unsakini 0.0.3.1 → 0.0.4.pre.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +37 -6
- data/angular/angular-cli.json +5 -3
- data/angular/npm-debug.log +54 -0
- data/angular/package.json +4 -1
- data/angular/src/app/app.component.html +1 -4
- data/angular/src/app/app.module.ts +8 -7
- data/angular/src/app/app.routes.module.ts +12 -2
- data/angular/src/app/confirm-account/confirm-account.component.ts +27 -0
- data/angular/src/app/confirm-account/confirm-account.html +41 -0
- data/angular/src/app/confirm-account/confirm-account.module.ts +24 -0
- data/angular/src/app/confirm-account/confirm-account.scss +3 -0
- data/angular/src/app/confirm-account/confirm-account.service.ts +27 -0
- data/angular/src/app/confirm-account/index.ts +3 -0
- data/angular/src/app/index.ts +2 -0
- data/angular/src/app/login/index.ts +3 -0
- data/angular/src/app/login/login.component.ts +40 -0
- data/angular/src/app/login/login.html +43 -0
- data/angular/src/app/login/login.module.ts +27 -0
- data/angular/src/app/login/login.service.ts +48 -0
- data/angular/src/app/registration/index.ts +3 -0
- data/angular/src/app/registration/registration.component.html +70 -12
- data/angular/src/app/registration/registration.component.spec.ts +8 -11
- data/angular/src/app/registration/registration.component.ts +10 -8
- data/angular/src/app/registration/registration.module.ts +23 -0
- data/angular/src/app/registration/registration.service.ts +46 -0
- data/angular/src/app/registration/registration.services.spec.ts +71 -0
- data/angular/src/app/services/auth-http/auth.http.service.ts +35 -0
- data/angular/src/app/services/auth-http/index.ts +1 -0
- data/angular/src/app/services/http/http.service.spec.ts +205 -0
- data/angular/src/app/services/http/http.service.ts +40 -0
- data/angular/src/app/services/http/index.ts +1 -0
- data/angular/src/app/services/index.ts +3 -0
- data/angular/src/app/services/services.module.ts +33 -0
- data/angular/src/assets/global.scss +3 -0
- data/angular/src/environments/custom.ts +4 -0
- data/angular/src/environments/environment.prod.ts +2 -1
- data/angular/src/environments/environment.ts +2 -1
- data/angular/src/index.html +1 -1
- data/app/controllers/application_controller.rb +2 -2
- data/app/controllers/concerns/unsakini/board_owner_controller_concern.rb +42 -0
- data/app/controllers/concerns/unsakini/comment_owner_controller_concern.rb +36 -0
- data/app/controllers/concerns/unsakini/logged_in_controller_concern.rb +23 -0
- data/app/controllers/concerns/unsakini/post_owner_controller_concern.rb +38 -0
- data/app/controllers/concerns/unsakini/serializer_controller_concern.rb +13 -0
- data/app/controllers/unsakini/base_controller.rb +6 -0
- data/app/controllers/unsakini/boards_controller.rb +76 -0
- data/app/controllers/unsakini/comments_controller.rb +54 -0
- data/app/controllers/unsakini/posts_controller.rb +61 -0
- data/app/controllers/unsakini/share_board_controller.rb +122 -0
- data/app/controllers/unsakini/user_token_controller.rb +17 -0
- data/app/controllers/unsakini/users_controller.rb +69 -0
- data/app/controllers/unsakini/web_controller.rb +27 -0
- data/app/mailers/unsakini/user_mailer.rb +13 -0
- data/app/models/concerns/unsakini/encryptable_model_concern.rb +97 -0
- data/app/models/unsakini/application_record.rb +7 -0
- data/app/models/unsakini/board.rb +16 -0
- data/app/models/unsakini/comment.rb +12 -0
- data/app/models/unsakini/post.rb +15 -0
- data/app/models/unsakini/user.rb +43 -0
- data/app/models/unsakini/user_board.rb +84 -0
- data/app/models/unsakini.rb +5 -0
- data/app/serializers/unsakini/board_serializer.rb +7 -0
- data/app/serializers/{comment_serializer.rb → unsakini/comment_serializer.rb} +6 -3
- data/app/serializers/unsakini/post_serializer.rb +26 -0
- data/app/serializers/unsakini/user_board_serializer.rb +14 -0
- data/app/serializers/{user_serializer.rb → unsakini/user_serializer.rb} +5 -2
- data/app/views/unsakini/user_mailer/confirm_account.html.erb +3 -0
- data/app/views/unsakini/web/index.html.erb +343 -0
- data/config/routes.rb +10 -10
- data/db/migrate/20161116114222_create_unsakini_boards.rb +10 -0
- data/db/migrate/{20161116200034_create_user_boards.rb → 20161116200034_create_unsakini_user_boards.rb} +3 -2
- data/db/migrate/{20161118031023_create_posts.rb → 20161118031023_create_unsakini_posts.rb} +2 -2
- data/db/migrate/{20161118100454_create_comments.rb → 20161118100454_create_unsakini_comments.rb} +2 -2
- data/db/migrate/20161126145352_create_unsakini_users.rb +15 -0
- data/lib/generators/unsakini/config/config_generator.rb +3 -1
- data/lib/generators/unsakini/dependencies/USAGE +5 -0
- data/lib/generators/unsakini/dependencies/dependencies_generator.rb +19 -0
