enju_bookmark 0.1.3 → 0.2.0.beta.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 8480c656a5c124a1c329cdea0f4eabdb6e8f1d53
-  data.tar.gz: 2b3f19135a4a63652b9a19c8d0a55f5fe9f08f31
+  metadata.gz: 7d29d0fddca44893e5562cd0d2d77aafb506b578
+  data.tar.gz: 138f6083c430c54cd07f35245481756a927e9662
 SHA512:
-  metadata.gz: ab5139d7ac7897c270e880fdea30546e400bc5874509c9b5668fc2296d8cf2c73a2f120806fa512965b8cb8cabde3e7ebc6f5bfaa7b216d1b64cc5ff25204a38
-  data.tar.gz: 000cd94adda324e68b0f27b4bbd8e38fcd812896e6e2937b093d1bee837b86294eab3e832c5b2c7bc7fa428d8c0b661e1f9b9800db1c28c03cfd6821582e7cd7
+  metadata.gz: 8813e85136888ec9663dd34ef615cde96d1e86d9cb0ddb34b75280cdb2518e82ec96bae3fd96d4e44deda65c1ee039419f8113b96873123b3a61a78cc54100cf
+  data.tar.gz: a9e1b7ceb5b2d2bda680563d8a5296a4ee61fba9a0f3de401c785bfa268af8d0bf44c7a79e417ef33cf7a8121005dcfc0a0c5141246f47ffd8e65f39aef9d102

data/README.rdoc

@@ -1,7 +1,7 @@
 = EnjuBookmark
-{<img src="https://travis-ci.org/next-l/enju_bookmark.svg?branch=1.1" alt="Build Status" />}[https://travis-ci.org/next-l/enju_bookmark]
-{<img src="https://coveralls.io/repos/next-l/enju_bookmark/badge.svg?branch=1.1&service=github" alt="Coverage Status" />}[https://coveralls.io/github/next-l/enju_bookmark?branch=1.1]
-{<img src="https://hakiri.io/github/next-l/enju_bookmark/1.1.svg" alt="security" />}[https://hakiri.io/github/next-l/enju_bookmark/1.1]
+{<img src="https://travis-ci.org/next-l/enju_bookmark.svg?branch=1.2" alt="Build Status" />}[https://travis-ci.org/next-l/enju_bookmark]
+{<img src="https://coveralls.io/repos/next-l/enju_bookmark/badge.svg?branch=1.2&service=github" alt="Coverage Status" />}[https://coveralls.io/github/next-l/enju_bookmark?branch=1.2]
+{<img src="https://hakiri.io/github/next-l/enju_bookmark/1.2.svg" alt="security" />}[https://hakiri.io/github/next-l/enju_bookmark/1.2]
 
 This project rocks and uses MIT-LICENSE.
 

data/app/controllers/bookmark_stats_controller.rb

@@ -1,6 +1,7 @@
 class BookmarkStatsController < ApplicationController
-  load_and_authorize_resource
-  after_filter :convert_charset, only: :show
+  before_action :set_bookmark_stat, only: [:show, :edit, :update, :destroy]
+  before_action :check_policy, only: [:index, :new, :create]
+  after_action :convert_charset, only: :show
 
   # GET /bookmark_stats
   # GET /bookmark_stats.json
@@ -87,6 +88,15 @@ class BookmarkStatsController < ApplicationController
   end
 
   private
+  def set_bookmark_stat
+    @bookmark_stat = BookmarkStat.find(params[:id])
+    authorize @bookmark_stat
+  end
+
+  def check_policy
+    authorize BookmarkStat
+  end
+
   def bookmark_stat_params
     params.require(:bookmark_stat).permit(:start_date, :end_date, :note)
   end

data/app/controllers/bookmarks_controller.rb

@@ -1,10 +1,7 @@
-# -*- encoding: utf-8 -*-
 class BookmarksController < ApplicationController
-  before_filter :store_location
-  load_and_authorize_resource except: :index
-  authorize_resource only: :index
-  before_filter :get_user, only: :index
-  after_filter :solr_commit, only: [:create, :update, :destroy]
+  before_action :set_bookmark, only: [:show, :edit, :update, :destroy]
+  before_action :check_policy, only: [:index, :new, :create]
+  before_action :get_user, only: :index
 
