summaryrefslogtreecommitdiff
path: root/app/controllers
diff options
context:
space:
mode:
authorerdgeist <erdgeist@erdgeist.org>2026-06-25 04:34:55 +0200
committererdgeist <erdgeist@erdgeist.org>2026-06-25 04:34:55 +0200
commitf7a5944a1f44ede9881d368a36eb9f7d82d6ab69 (patch)
tree3803e9840eab4976b299a8cce969b7785b018b19 /app/controllers
parent3f236c7a0e544db94ef822f120d649ac5ee958f7 (diff)
Rails 4.2 model and controller fixes
- Wrap all scopes in lambdas (required in Rails 4) - Move scopes after associations in page.rb (evaluated at load time in Rails 4) - Convert association :order options to lambda syntax - Remove attr_accessible from page.rb and user.rb - Add Strong Parameters: user_params in UsersController, node_params/page_params in NodesController - Fix clone_attributes_from: exclude id/page_id/timestamps when cloning translations - Fix redirect_to :back → request.referer fallback in nodes_controller - Fix node_path/publish and unlock actions: pass @node argument
Diffstat (limited to 'app/controllers')
-rw-r--r--app/controllers/nodes_controller.rb18
-rw-r--r--app/controllers/users_controller.rb15
2 files changed, 24 insertions, 9 deletions
diff --git a/app/controllers/nodes_controller.rb b/app/controllers/nodes_controller.rb
index 7c082c4..2b36b78 100644
--- a/app/controllers/nodes_controller.rb
+++ b/app/controllers/nodes_controller.rb
@@ -21,7 +21,7 @@ class NodesController < ApplicationController
21 end 21 end
22 22
23 def new 23 def new
24 @node = Node.new params[:node] 24 @node = Node.new node_params
25 if params.has_key?(:parent_id) 25 if params.has_key?(:parent_id)
26 @parent_id = params[:parent_id] 26 @parent_id = params[:parent_id]
27 @parent_name = Node.find(@parent_id).title 27 @parent_name = Node.find(@parent_id).title
@@ -62,7 +62,7 @@ class NodesController < ApplicationController
62 rescue LockedByAnotherUser => e 62 rescue LockedByAnotherUser => e
63 flash[:error] = e.message 63 flash[:error] = e.message
64 if request.referer 64 if request.referer
65 redirect_to :back 65 redirect_to request.referer || node_path(@node)
66 else 66 else
67 redirect_to node_path(@node) 67 redirect_to node_path(@node)
68 end 68 end
@@ -70,10 +70,10 @@ class NodesController < ApplicationController
70 end 70 end
71 71
72 def update 72 def update
73 @node.update_attributes(params[:node]) 73 @node.update_attributes(node_params)
74 @draft = @node.find_or_create_draft current_user 74 @draft = @node.find_or_create_draft current_user
75 @draft.tag_list = params[:tag_list] 75 @draft.tag_list = params[:tag_list]
76 if @draft.update_attributes( params[:page] ) 76 if @draft.update_attributes( page_params )
77 flash[:notice] = "Draft has been saved: #{Time.now}" 77 flash[:notice] = "Draft has been saved: #{Time.now}"
78 respond_to do |format| 78 respond_to do |format|
79 format.html { redirect_to edit_node_path(@node) } 79 format.html { redirect_to edit_node_path(@node) }
@@ -91,7 +91,7 @@ class NodesController < ApplicationController
91 def publish 91 def publish
92 @node.publish_draft! 92 @node.publish_draft!
93 flash[:notice] = "Draft has been published" 93 flash[:notice] = "Draft has been published"
94 redirect_to node_path 94 redirect_to node_path(@node)
95 end 95 end
96 96
97 def unlock 97 def unlock
@@ -105,6 +105,14 @@ class NodesController < ApplicationController
105 end 105 end
106 106
107 private 107 private
108
109 def node_params
110 params.fetch(:node, {}).permit(:slug, :parent_id)
111 end
112
113 def page_params
114 params.fetch(:page, {}).permit(:title, :abstract, :body, :template_name, :published_at, :user_id)
115 end
108 116
109 def find_node 117 def find_node
110 @node = Node.find(params[:id]) 118 @node = Node.find(params[:id])
diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb
index b7914c4..1d85690 100644
--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@@ -15,11 +15,11 @@ class UsersController < ApplicationController
15 end 15 end
16 16
17 def new 17 def new
18 @user = User.new( params[:user] ) 18 @user = User.new
19 end 19 end
20 20
21 def create 21 def create
22 @user = User.new params[:user] 22 @user = User.new user_params
23 23
24 if @user.save 24 if @user.save
25 flash[:notice] = "User created #{@user.login}" 25 flash[:notice] = "User created #{@user.login}"
@@ -33,8 +33,10 @@ class UsersController < ApplicationController
33 end 33 end
34 34
35 def update 35 def update
36 params[:user].delete(:admin) unless current_user.is_admin? 36 permitted = user_params
37 if @user.update_attributes(params[:user]) 37 permitted.delete(:admin) unless current_user.is_admin?
38
39 if @user.update_attributes(permitted)
38 flash[:notice] = "Updated user #{@user.login}" 40 flash[:notice] = "Updated user #{@user.login}"
39 redirect_to user_path(@user) 41 redirect_to user_path(@user)
40 else 42 else
@@ -51,6 +53,11 @@ class UsersController < ApplicationController
51 end 53 end
52 54
53 private 55 private
56
57 def user_params
58 params.fetch(:user, {}).permit(:login, :email, :password, :password_confirmation, :admin)
59 end
60
54 def find_user 61 def find_user
55 @user = User.find(params[:id]) 62 @user = User.find(params[:id])
56 end 63 end