Updates to boilerplates.

AhmedAssaf · Sep 29, 2013 · 7c36901 · 7c36901
1 parent 5af22c5
commit 7c36901
Show file tree

Hide file tree

Showing 7 changed files with 100 additions and 101 deletions.
diff --git a/bin/boilerplates/api/policies/authenticated.js b/bin/boilerplates/api/policies/authenticated.js
diff --git a/bin/boilerplates/api/policies/isAuthenticated.js b/bin/boilerplates/api/policies/isAuthenticated.js
@@ -0,0 +1,19 @@
+/**
+ * `isAuthenticated`
+ *
+ * Simple policy to allow any authenticated user
+ * Assumes that your login action (in one of your controllers) sets:
+ * `req.session.authenticated = true;`
+ */
+module.exports = function(req, res, next) {
+
+  // User is allowed, proceed to the next policy, 
+  // or if this is the last policy, the controller
+  if (req.session.authenticated) {
+    return next();
+  }
+
+  // User is not allowed
+  // (default res.forbidden() behavior can be overridden in `config/403.js`)
+  return res.forbidden('You are not permitted to perform this action.');
+};
diff --git a/bin/boilerplates/config/403.js b/bin/boilerplates/config/403.js
@@ -35,7 +35,13 @@ module.exports[403] = function badRequest(message, req, res) {
     return res.json(result, result.status);
   }
 
-  res.status(result.status).render(viewFilePath, result, function (err) {
+  // Set status code and view locals
+  res.status(result.status);
+  for (var key in result) {
+    res.locals[key] = result[key];
+  }
+  // And render view
+  res.render(viewFilePath, result, function (err) {
     // If the view doesn't exist, or an error occured, send json
     if (err) { return res.json(result, result.status); }
 

diff --git a/bin/boilerplates/config/404.js b/bin/boilerplates/config/404.js
@@ -15,6 +15,7 @@ module.exports[404] = function pageNotFound(req, res) {
    * the same interface for receiving socket messages.
    */
 
+  var viewFilePath = '404';
   var statusCode = 404;
   var result = {
     status: statusCode
@@ -25,8 +26,8 @@ module.exports[404] = function pageNotFound(req, res) {
     return res.json(result, result.status);
   }
 
-  var viewFilePath = '404';
-  res.status(result.status).render(viewFilePath, result, function (err) {
+  res.status(result.status);
+  res.render(viewFilePath, function (err) {
     // If the view doesn't exist, or an error occured, send json
     if (err) { return res.json(result, result.status); }
 

diff --git a/bin/boilerplates/config/500.js b/bin/boilerplates/config/500.js
@@ -45,7 +45,13 @@ module.exports[500] = function serverErrorOccurred(errors, req, res) {
     return res.json(result, result.status);
   }
 
-  res.status(result.status).render(viewFilePath, result, function (err) {
+  // Set status code and view locals
+  res.status(result.status);
+  for (var key in result) {
+    res.locals[key] = result[key];
+  }
+  // And render view
+  res.render(viewFilePath, result, function (err) {
     // If the view doesn't exist, or an error occured, just send JSON
     if (err) { return res.json(result, result.status); }
 

diff --git a/bin/boilerplates/templates/controller.ejs b/bin/boilerplates/templates/controller.ejs
@@ -5,12 +5,25 @@
  * This is the template used when generating controllers via the CLI
  * e.g. `sails generate controller foo`
  * 
+ * Note to new contributors:
+ * Controllers in Sails are special--
+ * As you might expect, the code you write here responds to traditional HTTP requests,
+ * but it also works out of the box with messages from Socket.io.
  */
 %>/**
  * <%= entity %>Controller
  *
  * @module      :: Controller
- * @description	:: Contains logic for handling requests.
+ * @description	:: A set of functions called `actions`.
+ *
+ *                 Actions contain code telling Sails how to respond to a certain type of request.
+ *                 (i.e. do stuff, then send some JSON, show an HTML page, or redirect to another URL)
+ *
+ *                 You can configure the blueprint URLs which trigger these actions (`config/controllers.js`)
+ *                 and/or override them with custom routes (`config/routes.js`)
+ *
+ *                 NOTE: The code you write here works supports both HTTP and Socket.io automatically.
+ *
  * @docs        :: http://sailsjs.org/#!documentation/controllers
  */
 