   # GET /bookmarks
   # GET /bookmarks.json
@@ -145,6 +142,15 @@ class BookmarksController < ApplicationController
   end
 
   private
+  def set_bookmark
+    @bookmark = Bookmark.find(params[:id])
+    authorize @bookmark
+  end
+
+  def check_policy
+    authorize Bookmark
+  end
+
   def bookmark_params
     params.require(:bookmark).permit(:title, :url, :note, :shared, :tag_list)
   end

data/app/controllers/tags_controller.rb

@@ -1,7 +1,6 @@
 class TagsController < ApplicationController
-  load_and_authorize_resource
-  before_filter :get_user
-  after_filter :solr_commit, only: [:create, :update, :destroy]
+  before_action :set_tag, only: [:show, :edit, :update, :destroy]
+  before_action :check_policy, only: [:index, :new, :create]
 
   def index
     session[:params] ={} unless session[:params]
@@ -71,6 +70,15 @@ class TagsController < ApplicationController
   end
 
   private
+  def set_tag
+    @tag = Tag.find(params[:id])
+    authorize @tag
+  end
+
+  def check_policy
+    authorize Tag
+  end
+
   def tag_params
     params.require(:tag).permit(:name, :name_transcription)
   end

data/app/models/bookmark.rb

@@ -18,7 +18,7 @@ class Bookmark < ActiveRecord::Base
   before_save :replace_space_in_tags
 
   acts_as_taggable_on :tags
-  normalize_attributes :url
+  strip_attributes only: :url
 
   searchable do
     text :title do

data/app/models/concerns/enju_bookmark/enju_user.rb

@@ -0,0 +1,19 @@
+module EnjuBookmark
+  module EnjuUser
+    extend ActiveSupport::Concern
+
+    included do
+      has_many :bookmarks, :dependent => :destroy
+      acts_as_tagger
+    end
+
+    def owned_tags_by_solr
+      bookmark_ids = bookmarks.collect(&:id)
+      if bookmark_ids.empty?
+        []
+      else
+        Tag.bookmarked(bookmark_ids)
+      end
+    end
+  end
+end

data/app/policies/bookmark_policy.rb

@@ -0,0 +1,41 @@
+class BookmarkPolicy < ApplicationPolicy
+  def index?
+    user.try(:has_role?, 'User')
+  end
+
+  def show?
+    case user.try(:role).try(:name)
+    when 'Administrator'
+      true
+    when 'Librarian'
+      true
+    when 'User'
+      if record.user == user
+        true
+      elsif user.profile.try(:share_bookmarks)
+        true
+      else
+        false
+      end
+    end
+  end
+
+  def create?
+    user.try(:has_role?, 'User')
+  end
+
+  def update?
+    case user.try(:role).try(:name)
+    when 'Administrator'
+      true
+    when 'Librarian'
+      true
+    when 'User'
+      true if record.user == user
+    end
+  end
+
+  def destroy?
+    update?
+  end
+end

data/app/policies/bookmark_stat_policy.rb

@@ -0,0 +1,21 @@
+class BookmarkStatPolicy < ApplicationPolicy
+  def index?
+    true
+  end
+
+  def show?
+    true
+  end
+
+  def create?
+    user.try(:has_role?, 'Librarian')
+  end
+
+  def update?
+    user.try(:has_role?, 'Librarian')
+  end
+
+  def destroy?
+    user.try(:has_role?, 'Administrator')
+  end
+end