- data/lib/tasks/unsakini_tasks.rake +6 -37
- data/lib/unsakini/engine.rb +6 -0
- data/lib/unsakini/version.rb +1 -1
- data/public/css/all.css +1204 -0
- data/public/css/all.css.map +7 -0
- data/public/css/bootstrap.css +5622 -0
- data/public/css/bootstrap.css.map +7 -0
- data/public/css/custom.css +15 -0
- data/public/favicons/android-chrome-144x144.png +0 -0
- data/public/favicons/android-chrome-192x192.png +0 -0
- data/public/favicons/android-chrome-36x36.png +0 -0
- data/public/favicons/android-chrome-48x48.png +0 -0
- data/public/favicons/android-chrome-72x72.png +0 -0
- data/public/favicons/android-chrome-96x96.png +0 -0
- data/public/favicons/apple-touch-icon-114x114.png +0 -0
- data/public/favicons/apple-touch-icon-120x120.png +0 -0
- data/public/favicons/apple-touch-icon-144x144.png +0 -0
- data/public/favicons/apple-touch-icon-152x152.png +0 -0
- data/public/favicons/apple-touch-icon-180x180.png +0 -0
- data/public/favicons/apple-touch-icon-57x57.png +0 -0
- data/public/favicons/apple-touch-icon-60x60.png +0 -0
- data/public/favicons/apple-touch-icon-72x72.png +0 -0
- data/public/favicons/apple-touch-icon-76x76.png +0 -0
- data/public/favicons/apple-touch-icon-precomposed.png +0 -0
- data/public/favicons/apple-touch-icon.png +0 -0
- data/public/favicons/favicon-16x16.png +0 -0
- data/public/favicons/favicon-194x194.png +0 -0
- data/public/favicons/favicon-32x32.png +0 -0
- data/public/favicons/favicon-96x96.png +0 -0
- data/public/favicons/favicon.ico +0 -0
- data/public/favicons/mstile-144x144.png +0 -0
- data/public/favicons/mstile-150x150.png +0 -0
- data/public/favicons/mstile-310x150.png +0 -0
- data/public/favicons/mstile-310x310.png +0 -0
- data/public/favicons/mstile-70x70.png +0 -0
- data/public/fonts/bootstrap/glyphicons-halflings-regular.eot +0 -0
- data/public/fonts/bootstrap/glyphicons-halflings-regular.svg +288 -0
- data/public/fonts/bootstrap/glyphicons-halflings-regular.ttf +0 -0
- data/public/fonts/bootstrap/glyphicons-halflings-regular.woff +0 -0
- data/public/fonts/bootstrap/glyphicons-halflings-regular.woff2 +0 -0
- data/public/fonts/font-awesome-4.3.0/css/font-awesome.css +1801 -0
- data/public/fonts/font-awesome-4.3.0/css/font-awesome.min.css +4 -0
- data/public/fonts/font-awesome-4.3.0/fonts/FontAwesome.otf +0 -0
- data/public/fonts/font-awesome-4.3.0/fonts/fontawesome-webfont.eot +0 -0
- data/public/fonts/font-awesome-4.3.0/fonts/fontawesome-webfont.svg +565 -0
- data/public/fonts/font-awesome-4.3.0/fonts/fontawesome-webfont.ttf +0 -0
- data/public/fonts/font-awesome-4.3.0/fonts/fontawesome-webfont.woff +0 -0
- data/public/fonts/font-awesome-4.3.0/fonts/fontawesome-webfont.woff2 +0 -0
- data/public/images/graph-01.svg +425 -0
- data/public/images/graph-02.svg +435 -0
- data/public/images/graph-03.svg +576 -0
- data/public/images/graph-04.svg +70 -0
- data/public/images/img-01.png +0 -0
- data/public/images/img-decor-01.jpg +0 -0
- data/public/images/img-decor-02.jpg +0 -0
- data/public/images/img-decor-03.jpg +0 -0
- data/public/images/img-social-placeholder-01.png +0 -0
- data/public/images/logo-cb.png +0 -0
- data/public/images/logo-codrops.png +0 -0
- data/public/images/logo-pixel.png +0 -0
- data/public/images/logo-smashing.png +0 -0
- data/public/images/logo-tnw.png +0 -0
- data/public/images/logo-w.png +0 -0
- data/public/images/unsakini.svg +56 -0
- data/public/images/user-01.jpg +0 -0
- data/public/images/user-02.jpg +0 -0
- data/public/images/user-03.jpg +0 -0
- data/public/js/bootstrap.js +2306 -0
- data/public/js/jquery-1.11.2.min.js +4 -0
- data/public/js/jquery.main.js +603 -0
- data/public/manifest.json +41 -0
- data/public/unsakini/app/448c34a56d699c29117adc64c43affeb.woff2 +0 -0
- data/public/unsakini/app/89889688147bd7575d6327160d64e760.svg +288 -0
- data/public/unsakini/app/assets/global.scss +3 -0
- data/public/unsakini/app/e18bbf611f2a2e43afc071aa2f4e1512.ttf +0 -0
- data/public/unsakini/app/f4769f9bdb7466be65088239c12046d1.eot +0 -0
- data/public/unsakini/app/fa2772327f55d8198301fdb8bcfc8158.woff +0 -0
- data/{angular/dist → public/unsakini/app}/favicon.ico +0 -0
- data/public/unsakini/app/index.html +14 -0
- data/public/unsakini/app/inline.d41d8cd98f00b204e980.bundle.js +2 -0
- data/public/unsakini/app/inline.d41d8cd98f00b204e980.bundle.map +1 -0
- data/public/unsakini/app/main.54f49c65d3d20650a5d5.bundle.js +2152 -0
- data/public/unsakini/app/main.54f49c65d3d20650a5d5.bundle.js.gz +0 -0
- data/public/unsakini/app/main.54f49c65d3d20650a5d5.bundle.map +1 -0
- data/public/unsakini/app/styles.58e065928ed8ebd0b582.bundle.js +2 -0
- data/public/unsakini/app/styles.58e065928ed8ebd0b582.bundle.map +1 -0
