Class: Caboose::PagesController

Inherits:

ApplicationController

• Object
• ActionController::Base
• ApplicationController
• Caboose::PagesController

Defined in:

app/controllers/caboose/pages_controller.rb

Instance Method Summary

• #admin_content_format_options ⇒ Object

  GET /admin/pages/format-options.

• #admin_create ⇒ Object

  POST /admin/pages.

• #admin_delete ⇒ Object

  DELETE /admin/pages/1.

• #admin_delete_form ⇒ Object

  GET /admin/pages/1/delete.

• #admin_edit_content ⇒ Object

  GET /admin/pages/1/content.

• #admin_edit_css ⇒ Object

  GET /admin/pages/1/css.

• #admin_edit_general ⇒ Object

  GET /admin/pages/1/edit.

• #admin_edit_js ⇒ Object

  GET /admin/pages/1/js.

• #admin_edit_seo ⇒ Object

  GET /admin/pages/1/seo.

• #admin_index ⇒ Object

  GET /admin/pages.

• #admin_new ⇒ Object

  GET /admin/pages/new.

• #admin_page_uri ⇒ Object

  GET /admin/pages/:id/uri.

• #admin_robots_options ⇒ Object

  GET /admin/pages/robots-options.

• #admin_sitemap ⇒ Object

  GET /admin/pages/1/sitemap.

• #admin_sitemap_options ⇒ Object

  GET /admin/pages/sitemap-options.

• #admin_update ⇒ Object

  PUT /admin/pages/1.

• #asset ⇒ Object
• #before_action ⇒ Object
• #redirect ⇒ Object

  GET /pages/1/redirect.

• #show ⇒ Object

  GET /pages/:id.

• #sitemap_helper(page, options, prefix = '') ⇒ Object

Methods inherited from ApplicationController

#before_before_action, #logged_in?, #logged_in_user, #login_user, #reject_param, #user_is_allowed, #validate_cookie, #validate_token, #var, #verify_logged_in

Instance Method Details

#admin_content_format_options ⇒ Object

GET /admin/pages/format-options

# File 'app/controllers/caboose/pages_controller.rb', line 373

def admin_content_format_options
  options = [
    { 'value' => 'html', 'text' => 'html' },
    { 'value' => 'text', 'text' => 'text' },
    { 'value' => 'ruby', 'text' => 'ruby' }
  ]
  render json: options 		
end

#admin_create ⇒ Object

POST /admin/pages

# File 'app/controllers/caboose/pages_controller.rb', line 152

def admin_create
  return unless user_is_allowed('pages', 'add')

  resp = Caboose::StdClass.new({
      'error' => nil,
      'redirect' => nil
  })

  parent_id = params[:parent_id]
  title = params[:title] 

  if (title.strip.length == 0)
    resp.error = "A page title is required."
  elsif (!logged_in_user.is_allowed('all', 'all') && 
    !Page.page_ids_with_permission(logged_in_user, 'edit'   ).include?(parent_id) &&
    !Page.page_ids_with_permission(logged_in_user, 'approve').include?(parent_id))
    resp.error = "You don't have permission to add a page there."
  end
  if (!resp.error.nil?)
    render json: resp
    return
  end
  	
  parent = Caboose::Page.find(parent_id)
  		
  page = Caboose::Page.new
  page.title = title
  page.parent_id = parent_id
  page.hide = true
  page.content_format = Caboose::Page::CONTENT_FORMAT_HTML

  i = 0
  begin 
    page.slug = Page.slug(page.title + (i > 0 ? " #{i}" : ""))
    page.uri = parent.parent_id == -1 ? page.slug : "#{parent.uri}/#{page.slug}"
    i = i+1
  end while (Page.where(:uri => page.uri).count > 0 && i < 10)

  page.save
  
  # Set the new page's permissions		  
  viewers = Caboose::PagePermission.where({ :page_id => parent.id, :action => 'view' }).pluck(:role_id)
  editors = Caboose::PagePermission.where({ :page_id => parent.id, :action => 'edit' }).pluck(:role_id)
  Caboose::Page.update_authorized_for_action(page.id, 'view', viewers)
  Caboose::Page.update_authorized_for_action(page.id, 'edit', editors)