data/app/policies/tag_policy.rb

@@ -0,0 +1,21 @@
+class TagPolicy < ApplicationPolicy
+  def index?
+    true
+  end
+
+  def show?
+    true
+  end
+
+  def create?
+    user.try(:has_role?, 'Librarian')
+  end
+
+  def update?
+    user.try(:has_role?, 'Librarian')
+  end
+
+  def destroy?
+    user.try(:has_role?, 'Librarian')
+  end
+end

data/app/views/bookmarks/_index.html.erb

@@ -27,8 +27,8 @@
     </td>
     <td><%= l(bookmark.created_at) -%></td>
     <td>
-      <%- if can? :delete, bookmark -%>
-        <%= link_to t('page.show'), bookmark_path(bookmark) -%>
+      <%= link_to t('page.show'), bookmark_path(bookmark) -%>
+      <%- if policy(bookmark).destroy? -%>
         <%= link_to t('page.destroy'), bookmark_path(bookmark), data: {confirm: t('page.are_you_sure')}, method: :delete -%>
       <%- end -%>
     </td>

data/app/views/bookmarks/_index_user.html.erb

@@ -30,7 +30,7 @@
     </td>
     <td><%= l(bookmark.created_at) -%></td>
     <td>
-      <%- if can? :delete, bookmark -%>
+      <%- if policy(bookmark).destroy? -%>
         <%= link_to t('page.destroy'), bookmark, data: {confirm: t('page.are_you_sure')}, method: :delete -%>
       <%- end -%>
     </td>

data/app/views/manifestations/_tag_list.html.erb

@@ -2,7 +2,7 @@
   <%- if manifestation.tags -%>
     <%- manifestation.tags.each do |tag| -%>
       <%= link_to_tag(tag) -%>
-      <%- if can? :delete, tag -%>
+      <%- if policy(tag).destroy? -%>
         <%= link_to image_tag('icons/tag_blue_edit.png', alt: t('page.edit')), tag_path(tag.name) -%>
       <%- end -%>
     <%- end -%>

data/config/routes.rb

@@ -2,5 +2,4 @@ Rails.application.routes.draw do
   resources :bookmarks
   resources :tags
   resources :bookmark_stats
-  resources :bookmark_stat_has_manifestations
 end

data/lib/enju_bookmark.rb

@@ -1,9 +1,7 @@
 require "enju_bookmark/engine"
-require "enju_bookmark/user"
 require "enju_bookmark/profile"
 require "enju_bookmark/manifestation"
 require "enju_bookmark/bookmark_url"
-require "enju_bookmark/calculate_stat"
 require "enju_bookmark/expire_tag_cloud"
 require "enju_bookmark/bookmark_helper"
 #require "enju_bookmark/suggest_tag"
@@ -11,6 +9,5 @@ require "enju_bookmark/bookmark_helper"
 module EnjuBookmark
 end
 
-ActiveRecord::Base.send :include, EnjuBookmark::BookmarkUser
 ActiveRecord::Base.send :include, EnjuBookmark::BookmarkProfile
 ActiveRecord::Base.send :include, EnjuBookmark::BookmarkManifestation

data/lib/enju_bookmark/version.rb

@@ -1,3 +1,3 @@
 module EnjuBookmark
-  VERSION = "0.1.3"
+  VERSION = "0.2.0.beta.1"
 end

data/spec/controllers/bookmark_stats_controller_spec.rb

@@ -109,7 +109,7 @@ describe BookmarkStatsController do
 
       it "should not assign the requested bookmark_stat as @bookmark_stat" do
         get :new
-        expect(assigns(:bookmark_stat)).not_to be_valid
+        expect(assigns(:bookmark_stat)).to be_nil
         expect(response).to be_forbidden
       end
     end
@@ -117,7 +117,7 @@ describe BookmarkStatsController do
     describe "When not logged in" do
       it "should not assign the requested bookmark_stat as @bookmark_stat" do
         get :new
-        expect(assigns(:bookmark_stat)).not_to be_valid
+        expect(assigns(:bookmark_stat)).to be_nil
         expect(response).to redirect_to(new_user_session_url)
       end
     end
@@ -231,7 +231,7 @@ describe BookmarkStatsController do
       describe "with valid params" do
         it "assigns a newly created bookmark_stat as @bookmark_stat" do
           post :create, :bookmark_stat => @attrs
-          expect(assigns(:bookmark_stat)).to be_valid
+          expect(assigns(:bookmark_stat)).to be_nil
         end
 
