Class: Caboose::PagesController

Inherits:

ApplicationController

• Object
• ActionController::Base
• ApplicationController
• Caboose::PagesController

Defined in:

app/controllers/caboose/pages_controller.rb

Instance Method Summary

• #asset ⇒ Object
• #before_action ⇒ Object
• #content_format_options ⇒ Object
• #create ⇒ Object

  POST /pages.

• #destroy ⇒ Object

  DELETE /pages/1.

• #edit ⇒ Object

  GET /pages/1/edit.

• #edit_content ⇒ Object

  GET /pages/1/edit-content.

• #edit_css ⇒ Object

  GET /pages/1/edit-css.

• #edit_js ⇒ Object

  GET /pages/1/edit-js.

• #edit_seo ⇒ Object

  GET /pages/1/edit-seo.

• #edit_settings ⇒ Object

  GET /pages/1/edit-settings.

• #edit_title ⇒ Object

  GET /pages/1/edit-title.

• #index ⇒ Object

  GET /pages.

• #new ⇒ Object

  GET /pages/new.

• #redirect ⇒ Object

  GET /pages/1/redirect.

• #robots_options ⇒ Object
• #show ⇒ Object

  GET /pages/:id.

• #sitemap ⇒ Object
• #sitemap_helper(page, options, prefix = '') ⇒ Object
• #sitemap_helper2(page, options, prefix = '') ⇒ Object
• #sitemap_options ⇒ Object
• #update ⇒ Object

  PUT /pages/1.

Methods inherited from ApplicationController

#before_before_action, #logged_in?, #logged_in_user, #login_user, #reject_param, #user_is_allowed, #validate_token, #var

Instance Method Details

#asset ⇒ Object

# File 'app/controllers/caboose/pages_controller.rb', line 51

def asset   
     
  uri = uri.to_s.gsub(/^(.*?)\?.*?$/, '\1')
  uri.chop! if uri.end_with?('/')
  uri[0] = '' if uri.starts_with?('/')
	
  page = Page.page_with_uri(File.dirname(uri), false)
  if (page.nil? || !page)
    render :file => "caboose/extras/error404", :layout => "caboose/error404" 
    return
  end
    
asset = Asset.where(:page_id => page.id, :filename => File.basename(uri)).first
if (asset.nil?)
  render :file => "caboose/extras/error404", :layout => "caboose/error404"
  return
end

user = logged_in_user
if (!Page.is_allowed(user, asset.page_id, 'view'))
  render "caboose/pages/asset_no_permission"
  return
end

#Caboose.log(Caboose::assets_path, 'Caboose::assets_path')
path = Caboose::assets_path.join("#{asset.id}.#{asset.extension}")
#Caboose.log("Sending asset #{path}")
#send_file(path)
#send_file(path, :filename => "your_document.pdf", :type => "application/pdf")
		    
#
#$path = ASSETS_PATH ."/". $asset->id .".". $asset->extension
#		
#$finfo = finfo_open(FILEINFO_MIME_TYPE) // return mime type ala mimetype extension
#$mime = finfo_file($finfo, $path)
#finfo_close($finfo)
  #
#header("X-Sendfile: $path")
#header("Content-Type: $mime")
#header("Content-Disposition: inline filename=\"$asset->filename\"")

end

#before_action ⇒ Object

# File 'app/controllers/caboose/pages_controller.rb', line 5

def before_action
  @page = Page.page_with_uri('/admin')
end

#content_format_options ⇒ Object

# File 'app/controllers/caboose/pages_controller.rb', line 347

def content_format_options
  options = [
    { 'value' => 'html', 'text' => 'html' },
    { 'value' => 'text', 'text' => 'text' },
    { 'value' => 'ruby', 'text' => 'ruby' }
  ]
  render json: options 		
end

#create ⇒ Object

POST /pages

# File 'app/controllers/caboose/pages_controller.rb', line 157

def create
  return if !user_is_allowed('pages', 'add')
  
  resp = Caboose::StdClass.new({
      'error' => nil,
      'redirect' => nil
  })
  
  parent_id = params[:parent_id]
  title = params[:title] 
  
  if (title.strip.length == 0)
    resp.error = "A page title is required."
  elsif (!logged_in_user.is_allowed('all', 'all') && 
    !Page.page_ids_with_permission(logged_in_user, 'edit'   ).include?(parent_id) &&
    !Page.page_ids_with_permission(logged_in_user, 'approve').include?(parent_id))
    resp.error = "You don't have permission to add a page there."
  end
  if (!resp.error.nil?)
    render json: resp
    return
  end

parent = Caboose::Page.find(parent_id)
		
page = Caboose::Page.new
page.title = title
page.parent_id = parent_id
page.hide = true
page.content_format = Caboose::Page::CONTENT_FORMAT_HTML

i = 0
begin 
  page.slug = Page.slug(page.title + (i > 0 ? " #{i}" : ""))
  page.uri = parent.parent_id == -1 ? page.slug : "#{parent.uri}/#{page.slug}"
  i = i+1
end while (Page.where(:uri => page.uri).count > 0 && i < 10)

page.save

# Set the new page's permissions		  
viewers = Caboose::PagePermission.where({ :page_id => parent.id, :action => 'view' }).pluck(:role_id)
editors = Caboose::PagePermission.where({ :page_id => parent.id, :action => 'edit' }).pluck(:role_id)
Caboose::Page.update_authorized_for_action(page.id, 'view', viewers)
Caboose::Page.update_authorized_for_action(page.id, 'edit', editors)