- data/public/unsakini/app/styles.5dac0e986fce6f8738b300cb558b56a0.bundle.css +8 -0
- data/spec/concerns/models/encryptable_concern.rb +3 -2
- data/spec/controllers/{web_base_controller_spec.rb → web_controller_spec.rb} +5 -4
- data/spec/dummy/config/application.rb +3 -1
- data/spec/dummy/config/environments/development.rb +2 -0
- data/spec/dummy/config/initializers/knock.rb +59 -0
- data/spec/dummy/db/schema.rb +16 -14
- data/spec/dummy/db/test.sqlite3 +0 -0
- data/spec/factories/boards.rb +1 -1
- data/spec/factories/comments.rb +1 -1
- data/spec/factories/posts.rb +1 -1
- data/spec/factories/user_boards.rb +1 -1
- data/spec/factories/users.rb +1 -1
- data/spec/models/board_spec.rb +2 -2
- data/spec/models/comment_spec.rb +2 -2
- data/spec/models/post_spec.rb +2 -2
- data/spec/models/user_board_spec.rb +19 -19
- data/spec/models/user_spec.rb +1 -1
- data/spec/requests/{api/boards/api_boards_crud_spec.rb → boards/boards_crud_spec.rb} +26 -26
- data/spec/requests/{api/boards/api_boards_pagination_spec.rb → boards/boards_pagination_spec.rb} +7 -7
- data/spec/requests/{api/boards/api_private_board_spec.rb → boards/private_board_spec.rb} +26 -26
- data/spec/requests/{api/boards/api_shared_board_spec.rb → boards/shared_board_spec.rb} +9 -9
- data/spec/requests/{api/boards/api_sharing_board_spec.rb → boards/sharing_board_spec.rb} +13 -13
- data/spec/requests/{api/comments/api_comments_pagination_spec.rb → comments/comments_pagination_spec.rb} +3 -3
- data/spec/requests/{api/comments/api_comments_private_board_spec.rb → comments/comments_private_board_spec.rb} +20 -20
- data/spec/requests/{api/comments/api_comments_shared_board_spec.rb → comments/comments_shared_board_spec.rb} +17 -17
- data/spec/requests/{api/posts/api_posts_pagination_spec.rb → posts/posts_pagination_spec.rb} +3 -3
- data/spec/requests/{api/posts/api_posts_private_board_spec.rb → posts/posts_private_board_spec.rb} +22 -22
- data/spec/requests/{api/posts/api_posts_shared_board_spec.rb → posts/posts_shared_board_spec.rb} +24 -24
- data/spec/requests/user/user_create_spec.rb +104 -0
- data/spec/requests/{api/api_users_spec.rb → user/user_search_spec.rb} +9 -9
- data/spec/schema/jwt.json +9 -0
- data/spec/schema/validation_message.json +4 -0
- data/spec/spec_helper.rb +2 -0
- data/spec/support/auth_helper.rb +0 -2
- metadata +204 -199
- data/angular/dist/index.html +0 -14
- data/angular/dist/inline.bundle.js +0 -139
- data/angular/dist/inline.map +0 -1
- data/angular/dist/main.bundle.js +0 -64689
- data/angular/dist/main.map +0 -1
- data/angular/dist/styles.bundle.js +0 -364
- data/angular/dist/styles.map +0 -1
- data/angular/src/styles.css +0 -1
- data/app/controllers/api/boards_controller.rb +0 -73
- data/app/controllers/api/comments_controller.rb +0 -51
- data/app/controllers/api/posts_controller.rb +0 -58
- data/app/controllers/api/share_board_controller.rb +0 -118
- data/app/controllers/api/users_controller.rb +0 -27
- data/app/controllers/concerns/board_owner_controller_concern.rb +0 -38
- data/app/controllers/concerns/comment_owner_controller_concern.rb +0 -33
- data/app/controllers/concerns/logged_in_controller_concern.rb +0 -21
- data/app/controllers/concerns/post_owner_controller_concern.rb +0 -36
- data/app/controllers/concerns/serializer_controller_concern.rb +0 -11
- data/app/controllers/user_token_controller.rb +0 -2
- data/app/controllers/web_base_controller.rb +0 -15
- data/app/models/application_record.rb +0 -5
- data/app/models/board.rb +0 -14
- data/app/models/comment.rb +0 -9
- data/app/models/concerns/encryptable_model_concern.rb +0 -96
- data/app/models/post.rb +0 -12
- data/app/models/user.rb +0 -6
- data/app/models/user_board.rb +0 -82
- data/app/serializers/board_serializer.rb +0 -5
- data/app/serializers/post_serializer.rb +0 -23
- data/app/serializers/user_board_serializer.rb +0 -11
- data/app/views/web_base/index.html +0 -16
- data/db/migrate/20161116114222_create_boards.rb +0 -9
- data/db/migrate/20161118221508_add_encrypted_password_to_user_board.rb +0 -5
- data/db/migrate/20161122211105_create_users.rb +0 -12
- data/db/migrate/20161124102633_add_is_shared_to_boards.rb +0 -5
- data/lib/generators/unsakini/angular/USAGE +0 -8
- data/lib/generators/unsakini/angular/angular_generator.rb +0 -7
- data/spec/dummy/config/initializers/assets.rb +0 -11
- data/spec/dummy/config/initializers/cookies_serializer.rb +0 -5
- data/spec/dummy/config/initializers/session_store.rb +0 -3
- data/spec/dummy/db/development.sqlite3 +0 -0
- data/spec/dummy/db/migrate/20161124210219_create_boards.unsakini_engine.rb +0 -10
- data/spec/dummy/db/migrate/20161124210220_create_user_boards.unsakini_engine.rb +0 -12