  # Send back the response
  resp.redirect = "/admin/pages/#{page.id}/edit"
  render json: resp
end

#admin_delete ⇒ Object

DELETE /admin/pages/1

# File 'app/controllers/caboose/pages_controller.rb', line 322

def admin_delete
  return unless user_is_allowed('pages', 'delete')
  p = Page.find(params[:id])
  p.destroy
  
  resp = StdClass.new({
    'redirect' => '/admin/pages'
  })
  render json: resp
end

#admin_delete_form ⇒ Object

GET /admin/pages/1/delete

# File 'app/controllers/caboose/pages_controller.rb', line 315

def admin_delete_form
  return unless user_is_allowed('pages', 'delete')
  @page = Page.find(params[:id])      
  render :layout => 'caboose/admin'      
end

#admin_edit_content ⇒ Object

GET /admin/pages/1/content

# File 'app/controllers/caboose/pages_controller.rb', line 124

def admin_edit_content
  return unless user_is_allowed('pages', 'edit')
  @page = Page.find(params[:id])
  render :layout => 'caboose/admin'
end

#admin_edit_css ⇒ Object

GET /admin/pages/1/css

# File 'app/controllers/caboose/pages_controller.rb', line 131

def admin_edit_css
  return unless user_is_allowed('pages', 'edit')
  @page = Page.find(params[:id])
  render :layout => 'caboose/admin'
end

#admin_edit_general ⇒ Object

GET /admin/pages/1/edit

# File 'app/controllers/caboose/pages_controller.rb', line 117

def admin_edit_general
  return unless user_is_allowed('pages', 'edit')
  @page = Page.find(params[:id])
  render :layout => 'caboose/admin'
end

#admin_edit_js ⇒ Object

GET /admin/pages/1/js

# File 'app/controllers/caboose/pages_controller.rb', line 138

def admin_edit_js
  return unless user_is_allowed('pages', 'edit')
  @page = Page.find(params[:id])
  render :layout => 'caboose/admin'
end

#admin_edit_seo ⇒ Object

GET /admin/pages/1/seo

# File 'app/controllers/caboose/pages_controller.rb', line 145

def admin_edit_seo
  return unless user_is_allowed('pages', 'edit')
  @page = Page.find(params[:id])
  render :layout => 'caboose/admin'
end

#admin_index ⇒ Object

GET /admin/pages

# File 'app/controllers/caboose/pages_controller.rb', line 102

def admin_index
  return if !user_is_allowed('pages', 'view')
  @home_page = Page.find(1)
  render :layout => 'caboose/admin'      
end

#admin_new ⇒ Object

GET /admin/pages/new

# File 'app/controllers/caboose/pages_controller.rb', line 109

def admin_new
  return unless user_is_allowed('pages', 'add')
  @parent_id = params[:parent_id] ? params[:parent_id] : 1
  @parent = Page.find(@parent_id)
  render :layout => 'caboose/admin'
end

#admin_page_uri ⇒ Object

GET /admin/pages/:id/uri

# File 'app/controllers/caboose/pages_controller.rb', line 383

def admin_page_uri
    return unless user_is_allowed('pages', 'view')
    p = Page.find(params[:id])
    render :json => { 'uri' => p.uri }
end

#admin_robots_options ⇒ Object

GET /admin/pages/robots-options

# File 'app/controllers/caboose/pages_controller.rb', line 359

def admin_robots_options
  options = [
    { 'value' => 'index'      , 'text' => 'index'     },
    { 'value' => 'noindex'    , 'text' => 'noindex'   },
    { 'value' => 'follow'     , 'text' => 'follow'    },
    { 'value' => 'nofollow'   , 'text' => 'nofollow'  },
    { 'value' => 'nosnippet'  , 'text' => 'nosnippet' },
    { 'value' => 'noodp'      , 'text' => 'noodp'     },
    { 'value' => 'noarchive'  , 'text' => 'noarchive' }
  ]
  render json: options 		
end

