diff --git a/Gemfile b/Gemfile
index 53abd04..17b188e 100644
--- a/Gemfile
+++ b/Gemfile
@@ -12,6 +12,8 @@ group :assets do
gem 'sass-rails', " ~> 4.0.0"
gem 'coffee-rails', "~> 4.0.0"
gem 'uglifier'
+
+ gem 'bourbon'
end
gem 'jquery-rails'
@@ -67,7 +69,7 @@ gem "newrelic_rpm"
gem "exception_notification", :git => "git://github.com/rails/exception_notification", :require => 'exception_notifier'
gem 'pg'
gem 'devise'
-gem 'formtastic'
+gem 'simple_form'
gem 'squeel'
#gem 'mini_exiftool'
gem 'will_paginate'
diff --git a/Gemfile.lock b/Gemfile.lock
index b780b9f..f2e4135 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -56,6 +56,9 @@ GEM
erubis (>= 2.6.6)
binding_of_caller (0.7.2)
debug_inspector (>= 0.0.1)
+ bourbon (3.1.8)
+ sass (>= 3.2.0)
+ thor
builder (3.1.4)
capybara (2.2.1)
mime-types (>= 1.16)
@@ -97,8 +100,6 @@ GEM
factory_girl (~> 4.4.0)
railties (>= 3.0.0)
fivemat (1.2.1)
- formtastic (2.2.1)
- actionpack (>= 3.0)
haml (4.0.5)
tilt
hike (1.2.3)
@@ -179,6 +180,9 @@ GEM
sexp_processor (4.4.1)
shoulda-matchers (2.5.0)
activesupport (>= 3.0.0)
+ simple_form (3.0.1)
+ actionpack (>= 4.0.0, < 4.1)
+ activemodel (>= 4.0.0, < 4.1)
slop (3.4.7)
slugtastic (1.2.1)
sprockets (2.11.0)
@@ -226,13 +230,13 @@ DEPENDENCIES
aws-sdk
better_errors
binding_of_caller
+ bourbon
capybara-screenshot
coffee-rails (~> 4.0.0)
devise
exception_notification!
factory_girl_rails
fivemat
- formtastic
haml
hpricot
jquery-rails
@@ -249,6 +253,7 @@ DEPENDENCIES
ruby_parser
sass-rails (~> 4.0.0)
shoulda-matchers
+ simple_form
slugtastic
sqlite3
squeel
diff --git a/README.md b/README.md
index 78fbe92..43c8975 100644
--- a/README.md
+++ b/README.md
@@ -2,3 +2,7 @@ DanBarberPhoto
==============
This is the source code for DanBarberPhoto.com.
+
+The session cookie has been set to `secure: true` so the admin login will only
+work over an HTTPS connection. Nginx can be used as a local proxy for
+development purposes.
diff --git a/app/assets/javascripts/admin/flash.js.coffee b/app/assets/javascripts/admin/flash.js.coffee
index 18cfe29..31d1fb1 100644
--- a/app/assets/javascripts/admin/flash.js.coffee
+++ b/app/assets/javascripts/admin/flash.js.coffee
@@ -1,4 +1,4 @@
$ ->
$(".flash a.close").click ->
$(this).parent().fadeOut(200)
- false
\ No newline at end of file
+ false
diff --git a/app/assets/stylesheets/admin.css b/app/assets/stylesheets/admin.css
deleted file mode 100644
index 0d0b87a..0000000
--- a/app/assets/stylesheets/admin.css
+++ /dev/null
@@ -1,9 +0,0 @@
-/*
- * This is a manifest file that'll automatically include all the stylesheets available in this directory
- * and any sub-directories. You're free to add application-wide styles to this file and they'll appear at
- * the top of the compiled file, but it's generally better to create a new file per style scope.
- *= require_self
- *= require formtastic
- *= require fancybox
- *= require_directory ./admin
- */
diff --git a/app/assets/stylesheets/admin.css.sass b/app/assets/stylesheets/admin.css.sass
new file mode 100644
index 0000000..d968653
--- /dev/null
+++ b/app/assets/stylesheets/admin.css.sass
@@ -0,0 +1,10 @@
+@import 'bourbon'
+
+@import 'fancybox'
+@import 'admin/admin'
+@import 'admin/dashboard'
+@import 'admin/flash'
+@import 'admin/menu'
+@import 'admin/photos'
+@import 'admin/simple_form'
+@import 'admin/unlocks'
diff --git a/app/assets/stylesheets/admin/admin.css.sass b/app/assets/stylesheets/admin/admin.css.sass
index c360a96..0720669 100644
--- a/app/assets/stylesheets/admin/admin.css.sass
+++ b/app/assets/stylesheets/admin/admin.css.sass
@@ -83,11 +83,6 @@ div
#notice
color: green
-.field_with_errors
- padding: 0.3em
- background-color: red
- display: table
-
table
border: 1px solid #bbb
border-spacing: 0
diff --git a/app/assets/stylesheets/admin/formtastic.css.sass b/app/assets/stylesheets/admin/simple_form.css.sass
similarity index 85%
rename from app/assets/stylesheets/admin/formtastic.css.sass
rename to app/assets/stylesheets/admin/simple_form.css.sass
index 7cd53d7..8772ed7 100644
--- a/app/assets/stylesheets/admin/formtastic.css.sass
+++ b/app/assets/stylesheets/admin/simple_form.css.sass
@@ -4,7 +4,7 @@
@import "../includes/box_shadow"
@import "../includes/button"
-form.formtastic
+form.simple_form
background: white
border: 1px solid #ccc
margin: 0 0 1em
@@ -17,21 +17,25 @@ form.formtastic
label
font-weight: bold
@include round-corners(5px)
- ol, ul