- data/spec/dummy/db/migrate/20161124210221_create_posts.unsakini_engine.rb +0 -13
- data/spec/dummy/db/migrate/20161124210222_create_comments.unsakini_engine.rb +0 -12
- data/spec/dummy/db/migrate/20161124210223_add_encrypted_password_to_user_board.unsakini_engine.rb +0 -6
- data/spec/dummy/db/migrate/20161124210224_create_users.unsakini_engine.rb +0 -13
- data/spec/dummy/db/migrate/20161124210225_add_is_shared_to_boards.unsakini_engine.rb +0 -6
- data/spec/dummy/public/app/favicon.ico +0 -0
- data/spec/dummy/public/app/index.html +0 -14
- data/spec/dummy/public/app/inline.bundle.js +0 -139
- data/spec/dummy/public/app/inline.map +0 -1
- data/spec/dummy/public/app/main.bundle.js +0 -64689
- data/spec/dummy/public/app/main.map +0 -1
- data/spec/dummy/public/app/styles.bundle.js +0 -364
- data/spec/dummy/public/app/styles.map +0 -1
- data/spec/dummy/tmp/unsakini-ng2/LICENSE +0 -21
- data/spec/dummy/tmp/unsakini-ng2/README.md +0 -1
- data/spec/dummy/tmp/unsakini-ng2/angular-cli.json +0 -59
- data/spec/dummy/tmp/unsakini-ng2/e2e/app.e2e-spec.ts +0 -14
- data/spec/dummy/tmp/unsakini-ng2/e2e/app.po.ts +0 -11
- data/spec/dummy/tmp/unsakini-ng2/e2e/signup.e2e-spec.ts +0 -28
- data/spec/dummy/tmp/unsakini-ng2/e2e/signup.po.ts +0 -31
- data/spec/dummy/tmp/unsakini-ng2/e2e/tsconfig.json +0 -16
- data/spec/dummy/tmp/unsakini-ng2/karma.conf.js +0 -45
- data/spec/dummy/tmp/unsakini-ng2/package.json +0 -49
- data/spec/dummy/tmp/unsakini-ng2/protractor.conf.js +0 -32
- data/spec/dummy/tmp/unsakini-ng2/src/app/app.component.css +0 -0
- data/spec/dummy/tmp/unsakini-ng2/src/app/app.component.html +0 -4
- data/spec/dummy/tmp/unsakini-ng2/src/app/app.component.spec.ts +0 -47
- data/spec/dummy/tmp/unsakini-ng2/src/app/app.component.ts +0 -10
- data/spec/dummy/tmp/unsakini-ng2/src/app/app.module.ts +0 -29
- data/spec/dummy/tmp/unsakini-ng2/src/app/app.routes.module.ts +0 -29
- data/spec/dummy/tmp/unsakini-ng2/src/app/index.ts +0 -2
- data/spec/dummy/tmp/unsakini-ng2/src/app/registration/registration.component.css +0 -0
- data/spec/dummy/tmp/unsakini-ng2/src/app/registration/registration.component.html +0 -14
- data/spec/dummy/tmp/unsakini-ng2/src/app/registration/registration.component.spec.ts +0 -157
- data/spec/dummy/tmp/unsakini-ng2/src/app/registration/registration.component.ts +0 -42
- data/spec/dummy/tmp/unsakini-ng2/src/environments/environment.prod.ts +0 -3
- data/spec/dummy/tmp/unsakini-ng2/src/environments/environment.ts +0 -8
- data/spec/dummy/tmp/unsakini-ng2/src/favicon.ico +0 -0
- data/spec/dummy/tmp/unsakini-ng2/src/index.html +0 -14
- data/spec/dummy/tmp/unsakini-ng2/src/main.ts +0 -12
- data/spec/dummy/tmp/unsakini-ng2/src/polyfills.ts +0 -19
- data/spec/dummy/tmp/unsakini-ng2/src/styles.css +0 -1
- data/spec/dummy/tmp/unsakini-ng2/src/test.ts +0 -31
- data/spec/dummy/tmp/unsakini-ng2/src/tsconfig.json +0 -18
- data/spec/dummy/tmp/unsakini-ng2/src/typings.d.ts +0 -2
- data/spec/dummy/tmp/unsakini-ng2/tslint.json +0 -114
- data/spec/dummy/tmp/unsakini-ng2/typings.json +0 -4
|
@@ -1,27 +0,0 @@
|
|
|
1
|
-
class Api::UsersController < ApplicationController
|
|
2
|
-
|
|
3
|
-
include LoggedInControllerConcern
|
|
4
|
-
include ::ActionController::Serialization
|
|
5
|
-
|
|
6
|
-
# Renders the current user as json
|
|
7
|
-
#
|
|
8
|
-
# `GET /api/user/:id`
|
|
9
|
-
#
|
|
10
|
-
def show
|
|
11
|
-
render json: @user
|
|
12
|
-
end
|
|
13
|
-
|
|
14
|
-
# Returns the user with matching email
|
|
15
|
-
#
|
|
16
|
-
# `GET /api/users/search?email=xxx`
|
|
17
|
-
#
|
|
18
|
-
def search
|
|
19
|
-
user = User.where("email = ? AND id != ?", params[:email], @user.id).first
|
|
20
|
-
if user
|
|
21
|
-
render json: user
|
|
22
|
-
else
|
|
23
|
-
render json: {}, status: :not_found
|
|
24
|
-
end
|
|
25
|
-
end
|
|
26
|
-
|
|
27
|
-
end
|
|
@@ -1,38 +0,0 @@
|
|
|
1
|
-
#Ensure user has access to the board and sets the `@board` variable in the controller
|
|
2
|
-
module BoardOwnerControllerConcern
|
|
3
|
-
extend ActiveSupport::Concern
|
|
4
|
-
|
|
5
|
-
#Ensure user has access to the board and sets the `@board` variable in the controller
|
|
6
|
-
def ensure_board
|
|
7
|
-
board_id = params[:board_id] || params[:id]
|
|
8
|
-
result = has_board_access(board_id)
|
|
9
|
-
@board = result[:board]
|
|
10
|
-
@user_board = result[:user_board]
|
|
11
|
-
render json: {}, status: result[:status] if result[:status] != :ok
|
|
12
|
-
end
|
|
13
|
-
|
|
14
|
-
# Validate if user has access to board
|
|
15
|
-
#
|
|
16
|
-
# @param board_id [Integer] board id
|
|
17
|
-
def has_board_access(board_id)
|
|
18
|
-
board = nil
|
|
19
|
-
if !board_id.nil?
