From e8032fd9027435c57572fd0d8bab411841859cbc Mon Sep 17 00:00:00 2001 From: jessib Date: Mon, 23 Dec 2013 16:44:18 -0800 Subject: Initial start to messages API. --- users/app/controllers/v1/messages_controller.rb | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) create mode 100644 users/app/controllers/v1/messages_controller.rb (limited to 'users/app/controllers/v1') diff --git a/users/app/controllers/v1/messages_controller.rb b/users/app/controllers/v1/messages_controller.rb new file mode 100644 index 0000000..e67e2a3 --- /dev/null +++ b/users/app/controllers/v1/messages_controller.rb @@ -0,0 +1,25 @@ +module V1 + class MessagesController < ApplicationController + + # TODO need to add authentication + respond_to :json + + def user_messages(unseen = true) + user_messages = unseen ? UserMessage.by_user_id_and_seen(:key => [params[:user_id], false]).all : UserMessage.by_user_id(:key => params[:user_id]).all + + messages = [] + user_messages.each do |um| + messages << Message.find(um.message.id) + end + + render json: messages + end + + + # only for PUT + def mark_read + # params[:user_id] params[:message_id] + end + + end +end -- cgit v1.2.3 From a9ff52501e9c04edacd250dd94ee3f3ad28cd73d Mon Sep 17 00:00:00 2001 From: jessib Date: Tue, 24 Dec 2013 11:13:28 -0800 Subject: API method to mark a user's message as read (will refactor) --- users/app/controllers/v1/messages_controller.rb | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) (limited to 'users/app/controllers/v1') diff --git a/users/app/controllers/v1/messages_controller.rb b/users/app/controllers/v1/messages_controller.rb index e67e2a3..a4e9aec 100644 --- a/users/app/controllers/v1/messages_controller.rb +++ b/users/app/controllers/v1/messages_controller.rb @@ -4,6 +4,7 @@ module V1 # TODO need to add authentication respond_to :json + # for now, will not pass unseen, so unseen will always be true def user_messages(unseen = true) user_messages = unseen ? UserMessage.by_user_id_and_seen(:key => [params[:user_id], false]).all : UserMessage.by_user_id(:key => params[:user_id]).all @@ -16,9 +17,17 @@ module V1 end - # only for PUT + # routes ensure this is only for PUT def mark_read - # params[:user_id] params[:message_id] + user_message = UserMessage.find_by_user_id_and_message_id([params[:user_id], params[:message_id]]) + user_message.seen = true + + # TODO what to return? + if user_message.save + render json: true + else + render json: false + end end end -- cgit v1.2.3 From e4390e2ee5b2df20038f12865db462cf1e208ee6 Mon Sep 17 00:00:00 2001 From: jessib Date: Tue, 24 Dec 2013 12:23:04 -0800 Subject: Add API tests and some refactoring of messages so we can get a user's messages within the webapp. --- users/app/controllers/v1/messages_controller.rb | 10 ++-------- 1 file changed, 2 insertions(+), 8 deletions(-) (limited to 'users/app/controllers/v1') diff --git a/users/app/controllers/v1/messages_controller.rb b/users/app/controllers/v1/messages_controller.rb index a4e9aec..fa98042 100644 --- a/users/app/controllers/v1/messages_controller.rb +++ b/users/app/controllers/v1/messages_controller.rb @@ -6,14 +6,8 @@ module V1 # for now, will not pass unseen, so unseen will always be true def user_messages(unseen = true) - user_messages = unseen ? UserMessage.by_user_id_and_seen(:key => [params[:user_id], false]).all : UserMessage.by_user_id(:key => params[:user_id]).all - - messages = [] - user_messages.each do |um| - messages << Message.find(um.message.id) - end - - render json: messages + user = User.find(params[:user_id]) + render json: (user ? user.messages : [] ) end -- cgit v1.2.3 From 7f12c795207ac818bffac42aa581bf1165f9e424 Mon Sep 17 00:00:00 2001 From: jessib Date: Tue, 24 Dec 2013 13:27:22 -0800 Subject: Catching some corner cases & new tests. --- users/app/controllers/v1/messages_controller.rb | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) (limited to 'users/app/controllers/v1') diff --git a/users/app/controllers/v1/messages_controller.rb b/users/app/controllers/v1/messages_controller.rb index fa98042..d49b161 100644 --- a/users/app/controllers/v1/messages_controller.rb +++ b/users/app/controllers/v1/messages_controller.rb @@ -10,14 +10,13 @@ module V1 render json: (user ? user.messages : [] ) end - # routes ensure this is only for PUT def mark_read user_message = UserMessage.find_by_user_id_and_message_id([params[:user_id], params[:message_id]]) - user_message.seen = true + user_message.seen = true if user_message # TODO what to return? - if user_message.save + if user_message and user_message.save render json: true else render json: false -- cgit v1.2.3 From 16b28882aa7659fb89e1661ed8af0c0db72642c8 Mon Sep 17 00:00:00 2001 From: jessib Date: Mon, 30 Dec 2013 15:22:44 -0800 Subject: Change structure to be more no-sql-y, rather than relational. --- users/app/controllers/v1/messages_controller.rb | 12 ++++++++++++ 1 file changed, 12 insertions(+) (limited to 'users/app/controllers/v1') diff --git a/users/app/controllers/v1/messages_controller.rb b/users/app/controllers/v1/messages_controller.rb index d49b161..18f9f46 100644 --- a/users/app/controllers/v1/messages_controller.rb +++ b/users/app/controllers/v1/messages_controller.rb @@ -12,6 +12,7 @@ module V1 # routes ensure this is only for PUT def mark_read +=begin user_message = UserMessage.find_by_user_id_and_message_id([params[:user_id], params[:message_id]]) user_message.seen = true if user_message @@ -22,6 +23,17 @@ module V1 render json: false end end +=end + if (user = User.find(params[:user_id])) && Message.find(params[:message_id]) + user.message_ids_seen << params[:message_id] if !user.message_ids_seen.include?(params[:message_id]) #is it quicker to instead run uniq after adding? + user.message_ids_to_see.delete(params[:message_id]) + user.save + render json: true + return + else + render json: false + end + end end end -- cgit v1.2.3 From f9c96f8844205afe3c310b5b914752068728d38f Mon Sep 17 00:00:00 2001 From: jessib Date: Tue, 31 Dec 2013 11:48:18 -0800 Subject: Cleanup of code for messages API and cron job for 1 month payment warning. Authentication still remaining piece. --- users/app/controllers/v1/messages_controller.rb | 15 +++------------ 1 file changed, 3 insertions(+), 12 deletions(-) (limited to 'users/app/controllers/v1') diff --git a/users/app/controllers/v1/messages_controller.rb b/users/app/controllers/v1/messages_controller.rb index 18f9f46..42a88f7 100644 --- a/users/app/controllers/v1/messages_controller.rb +++ b/users/app/controllers/v1/messages_controller.rb @@ -12,20 +12,11 @@ module V1 # routes ensure this is only for PUT def mark_read -=begin - user_message = UserMessage.find_by_user_id_and_message_id([params[:user_id], params[:message_id]]) - user_message.seen = true if user_message - # TODO what to return? - if user_message and user_message.save - render json: true - else - render json: false - end - end -=end + # make sure user and message exist if (user = User.find(params[:user_id])) && Message.find(params[:message_id]) - user.message_ids_seen << params[:message_id] if !user.message_ids_seen.include?(params[:message_id]) #is it quicker to instead run uniq after adding? + + user.message_ids_seen << params[:message_id] if !user.message_ids_seen.include?(params[:message_id]) #TODO: is it quicker to instead call uniq! after adding? user.message_ids_to_see.delete(params[:message_id]) user.save render json: true -- cgit v1.2.3 From 47d9b62913789358aefe769de6b7e33da8547891 Mon Sep 17 00:00:00 2001 From: jessib Date: Tue, 31 Dec 2013 12:16:43 -0800 Subject: Add authentication to API, but not sure it is best way. --- users/app/controllers/v1/messages_controller.