- margin-bottom: 0.5em
.input
margin-bottom: 0em
margin-top: 0em
overflow: hidden
padding: 0.5em 0
- .label
+ label
+ display: block
+ float: left
+ line-height: 1.8
width: 13em
+ input
+ @include placeholder
+ color: rgba(0, 0, 0, 0.4)
textarea
height: 10em
input, textarea
font-family: "Helvetica Neue", "Arial", sans-serif
font-size: 1em
- margin-right: 5px
+ margin: 0 5px 0 0
border-width: 1px
border-style: solid
border-color: #999 #DDD #DDD #999
@@ -41,7 +45,7 @@ form.formtastic
&:focus
border-color: #67A #9AF #9AF #67A
@include box-shadow("0 0 4px rgba(0, 128, 255, 0.5), inset 1px 1px 4px rgba(0, 0, 0, 0.1)")
- &[type=text], &[type=email]
+ &[type=text], &[type=email], &[type=url]
width: 15em
&[type=number]
width: 3.5em
@@ -68,12 +72,16 @@ form.formtastic
&:hover, &:focus
background-color: #8B6
- .boolean
+ .input.boolean
+ padding-left: 14em
label
- padding-left: 14em
text-align: left
+ input
+ float: left
+ margin-top: 0.4em
+ margin-right: 0.6em
- .error input
+ .field_with_errors input
border-width: 1px
border-style: solid
border-color: #933 #FBB #FBB #933
@@ -81,17 +89,21 @@ form.formtastic
padding: 0.3em
box-shadow: inset 1px 1px 4px rgba(0, 0, 0, 0.1)
- .inline-errors
+ span.error
display: inline
margin-left: 1em
color: #933
+ fieldset
+ border: 0
+ margin-bottom: 0.5em
+
fieldset.inputs
padding: 1em 0
border-bottom: 1px solid #ccc
fieldset.actions
padding: 1.5em 0 1em
- .stringish, .text
+ .string, .email, .password, .text
input, textarea
width: 40%
diff --git a/app/controllers/admin/categories_controller.rb b/app/controllers/admin/categories_controller.rb
index 54a6f3a..93d7b06 100644
--- a/app/controllers/admin/categories_controller.rb
+++ b/app/controllers/admin/categories_controller.rb
@@ -15,7 +15,7 @@ class Admin::CategoriesController < Admin::AdminController
def update
@category = Category.find(params[:id])
- if @category.update_attributes(params[:category])
+ if @category.update_attributes(permitted_params)
redirect_to admin_categories_path, notice: 'Category was successfully updated.'
else
render :edit
@@ -23,7 +23,7 @@ class Admin::CategoriesController < Admin::AdminController
end
def create
- @category = Category.new(params[:category])
+ @category = Category.new(permitted_params)
if @category.save
redirect_to admin_categories_path, notice: 'Category was successfully added.'
@@ -39,4 +39,10 @@ class Admin::CategoriesController < Admin::AdminController
redirect_to admin_categories_path, notice: 'Category was deleted.'
end
+ private
+
+ def permitted_params
+ params.require(:category).permit(:name, :slug, :description, :base_colour, :sort)
+ end
+
end
diff --git a/app/controllers/admin/pages_controller.rb b/app/controllers/admin/pages_controller.rb
index c0b4183..fef7039 100644
--- a/app/controllers/admin/pages_controller.rb
+++ b/app/controllers/admin/pages_controller.rb
@@ -15,7 +15,7 @@ class Admin::PagesController < Admin::AdminController
def update
@page = Page.find(params[:id])
- if @page.update_attributes(params[:page])
+ if @page.update_attributes(permitted_params)
redirect_to admin_pages_path, notice: 'Page was successfully updated.'
else
render :edit
@@ -23,7 +23,7 @@ class Admin::PagesController < Admin::AdminController
end
def create
- @page = Page.new(params[:page])
+ @page = Page.new(permitted_params)
if @page.save
redirect_to admin_pages_path, notice: 'Page was successfully added.'
@@ -39,4 +39,10 @@ class Admin::PagesController < Admin::AdminController
redirect_to admin_pages_path, notice: 'Page was deleted.'
end
+ private
+
+ def permitted_params
+ params.require(:page).permit(:name, :title, :content)
+ end
+
end
diff --git a/app/controllers/admin/photos_controller.rb b/app/controllers/admin/photos_controller.rb
index 252ad85..0dbf44e 100644
--- a/app/controllers/admin/photos_controller.rb
+++ b/app/controllers/admin/photos_controller.rb
@@ -16,7 +16,7 @@ class Admin::PhotosController < Admin::AdminController
def update
@photo = Photo.find(params[:id])
- if @photo.update_attributes(params[:photo])
+ if @photo.update_attributes(permitted_params)
redirect_to admin_photos_path, notice: 'Photo was successfully updated.'
else
render :edit
@@ -24,7 +24,7 @@ class Admin::PhotosController < Admin::AdminController
end
def create
- @photo = Photo.new(params[:photo])
+ @photo = Photo.new(permitted_params)
if @photo.save
redirect_to admin_photos_path, notice: 'Photo was successfully added.'
