Moved page preview functionality behind the protection of /refinery.

Fixes #2012 * Also, stopped responding to page preview on GET route.
refinery · Dec 20, 2012 · a94b671 · a94b671
1 parent a402ff8
commit a94b671
Show file tree

Hide file tree

Showing 10 changed files with 85 additions and 87 deletions.
diff --git a/core/app/views/refinery/_site_bar.html.erb b/core/app/views/refinery/_site_bar.html.erb
@@ -1,7 +1,7 @@
-<% if refinery_user? && "#{controller_name}##{action_name}" != 'pages#preview' %>
+<% if refinery_user? && "#{controller_name}##{action_name}" !~ %r{pages#preview} %>
   <% unless admin? # all required JS included by backend. %>
     <% content_for :stylesheets, stylesheet_link_tag('refinery/site_bar') unless !!local_assigns[:exclude_css] %>
-    <%= yield(:stylesheets) unless local_assigns[:head] or local_assigns[:exclude_css] %>
+    <%= yield(:stylesheets) unless local_assigns[:head] || local_assigns[:exclude_css] %>
   <% end -%>
   <div id='site_bar'>
     <div id='site_bar_content' class='clearfix'>

diff --git a/pages/app/controllers/refinery/admin/pages_controller.rb b/pages/app/controllers/refinery/admin/pages_controller.rb
@@ -1,6 +1,9 @@
 module Refinery
   module Admin
     class PagesController < Refinery::AdminController
+      include Pages::InstanceMethods
+      include Pages::RenderOptions
+
       cache_sweeper Refinery::PageSweeper
 
       crudify :'refinery/page',
@@ -42,7 +45,7 @@ def update
               else
                 render :partial => 'save_and_continue_callback', :locals => {
                   :new_refinery_page_path => refinery.admin_page_path(@page.nested_url),
-                  :new_page_path => refinery.preview_page_path(@page.nested_url)
+                  :new_page_path => refinery.admin_preview_page_path(@page.nested_url)
                 }
               end
             end
@@ -63,8 +66,19 @@ def update
         end
       end
 
+      skip_before_filter :find_page, :only => [:preview]
+      before_filter :find_page_for_preview, :only => [:preview]
+
+      def preview
+        render_with_templates? @page, {:template => preview_template, :layout => preview_layout}
+      end
+
     protected
 
+      def admin?
+        action_name != 'preview'
+      end
+
       def after_update_positions
         find_all_pages
         render :partial => '/refinery/admin/pages/sortable_list' and return
@@ -75,6 +89,24 @@ def find_page
       end
       alias_method :page, :find_page
 
+      def find_page_for_preview
+        if page
+          # Preview existing pages
+          @page.attributes = params[:page]
+        elsif params[:page]
+          # Preview a non-persisted page
+          @page = Page.new params[:page]
+        end
+      end
+
+      def preview_layout
+        'application'
+      end
+
+      def preview_template
+        '/refinery/pages/show'
+      end
+
       # We can safely assume ::Refinery::I18n is defined because this method only gets
       # Invoked when the before_filter from the plugin is run.
       def globalize!

diff --git a/pages/app/controllers/refinery/pages_controller.rb b/pages/app/controllers/refinery/pages_controller.rb
@@ -1,7 +1,8 @@
 module Refinery
   class PagesController < ::ApplicationController
-    before_filter :find_page, :set_canonical, :except => [:preview]
-    before_filter :find_page_for_preview, :only => [:preview]
+    include Pages::RenderOptions
+
+    before_filter :find_page, :set_canonical
 
     # Save whole Page after delivery
     after_filter :write_cache?
@@ -39,10 +40,6 @@ def show
       end
     end
 
-    def preview
-      render_with_templates?(:action => :show)
-    end
-
   protected
 
     def requested_friendly_id
@@ -69,38 +66,18 @@ def first_live_child
       page.children.order('lft ASC').live.first
     end
 
-    def find_page_for_preview
-      if page(fallback_to_404 = false)
-        # Preview existing pages
-        @page.attributes = view_context.sanitize_hash params[:page]
-      elsif params[:page]
-        # Preview a non-persisted page
-        @page = Page.new params[:page]
-      end
-    end
-
     def find_page(fallback_to_404 = true)
       @page ||= case action_name
                 when "home"
                   Refinery::Page.where(:link_url => '/').first
-                when "show", "preview"
+                when "show"
                   Refinery::Page.find_by_path_or_id(params[:path], params[:id])
                 end
       @page || (error_404 if fallback_to_404)
     end
 
     alias_method :page, :find_page
 
-    def render_with_templates?(render_options = {})
-      if Refinery::Pages.use_layout_templates && page.layout_template.present?
-        render_options[:layout] = page.layout_template
-      end
-      if Refinery::Pages.use_view_templates && page.view_template.present?
-        render_options[:action] = page.view_template
-      end
-      render render_options if render_options.any?
-    end
-
     def set_canonical
       @canonical = refinery.url_for @page.canonical if @page.present?
     end

diff --git a/pages/app/helpers/refinery/pages_helper.rb b/pages/app/helpers/refinery/pages_helper.rb
diff --git a/pages/app/views/refinery/admin/pages/_form.html.erb b/pages/app/views/refinery/admin/pages/_form.html.erb
@@ -37,7 +37,7 @@
 
