From f7a5944a1f44ede9881d368a36eb9f7d82d6ab69 Mon Sep 17 00:00:00 2001 From: erdgeist Date: Thu, 25 Jun 2026 04:34:55 +0200 Subject: Rails 4.2 model and controller fixes MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - Wrap all scopes in lambdas (required in Rails 4) - Move scopes after associations in page.rb (evaluated at load time in Rails 4) - Convert association :order options to lambda syntax - Remove attr_accessible from page.rb and user.rb - Add Strong Parameters: user_params in UsersController, node_params/page_params in NodesController - Fix clone_attributes_from: exclude id/page_id/timestamps when cloning translations - Fix redirect_to :back → request.referer fallback in nodes_controller - Fix node_path/publish and unlock actions: pass @node argument --- app/controllers/nodes_controller.rb | 18 +++++++++++++----- app/controllers/users_controller.rb | 15 +++++++++++---- app/models/asset.rb | 9 +++++---- app/models/menu_item.rb | 4 ++-- app/models/node.rb | 2 +- app/models/page.rb | 15 ++++++--------- app/models/permission.rb | 4 ++-- app/models/related_asset.rb | 6 +++--- app/models/user.rb | 2 -- 9 files changed, 43 insertions(+), 32 deletions(-) diff --git a/app/controllers/nodes_controller.rb b/app/controllers/nodes_controller.rb index 7c082c4..2b36b78 100644 --- a/app/controllers/nodes_controller.rb +++ b/app/controllers/nodes_controller.rb @@ -21,7 +21,7 @@ class NodesController < ApplicationController end def new - @node = Node.new params[:node] + @node = Node.new node_params if params.has_key?(:parent_id) @parent_id = params[:parent_id] @parent_name = Node.find(@parent_id).title @@ -62,7 +62,7 @@ class NodesController < ApplicationController rescue LockedByAnotherUser => e flash[:error] = e.message if request.referer - redirect_to :back + redirect_to request.referer || node_path(@node) else redirect_to node_path(@node) end @@ -70,10 +70,10 @@ class NodesController < ApplicationController end def update - @node.update_attributes(params[:node]) + @node.update_attributes(node_params) @draft = @node.find_or_create_draft current_user @draft.tag_list = params[:tag_list] - if @draft.update_attributes( params[:page] ) + if @draft.update_attributes( page_params ) flash[:notice] = "Draft has been saved: #{Time.now}" respond_to do |format| format.html { redirect_to edit_node_path(@node) } @@ -91,7 +91,7 @@ class NodesController < ApplicationController def publish @node.publish_draft! flash[:notice] = "Draft has been published" - redirect_to node_path + redirect_to node_path(@node) end def unlock @@ -105,6 +105,14 @@ class NodesController < ApplicationController end private + + def node_params + params.fetch(:node, {}).permit(:slug, :parent_id) + end + + def page_params + params.fetch(:page, {}).permit(:title, :abstract, :body, :template_name, :published_at, :user_id) + end def find_node @node = Node.find(params[:id]) diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb index b7914c4..1d85690 100644 --- a/app/controllers/users_controller.rb +++ b/app/controllers/users_controller.rb @@ -15,11 +15,11 @@ class UsersController < ApplicationController end def new - @user = User.new( params[:user] ) + @user = User.new end def create - @user = User.new params[:user] + @user = User.new user_params if @user.save flash[:notice] = "User created #{@user.login}" @@ -33,8 +33,10 @@ class UsersController < ApplicationController end def update - params[:user].delete(:admin) unless current_user.is_admin? - if @user.update_attributes(params[:user]) + permitted = user_params + permitted.delete(:admin) unless current_user.is_admin? + + if @user.update_attributes(permitted) flash[:notice] = "Updated user #{@user.login}" redirect_to user_path(@user) else @@ -51,6 +53,11 @@ class UsersController < ApplicationController end private + + def user_params + params.fetch(:user, {}).permit(:login, :email, :password, :password_confirmation, :admin) + end + def find_user @user = User.find(params[:id]) end diff --git a/app/models/asset.rb b/app/models/asset.rb index 3ad5857..f6526f2 100644 --- a/app/models/asset.rb +++ b/app/models/asset.rb @@ -13,8 +13,9 @@ class Asset < ActiveRecord::Base :headline => "460x250#" } ) - - scope :images, where(:upload_content_type => ["image/gif", "image/jpeg", "image/png"]) - scope :documents, where(:upload_content_type => ["application/pdf", "text/plain", "text/rtf"]) - scope :audio, where(:upload_content_type => ["audio/mpeg", "audio/x-m4a", "audio/wav", "audio/x-wav"]) + + scope :images, -> { where(:upload_content_type => ["image/gif", "image/jpeg", "image/png"]) } + scope :documents, -> { where(:upload_content_type => ["application/pdf", "text/plain", "text/rtf"]) } + scope :audio, -> { where(:upload_content_type => ["audio/mpeg", "audio/x-m4a", "audio/wav", "audio/x-wav"]) } + end diff --git a/app/models/menu_item.rb b/app/models/menu_item.rb index d1ddc68..eb82347 100644 --- a/app/models/menu_item.rb +++ b/app/models/menu_item.rb @@ -1,6 +1,6 @@ class MenuItem < ActiveRecord::Base - default_scope where(:type => "MenuItem") + default_scope -> { where(:type => "MenuItem") } translates :title @@ -24,5 +24,5 @@ end class FeaturedArticle < MenuItem - default_scope where(:type => "FeaturedArticle") + default_scope -> { where(:type => "FeaturedArticle") } end diff --git a/app/models/node.rb b/app/models/node.rb index 3cab7ed..8be6daf 100644 --- a/app/models/node.rb +++ b/app/models/node.rb @@ -3,7 +3,7 @@ class Node < ActiveRecord::Base acts_as_nested_set # Associations - has_many :pages, :order => "revision ASC", :dependent => :destroy + has_many :pages, -> { order("revision ASC") }, :dependent => :destroy belongs_to :head, :class_name => "Page", :foreign_key => :head_id, :dependent => :destroy belongs_to :draft, :class_name => "Page", :foreign_key => :draft_id, :dependent => :destroy has_many :permissions, :dependent => :destroy diff --git a/app/models/page.rb b/app/models/page.rb index 5c93a93..e2cbee5 100644 --- a/app/models/page.rb +++ b/app/models/page.rb @@ -5,10 +5,6 @@ class Page < ActiveRecord::Base PUBLIC_TEMPLATE_PATH = File.join(%w(custom page_templates public)) FULL_PUBLIC_TEMPLATE_PATH = Rails.root.join('app', 'views', PUBLIC_TEMPLATE_PATH) - # named scopes - scope :drafts, joins(:node).includes(:translations).where("nodes.draft_id = pages.id") - scope :heads, joins(:node).includes(:translations).where("nodes.head_id = pages.id") - # Mixins and Plugins acts_as_taggable acts_as_list :column => :revision, :scope => :node_id @@ -20,16 +16,17 @@ class Page < ActiveRecord::Base belongs_to :user belongs_to :editor, :class_name => "User" has_many :related_assets - has_many :assets, :through => :related_assets, :order => "position ASC" + has_many :assets, -> { order("position ASC") }, :through => :related_assets + + # Named scopes + scope :drafts, -> { joins(:node).includes(:translations).where("nodes.draft_id = pages.id") } + scope :heads, -> { joins(:node).includes(:translations).where("nodes.head_id = pages.id") } # Filter before_create :set_page_title before_create :set_template before_save :rewrite_links_in_body - # Security - attr_accessible :title, :abstract, :body, :template_name, :published_at, :user_id - # Class Methods # This method is most likely called from the ContentHelper.render_collection @@ -146,7 +143,7 @@ class Page < ActiveRecord::Base # Clone translated attributes page.translations.each do |translation| - self.translations.create!(translation.attributes) + self.translations.create!(translation.attributes.except("id", "page_id", "created_at", "updated_at")) end # Clone asset references diff --git a/app/models/permission.rb b/app/models/permission.rb index a7a30ed..f304538 100644 --- a/app/models/permission.rb +++ b/app/models/permission.rb @@ -8,6 +8,6 @@ class Permission < ActiveRecord::Base belongs_to :node # Named scopes - scope :for_node, lambda { |node| where('node_id = ?', (node.is_a?(Node) ? node.id : node)) } - scope :for_user, lambda { |user| where('user_id = ?', (user.is_a?(User) ? user.id : user)) } + scope :for_node, ->(node) { where('node_id = ?', (node.is_a?(Node) ? node.id : node)) } + scope :for_user, ->(user) { where('user_id = ?', (user.is_a?(User) ? user.id : user)) } end diff --git a/app/models/related_asset.rb b/app/models/related_asset.rb index af09420..2b61c51 100644 --- a/app/models/related_asset.rb +++ b/app/models/related_asset.rb @@ -3,6 +3,6 @@ class RelatedAsset < ActiveRecord::Base belongs_to :asset acts_as_list :scope => :page_id - - default_scope :order => "position ASC" -end \ No newline at end of file + + default_scope -> { order("position ASC") } +end diff --git a/app/models/user.rb b/app/models/user.rb index ce5503f..a2540b5 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -21,8 +21,6 @@ class User < ActiveRecord::Base validates_format_of :email, :with => Authentication.email_regex, :message => Authentication.bad_email_message - attr_accessible :login, :email, :password, :password_confirmation, :admin - # Authenticates a user by their login name and unencrypted password. Returns the user or nil. def self.authenticate(login, password) return nil if login.blank? || password.blank? -- cgit v1.3