[enh] Show security feed items on homepage.

index.html

@@ -52,6 +52,7 @@
     <script type="text/javascript" src="js/vendor/sammy.json.js"></script>
     <script type="text/javascript" src="js/vendor/sammy.storage.js"></script>
     <script type="text/javascript" src="js/vendor/bootstrap.min.js"></script>
+    <script type="text/javascript" src="js/vendor/jquery.cookie.js"></script>
     <script type="text/javascript" src="js/y18n.js"></script>
     <script type="text/javascript" src="js/app.js"></script>
     <script type="text/javascript">

js/app.js

@@ -371,6 +371,47 @@ app = Sammy('#main', function (sam) {
                 c.flash('warning', y18n.t('warning_first_user'));
             }
 
+            // Get security feed and display new items
+            var securityFeed = 'https://yunohost.org/security.rss'
+
+            $.ajax({
+                url: securityFeed,
+                // dataType: (jQuery.browser.msie) ? "text" : "xml",
+                dataType: "xml"
+            })
+            .done(function(xml){
+                // Get viewed security alerts from cookie
+                $.cookie.json = true;
+                var viewedItems = $.cookie('ynhSecurityViewedItems') || [];
+
+                // Loop through items
+                $('item', xml).each(function(k, v) {
+                    var item = {
+                        guid: $('guid', v)[0].innerHTML,
+                        title: $('title', v)[0].innerHTML,
+                        url: $('link', v)[0].innerHTML,
+                        desc: $('description', v)[0].textContent
+                    }
+                    if (viewedItems.indexOf(item.guid) === -1) {
+                        // Show security message to administrator
+                        // var warning = '<h2>'+ item.title +'</h2>'+ item.desc
+                        var warning = item.title + ' (<a href="'+ item.url +'" class="alert-link" target="_blank">'+y18n.t('read_more')+'</a>)';
+                        c.flash('warning', warning);
+
+                        // Store viewed item
+                        viewedItems.push(item.guid);
+                    }
+                });
+
+                // Saved viewed items to cookie
+                $.cookie('ynhSecurityViewedItems', viewedItems, {
+                    expire: 7
+                });
+            })
+            .fail(function() {
+                c.flash('fail', y18n.t('error_retrieve_feed', [securityFeed]))
+            });
+
             c.view('home');
         });
     });

js/vendor/jquery.cookie.js

@@ -0,0 +1,117 @@
+/*!
+ * jQuery Cookie Plugin v1.4.1
+ * https://github.com/carhartl/jquery-cookie
+ *
+ * Copyright 2006, 2014 Klaus Hartl
+ * Released under the MIT license
+ */
+(function (factory) {
+	if (typeof define === 'function' && define.amd) {
+		// AMD
+		define(['jquery'], factory);
+	} else if (typeof exports === 'object') {
+		// CommonJS
+		factory(require('jquery'));
+	} else {
+		// Browser globals
+		factory(jQuery);
+	}
+}(function ($) {
+
+	var pluses = /\+/g;
+
+	function encode(s) {
+		return config.raw ? s : encodeURIComponent(s);
+	}
+
+	function decode(s) {
+		return config.raw ? s : decodeURIComponent(s);
+	}
+
+	function stringifyCookieValue(value) {
+		return encode(config.json ? JSON.stringify(value) : String(value));
+	}
+
+	function parseCookieValue(s) {
+		if (s.indexOf('"') === 0) {
+			// This is a quoted cookie as according to RFC2068, unescape...
+			s = s.slice(1, -1).replace(/\\"/g, '"').replace(/\\\\/g, '\\');
+		}
+
+		try {
+			// Replace server-side written pluses with spaces.
+			// If we can't decode the cookie, ignore it, it's unusable.
+			// If we can't parse the cookie, ignore it, it's unusable.
+			s = decodeURIComponent(s.replace(pluses, ' '));
+			return config.json ? JSON.parse(s) : s;
+		} catch(e) {}
+	}
+
+	function read(s, converter) {
+		var value = config.raw ? s : parseCookieValue(s);
+		return $.isFunction(converter) ? converter(value) : value;
+	}
+
+	var config = $.cookie = function (key, value, options) {
+
+		// Write
+
+		if (arguments.length > 1 && !$.isFunction(value)) {
+			options = $.extend({}, config.defaults, options);
+
+			if (typeof options.expires === 'number') {
+				var days = options.expires, t = options.expires = new Date();
+				t.setTime(+t + days * 864e+5);
+			}
+
+			return (document.cookie = [
+				encode(key), '=', stringifyCookieValue(value),
+				options.expires ? '; expires=' + options.expires.toUTCString() : '', // use expires attribute, max-age is not supported by IE
+				options.path    ? '; path=' + options.path : '',
+				options.domain  ? '; domain=' + options.domain : '',
+				options.secure  ? '; secure' : ''
+			].join(''));
+		}
+
+		// Read
+
+		var result = key ? undefined : {};
+
+		// To prevent the for loop in the first place assign an empty array
+		// in case there are no cookies at all. Also prevents odd result when
+		// calling $.cookie().
+		var cookies = document.cookie ? document.cookie.split('; ') : [];
+
+		for (var i = 0, l = cookies.length; i < l; i++) {
+			var parts = cookies[i].split('=');
+			var name = decode(parts.shift());
+			var cookie = parts.join('=');
+
+			if (key && key === name) {
+				// If second argument (value) is a function it's a converter...
+				result = read(cookie, value);
+				break;
+			}
+
+			// Prevent storing a cookie that we couldn't decode.
+			if (!key && (cookie = read(cookie)) !== undefined) {
+				result[name] = cookie;
+			}
+		}
+
+		return result;
+	};
+
+	config.defaults = {};
+
+	$.removeCookie = function (key, options) {
+		if ($.cookie(key) === undefined) {
+			return false;
+		}
+
+		// Must not alter options, thus extending a fresh object...
+		$.cookie(key, '', $.extend({}, options, { expires: -1 }));
+		return !$.cookie(key);
+	};
+
+}));

locales/en.json

@@ -36,6 +36,7 @@
     "close" : "Close",
     "both" : "Both",
     "home" : "Home",
+    "read_more" : "Read more",
 
     "installing" : "Installing",
     "installed" : "Installed",
@@ -57,6 +58,7 @@
     "unknown_action" : "Unknown action %s",
     "unknown_argument" : "Unknown argument : %s",
     "api_not_responding" : "API is not responding (Error : %s)",
+    "error_retrieve_feed" : "Could not retrieve feed : %s",
 
     "confirm_delete" : "Are you sure you want to delete %s ?",
     "confirm_change_maindomain" : "Are you sure you want to change the main domain ?",

locales/fr.json

@@ -35,6 +35,8 @@
     "open" : "Ouvrir",
     "close" : "Fermer",
     "both" : "Les deux",
+    "home" : "Accueil",
+    "read_more" : "En savoir plus",
 
     "installing" : "Installation",
     "installed" : "Installé",
@@ -56,6 +58,7 @@
     "unknown_action" : "Action %s inconnue",
     "unknown_argument" : "Argument inconnu : %s",
     "api_not_responding" : "l'API ne répond pas (Erreur : %s)",
+    "error_retrieve_feed" : "Impossible de récuperer le flux : %s",
 
     "confirm_delete" : "Êtes-vous sur de vouloir supprimer %s ?",
     "confirm_change_maindomain" : "Êtes-vous sur de vouloir changer le domaine principal ?",