| Age | Commit message (Collapse) | Author |
|
Node.drafts_and_autosaves and Node.recently_changed replace inline
query logic in NodesController#drafts/#recent -- pure refactor, no
behavior change for either action. The real reason: the dashboard's
upcoming abridged widgets need the exact same queries the full pages
already use, just limited and (for drafts) sorted with the current
user's own locked nodes first. Better to share one method than let a
widget and a full page quietly drift onto two versions of "what counts
as a current draft."
current_user_id: is an explicit, optional argument rather than a
separate method -- ordering by lock ownership only applies when a user
is given; omitted entirely, it's pure recency, exactly today's
behavior. Needed Arel.sql wrapping a sanitized CASE expression before
.order would accept it -- sanitize_sql_array only vouches for the
values inside the string, a separate Rails safety check still refuses
any string shaped like more than a plain column reference unless it's
explicitly marked as already-vetted.
|
|
Extracted from admin#index's inline table into NodesController#sitemap.
Nested <details>/<summary> per branch, one linear pass over the
existing flat [node, level] list (no added queries) -- each node's own
descendant count computed the same way, via a small stack rather than
re-walking the tree per node. Branches under updates/, club/erfas,
club/chaostreffs, and disclosure start collapsed by default
(CccConventions::SITEMAP_COLLAPSED_PATHS); any branch currently
collapsed, whether by that default or because someone just closed it,
is highlighted via a plain :not([open]) selector -- no state tracked
outside the DOM itself.
Dropped the update?-post exclusion this view used to rely on -- no
longer needed now that updates/ collapses instead of being filtered
out, so its real children (previously silently absent) now show up
correctly. admin#index's own, separate @sitemap query is unchanged;
that view has no collapse mechanism to compensate and wasn't part of
this.
|
|
Four NodesController actions -- drafts, recent, mine, chapters --
each building its own base scope, sharing one private method
(index_matching) for search narrowing and pagination. Wizard rewrite
to link into these instead of rendering its own tables is a separate,
later step.
Node.editor_search backs the shared "q" narrowing: an ILIKE substring
match against title/abstract on whichever of head or draft is
present, splitting the term on whitespace and requiring every word to
match somewhere independently, not as one phrase, since real words can
end up separated by markup in the underlying HTML. Deliberately
separate from Node.search, the public content search, which stays
tsvector-based and head-only.
chapters generalizes into /admin/nodes/tags/:tags for an arbitrary
tag list (OR'd, not AND'd), sharing the controller action but
rendering its own template rather than branching inside one view.
|
|
|
|
Node#resolve_page_reference and #available_layer_pairs let
Page#diff_against compare named layers (head/draft/autosave), not
just numbered revisions -- autosave was never part of Node#pages, so
this was the missing piece.
Wired into nodes#show's Status section, nodes#edit right after an
autosave gets resurrected ("What changed?"), and the admin wizard's
current-drafts table, which now also lists autosave-only nodes it
previously never showed.
revisions#diff hides the numbered-revision picker when comparing
named layers (it can't represent them), shows a plain label instead,
and offers buttons to switch between whichever other pairs make
sense for the node's current state. Destroying the topmost layer is
available directly from the diff view, reusing the existing revert!
path.
"Discard changes" is renamed "Discard Autosave" everywhere it
appears, to match "Destroy Draft".
|
|
Editors' TinyMCE output can contain unclosed void elements like <br>,
which is valid HTML5 but invalid XML -- three different places assumed
the stricter rule and broke or silently misbehaved on the looser one.
The Atom feed's <content type="xhtml"> block required real, well-formed
XML structure but was handed a raw, unescaped body string; switched to
type="html" with CGI.escapeHTML, matching how title/summary already
handle the same content. rewrite_links_in_body used libxml's strict XML
parser to rewrite internal links to be locale-prefixed, which raised on
exactly this class of malformed markup -- silently, since the whole
method was wrapped in rescue; nil, meaning the link rewrite (not the
save) quietly failed with no error anywhere. Replaced with Nokogiri's
lenient HTML parser, which repairs malformed void elements rather than
rejecting them; also drops the bare rescue now that the actual failure
mode it was guarding against shouldn't occur, and fixes two adjacent
bugs found while in this method: a typo'd /sytem/uploads/ regex that
could never match, and a missing https:// exclusion alongside the
existing http:// one.