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'users/app/controllers/v1') diff --git a/users/app/controllers/v1/messages_controller.rb b/users/app/controllers/v1/messages_controller.rb index 42a88f7..b58dfe9 100644 --- a/users/app/controllers/v1/messages_controller.rb +++ b/users/app/controllers/v1/messages_controller.rb @@ -1,7 +1,7 @@ module V1 class MessagesController < ApplicationController - # TODO need to add authentication + before_filter :authorize_admin # not sure this is best way respond_to :json # for now, will not pass unseen, so unseen will always be true -- cgit v1.2.3 From c7e66852324714a166dd35dc3d5873a0053dcb9b Mon Sep 17 00:00:00 2001 From: jessib Date: Tue, 7 Jan 2014 12:57:01 -0800 Subject: Some refactoring, to simplify user model, optimize, and allow messages to be sorted by date (although are not now.) Also, rather than use whenever gem, will have cron job created to call task. --- users/app/controllers/v1/messages_controller.rb | 29 +++++++++++-------------- 1 file changed, 13 insertions(+), 16 deletions(-) (limited to 'users/app/controllers/v1') diff --git a/users/app/controllers/v1/messages_controller.rb b/users/app/controllers/v1/messages_controller.rb index b58dfe9..371b83e 100644 --- a/users/app/controllers/v1/messages_controller.rb +++ b/users/app/controllers/v1/messages_controller.rb @@ -1,30 +1,27 @@ module V1 class MessagesController < ApplicationController - before_filter :authorize_admin # not sure this is best way + skip_before_filter :verify_authenticity_token + before_filter :authorize + respond_to :json - # for now, will not pass unseen, so unseen will always be true - def user_messages(unseen = true) - user = User.find(params[:user_id]) - render json: (user ? user.messages : [] ) + def index + render json: (current_user ? current_user.messages : [] ) end - # routes ensure this is only for PUT - def mark_read - - # make sure user and message exist - if (user = User.find(params[:user_id])) && Message.find(params[:message_id]) - - user.message_ids_seen << params[:message_id] if !user.message_ids_seen.include?(params[:message_id]) #TODO: is it quicker to instead call uniq! after adding? - user.message_ids_to_see.delete(params[:message_id]) - user.save + def update + message = Message.find(params[:id]) + if (message and current_user) + message.user_ids_to_show.delete(current_user.id) + # is it necessary to keep track of what users have already seen it?: + message.user_ids_have_shown << current_user.id if !message.user_ids_have_shown.include?(current_user.id) #TODO: is it quicker to instead call uniq! after adding? + message.save render json: true - return else render json: false end - end + end end -- cgit v1.2.3 From 6c478c5a1634b5da9d269c938f67d2ac4d8f03df Mon Sep 17 00:00:00 2001 From: jessib Date: Thu, 9 Jan 2014 12:18:37 -0800 Subject: Some more cleanup, but still want to make sure by_user_ids_to_show_and_created_at view is right before issuing pull request. --- users/app/controllers/v1/messages_controller.rb | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'users/app/controllers/v1') diff --git a/users/app/controllers/v1/messages_controller.rb b/users/app/controllers/v1/messages_controller.rb index 371b83e..1b994ca 100644 --- a/users/app/controllers/v1/messages_controller.rb +++ b/users/app/controllers/v1/messages_controller.rb @@ -14,8 +14,9 @@ module V1 message = Message.find(params[:id]) if (message and current_user) message.user_ids_to_show.delete(current_user.id) - # is it necessary to keep track of what users have already seen it?: - message.user_ids_have_shown << current_user.id if !message.user_ids_have_shown.include?(current_user.id) #TODO: is it quicker to instead call uniq! after adding? + # is it necessary to keep track of what users have already seen it? + message.user_ids_have_shown << current_user.id if !message.user_ids_have_shown.include?