@@ -46,4 +46,8 @@ class Admin::PhotosController < Admin::AdminController
@categories = Category.all
end
+ def permitted_params
+ params.require(:photo).permit(:image, :title, :description, :flickr_url, :featured, :enabled, :taken_at)
+ end
+
end
diff --git a/app/helpers/admin/admin_helper.rb b/app/helpers/admin/admin_helper.rb
index 53c4d49..113a48e 100644
--- a/app/helpers/admin/admin_helper.rb
+++ b/app/helpers/admin/admin_helper.rb
@@ -1,2 +1,9 @@
module Admin::AdminHelper
+ def inputs_field_set &block
+ field_set_tag nil, class: :inputs, &block
+ end
+
+ def actions_field_set &block
+ field_set_tag nil, class: :actions, &block
+ end
end
diff --git a/app/models/photo.rb b/app/models/photo.rb
index 396b1ef..54a9481 100644
--- a/app/models/photo.rb
+++ b/app/models/photo.rb
@@ -19,7 +19,7 @@ class Photo < ActiveRecord::Base
s3_credentials: "#{Rails.root}/config/s3.yml",
s3_protocol: 'https',
path: ':attachment/:id/:style.:extension',
- bucket: 'danbarberphoto',
+ bucket: ENV['AWS_BUCKET_NAME'],
url: ':s3_domain_url'
@@per_page = 11
diff --git a/app/views/admin/admin_users/_form.html.haml b/app/views/admin/admin_users/_form.html.haml
index 2082c35..c615980 100644
--- a/app/views/admin/admin_users/_form.html.haml
+++ b/app/views/admin/admin_users/_form.html.haml
@@ -1,3 +1,5 @@
-= semantic_form_for [:admin, admin_user] do |f|
- = f.inputs :email
- = f.actions
+= simple_form_for [:admin, admin_user] do |f|
+ = inputs_field_set do
+ = f.input :email, required: true
+ = actions_field_set do
+ = f.submit
diff --git a/app/views/admin/admin_users/edit_password.html.haml b/app/views/admin/admin_users/edit_password.html.haml
index 546dd0c..c9c4b1b 100644
--- a/app/views/admin/admin_users/edit_password.html.haml
+++ b/app/views/admin/admin_users/edit_password.html.haml
@@ -1,11 +1,11 @@
%h3 Change your password
-= semantic_form_for(@admin_user, :url => update_password_admin_admin_user_path, :html => { :method => :put }) do |f|
- = f.inputs do
+= simple_form_for(@admin_user, :url => update_password_admin_admin_user_path, :html => { :method => :put }) do |f|
+ = inputs_field_set do
= f.input :current_password
- = f.inputs do
+ = inputs_field_set do
= f.input :password, :label => "New Password"
= f.input :password_confirmation, :label => "Confirm Password"
- = f.buttons do
+ = actions_field_set do
= f.submit "Change my password"
diff --git a/app/views/admin/categories/_form.html.haml b/app/views/admin/categories/_form.html.haml
index 7338e98..003e141 100644
--- a/app/views/admin/categories/_form.html.haml
+++ b/app/views/admin/categories/_form.html.haml
@@ -1,3 +1,9 @@
-= semantic_form_for [:admin, category] do |f|
- = f.inputs :name, :slug, :description, :base_colour, :sort
- = f.actions
+= simple_form_for [:admin, category] do |f|
+ = inputs_field_set do
+ = f.input :name
+ = f.input :slug, placeholder: 'derived from name if blank'
+ = f.input :description
+ = f.input :base_colour
+ = f.input :sort
+ = actions_field_set do
+ = f.submit
diff --git a/app/views/admin/categories/index.html.haml b/app/views/admin/categories/index.html.haml
index d3cfeb7..4903a7f 100644
--- a/app/views/admin/categories/index.html.haml
+++ b/app/views/admin/categories/index.html.haml
@@ -8,7 +8,7 @@
%th Base Colour
%th
%tbody
- = render :partial => "category", :collection => @categories
+ = render @categories
%tfoot
%tr
%td{:colspan => 5}
diff --git a/app/views/admin/confirmations/new.html.haml b/app/views/admin/confirmations/new.html.haml
index f2552f9..f0553d9 100644
--- a/app/views/admin/confirmations/new.html.haml
+++ b/app/views/admin/confirmations/new.html.haml
@@ -1,11 +1,11 @@
%h3 Resend confirmation instructions
-= semantic_form_for(resource, :as => resource_name, :url => confirmation_path(resource_name), :html => { :method => :post }) do |f|
+= simple_form_for(resource, as: resource_name, url: confirmation_path(resource_name), html: { method: :post }) do |f|
- = f.inputs do
+ = inputs_field_set do
= f.input :email
-
- = f.actions do
+
+ = actions_field_set do
= f.submit "Resend confirmation instructions"
-= render :partial => "devise/shared/links"
+= render partial: "devise/shared/links"
diff --git a/app/views/admin/confirmations/show.html.haml b/app/views/admin/confirmations/show.html.haml
index 1ce06d4..3919c9a 100644
--- a/app/views/admin/confirmations/show.html.haml
+++ b/app/views/admin/confirmations/show.html.haml
@@ -1,12 +1,12 @@
%h3= "Account Activation for #{resource.email}"
-= semantic_form_for resource, :as => resource_name, :url => update_user_confirmation_path, :html => {:method => 'put'}, :id => 'activation-form' do |f|
+= simple_form_for resource, as: resource_name, url: update_user_confirmation_path, html: {method: 'put'}, id: 'activation-form' do |f|
= devise_error_messages!
