Merge pull request #43 from paiindustries/fix/site-issues

Fix/site issues

Author: zainforbjs

app/controllers/web/AdminController.cfc

@@ -14,6 +14,7 @@ component extends="app.Controllers.Controller" {
 
     function blog() {
         blogs = getAllBlogs();
+        
     }
 
     function approve() {

app/controllers/web/AuthController.cfc

@@ -43,7 +43,11 @@ component extends="app.Controllers.Controller" {
         try {
 
             // Get the full user object (assuming session.user might just have the ID)
-            var redirectUrl = session.keyExists("redirectAfterLogin") ? session.redirectAfterLogin : urlFor(route="home");
+            if(user.role.name == 'admin'){
+                var redirectUrl = urlFor(route="admin-blog");
+            }else{
+                var redirectUrl = session.keyExists("redirectAfterLogin") ? session.redirectAfterLogin : urlFor(route="home");
+            }
 
             // Clear the session variable after use
             structDelete(session, "redirectAfterLogin");

app/controllers/web/BlogController.cfc

@@ -207,7 +207,7 @@ component extends="app.Controllers.Controller" {
 
     private function getAllBlogs() {
         return model("Blog").findAll(
-            where='statusid <> 1',
+            where="statusid <> 1 AND status ='Approved'",
             include="User, PostStatus, PostType",
             order = "COALESCE(post_created_date, blog_posts.createdat) DESC"
         );

app/controllers/web/UserController.cfc

@@ -2,8 +2,9 @@
 component extends="app.Controllers.Controller" {
 
     function config() {
-        verifies(except="index,loadUsers,loadRoles,addUser,store,delete,profile,changePassword,updatePassword,uploadProfilePic,updateProfilePic", params="key", paramsTypes="integer", handler="index");
-        usesLayout("/layout");
+        verifies(except="index,loadUsers,loadRoles,addUser,store,delete,profile,changePassword,updatePassword,uploadProfilePic,updateProfilePic,checkAdminAccess", params="key", paramsTypes="integer", handler="index");
+        usesLayout("/web/AdminController/layout");
+        filters(through="checkAdminAccess");
     }
 
     // read user
@@ -41,37 +42,12 @@ component extends="app.Controllers.Controller" {
 
         // Save user logic here
         try {
-
-            params.profilePicture = "";
-            var uploadPath = expandPath("/files/"); // Define the upload directory
-
-            if (!directoryExists(uploadPath)) {
-                directoryCreate(uploadPath);
-            }
-
-            // Handle file upload
-            if (structKeyExists(params, "profilePicture") && isDefined("params.profilePicture")) {
-                var uploadedFile = fileUpload(uploadPath, "profilePicture");
-
-                if (!structIsEmpty(uploadedFile) && structKeyExists(uploadedFile, "serverFile")) {
-                    var originalFileName = uploadedFile.serverFile; // This is the uploaded file name
-                    var fileExtension = listLast(originalFileName, "."); // Extract extension
-                    var uniqueFileName = createUUID() & "." & fileExtension; // Generate unique name
-
-                    // Rename file to unique name
-                    var newFilePath = uploadPath & "/" & uniqueFileName;
-                    fileMove(uploadedFile.serverDirectory & "/" & originalFileName, newFilePath);
-
-                    // Store the relative file path
-                    params.profilePicture = "/files/" & uniqueFileName;
-                }
-            }
-
             var message = saveUser(params);
-            redirectTo(action="index");
+
+            redirectTo(route="user", success="User successfully added!");
         } catch (any e) {
             // Handle error
-            redirectTo(action="error", errorMessage="Failed to save user.");
+            redirectTo(action="error", error="Failed to save user.");
         }
     }
 
@@ -197,6 +173,18 @@ component extends="app.Controllers.Controller" {
     }
     // Business Logic
 