# Send back the response
resp.redirect = "/pages/#{page.id}/edit"
  render json: resp
end

#destroy ⇒ Object

DELETE /pages/1

# File 'app/controllers/caboose/pages_controller.rb', line 290

def destroy
  return if !user_is_allowed('pages', 'delete')
  user = Page.find(params[:id])
  user.destroy
  
  resp = StdClass.new({
    'redirect' => '/pages'
  })
  render json: resp
end

#edit ⇒ Object

GET /pages/1/edit

# File 'app/controllers/caboose/pages_controller.rb', line 109

def edit
  return if !user_is_allowed('pages', 'edit')
  @page = Page.find(params[:id])
end

#edit_content ⇒ Object

GET /pages/1/edit-content

# File 'app/controllers/caboose/pages_controller.rb', line 122

def edit_content
  return if !user_is_allowed('pages', 'edit')
  @page = Page.find(params[:id])
  render :layout => 'caboose/modal'
end

#edit_css ⇒ Object

GET /pages/1/edit-css

# File 'app/controllers/caboose/pages_controller.rb', line 136

def edit_css
  return if !user_is_allowed('pages', 'edit')
  @page = Page.find(params[:id])
  render :layout => 'caboose/modal'
end

#edit_js ⇒ Object

GET /pages/1/edit-js

# File 'app/controllers/caboose/pages_controller.rb', line 143

def edit_js
  return if !user_is_allowed('pages', 'edit')
  @page = Page.find(params[:id])
  render :layout => 'caboose/modal'
end

#edit_seo ⇒ Object

GET /pages/1/edit-seo

# File 'app/controllers/caboose/pages_controller.rb', line 150

def edit_seo
  return if !user_is_allowed('pages', 'edit')
  @page = Page.find(params[:id])
  render :layout => 'caboose/modal'
end

#edit_settings ⇒ Object

GET /pages/1/edit-settings

# File 'app/controllers/caboose/pages_controller.rb', line 129

def edit_settings
  return if !user_is_allowed('pages', 'edit')
  @page = Page.find(params[:id])
  render :layout => 'caboose/modal'
end

#edit_title ⇒ Object

GET /pages/1/edit-title

# File 'app/controllers/caboose/pages_controller.rb', line 115

def edit_title
  return if !user_is_allowed('pages', 'edit')
  @page = Page.find(params[:id])
  render :layout => 'caboose/modal'
end

#index ⇒ Object

GET /pages

# File 'app/controllers/caboose/pages_controller.rb', line 10

def index      
end

#new ⇒ Object

GET /pages/new

# File 'app/controllers/caboose/pages_controller.rb', line 95

def new
  return if !user_is_allowed('pages', 'add')
  @pages = Page.new
  @parent_id = params[:parent_id].nil? ? params[:parent_id] : -1
  render :layout => 'caboose/admin'
end

#redirect ⇒ Object

GET /pages/1/redirect

# File 'app/controllers/caboose/pages_controller.rb', line 103

def redirect
  @page = Page.find(params[:id])
  redirect_to "/#{@page.uri}"
end

#robots_options ⇒ Object

# File 'app/controllers/caboose/pages_controller.rb', line 334

def robots_options
  options = [
    { 'value' => 'index'      , 'text' => 'index'      },
    { 'value' => 'noindex'    , 'text' => 'noindex'    },
    { 'value' => 'follow'     , 'text' => 'follow'     },
    { 'value' => 'nofollow'   , 'text' => 'nofollow'   },
    { 'value' => 'nosnippet'  , 'text' => 'nosnippet'  },
    { 'value' => 'noodp'      , 'text' => 'noodp'      },
    { 'value' => 'noarchive'  , 'text' => 'noarchive'  }
  ]
  render json: options 		
end

#show ⇒ Object

GET /pages/:id

# File 'app/controllers/caboose/pages_controller.rb', line 14

def show
  
  # Find the page with an exact URI match 
  page = Page.page_with_uri(request.fullpath, false)
  
if (!page)
	asset
	return
end		  

user = logged_in_user
if (!user.is_allowed(page, 'view'))
	if (user.id == User.logged_out_user_id)	
	  redirect_to "/login?return_url=" + URI.encode(request.fullpath)		  		
		return
	else
		page.title = 'Access Denied'
		page.content = "<p class='note error'>You do not have access to view this page.</p>"
	end
end
  
if (session['use_redirect_urls'] && !page.redirect_url.nil? && page.redirect_url.strip.length > 0)
  redirect_to page.redirect_url
	return
end

page.content = Caboose.plugin_hook('page_content', page.content)
@page = page
@user = user
@editmode = !params['edit'].nil? && user.is_allowed('pages', 'edit') ? true : false
@crumb_trail = Caboose::Page.crumb_trail(@page)
@subnav = Caboose::Page.subnav(@page, session['use_redirect_urls'], @user)
  