Also addresses stale flash messaging surfaced while testing the above:
update's save confirmation was being clobbered by edit's own "locked
and ready" notice on the very next request, since nothing distinguished
a fresh lock acquisition from a redirect back after saving. The save
confirmation now names the next step (publish from Status) and flags a
stale translation if one exists, using Page#outdated_translations?,
already present but previously unused by any controller.
|
|
Retires content_for :subnavigation on nodes#show entirely -- Preview
was fully redundant with Links' own preview URLs in every state, and
Edit is now a permanent, always-rendered action inside the new Status
section rather than a link floating at the top, consistent with the
"action lives next to the info" pattern People already established
for Unlock. Status surfaces head/draft/autosave plainly and gates
Edit/Publish/Destroy/Discard on lock ownership specifically, not mere
lock presence -- @node.locked? alone would have blocked the lock
owner's own session, caught by the click-test and fixed here rather
than shipped.
nodes#edit's action bar is rebuilt to sit outside form_for (both
button_to calls render their own nested form, invalid HTML the
browser was silently stripping) with Save wired back in via
form="..." rather than needing to live inside the form tag at all.
Also brings the locked-and-ready-to-edit flash message, and the
visual polish from this session's click-test: consistent button
heights across the bordered and pill-shaped variants sharing a row,
spacing between Status's data and its actions, and error_messages
styling reusing the destructive-red vocabulary already established
elsewhere.
|
|
revert! requires the lock to already be held, correct for nodes#edit
where the editor holds it throughout -- but both exclusive-case
buttons on nodes#show fire from a node that starts out unlocked,
which raised LockedByAnotherUser incorrectly. lock_for_editing! first
makes both call sites safe: a harmless re-stamp when already the
owner, a real but momentary acquisition otherwise, released again by
revert! itself once nothing is left to protect.
|
|
A blank title failed presence and length validation simultaneously,
showing two redundant messages for one problem; length now skips
whenever slug is already blank, matching presence's own skip
condition. Separately, create's failure path never computed
@selected_kind/@parent_id/@parent_name the way new does, so
re-rendering after a validation error silently lost which kind and
parent had been chosen -- for the auto-tagging/auto-templating kinds,
that meant a corrected resubmission could silently produce a plain
generic node instead. required on the title field closes the common
case without a round trip; the server-side fix remains the actual
guarantee, since required is trivially bypassed.
|
|
revert! discards exactly the topmost non-empty layer -- autosave if
present, else draft -- and reveals whatever's beneath it, releasing the
lock only once nothing is left to protect. Guards against destroying a
brand-new, never-published node's only draft, which would violate the
(head | draft) invariant every other method here assumes holds; the
view's Destroy/Discard button is gated the same way.
nodes#edit now calls lock_for_editing! instead of find_or_create_draft,
and always displays autosave || draft || head, resurrecting an
abandoned session's unsaved content by default with an explicit flash
explaining what's shown and how to get back to the last saved version.
The view drops content_for :subnavigation entirely: Show becomes
"Unlock + Back", Preview stays a plain link, metadata's own <details>
already replaced the old toggle, and Publish moves off this page for
good, per the earlier decision to manage the publish lifecycle
entirely from nodes#show. Save Draft and Save + Unlock + Exit appear
both above and below the form, given the body field alone runs 600px
on desktop.
|
|
Route Save and autosave through the new Node methods
update now promotes the current autosave into the draft via
save_draft! rather than writing submitted params directly; autosave
gets its own PUT member route so PATCH update can mean "deliberate
save" specifically, matching every other custom action on this
resource. Both now require the lock to already be held rather than
acquiring it themselves, which is a deliberate narrowing: through the
real UI this is always true, since neither can fire before edit has
loaded. Two existing tests called update directly with no prior
edit, which the old code tolerated by acquiring the lock as a side
effect; updated to call edit first instead of loosening the
guarantee back open.
NodesController#edit itself is unchanged and still calls the old
find_or_create_draft, so drafts are still created eagerly on entering
edit for now -- switching that over is the next step, not this one.
|
|
parent_match Procs on CccConventions::NODE_KINDS, matched against
unique_path, decide which "add child" kinds show on a given node. Fixes
nodes#new not honoring a pre-selected kind (radio group and parent-field
visibility both defaulted to "generic" unconditionally).
|
|
Lets editors share a draft with people outside the admin system, via a
random per-page token rather than an enumerable id - /preview/<token>.
shared_previews#show is intentionally unauthenticated. Redirects to the
real public URL once the page is published. Surfaced on nodes#show
(Admin Preview + Public Preview, next to Public Link) as generate/revoke
buttons.
|
|
|
|
lib/ccc_conventions.rb: NODE_KINDS registry replaces the kind-specific
branches previously scattered across nodes_controller#create (tags),
unique_path-position check). Each kind declares its parent lookup
(a Proc - Update's "update"/"press_release" continue to genuinely
find-or-create their year-folder via Update.find_or_create_parent;
erfa/chaostreff use a plain find_by_unique_name!, since their parent
nodes are fixed and a missing one should fail loudly, not be silently
created), its tags, and (new) its default template.
Node gains a default_template_name column (migration, with backfill
for existing update-tree nodes via node.update? - reusing that method
rather than re-deriving its unique_path check in raw SQL). Page#set_template
now inherits from node.default_template_name, falling back to the old
update?-based check only when the column is blank, and only fills in
template_name when nothing's already been explicitly chosen - a
deliberate change from the previous behavior, which unconditionally
overwrote template_name on every save regardless of manual selection.