+    private function checkAdminAccess() {
+        // Ensure only admin users can access these methods
+        if (!isCurrentUserAdmin()) {
+            // Save the current URL in session
+            saveRedirectUrl(cgi.script_name & "?" & cgi.query_string);
+            // Redirect to login page
+            redirectTo(controller="AuthController", action="login", route="auth-login");
+            return false;
+        }
+        return true;
+    }
+
     /**
      * Count total number of users
      */
@@ -254,7 +242,7 @@ component extends="app.Controllers.Controller" {
                     user.firstname = userData.firstName;
                     user.lastname = userData.lastName;
                     user.email = userData.email;
-                    user.passwordHash = hash(userData.passwordHash);
+                    user.passwordHash = application.WHEELS.plugins.bcrypt.bCryptHashPW(userData.passwordHash, application.WHEELS.plugins.bcrypt.bCryptGenSalt());
                     user.status = application.wo.SetActive();
                     user.roleid = userData.roleid;
                     user.updatedAt = now();
@@ -276,7 +264,7 @@ component extends="app.Controllers.Controller" {
                     newUser.firstname = userData.firstName;
                     newUser.lastname = userData.lastName;
                     newUser.email = userData.email;
-                    newUser.passwordHash = hash(userData.passwordHash);
+                    newUser.passwordHash = application.WHEELS.plugins.bcrypt.bCryptHashPW(userData.passwordHash, application.WHEELS.plugins.bcrypt.bCryptGenSalt());
                     newUser.status = application.wo.SetActive();
                     newUser.roleid = userData.roleid;
                     newUser.createdAt = now();

app/models/Blog.cfc

@@ -52,6 +52,7 @@ component extends="app.Models.Model" {
         var blogs = findAll(
             where='statusid <> 1', 
             include="User", 
+            maxRows=10,
             order="COALESCE(post_created_date, blog_posts.createdAt) DESC"
         );
         return blogs;

app/views/layout.cfm

@@ -81,12 +81,21 @@
 			<link href="/stylesheets/icons/bootstrap-icons.min.css" rel="stylesheet">
 			<link href="/stylesheets/select2-bootstrap-min.css" rel="stylesheet">
 			<link href="/stylesheets/notifier.min.css" rel="stylesheet">
-
+			<link href="/stylesheets/dataTables.min.css" rel="stylesheet">
+			
 			<script src="/javascripts/jquery.min.js"></script>
+			<script src="/javascripts/dataTables.min.js"></script>
 			<script src="/javascripts/htmx.min.js"></script>
 			<script src="/javascripts/highlighter.min.js"></script>
 			<script src="/javascripts/quill.min.js"></script>
 			<script src="/javascripts/bootstrap.js"></script>
+			<script src="/javascripts/config.js"></script>
+			<cfoutput>
+				#javascriptIncludeTag(source="anchor.min.js")#
+				#javascriptIncludeTag(source="all.min.js")#
+				#javascriptIncludeTag(source="lodash.min.js")#
+				#javascriptIncludeTag(source="phoenix.js")#
+			</cfoutput>
 