|
|
20
|
-
board = Board.find_by_id(board_id)
|
|
21
|
-
else
|
|
22
|
-
return {status: :bad_request}
|
|
23
|
-
end
|
|
24
|
-
if (board)
|
|
25
|
-
user_board = UserBoard.where(user_id: @user.id, board_id: board_id).first
|
|
26
|
-
return {status: :forbidden }if user_board.nil?
|
|
27
|
-
return {status: :ok, board: board, user_board: user_board}
|
|
28
|
-
else
|
|
29
|
-
return {status: :not_found}
|
|
30
|
-
end
|
|
31
|
-
end
|
|
32
|
-
|
|
33
|
-
#Ensures user is owner of the board. Must be run after {#ensure_board} method.
|
|
34
|
-
def ensure_board_owner
|
|
35
|
-
render json: {}, status: :forbidden if !@user_board.is_admin
|
|
36
|
-
end
|
|
37
|
-
|
|
38
|
-
end
|
|
@@ -1,33 +0,0 @@
|
|
|
1
|
-
# Ensures user is owner of the comment and sets the `@comment` variable in the controllers
|
|
2
|
-
module CommentOwnerControllerConcern
|
|
3
|
-
extend ActiveSupport::Concern
|
|
4
|
-
|
|
5
|
-
# Ensures user is owner of the comment and sets the `@comment` variable in the controllers
|
|
6
|
-
def ensure_comment
|
|
7
|
-
post_id = params[:post_id]
|
|
8
|
-
comment_id = params[:comment_id] || params[:id]
|
|
9
|
-
result = has_comment_access post_id, comment_id
|
|
10
|
-
@comment = result[:comment]
|
|
11
|
-
status = result[:status]
|
|
12
|
-
render json: {}, status: status if status != :ok
|
|
13
|
-
end
|
|
14
|
-
|
|
15
|
-
# Validate if user has access to comment in the post
|
|
16
|
-
#
|
|
17
|
-
# @param post_id [Integer] post id
|
|
18
|
-
# @param comment_id [Integer] comment id
|
|
19
|
-
def has_comment_access(post_id, comment_id)
|
|
20
|
-
comment = Comment.where(id: comment_id, post_id: post_id, user_id: @user.id).first
|
|
21
|
-
if comment.nil?
|
|
22
|
-
return {status: :forbidden, comment: comment}
|
|
23
|
-
else
|
|
24
|
-
return {status: :ok, comment: comment}
|
|
25
|
-
end
|
|
26
|
-
end
|
|
27
|
-
|
|
28
|
-
# Ensures user is the owner of the comment. Must be run after {#ensure_comment} method.
|
|
29
|
-
def ensure_comment_owner
|
|
30
|
-
render json: {}, status: :forbidden if @comment.user_id != @user.id
|
|
31
|
-
end
|
|
32
|
-
|
|
33
|
-
end
|
|
@@ -1,21 +0,0 @@
|
|
|
1
|
-
# Ensures users are logged in and sets `@user` instance variable in the controllers.
|
|
2
|
-
# This is included in the base api controller.
|
|
3
|
-
#
|
|
4
|
-
# Returns `401` error if user is not authenticated
|
|
5
|
-
module LoggedInControllerConcern
|
|
6
|
-
extend ActiveSupport::Concern
|
|
7
|
-
|
|
8
|
-
included do
|
|
9
|
-
include Knock::Authenticable
|
|
10
|
-
before_action :authenticate_user
|
|
11
|
-
before_action :set_user
|
|
12
|
-
end
|
|
13
|
-
|
|
14
|
-
private
|
|
15
|
-
# Sets the `@user` variable in the controllers
|
|
16
|
-
def set_user
|
|
17
|
-
render json: {}, status: :unauthorized if current_user.nil?
|
|
18
|
-
@user = current_user
|
|
19
|
-
end
|
|
20
|
-
|
|
21
|
-
end
|
|
@@ -1,36 +0,0 @@
|
|
|
1
|
-
# Ensures user is owner of the post and sets the `@post` variable in the controllers
|
|
2
|
-
module PostOwnerControllerConcern
|
|
3
|
-
extend ActiveSupport::Concern
|
|
4
|
-
|
|
5
|
-
# Ensures user is owner of the post and sets the `@post` variable in the controllers
|
|
6
|
-
def ensure_post
|
|
7
|
-
post_id = params[:post_id] || params[:id]
|
|
8
|
-
board_id = params[:board_id]
|
|
9
|
-
result = has_post_access(board_id, post_id)
|
|
10
|
-
status = result[:status]
|
|
11
|
-
@post = result[:post]
|
|
12
|
-
render json: {}, status: status if status != :ok
|
|
13
|
-
end
|
|
14
|
-
|
|
15
|
-
# Validate if user has access to the post in the board
|
|
16
|
-
#
|
|
17
|
-
# @param board_id [Integer] board id
|
|
18
|
-
# @param post_id [Integer] post id
|
|
19
|
-
def has_post_access(board_id, post_id)
|
|
20
|
-
post = Post.where(id: post_id, board_id: board_id)
|
|
21
|
-
.joins("LEFT JOIN user_boards ON user_boards.board_id = posts.board_id")
|
|
22
|
-
.where("user_boards.user_id = ?", @user.id)
|
|
23
|
-
.first
|
|
24
|
-
if post.nil?