Node#update? itself is unchanged and still used as-is by
admin_controller's sitemap filtering - a genuinely different, still
valid use of that check.
"generic" stays special-cased in the controller, parametrized by
params[:parent_id] at request time - doesn't fit "kind implies a fixed
lookup" and isn't in the registry.
nodes#new's four hardcoded radio buttons and nodes_controller's
kind-specific case/when branches are both replaced by iterating/looking
up this one registry - adding a new kind now means one new hash entry,
not four scattered edits.
|
|
- nodes_controller: permit staged_slug and staged_parent_id in node
params; these were silently dropped since strong parameters migration,
breaking the two-phase slug/parent change workflow
- file_attachment: add SVG support; vector files are copied to all style
directories without rasterisation, preserving scalability in the browser
- assets index/show: constrain image display with max-width/max-height
via admin.css td img rule; fixes oversized SVG thumbnails while leaving
raster variants unaffected
|
|
- routing-filter 0.6.3 -> 0.7.0 (Rails 6.1 compatibility)
- RSS named routes rss_xml/rss_rdf added
- RouteWithParams workarounds: will_paginate_patch, content_path shim, safe_path helper
- Paperclip removed, replaced with FileAttachment concern (preserves URL scheme)
- Assets resource moved to /admin/assets (Sprockets middleware conflict)
- ApplicationRecord base class added, all models migrated
- Strong parameters added to Assets, Occurrences, Events, MenuItems controllers
- update_attributes -> update throughout
- render :nothing -> head :ok/:not_found throughout
- language_selector rewritten (removes :overwrite_params)
- Environment files updated for Rails 6.1 (eager_load, public_file_server, ActionMailer)
- Arel::Visitors::DepthFirst and Integer/Float duration patches removed from test_helper
- AssetsController tests added (10 tests covering upload, variants, destroy, auth)
- ImageMagick geometry: 460x250! for headline crop (not # which is invalid in IM6)
129 runs, 311 assertions, 5 failures (all pre-existing), 0 errors
|
|
- Rename before_filter → before_action across all controllers
- Fix string conditions in validators to lambda syntax (node.rb)
- Fix publish_draft!: move staged slug/parent logic outside draft guard,
use move_to_child_of for parent changes, add nil guard for no-op calls
- Fix update_unique_names_of_children: use parent_id traversal instead
of lft/rgt descendants (awesome_nested_set 3.x lft/rgt update bug)
- Fix unique_path to return Array instead of String
- Fix Occurrence.delete_all syntax for Rails 5
- Fix Page.find_with_outdated_translations: use includes instead of all
- Fix outdated_translations?: use find instead of splat array
|
|
- Wrap all scopes in lambdas (required in Rails 4)
- Move scopes after associations in page.rb (evaluated at load time in Rails 4)
- Convert association :order options to lambda syntax
- Remove attr_accessible from page.rb and user.rb
- Add Strong Parameters: user_params in UsersController, node_params/page_params in NodesController
- Fix clone_attributes_from: exclude id/page_id/timestamps when cloning translations
- Fix redirect_to :back → request.referer fallback in nodes_controller
- Fix node_path/publish and unlock actions: pass @node argument
|
|
- Converted plugins to gems (Gemfile)
- Updated config structure (application.rb, boot.rb, environment.rb)
- Converted routes to Rails 3 DSL
- Converted named_scope to scope throughout models
- Converted find(:all, :conditions) to where() chains
- Fixed has_many :order to use ordering scope
- Updated session store and secret token configuration
- Fixed exception_notification middleware configuration
- Patched Ruby 2.4 / Rails 3.2 incompatibilities:
- Integer/Float duration arithmetic (ActiveSupport)
- Arel visit_Integer for PostgreSQL adapter
- create_database String/Integer coercion
- ActionController consider_all_requests_local
- Migrated taggings schema for acts-as-taggable-on
- Replaced dynamic_form gem with custom form_error_messages helper
- Fixed Rails 3 block helper syntax (form_for, form_tag, fields_for)
- Fixed admin layout yield
- Updated test suite for Rails 3 APIs
|
|
|
|
|
|
|
|
|
|
Closes #13
|
|
also changing the german error messages to english as the interface is english only so far
|
|
|
|
|
|
get staged and are applied once that revision is published
|
|
|
|
|
|
|
|
and locks all the time when he / she only wants to take a look at it.
|
|
|
|
|
|
|
|
joshmh for the support!
|
|
|
|
|
|
|
|
well
|
|
|
|
|
|
|
|
|
|
|
|
|
|
in the admin interface possible
|
|
a new member route for the nodes resource so that
a put request on /nodes/id/publish will publish
the current draft of a node
|
|
|