notee 0.3.7 → 0.4.0

data/app/controllers/notee/application_controller.rb

@@ -2,13 +2,33 @@ module Notee
   class ApplicationController < ActionController::Base
     before_action :restrict_access_json
 
+    def restrict_access_json
+      return redirect_to new_token_path unless confirm_exist_token
+      return redirect_to new_token_path unless confirm_expired_token
+    end
+
     private
 
-    def restrict_access_json
+    def confirm_exist_token
       unless Token.exists?(access_token: session[:access_token])
-        raise
+        session.delete(:access_token)
+        return false
       end
+
+      true
     end
 
+    def confirm_expired_token
+      token = Token.find_by(access_token: session[:access_token])
+      return false unless token
+
+      if Time.now > token.expires_at
+        token.destroy
+        session.delete(:access_token)
+        return false
+      end
+
+      true
+    end
   end
 end

data/app/controllers/notee/categories_controller.rb

@@ -1,5 +1,5 @@
 
-require_dependency "notee/application_controller"
+require_dependency 'notee/application_controller'
 
 module Notee
   class CategoriesController < ApplicationController
@@ -7,11 +7,11 @@ module Notee
 
     def index
       @categories = Category.all
-      render json: { status: 'success', categories: @categories}
+      render json: { status: 'success', categories: @categories }
     end
 
     def show
-      render json: { status: 'success', category: @category}
+      render json: { status: 'success', category: @category }
     end
 
     def create
@@ -54,6 +54,5 @@ module Notee
     def set_category
       @category = Category.find_by(id: params[:id])
     end
-
   end
 end

data/app/controllers/notee/comments_controller.rb

@@ -1,29 +1,52 @@
-require_dependency "notee/application_controller"
+require_dependency 'notee/application_controller'
 
 module Notee
   class CommentsController < ApplicationController
+    before_action :set_comment, only: [:update, :destroy]
+
+    def index
+      comments = Comment.all.order(updated_at: :desc)
+      render json: { status: 'success', comments: comments }
+    end
 
     def show
-      @comments = Comment.where(post_id: params[:id]);
-      render json: { status: 'success', comments: @comments}
+      @comments = Comment.where(post_id: params[:id])
+      render json: { status: 'success', comments: @comments }
     end
 
-    # POST /comments
     def create
       @comment = Comment.new(comment_params)
-
       if @comment.save
-        render json: { status: 'success'}
+        render json: { status: 'success' }
       else
-        render json: { status: 'failed'}
+        render json: { status: 'failed' }
+      end
+    end
+
+    def update
+      respond_to do |format|
+        if @comment.update(post_params)
+          format.json { render json: @comment, status: 200 }
+        else
+          format.json { render json: @comment.errors, status: :unprocessable_entity }
+        end
       end
     end
 
+    def destroy
+      @comment.destroy
+      render json: { status: 'success' }
+    end
+
     private
 
-      # Only allow a trusted parameter "white list" through.
-      def comment_params
-        params.require(:comment).permit(:post_id, :content, :name, :email)
-      end
+    def set_comment
+      @comment = Comment.find_by(id: params[:id])
+    end
+
+    # Only allow a trusted parameter "white list" through.
+    def comment_params
+      params.require(:comment).permit(:post_id, :content, :name, :email)
+    end
   end
 end

data/app/controllers/notee/images_controller.rb

@@ -1,18 +1,18 @@
 
-require_dependency "notee/application_controller"
+require_dependency 'notee/application_controller'
 
 module Notee
   class ImagesController < ApplicationController
 
     def index
       @images = Image.all.order(updated_at: :desc)
-      render json: { status: 'success', images: @images}
+      render json: { status: 'success', images: @images }
     end
 
     def show
       @image = Image.find_by(content: params[:search_txt].to_s) if params[:search_txt]
       @image = Image.find_by(id: params[:search_txt].to_i) if params[:search_txt] && !@image
-      render json: { status: 'success', image: @image}
+      render json: { status: 'success', image: @image }
     end
 
     def create
@@ -44,6 +44,5 @@ module Notee
     def image_params
       params.require(:image).permit(:title, :content, :slug, :status, :image_id, :thumbnail_id, :published_at, :seo_keyword, :seo_description)
     end
-
   end
 end