- = field_set_tag "", :class => "inputs" do
+ = inputs_field_set do
%ol
- if @requires_password
- = f.input :password, :label => 'Choose a Password'
- = f.input :password_confirmation, :label => 'Confirm Password'
- = hidden_field_tag :confirmation_token,@confirmation_token
+ = f.input :password, :label 'Choose a Password'
+ = f.input :password_confirmation, :label 'Confirm Password'
+ = hidden_field_tag :confirmation_token, @confirmation_token
= f.actions do
= f.submit "Activate"
diff --git a/app/views/admin/layouts/admin.html.haml b/app/views/admin/layouts/admin.html.haml
index 2d738a4..4e25e5d 100644
--- a/app/views/admin/layouts/admin.html.haml
+++ b/app/views/admin/layouts/admin.html.haml
@@ -5,10 +5,10 @@
= stylesheet_link_tag "admin"
= javascript_include_tag "admin"
= csrf_meta_tag
-
+
%body
#page
%header{ :role => "banner" }= render :partial => "admin/shared/header"
= render :partial => "shared/flash_messages"
= yield
- %footer{ :role => "footer" }= render :partial => "admin/shared/footer"
\ No newline at end of file
+ %footer{ :role => "footer" }= render :partial => "admin/shared/footer"
diff --git a/app/views/admin/layouts/login.html.haml b/app/views/admin/layouts/login.html.haml
index 4206e89..5c95798 100644
--- a/app/views/admin/layouts/login.html.haml
+++ b/app/views/admin/layouts/login.html.haml
@@ -5,9 +5,9 @@
= stylesheet_link_tag "admin"
= javascript_include_tag "admin"
= csrf_meta_tag
-
+
%body
#login
%header{ :role => "banner" }= render :partial => "admin/shared/login_header"
= render :partial => "shared/flash_messages"
- = yield
\ No newline at end of file
+ = yield
diff --git a/app/views/admin/pages/_form.html.haml b/app/views/admin/pages/_form.html.haml
index 21be10a..7b941fc 100644
--- a/app/views/admin/pages/_form.html.haml
+++ b/app/views/admin/pages/_form.html.haml
@@ -1,3 +1,7 @@
-= semantic_form_for [:admin, page] do |f|
- = f.inputs :name, :title, :content
- = f.actions
+= simple_form_for [:admin, page] do |f|
+ = inputs_field_set do
+ = f.input :name
+ = f.input :title
+ = f.input :content
+ = actions_field_set do
+ = f.submit
diff --git a/app/views/admin/passwords/edit.html.haml b/app/views/admin/passwords/edit.html.haml
index 16e0370..ef04556 100644
--- a/app/views/admin/passwords/edit.html.haml
+++ b/app/views/admin/passwords/edit.html.haml
@@ -1,14 +1,14 @@
%h3 Change your password
-= semantic_form_for(resource, :as => resource_name, :url => password_path(resource_name), :html => { :method => :put }) do |f|
+= simple_form_for(resource, as: resource_name, url: password_path(resource_name), html: { method: :put }) do |f|
= devise_error_messages!
= f.hidden_field :reset_password_token
- = f.inputs do
- = f.input :password, :label => "New Password"
- = f.input :password_confirmation, :label => "Confirm Password"
+ = inputs_field_set do
+ = f.input :password, label: "New Password", required: true
+ = f.input :password_confirmation, label: "Confirm Password", required: true
- = f.actions do
+ = actions_field_set do
= f.submit "Change my password"
-= render :partial => "devise/shared/links"
+= render partial: "devise/shared/links"
diff --git a/app/views/admin/passwords/new.html.haml b/app/views/admin/passwords/new.html.haml
index 1614978..6c53383 100644
--- a/app/views/admin/passwords/new.html.haml
+++ b/app/views/admin/passwords/new.html.haml
@@ -1,11 +1,11 @@
%h3 Forgot your password?
-= semantic_form_for(resource, :as => resource_name, :url => password_path(resource_name), :html => { :method => :post }) do |f|
+= simple_form_for(resource, as: resource_name, url: password_path(resource_name), html: { method: :post }) do |f|
- = f.inputs do
- = f.input :email
+ = inputs_field_set do
+ = f.input :email, required: true
- = f.buttons do
+ = actions_field_set do
= f.submit "Reset Password"
-= render :partial => "devise/shared/links"
\ No newline at end of file
+= render partial: "devise/shared/links"
diff --git a/app/views/admin/photos/_form.html.haml b/app/views/admin/photos/_form.html.haml
index ca54678..6be9d1c 100644
--- a/app/views/admin/photos/_form.html.haml
+++ b/app/views/admin/photos/_form.html.haml
@@ -1,8 +1,17 @@
-= semantic_form_for [:admin, photo] do |f|
+= simple_form_for [:admin, photo] do |f|
%ul.categories
- @categories.each do |photo_category|
%li
= check_box_tag "photo[category_ids][]", photo_category.id, @photo.categories.include?(photo_category), :id => "photo_category_ids_#{photo_category.id}"
= label_tag "photo_category_ids_#{photo_category.id}", photo_category.name
- = f.inputs :photo, :title, :description, :flickr_url, :featured, :enabled, :taken_at
- = f.actions
+
+ = inputs_field_set do
+ = f.input :photo
+ = f.input :title
+ = f.input :description
+ = f.input :flickr_url
+ = f.input :featured
+ = f.input :enabled
+ = f.input :taken_at
+ = actions_field_set do
+ = f.submit
diff --git a/app/views/admin/sessions/new.html.haml b/app/views/admin/sessions/new.html.haml
index d88cbfc..4299c75 100644
--- a/app/views/admin/sessions/new.html.haml
+++ b/app/views/admin/sessions/new.html.haml
@@ -1,14 +1,14 @@
%h3 Sign in
-= semantic_form_for(resource, :as => resource_name, :url => session_path(resource_name)) do |f|
- = f.inputs do
- = f.input :email
- = f.input :password
+= simple_form_for(resource, as: resource_name, url: session_path(resource_name)) do |f|
+ = inputs_field_set do
+ = f.input :email, required: true
+ = f.input :password, required: true
- if devise_mapping.rememberable?
