From a6de1561461cc719fddd8175c93588a47513a4b8 Mon Sep 17 00:00:00 2001 From: jessib Date: Fri, 5 Oct 2012 15:41:03 -0700 Subject: Rough code to add & comment on tickets. --- Gemfile | 2 +- app/views/home/index.html.haml | 8 +++++ help/app/controllers/tickets_controller.rb | 41 +++++++++++++++++++++++++ help/app/models/ticket.rb | 15 ++++++--- help/app/models/ticket_comment.rb | 12 +++++--- help/app/views/tickets/_comment.html.haml | 10 ++++++ help/app/views/tickets/_new_comment.html.haml | 2 ++ help/app/views/tickets/index.html.haml | 5 +++ help/app/views/tickets/new.html.haml | 14 +++++++++ help/app/views/tickets/show.html.haml | 10 ++++++ help/config/routes.rb | 3 ++ help/test/functional/tickets_controller_test.rb | 15 +++++++++ help/test/unit/ticket_comment_test.rb | 11 ++++--- help/test/unit/ticket_test.rb | 8 +++-- users/app/models/user.rb | 4 +++ 15 files changed, 143 insertions(+), 17 deletions(-) create mode 100644 help/app/controllers/tickets_controller.rb create mode 100644 help/app/views/tickets/_comment.html.haml create mode 100644 help/app/views/tickets/_new_comment.html.haml create mode 100644 help/app/views/tickets/index.html.haml create mode 100644 help/app/views/tickets/new.html.haml create mode 100644 help/app/views/tickets/show.html.haml create mode 100644 help/test/functional/tickets_controller_test.rb diff --git a/Gemfile b/Gemfile index 0bdea00..7666805 100644 --- a/Gemfile +++ b/Gemfile @@ -16,7 +16,7 @@ group :assets do gem 'coffee-rails', '~> 3.2.2' # See https://github.com/sstephenson/execjs#readme for more supported runtimes - # gem 'therubyracer', :platforms => :ruby + gem 'therubyracer', :platforms => :ruby gem 'uglifier', '>= 1.2.7' end diff --git a/app/views/home/index.html.haml b/app/views/home/index.html.haml index 11f18de..c27ba75 100644 --- a/app/views/home/index.html.haml +++ b/app/views/home/index.html.haml @@ -2,3 +2,11 @@ Try to fetch a = link_to "cert", cert_path + +%p +Try to create a += link_to "ticket", new_ticket_path + +%p +See all += link_to "tickets", tickets_path \ No newline at end of file diff --git a/help/app/controllers/tickets_controller.rb b/help/app/controllers/tickets_controller.rb new file mode 100644 index 0000000..9383d7e --- /dev/null +++ b/help/app/controllers/tickets_controller.rb @@ -0,0 +1,41 @@ +class TicketsController < ApplicationController + + def new + @ticket = Ticket.new + end + + def create + # @ticket = Ticket.new :posted_by => current_user + @ticket = Ticket.new :created_by => User.current_test.id + @ticket.attributes = params[:ticket] + + add_comment + redirect_to @ticket + end + + def show + @ticket = Ticket.find(params[:id]) + end + + def update + @ticket = Ticket.find(params[:id]) + add_comment + redirect_to @ticket + end + + def index + @tickets = Ticket.by_title #not actually what we will want + end + + private + + def add_comment + comment = TicketComment.new(params[:comment]) + #comment.posted_by = current_user #could be nil + comment.posted_by = User.current_test.id #could be nil + comment.posted_at = Time.now # TODO: it seems strange to have this here, and not in model. + @ticket.comments << comment + @ticket.save + end + +end diff --git a/help/app/models/ticket.rb b/help/app/models/ticket.rb index 784d7ef..355ae02 100644 --- a/help/app/models/ticket.rb +++ b/help/app/models/ticket.rb @@ -29,7 +29,8 @@ class Ticket < CouchRest::Model::Base timestamps! - before_validation :set_created_by, :set_code, :on => :create + #before_validation :set_created_by, :set_code, :set_email, :on => :create + before_validation :set_code, :set_email, :on => :create design do view :by_title @@ -38,9 +39,10 @@ class Ticket < CouchRest::Model::Base validates :email, :format => /\A([^@\s]+)@((?:[-a-z0-9]+\.)+[a-z]{2,})\Z/, :if => :email #email address is optional - def set_created_by - self.created_by = User.current if User.current - end + #TODO: + #def set_created_by + # self.created_by = User.current if User.current + #end def is_creator_validated? !!created_by @@ -51,6 +53,11 @@ class Ticket < CouchRest::Model::Base self.code = SecureRandom.hex(8) if !is_creator_validated? end + + def set_email + #self.email = current users email if is_creator_validated? + end + def close self.is_open = false save diff --git a/help/app/models/ticket_comment.rb b/help/app/models/ticket_comment.rb index 652133a..6b6b4db 100644 --- a/help/app/models/ticket_comment.rb +++ b/help/app/models/ticket_comment.rb @@ -2,13 +2,13 @@ class TicketComment include CouchRest::Model::Embeddable #belongs_to :ticket #is this best way to do it? will want to access all of a tickets comments, so maybe this isn't the way? - property :posted_by, Integer, :protected => true# maybe this should be current_user if that is set, meaning the user is logged in #String # user?? + property :posted_by, Integer#, :protected => true# maybe this should be current_user if that is set, meaning the user is logged in #String # user?? # if the current user is not set, then we could just say the comment comes from an 'unauthenticated user', which would be somebody with the secret URL - property :posted_at, Time, :protected => true + property :posted_at, Time#, :protected => true #property :posted_verified, TrueClass, :protected => true #should be true if current_user is set when the comment is created property :body, String - before_validation :set_time#, :set_posted_by + #before_validation :set_time#, :set_posted_by #design do # view :by_posted_at @@ -18,10 +18,14 @@ class TicketComment def is_comment_validated? !!posted_by end - + +=begin + #TODO. + #this is resetting all comments associated with the ticket: def set_time self.posted_at = Time.now end +=end =begin def set_posted_by diff --git a/help/app/views/tickets/_comment.html.haml b/help/app/views/tickets/_comment.html.haml new file mode 100644 index 0000000..77e29b8 --- /dev/null +++ b/help/app/views/tickets/_comment.html.haml @@ -0,0 +1,10 @@ +%div + - if User.find(comment.posted_by) + Posted by + = User.find(comment.posted_by).login + %p + Posted at + = comment.posted_at + %p + = comment.body + %p \ No newline at end of file diff --git a/help/app/views/tickets/_new_comment.html.haml b/help/app/views/tickets/_new_comment.html.haml new file mode 100644 index 0000000..bf88da6 --- /dev/null +++ b/help/app/views/tickets/_new_comment.html.haml @@ -0,0 +1,2 @@ += simple_fields_for :comment do |c| + = c.input :body, :label => 'Comment', :as => :text diff --git a/help/app/views/tickets/index.html.haml b/help/app/views/tickets/index.html.haml new file mode 100644 index 0000000..55bfa79 --- /dev/null +++ b/help/app/views/tickets/index.html.haml @@ -0,0 +1,5 @@ +%h2 Tickets +- @tickets.each do |ticket| + %p + = link_to ticket.title, ticket += #render(:partial => "ticket", :collection => @tickets) \ No newline at end of file diff --git a/help/app/views/tickets/new.html.haml b/help/app/views/tickets/new.html.haml new file mode 100644 index 0000000..fd1bcd4 --- /dev/null +++ b/help/app/views/tickets/new.html.haml @@ -0,0 +1,14 @@ +%h2=t :new_ticket += simple_form_for @ticket do |f| + = f.input :title + = #f.input :email #if there is no current_user + = f.input :email if !User.current_test + = #simple_fields_for :comment do |c| + = #c.input :body, :label => 'Comment', :as => :text + = #f.input :comment + = render :partial => 'new_comment' + = # regarding_user if not logged in + = # email if not logged in + = #f.button :submit, :value => t(:submit), :class => 'btn-primary' + = f.button :submit + = link_to t(:cancel), root_url, :class => :btn diff --git a/help/app/views/tickets/show.html.haml b/help/app/views/tickets/show.html.haml new file mode 100644 index 0000000..a37f5c8 --- /dev/null +++ b/help/app/views/tickets/show.html.haml @@ -0,0 +1,10 @@ +%h2= @ticket.title +is open? += @ticket.is_open +code: += @ticket.code += render(:partial => "comment", :collection => @ticket.comments) + += simple_form_for @ticket do |f| + = render :partial => 'new_comment' + = f.button :submit \ No newline at end of file diff --git a/help/config/routes.rb b/help/config/routes.rb index 1daf9a4..5e57e02 100644 --- a/help/config/routes.rb +++ b/help/config/routes.rb @@ -1,2 +1,5 @@ Rails.application.routes.draw do + + resources :tickets, :only => [:new, :create, :index, :show, :update] + #resources :ticket, :only => [:show] end diff --git a/help/test/functional/tickets_controller_test.rb b/help/test/functional/tickets_controller_test.rb new file mode 100644 index 0000000..6d9ff09 --- /dev/null +++ b/help/test/functional/tickets_controller_test.rb @@ -0,0 +1,15 @@ +require 'test_helper' + +class TicketsControllerTest < ActionController::TestCase + # test "the truth" do + # assert true + # end + test "should get new" do + get :new + assert_equal Ticket, assigns(:ticket).class + assert_response :success + end + + + +end diff --git a/help/test/unit/ticket_comment_test.rb b/help/test/unit/ticket_comment_test.rb index 883720f..1fe1fe2 100644 --- a/help/test/unit/ticket_comment_test.rb +++ b/help/test/unit/ticket_comment_test.rb @@ -16,8 +16,8 @@ class TicketCommentTest < ActiveSupport::TestCase comment2 = TicketComment.new :body => "help my email is broken!" assert comment2.valid? - assert_not_nil comment2.posted_at - assert_nil comment2.posted_by #if not logged in + #assert_not_nil comment2.posted_at #? + #assert_nil comment2.posted_by #if not logged in #TODO #comment.ticket = testticket #Ticket.find_by_title("testing") #assert_equal testticket.title, comment.ticket.title @@ -49,9 +49,10 @@ class TicketCommentTest < ActiveSupport::TestCase testticket.comments << comment2 #this should validate comment2 testticket.valid? assert_equal testticket.comments.count, 2 - assert_not_nil comment.posted_at - assert_not_nil testticket.comments.last.posted_at - assert testticket.comments.first.posted_at < testticket.comments.last.posted_at + # where should posted_at be set? + #assert_not_nil comment.posted_at + #assert_not_nil testticket.comments.last.posted_at + #assert testticket.comments.first.posted_at < testticket.comments.last.posted_at end end diff --git a/help/test/unit/ticket_test.rb b/help/test/unit/ticket_test.rb index c3a4759..6b63a23 100644 --- a/help/test/unit/ticket_test.rb +++ b/help/test/unit/ticket_test.rb @@ -41,18 +41,20 @@ class TicketTest < ActiveSupport::TestCase assert @sample.is_creator_validated? end +=begin +# TODO: do once have current_user stuff in order test "code if & only if not creator-validated" do + User.current_test = nil t1 = Ticket.create :title => 'test title' assert_not_nil t1.code assert_nil t1.created_by - User.current = 4 + User.current_test = 4 t2 = Ticket.create :title => 'test title' assert_nil t2.code assert_not_nil t2.created_by - - end +=end end diff --git a/users/app/models/user.rb b/users/app/models/user.rb index a6aab84..33c77ce 100644 --- a/users/app/models/user.rb +++ b/users/app/models/user.rb @@ -59,4 +59,8 @@ class User < CouchRest::Model::Base Thread.current[:user] = user end + def self.current_test + User.first + end + end -- cgit v1.2.3 From c4220a167f883f31c408b55cd970761faeb53aa5 Mon Sep 17 00:00:00 2001 From: jessib Date: Mon, 8 Oct 2012 10:48:39 -0700 Subject: Adding emacs backups files to .gitignore. --- .gitignore | 1 + 1 file changed, 1 insertion(+) diff --git a/.gitignore b/.gitignore index eb3489a..3a8bd6d 100644 --- a/.gitignore +++ b/.gitignore @@ -13,3 +13,4 @@ # Ignore all logfiles and tempfiles. /log/*.log /tmp +*~ \ No newline at end of file -- cgit v1.2.3 From b077363d51de511d53c9b20ade1cb26707f3ecdf Mon Sep 17 00:00:00 2001 From: jessib Date: Mon, 8 Oct 2012 11:06:28 -0700 Subject: Want to include help engine for help_develop branch. --- Gemfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Gemfile b/Gemfile index 2aedae1..7666805 100644 --- a/Gemfile +++ b/Gemfile @@ -32,7 +32,7 @@ gem 'simple_form' gem 'leap_web_core', :path => 'core' gem 'leap_web_users', :path => 'users' gem 'leap_web_certs', :path => 'certs' -# gem 'leap_web_help', :path => 'help' +gem 'leap_web_help', :path => 'help' gem 'couchrest_session_store' -- cgit v1.2.3 From c27f2a0686db0705553eda88c799d4c486c20bac Mon Sep 17 00:00:00 2001 From: jessib Date: Wed, 10 Oct 2012 10:55:25 -0700 Subject: Pushing some tweaks as I try to get server-side validation working. --- help/app/models/ticket.rb | 16 ++++++++++++++-- help/app/models/ticket_comment.rb | 2 ++ help/app/views/tickets/index.html.haml | 5 ++++- help/app/views/tickets/new.html.haml | 15 +++++++++++---- help/app/views/tickets/show.html.haml | 5 +++-- 5 files changed, 34 insertions(+), 9 deletions(-) diff --git a/help/app/models/ticket.rb b/help/app/models/ticket.rb index 355ae02..8cec0df 100644 --- a/help/app/models/ticket.rb +++ b/help/app/models/ticket.rb @@ -15,8 +15,8 @@ class Ticket < CouchRest::Model::Base =end #belongs_to :user #from leap_web_users. doesn't necessarily belong to a user though - property :created_by, Integer #nil unless user was authenticated for ticket creation, #THIS should not be changed after being set - property :regarding_user, Integer # form cannot be submitted if they type in a username w/out corresponding ID. this field can be nil. for authenticated ticket creation by non-admins, should this just automatically be set to be same as created_by? or maybe we don't use this field unless created_by is nil? + property :created_by, String#Integer #nil unless user was authenticated for ticket creation, #THIS should not be changed after being set + property :regarding_user, String#Integer # form cannot be submitted if they type in a username w/out corresponding ID. this field can be nil. for authenticated ticket creation by non-admins, should this just automatically be set to be same as created_by? or maybe we don't use this field unless created_by is nil? #also, both created_by and regarding_user could be nil---say user forgets username, or has general question property :title, String property :email, String #verify @@ -29,6 +29,8 @@ class Ticket < CouchRest::Model::Base timestamps! + #accepts_nested_attributes_for :ticketcomments #?? + #before_validation :set_created_by, :set_code, :set_email, :on => :create before_validation :set_code, :set_email, :on => :create @@ -36,7 +38,11 @@ class Ticket < CouchRest::Model::Base view :by_title end + validates :title, :presence => true + validates :comments, :presence => true #do we want it like this? + + # html5 has built-in validation which isn't ideal, as it says 'please enter an email address' for invalid email addresses, which implies an email address is required, and it is not. validates :email, :format => /\A([^@\s]+)@((?:[-a-z0-9]+\.)+[a-z]{2,})\Z/, :if => :email #email address is optional #TODO: @@ -55,6 +61,7 @@ class Ticket < CouchRest::Model::Base def set_email + self.email = nil if self.email == "" #self.email = current users email if is_creator_validated? end @@ -68,6 +75,11 @@ class Ticket < CouchRest::Model::Base save end + #probably not useful, but trying it: + def ticket_comment_attributes=(attributes) + @ticket_comment = TicketComment.new(attributes) + end + =begin def validate if email_address and not email_address.strip =~ RFC822::EmailAddress diff --git a/help/app/models/ticket_comment.rb b/help/app/models/ticket_comment.rb index 6b6b4db..9026bc1 100644 --- a/help/app/models/ticket_comment.rb +++ b/help/app/models/ticket_comment.rb @@ -8,6 +8,8 @@ class TicketComment #property :posted_verified, TrueClass, :protected => true #should be true if current_user is set when the comment is created property :body, String + + validates :body, :presence => true #before_validation :set_time#, :set_posted_by #design do diff --git a/help/app/views/tickets/index.html.haml b/help/app/views/tickets/index.html.haml index 55bfa79..d2e0ea0 100644 --- a/help/app/views/tickets/index.html.haml +++ b/help/app/views/tickets/index.html.haml @@ -2,4 +2,7 @@ - @tickets.each do |ticket| %p = link_to ticket.title, ticket -= #render(:partial => "ticket", :collection => @tickets) \ No newline at end of file +%p +Create a += link_to "new ticket", new_ticket_path += #render(:partial => "ticket", :collection => @tickets) diff --git a/help/app/views/tickets/new.html.haml b/help/app/views/tickets/new.html.haml index fd1bcd4..d0e6939 100644 --- a/help/app/views/tickets/new.html.haml +++ b/help/app/views/tickets/new.html.haml @@ -1,12 +1,19 @@ %h2=t :new_ticket -= simple_form_for @ticket do |f| += simple_form_for (@ticket, :html => {:novalidate => true}) do |f| #turn off html5 validations to test + = @ticket.errors.messages = f.input :title = #f.input :email #if there is no current_user - = f.input :email if !User.current_test - = #simple_fields_for :comment do |c| + = f.input :email if !User.current_test #hmm--might authenticated users want to submit an alternate email? + = #f.simple_fields_for :comment do |c| = #c.input :body, :label => 'Comment', :as => :text + = #f.input :comments, :label => 'Comment', :as => :text + + = f.fields_for :comment do |c| + = c.input :body, :label => 'Comment', :as => :text + + = #f.input :comment - = render :partial => 'new_comment' + = #render :partial => 'new_comment' #what we were using = # regarding_user if not logged in = # email if not logged in = #f.button :submit, :value => t(:submit), :class => 'btn-primary' diff --git a/help/app/views/tickets/show.html.haml b/help/app/views/tickets/show.html.haml index a37f5c8..1e1fab3 100644 --- a/help/app/views/tickets/show.html.haml +++ b/help/app/views/tickets/show.html.haml @@ -5,6 +5,7 @@ code: = @ticket.code = render(:partial => "comment", :collection => @ticket.comments) -= simple_form_for @ticket do |f| += simple_form_for (@ticket, :html => {:novalidate => true}) do |f| #turn off html5 validations to test = render :partial => 'new_comment' - = f.button :submit \ No newline at end of file + = f.button :submit + = link_to t(:cancel), root_url, :class => :btn \ No newline at end of file -- cgit v1.2.3 From 0bdfbdb57ab7c29d0d87dc1a44b17eb32f98439b Mon Sep 17 00:00:00 2001 From: jessib Date: Wed, 10 Oct 2012 11:00:51 -0700 Subject: Forgot to commit controller --- help/app/controllers/tickets_controller.rb | 27 +++++++++++++++++---------- 1 file changed, 17 insertions(+), 10 deletions(-) diff --git a/help/app/controllers/tickets_controller.rb b/help/app/controllers/tickets_controller.rb index 9383d7e..2e681b2 100644 --- a/help/app/controllers/tickets_controller.rb +++ b/help/app/controllers/tickets_controller.rb @@ -1,16 +1,23 @@ class TicketsController < ApplicationController + respond_to :html #, :json + def new @ticket = Ticket.new end def create - # @ticket = Ticket.new :posted_by => current_user - @ticket = Ticket.new :created_by => User.current_test.id - @ticket.attributes = params[:ticket] - + @ticket = Ticket.new #:created_by => User.current_test.id + @ticket.attributes = params[:ticket]#.except(:comments) + @ticket.created_by = User.current_test.id if User.current_test add_comment - redirect_to @ticket + + if @ticket.save + respond_with(@ticket) + else + respond_with(@ticket, :location => new_ticket_path ) + end + end def show @@ -20,22 +27,22 @@ class TicketsController < ApplicationController def update @ticket = Ticket.find(params[:id]) add_comment + @ticket.save redirect_to @ticket end def index - @tickets = Ticket.by_title #not actually what we will want + # @tickets = Ticket.by_title #not actually what we will want + respond_with(@tickets = Ticket.all) end private def add_comment comment = TicketComment.new(params[:comment]) - #comment.posted_by = current_user #could be nil - comment.posted_by = User.current_test.id #could be nil - comment.posted_at = Time.now # TODO: it seems strange to have this here, and not in model. + comment.posted_by = User.current_test.id if User.current_test #could be nil + comment.posted_at = Time.now # TODO: it seems strange to have this here, and not in model @ticket.comments << comment - @ticket.save end end -- cgit v1.2.3 From cf9ed38ab1840092352efdbb71bfeb5bc3b9f9d5 Mon Sep 17 00:00:00 2001 From: jessib Date: Wed, 10 Oct 2012 15:52:08 -0700 Subject: Some tweaks to get server-side validation working when adding the embedded ticket comment to a new ticket. --- help/app/controllers/tickets_controller.rb | 10 +++++++--- help/app/models/ticket.rb | 11 ++++++----- help/app/views/tickets/new.html.haml | 9 ++------- 3 files changed, 15 insertions(+), 15 deletions(-) diff --git a/help/app/controllers/tickets_controller.rb b/help/app/controllers/tickets_controller.rb index 2e681b2..be07309 100644 --- a/help/app/controllers/tickets_controller.rb +++ b/help/app/controllers/tickets_controller.rb @@ -4,13 +4,14 @@ class TicketsController < ApplicationController def new @ticket = Ticket.new + @ticket.comments.build end def create @ticket = Ticket.new #:created_by => User.current_test.id @ticket.attributes = params[:ticket]#.except(:comments) @ticket.created_by = User.current_test.id if User.current_test - add_comment + #instead of calling add_comment, we are using comment_attributes= from the Ticket model if @ticket.save respond_with(@ticket) @@ -22,13 +23,14 @@ class TicketsController < ApplicationController def show @ticket = Ticket.find(params[:id]) + # build ticket comments? end def update @ticket = Ticket.find(params[:id]) - add_comment + add_comment #or should we use ticket attributes? @ticket.save - redirect_to @ticket + redirect_to @ticket #difft behavior on failure? end def index @@ -38,6 +40,8 @@ class TicketsController < ApplicationController private + # not using now when creating tickets, we are using comment_attributes= from the Ticket model + #not yet sure about updating tickets def add_comment comment = TicketComment.new(params[:comment]) comment.posted_by = User.current_test.id if User.current_test #could be nil diff --git a/help/app/models/ticket.rb b/help/app/models/ticket.rb index 8cec0df..e829a5f 100644 --- a/help/app/models/ticket.rb +++ b/help/app/models/ticket.rb @@ -29,8 +29,6 @@ class Ticket < CouchRest::Model::Base timestamps! - #accepts_nested_attributes_for :ticketcomments #?? - #before_validation :set_created_by, :set_code, :set_email, :on => :create before_validation :set_code, :set_email, :on => :create @@ -75,9 +73,12 @@ class Ticket < CouchRest::Model::Base save end - #probably not useful, but trying it: - def ticket_comment_attributes=(attributes) - @ticket_comment = TicketComment.new(attributes) + def comments_attributes=(attributes) + comment = TicketComment.new(attributes.values.first) #TicketComment.new(attributes) + comment.posted_by = User.current_test.id if User.current_test + comment.posted_at = Time.now + comments << comment + end =begin diff --git a/help/app/views/tickets/new.html.haml b/help/app/views/tickets/new.html.haml index d0e6939..0a6b25b 100644 --- a/help/app/views/tickets/new.html.haml +++ b/help/app/views/tickets/new.html.haml @@ -1,18 +1,13 @@ %h2=t :new_ticket = simple_form_for (@ticket, :html => {:novalidate => true}) do |f| #turn off html5 validations to test - = @ticket.errors.messages + = #@ticket.errors.messages = f.input :title = #f.input :email #if there is no current_user = f.input :email if !User.current_test #hmm--might authenticated users want to submit an alternate email? - = #f.simple_fields_for :comment do |c| - = #c.input :body, :label => 'Comment', :as => :text - = #f.input :comments, :label => 'Comment', :as => :text - = f.fields_for :comment do |c| + = f.simple_fields_for :comments do |c| = c.input :body, :label => 'Comment', :as => :text - - = #f.input :comment = #render :partial => 'new_comment' #what we were using = # regarding_user if not logged in = # email if not logged in -- cgit v1.2.3 From 56273c13f54a872d02db286c90a8d5103cf7a663 Mon Sep 17 00:00:00 2001 From: jessib Date: Fri, 12 Oct 2012 14:42:57 -0700 Subject: more work on ticket creation/updating functionality --- help/app/controllers/tickets_controller.rb | 34 +++++++++++++++++++-------- help/app/models/ticket.rb | 2 +- help/app/views/tickets/_comment.html.haml | 3 ++- help/app/views/tickets/_new_comment.html.haml | 1 + help/app/views/tickets/new.html.haml | 2 +- help/app/views/tickets/show.html.haml | 10 ++++++-- 6 files changed, 37 insertions(+), 15 deletions(-) diff --git a/help/app/controllers/tickets_controller.rb b/help/app/controllers/tickets_controller.rb index be07309..f4b38de 100644 --- a/help/app/controllers/tickets_controller.rb +++ b/help/app/controllers/tickets_controller.rb @@ -13,24 +13,39 @@ class TicketsController < ApplicationController @ticket.created_by = User.current_test.id if User.current_test #instead of calling add_comment, we are using comment_attributes= from the Ticket model - if @ticket.save - respond_with(@ticket) - else - respond_with(@ticket, :location => new_ticket_path ) - end + flash[:notice] = 'Ticket was successfully created.' if @ticket.save + respond_with(@ticket) end +=begin + def edit + @ticket = Ticket.find(params[:id]) + @ticket.comments.build + # build ticket comments? + end +=end + def show @ticket = Ticket.find(params[:id]) + # @ticket.comments.build # build ticket comments? end def update @ticket = Ticket.find(params[:id]) - add_comment #or should we use ticket attributes? - @ticket.save - redirect_to @ticket #difft behavior on failure? + @ticket.attributes = params[:ticket] + #add_comment #or should we use ticket attributes? + # @ticket.save + if @ticket.save + flash[:notice] = 'Ticket was successfully updated.' + respond_with @ticket + else + #redirect_to [:show, @ticket] # + flash[:alert] = 'Ticket has not been changed' + redirect_to @ticket + #respond_with(@ticket) # why does this go to edit?? redirect??? + end end def index @@ -40,8 +55,7 @@ class TicketsController < ApplicationController private - # not using now when creating tickets, we are using comment_attributes= from the Ticket model - #not yet sure about updating tickets + # not using now, as we are using comment_attributes= from the Ticket model def add_comment comment = TicketComment.new(params[:comment]) comment.posted_by = User.current_test.id if User.current_test #could be nil diff --git a/help/app/models/ticket.rb b/help/app/models/ticket.rb index e829a5f..537a7c6 100644 --- a/help/app/models/ticket.rb +++ b/help/app/models/ticket.rb @@ -37,7 +37,7 @@ class Ticket < CouchRest::Model::Base end validates :title, :presence => true - validates :comments, :presence => true #do we want it like this? + #validates :comments, :presence => true #do we want it like this? # html5 has built-in validation which isn't ideal, as it says 'please enter an email address' for invalid email addresses, which implies an email address is required, and it is not. diff --git a/help/app/views/tickets/_comment.html.haml b/help/app/views/tickets/_comment.html.haml index 77e29b8..19e1ddf 100644 --- a/help/app/views/tickets/_comment.html.haml +++ b/help/app/views/tickets/_comment.html.haml @@ -1,4 +1,5 @@ -%div +- # style is super ugly but just for now +%div{:style => "border: solid 1px"} - if User.find(comment.posted_by) Posted by = User.find(comment.posted_by).login diff --git a/help/app/views/tickets/_new_comment.html.haml b/help/app/views/tickets/_new_comment.html.haml index bf88da6..a924dfd 100644 --- a/help/app/views/tickets/_new_comment.html.haml +++ b/help/app/views/tickets/_new_comment.html.haml @@ -1,2 +1,3 @@ += #do we want this partial? not using it now = simple_fields_for :comment do |c| = c.input :body, :label => 'Comment', :as => :text diff --git a/help/app/views/tickets/new.html.haml b/help/app/views/tickets/new.html.haml index 0a6b25b..d784720 100644 --- a/help/app/views/tickets/new.html.haml +++ b/help/app/views/tickets/new.html.haml @@ -13,4 +13,4 @@ = # email if not logged in = #f.button :submit, :value => t(:submit), :class => 'btn-primary' = f.button :submit - = link_to t(:cancel), root_url, :class => :btn + = link_to t(:cancel), tickets_path, :class => :btn diff --git a/help/app/views/tickets/show.html.haml b/help/app/views/tickets/show.html.haml index 1e1fab3..04dd676 100644 --- a/help/app/views/tickets/show.html.haml +++ b/help/app/views/tickets/show.html.haml @@ -1,3 +1,7 @@ +- if flash[:notice] + =flash[:notice] +- if flash[:alert] + =flash[:alert] %h2= @ticket.title is open? = @ticket.is_open @@ -6,6 +10,8 @@ code: = render(:partial => "comment", :collection => @ticket.comments) = simple_form_for (@ticket, :html => {:novalidate => true}) do |f| #turn off html5 validations to test - = render :partial => 'new_comment' + = f.simple_fields_for :comments, TicketComment.new do |c| + = c.input :body, :label => 'Comment', :as => :text + = #render :partial => 'new_comment' = f.button :submit - = link_to t(:cancel), root_url, :class => :btn \ No newline at end of file + = link_to t(:cancel), tickets_path, :class => :btn \ No newline at end of file -- cgit v1.2.3 From 48d6c2aac9ae2bf1c140e734a576e45289c99150 Mon Sep 17 00:00:00 2001 From: jessib Date: Tue, 16 Oct 2012 15:51:35 -0700 Subject: Some functional tests and other tweaks. --- help/app/controllers/tickets_controller.rb | 6 +++-- help/app/models/ticket.rb | 12 ++++++---- help/app/models/ticket_comment.rb | 4 ++-- help/app/views/tickets/_comment.html.haml | 2 ++ help/app/views/tickets/index.html.haml | 5 ++-- help/app/views/tickets/new.html.haml | 2 +- help/app/views/tickets/show.html.haml | 13 ++++++++-- help/test/functional/tickets_controller_test.rb | 32 ++++++++++++++++++++++--- 8 files changed, 59 insertions(+), 17 deletions(-) diff --git a/help/app/controllers/tickets_controller.rb b/help/app/controllers/tickets_controller.rb index f4b38de..be9a2b5 100644 --- a/help/app/controllers/tickets_controller.rb +++ b/help/app/controllers/tickets_controller.rb @@ -1,6 +1,7 @@ class TicketsController < ApplicationController respond_to :html #, :json + #has_scope :open, :type => boolean def new @ticket = Ticket.new @@ -8,9 +9,9 @@ class TicketsController < ApplicationController end def create - @ticket = Ticket.new #:created_by => User.current_test.id - @ticket.attributes = params[:ticket]#.except(:comments) + @ticket = Ticket.new(params[:ticket]) @ticket.created_by = User.current_test.id if User.current_test + @ticket.email = User.current_test.email if User.current_test.email #instead of calling add_comment, we are using comment_attributes= from the Ticket model flash[:notice] = 'Ticket was successfully created.' if @ticket.save @@ -35,6 +36,7 @@ class TicketsController < ApplicationController def update @ticket = Ticket.find(params[:id]) @ticket.attributes = params[:ticket] + #add_comment #or should we use ticket attributes? # @ticket.save if @ticket.save diff --git a/help/app/models/ticket.rb b/help/app/models/ticket.rb index 537a7c6..76fa5c8 100644 --- a/help/app/models/ticket.rb +++ b/help/app/models/ticket.rb @@ -15,8 +15,8 @@ class Ticket < CouchRest::Model::Base =end #belongs_to :user #from leap_web_users. doesn't necessarily belong to a user though - property :created_by, String#Integer #nil unless user was authenticated for ticket creation, #THIS should not be changed after being set - property :regarding_user, String#Integer # form cannot be submitted if they type in a username w/out corresponding ID. this field can be nil. for authenticated ticket creation by non-admins, should this just automatically be set to be same as created_by? or maybe we don't use this field unless created_by is nil? + property :created_by, String, :protected => true #Integer #nil unless user was authenticated for ticket creation, #THIS should not be changed after being set + #property :regarding_user, String#Integer # form cannot be submitted if they type in a username w/out corresponding ID. this field can be nil. for authenticated ticket creation by non-admins, should this just automatically be set to be same as created_by? or maybe we don't use this field unless created_by is nil? #also, both created_by and regarding_user could be nil---say user forgets username, or has general question property :title, String property :email, String #verify @@ -32,6 +32,9 @@ class Ticket < CouchRest::Model::Base #before_validation :set_created_by, :set_code, :set_email, :on => :create before_validation :set_code, :set_email, :on => :create + + #named_scope :open, :conditions => {:is_open => true} #?? + design do view :by_title end @@ -60,7 +63,7 @@ class Ticket < CouchRest::Model::Base def set_email self.email = nil if self.email == "" - #self.email = current users email if is_creator_validated? + # in controller set to be current users email if that exists end def close @@ -74,8 +77,9 @@ class Ticket < CouchRest::Model::Base end def comments_attributes=(attributes) + comment = TicketComment.new(attributes.values.first) #TicketComment.new(attributes) - comment.posted_by = User.current_test.id if User.current_test + comment.posted_by = User.current_test.id if User.current_test #should we not access User.current here? comment.posted_at = Time.now comments << comment diff --git a/help/app/models/ticket_comment.rb b/help/app/models/ticket_comment.rb index 9026bc1..a8639a1 100644 --- a/help/app/models/ticket_comment.rb +++ b/help/app/models/ticket_comment.rb @@ -2,13 +2,13 @@ class TicketComment include CouchRest::Model::Embeddable #belongs_to :ticket #is this best way to do it? will want to access all of a tickets comments, so maybe this isn't the way? - property :posted_by, Integer#, :protected => true# maybe this should be current_user if that is set, meaning the user is logged in #String # user?? + property :posted_by, String#, :protected => true #Integer#this should be current_user if that is set, meaning the user is logged in #cannot have it be protected and set via comments_attributes= # if the current user is not set, then we could just say the comment comes from an 'unauthenticated user', which would be somebody with the secret URL property :posted_at, Time#, :protected => true #property :posted_verified, TrueClass, :protected => true #should be true if current_user is set when the comment is created property :body, String - + # ? timestamps! validates :body, :presence => true #before_validation :set_time#, :set_posted_by diff --git a/help/app/views/tickets/_comment.html.haml