(current_user.id) + # TODO: is it quicker to call uniq! after adding rather than check if it is already included? message.save render json: true else -- cgit v1.2.3 From bd867c51c4d9e3d4c6b4c55d326eb9b13b89288b Mon Sep 17 00:00:00 2001 From: Azul Date: Mon, 10 Feb 2014 14:23:38 +0100 Subject: minor: move some logic from message controller into model --- users/app/controllers/v1/messages_controller.rb | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) (limited to 'users/app/controllers/v1') diff --git a/users/app/controllers/v1/messages_controller.rb b/users/app/controllers/v1/messages_controller.rb index 1b994ca..55292ff 100644 --- a/users/app/controllers/v1/messages_controller.rb +++ b/users/app/controllers/v1/messages_controller.rb @@ -13,10 +13,7 @@ module V1 def update message = Message.find(params[:id]) if (message and current_user) - message.user_ids_to_show.delete(current_user.id) - # is it necessary to keep track of what users have already seen it? - message.user_ids_have_shown << current_user.id if !message.user_ids_have_shown.include?(current_user.id) - # TODO: is it quicker to call uniq! after adding rather than check if it is already included? + message.mark_as_read_by(current_user) message.save render json: true else -- cgit v1.2.3 From 3f9dc65636afb57fed441978dca4bf7d3209bd2d Mon Sep 17 00:00:00 2001 From: Azul Date: Fri, 7 Feb 2014 14:38:56 +0100 Subject: rename authorize to require_login authorize_admin -> require_admin also add require_token which will ensure token has been used for auth. --- users/app/controllers/v1/users_controller.rb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'users/app/controllers/v1') diff --git a/users/app/controllers/v1/users_controller.rb b/users/app/controllers/v1/users_controller.rb index 0903888..a16c6e9 100644 --- a/users/app/controllers/v1/users_controller.rb +++ b/users/app/controllers/v1/users_controller.rb @@ -3,8 +3,8 @@ module V1 skip_before_filter :verify_authenticity_token before_filter :fetch_user, :only => [:update] - before_filter :authorize, :only => [:update] - before_filter :authorize_admin, :only => [:index] + before_filter :require_login, :only => [:update, :index] + before_filter :require_admin, :only => [:index] respond_to :json -- cgit v1.2.3 From cbd757cf151cd61bfdd5637d09f43e4831fec3bb Mon Sep 17 00:00:00 2001 From: Azul Date: Sat, 8 Feb 2014 16:15:46 +0100 Subject: require token when updating user via API --- users/app/controllers/v1/users_controller.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'users/app/controllers/v1') diff --git a/users/app/controllers/v1/users_controller.rb b/users/app/controllers/v1/users_controller.rb index a16c6e9..8897d01 100644 --- a/users/app/controllers/v1/users_controller.rb +++ b/users/app/controllers/v1/users_controller.rb @@ -3,8 +3,8 @@ module V1 skip_before_filter :verify_authenticity_token before_filter :fetch_user, :only => [:update] - before_filter :require_login, :only => [:update, :index] before_filter :require_admin, :only => [:index] + before_filter :require_token, :only => [:update] respond_to :json -- cgit v1.2.3 From c8fcd0d26c3ad5c1c3cfbaf6b57239f907925ed6 Mon Sep 17 00:00:00 2001 From: Azul Date: Sat, 8 Feb 2014 16:20:37 +0100 Subject: require token when logging out via API --- users/app/controllers/v1/sessions_controller.rb | 1 + 1 file changed, 1 insertion(+) (limited to 'users/app/controllers/v1') diff --git a/users/app/controllers/v1/sessions_controller.rb b/users/app/controllers/v1/sessions_controller.rb index eb6c322..eae3a1e 100644 --- a/users/app/controllers/v1/sessions_controller.rb +++ b/users/app/controllers/v1/sessions_controller.rb @@ -2,6 +2,7 @@ module V1 class SessionsController < ApplicationController skip_before_filter :verify_authenticity_token + before_filter :require_token, only: :destroy def new @session = Session.new -- cgit v1.2.3 From 3a478804aa48b08fbeded5144677744c427c112f Mon Sep 17 00:00:00 2001 From: Azul Date: Mon, 10 Feb 2014 14:29:34 +0100 Subject: require token in messages controller --- users/app/controllers/v1/messages_controller.