summaryrefslogtreecommitdiff
path: root/help
diff options
context:
space:
mode:
authorjessib <jessib@riseup.net>2012-10-18 13:42:37 -0700
committerjessib <jessib@riseup.net>2012-10-18 13:42:37 -0700
commit8b9d5235faed6c15e8ef2e2dc76aec7f24d0bb50 (patch)
treede26dada544adf1158548ef437892759504323d0 /help
parente927ad44c1f3e7e31cd393ce92a78267e4761660 (diff)
Uses the working authentication code.
Diffstat (limited to 'help')
-rw-r--r--help/app/controllers/tickets_controller.rb21
-rw-r--r--help/app/models/ticket.rb2
-rw-r--r--help/app/models/ticket_comment.rb2
-rw-r--r--help/app/views/tickets/index.html.haml3
-rw-r--r--help/app/views/tickets/new.html.haml2
-rw-r--r--help/test/functional/tickets_controller_test.rb28
6 files changed, 44 insertions, 14 deletions
diff --git a/help/app/controllers/tickets_controller.rb b/help/app/controllers/tickets_controller.rb
index be9a2b5..4c7415b 100644
--- a/help/app/controllers/tickets_controller.rb
+++ b/help/app/controllers/tickets_controller.rb
@@ -10,9 +10,13 @@ class TicketsController < ApplicationController
def create
@ticket = Ticket.new(params[:ticket])
- @ticket.created_by = User.current_test.id if User.current_test
- @ticket.email = User.current_test.email if User.current_test.email
- #instead of calling add_comment, we are using comment_attributes= from the Ticket model
+ if current_user
+ @ticket.created_by = current_user.id
+ @ticket.email = current_user.email if current_user.email
+ @ticket.comments.last.posted_by = current_user.id
+ else
+ @ticket.comments.last.posted_by = nil #hacky, but protecting this attribute doesn't work right, so this should make sure it isn't set.
+ end
flash[:notice] = 'Ticket was successfully created.' if @ticket.save
respond_with(@ticket)
@@ -37,8 +41,8 @@ class TicketsController < ApplicationController
@ticket = Ticket.find(params[:id])
@ticket.attributes = params[:ticket]
- #add_comment #or should we use ticket attributes?
- # @ticket.save
+ @ticket.comments.last.posted_by = (current_user ? current_user.id : nil) #protecting posted_by isn't working, so this should protect it.
+
if @ticket.save
flash[:notice] = 'Ticket was successfully updated.'
respond_with @ticket
@@ -52,17 +56,18 @@ class TicketsController < ApplicationController
def index
# @tickets = Ticket.by_title #not actually what we will want
- respond_with(@tickets = Ticket.all)
+ respond_with(@tickets = Ticket.all) #we'll want only tickets that this user can access
end
private
# not using now, as we are using comment_attributes= from the Ticket model
+=begin
def add_comment
comment = TicketComment.new(params[:comment])
- comment.posted_by = User.current_test.id if User.current_test #could be nil
+ comment.posted_by = User.current.id if User.current #could be nil
comment.posted_at = Time.now # TODO: it seems strange to have this here, and not in model
@ticket.comments << comment
end
-
+=end
end
diff --git a/help/app/models/ticket.rb b/help/app/models/ticket.rb
index 76fa5c8..f38fed2 100644
--- a/help/app/models/ticket.rb
+++ b/help/app/models/ticket.rb
@@ -79,7 +79,7 @@ class Ticket < CouchRest::Model::Base
def comments_attributes=(attributes)
comment = TicketComment.new(attributes.values.first) #TicketComment.new(attributes)
- comment.posted_by = User.current_test.id if User.current_test #should we not access User.current here?