@@ -31,85 +44,4 @@ module.exports = {
   <%- actions %>
 
 
-
-  /**
-   * To configure the automatically generated routes and actions blueprint configuration
-   * When the server starts, these settings control the routes automatically generated
-   * for this controller.  
-   *
-   * Here, you can disable or modify the automatic API for the corresponding model.
-   */
-
-  blueprint: {
-
-
-    // Optional mount path prefix for blueprints
-    // (the automatically bound routes for this controller)
-    // e.g. setting prefix = '/api/v2/' would create routes like:
-    // '/api/v2/<%= identity %>/:action/:id?'
-    // 'get /api/v2/<%= identity %>'
-    // 'post /api/v2/<%= identity %>'
-    // etc.
-    prefix: '',
-
-
-    // Whether routes are automatically generated for every action in your controller
-    // (also maps `index` to `/<%= identity %>`)
-    // '/<%= identity %>'
-    // '/<%= identity %>/index'
-    // '/<%= identity %>/:action'
-    actions: true,
-
-
-    // CRUD shortcut routes enabld?
-    //
-    // ** NOTE **
-    // These CRUD shortcuts exist for your convenience during development,
-    // but you'll want to disable them in production.
-    //
-    // e.g.
-    // '/<%= identity %>/find/:id?'
-    // '/<%= identity %>/create'
-    // '/<%= identity %>/update/:id'
-    // '/<%= identity %>/destroy/:id'
-    shortcuts: true,
-
-
-    // Automatic REST blueprints enabled?
-    // e.g.
-    // 'get /<%= identity %>/:id?'
-    // 'post /<%= identity %>'
-    // 'put /<%= identity %>/:id'
-    // 'delete /<%= identity %>/:id'
-    rest: true,
-
-
-    // Enable JSONP callbacks on REST blueprints for this controller
-    //
-    // e.g. `jsonp: 'callback'` below would cause all blueprints to listen 
-    // for a parameter called `callback` and respond with JSONP whenever it is detected:
-    // `/user/find/:id?callback=?`
-    // `/user?name=ciaran&limit=10&callback=?`
-    jsonp: false,
-
-
-    // If a blueprint route catches a request, 
-    // only match the :id route parameter if it's an integer
-    // (you might want to set this to `true` when using Mongo, for instance)
-    //
-    // e.g. only trigger route handler if requests look like:
-    // get /user/8
-    // instead of:
-    // get /user/a8j4g9jsd9ga4ghjasdha
-    expectIntegerId: false,
-
-
-    // Whether to pluralize the name of this controller in route blueprints
-    //
-    // e.g.
-    // get /<%= pluralIdentity %>
-    // get /<%= pluralIdentity %>/3
-    pluralize: false
-  }
-
 };
diff --git a/bin/boilerplates/views/ejs/403.ejs b/bin/boilerplates/views/ejs/403.ejs
@@ -0,0 +1,50 @@
+<!DOCTYPE html>
+<!-- 
+  This is the default 403 page, shown when you call:
+  `return res.forbidden();`
+  from one of your policies.
+
+  User agents that don't "Accept" HTML will see a JSON version instead.
+  You can customize the control logic for your needs in `config/403.js`
+-->
+<html>
+  <head>
+    <title>Forbidden</title>
+    <link href='http://sailsjs.org/styles/fonts.css' rel='stylesheet'/>
+    <style>
+      /* Styles included inline since you'll probably be deleting or replacing this page anyway */
+      html,body{text-align:left;font-size:1em}html,body,img,form,textarea,input,fieldset,div,p,div,ul,li,ol,dl,dt,dd,h1,h2,h3,h4,h5,h6,pre,code{margin:0;padding:0}ul,li{list-style:none}img{display:block}a img{border:0}a{text-decoration:none;font-weight:normal;font-family:inherit}*:active,*:focus{outline:0;-moz-outline-style:none}h1,h2,h3,h4,h5,h6,h7{font-weight:normal;font-size:1em}.clearfix:after{clear:both;content:".";display:block;font-size:0;height:0;line-height:0;visibility:hidden}.page .ocean{background:url('http://sailsjs.com/images/waves.png') #0c8da0 no-repeat center 0;height:315px}.page .ocean img{margin-right:auto;margin-left:auto}.page .waves{display:block;padding-top:25px;margin-right:auto;margin-left:auto}.page .main{display:block;margin-top:90px}.page .logo{width:150px;margin-top:3.5em;margin-left:auto;margin-right:auto}.page .fishy{display:block;padding-top:27px}.page .help{padding-top:2em}.page h1{font-family:"Open Sans","Myriad Pro",Arial,sans-serif;font-weight:bold;font-size:1.7em;color:#001c20;text-align:center}.page h2{font-family:"Open Sans","Myriad Pro",Arial,sans-serif;font-weight:300;font-size:1.5em;color:#001c20;text-align:center}.page p{font-family:"Open Sans","Myriad Pro",Arial,sans-serif;font-size:1.25em;color:#001c20;text-align:center}.page a{color:#118798}.page a:hover{color:#b1eef7}
+    </style>
+  </head>
+  <body>
+
+    <div class="page">
+      <div class="ocean">
+        <img class="fishy" src="http://sailsjs.org/images/fishy4.png">
+      </div>
+
+      <div class="main">
+        <h1>
+          Forbidden
+        </h1>
+        <h2> 
+          <% if (typeof message !== 'undefined') { %>
+          <%= message %>
+          <% } else { %>
+          You don't have permission to see the page you're trying to reach.
+          <% } %>
+        </h2>
+        <p class="help">
+          <a href="/">Why</a> might this be happening?
+        </p>
+      </div>
+
+      <div class="logo">
+        <a href="http://sailsjs.org">
+          <img src="http://sailsjs.org/images/logo.png">
+        </a>
+      </div>
+    </div>
+
+  </body>
+</html>