- = f.input :remember_me, :as => :boolean
-
- = f.actions do
+ = f.input :remember_me, as: :boolean
+
+ = actions_field_set do
= f.submit "Sign In"
-= render :partial => "devise/shared/links"
+= render partial: "devise/shared/links"
diff --git a/app/views/admin/unlocks/new.html.haml b/app/views/admin/unlocks/new.html.haml
index 53bef05..6dfce96 100644
--- a/app/views/admin/unlocks/new.html.haml
+++ b/app/views/admin/unlocks/new.html.haml
@@ -1,11 +1,11 @@
%h3 Resend unlock instructions
-= semantic_form_for(resource, :as => resource_name, :url => unlock_path(resource_name), :html => { :method => :post }) do |f|
+= simple_form_for(resource, as: resource_name, url: unlock_path(resource_name), html: { method: :post }) do |f|
- = f.inputs do
+ = inputs_field_set do
= f.input :email
- = f.actions do
+ = actions_field_set do
= f.submit "Resend unlock instructions"
-
-= render :partial => "devise/shared/links"
+
+= render partial: "devise/shared/links"
diff --git a/config/initializers/devise.rb b/config/initializers/devise.rb
index 5c5d42e..3758724 100644
--- a/config/initializers/devise.rb
+++ b/config/initializers/devise.rb
@@ -1,18 +1,19 @@
-# Use this hook to configure devise mailer, warden hooks and so forth. The first
-# four configuration values can also be set straight in your models.
+# Use this hook to configure devise mailer, warden hooks and so forth.
+# Many of these configuration options can be set straight in your model.
Devise.setup do |config|
# The secret key used by Devise. Devise uses this key to generate
# random tokens. Changing this key will render invalid all existing
- # confirmation, reset password and unlock tokens in the database.#
+ # confirmation, reset password and unlock tokens in the database.
config.secret_key = '61c6eff811df1ecd36c7fc2365c73f535546bf47ef542cce436cbb43cb6e7fbcd9d89f07d01cd65413b3ba16b850934c8f7e56d85f8aece02444b2487389efb8'
# ==> Mailer Configuration
# Configure the e-mail address which will be shown in Devise::Mailer,
- # note that it will be overwritten if you use your own mailer class with default "from" parameter.
- config.mailer_sender = "please-change-me-at-config-initializers-devise@example.com"
+ # note that it will be overwritten if you use your own mailer class
+ # with default "from" parameter.
+ config.mailer_sender = 'site@danbarberphoto.com'
# Configure the class responsible to send e-mails.
- # config.mailer = "Devise::Mailer"
+ # config.mailer = 'Devise::Mailer'
# ==> ORM configuration
# Load and configure the ORM. Supports :active_record (default) and
@@ -48,22 +49,42 @@ Devise.setup do |config|
config.strip_whitespace_keys = [ :email ]
# Tell if authentication through request.params is enabled. True by default.
+ # It can be set to an array that will enable params authentication only for the
+ # given strategies, for example, `config.params_authenticatable = [:database]` will
+ # enable it only for database (email + password) authentication.
# config.params_authenticatable = true
- # Tell if authentication through HTTP Basic Auth is enabled. False by default.
+ # Tell if authentication through HTTP Auth is enabled. False by default.
+ # It can be set to an array that will enable http authentication only for the
+ # given strategies, for example, `config.http_authenticatable = [:database]` will
+ # enable it only for database authentication. The supported strategies are:
+ # :database = Support basic authentication with authentication key + password
# config.http_authenticatable = false
# If http headers should be returned for AJAX requests. True by default.
# config.http_authenticatable_on_xhr = true
- # The realm used in Http Basic Authentication. "Application" by default.
- # config.http_authentication_realm = "Application"
+ # The realm used in Http Basic Authentication. 'Application' by default.
+ # config.http_authentication_realm = 'Application'
# It will change confirmation, password recovery and other workflows
# to behave the same regardless if the e-mail provided was right or wrong.
# Does not affect registerable.
# config.paranoid = true
+ # By default Devise will store the user in session. You can skip storage for
+ # particular strategies by setting this option.
+ # Notice that if you are skipping storage for all authentication paths, you
+ # may want to disable generating routes to Devise's sessions controller by
+ # passing :skip => :sessions to `devise_for` in your config/routes.rb
+ config.skip_session_storage = [:http_auth]
+
+ # By default, Devise cleans up the CSRF token on authentication to
+ # avoid CSRF token fixation attacks. This means that, when using AJAX
+ # requests for sign in and sign up, you need to get a new CSRF token
+ # from the server. You can disable this option at your own risk.
+ # config.clean_up_csrf_token_on_authentication = true
+
# ==> Configuration for :database_authenticatable
# For bcrypt, this is the cost for hashing the password and defaults to 10. If
# using other encryptors, it sets how many times you want the password re-encrypted.
@@ -74,7 +95,7 @@ Devise.setup do |config|
config.stretches = Rails.env.test? ? 1 : 10
# Setup a pepper to generate the encrypted password.
- # config.pepper = "09f42a4393b21d179831660ef0102527e36691cfe7d0d72f2b23c0b712275223dbca9eced7e781dcb6cbb14f129aed2086c91ab8bb38c519321a61fb1a93c170"
+ # config.pepper = 'ba9cae796e2b75bc34af798332ac62a9dd8887c51367cb6cbe8415bec851543e981167db889d2672c1bbcb9b58101b2ac258f9c8d310f5697078089a8b8e47b9'
# ==> Configuration for :confirmable
# A period that the user is allowed to access the website even without
@@ -82,7 +103,21 @@ Devise.setup do |config|
# able to access the website for two days without confirming his account,
# access will be blocked just in the third day. Default is 0.days, meaning
# the user cannot access the website without confirming his account.
- # config.confirm_within = 2.days
+ # config.allow_unconfirmed_access_for = 2.days
+
+ # A period that the user is allowed to confirm their account before their
+ # token becomes invalid. For example, if set to 3.days, the user can confirm
+ # their account within 3 days after the mail was sent, but on the fourth day
+ # their account can't be confirmed with the token any more.
+ # Default is nil, meaning there is no restriction on how long a user can take
+ # before confirming their account.
+ # config.confirm_within = 3.days
+
+ # If true, requires any email changes to be confirmed (exactly the same way as
+ # initial account confirmation) to be applied. Requires additional unconfirmed_email
+ # db field (see migrations). Until confirmed new email is stored in
+ # unconfirmed email column, and copied to email column on successful confirmation.