data/app/controllers/notee/notees_controller.rb

@@ -1,8 +1,7 @@
-require_dependency "notee/application_controller"
+require_dependency 'notee/application_controller'
 
 module Notee
   class NoteesController < ApplicationController
-
     # callbacks
     skip_before_action :restrict_access_json, only: [:index]
     before_action :restrict_access, only: [:index]
@@ -18,9 +17,8 @@ module Notee
       # end
 
       unless Token.exists?(access_token: session[:access_token])
-        redirect_to new_token_path and return
+        redirect_to new_token_path
       end
-
     end
   end
 end

data/app/controllers/notee/posts_controller.rb

@@ -1,15 +1,14 @@
-require_dependency "notee/application_controller"
+require_dependency 'notee/application_controller'
 
 module Notee
   class PostsController < ApplicationController
-
     # callbacks
     before_action :set_post, only: [:show, :update, :destroy]
 
     # GET /posts
     def index
       @posts = Post.all.order(updated_at: :desc)
-      render json: { status: 'success', posts: @posts}
+      render json: { status: 'success', posts: @posts }
     end
 
     # GET /posts/1
@@ -43,18 +42,18 @@ module Notee
     # DELETE /posts/1
     def destroy
       @post.destroy
-      render json: { status: 'success'}
+      render json: { status: 'success' }
     end
 
     private
 
-      def set_post
-        @post = Post.find_by(id: params[:id])
-      end
+    def set_post
+      @post = Post.find_by(id: params[:id])
+    end
 
-      # Only allow a trusted parameter "white list" through.
-      def post_params
-        params.require(:post).permit(:title, :content, :slug, :status, :category_id, :thumbnail_id, :published_at, :seo_keyword, :seo_description, :secret_published_password)
-      end
+    # Only allow a trusted parameter "white list" through.
+    def post_params
+      params.require(:post).permit(:title, :content, :slug, :status, :category_id, :thumbnail_id, :published_at, :seo_keyword, :seo_description, :secret_published_password)
+    end
   end
 end

data/app/controllers/notee/roles_controller.rb

@@ -0,0 +1,27 @@
+
+require_dependency 'notee/application_controller'
+
+module Notee
+  class RolesController < ApplicationController
+    def index
+      render json: { status: 'success', roles: User.roles }
+    end
+
+    def show
+      user = find_user_by_access_token
+
+      if user
+        render json: { status: 'success', user: user }
+      else
+        render json: { status: 'failed' }
+      end
+    end
+
+    private
+
+    def find_user_by_access_token
+      token = Token.find_by(access_token: session[:access_token])
+      token.user
+    end
+  end
+end

data/app/controllers/notee/statuses_controller.rb

@@ -1,19 +1,17 @@
 
-require_dependency "notee/application_controller"
+require_dependency 'notee/application_controller'
 
 module Notee
   class StatusesController < ApplicationController
-
     def index
       @statuses = Notee::STATUS
-      render json: { status: 'success', statuses: @statuses}
+      render json: { status: 'success', statuses: @statuses }
     end
 
     def show
       statuses = Notee::STATUS
       @status = statuses.key(params[:status].to_i)
-      render json: { status: 'success', name: @status}
+      render json: { status: 'success', name: @status }
     end
-
   end
 end

data/app/controllers/notee/tokens_controller.rb

@@ -1,15 +1,13 @@
 
-require_dependency "notee/application_controller"
+require_dependency 'notee/application_controller'
 
 module Notee
   class TokensController < ApplicationController
     skip_before_filter :restrict_access_json, only: [:new, :create]
 
-    # GET /tokens/new
     def new
     end
 
-    # POST /tokens
     def create
       if Notee.notee_id == params[:id] && Notee.notee_password == params[:password]
         if token = Token.create!
@@ -27,11 +25,9 @@ module Notee
       redirect_to root_path
     end
 
-    # DELETE /tokens/1
     def destroy
       Token.find_by_access_token(session[:access_token]).destroy!
       session.delete(:access_token)
     end
-
   end
 end

data/app/controllers/notee/users_controller.rb

@@ -1,25 +1,27 @@
-require_dependency "notee/application_controller"
+
+require_dependency 'notee/application_controller'
 
 module Notee
   class UsersController < ApplicationController
-
     # callbacks
     before_action :set_user, only: [:show, :update, :destroy]
+    before_action :convert_from_string_to_int, only: [:create, :update]
 