|
|
25
|
-
return {status: :forbidden}
|
|
26
|
-
else
|
|
27
|
-
return {status: :ok, post: post}
|
|
28
|
-
end
|
|
29
|
-
end
|
|
30
|
-
|
|
31
|
-
# Ensures user is owner of the post. Must be run after {#ensure_post}`.
|
|
32
|
-
def ensure_post_owner
|
|
33
|
-
render json: {}, status: :forbidden if @post.user_id != @user.id
|
|
34
|
-
end
|
|
35
|
-
|
|
36
|
-
end
|
|
@@ -1,15 +0,0 @@
|
|
|
1
|
-
# Base controller for web pages
|
|
2
|
-
|
|
3
|
-
class WebBaseController < ActionController::Base
|
|
4
|
-
include ActionController::ImplicitRender
|
|
5
|
-
include ActionView::Layouts
|
|
6
|
-
|
|
7
|
-
# Renders welcome page
|
|
8
|
-
def index
|
|
9
|
-
end
|
|
10
|
-
|
|
11
|
-
# Renders the angular index view when request url is /app/* to enable html5 pushState capability of angularjs
|
|
12
|
-
def app
|
|
13
|
-
render file: "#{Rails.root}/public/app/index.html", layout: false
|
|
14
|
-
end
|
|
15
|
-
end
|
data/app/models/board.rb
DELETED
|
@@ -1,14 +0,0 @@
|
|
|
1
|
-
#Board model
|
|
2
|
-
|
|
3
|
-
class Board < ApplicationRecord
|
|
4
|
-
include EncryptableModelConcern
|
|
5
|
-
encryptable_attributes :name
|
|
6
|
-
|
|
7
|
-
validates :name, presence: true
|
|
8
|
-
|
|
9
|
-
has_many :users, through: :user_boards
|
|
10
|
-
|
|
11
|
-
has_many :user_boards, :dependent => :delete_all
|
|
12
|
-
has_many :posts, :dependent => :destroy
|
|
13
|
-
|
|
14
|
-
end
|
data/app/models/comment.rb
DELETED
|
@@ -1,96 +0,0 @@
|
|
|
1
|
-
require 'openssl'
|
|
2
|
-
require 'base64'
|
|
3
|
-
|
|
4
|
-
# Responsible for encryption and decryption of certain model attributes
|
|
5
|
-
|
|
6
|
-
module EncryptableModelConcern
|
|
7
|
-
extend ActiveSupport::Concern
|
|
8
|
-
|
|
9
|
-
included do
|
|
10
|
-
before_save :encrypt_encryptable_attributes
|
|
11
|
-
after_save :decrypt_encryptable_attributes
|
|
12
|
-
after_find :decrypt_encryptable_attributes
|
|
13
|
-
end
|
|
14
|
-
|
|
15
|
-
module ClassMethods
|
|
16
|
-
# Sets the `encryptable_attributes` class instance variable in the model.
|
|
17
|
-
#
|
|
18
|
-
# Encryptable attributes are encrypted before saving using `before_save` hook and decrypted using `after_save` and `after_find` hooks.
|
|
19
|
-
#
|
|
20
|
-
# Example:
|
|
21
|
-
# ```
|
|
22
|
-
# class Board < BaseModel
|
|
23
|
-
# encryptable_attributes :name, :title, :content
|
|
24
|
-
# end
|
|
25
|
-
# ```
|
|
26
|
-
# @param attrs [Symbol] model attributes
|
|
27
|
-
#
|
|
28
|
-
def encryptable_attributes(*attrs)
|
|
29
|
-
@encryptable_attributes = attrs
|
|
30
|
-
end
|
|
31
|
-
|
|
32
|
-
end
|
|
33
|
-
|
|
34
|
-
# Returns the model's `encryptable_attributes` class instance variable.
|
|
35
|
-
#
|
|
36
|
-
def encryptable_attributes
|
|
37
|
-
self.class.instance_variable_get(:@encryptable_attributes) || []
|
|
38
|
-
end
|
|
39
|
-
|
|
40
|
-
private
|
|
41
|
-
# Encryptes the model's encryptable attributes before saving using Rails' `before_save` hook.
|
|
42
|
-
#
|
|
43
|
-
# **Note: Be careful in calling this method manually as it can corrupt the data.**
|
|
44
|
-
def encrypt_encryptable_attributes
|
|
45
|
-
encryptable_attributes.each do |k|
|
|
46
|
-
self[k] = encrypt(self[k])
|
|
47
|
-
end
|
|
48
|
-
end
|
|
49
|
-
|
|
50
|
-
# Decrypts the model's encryptable attributes using Rails' `after_save` and `after_find` hooks.
|
|
51
|
-
#
|
|
52
|
-
# **Note: Be careful in calling this method manually as it can corrupt the data.**
|
|
53
|
-
def decrypt_encryptable_attributes
|
|
54
|
-
encryptable_attributes.each do |k|
|
|
55
|
-
self[k] = decrypt(self[k])
|
|
56
|
-
end
|
|
57
|
-
end
|
|
58
|
-
|
|
59
|
-
# Determins if the value being encrypted/decryped is empty.
|
|
60
|
-
def is_empty_val(value)
|
|
61
|
-
!value or value.nil? or value == ""
|
|
62
|
-
end
|
|
63
|
-
|
|
64
|
-
# Returns the cipher algorithm used
|
|
65
|
-
def cipher
|
|
66
|
-
OpenSSL::Cipher::Cipher.new('aes-256-cbc')
|
|
67
|
-
end
|
|
68
|
-
|
|
69
|
-
# Returns the encryption key from the `unsakini_crypto_key` config
|
|
70
|
-
def cipher_key
|
|
71
|
-
begin
|
|
72
|
-
Rails.configuration.unsakini_crypto_key
|
|
73
|
-
rescue Exception => e
|
|
74
|
-
raise 'Encryption key is not set! Please run `rails g unsakini:config` before you proceed.'
