summaryrefslogtreecommitdiff
path: root/app/controllers
AgeCommit message (Collapse)Author
27 hoursPermit :admin in params only for adminserdgeist
27 hoursRemove recent_changes RSS feed. It leaks unpublished drafts and the basic auth was only symbolicerdgeist
27 hoursPrevent xss by not allowing return_to to point to javascript resourceserdgeist
42 hoursImprove admin search overlay layout and behaviourerdgeist
- Widen overlay (300px -> min(520px, 90vw)), centre instead of hardcoded left:400px, so it scales from mobile to desktop - Split title and unique_name into separate JSON fields and DOM elements; two-line result layout (bold title, small grey monospace path) instead of "Title (path)" wrapping awkwardly - Add small margin between title and path line - Fix event handler stacking: keyup/escape/outside-click handlers were being rebound on every display_toggle call. Moved all bindings to initialize(), display_toggle() now only shows/hides - Switch search input from keyup to input event, catching paste and cut via mouse which keyup misses - Add Escape key and outside-click to dismiss the overlay - Stop clearing search box and results on close; reopening now preserves prior search, matching standard search UI behaviour - Link search results to node_path instead of edit_node_path, since opening edit auto-locks the node - Add "press Enter to see all results" hint in dropdown - Disable browser autocomplete on search input
3 daysRestore and improve admin node searcherdgeist
- Admin search broke when routing-filter was removed: hardcoded /admin/search and /admin/menu_search URLs in admin_search.js no longer matched the locale-scoped routes. Fix by emitting locale-aware URLs from the layout as JS variables. - Also fixes form submission (POST -> GET, missing = on form_tag), jQuery .attr("value") -> .val() for typeahead input reading, and template name for Rails 8 compatibility. - Adds a visible "search" link to the admin menu so editors can discover the feature without knowing the Alt+F shortcut. Search results now show node path alongside title and link directly to the edit view. Named route admin_menu_search added to routes.rb.
4 daysrss: add per-tag Atom feed at /rss/tags/:tag/updates.xmlerdgeist
- rss#tag_updates action: filters Page.heads by tag name, default locale, 20 items, same caching as updates feed - tag_updates.xml.builder: Atom feed with CGI.escapeHTML on title and summary, consistent with updates.xml.builder - tags/show.html.erb: add subscription link above article list - routes: two routes per existing pattern (format-less + .:format constrained to /xml/)
4 daysStage 7 click-testing fixes (2)erdgeist
- nodes_controller: permit staged_slug and staged_parent_id in node params; these were silently dropped since strong parameters migration, breaking the two-phase slug/parent change workflow - file_attachment: add SVG support; vector files are copied to all style directories without rasterisation, preserving scalability in the browser - assets index/show: constrain image display with max-width/max-height via admin.css td img rule; fixes oversized SVG thumbnails while leaving raster variants unaffected
4 daysStage 7: Rails 7.2 → 8.1 on Ruby 3.2.11erdgeist
- Bump Rails to 8.1.3 (Ruby unchanged at 3.2.11, new gemset rails8-upgrade) - config.load_defaults 8.1; merge app:update diffs for all environment files - Remove routing-filter 0.7.0; replace with native scope '(:locale)' in routes.rb and default_url_options in ApplicationController - Delete config/initializers/routing_filter_rails71_patch.rb - Replace vendored TinyMCE 3.x (~200 files) with tinymce-rails ~> 8.3; migrate admin_interface.js from jQuery .tinymce()/advanced theme to tinymce.init(); add config/tinymce.yml; note: TinyMCE 7+ is GPL - rails-i18n ~> 8.0 added explicitly (previously indirect dependency) - awesome_nested_set, acts-as-taggable-on pinned to git main/master (gemspec activerecord < 8.1 ceiling; no functional incompatibility; repin to version once upstream releases updated gemspecs) - globalize ~> 7.0, libxml-ruby ~> 5.0, nokogiri ~> 1.18, pg ~> 1.5 - sass-rails, coffee-rails, uglifier moved from :assets group to main (Sprockets 4 convention; :assets group no longer meaningful) - Node: head, draft, lock_owner marked belongs_to optional: true - Page: node, user, editor marked belongs_to optional: true - Static assets in public/images/ and public/javascripts/ referenced via plain HTML tags; Rails 8 load_defaults raises on pipeline helpers for undeclared assets - sessions_controller_test.rb: remove stale require and dead rescue_action - users_controller_test.rb: assert button[type=submit] not input[type=submit] (Rails 8 button_to renders <button> not <input>) - test_helper.rb: node.reload after children.create! (awesome_nested_set 3.9.0 does not refresh parent in memory after callback) - 129 runs, 339 assertions, 3 failures, 0 errors — identical baseline to 7.2
5 daysFix RSS feeds, xmlparser initializererdgeist
6 daysStage 4: Rails 5.2 -> 6.1 on Ruby 2.7.2erdgeist
- routing-filter 0.6.3 -> 0.7.0 (Rails 6.1 compatibility) - RSS named routes rss_xml/rss_rdf added - RouteWithParams workarounds: will_paginate_patch, content_path shim, safe_path helper - Paperclip removed, replaced with FileAttachment concern (preserves URL scheme) - Assets resource moved to /admin/assets (Sprockets middleware conflict) - ApplicationRecord base class added, all models migrated - Strong parameters added to Assets, Occurrences, Events, MenuItems controllers - update_attributes -> update throughout - render :nothing -> head :ok/:not_found throughout - language_selector rewritten (removes :overwrite_params) - Environment files updated for Rails 6.1 (eager_load, public_file_server, ActionMailer) - Arel::Visitors::DepthFirst and Integer/Float duration patches removed from test_helper - AssetsController tests added (10 tests covering upload, variants, destroy, auth) - ImageMagick geometry: 460x250! for headline crop (not # which is invalid in IM6) 129 runs, 311 assertions, 5 failures (all pre-existing), 0 errors
