summaryrefslogtreecommitdiff
path: root/app
diff options
context:
space:
mode:
authorerdgeist <erdgeist@erdgeist.org>2026-06-25 04:34:55 +0200
committererdgeist <erdgeist@erdgeist.org>2026-06-25 04:34:55 +0200
commitf7a5944a1f44ede9881d368a36eb9f7d82d6ab69 (patch)
tree3803e9840eab4976b299a8cce969b7785b018b19 /app
parent3f236c7a0e544db94ef822f120d649ac5ee958f7 (diff)
Rails 4.2 model and controller fixes
- Wrap all scopes in lambdas (required in Rails 4) - Move scopes after associations in page.rb (evaluated at load time in Rails 4) - Convert association :order options to lambda syntax - Remove attr_accessible from page.rb and user.rb - Add Strong Parameters: user_params in UsersController, node_params/page_params in NodesController - Fix clone_attributes_from: exclude id/page_id/timestamps when cloning translations - Fix redirect_to :back → request.referer fallback in nodes_controller - Fix node_path/publish and unlock actions: pass @node argument
Diffstat (limited to 'app')
-rw-r--r--app/controllers/nodes_controller.rb18
-rw-r--r--app/controllers/users_controller.rb15
-rw-r--r--app/models/asset.rb9
-rw-r--r--app/models/menu_item.rb4
-rw-r--r--app/models/node.rb2
-rw-r--r--app/models/page.rb15
-rw-r--r--app/models/permission.rb4
-rw-r--r--app/models/related_asset.rb6
-rw-r--r--app/models/user.rb2
9 files changed, 43 insertions, 32 deletions
diff --git a/app/controllers/nodes_controller.rb b/app/controllers/nodes_controller.rb
index 7c082c4..2b36b78 100644
--- a/app/controllers/nodes_controller.rb
+++ b/app/controllers/nodes_controller.rb
@@ -21,7 +21,7 @@ class NodesController < ApplicationController
21 end 21 end
22 22
23 def new 23 def new
24 @node = Node.new params[:node] 24 @node = Node.new node_params
25 if params.has_key?(:parent_id) 25 if params.has_key?(:parent_id)
26 @parent_id = params[:parent_id] 26 @parent_id = params[:parent_id]
27 @parent_name = Node.find(@parent_id).title 27 @parent_name = Node.find(@parent_id).title
@@ -62,7 +62,7 @@ class NodesController < ApplicationController
62 rescue LockedByAnotherUser => e 62 rescue LockedByAnotherUser => e
63 flash[:error] = e.message 63 flash[:error] = e.message
64 if request.referer 64 if request.referer
65 redirect_to :back 65 redirect_to request.referer || node_path(@node)
66 else 66 else
67 redirect_to node_path(@node) 67 redirect_to node_path(@node)
68 end 68 end
@@ -70,10 +70,10 @@ class NodesController < ApplicationController
70 end 70 end
71 71
72 def update 72 def update
73 @node.update_attributes(params[:node]) 73 @node.update_attributes(node_params)
74 @draft = @node.find_or_create_draft current_user 74 @draft = @node.find_or_create_draft current_user
75 @draft.tag_list = params[:tag_list] 75 @draft.tag_list = params[:tag_list]
76 if @draft.update_attributes( params[:page] ) 76 if @draft.update_attributes( page_params )
77 flash[:notice] = "Draft has been saved: #{Time.now}" 77 flash[:notice] = "Draft has been saved: #{Time.now}"
78 respond_to do |format| 78 respond_to do |format|
79 format.html { redirect_to edit_node_path(@node) } 79 format.html { redirect_to edit_node_path(@node) }
@@ -91,7 +91,7 @@ class NodesController < ApplicationController
91 def publish 91 def publish
92 @node.publish_draft! 92 @node.publish_draft!
93 flash[:notice] = "Draft has been published" 93 flash[:notice] = "Draft has been published"
94 redirect_to node_path 94 redirect_to node_path(@node)
95 end 95 end
96 96
97 def unlock 97 def unlock
@@ -105,6 +105,14 @@ class NodesController < ApplicationController
105 end 105 end
106 106
107 private 107 private
108
109 def node_params
110 params.fetch(:node, {}).permit(:slug, :parent_id)
111 end
112
113 def page_params
114 params.fetch(:page, {}).permit(:title, :abstract, :body, :template_name, :published_at, :user_id)
115 end
108 116
109 def find_node 117 def find_node
110 @node = Node.find(params[:id]) 118 @node = Node.find(params[:id])
diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb
index b7914c4..1d85690 100644
--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@@ -15,11 +15,11 @@ class UsersController < ApplicationController
15 end 15 end
16 16
17 def new 17 def new
18 @user = User.new( params[:user] ) 18 @user = User.new
19 end 19 end
20 20
21 def create 21 def create
22 @user = User.new params[:user] 22 @user = User.new user_params
23 23
24 if @user.save 24 if @user.save
25 flash[:notice] = "User created #{@user.login}" 25 flash[:notice] = "User created #{@user.login}"
@@ -33,8 +33,10 @@ class UsersController < ApplicationController
33 end 33 end
34 34
35 def update 35 def update
36 params[:user].delete(:admin) unless current_user.is_admin? 36 permitted = user_params
37 if @user.update_attributes(params[:user]) 37 permitted.delete(:admin) unless current_user.is_admin?
