Class: Caboose::PagesController

Inherits:
ApplicationController show all
Defined in:
app/controllers/caboose/pages_controller.rb

Instance Method Summary collapse

Methods inherited from ApplicationController

#before_before_action, #logged_in?, #logged_in_user, #login_user, #reject_param, #user_is_allowed, #validate_token, #var

Instance Method Details

#assetObject 



65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
 
# File 'app/controllers/caboose/pages_controller.rb', line 65

def asset   
     
  uri = uri.to_s.gsub(/^(.*?)\?.*?$/, '\1')
  uri.chop! if uri.end_with?('/')
  uri[0] = '' if uri.starts_with?('/')
	
  page = Page.page_with_uri(File.dirname(uri), false)
  if (page.nil? || !page)
    render :file => "caboose/extras/error404", :layout => "caboose/error404" 
    return
  end
    
asset = Asset.where(:page_id => page.id, :filename => File.basename(uri)).first
if (asset.nil?)
  render :file => "caboose/extras/error404", :layout => "caboose/error404"
  return
end

user = logged_in_user
if (!Page.is_allowed(user, asset.page_id, 'view'))
  render "caboose/pages/asset_no_permission"
  return
end

Caboose.log(Caboose::assets_path, 'Caboose::assets_path')
path = Caboose::assets_path.join("#{asset.id}.#{asset.extension}")
Caboose.log("Sending asset #{path}")
#send_file(path)
#send_file(path, :filename => "your_document.pdf", :type => "application/pdf")
		    
#
#$path = ASSETS_PATH ."/". $asset->id .".". $asset->extension
#		
#$finfo = finfo_open(FILEINFO_MIME_TYPE) // return mime type ala mimetype extension
#$mime = finfo_file($finfo, $path)
#finfo_close($finfo)
  #
#header("X-Sendfile: $path")
#header("Content-Type: $mime")
#header("Content-Disposition: inline filename=\"$asset->filename\"")

end

#before_actionObject 



5
6
7
 
# File 'app/controllers/caboose/pages_controller.rb', line 5

def before_action
  @page = Page.page_with_uri('/admin')
end

#content_format_optionsObject 



294
295
296
297
298
299
300
301
 
# File 'app/controllers/caboose/pages_controller.rb', line 294

def content_format_options
  options = [
    { 'value' => 'html', 'text' => 'html' },
    { 'value' => 'text', 'text' => 'text' },
    { 'value' => 'ruby', 'text' => 'ruby' }
  ]
  render json: options 		
end

#createObject

POST /pages



124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
 
# File 'app/controllers/caboose/pages_controller.rb', line 124

def create
  return if !user_is_allowed('pages', 'add')
  
  resp = Caboose::StdClass.new({
      'error' => nil,
      'redirect' => nil
  })
  
  parent_id = params[:parent_id]
  title = params[:title] 
  
  if (title.strip.length == 0)
    resp.error = "A page title is required."
  elsif (!logged_in_user.is_allowed('all', 'all') && 
    !Page.page_ids_with_permission(logged_in_user, 'edit'   ).include?(parent_id) &&
    !Page.page_ids_with_permission(logged_in_user, 'approve').include?(parent_id))
    resp.error = "You don't have permission to add a page there."
  end
  if (!resp.error.nil?)
    render json: resp
    return
  end

parent = Caboose::Page.find(parent_id)
		
page = Caboose::Page.new
page.title = title
page.parent_id = parent_id
page.hide = true
page.content_format = Caboose::Page::CONTENT_FORMAT_HTML

i = 0
begin 
  page.slug = Page.slug(page.title + (i > 0 ? " #{i}" : ""))
  page.uri = parent.parent_id == -1 ? page.slug : "#{parent.uri}/#{page.slug}"
  i = i+1
end while (Page.where(:uri => page.uri).count > 0 && i < 10)

page.save

# Set the new page's permissions		  
viewers = Caboose::PagePermission.where({ :page_id => parent.id, :action => 'view' }).pluck(:role_id)
editors = Caboose::PagePermission.where({ :page_id => parent.id, :action => 'edit' }).pluck(:role_id)
Caboose::Page.update_authorized_for_action(page.id, 'view', viewers)
Caboose::Page.update_authorized_for_action(page.id, 'edit', editors)