6 daysRails 5.2 application fixeserdgeist
- Rename before_filter → before_action across all controllers - Fix string conditions in validators to lambda syntax (node.rb) - Fix publish_draft!: move staged slug/parent logic outside draft guard, use move_to_child_of for parent changes, add nil guard for no-op calls - Fix update_unique_names_of_children: use parent_id traversal instead of lft/rgt descendants (awesome_nested_set 3.x lft/rgt update bug) - Fix unique_path to return Array instead of String - Fix Occurrence.delete_all syntax for Rails 5 - Fix Page.find_with_outdated_translations: use includes instead of all - Fix outdated_translations?: use find instead of splat array
7 daysRails 4.2 model and controller fixeserdgeist
- Wrap all scopes in lambdas (required in Rails 4) - Move scopes after associations in page.rb (evaluated at load time in Rails 4) - Convert association :order options to lambda syntax - Remove attr_accessible from page.rb and user.rb - Add Strong Parameters: user_params in UsersController, node_params/page_params in NodesController - Fix clone_attributes_from: exclude id/page_id/timestamps when cloning translations - Fix redirect_to :back → request.referer fallback in nodes_controller - Fix node_path/publish and unlock actions: pass @node argument
7 daysFix tagged content aggregator, assets path, and add regression testserdgeist
- Replace tagged_with calls in Page.aggregate, TagsController, RssController with direct SQL joins (acts-as-taggable-on 3.5 broken on Rails 3.2) - Fix Paperclip :path/:url to use plain :id format matching existing uploads - Add proper regression tests for aggregator, tags, and rss controllers - Fix assert_select assertions to target div.body div.article_partial
8 daysStage 1 complete: Rails 2.3.5 to Rails 3.2.22.5 upgradeerdgeist
- Converted plugins to gems (Gemfile) - Updated config structure (application.rb, boot.rb, environment.rb) - Converted routes to Rails 3 DSL - Converted named_scope to scope throughout models - Converted find(:all, :conditions) to where() chains - Fixed has_many :order to use ordering scope - Updated session store and secret token configuration - Fixed exception_notification middleware configuration - Patched Ruby 2.4 / Rails 3.2 incompatibilities: - Integer/Float duration arithmetic (ActiveSupport) - Arel visit_Integer for PostgreSQL adapter - create_database String/Integer coercion - ActionController consider_all_requests_local - Migrated taggings schema for acts-as-taggable-on - Replaced dynamic_form gem with custom form_error_messages helper - Fixed Rails 3 block helper syntax (form_for, form_tag, fields_for) - Fixed admin layout yield - Updated test suite for Rails 3 APIs
8 daysUpdate deployed state to what's currently runningerdgeist
2025-02-06Improve worklflowerdgeist
2025-02-05Enhance admin view by sitemaperdgeist
2025-01-28Big overhaul patch and style changesCharlie Root
2012-01-04sanitized this motherfuckin search stringUser
2011-01-08Exclude root node from admin overview.Jens Ohlig
2010-07-20adding sponsors footerhukl
2010-05-09added index action for tags, primarily removing the associated exceptionhukl
2010-05-09return 404 for non existent gallerieshukl
2010-05-09only respond to html requests herehukl
2010-05-09filter out invalid locales right awayhukl
2010-05-09fix for non existing tagshukl
2010-01-31sanitize weird localeshukl
2009-12-01dramatically reduced instanciated AR objects for tagshukl
2009-12-01reduced instanciated AR objects for searchhukl
2009-11-20Its the final fix for the RSS Feed issues. Apparently people were subscribing the feed with weird locales set. Therfore the locale in the feed links and ids ↵hukl
contained the weird locales - got chached and messed up everything for the rest of the world.
2009-11-18added template for old RDF feed - needs to be validated thoughhukl
2009-11-03rss updates expire in 31 minuteshukl
2009-11-03Prevent regular users from promoting themselves to adminshukl
2009-11-02prevent tags internal server errorhukl
2009-11-02expires in 20 minutes nowhukl
2009-10-31added exception notifier plugin to catch all exceptionshukl
2009-10-20cleaned up the user views a bithukl
2009-10-19changes for giving root a titlehukl
2009-10-18re-activated admin overview screen - listing 20 recent changes and 20 current drafts. more to comehukl
2009-10-17changed some node related methods and implementation of unlockhukl
2009-10-17small clean up in the content controllerhukl
2009-10-08setting expiry headerhukl
2009-10-07refactored revsions controller to act as a nested resource of nodes. boy that cleaned up some stuff quite a bit. also having tests for that is just feeling ↵hukl
great
2009-10-07enabling users to edit their own details - tested as well - yayhukl
2009-10-07implemented complete restful user management interface including functional tests. this enables basic user operation. note that only admins are allowed to ↵hukl
create, edit, destroy other users
2009-09-12changed the ui click flow a bithukl
2009-09-12Moved galery template and changed width of headline image thumbnail presethukl
2009-09-11first steps for recent changes rss feedhukl
2009-09-11enhanced LockedByAnotherUser exception which now includes a message showing the last modified time.hukl
Closes #13
2009-09-10more rss feed enhancementshukl