diff options
Diffstat (limited to 'doc')
| -rw-r--r-- | doc/ADMIN.md | 21 | ||||
| -rw-r--r-- | doc/CHANGES.md | 39 | ||||
| -rw-r--r-- | doc/INSTALL-exim4.md | 11 | ||||
| -rw-r--r-- | doc/INSTALL.md | 108 | ||||
| -rw-r--r-- | doc/THEMES-UPGRADE.md | 101 | ||||
| -rw-r--r-- | doc/THEMES.md | 28 |
6 files changed, 239 insertions, 69 deletions
diff --git a/doc/ADMIN.md b/doc/ADMIN.md new file mode 100644 index 000000000..07fe9398d --- /dev/null +++ b/doc/ADMIN.md @@ -0,0 +1,21 @@ +Doing development work on the administration interface +====================================================== + +The Alaveteli admin interface uses Twitter's Bootstrap project to prettify it. + +If you want to work on the CSS, you'll want to use +[bootstrap-sass](https://github.com/thomas-mcdonald/bootstrap-sass). Do something like: + + + $ gem install bootstrap-sass + $ gem install compass + $ compass compile --config .compass/config.rb + +The javascript is included in a funky way +[for reasons explained in this commit](https://github.com/sebbacon/adminbootstraptheme/commit/45a73d53fc9e8f0b728933ff58764bd8d0612dab). +To change it, edit the coffeescript at +`lib/view/general/admin.coffee`, and then do something like: + + $ coffee -o /tmp/ -c app/views/admin_general/admin.coffee + $ mv /tmp/admin.js app/views/admin_general/admin_js.erb + diff --git a/doc/CHANGES.md b/doc/CHANGES.md index 59c2d3f37..e53dcfe0b 100644 --- a/doc/CHANGES.md +++ b/doc/CHANGES.md @@ -1,3 +1,42 @@ +# Version 0.11 +## Highlighted features +* Upgrade of the Rails framework to version 3.1.12 (Henare Degan, Matthew Landauer, Mark Longair, Louise Crow) + +## Upgrade notes +* Manually remove vendor/rails-locales +* Themes created for 0.9 and below should be updated to work with Rails 3. See `THEMES-UPGRADE.md` for notes on upgrading your theme. You will need to manually remove your old theme directory before running `rails-post-deploy`. +* The `config/httpd.conf` has moved to `config/httpd.conf`, as it may need customization before deploying. It also has a new line setting RackEnv to production - copy this to your config/httpd.conf file. +* Alaveteli now uses the [mail gem](https://github.com/mikel/mail) rather than [tmail](https://github.com/mikel/tmail) to handle mail. If you're using Exim as your MTA, you'll need to use the setting `extract_addresses_remove_arguments = false` in your Exim conf (see INSTALL-exim4.md for details). This means it won't remove addresses specified with -t on command line from the mail recipient list. + +# Version 0.9 +## Highlighted features +* Consistent and more informative variable interpolation syntax in translated phrases. All of these phrases will now appear in the form "There are {{count}} people following this request", where some were previously in the form "There are %s people following this request". (Matthew Landauer) +* Replaces deprecated calls to with_locale on ActiveRecord classes in preparation for upgrade to Globalize3 (Matthew Landauer) +* Fixes a database deadlock bug caused by near-simultaneous incoming emails for the same info request (Mark Longair) + +## Upgrade notes +* Check out this version and run `rails-post-deploy` as usual. + + +# Version 0.8 +## Highlighted features +* Support for running the site over SSL/TLS only and corresponding removal of support for a proxied admin interface, including the deprecation of the main_url and admin_url helpers. +* Merging of the adminbootstrap theme into core Alaveteli, replacing the existing admin theme. (Matthew Landauer) +* Move to HTML 5 (Matthew Landauer) +* More consistent UI for links in the admin interface +* [Security] Upgrades the Rails version to 2.3.17 to get fixes for CVE-2013-0277, CVE-2013-0276 (Although core Alaveteli does not use serialize or attr_protected), upgrade JSON gem to get fix for CVE-2013-0269. +* A bugfix for Chrome's autofilling of signup fields (Vaughan Rouesnel) +* Improvements to the accessibility of the search boxes (Nathan Jenkins) +* Only one email sent when asking for admin attention to a request [issue #789](https://github.com/mysociety/alaveteli/pull/864) (Matthew Landauer) +* A number of XSS escaping fixes for Version 0.7 (Matthew Landauer) +* The emergency admin account can now be disabled + +## Upgrade notes +* Check out this version and run `rails-post-deploy` as usual. +* Remove adminbootstrap from