+ config.reconfirmable = false
# Defines which key will be used when confirming an account
# config.confirmation_keys = [ :email ]
@@ -91,22 +126,19 @@ Devise.setup do |config|
# The time the user will be remembered without asking for credentials again.
# config.remember_for = 2.weeks
- # If true, a valid remember token can be re-used between multiple browsers.
- # config.remember_across_browsers = true
-
# If true, extends the user's remember period when remembered via cookie.
# config.extend_remember_period = false
# Options to be passed to the created cookie. For instance, you can set
# :secure => true in order to force SSL only cookies.
- # config.cookie_options = {}
+ # config.rememberable_options = {}
# ==> Configuration for :validatable
- # Range for password length. Default is 6..128.
- # config.password_length = 6..128
+ # Range for password length. Default is 8..128.
+ config.password_length = 8..128
# Email regex used to validate email formats. It simply asserts that
- # an one (and only one) @ exists in the given string. This is mainly
+ # one (and only one) @ exists in the given string. This is mainly
# to give user feedback and not to assert the e-mail validity.
# config.email_regexp = /\A[^@]+@[^@]+\z/
@@ -115,11 +147,14 @@ Devise.setup do |config|
# time the user will be asked for credentials again. Default is 30 minutes.
# config.timeout_in = 30.minutes
+ # If true, expires auth token on session timeout.
+ # config.expire_auth_token_on_timeout = false
+
# ==> Configuration for :lockable
# Defines which strategy will be used to lock an account.
# :failed_attempts = Locks an account after a number of failed attempts to sign in.
# :none = No lock strategy. You should handle locking by yourself.
- config.lock_strategy = :failed_attempts
+ # config.lock_strategy = :failed_attempts
# Defines which key will be used when locking and unlocking an account
# config.unlock_keys = [ :email ]
@@ -133,11 +168,14 @@ Devise.setup do |config|
# Number of authentication tries before locking an account if lock_strategy
# is failed attempts.
- config.maximum_attempts = 5
+ # config.maximum_attempts = 20
# Time interval to unlock the account if :time is enabled as unlock_strategy.
# config.unlock_in = 1.hour
+ # Warn on the last attempt before the account is locked.
+ # config.last_attempt_warning = false
+
# ==> Configuration for :recoverable
#
# Defines which key will be used when recovering the password for an account
@@ -146,24 +184,18 @@ Devise.setup do |config|
# Time interval you can reset your password with a reset password key.
# Don't put a too small interval or your users won't have the time to
# change their passwords.
- config.reset_password_within = 2.hours
+ config.reset_password_within = 6.hours
# ==> Configuration for :encryptable
# Allow you to use another encryption algorithm besides bcrypt (default). You can use
# :sha1, :sha512 or encryptors from others authentication tools as :clearance_sha1,
# :authlogic_sha512 (then you should set stretches above to 20 for default behavior)
# and :restful_authentication_sha1 (then you should set stretches to 10, and copy
- # REST_AUTH_SITE_KEY to pepper)
+ # REST_AUTH_SITE_KEY to pepper).
+ #
+ # Require the `devise-encryptable` gem when using anything other than bcrypt
# config.encryptor = :sha512
- # ==> Configuration for :token_authenticatable
- # Defines name of the authentication token params key
- # config.token_authentication_key = :auth_token
-
- # If true, authentication through token does not store user in session and needs
- # to be supplied on each request. Useful if you are using the token as API token.
- # config.stateless_token = false
-
# ==> Scopes configuration
# Turn scoped views on. Before rendering "sessions/new", it will first check for
# "users/sessions/new". It's turned off by default because it's slower if you
@@ -174,9 +206,8 @@ Devise.setup do |config|
# devise role declared in your routes (usually :user).
# config.default_scope = :user
- # Configure sign_out behavior.
- # Sign_out action can be scoped (i.e. /users/sign_out affects only :user scope).
- # The default is true, which means any logout action will sign out all active scopes.
+ # Set this configuration to false if you want /users/sign_out to sign out
+ # only the current scope. By default, Devise signs out all scopes.
# config.sign_out_all_scopes = true
# ==> Navigation configuration
@@ -187,9 +218,8 @@ Devise.setup do |config|
# If you have any extra navigational formats, like :iphone or :mobile, you
# should add them to the navigational formats lists.
#
- # The :"*/*" and "*/*" formats below is required to match Internet
- # Explorer requests.
- # config.navigational_formats = [:"*/*", "*/*", :html]
+ # The "*/*" below is required to match Internet Explorer requests.
+ # config.navigational_formats = ['*/*', :html]
# The default HTTP method used to sign out a resource. Default is :delete.
config.sign_out_via = :delete
@@ -204,8 +234,21 @@ Devise.setup do |config|
# change the failure app, you can configure them inside the config.warden block.
#
# config.warden do |manager|
- # manager.failure_app = AnotherApp
# manager.intercept_401 = false
# manager.default_strategies(:scope => :user).unshift :some_external_strategy
# end
+
+ # ==> Mountable engine configurations
+ # When using Devise inside an engine, let's call it `MyEngine`, and this engine
+ # is mountable, there are some extra configurations to be taken into account.
+ # The following options are available, assuming the engine is mounted as:
+ #
+ # mount MyEngine, at: '/my_engine'
+ #
+ # The router that invoked `devise_for`, in the example above, would be:
+ # config.router_name = :my_engine
+ #
+ # When using omniauth, Devise cannot automatically set Omniauth path,
+ # so you need to do it manually. For the users scope, it would be:
+ # config.omniauth_path_prefix = '/my_engine/users/auth'
end
diff --git a/config/initializers/simple_form.rb b/config/initializers/simple_form.rb
new file mode 100644
index 0000000..6986de9
--- /dev/null
+++ b/config/initializers/simple_form.rb
@@ -0,0 +1,145 @@
+# Use this setup block to configure all options available in SimpleForm.
