zydronium/neocities
1
0
Fork 0
mirror of https://github.com/neocities/neocities.git synced 2025-04-24 17:22:35 +02:00
Code Issues Projects Releases Packages Wiki Activity

fixes and cleanups for new auth model

Browse source
This commit is contained in:
Kyle Drake 2014-10-12 08:42:32 -07:00
parent 21b0848030
commit f44ce014d3
8 changed files with 63 additions and 32 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
app.rb
View file

@ -557,6 +557,8 @@ end
def require_ownership_for_settings
@site = Site[username: params[:username]]
not_found if @site.nil?
unless @site.owned_by? parent_site
flash[:error] = 'Cannot edit this site, you do not have permission.'
redirect request.referrer

20
models/site.rb
View file

@ -92,7 +92,7 @@ class Site < Sequel::Model
SUGGESTIONS_LIMIT = 32
SUGGESTIONS_VIEWS_MIN = 500
CHILD_SITES_MAX = 1000
CHILD_SITES_MAX = 100
PLAN_FEATURES[:catbus] = PLAN_FEATURES[:fatcat].merge(
name: 'Cat Bus',
@ -149,7 +149,7 @@ class Site < Sequel::Model
one_to_many :children, :key => :parent_site_id, :class => self
def account_sites_dataset
Site.where(Sequel.|({id: owner.id}, {parent_site_id: owner.id}))
Site.where(Sequel.|({id: owner.id}, {parent_site_id: owner.id})).order(:parent_site_id.desc, :username)
end
def account_sites
@ -199,6 +199,8 @@ class Site < Sequel::Model
else
site = self[username: username_or_email]
end
return nil if site.nil? || site.is_banned || site.owner.is_banned
site
end
end
@ -343,6 +345,12 @@ class Site < Sequel::Model
end
end
def ban_all_sites_on_account!
DB.transaction {
account_sites.all {|site| site.ban! }
}
end
=begin
def follows_dataset
super.where(Sequel.~(site_id: blocking_site_ids))
@ -679,8 +687,8 @@ class Site < Sequel::Model
errors.add :domain, "Domain provided is already being used by another site, please choose another."
end
if new? && !parent? && CHILD_SITE_MAX == children_dataset.count
errors.add :child_site_id, "Cannot add child site, exceeds #{CHILD_SITE_MAX} limit."
if new? && !parent? && account_sites_dataset.count >= CHILD_SITES_MAX
errors.add :child_site_id, "Cannot add child site, exceeds #{CHILD_SITES_MAX} limit."
end
end
@ -806,12 +814,12 @@ class Site < Sequel::Model
# This returns true even if they end their support plan.
def supporter?
!values[:stripe_customer_id].nil?
!owner.values[:stripe_customer_id].nil?
end
# This will return false if they have ended their plan.
def ended_supporter?
values[:plan_ended]
owner.values[:plan_ended]
end
def plan_name

4
sass/_project-sass/_project-Main.scss
View file

@ -863,3 +863,7 @@ a.tag:hover {
padding-top: 0px;
padding-bottom: 4px;
}
.dropdown-submenu .dropdown-menu {
width: 1px;
}

23
tests/acceptance/settings/site_tests.rb
View file

@ -80,6 +80,29 @@ def generate_ssl_certs(opts={})
end
describe 'site/settings' do
describe 'permissions' do
include Capybara::DSL
before do
@parent_site = Fabricate :site
@child_site = Fabricate :site, parent_site_id: @parent_site.id
@other_site = Fabricate :site
end
it 'fails without permissions' do
page.set_rack_session id: @other_site.id
visit "/settings/#{@parent_site.username}"
page.current_path.must_equal '/' # This could be better
end
it 'allows child site editing from parent' do
page.set_rack_session id: @parent_site.id
visit "/settings/#{@child_site.username}"
page.current_path.must_equal "/settings/#{@child_site.username}"
end
end
describe 'ssl' do
include Capybara::DSL

3
views/_header.erb
View file

@ -45,7 +45,7 @@
<ul class="dropdown-menu">
<% current_site.other_sites_dataset.select(:username).all.each do |site| %>
<li>
<a href="/signin/<%= site.username %>"><%= site.username %></a><br>
<a href="/signin/<%= site.username %>"><%= site.username %></a>
</li>
<% end %>
</ul>
@ -63,7 +63,6 @@
</ul>
</li>
<% end %>
</ul>

2
views/admin.erb
View file

@ -17,7 +17,7 @@
<div class="row">
<div class="col col-50">
<h2>Ban User</h2>
<h2>Ban Site</h2>
<form action="/admin/banhammer" method="POST">
<%== csrf_token_input_html %>
<p>Site Name:</p>

37
views/settings/account/sites.erb
View file

@ -1,28 +1,24 @@
<h2>Your Sites</h2>
<% if current_site.children_dataset.count == 0 %>
<h6>No other sites are currently linked to this account.</h6>
<% else %>
<table class="table">
<% current_site.owner.account_sites.each do |site| %>
<tr>
<td>
<a href="//<%= site.host %>" target="_blank"><%= site.title %></a>
<% if site.parent? %>
<strong>(parent account)</strong>
<% end %>
</td>
<td>
<a href="/settings/<%= site.username %>">Settings</a>
</td>
</tr>
<% end %>
</table>
<% end %>
<table class="table">
<% current_site.account_sites_dataset.each do |site| %>
<tr>
<td>
<a href="//<%= site.host %>" target="_blank"><%= site.username %></a>
<% if site.parent? %>
<strong>(parent account)</strong>
<% end %>
</td>
<td>
<a href="/settings/<%= site.username %>">Settings</a>
</td>
</tr>
<% end %>
</table>
<h3>Create New Site</h3>
<p>You can now create new sites that are linked to this account! Sites will share the free space you have available. You have <strong><%= Site::CHILD_SITES_MAX - current_site.children_dataset.count %></strong> new sites remaining.</p>
<p>You can now create new sites that are linked to this account! Sites will share the free space you have available. You have <strong><%= Site::CHILD_SITES_MAX - current_site.account_sites_dataset.count %></strong> new sites remaining.</p>
<form action="/settings/create_child" method="POST">
<%== csrf_token_input_html %>
@ -33,5 +29,4 @@
<div>
<input class="btn-Action" type="submit" value="Create New Site">
</div>
</form>

4
views/settings/site.erb
View file

@ -1,7 +1,7 @@
<div class="header-Outro">
<div class="row content single-Col">
<h1>Site Settings</h1>
<h3 class="subtitle"><strong><%= @site.username %></strong></h3>
<h1>Site Settings for <%= @site.username %></h1>
<h3 class="subtitle"><strong><a href="/settings">Click here</a> to go back to the account menu.</a></strong></h3>
</div>
</div>