the THEME_URLS or THEME_URL config variable, and remove vendor/plugins/adminbootstraptheme, and the softlink public/adminbootstraptheme. +* There is a new config variable FORCE_SSL, which defaults to true, meaning that Alaveteli will redirect all "http" requests to "https", set the Strict-Transport-Security header and flag all cookies as "secure". For more information about running your install over SSL/TLS, see the [install guide](https://github.com/mysociety/alaveteli/blob/develop/doc/INSTALL.md#set-up-production-web-server). If you don't want to run over SSL/TLS, add the config variable FORCE_SSL to your config/general.yml and set it to false. +* If you would like to disable the emergency user account, set DISABLE_EMERGENCY_USER to true in you config/general.yml + # Version 0.7 ## Highlighted features * [Security] Upgrades the Rails version from 2.3.15 to 2.3.16 to get fix for a critical security flaw in Rails (CVE-2013-0333). diff --git a/doc/INSTALL-exim4.md b/doc/INSTALL-exim4.md index e37da14ff..cdc33ab12 100644 --- a/doc/INSTALL-exim4.md +++ b/doc/INSTALL-exim4.md @@ -6,15 +6,16 @@ In `/etc/exim4/conf.d/main/04_alaveteli_options`: ALAVETELI_HOME=/path/to/alaveteli/software ALAVETELI_USER=www-data log_file_path=/var/log/exim4/exim-%slog-%D - MAIN_LOG_SELECTOR==+all -retry_defer + MAIN_LOG_SELECTOR==+all -retry_defer + extract_addresses_remove_arguments=false (The user ALAVETELI_USER should have write permissions on ALAVETELI_HOME). -Note that the name and location of the log files created by Exim must match +Note that the name and location of the log files created by Exim must match what the `load-mail-server-logs` script expects, hence the need for the extra `log_file_path` setting. And the `check-recent-requests-sent` scripts expects -the logs to contain the `from=<...>` envelope information, so we make the -logs more verbose with `log_selector`. +the logs to contain the `from=<...>` envelope information, so we make the +logs more verbose with `log_selector`. In `/etc/exim4/conf.d/router/04_alaveteli`: @@ -33,7 +34,7 @@ In `/etc/exim4/conf.d/transport/04_alaveteli`: home_directory = ALAVETELI_HOME user = ALAVETELI_USER group = ALAVETELI_USER - + And, assuming you set `INCOMING_EMAIL_PREFIX` in your config at `config/general` to "foi+", create `config/aliases` with the following content: diff --git a/doc/INSTALL.md b/doc/INSTALL.md index 3a911cbc8..b356208a4 100644 --- a/doc/INSTALL.md +++ b/doc/INSTALL.md @@ -14,7 +14,7 @@ with all these steps configured. It is *not* production-ready. To start with, you may need to install git, e.g. with `sudo apt-get install git-core` -Next, get hold of the Alaveteli source code from github: +Next, get hold of the Alaveteli source code from github: git clone https://github.com/mysociety/alaveteli.git cd alaveteli @@ -27,7 +27,7 @@ master branch (which always contains the latest stable release): # Package pinning -You need to configure [apt-pinning](http://wiki.debian.org/AptPreferences#Pinning-1) preferences in order to prevent packages being pulled from the debian testing distribution in preference to the stable distribution once you have added the testing repository as described below. +You need to configure [apt-pinning](http://wiki.debian.org/AptPreferences#Pinning-1) preferences in order to prevent packages being pulled from the debian testing distribution in preference to the stable distribution once you have added the testing repository as described below. In order to configure apt-pinning and to keep most packages coming from the Debian stable repository while installing the ones required from testing and the mySociety repository you need to run the following commands: @@ -36,7 +36,7 @@ In order to configure apt-pinning and to keep most packages coming from the Debi echo "Pin-Priority: 50" >> /tmp/preferences sudo cp /tmp/preferences /etc/apt/ rm /tmp/preferences - + # Install system dependencies These are packages that the software depends on: third-party software @@ -67,21 +67,13 @@ Some of the files also have a version number listed in config/packages # Install Ruby dependencies -Install rubygems 1.6.2 (we're not using the Debian package because we -need an older version; see "Troubleshooting" below for an -explanation): - - wget http://rubyforge.org/frs/download.php/74445/rubygems-1.6.2.tgz -O /tmp/rubygems-1.6.2.tgz - tar zxvf /tmp/rubygems-1.6.2.tgz -C /tmp/ - sudo ruby1.8 /tmp/rubygems-1.6.2/setup.rb - -To install Alaveteli's Ruby dependencies, we also need to install +To install Alaveteli's Ruby dependencies, we need to install bundler. In Debian, this is provided as a package (installed as part of the package install process above). You could also install it as a gem: sudo gem1.8 install bundler - + # Install mySociety libraries You will also want to install mySociety's common ruby libraries and the Rails @@ -118,7 +110,7 @@ use the Debian package compiled by mySociety (see link in [issue 305](https://github.com/mysociety/alaveteli/issues/305)) -# Configure Database +# Configure Database There has been a little work done in trying to make the code work with other databases (e.g. SQLite), but the currently supported database is @@ -138,13 +130,14 @@ username and password of your postgres database. Make sure that the user specified in database.yml exists, and has full permissions on these databases. As they need the ability to turn off constraints whilst running the tests they also need to be a superuser. -(See http://dev.rubyonrails.org/ticket/9981) - +If you don't want your database user to be a superuser, you can add a line +`disable_constraints: false` to the test config in database.yml, as seen in database.yml-example + You can create a `foi` user from the command line, thus: # su - postgres $ createuser -s -P foi - + And you can create a database thus: $ createdb -T template0 -E SQL_ASCII -O foi foi_production @@ -157,15 +150,15 @@ data that may not be valid UTF (for example, data originating from various broken email clients that's not 8-bit clean), it's safer to be able to store *anything*, than reject data at runtime. -# Configure email +# Configure email You will need to set up an email server (MTA) to send and receive emails. Full configuration for an MTA is beyond the scope of this document, though we describe an example configuration for Exim in `INSTALL-exim4.md`. -Note that in development mode, mail is handled by default by mailcatcher -so that you can see the mails in a browser - see http://mailcatcher.me/ +Note that in development mode, mail is handled by default by mailcatcher +so that you can see the mails in a browser - see http://mailcatcher.me/ for more details. ## Minimal @@ -230,7 +223,7 @@ for instructions on switching on local and remote performance analysis. In the 'alaveteli' directory, run: - ./script/rails-post-deploy + script/rails-post-deploy (This will need execute privs so `chmod 755` if necessary.) This sets up directory structures, creates logs, installs/updates themes, runs @@ -245,11 +238,11 @@ If you want some dummy data to play with, you can try loading the fixtures that the test suite uses into your development database. You can do this with: - ./script/load-sample-data + script/load-sample-data Next we need to create the index for the search engine (Xapian): - ./script/rebuild-xapian-index + script/rebuild-xapian-index If this fails, the site should still mostly run, but it's a core component so you should really try to get this working. @@ -281,7 +274,7 @@ tests to pass by setting `export LD_PRELOAD=/lib/libuuid.so.1`. Run the following to get the server running: - ./script/server --environment=development + script/server --environment=development By default the server listens on all interfaces. You can restrict it to the localhost interface by adding ` --binding=127.0.0.1` @@ -301,7 +294,7 @@ There is an emergency user account which can be accessed via `/admin?emergency=1`, using the credentials `ADMIN_USERNAME` and `ADMIN_PASSWORD`, which are set in `general.yml`. To bootstrap the first `super` level accounts, you will need to log in as the emergency -user. +user. You can disable the emergency user account by setting `DISABLE_EMERGENCY_USER` to `true` in `general.yml`. Users with the superuser role also have extra privileges in the website frontend, such as being able to categorise any request, being @@ -314,9 +307,9 @@ by setting `SKIP_ADMIN_AUTH` to `true` in `general.yml`. # Cron jobs and init scripts -`config/crontab.ugly` contains the cronjobs run on WhatDoTheyKnow. +`config/crontab-example` contains the cronjobs run on WhatDoTheyKnow. It's in a strange templating format they use in mySociety. mySociety -render the "ugly" file to reference absolute paths, and then drop it +render the example file to reference absolute paths, and then drop it in `/etc/cron.d/` on the server. The `ugly` format uses simple variable substitution. A variable looks @@ -328,7 +321,7 @@ like `!!