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'users/app/controllers/v1') diff --git a/users/app/controllers/v1/messages_controller.rb b/users/app/controllers/v1/messages_controller.rb index 1b994ca..90986e2 100644 --- a/users/app/controllers/v1/messages_controller.rb +++ b/users/app/controllers/v1/messages_controller.rb @@ -2,7 +2,7 @@ module V1 class MessagesController < ApplicationController skip_before_filter :verify_authenticity_token - before_filter :authorize + before_filter :require_token respond_to :json -- cgit v1.2.3 From b6d14dc19dd350a807826e3e097738a36613e083 Mon Sep 17 00:00:00 2001 From: Azul Date: Tue, 8 Apr 2014 11:49:14 +0200 Subject: moving users: app and test files --- users/app/controllers/v1/messages_controller.rb | 25 -------------- users/app/controllers/v1/sessions_controller.rb | 45 ------------------------- users/app/controllers/v1/users_controller.rb | 32 ------------------ 3 files changed, 102 deletions(-) delete mode 100644 users/app/controllers/v1/messages_controller.rb delete mode 100644 users/app/controllers/v1/sessions_controller.rb delete mode 100644 users/app/controllers/v1/users_controller.rb (limited to 'users/app/controllers/v1') diff --git a/users/app/controllers/v1/messages_controller.rb b/users/app/controllers/v1/messages_controller.rb deleted file mode 100644 index f71d0f1..0000000 --- a/users/app/controllers/v1/messages_controller.rb +++ /dev/null @@ -1,25 +0,0 @@ -module V1 - class MessagesController < ApplicationController - - skip_before_filter :verify_authenticity_token - before_filter :require_token - - respond_to :json - - def index - render json: (current_user ? current_user.messages : [] ) - end - - def update - message = Message.find(params[:id]) - if (message and current_user) - message.mark_as_read_by(current_user) - message.save - render json: true - else - render json: false - end - end - - end -end diff --git a/users/app/controllers/v1/sessions_controller.rb b/users/app/controllers/v1/sessions_controller.rb deleted file mode 100644 index eae3a1e..0000000 --- a/users/app/controllers/v1/sessions_controller.rb +++ /dev/null @@ -1,45 +0,0 @@ -module V1 - class SessionsController < ApplicationController - - skip_before_filter :verify_authenticity_token - before_filter :require_token, only: :destroy - - def new - @session = Session.new - if authentication_errors - @errors = authentication_errors - render :status => 422 - end - end - - def create - logout if logged_in? - if params['A'] - authenticate! - else - @user = User.find_by_login(params['login']) - render :json => {salt: @user.salt} - end - end - - def update - authenticate! - @token = Token.create(:user_id => current_user.id) - session[:token] = @token.id - render :json => login_response - end - - def destroy - logout - head :no_content - end - - protected - - def login_response - handshake = session.delete(:handshake) || {} - handshake.to_hash.merge(:id => current_user.id, :token => @token.id) - end - - end -end diff --git a/users/app/controllers/v1/users_controller.rb b/users/app/controllers/v1/users_controller.rb deleted file mode 100644 index 8897d01..0000000 --- a/users/app/controllers/v1/users_controller.rb +++ /dev/null @@ -1,32 +0,0 @@ -module V1 - class UsersController < UsersBaseController - - skip_before_filter :verify_authenticity_token - before_filter :fetch_user, :only => [:update] - before_filter :require_admin, :only => [:index] - before_filter :require_token, :only => [:update] - - respond_to :json - - # used for autocomplete for admins in the web ui - def index - if params[:query] - @users = User.by_login.startkey(params[:query]).endkey(params[:query].succ) - respond_with @users.map(&:login).sort - else - render :json => {'error' => 'query required', 'status' => :unprocessable_entity} - end - end - - def create - @user = Account.create(params[:user]) - respond_with @user # return ID instead? - end - - def update - @user.account.update params[:user] - respond_with @user - end - - end -end -- cgit v1.2.3