+SimpleForm.setup do |config|
+ # Wrappers are used by the form builder to generate a
+ # complete input. You can remove any component from the
+ # wrapper, change the order or even add your own to the
+ # stack. The options given below are used to wrap the
+ # whole input.
+ config.wrappers :default, class: :input,
+ hint_class: :field_with_hint, error_class: :field_with_errors do |b|
+ ## Extensions enabled by default
+ # Any of these extensions can be disabled for a
+ # given input by passing: `f.input EXTENSION_NAME => false`.
+ # You can make any of these extensions optional by
+ # renaming `b.use` to `b.optional`.
+
+ # Determines whether to use HTML5 (:email, :url, ...)
+ # and required attributes
+ b.use :html5
+
+ # Calculates placeholders automatically from I18n
+ # You can also pass a string as f.input placeholder: "Placeholder"
+ b.use :placeholder
+
+ ## Optional extensions
+ # They are disabled unless you pass `f.input EXTENSION_NAME => :lookup`
+ # to the input. If so, they will retrieve the values from the model
+ # if any exists. If you want to enable the lookup for any of those
+ # extensions by default, you can change `b.optional` to `b.use`.
+
+ # Calculates maxlength from length validations for string inputs
+ b.optional :maxlength
+
+ # Calculates pattern from format validations for string inputs
+ b.optional :pattern
+
+ # Calculates min and max from length validations for numeric inputs
+ b.optional :min_max
+
+ # Calculates readonly automatically from readonly attributes
+ b.optional :readonly
+
+ ## Inputs
+ b.use :label_input
+ b.use :hint, wrap_with: { tag: :span, class: :hint }
+ b.use :error, wrap_with: { tag: :span, class: :error }
+ end
+
+ # The default wrapper to be used by the FormBuilder.
+ config.default_wrapper = :default
+
+ # Define the way to render check boxes / radio buttons with labels.
+ # Defaults to :nested for bootstrap config.
+ # inline: input + label
+ # nested: label > input
+ config.boolean_style = :nested
+
+ # Default class for buttons
+ config.button_class = 'btn'
+
+ # Method used to tidy up errors. Specify any Rails Array method.
+ # :first lists the first message for each field.
+ # Use :to_sentence to list all errors for each field.
+ # config.error_method = :first
+
+ # Default tag used for error notification helper.
+ config.error_notification_tag = :div
+
+ # CSS class to add for error notification helper.
+ config.error_notification_class = 'alert alert-error'
+
+ # ID to add for error notification helper.
+ # config.error_notification_id = nil
+
+ # Series of attempts to detect a default label method for collection.
+ # config.collection_label_methods = [ :to_label, :name, :title, :to_s ]
+
+ # Series of attempts to detect a default value method for collection.
+ # config.collection_value_methods = [ :id, :to_s ]
+
+ # You can wrap a collection of radio/check boxes in a pre-defined tag, defaulting to none.
+ # config.collection_wrapper_tag = nil
+
+ # You can define the class to use on all collection wrappers. Defaulting to none.
+ # config.collection_wrapper_class = nil
+
+ # You can wrap each item in a collection of radio/check boxes with a tag,
+ # defaulting to :span. Please note that when using :boolean_style = :nested,
+ # SimpleForm will force this option to be a label.
+ # config.item_wrapper_tag = :span
+
+ # You can define a class to use in all item wrappers. Defaulting to none.
+ # config.item_wrapper_class = nil
+
+ # How the label text should be generated altogether with the required text.
+ # config.label_text = lambda { |label, required| "#{required} #{label}" }
+
+ # You can define the class to use on all labels. Default is nil.
+ config.label_class = 'control-label'
+
+ # You can define the class to use on all forms. Default is simple_form.
+ # config.form_class = :simple_form
+
+ # You can define which elements should obtain additional classes
+ # config.generate_additional_classes_for = [:wrapper, :label, :input]
+
+ # Whether attributes are required by default (or not). Default is true.
+ # config.required_by_default = true
+
+ # Tell browsers whether to use the native HTML5 validations (novalidate form option).
+ # These validations are enabled in SimpleForm's internal config but disabled by default
+ # in this configuration, which is recommended due to some quirks from different browsers.
+ # To stop SimpleForm from generating the novalidate option, enabling the HTML5 validations,
+ # change this configuration to true.
+ config.browser_validations = false
+
+ # Collection of methods to detect if a file type was given.
+ # config.file_methods = [ :mounted_as, :file?, :public_filename ]
+
+ # Custom mappings for input types. This should be a hash containing a regexp
+ # to match as key, and the input type that will be used when the field name
+ # matches the regexp as value.
+ # config.input_mappings = { /count/ => :integer }
+
+ # Custom wrappers for input types. This should be a hash containing an input
+ # type as key and the wrapper that will be used for all inputs with specified type.
+ # config.wrapper_mappings = { string: :prepend }
+
+ # Default priority for time_zone inputs.
+ # config.time_zone_priority = nil
+
+ # Default priority for country inputs.
+ # config.country_priority = nil
+
+ # When false, do not use translations for labels.
+ # config.translate_labels = true
+
+ # Automatically discover new inputs in Rails' autoload path.
+ # config.inputs_discovery = true
+
+ # Cache SimpleForm inputs discovery
+ # config.cache_discovery = !Rails.env.development?
+
+ # Default class for inputs
+ # config.input_class = nil
+end
diff --git a/config/locales/simple_form.en.yml b/config/locales/simple_form.en.yml
new file mode 100644
index 0000000..0df11fe
--- /dev/null
+++ b/config/locales/simple_form.en.yml
@@ -0,0 +1,26 @@
+en:
+ simple_form:
+ "yes": 'Yes'
+ "no": 'No'
+ required:
+ text: 'required'
+ mark: '*'
+ # You can uncomment the line below if you need to overwrite the whole required html.