#admin_sitemap ⇒ Object

GET /admin/pages/1/sitemap

# File 'app/controllers/caboose/pages_controller.rb', line 334

def admin_sitemap
  return unless user_is_allowed('pages', 'delete')
  @page = Page.find(params[:id])
  render :layout => 'caboose/admin'
end

#admin_sitemap_options ⇒ Object

GET /admin/pages/sitemap-options

# File 'app/controllers/caboose/pages_controller.rb', line 341

def admin_sitemap_options
  parent_id = params[:parent_id]
  top_page = Page.index_page
  p = !parent_id.nil? ? Page.find(parent_id) : top_page
  options = []
  sitemap_helper(top_page, options)
 	  
  render json: options 		
end

#admin_update ⇒ Object

PUT /admin/pages/1

# File 'app/controllers/caboose/pages_controller.rb', line 204

def admin_update
  return unless user_is_allowed('pages', 'edit')
  
  resp = StdClass.new({'attributes' => {}})
  page = Page.find(params[:id])
  
  save = true
  user = logged_in_user
  params.each do |name, value|
    case name
    when 'parent_id'
      value = value.to_i
      if page.id == value
        resp.error = "The page's parent cannot be itself."
      elsif Page.is_child(page.id, value)
        resp.error = "You can't set the current page's parent to be one of its child pages."
      elsif value != page.parent_id
        p = Page.find(value)
        if !user.is_allowed(p, 'edit')
          resp.error = "You don't have access to put the current page there."
        end
      end	
      if resp.error
        save = false
      else
        page.parent = Page.find(value)
        page.save
        Page.update_uri(page)
        resp.attributes['parent_id'] = { 'text' => page.parent.title }
      end

    when 'custom_css', 'custom_js'
      value.strip!
      page[name.to_sym] = value

    when 'title', 'menu_title', 'hide', 'layout', 'redirect_url',
      'seo_title', 'meta_description', 'fb_description', 'gp_description', 'canonical_url'
      page[name.to_sym] = value

    when 'linked_resources'
      result = []
      value.each_line do |line|
        line.chomp!
        line.strip!
        next if line.empty?

        if !(line.ends_with('.js') || line.ends_with('.css'))
          resp.error = "Resource '#{line}' has an unsupported file type ('#{comps.last}')."
          save = false
        end

        result << line
      end
      page.linked_resources = result.join("\n")
      
    when 'content_format'
      page.content_format = value
      resp.attributes['content_format'] = { 'text' => value }
      
    when 'meta_robots'
      if (value.include?('index') && value.include?('noindex'))
        resp.error = "You can't have both index and noindex"
        save = false
      elsif (value.include?('follow') && value.include?('nofollow'))
        resp.error = "You can't have both follow and nofollow"
        save = false
      else
        page.meta_robots = value.join(', ')
        resp.attributes['meta_robots'] = { 'text' => page.meta_robots }
      end
      
    when 'content'
      page.content = value.strip.gsub(/<meta.*?>/, '').gsub(/<link.*?>/, '').gsub(/\<\!--[\S\s]*?--\>/, '')
      
    when 'slug' 
      page.slug = Page.slug(value.strip.length > 0 ? value : page.title)
      page.save
      Page.update_uri(page)                      
      resp.attributes['slug'] = { 'value' => page.slug }
      resp.attributes['uri'] = { 'value' => page.uri }
      
    when 'alias'
      page.alias = Page.slug(value.strip)
      page.save
      Page.update_uri(page)
      resp.attributes['slug'] = { 'value' => page.slug }
      resp.attributes['uri'] = { 'value' => page.uri }

    when 'custom_sort_children'
      if (value == 0)
        page.children.each do |p|
          p.sort_order = 1
          p.save
        end
      end
      page.custom_sort_children = value 		  

