RubyGems - mongoid-forums - Versions diffs - 0.0.3 → 0.0.4 - Mend

mongoid-forums 0.0.3 → 0.0.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (63) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 02a605b3ee6ac29ee45990812fc1b43c9534522f
-  data.tar.gz: 895aa0e48f850db04db25763990848529a4260ca
+  metadata.gz: 9a4337469d2a29dedec4dbc0a39450cca125016e
+  data.tar.gz: c363a39163571c395122ce2cc9d58687907a182f
 SHA512:
-  metadata.gz: 14c0732c836c33b5aae17eb2c465cd59ae5c44970215b743be1e1aafaeaf0633a159db16620142c794e34b87dd402eb32a59c75495751fd19c0bc437d518ed26
-  data.tar.gz: 43a0ee2aeccf84a236f427c5accf20fdcf3d192970fee302570c647a089e701bfae9307ad3a262b4698aef00c5e1254a1145ba74048c05069cea0b64b35a3ba8
+  metadata.gz: 53b729da9a4e57e9c5e7fd5ede064670055da5f661cdc60536edc1175642e1b9a15b8dcbae1a5a69367e7b94dcbc7f15220f4b5e4f1e8fd50ed4375e0604aa8d
+  data.tar.gz: 357b1cd80ee8136c9354f724a4c9c4b20f85a9881d0403f0ce1018612cbc605555307adf1e1d65e776daacefa0e6a647ac0fb9e40c889b2a9ded3a5f47ed97b0

data/app/assets/javascripts/mongoid_forums/admin/groups.js ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ // Place all the behaviors and hooks related to the matching controller here.
2	+ // All this logic will automatically be available in application.js.

data/app/assets/javascripts/mongoid_forums/application.js CHANGED Viewed

@@ -10,4 +10,6 @@
 // Read Sprockets README (https://github.com/sstephenson/sprockets#sprockets-directives) for details
 // about supported directives.
 //
+//= require jquery
+//= require jquery_ujs
 //= require_tree .

data/app/assets/stylesheets/mongoid_forums/admin/groups.css ADDED Viewed

@@ -0,0 +1,4 @@
+/*
+  Place all the styles related to the matching controller here.
+  They will automatically be included in application.css.
+*/

data/app/controllers/mongoid_forums/admin/base_controller.rb CHANGED Viewed

@@ -2,10 +2,17 @@ require_dependency "mongoid_forums/application_controller"
 module MongoidForums
   class Admin::BaseController < ApplicationController
+    before_filter :authenticate_mongoid_forums_admin
     def index
     end
+    def authenticate_mongoid_forums_admin
+      if !mongoid_forums_user || !mongoid_forums_user.mongoid_forums_admin?
+        flash.alert = t("mongoid_forums.errors.access_denied")
+        redirect_to forums_path #TODO: Redirect to last URL
+      end
+    end
   end
 end

data/app/controllers/mongoid_forums/admin/categories_controller.rb CHANGED Viewed

@@ -3,6 +3,18 @@ require_dependency "mongoid_forums/application_controller"
 module MongoidForums
   module Admin
     class CategoriesController < BaseController
+      before_action :set_category, only: [:add_group, :remove_group]
+      def index
+        @forums = Forum.all
+        @categories = Category.all
+      end
+      def show
+        @category = Category.find(params[:id])
+        @groups = Group.all.where(moderator: true).select{ |group| !@category.moderator_groups.include?(group) }
+      end
       def new
         @category = Category.new
       end
@@ -10,7 +22,7 @@ module MongoidForums
       def create
         if @category = Category.create(name: params[:category][:name])
           flash[:notice] = "Category created successfully"
-          redirect_to root_path
+          redirect_to admin_categories_path
         else
           flash.now.alert = "Category could not be created"
           render :action => "new"
@@ -18,19 +30,58 @@ module MongoidForums
       end
       def edit
+        @category = Category.find(params[:id])
       end
       def update
+        @category = Category.find(params[:id])
+        if @category.update(category_params)
+          flash[:notice] = "Category updated successfully"
+          redirect_to admin_categories_path
+        else
+          flash.now.alert = "Category could not be updated"
+          render :action => "edit"
+        end
       end
       def destroy
+        @category = Category.find(params[:id])
+        if @category.destroy
+          flash[:notice] = "Category destroyed successfully"
+          redirect_to admin_categories_path
+        else
+          flash.now.alert = "Category could not be destroyed"
+          render :action => "index"
+        end
       end
+      ### Temporary Methods - Try Not To Cringe Too Much <3 ###
+      def add_group
+        group = Group.find(params[:group][:id])
+        @category.moderator_groups << group
+        @category.save
+        redirect_to admin_category_path(@category)
+      end
+      def remove_group
+        group = Group.find(params[:group][:id])
+        @category.moderator_groups.delete(group)
+        @category.save
+        redirect_to admin_category_path(@category)
+      end
+      #########################################################
       private
       def category_params
         params.require(:category).permit(:name)
       end
+      def set_category
+        @category = Category.find(params[:category_id])
+      end
     end
   end
 end