+ # When using html, text and mark won't be used.
+ # html: '*'
+ error_notification:
+ default_message: "Please review the problems below:"
+ # Labels and hints examples
+ # labels:
+ # defaults:
+ # password: 'Password'
+ # user:
+ # new:
+ # email: 'E-mail to sign in.'
+ # edit:
+ # email: 'E-mail.'
+ # hints:
+ # defaults:
+ # username: 'User name to sign in.'
+ # password: 'No special characters, please.'
+
diff --git a/db/schema.rb b/db/schema.rb
index 01a5354..51a2222 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -9,17 +9,20 @@
# from scratch. The latter is a flawed and unsustainable approach (the more migrations
# you'll amass, the slower it'll run and the greater likelihood for issues).
#
-# It's strongly recommended to check this file into your version control system.
+# It's strongly recommended that you check this file into your version control system.
-ActiveRecord::Schema.define(:version => 20130522071132) do
+ActiveRecord::Schema.define(version: 20130522071132) do
- create_table "admin_users", :force => true do |t|
- t.string "email", :default => "", :null => false
- t.string "encrypted_password", :limit => 128, :default => "", :null => false
+ # These are extensions that must be enabled in order to support this database
+ enable_extension "plpgsql"
+
+ create_table "admin_users", force: true do |t|
+ t.string "email", default: "", null: false
+ t.string "encrypted_password", limit: 128, default: "", null: false
t.string "reset_password_token"
t.datetime "reset_password_sent_at"
t.datetime "remember_created_at"
- t.integer "sign_in_count", :default => 0
+ t.integer "sign_in_count", default: 0
t.datetime "current_sign_in_at"
t.datetime "last_sign_in_at"
t.string "current_sign_in_ip"
@@ -27,19 +30,19 @@ ActiveRecord::Schema.define(:version => 20130522071132) do
t.string "confirmation_token"
t.datetime "confirmed_at"
t.datetime "confirmation_sent_at"
- t.integer "failed_attempts", :default => 0
+ t.integer "failed_attempts", default: 0
t.string "unlock_token"
t.datetime "locked_at"
t.datetime "created_at"
t.datetime "updated_at"
end
- add_index "admin_users", ["confirmation_token"], :name => "index_admin_users_on_confirmation_token", :unique => true
- add_index "admin_users", ["email"], :name => "index_admin_users_on_email", :unique => true
- add_index "admin_users", ["reset_password_token"], :name => "index_admin_users_on_reset_password_token", :unique => true
- add_index "admin_users", ["unlock_token"], :name => "index_admin_users_on_unlock_token", :unique => true
+ add_index "admin_users", ["confirmation_token"], name: "index_admin_users_on_confirmation_token", unique: true, using: :btree
+ add_index "admin_users", ["email"], name: "index_admin_users_on_email", unique: true, using: :btree
+ add_index "admin_users", ["reset_password_token"], name: "index_admin_users_on_reset_password_token", unique: true, using: :btree
+ add_index "admin_users", ["unlock_token"], name: "index_admin_users_on_unlock_token", unique: true, using: :btree
- create_table "categories", :force => true do |t|
+ create_table "categories", force: true do |t|
t.string "name"
t.text "description"
t.datetime "created_at"
@@ -50,12 +53,12 @@ ActiveRecord::Schema.define(:version => 20130522071132) do
t.string "slug"
end
- create_table "categories_photos", :id => false, :force => true do |t|
+ create_table "categories_photos", id: false, force: true do |t|
t.integer "category_id"
t.integer "photo_id"
end
- create_table "pages", :force => true do |t|
+ create_table "pages", force: true do |t|
t.string "name"
t.string "title"
t.text "content"
@@ -63,7 +66,7 @@ ActiveRecord::Schema.define(:version => 20130522071132) do
t.datetime "updated_at"
end
- create_table "photos", :force => true do |t|
+ create_table "photos", force: true do |t|
t.string "flickr_url"
t.string "photo_file_name"
t.string "photo_content_type"
@@ -74,20 +77,20 @@ ActiveRecord::Schema.define(:version => 20130522071132) do
t.string "title"
t.text "description"
t.integer "sort"
- t.boolean "featured", :default => false
- t.boolean "enabled", :default => true
+ t.boolean "featured", default: false
+ t.boolean "enabled", default: true
t.datetime "taken_at"
- t.integer "views", :default => 0
+ t.integer "views", default: 0
end
- create_table "sessions", :force => true do |t|
- t.string "session_id", :null => false
+ create_table "sessions", force: true do |t|
+ t.string "session_id", null: false
t.text "data"
t.datetime "created_at"
t.datetime "updated_at"
end
- add_index "sessions", ["session_id"], :name => "index_sessions_on_session_id"
- add_index "sessions", ["updated_at"], :name => "index_sessions_on_updated_at"
+ add_index "sessions", ["session_id"], name: "index_sessions_on_session_id", using: :btree
+ add_index "sessions", ["updated_at"], name: "index_sessions_on_updated_at", using: :btree
end
diff --git a/lib/templates/erb/scaffold/_form.html.erb b/lib/templates/erb/scaffold/_form.html.erb
new file mode 100644
index 0000000..201a069
--- /dev/null
+++ b/lib/templates/erb/scaffold/_form.html.erb
@@ -0,0 +1,13 @@
+<%%= simple_form_for(@<%= singular_table_name %>) do |f| %>
+ <%%= f.error_notification %>
+
+
+ <%- attributes.each do |attribute| -%>
+ <%%= f.<%= attribute.reference? ? :association : :input %> :<%= attribute.name %> %>
+ <%- end -%>
+
+
+
+ <%%= f.button :submit %>
+
+<%% end %>