(*= $this *)!!`. The variables are: port with a path to the directory where your Alaveteli software installation lives, e.g. `/var/www/` * `vhost_dir`: the entire path to the directory where the software is - served from. -- you should replace this with a path to the + served from. -- you should replace this with a path to the directory where your Alaveteli software installation lives, e.g. `/var/www/` * `vcspath`: the name of the alaveteli checkout, e.g. `alaveteli`. @@ -367,8 +360,8 @@ It is not recommended to run the website using the default Rails web server. There are various recommendations here: http://rubyonrails.org/deploy -We usually use Passenger / mod_rails. The file at `conf/httpd.conf` -contains the WhatDoTheyKnow settings. At a minimum, you should +We usually use Passenger / mod_rails. The file at `conf/httpd.conf-example` +gives you an example config file for WhatDoTheyKnow. At a minimum, you should include the following in an Apache configuration file: PassengerResolveSymlinksInDocumentRoot on @@ -378,6 +371,34 @@ Under all but light loads, it is strongly recommended to run the server behind an http accelerator like Varnish. A sample varnish VCL is supplied in `../conf/varnish-alaveteli.vcl`. +It's strongly recommended that you run the site over SSL. (Set FORCE_SSL to true in +config/general.yml). For this you will need an SSL certificate for your domain and you will +need to configure an SSL terminator to sit in front of Varnish. If you're already using Apache +as a web server you could simply use Apache as the SSL terminator. A minimal configuration +would look something like this: + +<VirtualHost *:443> + ServerName www.yourdomain + + ProxyRequests Off + ProxyPreserveHost On + ProxyPass / http://localhost:80/ + ProxyPassReverse / http://localhost:80/ + RequestHeader set X-Forwarded-Proto 'https' + + SSLEngine on + SSLProtocol all -SSLv2 + SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM + + SSLCertificateFile /etc/apache2/ssl/ssl.crt + SSLCertificateKeyFile /etc/apache2/ssl/ssl.key + SSLCertificateChainFile /etc/apache2/ssl/sub.class2.server.ca.pem + SSLCACertificateFile /etc/apache2/ssl/ca.pem + SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown +</VirtualHost> + +Notice the line "RequestHeader" that sets the X-Forwarded-Proto header. This is important. This ultimately tells Rails that it's serving a page over https and so it knows to include that in any absolute urls it serves. + Some [production server best practice notes](https://github.com/mysociety/alaveteli/wiki/Production-Server-Best-Practices) are evolving on the wiki. @@ -413,14 +434,14 @@ various other things that can be automated for deployment. # Troubleshooting * **Incoming emails aren't appearing in my Alaveteli install** - + First, you need to check that your MTA is delivering relevant incoming emails to the `script/mailin` command. There are various ways of setting your MTA up to do this; we have documented one way of doing it in Exim at `doc/INSTALL-exim4.conf`, including a command you can use to check that the email routing is set up correctly. - + Second, you need to test that the mailin script itself is working correctly, by running it from the command line, First, find a valid "To" address for a request in your system. You can do this @@ -431,7 +452,7 @@ various other things that can be automated for deployment. Loading development environment (Rails 2.3.14) >> InfoRequest.find_by_url_title("why_do_you_have_such_a_fancy_dog").incoming_email => "request-101-50929748@localhost" - + Now take the source of a valid email (there are some sample emails in `spec/fixtures/files/`); edit the `To:` header to match this address; and then pipe it through the mailin script. A non-zero exit code @@ -447,7 +468,7 @@ various other things that can be automated for deployment. `CONTACT_EMAIL` (from your `general.yml` file). A common problem is for the user that the MTA runs as not to have write access to `files/raw_emails/`. - + * **Various tests fail with "*Your PostgreSQL connection does not support unescape_bytea. Try upgrading to pg 0.9.0 or later.