data/app/controllers/mongoid_forums/admin/forums_controller.rb CHANGED Viewed

@@ -3,34 +3,84 @@ require_dependency "mongoid_forums/application_controller"
 module MongoidForums
   module Admin
     class Admin::ForumsController < BaseController
+      before_action :set_forum, only: [:add_group, :remove_group]
+      def index
+        @forums = Forum.all
+      end
       def new
         @forum = Forum.new
       end
       def create
         if @forum = Forum.create(name: params[:forum][:name], category: params[:forum][:category])
-          flash[:notice] = "Category created successfully"
-          redirect_to @forum
+          flash[:notice] = "Forum created successfully"
+          redirect_to [:admin, @forum]
         else
-          flash.now.alert = "Category could not be created"
+          flash.now.alert = "Forum could not be created"
           render :action => "new"
         end
       end
+      def show
+        @forum = Forum.find(params[:id])
+        @groups = Group.all.where(moderator: true).select{ |group| !@forum.moderator_groups.include?(group) }
+      end
       def edit
+        @forum = Forum.find(params[:id])
       end
       def update
+        @forum = Forum.find(params[:id])
+        if @forum.update(forum_params)
+          flash[:notice] = "Forum updated successfully"
+          redirect_to @forum
+        else
+          flash.now.alert = "Forum could not be updated"
+          render :action => "edit"
+        end
       end
       def destroy
+        @forum = Forum.find(params[:id])
+        if @forum.destroy
+          flash[:notice] = "Forum destroyed successfully"
+          redirect_to admin_forums_path
+        else
+          flash.now.alert = "Forum could not be destroyed"
+          render :action => "index"
+        end
       end
+      ### Temporary Methods - Try Not To Cringe Too Much <3 ###
+      def add_group
+        group = Group.find(params[:group][:id])
+        @forum.moderator_groups << group
+        @forum.save
+        redirect_to admin_forum_path(@forum)
+      end
+      def remove_group
+        group = Group.find(params[:group][:id])
+        @forum.moderator_groups.delete(group)
+        @forum.save
+        redirect_to admin_forum_path(@forum)
+      end
+      #########################################################
       private
-      def category_params
+      def forum_params
         params.require(:forum).permit(:name, :category)
       end
+      def set_forum
+        @forum = Forum.find(params[:forum_id])
+      end
     end
   end
 end

data/app/controllers/mongoid_forums/admin/groups_controller.rb ADDED Viewed

@@ -0,0 +1,87 @@
+require_dependency "mongoid_forums/application_controller"
+module MongoidForums
+  module Admin
+    class GroupsController < BaseController
+      def index
+        @groups = Group.all
+      end
+      def new
+        @group = Group.new
+      end
+      def create
+        if @group = Group.create(params.require(:group).permit(:name, :moderator, :members))
+          flash[:notice] = "Group created successfully"
+          redirect_to [:admin, @group]
+        else
+          flash.now.alert = "Group could not be created"
+          render :action => "new"
+        end
+      end
+      def edit
+        @group = Group.find(params[:id])
+      end
+      def update
+        @group = Group.find(params[:id])
+        if @group.update_attributes(params.require(:group).permit(:name, :members))
+          flash[:notice] = "Group updated successfully"
+          redirect_to [:admin, @group]
+        else
+          flash[:notice] = "Group could not be updated"
+          render :action => "edit"
+        end
+      end
+      def show
+        @group = Group.find(params[:id])
+        @group_members = @group.members.map {|member_id| User.find(member_id) }
+        @users = User.all
+      end
+      def destroy
+        @group = Group.find(params[:id])
+        if @group.destroy
+          flash[:notice] = "Group destroyed successfully"
+          redirect_to admin_groups_path
+        else
+          flash.now.alert = "Group could not be destroyed"
+          redirect_to admin_groups_path
+        end
+      end
+      ### Temporary Methods - Try Not To Cringe Too Much <3 ###
+      def add_member
+        group = Group.find(params.require(:group_id))
+        user = User.find(params[:user][:id])
+        group.members << user.id unless group.members.include?(user.id)
+        group.save
+        redirect_to admin_group_path(group)
+      end
+      def remove_member
+        group = Group.find(params.require(:group_id))
+        user = User.find(params[:user][:id])
+        group.members.delete(user.id)
+        group.save
+        redirect_to admin_group_path(group)
+      end
+      #########################################################
+    end
+    private
+    def group_params
+      params.require(:group).permit(:name, :members)
+    end
+  end
+end