         it "should be forbidden" do
@@ -243,7 +243,7 @@ describe BookmarkStatsController do
       describe "with invalid params" do
         it "assigns a newly created but unsaved bookmark_stat as @bookmark_stat" do
           post :create, :bookmark_stat => @invalid_attrs
-          expect(assigns(:bookmark_stat)).not_to be_valid
+          expect(assigns(:bookmark_stat)).to be_nil
         end
 
         it "should be forbidden" do
@@ -257,7 +257,7 @@ describe BookmarkStatsController do
       describe "with valid params" do
         it "assigns a newly created bookmark_stat as @bookmark_stat" do
           post :create, :bookmark_stat => @attrs
-          expect(assigns(:bookmark_stat)).to be_valid
+          expect(assigns(:bookmark_stat)).to be_nil
         end
 
         it "should be forbidden" do
@@ -269,7 +269,7 @@ describe BookmarkStatsController do
       describe "with invalid params" do
         it "assigns a newly created but unsaved bookmark_stat as @bookmark_stat" do
           post :create, :bookmark_stat => @invalid_attrs
-          expect(assigns(:bookmark_stat)).not_to be_valid
+          expect(assigns(:bookmark_stat)).to be_nil
         end
 
         it "should be forbidden" do

data/spec/controllers/bookmarks_controller_spec.rb

@@ -287,7 +287,7 @@ describe BookmarksController do
       describe "with valid params" do
         it "assigns a newly created bookmark as @bookmark" do
           post :create, :bookmark => @attrs
-          expect(assigns(:bookmark)).not_to be_valid
+          expect(assigns(:bookmark)).to be_nil
         end
 
         it "should be forbidden" do
@@ -299,7 +299,7 @@ describe BookmarksController do
       describe "with invalid params" do
         it "assigns a newly created but unsaved bookmark as @bookmark" do
           post :create, :bookmark => @invalid_attrs
-          expect(assigns(:bookmark)).not_to be_valid
+          expect(assigns(:bookmark)).to be_nil
         end
 
         it "should be forbidden" do

data/spec/dummy/app/controllers/application_controller.rb

@@ -1,6 +1,10 @@
 class ApplicationController < ActionController::Base
   protect_from_forgery
+  include EnjuLeaf::Controller
+  include EnjuBiblio::Controller
+  include EnjuLibrary::Controller
+  before_action :set_paper_trail_whodunnit
+  after_action :verify_authorized
 
-  enju_leaf
-  enju_library
+  include Pundit
 end

data/spec/dummy/app/models/user.rb

@@ -4,6 +4,6 @@ class User < ActiveRecord::Base
     :recoverable, :rememberable, :trackable, #, :validatable
     :lockable, :lock_strategy => :none, :unlock_strategy => :none
 
-  enju_leaf_user_model
-  enju_bookmark_user_model
+  include EnjuLeaf::EnjuUser
+  include EnjuBookmark::EnjuUser
 end

data/spec/dummy/config/application.rb

@@ -2,8 +2,10 @@ require File.expand_path('../boot', __FILE__)
 
 require 'rails/all'
 
-Bundler.require
-require "enju_bookmark"
+Bundler.require(*Rails.groups)
+require 'enju_bookmark'
+require 'enju_leaf'
+require 'enju_circulation'
 
 module Dummy
   class Application < Rails::Application
@@ -11,16 +13,6 @@ module Dummy
     # Application configuration should go into files in config/initializers
     # -- all .rb files in that directory are automatically loaded.
 