    when 'viewers'
      Page.update_authorized_for_action(page.id, 'view', value)
    when 'editors'
      Page.update_authorized_for_action(page.id, 'edit', value)
    when 'approvers'
      Page.update_authorized_for_action(page.id, 'approve', value)
    end
  end

  resp.success = save && page.save
  render json: resp
end

#asset ⇒ Object

# File 'app/controllers/caboose/pages_controller.rb', line 49

def asset   
  uri = uri.to_s.gsub(/^(.*?)\?.*?$/, '\1')
  uri.chop! if uri.end_with?('/')
  uri[0] = '' if uri.starts_with?('/')

  page = Page.page_with_uri(File.dirname(uri), false)
  if (page.nil? || !page)
    render :file => "caboose/extras/error404", :layout => "caboose/error404" 
    return
  end
    
  asset = Asset.where(:page_id => page.id, :filename => File.basename(uri)).first
  if (asset.nil?)
    render :file => "caboose/extras/error404", :layout => "caboose/error404"
    return
  end

  user = logged_in_user
  if (!Page.is_allowed(user, asset.page_id, 'view'))
    render "caboose/pages/asset_no_permission"
    return
  end

  #Caboose.log(Caboose::assets_path, 'Caboose::assets_path')
  path = Caboose::assets_path.join("#{asset.id}.#{asset.extension}")
  #Caboose.log("Sending asset #{path}")
  #send_file(path)
  #send_file(path, :filename => "your_document.pdf", :type => "application/pdf")

  #
  #$path = ASSETS_PATH ."/". $asset->id .".". $asset->extension
  #		
  #$finfo = finfo_open(FILEINFO_MIME_TYPE) // return mime type ala mimetype extension
  #$mime = finfo_file($finfo, $path)
  #finfo_close($finfo)
  #
  #header("X-Sendfile: $path")
  #header("Content-Type: $mime")
  #header("Content-Disposition: inline filename=\"$asset->filename\"")

end

#before_action ⇒ Object

# File 'app/controllers/caboose/pages_controller.rb', line 7

def before_action
  @page = Page.page_with_uri('/admin')
end

#redirect ⇒ Object

GET /pages/1/redirect

# File 'app/controllers/caboose/pages_controller.rb', line 92

def redirect
  @page = Page.find(params[:id])
  redirect_to "/#{@page.uri}"
end

#show ⇒ Object

GET /pages/:id

# File 'app/controllers/caboose/pages_controller.rb', line 12

def show
  
  # Find the page with an exact URI match 
  page = Page.page_with_uri(request.fullpath, false)

  if (!page)
    asset
    return
  end

  user = logged_in_user
  if (!user.is_allowed(page, 'view'))
    if (user.id == User.logged_out_user_id)	
       redirect_to "/login?return_url=" + URI.encode(request.fullpath)		  		
      return
    else
      page.title = 'Access Denied'
      page.content = "<p class='note error'>You do not have access to view this page.</p>"
    end
  end

  if (session['use_redirect_urls'] && !page.redirect_url.nil? && page.redirect_url.strip.length > 0)
    redirect_to page.redirect_url
    return
  end

  page.content = Caboose.plugin_hook('page_content', page.content)
  @page = page
  @user = user
  @editmode = !params['edit'].nil? && user.is_allowed('pages', 'edit') ? true : false
  @crumb_trail = Caboose::Page.crumb_trail(@page)
  @subnav = Caboose::Page.subnav(@page, session['use_redirect_urls'], @user)

  #@subnav.links = @tasks.collect {|href, task| {'href' => href, 'text' => task, 'is_current' => uri == href}}
  
end

#sitemap_helper(page, options, prefix = '') ⇒ Object

# File 'app/controllers/caboose/pages_controller.rb', line 351

def sitemap_helper(page, options, prefix = '')
  options << { 'value' => page.id, 'text' => prefix + page.title }
  page.children.each do |kid|
    sitemap_helper(kid, options, prefix + ' - ')
  end
end