38
39 if @user.update_attributes(permitted)
38 flash[:notice] = "Updated user #{@user.login}" 40 flash[:notice] = "Updated user #{@user.login}"
39 redirect_to user_path(@user) 41 redirect_to user_path(@user)
40 else 42 else
@@ -51,6 +53,11 @@ class UsersController < ApplicationController
51 end 53 end
52 54
53 private 55 private
56
57 def user_params
58 params.fetch(:user, {}).permit(:login, :email, :password, :password_confirmation, :admin)
59 end
60
54 def find_user 61 def find_user
55 @user = User.find(params[:id]) 62 @user = User.find(params[:id])
56 end 63 end
diff --git a/app/models/asset.rb b/app/models/asset.rb
index 3ad5857..f6526f2 100644
--- a/app/models/asset.rb
+++ b/app/models/asset.rb
@@ -13,8 +13,9 @@ class Asset < ActiveRecord::Base
13 :headline => "460x250#" 13 :headline => "460x250#"
14 } 14 }
15 ) 15 )
16 16
17 scope :images, where(:upload_content_type => ["image/gif", "image/jpeg", "image/png"]) 17 scope :images, -> { where(:upload_content_type => ["image/gif", "image/jpeg", "image/png"]) }
18 scope :documents, where(:upload_content_type => ["application/pdf", "text/plain", "text/rtf"]) 18 scope :documents, -> { where(:upload_content_type => ["application/pdf", "text/plain", "text/rtf"]) }
19 scope :audio, where(:upload_content_type => ["audio/mpeg", "audio/x-m4a", "audio/wav", "audio/x-wav"]) 19 scope :audio, -> { where(:upload_content_type => ["audio/mpeg", "audio/x-m4a", "audio/wav", "audio/x-wav"]) }
20
20end 21end
diff --git a/app/models/menu_item.rb b/app/models/menu_item.rb
index d1ddc68..eb82347 100644
--- a/app/models/menu_item.rb
+++ b/app/models/menu_item.rb
@@ -1,6 +1,6 @@
1class MenuItem < ActiveRecord::Base 1class MenuItem < ActiveRecord::Base
2 2
3 default_scope where(:type => "MenuItem") 3 default_scope -> { where(:type => "MenuItem") }
4 4
5 translates :title 5 translates :title
6 6
@@ -24,5 +24,5 @@ end
24 24
25 25
26class FeaturedArticle < MenuItem 26class FeaturedArticle < MenuItem
27 default_scope where(:type => "FeaturedArticle") 27 default_scope -> { where(:type => "FeaturedArticle") }
28end 28end
diff --git a/app/models/node.rb b/app/models/node.rb
index 3cab7ed..8be6daf 100644
--- a/app/models/node.rb
+++ b/app/models/node.rb
@@ -3,7 +3,7 @@ class Node < ActiveRecord::Base
3 acts_as_nested_set 3 acts_as_nested_set
4 4
5 # Associations 5 # Associations
6 has_many :pages, :order => "revision ASC", :dependent => :destroy 6 has_many :pages, -> { order("revision ASC") }, :dependent => :destroy
7 belongs_to :head, :class_name => "Page", :foreign_key => :head_id, :dependent => :destroy 7 belongs_to :head, :class_name => "Page", :foreign_key => :head_id, :dependent => :destroy
8 belongs_to :draft, :class_name => "Page", :foreign_key => :draft_id, :dependent => :destroy 8 belongs_to :draft, :class_name => "Page", :foreign_key => :draft_id, :dependent => :destroy
9 has_many :permissions, :dependent => :destroy 9 has_many :permissions, :dependent => :destroy
diff --git a/app/models/page.rb b/app/models/page.rb
index 5c93a93..e2cbee5 100644
--- a/app/models/page.rb
+++ b/app/models/page.rb
@@ -5,10 +5,6 @@ class Page < ActiveRecord::Base
5 PUBLIC_TEMPLATE_PATH = File.join(%w(custom page_templates public)) 5 PUBLIC_TEMPLATE_PATH = File.join(%w(custom page_templates public))
6 FULL_PUBLIC_TEMPLATE_PATH = Rails.root.join('app', 'views', PUBLIC_TEMPLATE_PATH) 6 FULL_PUBLIC_TEMPLATE_PATH = Rails.root.join('app', 'views', PUBLIC_TEMPLATE_PATH)
7 7
8 # named scopes
9 scope :drafts, joins(:node).includes(:translations).where("nodes.draft_id = pages.id")
10 scope :heads, joins(:node).includes(:translations).where("nodes.head_id = pages.id")
11
12 # Mixins and Plugins 8 # Mixins and Plugins
13 acts_as_taggable 9 acts_as_taggable