 <% content_for :javascripts do %>
   <script>
-    var refinery_page_preview_url = '<%= @page.persisted? ? refinery.preview_page_path(@page.nested_url) : refinery.preview_pages_path %>';
+    var refinery_page_preview_url = '<%= @page.persisted? ? refinery.admin_preview_page_path(@page.nested_url) : refinery.admin_preview_pages_path %>';
     $(document).ready(function(){
       page_options.init(
         <%= Refinery::Pages.new_page_parts.to_s %>

diff --git a/pages/config/routes.rb b/pages/config/routes.rb
@@ -1,14 +1,15 @@
 Refinery::Core::Engine.routes.draw do
   root :to => 'pages#home', :via => :get
-  post 'pages/preview'     => 'pages#preview', :as => :preview_pages
-  match 'pages/*path/preview' => 'pages#preview', :as => :preview_page,  :via => [:get, :put]
   get '/pages/:id', :to => 'pages#show', :as => :page
 
   namespace :admin, :path => Refinery::Core.backend_route do
     get 'pages/*path/edit', :to => 'pages#edit'
     get 'pages/*path/children', :to => 'pages#children', :as => 'children_pages'
+    post 'pages/preview'     => 'pages#preview', :as => :preview_pages
+    put 'pages/*path/preview' => 'pages#preview', :as => :preview_page
     put 'pages/*path', :to => 'pages#update'
     delete 'pages/*path', :to => 'pages#destroy'
+
     resources :pages, :except => :show do
       post :update_positions, :on => :collection
     end

diff --git a/pages/lib/refinery/pages/instance_methods.rb b/pages/lib/refinery/pages/instance_methods.rb
@@ -23,17 +23,15 @@ def error_404(exception=nil)
 
       # Compiles the default menu.
       def refinery_menu_pages
-        ::Refinery::Menu.new(::Refinery::Page.fast_menu)
+        Menu.new Page.fast_menu
       end
 
     protected
       def render_with_presenters(*args)
-        present(@page) unless admin? or @meta.present?
+        present @page unless admin? || @meta
         render_without_presenters(*args)
       end
 
-
-
     end
   end
 end
diff --git a/pages/lib/refinery/pages/render_options.rb b/pages/lib/refinery/pages/render_options.rb
@@ -0,0 +1,25 @@
+module Refinery
+  module Pages
+    module RenderOptions
+
+      def render_options_for_template(page)
+        render_options = {}
+        if Refinery::Pages.use_layout_templates && page.layout_template.present?
+          render_options[:layout] = page.layout_template
+        end
+        if Refinery::Pages.use_view_templates && page.view_template.present?
+          render_options[:action] = "/refinery/pages/#{page.view_template}"
+        end
+        render_options
+      end
+
+      def render_with_templates?(page = @page, render_options = {})
+        render_options.update render_options_for_template(page)
+        render render_options
+      end
+
+      protected :render_options_for_template, :render_with_templates?
+
+    end
+  end
+end
diff --git a/pages/spec/helpers/refinery/pages/pages_helper_spec.rb b/pages/spec/helpers/refinery/pages/pages_helper_spec.rb
diff --git a/pages/spec/requests/refinery/admin/pages_spec.rb b/pages/spec/requests/refinery/admin/pages_spec.rb
@@ -206,6 +206,21 @@ module Admin
             new_window_should_have_content("Some changes I'm unsure what they will look like")
           end
 
+          it 'will not show the site bar', :js do
+            visit refinery.admin_pages_path
+
+            find('a[tooltip^=Edit]').click
+            fill_in "Title", :with => "Some changes I'm unsure what they will look like"
+            click_button "Preview"
+
+            new_window_should_not_have_content(
+              ::I18n.t('switch_to_website', :scope => 'refinery.site_bar')
+            )
+            new_window_should_not_have_content(
+              ::I18n.t('switch_to_website_editor', :scope => 'refinery.site_bar')
+            )
+          end
+
           it 'will not save the preview changes', :js do
             visit refinery.admin_pages_path