|
|
75
|
-
end
|
|
76
|
-
end
|
|
77
|
-
|
|
78
|
-
# Encrypts model attribute value
|
|
79
|
-
def encrypt(value)
|
|
80
|
-
return value if is_empty_val(value)
|
|
81
|
-
c = cipher.encrypt
|
|
82
|
-
c.key = Digest::SHA256.digest(cipher_key)
|
|
83
|
-
c.iv = iv = c.random_iv
|
|
84
|
-
Base64.encode64(iv) + Base64.encode64(c.update(value.to_s) + c.final)
|
|
85
|
-
end
|
|
86
|
-
|
|
87
|
-
# Decrypts model attribute value
|
|
88
|
-
def decrypt(value)
|
|
89
|
-
return value if is_empty_val(value)
|
|
90
|
-
c = cipher.decrypt
|
|
91
|
-
c.key = Digest::SHA256.digest(cipher_key)
|
|
92
|
-
c.iv = Base64.decode64 value.slice!(0,25)
|
|
93
|
-
c.update(Base64.decode64(value.to_s)) + c.final
|
|
94
|
-
end
|
|
95
|
-
|
|
96
|
-
end
|
data/app/models/post.rb
DELETED
|
@@ -1,12 +0,0 @@
|
|
|
1
|
-
#Post model
|
|
2
|
-
|
|
3
|
-
class Post < ApplicationRecord
|
|
4
|
-
include EncryptableModelConcern
|
|
5
|
-
encryptable_attributes :title, :content
|
|
6
|
-
validates :title, presence: true
|
|
7
|
-
validates :content, presence: true
|
|
8
|
-
|
|
9
|
-
belongs_to :user
|
|
10
|
-
belongs_to :board
|
|
11
|
-
has_many :comments, :dependent => :delete_all
|
|
12
|
-
end
|
data/app/models/user.rb
DELETED
data/app/models/user_board.rb
DELETED
|
@@ -1,82 +0,0 @@
|
|
|
1
|
-
# UserBoard model, links the user and it's boards
|
|
2
|
-
|
|
3
|
-
class UserBoard < ApplicationRecord
|
|
4
|
-
include EncryptableModelConcern
|
|
5
|
-
encryptable_attributes :encrypted_password
|
|
6
|
-
|
|
7
|
-
validates :encrypted_password, :presence => true, if: :is_admin
|
|
8
|
-
|
|
9
|
-
before_validation :validate_before_create, on: :create
|
|
10
|
-
before_validation :validate_before_update, on: :update
|
|
11
|
-
|
|
12
|
-
belongs_to :user
|
|
13
|
-
belongs_to :board
|
|
14
|
-
|
|
15
|
-
scope :admin, -> { where(is_admin: true) }
|
|
16
|
-
|
|
17
|
-
def name=(str)
|
|
18
|
-
@name = str
|
|
19
|
-
end
|
|
20
|
-
|
|
21
|
-
def name
|
|
22
|
-
if !@name.nil?
|
|
23
|
-
@name
|
|
24
|
-
else
|
|
25
|
-
self.board.name
|
|
26
|
-
end
|
|
27
|
-
end
|
|
28
|
-
|
|
29
|
-
# Returns user_boards where {Board} is `is_shared`
|
|
30
|
-
#
|
|
31
|
-
# @param is_shared [Boolean] wether to return shared or not shared boards
|
|
32
|
-
def self.shared(is_shared)
|
|
33
|
-
joins("LEFT JOIN boards ON user_boards.board_id = boards.id")
|
|
34
|
-
.where("boards.is_shared = ?", is_shared)
|
|
35
|
-
end
|
|
36
|
-
|
|
37
|
-
def share(user_ids, new_key)
|
|
38
|
-
ActiveRecord::Base.transaction do
|
|
39
|
-
user_ids.each do |usr_id|
|
|
40
|
-
UserBoard.new({
|
|
41
|
-
user_id: usr_id,
|
|
42
|
-
board_id: self.board_id,
|
|
43
|
-
encrypted_password: nil,
|
|
44
|
-
is_admin: false
|
|
45
|
-
})
|
|
46
|
-
.save!
|
|
47
|
-
end
|
|
48
|
-
self.board.is_shared = true
|
|
49
|
-
self.encrypted_password = new_key
|
|
50
|
-
self.save!
|
|
51
|
-
end
|
|
52
|
-
true
|
|
53
|
-
|
|
54
|
-
rescue
|
|
55
|
-
self.errors[:base] << "Unable to share the this board"
|
|
56
|
-
false
|
|
57
|
-
end
|
|
58
|
-
|
|
59
|
-
private
|
|
60
|
-
|
|
61
|
-
def reset_user_boards_encrypted_password
|
|
62
|
-
UserBoard.where("board_id = ? AND user_id != ?", self.board_id, self.user_id).update_all(encrypted_password: nil)
|
|
63
|
-
end
|
|
64
|
-
|
|
65
|
-
def validate_before_create
|
|
66
|
-
if self.board.nil?
|
|
67
|
-
b = Board.new(name: @name)
|
|
68
|
-
if b.save
|
|
69
|
-
self.board_id = b.id
|
|
70
|
-
else
|
|
71
|
-
self.errors[:base] << "Board name is invalid"
|
|
72
|
-
end
|
|
73
|
-
end
|
|
74
|
-
end
|
|
75
|
-
|
|
76
|
-
def validate_before_update
|
|
77
|
-
self.board.name = @name if !@name.blank?
|
|
78
|
-
reset_user_boards_encrypted_password if self.encrypted_password_changed?