*"** @@ -470,29 +491,16 @@ various other things that can be automated for deployment. Normally, the encoding should just work, but under some circumstances it appears that `elinks` ignores the parameters passed to it from Alaveteli. - + To force `elinks` always to treat input as UTF8, add the following to `/etc/elinks/elinks.conf`: - + set document.codepage.assume = "utf-8" set document.codepage.force_assumed = 1 - You should also check that your locale is set up correctly. See + You should also check that your locale is set up correctly. See [https://github.com/mysociety/alaveteli/issues/128#issuecomment-1814845](this issue followup) for further discussion. - -* **I'm getting lots of `SourceIndex.new(hash) is deprecated` errors when running the tests** - - The latest versions of rubygems contain a large number of noisy - deprecation warnings that you can't turn off individually. Rails - 2.x isn't under active development so isn't going to get fixed (in - the sense of using a non-deprecated API). So the only vaguely - sensible way to avoid this noisy output is to downgrade rubygems. - - For example, you might do this by uninstalling your - system-packaged rubygems, and then installing the latest rubygems - from source, and finally executing `sudo gem update --system - 1.6.2`. * **I'm seeing `rake: command not found` when running the post install script diff --git a/doc/THEMES-UPGRADE.md b/doc/THEMES-UPGRADE.md new file mode 100644 index 000000000..457274d7a --- /dev/null +++ b/doc/THEMES-UPGRADE.md @@ -0,0 +1,101 @@ +This file contains some notes on changing your Alaveteli theme for the +upgrade to Rails 3, in version 0.11 of Alaveteli. These were written +by Henare Degan, with some additions by Mark Longair. + +# Alaveteli Theme Upgrade Checks + +## RAILS_ROOT/RAILS_ENV + +[Example](https://github.com/henare/adminbootstraptheme/commit/857e33c9b0bc577024b476404aec4f9749f65a0b) + +Check your theme for instances of: + +* `RAILS_ROOT` and replace it with `Rails.root` +* `RAILS_ENV` and replace it with `Rails.env` + +Note that `Rails.root` is a `Pathname`, so you can replace, for +example: + + File.join(RAILS_ROOT, 'public', 'alavetelitheme') + +... with: + + Rails.root.join('public', 'alavetelitheme') + +## Dispatcher + +[Example](https://github.com/henare/adminbootstraptheme/commit/fba2d6b7dfdc26a25fdc1596bfe120270dd4cd0d) + +This... + +```ruby +require 'dispatcher' +Dispatcher.to_prepare do +``` + +should be replaced with this... + +```ruby +Rails.configuration.to_prepare do +```` + +## Routes + +[Example](https://github.com/henare/adminbootstraptheme/commit/87f1991dafb09401f9b17f642a94382d5a47a713) + +You need to upgrade your custom routes to the new Rails syntax. + +## list_public_bodies_default removed + +[Example](https://github.com/openaustralia/alavetelitheme/commit/5927877af996a1afb1a23a950f0d012b52c36f83) + +The list_public_bodies_default helper has been removed from Alaveteli + +## Patching mailer templates has changed + +[Example](https://github.com/openaustralia/alavetelitheme/commit/ffb5242973a0b2acc4981c25659fcb752b92eb97) + +In `lib/patch_mailer_paths.rb` change `ActionMailer::Base.view_paths.unshift File.join(File.dirname(__FILE__), "views")` to `ActionMailer::Base.prepend_view_path File.join(File.dirname(__FILE__), "views")` + +There's also `ActionMailer::Base.append_view_path` for replacing `ActionMailer::Base.view_paths <<`. + +## Rename view templates + +[Example](https://github.com/henare/adminbootstraptheme/commit/b616b636c283ae6cf696a6af1fa481f371baf2b6) + +Rename view templates from `filename.rhtml` to `filename.html.erb`. + +Run this in the root of your theme directory: + + for r in $(find lib/views -name '*.rhtml'); do echo git mv $r ${r%.rhtml}.html.erb; done + +[GOTCHA!](https://github.com/openaustralia/alavetelitheme/commit/65e775488822367d981bb15ab2cbcf1fce842cc2) +One exception is mailer templates, these should be renamed to +`filename.text.erb` as we only use text emails. + +## The Configuration class has been renamed + +[Example](https://github.com/openaustralia/alavetelitheme/commit/db6cca4650216c6f85acffaea380727344f0f740) + +Due to a naming conflict, `Configuration` has been renamed to `AlaveteliConfiguration`. + +You may have this in your theme for things like `Configuration::site_name`, just change it to `AlaveteliConfiguration::site_name` + +## request.request_uri is deprecated + +[Example](https://github.com/openaustralia/alavetelitheme/commit/d670eeebfb049e1dc83fdb36a628f7722d2ad419) + +Replace instances of `request.request_uri` with `request.fullpath` + +## content-inserting <% %> block helpers are deprecated + +[Example](https://github.com/openaustralia/alavetelitheme/commit/a4b13bbd76249b3a28e2a755cede20dd9db30140) + +The Rails 3 releases notes are [irritatingly +imprecise](http://edgeguides.rubyonrails.org/3_0_release_notes.html#helpers-with-blocks) +about which such helpers have changed. You can find some candidates +with this `git grep` command: + + git grep -E '<%[^=].