data/app/controllers/mongoid_forums/application_controller.rb CHANGED Viewed

@@ -1,16 +1,18 @@
+require 'cancan'
 class MongoidForums::ApplicationController < ApplicationController
   helper MongoidForums::Engine.helpers
-  before_action :set_categories
-  before_action :set_alerts
-  before_filter :authorize
+  rescue_from CanCan::AccessDenied do
+    redirect_to root_path, :alert => t("mongoid.access_denied")
+  end
-  delegate :allow?, to: :current_permission
-  helper_method :allow?
+  def current_ability
+    MongoidForums::Ability.new(mongoid_forums_user)
+  end
-  #delegate :allow_param?, to: :current_permission
-  #helper_method :allow?
+  before_action :set_categories
+  before_action :set_alerts
   private
@@ -24,23 +26,32 @@ class MongoidForums::ApplicationController < ApplicationController
     @categories = MongoidForums::Category.all
   end
-  def current_permission
-    @current_permission ||= MongoidForums::Permission.new(mongoid_forums_user)
+    def authenticate_mongoid_forums_user
+    if !mongoid_forums_user
+      session["user_return_to"] = request.fullpath
+      flash.alert = "You must be signed in"
+      devise_route = "new_#{MongoidForums.user_class.to_s.underscore}_session_path"
+      sign_in_path = MongoidForums.sign_in_path ||
+        (main_app.respond_to?(devise_route) && main_app.send(devise_route)) ||
+        (main_app.respond_to?(:sign_in_path) && main_app.send(:sign_in_path))
+      if sign_in_path
+        redirect_to sign_in_path
+      else
+        raise "MongoidForums could not determine the sign in path for your application. Please do one of these things:
+1) Define sign_in_path in the config/routes.rb of your application like this:
+or; 2) Set MongoidForums.sign_in_path to a String value that represents the location of your sign in form, such as '/users/sign_in'."
+      end
+    end
   end
-  # gets overrided by controllers, and is used in the Rank system
-  def current_resource
-    nil
+  def mongoid_forums_admin?
+    mongoid_forums_user && mongoid_forums_user.mongoid_forums_admin?
   end
+  helper_method :mongoid_forums_admin?
-  def authorize
-    if current_permission.allow? params[:controller], params[:action], current_resource
-      #current_permission.permit_params! params
-    else
-      redirect_to root_path, alert: "Not authorized"
-    end
+  def mongoid_forums_admin_or_moderator?(forum)
+    mongoid_forums_user && (mongoid_forums_user.mongoid_forums_admin? || forum.moderator?(mongoid_forums_user))
   end
+  helper_method :mongoid_forums_admin_or_moderator?
 end

data/app/controllers/mongoid_forums/forums_controller.rb CHANGED Viewed

@@ -2,6 +2,9 @@ require_dependency "mongoid_forums/application_controller"
 module MongoidForums
   class ForumsController < ApplicationController
+    load_and_authorize_resource :class => 'MongoidForums::Forum', :only => :show
+    before_filter :authenticate_mongoid_forums_user, :only => [:create, :new]
     def index
       @categories = Category.all.order_by([:order, :asc])
     end
@@ -18,14 +21,18 @@ module MongoidForums
     # it is to create a new TOPIC within a forum
     def new
       @forum = Forum.find(params[:forum_id])
+      authorize! :create_topic, @forum
       @topic = Topic.new
       @topic.forum = @forum.id
     end
     # Note: This is not an action to make a new Forum!
     # it is to create a new TOPIC within a forum
     def create
       @forum = Forum.find(params[:forum_id])
+      authorize! :create_topic, @forum
       @topic = Topic.new
       @topic.name = topic_params[:name]
       @topic.user = mongoid_forums_user.id

data/app/controllers/mongoid_forums/posts_controller.rb CHANGED Viewed

@@ -3,8 +3,10 @@ require_dependency "mongoid_forums/application_controller"
 module MongoidForums
   class PostsController < ApplicationController
     before_filter :find_topic
+    before_filter :authenticate_mongoid_forums_user, except: :show
     def new
+      authorize! :reply, @topic
       @post = @topic.posts.build
       @post.topic = @topic.id
       if params[:reply_to_id]
@@ -13,6 +15,7 @@ module MongoidForums
     end
     def create
+      authorize! :reply, @topic
       @post = @topic.posts.build(post_params)
       @post.user = mongoid_forums_user
@@ -44,6 +47,7 @@ module MongoidForums
     def edit
       find_post
+      authorize! :edit_post, @topic.forum
     end
     def update
@@ -52,9 +56,10 @@ module MongoidForums
         redirect_to [@topic] and return
       end
+      authorize! :edit_post, @topic.forum
       find_post
-      if @post.update_attributes(post_params)
+      if @post.owner_or_admin?(mongoid_forums_user) && @post.update_attributes(post_params)
         flash[:notice] = "Reply updated successfully"
         redirect_to @topic
       else
@@ -71,6 +76,13 @@ module MongoidForums
         return
       end
+      authorize! :destroy_post, @topic.forum
+      unless @post.owner_or_admin? mongoid_forums_user
+        flash[:alert] = t("mongoid_forums.post.cannot_delete")
+        redirect_to @topic and return
+      end
       if @post.destroy
         flash[:notice] = "Post deleted successfully"
         redirect_to @topic