|
|
79
|
-
self.errors[:base] << "Board name is invalid" if !self.board.save
|
|
80
|
-
end
|
|
81
|
-
|
|
82
|
-
end
|
|
@@ -1,23 +0,0 @@
|
|
|
1
|
-
# Serializes the `Post` model instance to json.
|
|
2
|
-
# Read more about active model serializers - https://github.com/rails-api/active_model_serializers
|
|
3
|
-
|
|
4
|
-
class PostSerializer < ActiveModel::Serializer
|
|
5
|
-
|
|
6
|
-
attributes :id, :title, :content, :created_at, :updated_at
|
|
7
|
-
|
|
8
|
-
belongs_to :user
|
|
9
|
-
|
|
10
|
-
belongs_to :board do |serializer|
|
|
11
|
-
user_board = object.board.user_boards.where(user_id: object.user_id).first
|
|
12
|
-
|
|
13
|
-
{
|
|
14
|
-
"id" => object.board.id,
|
|
15
|
-
"name" => object.board.name,
|
|
16
|
-
"is_admin" => user_board.is_admin,
|
|
17
|
-
"encrypted_password" => user_board.encrypted_password,
|
|
18
|
-
"created_at" => object.board.created_at,
|
|
19
|
-
"updated_at" => object.board.updated_at
|
|
20
|
-
}
|
|
21
|
-
end
|
|
22
|
-
|
|
23
|
-
end
|
|
@@ -1,11 +0,0 @@
|
|
|
1
|
-
# Serializes the `UserBoard` model instance to json.
|
|
2
|
-
# Read more about active model serializers - https://github.com/rails-api/active_model_serializers
|
|
3
|
-
#
|
|
4
|
-
|
|
5
|
-
class UserBoardSerializer < ActiveModel::Serializer
|
|
6
|
-
|
|
7
|
-
attributes :id, :is_admin, :encrypted_password, :created_at, :updated_at
|
|
8
|
-
|
|
9
|
-
belongs_to :board
|
|
10
|
-
|
|
11
|
-
end
|
|
@@ -1,16 +0,0 @@
|
|
|
1
|
-
<!DOCTYPE html>
|
|
2
|
-
<html lang="en">
|
|
3
|
-
<head>
|
|
4
|
-
<meta charset="UTF-8">
|
|
5
|
-
<title>Welcome to Unsakini</title>
|
|
6
|
-
</head>
|
|
7
|
-
<body>
|
|
8
|
-
<h1>Welcome to Unsakini</h1>
|
|
9
|
-
<ul>
|
|
10
|
-
<li>
|
|
11
|
-
<a href="/app/login">Login</a>
|
|
12
|
-
<a href="/app/signup">Sign Up</a>
|
|
13
|
-
</li>
|
|
14
|
-
</ul>
|
|
15
|
-
</body>
|
|
16
|
-
</html>
|
|
@@ -1,11 +0,0 @@
|
|
|
1
|
-
# Be sure to restart your server when you modify this file.
|
|
2
|
-
|
|
3
|
-
# Version of your assets, change this if you want to expire all your assets.
|
|
4
|
-
Rails.application.config.assets.version = '1.0'
|
|
5
|
-
|
|
6
|
-
# Add additional assets to the asset load path
|
|
7
|
-
# Rails.application.config.assets.paths << Emoji.images_path
|
|
8
|
-
|
|
9
|
-
# Precompile additional assets.
|
|
10
|
-
# application.js, application.css, and all non-JS/CSS in app/assets folder are already added.
|
|
11
|
-
# Rails.application.config.assets.precompile += %w( search.js )
|
|
Binary file
|
|
@@ -1,12 +0,0 @@
|
|
|
1
|
-
# This migration comes from unsakini_engine (originally 20161116200034)
|
|
2
|
-
class CreateUserBoards < ActiveRecord::Migration[5.0]
|
|
3
|
-
def change
|
|
4
|
-
create_table :user_boards do |t|
|
|
5
|
-
t.integer :user_id
|
|
6
|
-
t.integer :board_id
|
|
7
|
-
t.boolean :is_admin, :default => false
|
|
8
|
-
|
|
9
|
-
t.timestamps
|
|
10
|
-
end
|
|
11
|
-
end
|
|
12
|
-
end
|
|
@@ -1,13 +0,0 @@
|
|
|
1
|
-
# This migration comes from unsakini_engine (originally 20161118031023)
|
|
2
|
-
class CreatePosts < ActiveRecord::Migration[5.0]
|
|
3
|
-
def change
|
|
4
|
-
create_table :posts do |t|
|
|
5
|
-
t.text :title
|
|
6
|
-
t.text :content
|
|
7
|
-
t.integer :user_id
|
|
8
|
-
t.integer :board_id
|
|
9
|
-
|
|
10
|
-
t.timestamps
|
|
11
|
-
end
|
|
12
|
-
end
|
|
13
|
-
end
|
|
@@ -1,12 +0,0 @@
|
|
|
1
|
-
# This migration comes from unsakini_engine (originally 20161118100454)
|
|
2
|
-
class CreateComments < ActiveRecord::Migration[5.0]
|
|
3
|
-
def change
|
|
4
|
-
create_table :comments do |t|
|
|
5
|
-
t.text :content
|
|
6
|
-
t.integer :user_id
|
|
7
|
-
t.integer :post_id
|
|
8
|
-
|
|
9
|
-
t.timestamps
|
|
10
|
-
end
|
|
11
|
-
end
|
|
12
|
-
end
|
|
@@ -1,13 +0,0 @@
|
|
|
1
|
-
# This migration comes from unsakini_engine (originally 20161122211105)
|
|
2
|
-
class CreateUsers < ActiveRecord::Migration[5.0]
|
|
3
|
-
def change
|
|
4
|
-
create_table :users do |t|
|
|
5
|
-
t.string :name
|
|
6
|
-
t.string :email
|
|
7
|
-
t.string :password_digest
|
|
8
|
-
t.boolean :confirmed
|
|
9
|
-
|
|
10
|
-
t.timestamps
|
|
11
|
-
end
|
|
12
|
-
end
|
|
13
|
-
end
|
|
Binary file
|