 			<script>
 				(function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){

app/views/web/AdminController/blog.cfm

@@ -1,72 +1,78 @@
 <main>
     <cfoutput>
         <div class="container py-5">
-            <div class="row justify-content-center justify-content-lg-between">
-                <div class="bg-white rounded-5 shadow-sm mt-4 p-4 overflow-x-auto">
-                    <h1 class="text-center fs-24 mb-5 fw-bold">Blogs</h1>
-                    <table id="blogTable" class="table table-hover">
-                        <thead>
-                            <tr>
-                                <th>ID</th>
-                                <th>Title</th>
-                                <th>Status</th>
-                                <th>Post Type</th>
-                                <th>Created By</th>
-                                <th>Approval Status</th>
-                                <th></th>
-                            </tr>
-                        </thead>
-                        <tbody>
-                            <cfloop from="1" to="#blogs.recordCount#" index="i">
-                                <cfset blogId = blogs.id[i]>
-                                <cfset truncatedContent = left(blogs.content[i], 100) & "...">
-
-                                <tr id="blog-#blogId#">
-                                    <td>#i#</td>
-                                    <td><a href="blog/#blogs.slug[i]#" class="cursor-pointer text-primary">#blogs.title[i]#</a></td>
-                                    <td>#blogs.NAME[i]#</td>
-                                    <td>#blogs.POSTTYPENAME[i]#</td>
-                                    <td>#blogs.fullName[i]#</td>
-                                    <td>
-                                        <cfif blogs.status[i] eq 'Approved'>
-                                            <span class="badge bg-success">Approved</span>
-                                        <cfelseif blogs.status[i] eq 'Rejected'>
-                                            <span class="badge bg-danger">Rejected</span>
-                                        <cfelse>
-                                            <span class="badge bg-warning text-dark">Pending</span>
-                                        </cfif>
-                                    </td>
-                                    <td>
-                                        <div class="dropdown">
-                                            <div class="fw-bold cursor-pointer" data-bs-toggle="dropdown" aria-expanded="false">
-                                                ...
-                                            </div>
-                                            <ul class="dropdown-menu">
-                                                <li>
-                                                    <button 
-                                                        class="dropdown-item text-success"
-                                                        hx-post="approve" 
-                                                        hx-vals='{"id": "#blogId#"}'
-                                                        hx-confirm="Are you sure you want to approve this blog?"
-                                                    >Approve</button>
-                                                </li>
-                                                <li>
-                                                    <button 
-                                                        class="dropdown-item text-danger"
-                                                        hx-post="reject" 
-                                                        hx-vals='{"id": "#blogId#"}'
-                                                        hx-confirm="Are you sure you want to reject this blog?"
-                                                    >Reject</button>
-                                                </li>
-                                            </ul>
-                                        </div>
-                                    </td>
-                                </tr>
-                            </cfloop>
-                        </tbody>
-                    </table>
-                </div>
+            <div class="col-auto">
+                <h1 class="fs-24 mb-5 fw-bold">Blogs</h1>
             </div>
+            <table id="blogTable" class="table table-hover">
+                <thead>
+                    <tr>
+                        <th>ID</th>
+                        <th>Title</th>
+                        <th>Status</th>
+                        <th>Categories</th>
+                        <th>Created By</th>
+                        <th>Approval Status</th>
+                        <th></th>
+                    </tr>
+                </thead>
+                <tbody>
+                    <cfloop from="1" to="#blogs.recordCount#" index="i">
+                        <cfset blogId = blogs.id[i]>
+                        <cfset truncatedContent = left(blogs.content[i], 100) & "...">
+
+                        <tr id="blog-#blogId#">
+                            <td>#i#</td>
+                            <td><a href="blog/#blogs.slug[i]#" class="cursor-pointer text-primary">#blogs.title[i]#</a></td>
+                            <td>#blogs.NAME[i]#</td>
+                            <cfscript>
+                                var categories = model("BlogCategory").findAll(
+                                    select = "name",
+                                    where = "blogId = #blogs.id[i]#",
+                                    include = "Blog,Category"
+                                );
+                                var categoryNames = valueList(categories.name);
+                            </cfscript>
+                            <td>#categoryNames#</td>
+                            <td>#blogs.fullName[i]#</td>
+                            <td>
+                                <cfif blogs.status[i] eq 'Approved'>
+                                    <span class="badge bg-success">Approved</span>
+                                <cfelseif blogs.status[i] eq 'Rejected'>
+                                    <span class="badge bg-danger">Rejected</span>
+                                <cfelse>
+                                    <span class="badge bg-warning text-dark">Pending</span>
+                                </cfif>
+                            </td>
+                            <td>
+                                <div class="dropdown">
+                                    <div class="fw-bold cursor-pointer" data-bs-toggle="dropdown" aria-expanded="false">
+                                        ...
+                                    </div>
+                                    <ul class="dropdown-menu">
+                                        <li>
+                                            <button 
+                                                class="dropdown-item text-success fs-16"
+                                                hx-post="approve" 
+                                                hx-vals='{"id": "#blogId#"}'
+                                                hx-confirm="Are you sure you want to approve this blog?"
+                                            >Approve</button>
+                                        </li>
+                                        <li>
+                                            <button 
+                                                class="dropdown-item text-danger fs-16"
+                                                hx-post="reject" 
+                                                hx-vals='{"id": "#blogId#"}'
+                                                hx-confirm="Are you sure you want to reject this blog?"
+                                            >Reject</button>
+                                        </li>
+                                    </ul>
+                                </div>
+                            </td>
+                        </tr>
+                    </cfloop>
+                </tbody>
+            </table>
         </div>
     </cfoutput>
     <script>