*(_for|_tag|link_to)\b' + +(Ignore `content_for` in those results.) diff --git a/doc/THEMES.md b/doc/THEMES.md index c5e4a3eee..bae7d7665 100644 --- a/doc/THEMES.md +++ b/doc/THEMES.md @@ -36,15 +36,15 @@ places: This document is about what you can do in a theme. -By default, the sample theme ("alavetelitheme") has already been -installed. See the setting `THEME_URLS` in `general.yml` for an +By default, the sample theme ("alavetelitheme") has already been +installed. See the setting `THEME_URLS` in `general.yml` for an explanation. You can also install the sample theme by hand, by running: - ./script/plugin install git://github.com/mysociety/alavetelitheme.git - -The sample theme contains examples for nearly everything you might + bundle exec rails plugin install git://github.com/mysociety/alavetelitheme.git + +The sample theme contains examples for nearly everything you might want to customise. You should probably make a copy, rename it, and use that as the basis for your own theme. @@ -61,13 +61,13 @@ changing much in the core theme. The ideal would be if you are able to rebrand the site by only changing the CSS. You will also need to add custom help pages, as described below. -# Branding the site +# Branding the site The core templates that comprise the layout and user interface of an Alaveteli site live in `app/views/`. They are use Rails' ERB syntax. For example, the template for the home page lives at -`app/views/general/frontpage.rhtml`, and the template for the "about -us" page is at `app/views/help/about.rhtml`. +`app/views/general/frontpage.html.erb`, and the template for the "about +us" page is at `app/views/help/about.html.erb`. Obviously, you *could* edit those core files directly, but this would be a Bad Idea, because you would find it increasingly hard to do @@ -90,7 +90,7 @@ the main Rails app -- see `alavetelitheme/install.rb` to see how this happens. The partial at -`alavetelitheme/lib/views/general/_before_head_end.rhtml` includes the +`alavetelitheme/lib/views/general/_before_head_end.html.erb` includes the custom CSS in your theme's stylesheet folder (by convention, in `alavetelitheme/public/stylesheets/`), with: @@ -137,20 +137,20 @@ The latter must have one method: When you've added your extra states, you also need to create the following files in your theme: -* `lib/views/general/_custom_state_descriptions.rhtml`: Descriptions +* `lib/views/general/_custom_state_descriptions.html.erb`: Descriptions of your new states, suitable for displaying to end users -* `lib/views/general/_custom_state_transitions_complete.rhtml`: +* `lib/views/general/_custom_state_transitions_complete.html.erb`: Descriptions for any new states that you might characterise as 'completion' states, for displaying on the categorisation form that we ask requestors to fill out -* `lib/views/general/_custom_state_transitions_pending.rhtml`: As +* `lib/views/general/_custom_state_transitions_pending.html.erb`: As above, but for new states you might characterise as 'pending' states. You can see examples of these customisations in [this commit](https://github.com/sebbacon/informatazyrtare-theme/commit/2b240491237bd72415990399904361ce9bfa431d) for the Kosovan version of Alaveteli, Informata Zyrtare (ignore the -file `lib/views/general/_custom_state_transitions.rhtml`, which is +file `lib/views/general/_custom_state_transitions.html.erb`, which is unused). # Adding new pages in the navigation @@ -158,7 +158,7 @@ unused). `alavetelitheme/lib/config/custom-routes.rb` allows you to extend the base routes in Alaveteli. The example in `alavetelitheme` adds an extra help page. You can also use this to override the behaviour of specific pages if -necessary. +necessary. # Adding or overriding models and controllers |