14 acts_as_list :column => :revision, :scope => :node_id 10 acts_as_list :column => :revision, :scope => :node_id
@@ -20,16 +16,17 @@ class Page < ActiveRecord::Base
20 belongs_to :user 16 belongs_to :user
21 belongs_to :editor, :class_name => "User" 17 belongs_to :editor, :class_name => "User"
22 has_many :related_assets 18 has_many :related_assets
23 has_many :assets, :through => :related_assets, :order => "position ASC" 19 has_many :assets, -> { order("position ASC") }, :through => :related_assets
20
21 # Named scopes
22 scope :drafts, -> { joins(:node).includes(:translations).where("nodes.draft_id = pages.id") }
23 scope :heads, -> { joins(:node).includes(:translations).where("nodes.head_id = pages.id") }
24 24
25 # Filter 25 # Filter
26 before_create :set_page_title 26 before_create :set_page_title
27 before_create :set_template 27 before_create :set_template
28 before_save :rewrite_links_in_body 28 before_save :rewrite_links_in_body
29 29
30 # Security
31 attr_accessible :title, :abstract, :body, :template_name, :published_at, :user_id
32
33 # Class Methods 30 # Class Methods
34 31
35 # This method is most likely called from the ContentHelper.render_collection 32 # This method is most likely called from the ContentHelper.render_collection
@@ -146,7 +143,7 @@ class Page < ActiveRecord::Base
146 143
147 # Clone translated attributes 144 # Clone translated attributes
148 page.translations.each do |translation| 145 page.translations.each do |translation|
149 self.translations.create!(translation.attributes) 146 self.translations.create!(translation.attributes.except("id", "page_id", "created_at", "updated_at"))
150 end 147 end
151 148
152 # Clone asset references 149 # Clone asset references
diff --git a/app/models/permission.rb b/app/models/permission.rb
index a7a30ed..f304538 100644
--- a/app/models/permission.rb
+++ b/app/models/permission.rb
@@ -8,6 +8,6 @@ class Permission < ActiveRecord::Base
8 belongs_to :node 8 belongs_to :node
9 9
10 # Named scopes 10 # Named scopes
11 scope :for_node, lambda { |node| where('node_id = ?', (node.is_a?(Node) ? node.id : node)) } 11 scope :for_node, ->(node) { where('node_id = ?', (node.is_a?(Node) ? node.id : node)) }
12 scope :for_user, lambda { |user| where('user_id = ?', (user.is_a?(User) ? user.id : user)) } 12 scope :for_user, ->(user) { where('user_id = ?', (user.is_a?(User) ? user.id : user)) }
13end 13end
diff --git a/app/models/related_asset.rb b/app/models/related_asset.rb
index af09420..2b61c51 100644
--- a/app/models/related_asset.rb
+++ b/app/models/related_asset.rb
@@ -3,6 +3,6 @@ class RelatedAsset < ActiveRecord::Base
3 belongs_to :asset 3 belongs_to :asset
4 4
5 acts_as_list :scope => :page_id 5 acts_as_list :scope => :page_id
6 6
7 default_scope :order => "position ASC" 7 default_scope -> { order("position ASC") }
8end \ No newline at end of file 8end
diff --git a/app/models/user.rb b/app/models/user.rb
index ce5503f..a2540b5 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -21,8 +21,6 @@ class User < ActiveRecord::Base
21 validates_format_of :email, :with => Authentication.email_regex, 21 validates_format_of :email, :with => Authentication.email_regex,
22 :message => Authentication.bad_email_message 22 :message => Authentication.bad_email_message
23 23
24 attr_accessible :login, :email, :password, :password_confirmation, :admin
25
26 # Authenticates a user by their login name and unencrypted password. Returns the user or nil. 24 # Authenticates a user by their login name and unencrypted password. Returns the user or nil.
27 def self.authenticate(login, password) 25 def self.authenticate(login, password)
28 return nil if login.blank? || password.blank? 26 return nil if login.blank? || password.blank?