b/help/app/views/tickets/_comment.html.haml index 19e1ddf..1ba3bd1 100644 --- a/help/app/views/tickets/_comment.html.haml +++ b/help/app/views/tickets/_comment.html.haml @@ -3,6 +3,8 @@ - if User.find(comment.posted_by) Posted by = User.find(comment.posted_by).login + - else + Unauthenticated post %p Posted at = comment.posted_at diff --git a/help/app/views/tickets/index.html.haml b/help/app/views/tickets/index.html.haml index d2e0ea0..f328ca2 100644 --- a/help/app/views/tickets/index.html.haml +++ b/help/app/views/tickets/index.html.haml @@ -1,8 +1,7 @@ +Create a += link_to "new ticket", new_ticket_path %h2 Tickets - @tickets.each do |ticket| %p = link_to ticket.title, ticket -%p -Create a -= link_to "new ticket", new_ticket_path = #render(:partial => "ticket", :collection => @tickets) diff --git a/help/app/views/tickets/new.html.haml b/help/app/views/tickets/new.html.haml index d784720..8c660c9 100644 --- a/help/app/views/tickets/new.html.haml +++ b/help/app/views/tickets/new.html.haml @@ -1,5 +1,5 @@ %h2=t :new_ticket -= simple_form_for (@ticket, :html => {:novalidate => true}) do |f| #turn off html5 validations to test += simple_form_for(@ticket, :html => {:novalidate => true}) do |f| #turn off html5 validations to test = #@ticket.errors.messages = f.input :title = #f.input :email #if there is no current_user diff --git a/help/app/views/tickets/show.html.haml b/help/app/views/tickets/show.html.haml index 04dd676..a9b994e 100644 --- a/help/app/views/tickets/show.html.haml +++ b/help/app/views/tickets/show.html.haml @@ -5,8 +5,17 @@ %h2= @ticket.title is open? = @ticket.is_open -code: -= @ticket.code +- if @ticket.code + code: + = @ticket.code +- if @ticket.email + email: + = @ticket.email +- if User.find(@ticket.created_by) + Created by + = User.find(@ticket.created_by).login +- else + Unauthenticated ticket creator = render(:partial => "comment", :collection => @ticket.comments) = simple_form_for (@ticket, :html => {:novalidate => true}) do |f| #turn off html5 validations to test diff --git a/help/test/functional/tickets_controller_test.rb b/help/test/functional/tickets_controller_test.rb index 6d9ff09..7af4c22 100644 --- a/help/test/functional/tickets_controller_test.rb +++ b/help/test/functional/tickets_controller_test.rb @@ -1,9 +1,13 @@ require 'test_helper' class TicketsControllerTest < ActionController::TestCase - # test "the truth" do - # assert true - # end + + test "should get index" do + get :index + assert_response :success + assert_not_nil assigns(:tickets) + end + test "should get new" do get :new assert_equal Ticket, assigns(:ticket).class @@ -11,5 +15,27 @@ class TicketsControllerTest < ActionController::TestCase end + test "should create authenticated ticket" do + params = {:title => "ticket test title", :comments_attributes => {"0" => {"body" =>"body of test ticket"}}} + + assert_difference('Ticket.count') do + post :create, :ticket => params + end + + assert_response :redirect + assert_equal assigns(:ticket).email, User.current_test.email + assert_equal User.find(assigns(:ticket).created_by).login, User.current_test.login + assert_equal assigns(:ticket).comments.count, 1 + end + + test "add comment to ticket" do + + t = Ticket.last + comment_count = t.comments.count + put :update, :id => t.id, :ticket => {:comments_attributes => {"0" => {"body" =>"NEWER comment"}} } + assert_equal(comment_count + 1, assigns(:ticket).comments.count) + #assert_difference block isn't working + + end end -- cgit v1.2.3 From 171d07a64d3f76e68c22f0fb4cc3795daad806d1 Mon Sep 17 00:00:00 2001 From: jessib Date: Wed, 17 Oct 2012 10:04:34 -0700 Subject: Not sure we actually want this in version control, but adding changes so long as we have it. --- Gemfile.lock | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/Gemfile.lock b/Gemfile.lock index fe49476..137e6d7 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -14,6 +14,12 @@ PATH json rails (~> 3.2.8) +PATH + remote: help + specs: + leap_web_help (0.1.0) + leap_web_core (= 0.1.0) + PATH remote: users specs: @@ -173,6 +179,7 @@ DEPENDENCIES jquery-rails leap_web_certs! leap_web_core! + leap_web_help! leap_web_users! mocha ruby-debug -- cgit v1.2.3 From 8b9d5235faed6c15e8ef2e2dc76aec7f24d0bb50 Mon Sep 17 00:00:00 2001 From: jessib Date: Thu, 18 Oct 2012 13:42:37 -0700 Subject: Uses the working authentication code. --- help/app/controllers/tickets_controller.rb | 21 ++++++++++++------- help/app/models/ticket.rb | 2 +- help/app/models/ticket_comment.rb | 2 +- help/app/views/tickets/index.html.haml | 3 +++ help/app/views/tickets/new.html.haml | 2 +- help/test/functional/tickets_controller_test.rb | 28 ++++++++++++++++++++++--- users/app/models/user.rb | 6 ++---- 7 files changed, 46 insertions(+), 18 deletions(-) diff --git a/help/app/controllers/tickets_controller.rb b/help/app/controllers/tickets_controller.rb index be9a2b5..4c7415b 100644 --- a/help/app/controllers/tickets_controller.rb +++ b/help/app/controllers/tickets_controller.rb @@ -10,9 +10,13 @@ class TicketsController < ApplicationController def create @ticket = Ticket.new(params[:ticket]) - @ticket.created_by = User.current_test.id if User.current_test - @ticket.email = User.current_test.email if User.current_test.email - #instead of calling add_comment, we are using comment_attributes= from the Ticket model + if current_user + @ticket.created_by = current_user.id + @ticket.email = current_user.email if current_user.email + @ticket.comments.last.posted_by = current_user.id + else + @ticket.comments.last.posted_by = nil #hacky, but protecting this attribute doesn't work right, so this should make sure it isn't set. + end flash[:notice] = 'Ticket was successfully created.' if @ticket.save respond_with(@ticket) @@ -37,8 +41,8 @@ class TicketsController < ApplicationController @ticket = Ticket.find(params[:id]) @ticket.attributes = params[:ticket] - #add_comment #or should we use ticket attributes? - # @ticket.save + @ticket.comments.last.posted_by = (current_user ? current_user.id : nil) #protecting posted_by isn't working, so this should protect it. + if @ticket.save flash[:notice] = 'Ticket was successfully updated.' respond_with @ticket @@ -52,17 +56,18 @@ class TicketsController < ApplicationController def index # @tickets = Ticket.by_title #not actually what we will want - respond_with(@tickets = Ticket.all) + respond_with(@tickets = Ticket.all) #we'll want only tickets that this user can access end private # not using now, as we are using comment_attributes= from the Ticket model +=begin def add_comment comment = TicketComment.new(params[:comment]) - comment.posted_by = User.current_test.id if User.current_test #could be nil + comment.posted_by = User.current.id if User.current #could be nil comment.posted_at = Time.now # TODO: it seems strange to have this here, and not in model @ticket.comments << comment end - +=end end diff --git a/help/app/models/ticket.rb b/help/app/models/ticket.rb index 76fa5c8..f38fed2 100644 --- a/help/app/models/ticket.rb +++ b/help/app/models/ticket.rb @@ -79,7 +79,7 @@ class Ticket < CouchRest::Model::Base def comments_attributes=(attributes) comment = TicketComment.new(attributes.values.first) #TicketComment.new(attributes) - comment.posted_by = User.current_test.id if User.current_test #should we not access User.current here? + #comment.posted_by = User.current.id if User.current #we want to avoid User.current, and current_user won't work here. instead will set in tickets_controller comment.posted_at = Time.now comments << comment diff --git a/help/app/models/ticket_comment.rb b/help/app/models/ticket_comment.rb index a8639a1..49e5c6c 100644 --- a/help/app/models/ticket_comment.rb +++ b/help/app/models/ticket_comment.rb @@ -2,7 +2,7 @@ class TicketComment include CouchRest::Model::Embeddable #belongs_to :ticket #is this best way to do it? will want to access all of a tickets comments, so maybe this isn't the way? - property :posted_by, String#, :protected => true #Integer#this should be current_user if that is set, meaning the user is logged in #cannot have it be protected and set via comments_attributes= + property :posted_by, String#, :protected => true #Integer#this should be current_user if that is set, meaning the user is logged in #cannot have it be protected and set via comments_attributes=. also, if it is protected and we set in the tickets_controller, it gets unset. TODO---is this okay to have it not protected and manually check it? We do not users to be able to set this. # if the current user is not set, then we could just say the comment comes from an 'unauthenticated user', which would be somebody with the secret URL property :posted_at, Time#, :protected => true #property :posted_verified, TrueClass, :protected => true #should be true if current_user is set when the comment is created diff --git a/help/app/views/tickets/index.html.haml b/help/app/views/tickets/index.html.haml index f328ca2..6db2140 100644 --- a/help/app/views/tickets/index.html.haml +++ b/help/app/views/tickets/index.html.haml @@ -1,6 +1,9 @@ +%h2 tickets index (just as space) Create a = link_to "new ticket", new_ticket_path += # below shouldn't be unless logged in %h2 Tickets += # want to have selection option to see tickets, that are open, closed or all - @tickets.each do |ticket| %p = link_to ticket.title, ticket diff --git a/help/app/views/tickets/new.html.haml b/help/app/views/tickets/new.html.haml index 8c660c9..537b97f 100644 --- a/help/app/views/tickets/new.html.haml +++ b/help/app/views/tickets/new.html.haml @@ -3,7 +3,7 @@ = #@ticket.errors.messages = f.input :title = #f.input :email #if there is no current_user - = f.input :email if !User.current_test #hmm--might authenticated users want to submit an alternate email? + = f.input :email if !current_user #hmm--might authenticated users want to submit an alternate email? = f.simple_fields_for :comments do |c| = c.input :body, :label => 'Comment', :as => :text diff --git a/help/test/functional/tickets_controller_test.rb b/help/test/functional/tickets_controller_test.rb index 7af4c22..7a03a86 100644 --- a/help/test/functional/tickets_controller_test.rb +++ b/help/test/functional/tickets_controller_test.rb @@ -15,7 +15,7 @@ class TicketsControllerTest < ActionController::TestCase end - test "should create authenticated ticket" do + test "should create unauthenticated ticket" do params = {:title => "ticket test title", :comments_attributes => {"0" => {"body" =>"body of test ticket"}}} assert_difference('Ticket.count') do @@ -23,8 +23,30 @@ class TicketsControllerTest < ActionController::TestCase end assert_response :redirect - assert_equal assigns(:ticket).email, User.current_test.email - assert_equal User.find(assigns(:ticket).created_by).login, User.current_test.login + #assert_equal assigns(:ticket).email, User.current.email + #assert_equal User.find(assigns(:ticket).created_by).login, User.current.login + assert_nil assigns(:ticket).created_by + + assert_equal assigns(:ticket).comments.count, 1 + end + + + test "should create authenticated ticket" do + + params = {:title => "ticket test title", :comments_attributes => {"0" => {"body" =>"body of test ticket"}}} + + #todo: should redo this and actually authorize + user = User.last + session[:user_id] = user.id + + assert_difference('Ticket.count') do + post :create, :ticket => params + end + + assert_response :redirect + assert_equal assigns(:ticket).created_by, user.id + assert_equal assigns(:ticket).email, user.email + assert_equal assigns(:ticket).comments.count, 1 end diff --git a/users/app/models/user.rb b/users/app/models/user.rb index 8b7c0b3..29c0b38 100644 --- a/users/app/models/user.rb +++ b/users/app/models/user.rb @@ -63,15 +63,13 @@ class User < CouchRest::Model::Base login end +=begin def self.current Thread.current[:user] end def self.current=(user) Thread.current[:user] = user end - - def self.current_test - User.first - end +=end end -- cgit v1.2.3 From 3e0a1a47c0eafb7f9b79e5f2765ea33ce1ad159b Mon Sep 17 00:00:00 2001 From: Azul Date: Wed, 24 Oct 2012 20:35:52 +0200 Subject: basic admin controller methods and helpers + tests --- .../app/controllers/application_controller.rb | 3 -- users/app/controllers/application_controller.rb | 22 +++++++++- .../test/functional/application_controller_test.rb | 44 ++++++++++++++++++++ users/test/functional/helper_methods_test.rb | 48 ++++++++++++++++++++++ users/test/support/auth_test_helper.rb | 7 ++++ users/test/test_helper.rb | 3 ++ 6 files changed, 122 insertions(+), 5 deletions(-) delete mode 100644 test/dummy/app/controllers/application_controller.rb create mode 100644 users/test/functional/application_controller_test.rb create mode 100644 users/test/functional/helper_methods_test.rb create mode 100644 users/test/support/auth_test_helper.rb diff --git a/test/dummy/app/controllers/application_controller.rb b/test/dummy/app/controllers/application_controller.rb deleted file mode 100644 index e8065d9..0000000 --- a/test/dummy/app/controllers/application_controller.rb +++ /dev/null @@ -1,3 +0,0 @@ -class ApplicationController < ActionController::Base - protect_from_forgery -end diff --git a/users/app/controllers/application_controller.rb b/users/app/controllers/application_controller.rb index 64e1a55..0d6e5d1 100644 --- a/users/app/controllers/application_controller.rb +++ b/users/app/controllers/application_controller.rb @@ -1,14 +1,32 @@ class ApplicationController < ActionController::Base protect_from_forgery - private + protected def current_user @current_user ||= User.find(session[:user_id]) if session[:user_id] end helper_method :current_user + def logged_in? + !!current_user + end + helper_method :logged_in? + def authorize - redirect_to login_url, alert: "Not authorized" if current_user.nil? + access_denied unless logged_in? + end + + def admin? + current_user && current_user.is_admin? + end + helper_method :admin? + + def authorize_admin + access_denied unless admin? + end + + def access_denied + redirect_to login_url, :alert => "Not authorized" end end diff --git a/users/test/functional/application_controller_test.rb b/users/test/functional/application_controller_test.rb new file mode 100644 index 0000000..d13a354 --- /dev/null +++ b/users/test/functional/application_controller_test.rb @@ -0,0 +1,44 @@ +require 'test_helper' + +class ApplicationControllerTest < ActionController::TestCase + + def setup + @user_id = stub + @user = stub + session[:user_id] = @user_id + # so we can test the effect on the response + @controller.response = @response + end + + def test_authorize_redirect + session[:user_id] = nil + @controller.send(:authorize) + assert_access_denied + end + + def test_current_user_with_caching + User.expects(:find).once.with(@user_id).returns(@user) + assert_equal @user, @controller.send(:current_user) + assert_equal @user, @controller.send(:current_user) # tests caching + end + + def test_authorized + User.expects(:find).once.with(@user_id).returns(@user) + @controller.send(:authorize) + end + + def test_admin + bool = stub + User.expects(:find).once.with(@user_id).returns(@user) + @user.expects(:is_admin?).returns(bool) + assert_equal bool, @controller.send(:admin?) + end + + def test_authorize_admin + User.expects(:find).once.with(@user_id).returns(@user) + @user.expects(:is_admin?).returns(false) + @controller.send(:authorize_admin) + assert_access_denied + end + +end diff --git a/users/test/functional/helper_methods_test.rb b/users/test/functional/helper_methods_test.rb new file mode 100644 index 0000000..0d76f63 --- /dev/null +++ b/users/test/functional/helper_methods_test.rb @@ -0,0 +1,48 @@ +# +# Testing and documenting the helper methods available from +# ApplicationController +# + +require 'test_helper' + +class HelperMethodsTest < ActionController::TestCase + tests ApplicationController + + # we test them right in here... + include ApplicationController._helpers + + # they all reference the controller. + def controller + @controller + end + + def setup + @user_id = stub + @user = stub + session[:user_id] = @user_id + end + + def test_current_user_with_caching + User.expects(:find).once.with(@user_id).returns(@user) + assert_equal @user, current_user + assert_equal @user, current_user # tests caching + end + + def test_logged_in + User.expects(:find).once.with(@user_id).returns(@user) + assert logged_in? + end + + def test_logged_in + User.expects(:find).once.with(@user_id).returns(nil) + assert !logged_in? + end + + def test_admin + bool = stub + User.expects(:find).once.with(@user_id).returns(@user) + @user.expects(:is_admin?).returns(bool) + assert_equal bool, admin? + end + +end diff --git a/users/test/support/auth_test_helper.rb b/users/test/support/auth_test_helper.rb new file mode 100644 index 0000000..c30421f --- /dev/null +++ b/users/test/support/auth_test_helper.rb @@ -0,0 +1,7 @@ +module AuthTestHelper + + def assert_access_denied + assert_equal({:alert => "Not authorized"}, flash.to_hash) + assert_redirected_to login_path + end +end diff --git a/users/test/test_helper.rb b/users/test/test_helper.rb index 08d4d41..ae6a35c 100644 --- a/users/test/test_helper.rb +++ b/users/test/test_helper.rb @@ -8,3 +8,6 @@ Rails.backtrace_cleaner.remove_silencers! # Load support files Dir["#{File.dirname(__FILE__)}/support/**/*.rb"].each { |f| require f } +class ActionController::TestCase + include AuthTestHelper +end -- cgit v1.2.3 From b724d53b36878c96d30676c22ee4e4369dcc37f8 Mon Sep 17 00:00:00 2001 From: Azul Date: Wed, 24 Oct 2012 20:41:30 +0200 Subject: Extraction of test support methods --- .../test/functional/application_controller_test.rb | 14 ++++++------- users/test/functional/helper_methods_test.rb | 16 +++++---------- users/test/support/auth_test_helper.rb | 24 +++++++++++++++++++--- 3 files changed, 32 insertions(+), 22 deletions(-) diff --git a/users/test/functional/application_controller_test.rb b/users/test/functional/application_controller_test.rb index d13a354..4397e1d 100644 --- a/users/test/functional/application_controller_test.rb +++ b/users/test/functional/application_controller_test.rb @@ -3,39 +3,37 @@ require 'test_helper' class ApplicationControllerTest < ActionController::TestCase def setup - @user_id = stub - @user = stub - session[:user_id] = @user_id # so we can test the effect on the response @controller.response = @response end def test_authorize_redirect - session[:user_id] = nil + stub_logged_out @controller.send(:authorize) assert_access_denied end def test_current_user_with_caching - User.expects(:find).once.with(@user_id).returns(@user) + @user = stub_logged_in assert_equal @user, @controller.send(:current_user) assert_equal @user, @controller.send(:current_user) # tests caching end def test_authorized - User.expects(:find).once.with(@user_id).returns(@user) + @user = stub_logged_in @controller.send(:authorize) + assert_access_denied(false) end def test_admin bool = stub - User.expects(:find).once.with(@user_id).returns(@user) + @user = stub_logged_in @user.expects(:is_admin?).returns(bool) assert_equal bool, @controller.send(:admin?) end def test_authorize_admin - User.expects(:find).once.with(@user_id).returns(@user) + @user = stub_logged_in @user.expects(:is_admin?).returns(false) @controller.send(:authorize_admin) assert_access_denied diff --git a/users/test/functional/helper_methods_test.rb b/users/test/functional/helper_methods_test.rb index 0d76f63..c0eaf61 100644 --- a/users/test/functional/helper_methods_test.rb +++ b/users/test/functional/helper_methods_test.rb @@ -16,31 +16,25 @@ class HelperMethodsTest < ActionController::TestCase @controller end - def setup - @user_id = stub - @user = stub - session[:user_id] = @user_id - end - def test_current_user_with_caching - User.expects(:find).once.with(@user_id).returns(@user) + @user = stub_logged_in assert_equal @user, current_user assert_equal @user, current_user # tests caching end def test_logged_in - User.expects(:find).once.with(@user_id).returns(@user) + @user = stub_logged_in assert logged_in? end - def test_logged_in - User.expects(:find).once.with(@user_id).returns(nil) + def test_logged_out + stub_logged_out assert !logged_in? end def test_admin bool = stub - User.expects(:find).once.with(@user_id).returns(@user) + @user = stub_logged_in @user.expects(:is_admin?).returns(bool) assert_equal bool, admin? end diff --git a/users/test/support/auth_test_helper.rb b/users/test/support/auth_test_helper.rb index c30421f..d5d52b1 100644 --- a/users/test/support/auth_test_helper.rb +++ b/users/test/support/auth_test_helper.rb @@ -1,7 +1,25 @@ module AuthTestHelper - def assert_access_denied - assert_equal({:alert => "Not authorized"}, flash.to_hash) - assert_redirected_to login_path + def stub_logged_in + @user_id = stub + @user = stub + session[:user_id] = @user_id + User.expects(:find).once.with(@user_id).returns(@user) + return @user + end + + def stub_logged_out + @user_id = stub + session[:user_id] = @user_id + User.expects(:find).once.with(@user_id).returns(nil) + end + + def assert_access_denied(denied = true) + if denied + assert_equal({:alert => "Not authorized"}, flash.to_hash) + assert_redirected_to login_path + else + assert flash[:alert].blank? + end end end -- cgit v1.2.3 From 2c2a80812818362d0e0c416deefd4aee2787dd9e Mon Sep 17 00:00:00 2001 From: Azul Date: Wed, 24 Oct 2012 20:50:40 +0200 Subject: removing duplicate testing of helper_methods * once tested as helper * once tested as @controller.send... --- users/test/functional/application_controller_test.rb | 13 ------------- 1 file changed, 13 deletions(-) diff --git a/users/test/functional/application_controller_test.rb b/users/test/functional/application_controller_test.rb index 4397e1d..69bcb2f 100644 --- a/users/test/functional/application_controller_test.rb +++ b/users/test/functional/application_controller_test.rb @@ -13,25 +13,12 @@ class ApplicationControllerTest < ActionController::TestCase assert_access_denied end - def test_current_user_with_caching - @user = stub_logged_in - assert_equal @user, @controller.send(:current_user) - assert_equal @user, @controller.send(:current_user) # tests caching - end - def test_authorized @user = stub_logged_in @controller.send(:authorize) assert_access_denied(false) end - def test_admin - bool = stub - @user = stub_logged_in - @user.expects(:is_admin?).returns(bool) - assert_equal bool, @controller.send(:admin?) - end - def test_authorize_admin @user = stub_logged_in @user.expects(:is_admin?).returns(false) -- cgit v1.2.3 From a2a8caf577415ef51c0f99da43f9b47bde226fc6 Mon Sep 17 00:00:00 2001 From: Azul Date: Mon, 29 Oct 2012 12:08:25 +0100 Subject: first steps at is_admin? --- config/initializers/load_config.rb | 1 + users/app/models/user.rb | 7 ++----- 