# Send back the response
resp.redirect = "/pages/#{page.id}/edit"
  render json: resp
end

#destroyObject

DELETE /pages/1



253
254
255
256
257
258
259
260
261
262
 
# File 'app/controllers/caboose/pages_controller.rb', line 253

def destroy
  return if !user_is_allowed('pages', 'delete')
  user = Page.find(params[:id])
  user.destroy
  
  resp = StdClass.new({
    'redirect' => '/pages'
  })
  render json: resp
end

#editObject

GET /pages/1/edit



117
118
119
120
121
 
# File 'app/controllers/caboose/pages_controller.rb', line 117

def edit
  return if !user_is_allowed('pages', 'edit')
  @page = Page.find(params[:id])
  render :layout => 'caboose/caboose'
end

#indexObject

GET /pages



10
11
 
# File 'app/controllers/caboose/pages_controller.rb', line 10

def index      
end

#newObject

GET /pages/new



109
110
111
112
113
114
 
# File 'app/controllers/caboose/pages_controller.rb', line 109

def new
  return if !user_is_allowed('pages', 'add')
  @pages = Page.new
  @parent_id = params[:parent_id].nil? ? params[:parent_id] : -1
  render :layout => 'caboose/caboose'
end

#robots_optionsObject 



281
282
283
284
285
286
287
288
289
290
291
292
 
# File 'app/controllers/caboose/pages_controller.rb', line 281

def robots_options
  options = [
    { 'value' => 'index'      , 'text' => 'index'      },
    { 'value' => 'noindex'    , 'text' => 'noindex'    },
    { 'value' => 'follow'     , 'text' => 'follow'     },
    { 'value' => 'nofollow'   , 'text' => 'nofollow'   },
    { 'value' => 'nosnippet'  , 'text' => 'nosnippet'  },
    { 'value' => 'noodp'      , 'text' => 'noodp'      },
    { 'value' => 'noarchive'  , 'text' => 'noarchive'  }
  ]
  render json: options 		
end

#showObject

GET /pages/:id



14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
 
# File 'app/controllers/caboose/pages_controller.rb', line 14

def show
  
  # Find the page with an exact URI match 
  page = Page.page_with_uri(request.fullpath, false)
  Caboose.log(page)
  
if (!page)
	asset
	return
end		  

user = logged_in_user
if (!user.is_allowed(page, 'view'))
	if (user.id == User.LOGGED_OUT_USER_ID)	
	  redirect_to "/login?return_url=" + URI.encode(request.fullpath)		  		
		return
	else
		page.title = 'Access Denied'
		page.content = "<p class='note error'>You do not have access to view this page.</p>"
	end
end
  
if (session['use_redirect_urls'] && !page.redirect_url.nil? && page.redirect_url.strip.length > 0)
  redirect_to page.redirect_url
	return
end

page.content = Caboose.plugin_hook('page_content', page.content)
@page = page
@user = user
is_admin = @user.is_allowed('all', 'all')

@crumb_trail = Caboose::Page.crumb_trail(@page)
@subnav = Caboose::Page.subnav(@page, session['use_redirect_urls'], @user)
  @actions = Caboose::Page.permissible_actions(@user.id, @page.id)
  @tasks = {}
  @page_tasks = {}
  
  if (@actions.include?('edit') || is_admin)
  	@page_tasks["/pages/#{@page.id}/sitemap"]       = 'Site Map This Page'
  	@page_tasks["/pages/#{@page.id}/edit"]          = 'Edit Page Content'
  	@page_tasks["/pages/#{@page.id}/edit-settings"] = 'Edit Page Settings'
  end
  if (@user.is_allowed('pages', 'add') || is_admin)
    @page_tasks["/pages/new?parent_id=#{@page.id}"] = 'New Page'
  end
  
