['parent_id'] = { 'text' => page.parent.title }
      end

    when 'custom_css', 'custom_js'
      value.strip!
      page[name.to_sym] = value

    when 'title', 'menu_title', 'hide', 'layout', 'redirect_url',
      'seo_title', 'meta_keywords', 'meta_description', 'fb_description', 'gp_description', 'canonical_url'
      page[name.to_sym] = value

    when 'linked_resources'
      result = []
      value.each_line do |line|
        line.chomp!
        line.strip!
        next if line.empty?

        if !(line.ends_with('.js') || line.ends_with('.css'))
          resp.error = "Resource '#{line}' has an unsupported file type ('#{comps.last}')."
          save = false
        end

        result << line
      end
      page.linked_resources = result.join("\n")
      
    when 'content_format'
      page.content_format = value
      resp.attributes['content_format'] = { 'text' => value }
      
    when 'meta_robots'
      arr = value.split(',').collect { |v| v.strip }
      if arr.include?('index') && arr.include?('noindex')
        resp.error = "You can't have both index and noindex"
        save = false
      elsif arr.include?('follow') && arr.include?('nofollow')
        resp.error = "You can't have both follow and nofollow"
        save = false
      else            
        page.meta_robots = arr.join(', ')
        resp.attributes['meta_robots'] = { 'text' => page.meta_robots }
      end
      
    when 'content'
      page.content = value.strip.gsub(/<meta.*?>/, '').gsub(/<link.*?>/, '').gsub(/\<\!--[\S\s]*?--\>/, '')
      
    when 'slug' 
      page.slug = Page.slug(value.strip.length > 0 ? value : page.title)
      page.save
      Page.update_uri(page)                      
      resp.attributes['slug'] = { 'value' => page.slug }
      resp.attributes['uri'] = { 'value' => page.uri }
      
    when 'alias'
      page.alias = Page.slug(value.strip)
      page.save
      Page.update_uri(page)
      resp.attributes['slug'] = { 'value' => page.slug }
      resp.attributes['uri'] = { 'value' => page.uri }

    when 'custom_sort_children'
      if (value == 0)
        page.children.each do |p|
          p.sort_order = 1
          p.save
        end
      end
      page.custom_sort_children = value 		  

    when 'viewers'
      Page.update_authorized_for_action(page.id, 'view', value)
    when 'editors'
      Page.update_authorized_for_action(page.id, 'edit', value)
    when 'approvers'
      Page.update_authorized_for_action(page.id, 'approve', value)
    when 'tags'
      current_tags = page.page_tags.collect{ |t| t.tag }
      new_tags = value.split(',').collect{ |v| v.strip.downcase }.reject{ |t| t.nil? || t.strip.length == 0 }          
      
      # Delete the tags not in new_tags
      current_tags.each{ |t| PageTag.where(:page_id => page.id, :tag => t).destroy_all if !new_tags.include?(t) }
      
      # Add any new tags not in current_tags
      new_tags.each{ |t| PageTag.create(:page_id => page.id, :tag => t) if !current_tags.include?(t) }        
    end
    
  end

  resp.success = save && page.save
  render json: resp
end

#admin_update_block_orderObject

PUT /admin/pages/:id/block-order



210
211
212
213
214
215
216
217
218
219
 
# File 'app/controllers/caboose/pages_controller.rb', line 210

def admin_update_block_order
  return unless user_is_allowed('pages', 'edit')
  block_ids = params[:block_ids]      
  i = 0
  block_ids.each do |block_id|
    Block.find(block_id).update_attribute(:sort_order, i)        
    i = i + 1
  end      
  render :json => true
end

#admin_update_child_sort_orderObject

PUT /admin/pages/:id/child-order



257
258
259
260
261
262
263
264
265
266
267
268
269
 
# File 'app/controllers/caboose/pages_controller.rb', line 257

def admin_update_child_sort_order
  return unless user_is_allowed('pages', 'edit')      
  @page = Page.find(params[:id])
  page_ids = params[:page_ids]
  i = 0
  page_ids.each do |pid|
    p = Page.find(pid)
    p.sort_order = i
    p.save
    i = i + 1
  end
  render :json => true
end

#admin_update_layoutObject

PUT /admin/pages/:id/layout



191
192
193
194
195
196
197
198
199
200
 
# File 'app/controllers/caboose/pages_controller.rb', line 191

def admin_update_layout
  return unless user_is_allowed('pages', 'edit')      
  bt = BlockType.find(params[:block_type_id])
  Block.where(:page_id => params[:id]).destroy_all
  Block.create(:page_id => params[:id], :block_type_id => params[:block_type_id], :name => bt.name)
  resp = Caboose::StdClass.new({
    'redirect' => "/admin/pages/#{params[:id]}/content"
  })
  render :json => resp
end