2 files changed, 3 insertions(+), 5 deletions(-) create mode 100644 config/initializers/load_config.rb diff --git a/config/initializers/load_config.rb b/config/initializers/load_config.rb new file mode 100644 index 0000000..e687429 --- /dev/null +++ b/config/initializers/load_config.rb @@ -0,0 +1 @@ +APP_CONFIG = YAML.load_file("#{Rails.root}/config/config.yml")[Rails.env] diff --git a/users/app/models/user.rb b/users/app/models/user.rb index 1afb9db..9bbf169 100644 --- a/users/app/models/user.rb +++ b/users/app/models/user.rb @@ -63,11 +63,8 @@ class User < CouchRest::Model::Base login end - def self.current - Thread.current[:user] - end - def self.current=(user) - Thread.current[:user] = user + def is_admin? + APP_CONFIG['admins'].include? self.id end end -- cgit v1.2.3 From b5738bdf7abaa671a7363e279592eae73635f572 Mon Sep 17 00:00:00 2001 From: elijah Date: Tue, 30 Oct 2012 11:38:48 -0700 Subject: new README --- README.md | 64 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Readme.md | 24 ------------------------ 2 files changed, 64 insertions(+), 24 deletions(-) create mode 100644 README.md delete mode 100644 Readme.md diff --git a/README.md b/README.md new file mode 100644 index 0000000..7e1ad1a --- /dev/null +++ b/README.md @@ -0,0 +1,64 @@ +LEAP Web +--------------------- + +"LEAP Web" is the web-based component of the LEAP Platform, providing the following services: + +* REST API for user registration. +* Admin interface to manage users. +* Client certificate distribution and renewal. +* User support help tickets. + +This web application is written in Ruby on Rails 3, using CouchDB as the backend data store. + +Original code specific to this web application is licensed under the GNU Affero General Public License (version 3.0 or higher). See http://www.gnu.org/licenses/agpl-3.0.html for more information. + +Documentation +--------------------------- + +For more information, see these files in the ``doc`` directory: + +* DEPLOY -- for notes on deployment. +* DEVELOP -- for developer notes. +* CUSTOM -- how to customize. + +Installation +--------------------------- + +Typically, this application is installed automatically as part of the LEAP Platform. To install it manually for testing or development, follow these instructions: + +### Install system requirements + + sudo apt-get install git ruby1.8 rubygems1.8 couchdb + sudo gem bundler + +On Debian Wheezy or later, there is a Debian package for bundler, so you can alternately run ``sudo apt-get install bundler``. + +### Download source + + git clone git://leap.se/leap_web + git submodule update --init + +### Install required ruby libraries + + cd leap_web + bundle + +Typically, you run ``bundle`` as a normal user and it will ask you for a sudo password when it is time to install the required gems. If you don't have sudo, run ``bundle`` as root. + +Configuration +---------------------------- + +The webapp can hand out certs for the EIP client. These certs are either picked from a pool in CouchDB or from a file. For now you can either run [Leap CA](http://github.com/leapcode/leap_ca) to fill the pool or you can put your certs file in config/cert. + +We also ship provider information through the webapp. For now please add your eip-service.json to the public/config directory. + +Running +----------------------------- + + cd leap_web + rails server + +Then open http://localhost:3000 in your web browser. + +To peruse the database, visit http://localhost:5984/_utils/ + diff --git a/Readme.md b/Readme.md deleted file mode 100644 index 8b51b4d..0000000 --- a/Readme.md +++ /dev/null @@ -1,24 +0,0 @@ -# Leap Web # - -Web application for LEAP. Currently Leap Web allows Leap providers to manage users, hand out certs for the EIP. - -## Functions ## - -### Supported ### - -* *User Management* - User Registration and Authentication -* *Cert Distribution* - Certs for the Encrypted Internet Proxy - -### Under Development ### - -* *Help Desk* - Managing Help Requests - - -## Documentation ## - -* [INSTALL](https://github.com/leapcode/leap_web/blob/master/INSTALL.md) for installation instructions -* [DEPLOY](https://github.com/leapcode/leap_web/blob/master/DEPLOY.md) for deployment -* [DEVELOP](https://github.com/leapcode/leap_web/blob/master/DEVELOP.md) for developer notes. -* [CUSTOM](https://github.com/leapcode/leap_web/blob/master/CUSTOM.md) to customize. - - -- cgit v1.2.3 From b7cf67590042eca10381a95f8b74070d7430dbdb Mon Sep 17 00:00:00 2001 From: Azul Date: Wed, 31 Oct 2012 10:40:03 +0100 Subject: user creation should send ok flag so js can start login --- users/app/models/user.rb | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/users/app/models/user.rb b/users/app/models/user.rb index 8b7c0b3..b57af98 100644 --- a/users/app/models/user.rb +++ b/users/app/models/user.rb @@ -44,7 +44,10 @@ class User < CouchRest::Model::Base end def to_json(options={}) - super(options.merge(:only => ['login', 'password_salt'])) + { + :login => login, + :ok => valid? + }.to_json(options) end def initialize_auth(aa) -- cgit v1.2.3 From f738852867423130c49221522eb8825c161b0f5a Mon Sep 17 00:00:00 2001 From: Azul Date: Wed, 31 Oct 2012 10:46:38 +0100 Subject: minor: need to cd into leap_web before initializing submodules --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 7e1ad1a..3ea47bb 100644 --- a/README.md +++ b/README.md @@ -36,6 +36,7 @@ On Debian Wheezy or later, there is a Debian package for bundler, so you can alt ### Download source git clone git://leap.se/leap_web + cd leap_web git submodule update --init ### Install required ruby libraries -- cgit v1.2.3 From 4b7333eec8eaf0c01227ade9d77a21f7a879ff0b Mon Sep 17 00:00:00 2001 From: Azul Date: Wed, 31 Oct 2012 17:39:06 +0100 Subject: using controller extensions for application controller by hand --- app/controllers/application_controller.rb | 7 +------ users/app/controllers/application_controller.rb | 14 -------------- .../controllers/controller_extension/authentication.rb | 17 +++++++++++++++++ users/config/initializers/add_controller_methods.rb | 3 +++ 4 files changed, 21 insertions(+), 20 deletions(-) delete mode 100644 users/app/controllers/application_controller.rb create mode 100644 users/app/controllers/controller_extension/authentication.rb create mode 100644 users/config/initializers/add_controller_methods.rb diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 693bd86..be7aa1f 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -1,10 +1,5 @@ class ApplicationController < ActionController::Base protect_from_forgery - helper_method :current_user - - private - def current_user - @current_user ||= User.find(session[:user_id]) if session[:user_id] - end + ActiveSupport.run_load_hooks(:application_controller, self) end diff --git a/users/app/controllers/application_controller.rb b/users/app/controllers/application_controller.rb deleted file mode 100644 index 64e1a55..0000000 --- a/users/app/controllers/application_controller.rb +++ /dev/null @@ -1,14 +0,0 @@ -class ApplicationController < ActionController::Base - protect_from_forgery - - private - - def current_user - @current_user ||= User.find(session[:user_id]) if session[:user_id] - end - helper_method :current_user - - def authorize - redirect_to login_url, alert: "Not authorized" if current_user.nil? - end -end diff --git a/users/app/controllers/controller_extension/authentication.rb b/users/app/controllers/controller_extension/authentication.rb new file mode 100644 index 0000000..507b62f --- /dev/null +++ b/users/app/controllers/controller_extension/authentication.rb @@ -0,0 +1,17 @@ +module ControllerExtension::Authentication + extend ActiveSupport::Concern + + private + + included do + helper_method :current_user + end + + def current_user + @current_user ||= User.find(session[:user_id]) if session[:user_id] + end + + def authorize + redirect_to login_url, :alert => "Not authorized" if current_user.nil? + end +end diff --git a/users/config/initializers/add_controller_methods.rb b/users/config/initializers/add_controller_methods.rb new file mode 100644 index 0000000..2579176 --- /dev/null +++ b/users/config/initializers/add_controller_methods.rb @@ -0,0 +1,3 @@ +ActiveSupport.on_load(:application_controller) do + include ControllerExtension::Authentication +end -- cgit v1.2.3 From 6c60b179a09030da985462d15dbdf076367b5ea4 Mon Sep 17 00:00:00 2001 From: jessib Date: Wed, 31 Oct 2012 12:10:07 -0700 Subject: Code to check administration (and ugly test display.) This includes example config file. --- .gitignore | 3 +++ README.md | 3 +++ config/config.yml.example | 8 ++++++++ .../controller_extension/authentication.rb | 21 +++++++++++++++++++-- users/app/models/user.rb | 3 ++- users/app/views/sessions/_nav.html.haml | 5 ++++- 6 files changed, 39 insertions(+), 4 deletions(-) create mode 100644 config/config.yml.example diff --git a/.gitignore b/.gitignore index 93547cd..d447b54 100644 --- a/.gitignore +++ b/.gitignore @@ -20,3 +20,6 @@ */Gemfile.lock test/dummy/log/* test/dummy/tmp/* + +# Ignore configuration file. +config/config.yml \ No newline at end of file diff --git a/README.md b/README.md index 3ea47bb..fee4e60 100644 --- a/README.md +++ b/README.md @@ -53,6 +53,9 @@ The webapp can hand out certs for the EIP client. These certs are either picked We also ship provider information through the webapp. For now please add your eip-service.json to the public/config directory. +Copy the example configuration file and customize as appropriate: + cp config/config.yml.example config/config.yml + Running ----------------------------- diff --git a/config/config.yml.example b/config/config.yml.example new file mode 100644 index 0000000..e3a0112 --- /dev/null +++ b/config/config.yml.example @@ -0,0 +1,8 @@ +development: + admins: [admin, admin2] + +test: + admins: [admin, admin2] + +production + admins: [] diff --git a/users/app/controllers/controller_extension/authentication.rb b/users/app/controllers/controller_extension/authentication.rb index 507b62f..c3342f3 100644 --- a/users/app/controllers/controller_extension/authentication.rb +++ b/users/app/controllers/controller_extension/authentication.rb @@ -4,14 +4,31 @@ module ControllerExtension::Authentication private included do - helper_method :current_user + helper_method :current_user, :logged_in?, :admin? end def current_user @current_user ||= User.find(session[:user_id]) if session[:user_id] end + def logged_in? + !!current_user + end + def authorize - redirect_to login_url, :alert => "Not authorized" if current_user.nil? + access_denied unless logged_in? end + + def access_denied + redirect_to login_url, :alert => "Not authorized" + end + + def admin? + current_user && current_user.is_admin? + end + + def authorize_admin + access_denied unless admin? + end + end diff --git a/users/app/models/user.rb b/users/app/models/user.rb index 2b8ead7..0f5d650 100644 --- a/users/app/models/user.rb +++ b/users/app/models/user.rb @@ -66,8 +66,9 @@ class User < CouchRest::Model::Base login end + # Since we are storing admins by login, we cannot allow admins to change their login. def is_admin? - APP_CONFIG['admins'].include? self.id + APP_CONFIG['admins'].include? self.login end end diff --git a/users/app/views/sessions/_nav.html.haml b/users/app/views/sessions/_nav.html.haml index a5397bd..204ba88 100644 --- a/users/app/views/sessions/_nav.html.haml +++ b/users/app/views/sessions/_nav.html.haml @@ -1,6 +1,9 @@ -- if current_user +- if logged_in? %li + = 'logged in as ' + current_user.login = link_to t(:logout), logout_path + - if admin? + = 'ADMIN' # obviously not like this - else %li = link_to t(:login), login_path -- cgit v1.2.3 From 872b9fa6759d5708f5efb19ba46b3c8e2b5d4862 Mon Sep 17 00:00:00 2001 From: jessib Date: Wed, 31 Oct 2012 12:19:15 -0700 Subject: Looks like the help code has already been merged into the develop branch, and thus merging into feature-admin_users branch. --- Gemfile | 2 +- Gemfile.lock | 7 +++ help/app/controllers/tickets_controller.rb | 73 +++++++++++++++++++++++++ help/app/models/ticket.rb | 36 ++++++++++-- help/app/models/ticket_comment.rb | 14 +++-- help/app/views/tickets/_comment.html.haml | 13 +++++ help/app/views/tickets/_new_comment.html.haml | 3 + help/app/views/tickets/index.html.haml | 10 ++++ help/app/views/tickets/new.html.haml | 16 ++++++ help/app/views/tickets/show.html.haml | 26 +++++++++ help/config/routes.rb | 3 + help/test/functional/tickets_controller_test.rb | 63 +++++++++++++++++++++ help/test/unit/ticket_comment_test.rb | 11 ++-- help/test/unit/ticket_test.rb | 8 ++- 14 files changed, 266 insertions(+), 19 deletions(-) create mode 100644 help/app/controllers/tickets_controller.rb create mode 100644 help/app/views/tickets/_comment.html.haml create mode 100644 help/app/views/tickets/_new_comment.html.haml create mode 100644 help/app/views/tickets/index.html.haml create mode 100644 help/app/views/tickets/new.html.haml create mode 100644 help/app/views/tickets/show.html.haml create mode 100644 help/test/functional/tickets_controller_test.rb diff --git a/Gemfile b/Gemfile index 10c661a..40030b5 100644 --- a/Gemfile +++ b/Gemfile @@ -9,7 +9,7 @@ eval(File.read(File.dirname(__FILE__) + '/ui_dependencies.rb')) gem "leap_web_core", :path => 'core' gem 'leap_web_users', :path => 'users' gem 'leap_web_certs', :path => 'certs' -# gem 'leap_web_help', :path => 'help' +gem 'leap_web_help', :path => 'help' # To use debugger gem 'ruby-debug' diff --git a/Gemfile.lock b/Gemfile.lock index a982c2a..86cb8e8 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -14,6 +14,12 @@ PATH json rails (~> 3.2.8) +PATH + remote: help + specs: + leap_web_help (0.1.0) + leap_web_core (= 0.1.0) + PATH remote: users specs: @@ -173,6 +179,7 @@ DEPENDENCIES jquery-rails leap_web_certs! leap_web_core! + leap_web_help! leap_web_users! mocha ruby-debug diff --git a/help/app/controllers/tickets_controller.rb b/help/app/controllers/tickets_controller.rb new file mode 100644 index 0000000..4c7415b --- /dev/null +++ b/help/app/controllers/tickets_controller.rb @@ -0,0 +1,73 @@ +class TicketsController < ApplicationController + + respond_to :html #, :json + #has_scope :open, :type => boolean + + def new + @ticket = Ticket.new + @ticket.comments.build + end + + def create + @ticket = Ticket.new(params[:ticket]) + if current_user + @ticket.created_by = current_user.id + @ticket.email = current_user.email if current_user.email + @ticket.comments.last.posted_by = current_user.id + else + @ticket.comments.last.posted_by = nil #hacky, but protecting this attribute doesn't work right, so this should make sure it isn't set. + end + + flash[:notice] = 'Ticket was successfully created.' if @ticket.save + respond_with(@ticket) + + end + +=begin + def edit + @ticket = Ticket.find(params[:id]) + @ticket.comments.build + # build ticket comments? + end +=end + + def show + @ticket = Ticket.find(params[:id]) + # @ticket.comments.build + # build ticket comments? + end + + def update + @ticket = Ticket.find(params[:id]) + @ticket.attributes = params[:ticket] + + @ticket.comments.last.posted_by = (current_user ? current_user.id : nil) #protecting posted_by isn't working, so this should protect it. + + if @ticket.save + flash[:notice] = 'Ticket was successfully updated.' + respond_with @ticket + else + #redirect_to [:show, @ticket] # + flash[:alert] = 'Ticket has not been changed' + redirect_to @ticket + #respond_with(@ticket) # why does this go to edit?? redirect??? + end + end + + def index + # @tickets = Ticket.by_title #not actually what we will want + respond_with(@tickets = Ticket.all) #we'll want only tickets that this user can access + end + + private + + # not using now, as we are using comment_attributes= from the Ticket model +=begin + def add_comment + comment = TicketComment.new(params[:comment]) + comment.posted_by = User.current.id if User.current #could be nil + comment.posted_at = Time.now # TODO: it seems strange to have this here, and not in model + @ticket.comments << comment + end +=end +end diff --git a/help/app/models/ticket.rb b/help/app/models/ticket.rb index 784d7ef..f38fed2 100644 --- a/help/app/models/ticket.rb +++ b/help/app/models/ticket.rb @@ -15,8 +15,8 @@ class Ticket < CouchRest::Model::Base =end #belongs_to :user #from leap_web_users. doesn't necessarily belong to a user though - property :created_by, Integer #nil unless user was authenticated for ticket creation, #THIS should not be changed after being set - property :regarding_user, Integer # form cannot be submitted if they type in a username w/out corresponding ID. this field can be nil. for authenticated ticket creation by non-admins, should this just automatically be set to be same as created_by? or maybe we don't use this field unless created_by is nil? + property :created_by, String, :protected => true #Integer #nil unless user was authenticated for ticket creation, #THIS should not be changed after being set + #property :regarding_user, String#Integer # form cannot be submitted if they type in a username w/out corresponding ID. this field can be nil. for authenticated ticket creation by non-admins, should this just automatically be set to be same as created_by? or maybe we don't use this field unless created_by is nil? #also, both created_by and regarding_user could be nil---say user forgets username, or has general question property :title, String property :email, String #verify @@ -29,18 +29,27 @@ class Ticket < CouchRest::Model::Base timestamps! - before_validation :set_created_by, :set_code, :on => :create + #before_validation :set_created_by, :set_code, :set_email, :on => :create + before_validation :set_code, :set_email, :on => :create + + + #named_scope :open, :conditions => {:is_open => true} #?? design do view :by_title end + validates :title, :presence => true + #validates :comments, :presence => true #do we want it like this? + + # html5 has built-in validation which isn't ideal, as it says 'please enter an email address' for invalid email addresses, which implies an email address is required, and it is not. validates :email, :format => /\A([^@\s]+)@((?:[-a-z0-9]+\.)+[a-z]{2,})\Z/, :if => :email #email address is optional - def set_created_by - self.created_by = User.current if User.current - end + #TODO: + #def set_created_by + # self.created_by = User.current if User.current + #end def is_creator_validated? !!created_by @@ -51,6 +60,12 @@ class Ticket < CouchRest::Model::Base self.code = SecureRandom.hex(8) if !is_creator_validated? end + + def set_email + self.email = nil if self.email == "" + # in controller set to be current users email if that exists + end + def close self.is_open = false save @@ -61,6 +76,15 @@ class Ticket < CouchRest::Model::Base save end + def comments_attributes=(attributes) + + comment = TicketComment.new(attributes.values.first) #TicketComment.new(attributes) + #comment.posted_by = User.current.id if User.current #we want to avoid User.current, and current_user won't work here. instead will set in tickets_controller + comment.posted_at = Time.now + comments << comment + + end + =begin def validate if email_address and not email_address.strip =~ RFC822::EmailAddress diff --git a/help/app/models/ticket_comment.rb b/help/app/models/ticket_comment.rb index 652133a..49e5c6c 100644 --- a/help/app/models/ticket_comment.rb +++ b/help/app/models/ticket_comment.rb @@ -2,13 +2,15 @@ class TicketComment include CouchRest::Model::Embeddable #belongs_to :ticket #is this best way to do it? will want to access all of a tickets comments, so maybe this isn't the way? - property :posted_by, Integer, :protected => true# maybe this should be current_user if that is set, meaning the user is logged in #String # user?? + property :posted_by, String#, :protected => true #Integer#this should be current_user if that is set, meaning the user is logged in #cannot have it be protected and set via comments_attributes=. also, if it is protected and we set in the tickets_controller, it gets unset. TODO---is this okay to have it not protected and manually check it? We do not users to be able to set this. # if the current user is not set, then we could just say the comment comes from an 'unauthenticated user', which would be somebody with the secret URL - property :posted_at, Time, :protected => true + property :posted_at, Time#, :protected => true #property :posted_verified, TrueClass, :protected => true #should be true if current_user is set when the comment is created property :body, String - before_validation :set_time#, :set_posted_by + # ? timestamps! + validates :body, :presence => true + #before_validation :set_time#, :set_posted_by #design do # view :by_posted_at @@ -18,10 +20,14 @@ class TicketComment def is_comment_validated? !!posted_by end - + +=begin + #TODO. + #this is resetting all comments associated with the ticket: def set_time self.posted_at = Time.now end +=end =begin def set_posted_by diff --git a/help/app/views/tickets/_comment.html.haml b/help/app/views/tickets/_comment.html.haml new file mode 100644 index 0000000..1ba3bd1 --- /dev/null +++ b/help/app/views/tickets/_comment.html.haml @@ -0,0 +1,13 @@ +- # style is super ugly but just for now +%div{:style => "border: solid 1px"} + - if User.find(comment.posted_by) + Posted by + = User.find(comment.posted_by).login + - else + Unauthenticated post + %p + Posted at + = comment.posted_at + %p + = comment.body + %p \ No newline at end of file diff --git a/help/app/views/tickets/_new_comment.html.haml b/help/app/views/tickets/_new_comment.html.haml new file mode 100644 index 0000000..a924dfd --- /dev/null +++ b/help/app/views/tickets/_new_comment.html.haml @@ -0,0 +1,3 @@ += #do we want this partial? not using it now += simple_fields_for :comment do |c| + = c.input :body, :label => 'Comment', :as => :text diff --git a/help/app/views/tickets/index.html.haml b/help/app/views/tickets/index.html.haml new file mode 100644 index 0000000..6db2140 --- /dev/null +++ b/help/app/views/tickets/index.html.haml @@ -0,0 +1,10 @@ +%h2 tickets index (just as space) +Create a += link_to "new ticket", new_ticket_path += # below shouldn't be unless logged in +%h2 Tickets += # want to have selection option to see tickets, that are open, closed or all +- @tickets.each do |ticket| + %p + = link_to ticket.title, ticket += #render(:partial => "ticket", :collection => @tickets) diff --git a/help/app/views/tickets/new.html.haml b/help/app/views/tickets/new.html.haml new file mode 100644 index 0000000..537b97f --- /dev/null +++ b/help/app/views/tickets/new.html.haml @@ -0,0 +1,16 @@ +%h2=t :new_ticket += simple_form_for(@ticket, :html => {:novalidate => true}) do |f| #turn off html5 validations to test + = #@ticket.errors.messages + = f.input :title + = #f.input :email #if there is no current_user + = f.input :email if !current_user #hmm--might authenticated users want to submit an alternate email? + + = f.simple_fields_for :comments do |c| + = c.input :body, :label => 'Comment', :as => :text + + = #render :partial => 'new_comment' #what we were using + = # regarding_user if not logged in + = # email if not logged in + = #f.button :submit, :value => t(:submit), :class => 'btn-primary' + = f.button :submit + = link_to t(:cancel), tickets_path, :class => :btn diff --git a/help/app/views/tickets/show.html.haml b/help/app/views/tickets/show.html.haml new file mode 100644 index 0000000..a9b994e --- /dev/null +++ b/help/app/views/tickets/show.html.haml @@ -0,0 +1,26 @@ +- if flash[:notice] + =flash[:notice] +- if flash[:alert] + =flash[:alert] +%h2= @ticket.title +is open? += @ticket.is_open +- if @ticket.code + code: + = @ticket.code +- if @ticket.email + email: + = @ticket.email +- if User.find(@ticket.created_by) + Created by + = User.find(@ticket.created_by).login +- else + Unauthenticated ticket creator += render(:partial => "comment", :collection => @ticket.comments) + += simple_form_for (@ticket, :html => {:novalidate => true}) do |f| #turn off html5 validations to test + = f.simple_fields_for :comments, TicketComment.new do |c| + = c.input :body, :label => 'Comment', :as => :text + = #render :partial => 'new_comment' + = f.button :submit + = link_to t(:cancel), tickets_path, :class => :btn \ No newline at end of file diff --git a/help/config/routes.rb b/help/config/routes.rb index 1daf9a4..5e57e02 100644 --- a/help/config/routes.rb +++ b/help/config/routes.rb @@ -1,2 +1,5 @@ Rails.application.routes.draw do + + resources :tickets, :only => [:new, :create, :index, :show, :update] + #resources :ticket, :only => [:show] end diff --git a/help/test/functional/tickets_controller_test.rb b/help/test/functional/tickets_controller_test.rb new file mode 100644 index 0000000..7a03a86 --- /dev/null +++ b/help/test/functional/tickets_controller_test.rb @@ -0,0 +1,63 @@ +require 'test_helper' + +class TicketsControllerTest < ActionController::TestCase + + test "should get index" do + get :index + assert_response :success + assert_not_nil assigns(:tickets) + end + + test "should get new" do + get :new + assert_equal Ticket, assigns(:ticket).class + assert_response :success + end + + + test "should create unauthenticated ticket" do + params = {:title => "ticket test title", :comments_attributes => {"0" => {"body" =>"body of test ticket"}}} + + assert_difference('Ticket.count') do + post :create, :ticket => params + end + + assert_response :redirect + #assert_equal assigns(:ticket).email, User.current.email + #assert_equal User.find(assigns(:ticket).created_by).login, User.current.login + assert_nil assigns(:ticket).created_by + + assert_equal assigns(:ticket).comments.count, 1 + end + + + test "should create authenticated ticket" do + + params = {:title => "ticket test title", :comments_attributes => {"0" => {"body" =>"body of test ticket"}}} + + #todo: should redo this and actually authorize + user = User.last + session[:user_id] = user.id + + assert_difference('Ticket.count') do + post :create, :ticket => params + end + + assert_response :redirect + assert_equal assigns(:ticket).created_by, user.id + assert_equal assigns(:ticket).email, user.email + + assert_equal assigns(:ticket).comments.count, 1 + end + + test "add comment to ticket" do + + t = Ticket.last + comment_count = t.comments.count + put :update, :id => t.id, :ticket => {:comments_attributes => {"0" => {"body" =>"NEWER comment"}} } + assert_equal(comment_count + 1, assigns(:ticket).comments.count) + #assert_difference block isn't working + + end + +end diff --git a/help/test/unit/ticket_comment_test.rb b/help/test/unit/ticket_comment_test.rb index 883720f..1fe1fe2 100644 --- a/help/test/unit/ticket_comment_test.rb +++ b/help/test/unit/ticket_comment_test.rb @@ -16,8 +16,8 @@ class TicketCommentTest < ActiveSupport::TestCase comment2 = TicketComment.new :body => "help my email is broken!" assert comment2.valid? - assert_not_nil comment2.posted_at - assert_nil comment2.posted_by #if not logged in + #assert_not_nil comment2.posted_at #? + #assert_nil comment2.posted_by #if not logged in #TODO #comment.ticket = testticket #Ticket.find_by_title("testing") #assert_equal testticket.title, comment.ticket.title @@ -49,9 +49,10 @@ class TicketCommentTest < ActiveSupport::TestCase testticket.comments << comment2 #this should validate comment2 testticket.valid? assert_equal testticket.comments.count, 2 - assert_not_nil comment.posted_at - assert_not_nil testticket.comments.last.posted_at - assert testticket.comments.first.posted_at < testticket.comments.last.posted_at + # where should posted_at be set? + #assert_not_nil comment.posted_at + #assert_not_nil testticket.comments.last.posted_at + #assert testticket.comments.first.posted_at < testticket.comments.last.posted_at end end diff --git a/help/test/unit/ticket_test.rb b/help/test/unit/ticket_test.rb index c3a4759..6b63a23 100644 --- a/help/test/unit/ticket_test.rb +++ b/help/test/unit/ticket_test.rb @@ -41,18 +41,20 @@ class TicketTest < ActiveSupport::TestCase assert @sample.is_creator_validated? end +=begin +# TODO: do once have current_user stuff in order test "code if & only if not creator-validated" do + User.current_test = nil t1 = Ticket.create :title => 'test title' assert_not_nil t1.code assert_nil t1.created_by - User.current = 4 + User.current_test = 4 t2 = Ticket.create :title => 'test title' assert_nil t2.code assert_not_nil t2.created_by - - end +=end end -- cgit v1.2.3 From cb0ac8a9fac97341f86335ff713be8d7cb5e5e67 Mon Sep 17 00:00:00 2001 From: Azul Date: Fri, 2 Nov 2012 19:46:36 +0100 Subject: minor: it's gem install bundler --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 3ea47bb..5c53421 100644 --- a/README.md +++ b/README.md @@ -29,7 +29,7 @@ Typically, this application is installed automatically as part of the LEAP Platf ### Install system requirements sudo apt-get install git ruby1.8 rubygems1.8 couchdb - sudo gem bundler + sudo gem install bundler On Debian Wheezy or later, there is a Debian package for bundler, so you can alternately run ``sudo apt-get install bundler``. -- cgit v1.2.3 From 023d91a7ad605a9f941ad36c5d002172b25387a3 Mon Sep 17 00:00:00 2001 From: Azul Date: Fri, 2 Nov 2012 19:50:10 +0100 Subject: add debugger for ruby 1.9 so it works too. --- Gemfile | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/Gemfile b/Gemfile index 40030b5..8b13e51 100644 --- a/Gemfile +++ b/Gemfile @@ -12,4 +12,5 @@ gem 'leap_web_certs', :path => 'certs' gem 'leap_web_help', :path => 'help' # To use debugger -gem 'ruby-debug' +gem 'debugger', :platforms => :mri_19 +gem 'ruby-debug', :platforms => :mri_18 -- cgit v1.2.3 From 2264623a445bf5c64404ef302f63e4d99ecbd97f Mon Sep 17 00:00:00 2001 From: Azul Date: Sun, 4 Nov 2012 16:23:16 +0100 Subject: minor: yaml syntax fix --- config/config.yml.example | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/config/config.yml.example b/config/config.yml.example index e3a0112..c34dd10 100644 --- a/config/config.yml.example +++ b/config/config.yml.example @@ -4,5 +4,5 @@ development: test: admins: [admin, admin2] -production +production: admins: [] -- cgit v1.2.3 From 5c6395d8b1a8c7cf540dae9fdd37f3e68554215c Mon Sep 17 00:00:00 2001 From: Azul Date: Sun, 4 Nov 2012 16:24:35 +0100 Subject: fixing tests, including support files from all engines --- test/dummy/app/controllers/application_controller.rb | 5 +++++ test/test_helper.rb | 3 +++ users/test/integration/api/account_flow_test.rb | 2 +- users/test/support/auth_test_helper.rb | 4 ++++ users/test/test_helper.rb | 4 ---- users/test/unit/user_test.rb | 2 +- 6 files changed, 14 insertions(+), 6 deletions(-) create mode 100644 test/dummy/app/controllers/application_controller.rb diff --git a/test/dummy/app/controllers/application_controller.rb b/test/dummy/app/controllers/application_controller.rb new file mode 100644 index 0000000..be7aa1f --- /dev/null +++ b/test/dummy/app/controllers/application_controller.rb @@ -0,0 +1,5 @@ +class ApplicationController < ActionController::Base + protect_from_forgery + + ActiveSupport.run_load_hooks(:application_controller, self) +end diff --git a/test/test_helper.rb b/test/test_helper.rb index f7d48ec..50d5159 100644 --- a/test/test_helper.rb +++ b/test/test_helper.rb @@ -4,6 +4,9 @@ require 'rails/test_help' require 'mocha' +# Load support files from all engines +Dir["#{File.dirname(__FILE__)}/../*/test/support/**/*.rb"].each { |f| require f } + class ActiveSupport::TestCase # Add more helper methods to be used by all tests here... end diff --git a/users/test/integration/api/account_flow_test.rb b/users/test/integration/api/account_flow_test.rb index 66de1e5..5800d46 100644 --- a/users/test/integration/api/account_flow_test.rb +++ b/users/test/integration/api/account_flow_test.rb @@ -39,7 +39,7 @@ class AccountFlowTest < ActionDispatch::IntegrationTest end test "signup response" do - assert_json_response @user_params.slice(:login, :password_salt) + assert_json_response :login => @login, :ok => true assert_response :success end diff --git a/users/test/support/auth_test_helper.rb b/users/test/support/auth_test_helper.rb index d5d52b1..9412058 100644 --- a/users/test/support/auth_test_helper.rb +++ b/users/test/support/auth_test_helper.rb @@ -23,3 +23,7 @@ module AuthTestHelper end end end + +class ActionController::TestCase + include AuthTestHelper +end diff --git a/users/test/test_helper.rb b/users/test/test_helper.rb index ae6a35c..e8f0125 100644 --- a/users/test/test_helper.rb +++ b/users/test/test_helper.rb @@ -7,7 +7,3 @@ Rails.backtrace_cleaner.remove_silencers! # Load support files Dir["#{File.dirname(__FILE__)}/support/**/*.rb"].each { |f| require f } - -class ActionController::TestCase - include AuthTestHelper -end diff --git a/users/test/unit/user_test.rb b/users/test/unit/user_test.rb index 822ef33..f057ca7 100644 --- a/users/test/unit/user_test.rb +++ b/users/test/unit/user_test.rb @@ -19,7 +19,7 @@ class UserTest < ActiveSupport::TestCase end test "test require alphanumerical for login" do - @user.login = "qwär" + @user.login = "qw#r" assert !@user.valid? end -- cgit v1.2.3 From 19008253d01fd6d7a864e98a7ae5dc216070aee1 Mon Sep 17 00:00:00 2001 From: Azul Date: Sun, 4 Nov 2012 16:28:58 +0100 Subject: using ruby-srp 0.1.4 - ruby 1.9.3 compatible --- Gemfile.lock | 4 ++-- users/leap_web_users.gemspec | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index 86cb8e8..6792476 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -25,7 +25,7 @@ PATH specs: leap_web_users (0.1.0) leap_web_core (= 0.1.0) - ruby-srp (~> 0.1.3) + ruby-srp (~> 0.1.4) GEM remote: https://rubygems.org/ @@ -143,7 +143,7 @@ GEM ruby-debug-base (~> 0.10.4.0) ruby-debug-base (0.10.4) linecache (>= 0.3) - ruby-srp (0.1.3) + ruby-srp (0.1.4) sass (3.2.1) sass-rails (3.2.5) railties (~> 3.2.0) diff --git a/users/leap_web_users.gemspec b/users/leap_web_users.gemspec index 6d35f63..dec5a71 100644 --- a/users/leap_web_users.gemspec +++ b/users/leap_web_users.gemspec @@ -17,5 +17,5 @@ Gem::Specification.new do |s| s.add_dependency "leap_web_core", LeapWeb::VERSION - s.add_dependency "ruby-srp", "~> 0.1.3" + s.add_dependency "ruby-srp", "~> 0.1.4" end -- cgit v1.2.3