  #@subnav.links = @tasks.collect {|href, task| {'href' => href, 'text' => task, 'is_current' => uri == href}}
  
end

#sitemap_helper(page, options, prefix = '') ⇒ Object 



274
275
276
277
278
279
 
# File 'app/controllers/caboose/pages_controller.rb', line 274

def sitemap_helper(page, options, prefix = '')
  options << { 'value' => page.id, 'text' => prefix + page.title }
  page.children.each do |kid|
    sitemap_helper(kid, options, prefix + ' - ')
  end
end

#sitemap_optionsObject 



264
265
266
267
268
269
270
271
272
 
# File 'app/controllers/caboose/pages_controller.rb', line 264

def sitemap_options
  parent_id = params[:parent_id]
  top_page = Page.index_page
  p = !parent_id.nil? ? Page.find(parent_id) : top_page
  options = []
  sitemap_helper(top_page, options)
 	  
  render json: options 		
end

#updateObject

PUT /pages/1



176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
 
# File 'app/controllers/caboose/pages_controller.rb', line 176

def update
  return if !user_is_allowed('pages', 'edit')
  
  resp = StdClass.new({'attributes' => {}})
  page = Page.find(params[:id])
  
  save = true
  user = logged_in_user
  params.each do |name,value|
	  case name
	    when 'parent_id'      
  		if (page.id == value)
  			resp.error = "The page's parent cannot be itself."
  		elsif (Page.is_child(page.id, value))
  			resp.error = "You can't set the current page's parent to be one of its child pages."
  		elsif (value != page.parent_id)
  		  p = Page.find(value)
  		  if (!user.is_allowed(p, 'edit'))
  		    resp.error = "You don't have access to put the current page there."
  		  end
  		end		  		
  		if (resp.error.length > 0)
  		  save = false
  		else		  		
  			parent = Page.find(value)
  			Page.update_parent(page.id, value)
  			resp.attributes['parent_id'] = { 'text' => parent.title }
  		end
  		
  	when 'title', 'menu_title', 'alias', 'redirect_url', 'hide', 
  	  'content_format', 'custom_css', 'custom_js', 'layout',
  	  'seo_title', 'meta_description', 'fb_description', 'gp_description', 'canonical_url'
  	  
  	  page[name.to_sym] = value
  	  
  	when 'meta_robots'
  	  if (value.include?('index') && value.include?('noindex'))
  	    resp.error = "You can't have both index and noindex"
  	    save = false
  	  elsif (value.include?('follow') && value.include?('nofollow'))
  	    resp.error = "You can't have both follow and nofollow"
  	    save = false
  	  else
  	    page.meta_robots = value.join(', ')
  	    resp.attributes['meta_robots'] = { 'text' => page.meta_robots }
  	  end
  	  
  	when 'content'
  		page.content = value.strip.gsub(/<meta.*?>/, '').gsub(/<link.*?>/, '').gsub(/\<\!--[\S\s]*?--\>/, '')
  		
  	when 'slug' 
  		page.slug = Page.slug(value.strip.length > 0 ? value : page.title)
  		resp.attributes['slug'] = { 'value' => page.slug }
  				    		
  	when 'custom_sort_children'
  		if (value == 0)
  		  page.children.each do |p|
  				p.sort_order = 1
  				p.save
  			end
  		end
  		page.custom_sort_children = value 		    		
  		
  	when 'viewers'
  	  Page.update_authorized_for_action(page.id, 'view', value)
  	when 'editors'
  	  Page.update_authorized_for_action(page.id, 'edit', value)
  	when 'approvers'
  	  Page.update_authorized_for_action(page.id, 'approve', value)
  end
end
  
	resp.success = save && page.save
	render json: resp
end