#assetObject 



73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
 
# File 'app/controllers/caboose/pages_controller.rb', line 73

def asset   
  uri = uri.to_s.gsub(/^(.*?)\?.*?$/, '\1')
  uri.chop! if uri.end_with?('/')
  uri[0] = '' if uri.starts_with?('/')

  page = Page.page_with_uri(request.host_with_port, File.dirname(uri), false)      
  if page.nil? || !page
    
    # Check for a 301 redirect
    site_id = Site.id_for_domain(request.host_with_port)        
    new_url = PermanentRedirect.match(site_id, request.fullpath)        
    if new_url          
      redirect_to new_url, :status => 301
      return
    end
    
    respond_to do |format|          
      format.all { render :file => "caboose/extras/error404", :layout => "caboose/application", :formats => [:html] }
    end         
    return
  end
    
  asset = Asset.where(:page_id => page.id, :filename => File.basename(uri)).first
  if (asset.nil?)
    respond_to do |format|          
      format.all { render :file => "caboose/extras/error404", :layout => "caboose/application", :formats => [:html] }
    end
    return
  end

  user = logged_in_user
  if (!Page.is_allowed(user, asset.page_id, 'view'))
    render "caboose/pages/asset_no_permission"
    return
  end

  #Caboose.log(Caboose::assets_path, 'Caboose::assets_path')
  path = Caboose::assets_path.join("#{asset.id}.#{asset.extension}")
  #Caboose.log("Sending asset #{path}")
  #send_file(path)
  #send_file(path, :filename => "your_document.pdf", :type => "application/pdf")

  #
  #$path = ASSETS_PATH ."/". $asset->id .".". $asset->extension
  #		
  #$finfo = finfo_open(FILEINFO_MIME_TYPE) // return mime type ala mimetype extension
  #$mime = finfo_file($finfo, $path)
  #finfo_close($finfo)
  #
  #header("X-Sendfile: $path")
  #header("Content-Type: $mime")
  #header("Content-Disposition: inline filename=\"$asset->filename\"")

end

#before_actionObject 



7
8
9
 
# File 'app/controllers/caboose/pages_controller.rb', line 7

def before_action
  @page = Page.page_with_uri(request.host_with_port, '/admin')      
end

#redirectObject

GET /pages/1/redirect



129
130
131
132
 
# File 'app/controllers/caboose/pages_controller.rb', line 129

def redirect
  @page = Page.find(params[:id])
  redirect_to "/#{@page.uri}"
end

#showObject

GET /pages/:id



12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
 
# File 'app/controllers/caboose/pages_controller.rb', line 12

def show
  
  # Find the page with an exact URI match 
  page = Page.page_with_uri(request.host_with_port, request.fullpath, false)            
  
  # Make sure we're not under construction or on a forwarded domain
  d = Caboose::Domain.where(:domain => request.host_with_port).first
  if d.nil?
    Caboose.log("Could not find domain for #{request.host_with_port}\nAdd this domain to the caboose site.")
  elsif d.under_construction == true
    if d.site.under_construction_html && d.site.under_construction_html.strip.length > 0 
      render :text => d.site.under_construction_html
    else 
      render :file => 'caboose/application/under_construction', :layout => false
    end
    return
  # See if we're on a forwarding domain
  elsif d.primary == false && d.forward_to_primary == true
    pd = d.site.primary_domain
    if pd && pd.domain != request.host
      url = "#{request.protocol}#{pd.domain}"
      if request.fullpath && request.fullpath.strip.length > 0 && request.fullpath.strip != '/'
        url << request.fullpath
      end
      redirect_to url
      return
    end        
  end
  
  if !page
    asset
    return
  end

  user = logged_in_user            
  if !user.is_allowed(page, 'view')                
    if user.id == User::LOGGED_OUT_USER_ID	
      redirect_to "/modal/login?return_url=" + URI.encode(request.fullpath)		  		
      return
    else
      page.title = 'Access Denied'
      #page.content = "<p class='note error'>You do not have access to view this page.</p>"
    end
  end

  if session['use_redirect_urls'] && !page.redirect_url.nil? && page.redirect_url.strip.length > 0
    redirect_to page.redirect_url
    return
  end

  page = Caboose.plugin_hook('page_content', page)      
  @page = page
  @user = user
  @editmode = !params['edit'].nil? && user.is_allowed('pages', 'edit') ? true : false
  @crumb_trail = Caboose::Page.crumb_trail(@page)
  @subnav = Caboose::Page.subnav(@page, session['use_redirect_urls'], @user)

  #@subnav.links = @tasks.collect {|href, task| {'href' => href, 'text' => task, 'is_current' => uri == href}}
  
end

#sitemap_helper(page, options, prefix = '') ⇒ Object 



491
492
493
494
495
496
 
# File 'app/controllers/caboose/pages_controller.rb', line 491

def sitemap_helper(page, options, prefix = '')
  options << { 'value' => page.id, 'text' => prefix + page.title }
  page.children.each do |kid|
    sitemap_helper(kid, options, prefix + ' - ')
  end
end