     # GET /users
     def index
       @users = User.all.order(updated_at: :desc)
-      render json: { status: 'success', users: @users}
+      render json: { status: 'success', users: @users }
     end
 
     # GET /posts/1
     def show
-      render json: { status: 'success', user: @user}
+      render json: { status: 'success', user: @user }
     end
 
     # POST /posts
     def create
       @user = User.new(user_params)
+      @user.file = user_params[:profile_img]
       respond_to do |format|
         if @user.save
           format.json { render json: @user, status: 200 }
@@ -31,6 +33,7 @@ module Notee
 
     # PATCH/PUT /posts/1
     def update
+      @user.file = user_params[:profile_img]
       respond_to do |format|
         if @user.update(user_params)
           format.json { render json: @user, status: 200 }
@@ -43,18 +46,22 @@ module Notee
     # DELETE /posts/1
     def destroy
       @user.destroy
-      render json: { status: 'success'}
+      render json: { status: 'success' }
     end
 
     private
 
-      def set_user
-        @user = User.find_by(id: params[:id])
-      end
+    def set_user
+      @user = User.find_by(id: params[:id])
+    end
 
-      # Only allow a trusted parameter "white list" through.
-      def post_params
-        params.require(:user).permit(:title, :content, :slug, :status, :category_id, :thumbnail_id, :published_at, :seo_keyword, :seo_description, :secret_published_password)
-      end
+    def convert_from_string_to_int
+      params[:user][:role] = params[:user][:role].to_i
+    end
+
+    # Only allow a trusted parameter "white list" through.
+    def user_params
+      params.require(:user).permit(:name, :email, :password, :password_confirm, :profile, :profile_img, :role)
+    end
   end
 end

data/app/models/notee/application_record.rb

@@ -0,0 +1,5 @@
+module Notee
+  class ApplicationRecord < ActiveRecord::Base
+    self.abstract_class = true
+  end
+end

data/app/models/notee/category.rb

@@ -1,13 +1,24 @@
+# == Schema Information
+#
+# Table name: notee_categories
+#
+#  id         :integer          not null, primary key
+#  name       :string           default("category_name"), not null
+#  slug       :string           default("2016-19-26-54"), not null
+#  parent_id  :integer
+#  status     :integer          default(0), not null
+#  created_at :datetime         not null
+#  updated_at :datetime         not null
+#
+
 module Notee
   class Category < ActiveRecord::Base
-
     # callbacks
     before_save :set_slug
     before_destroy :protect_default
 
     # relations
-    has_many :children, class_name: Notee::Category, :foreign_key => 'parent_id', dependent: :destroy
-
+    has_many :children, class_name: Notee::Category, foreign_key: 'parent_id', dependent: :destroy
 
     private
 
@@ -18,6 +29,5 @@ module Notee
     def protect_default
       return false if self.id == 1
     end
-
   end
 end

data/app/models/notee/comment.rb

@@ -1,5 +1,5 @@
 module Notee
-  class Comment < ApplicationRecord
+  class Comment < ActiveRecord::Base
     validates :post_id, presence: true
     validates :content, presence: true
   end

data/app/models/notee/image.rb

@@ -1,8 +1,17 @@
+# == Schema Information
+#
+# Table name: notee_images
+#
+#  id         :integer          not null, primary key
+#  content    :string           not null
+#  created_at :datetime         not null
+#  updated_at :datetime         not null
+#
+
 require 'securerandom'
 
 module Notee
   class Image < ActiveRecord::Base
-
     # accessors
     attr_accessor :file
 
@@ -11,13 +20,14 @@ module Notee
     before_destroy :protect_default
 
     private
+
     def manage_image
       return unless self.file
 
       image_dir = Rails.root.to_s + "/public/notee"
       FileUtils.mkdir_p(image_dir) unless FileTest.exist?(image_dir)
       image_name = Time.now.strftime('%Y%m%d%H%M%S') + '--' + SecureRandom.uuid + '.jpg'
-      self.transaction do
+      transaction do
         open(image_dir + "/" + image_name, 'wb') do |output|
           output.write(self.file.read)
         end
@@ -28,6 +38,5 @@ module Notee
     def protect_default
       return false if self.id == 1
     end
-
   end
 end