  #@subnav.links = @tasks.collect {|href, task| {'href' => href, 'text' => task, 'is_current' => uri == href}}
  
end

#sitemap ⇒ Object

# File 'app/controllers/caboose/pages_controller.rb', line 301

def sitemap
  parent_id = params[:parent_id]
top_page = Page.index_page
p = !parent_id.nil? ? Page.find(parent_id) : top_page
options = []
sitemap_helper2(top_page, options)		 	
@options = options
end

#sitemap_helper(page, options, prefix = '') ⇒ Object

# File 'app/controllers/caboose/pages_controller.rb', line 327

def sitemap_helper(page, options, prefix = '')
  options << { 'value' => page.id, 'text' => prefix + page.title }
  page.children.each do |kid|
    sitemap_helper(kid, options, prefix + ' - ')
  end
end

#sitemap_helper2(page, options, prefix = '') ⇒ Object

# File 'app/controllers/caboose/pages_controller.rb', line 310

def sitemap_helper2(page, options, prefix = '')
  options << { 'value' => page.id, 'text' => prefix + page.title }
  page.children.each do |kid|
    sitemap_helper(kid, options, prefix + ' - ')
  end
end

#sitemap_options ⇒ Object

# File 'app/controllers/caboose/pages_controller.rb', line 317

def sitemap_options
  parent_id = params[:parent_id]
  top_page = Page.index_page
  p = !parent_id.nil? ? Page.find(parent_id) : top_page
  options = []
  sitemap_helper(top_page, options)
 	  
  render json: options 		
end

#update ⇒ Object

PUT /pages/1

# File 'app/controllers/caboose/pages_controller.rb', line 209

def update
  return if !user_is_allowed('pages', 'edit')
  
  resp = StdClass.new({'attributes' => {}})
  page = Page.find(params[:id])
  
  save = true
  user = logged_in_user
  params.each do |name,value|
	  case name
	    when 'parent_id'      
  		if (page.id == value)
  			resp.error = "The page's parent cannot be itself."
  		elsif (Page.is_child(page.id, value))
  			resp.error = "You can't set the current page's parent to be one of its child pages."
  		elsif (value != page.parent_id)
  		  p = Page.find(value)
  		  if (!user.is_allowed(p, 'edit'))
  		    resp.error = "You don't have access to put the current page there."
  		  end
  		end		  		
  		if (resp.error.length > 0)
  		  save = false
  		else		  		
  			parent = Page.find(value)
  			Page.update_parent(page.id, value)
  			resp.attributes['parent_id'] = { 'text' => parent.title }
  		end
  		
  	when 'title', 'menu_title', 'alias', 'hide', 
  	  'custom_css', 'custom_js', 'layout', 'redirect_url',
  	  'seo_title', 'meta_description', 'fb_description', 'gp_description', 'canonical_url'
  	  
  	  page[name.to_sym] = value
  	  
  	when 'content_format'
  	  page.content_format = value
  	  resp.attributes['content_format'] = { 'text' => value }
  	  
  	when 'meta_robots'
  	  if (value.include?('index') && value.include?('noindex'))
  	    resp.error = "You can't have both index and noindex"
  	    save = false
  	  elsif (value.include?('follow') && value.include?('nofollow'))
  	    resp.error = "You can't have both follow and nofollow"
  	    save = false
  	  else
  	    page.meta_robots = value.join(', ')
  	    resp.attributes['meta_robots'] = { 'text' => page.meta_robots }
  	  end
  	  
  	when 'content'
  		page.content = value.strip.gsub(/<meta.*?>/, '').gsub(/<link.*?>/, '').gsub(/\<\!--[\S\s]*?--\>/, '')
  		
  	when 'slug' 
  		page.slug = Page.slug(value.strip.length > 0 ? value : page.title)
  		resp.attributes['slug'] = { 'value' => page.slug }
  				    		
  	when 'custom_sort_children'
  		if (value == 0)
  		  page.children.each do |p|
  				p.sort_order = 1
  				p.save
  			end
  		end
  		page.custom_sort_children = value 		    		
  		
  	when 'viewers'
  	  Page.update_authorized_for_action(page.id, 'view', value)
  	when 'editors'
  	  Page.update_authorized_for_action(page.id, 'edit', value)
  	when 'approvers'
  	  Page.update_authorized_for_action(page.id, 'approve', value)
  end
end
  
	resp.success = save && page.save
	render json: resp
end