+ #comment.posted_by = User.current.id if User.current #we want to avoid User.current, and current_user won't work here. instead will set in tickets_controller
comment.posted_at = Time.now
comments << comment
diff --git a/help/app/models/ticket_comment.rb b/help/app/models/ticket_comment.rb
index a8639a1..49e5c6c 100644
--- a/help/app/models/ticket_comment.rb
+++ b/help/app/models/ticket_comment.rb
@@ -2,7 +2,7 @@ class TicketComment
include CouchRest::Model::Embeddable
#belongs_to :ticket #is this best way to do it? will want to access all of a tickets comments, so maybe this isn't the way?
- property :posted_by, String#, :protected => true #Integer#this should be current_user if that is set, meaning the user is logged in #cannot have it be protected and set via comments_attributes=
+ property :posted_by, String#, :protected => true #Integer#this should be current_user if that is set, meaning the user is logged in #cannot have it be protected and set via comments_attributes=. also, if it is protected and we set in the tickets_controller, it gets unset. TODO---is this okay to have it not protected and manually check it? We do not users to be able to set this.
# if the current user is not set, then we could just say the comment comes from an 'unauthenticated user', which would be somebody with the secret URL
property :posted_at, Time#, :protected => true
#property :posted_verified, TrueClass, :protected => true #should be true if current_user is set when the comment is created
diff --git a/help/app/views/tickets/index.html.haml b/help/app/views/tickets/index.html.haml
index f328ca2..6db2140 100644
--- a/help/app/views/tickets/index.html.haml
+++ b/help/app/views/tickets/index.html.haml
@@ -1,6 +1,9 @@
+%h2 tickets index (just as space)
Create a
= link_to "new ticket", new_ticket_path
+= # below shouldn't be unless logged in
%h2 Tickets
+= # want to have selection option to see tickets, that are open, closed or all
- @tickets.each do |ticket|
%p
= link_to ticket.title, ticket
diff --git a/help/app/views/tickets/new.html.haml b/help/app/views/tickets/new.html.haml
index 8c660c9..537b97f 100644
--- a/help/app/views/tickets/new.html.haml
+++ b/help/app/views/tickets/new.html.haml
@@ -3,7 +3,7 @@
= #@ticket.errors.messages
= f.input :title
= #f.input :email #if there is no current_user
- = f.input :email if !User.current_test #hmm--might authenticated users want to submit an alternate email?
+ = f.input :email if !current_user #hmm--might authenticated users want to submit an alternate email?
= f.simple_fields_for :comments do |c|
= c.input :body, :label => 'Comment', :as => :text
diff --git a/help/test/functional/tickets_controller_test.rb b/help/test/functional/tickets_controller_test.rb
index 7af4c22..7a03a86 100644
--- a/help/test/functional/tickets_controller_test.rb
+++ b/help/test/functional/tickets_controller_test.rb
@@ -15,7 +15,7 @@ class TicketsControllerTest < ActionController::TestCase
end
- test "should create authenticated ticket" do
+ test "should create unauthenticated ticket" do
params = {:title => "ticket test title", :comments_attributes => {"0" => {"body" =>"body of test ticket"}}}
assert_difference('Ticket.count') do
@@ -23,8 +23,30 @@ class TicketsControllerTest < ActionController::TestCase
end
assert_response :redirect
- assert_equal assigns(:ticket).email, User.current_test.email
- assert_equal User.find(assigns(:ticket).created_by).login, User.current_test.login
+ #assert_equal assigns(:ticket).email, User.current.email
+ #assert_equal User.find(assigns(:ticket).created_by).login, User.current.login
+ assert_nil assigns(:ticket).created_by
+
+ assert_equal assigns(:ticket).comments.count, 1
+ end
+
+
+ test "should create authenticated ticket" do
+
+ params = {:title => "ticket test title", :comments_attributes => {"0" => {"body" =>"body of test ticket"}}}
+
+ #todo: should redo this and actually authorize
+ user = User.last
+ session[:user_id] = user.id
+
+ assert_difference('Ticket.count') do
+ post :create, :ticket => params
+ end
+
+ assert_response :redirect
+ assert_equal assigns(:ticket).created_by, user.id
+ assert_equal assigns(:ticket).email, user.email
+
assert_equal assigns(:ticket).comments.count, 1
end