-    # Custom directories with classes and modules you want to be autoloadable.
-    # config.autoload_paths += %W(#{config.root}/extras)
-
-    # Only load the plugins named here, in the order given (default is alphabetical).
-    # :all can be used as a placeholder for all plugins not explicitly named.
-    # config.plugins = [ :exception_notification, :ssl_requirement, :all ]
-
-    # Activate observers that should always be running.
-    # config.active_record.observers = :cacher, :garbage_collector, :forum_observer
-
     # Set Time.zone default to the specified zone and make Active Record auto-convert to this zone.
     # Run "rake -D time" for a list of tasks for finding time zone names. Default is UTC.
     # config.time_zone = 'Central Time (US & Canada)'
@@ -29,19 +21,8 @@ module Dummy
     # config.i18n.load_path += Dir[Rails.root.join('my', 'locales', '*.{rb,yml}').to_s]
     # config.i18n.default_locale = :de
 
-    # Configure the default encoding used in templates for Ruby 1.9.
-    config.encoding = "utf-8"
-
-    # Configure sensitive parameters which will be filtered from the log file.
-    config.filter_parameters += [:password]
-
-    # Enable the asset pipeline
-    config.assets.enabled = true
-
-    # Version of your assets, change this if you want to expire all your assets
-    config.assets.version = '1.0'
+    # Do not swallow errors in after_commit/after_rollback callbacks.
+    config.active_record.raise_in_transactional_callbacks = true
   end
 end
 
-require 'enju_leaf'
-require 'enju_circulation'

data/spec/dummy/config/environments/development.rb

@@ -1,37 +1,41 @@
-Dummy::Application.configure do
-  # Settings specified here will take precedence over those in config/application.rb
+Rails.application.configure do
+  # Settings specified here will take precedence over those in config/application.rb.
 
   # In the development environment your application's code is reloaded on
   # every request. This slows down response time but is perfect for development
   # since you don't have to restart the web server when you make code changes.
   config.cache_classes = false
 
-  # Log error messages when you accidentally call methods on nil.
-  config.whiny_nils = true
+  # Do not eager load code on boot.
+  config.eager_load = false
 
-  # Show full error reports and disable caching
+  # Show full error reports and disable caching.
   config.consider_all_requests_local       = true
   config.action_controller.perform_caching = false
 
-  # Don't care if the mailer can't send
+  # Don't care if the mailer can't send.
   config.action_mailer.raise_delivery_errors = false
 
-  # Print deprecation notices to the Rails logger
+  # Print deprecation notices to the Rails logger.
   config.active_support.deprecation = :log
 
-  # Only use best-standards-support built into browsers
-  config.action_dispatch.best_standards_support = :builtin
+  # Raise an error on page load if there are pending migrations.
+  config.active_record.migration_error = :page_load
 
-  # Raise exception on mass assignment protection for Active Record models
-  config.active_record.mass_assignment_sanitizer = :strict
+  # Debug mode disables concatenation and preprocessing of assets.
+  # This option may cause significant delays in view rendering with a large
+  # number of complex assets.
+  config.assets.debug = true
 
-  # Log the query plan for queries taking more than this (works
-  # with SQLite, MySQL, and PostgreSQL)
-  config.active_record.auto_explain_threshold_in_seconds = 0.5
+  # Asset digests allow you to set far-future HTTP expiration dates on all assets,
+  # yet still be able to expire them through the digest params.
+  config.assets.digest = true
 
-  # Do not compress assets
-  config.assets.compress = false
+  # Adds additional error checking when serving assets at runtime.
+  # Checks for improperly declared sprockets dependencies.
+  # Raises helpful error messages.
+  config.assets.raise_runtime_errors = true
 
-  # Expands the lines which load the assets
-  config.assets.debug = true
+  # Raises error for missing translations
+  # config.action_view.raise_on_missing_translations = true
 end