class CreateComments < ActiveRecord::Migration def change create_table :co

1. class CreateComments < ActiveRecord::Migration
2. def change
3. create_table :comments do |t|
4. t.text :content
5. t.references :commentable, polymorphic: true, index: true
6. t.references :author, index: true
7.  
8. t.timestamps null: false
9. end
10.  
11. add_foreign_key :comments, :users, column: :author_id
12. end
13. end
14.  
15. class Comment < ActiveRecord::Base
16. belongs_to :author, class_name: "User"
17. belongs_to :commentable, polymorphic: true
18.  
19. validates :text, presence: true
20.  
21. default_scope -> { order(created_at: "desc") }
22. scope :persisted, lambda { where.not(id: nil) }
23.  
24. end
25.  
26. class CommentsController < ApplicationController
27. before_action :set_post
28.  
29. def create
30. @comment = @commentable.comments.new(comment_params)
31. @comment.author = current_user
32. authorize @comment, :create?
33.  
34. if @comment.save
35. flash[:notice] = "Comment has been created."
36. redirect_to @commentable
37. else
38. flash.now[:alert] = "Comment has not been created."
39. render "posts/show"
40. end
41. end
42.  
43.  
44. private
45.  
46. def set_post
47. @post = Post.find(params[:post_id])
48. end
49.  
50. def comment_params
51. params.require(:comment).permit(:text)
52. end
53. end
54.  
55. .
56. .
57. .
58. #comments
59. = render partial: "comments/form", locals: {commentable: @post}
60.  
61. - if @post.comments.persisted.any?
62. h4
63. = t(:available_comments, count: @post.comments.count)
64. = render partial: "comments/comments", locals: {commentable: @post}
65. - else
66. p
67. There are no comments for this post.
68.  
69. .header
70. h3 New Comment
71.  
72. = simple_form_for [commentable, Comment.new] do |f|
73. .form-group
74. = f.input :content, label: "Comment", placeholder: "Add a comment", input_html: { rows: 6 }
75. = f.submit class: "btn btn-primary"
76. <br>
77.  
78. resources :posts, only: [:index, :show, :edit, :update]
79.  
80. resources :posts, only: [] do
81. resources :comments, only: [:create], module: :posts
82. end
83.  
84. class Posts::CommentsController < CommentsController
85. before_action :set_commentable
86.  
87. private
88.  
89. def set_commentable
90. @commentable = Post.find(params[:post_id])
91. end
92. end
93.  
94. class Role < ActiveRecord::Base
95. belongs_to :user
96. belongs_to :post
97.  
98. def self.available_roles
99. %w(manager editor viewer)
100. end
101. end
102.  
103. FactoryGirl.define do
104. factory :comment do
105. content { "A comment!" }
106.  
107. trait :post_comment do
108. association :commentable, factory: :post
109. #commentable_type 'Post'
110. association :author_id, factory: :user
111. end
112. end
113. end
114.  
115. class CommentPolicy < ApplicationPolicy
116. class Scope < Scope
117. def resolve
118. scope
119. end
120. end
121.  
122. def create?
123. user.try(:admin?) || record.commentable.has_manager?(user)
124. end
125. end
126.  
127. require 'rails_helper'
128. RSpec.describe CommentPolicy do
129. context "permissions" do
130. subject { CommentPolicy.new(user, comment) }
131.  
132. let(:user) { create(:user) }
133. let(:post) { create(:post)}
134. let(:post_comment) { create(:comment, :post_comment)}
135.  
136. context "for anonymous users" do
137. let(:user) { nil }
138. it { should_not permit_action :create }
139. end
140.  
141. context "for viewers of the post_comment" do
142. before { assign_role!(user, :viewer, post) }
143. it { should_not permit_action :create }
144. end
145.  
146. context "for editors of the post" do
147. before { assign_role!(user, :editor, post) }
148. it { should permit_action :create }
149. end
150.  
151. context "for managers of the post" do
152. before { assign_role!(user, :manager, post) }
153. it { should permit_action :create }
154. end
155.  
156. context "for managers of other post" do
157. before do
158. assign_role!(user, :manager, create(:post))
159. end
160. it { should_not permit_action :create }
161. end
162.  
163. context "for administrators" do
164. let(:user) { create(:user, :admin) }
165. it { should permit_action :create }
166. end
167. end
168.  
169. end
170.  
171. `rspec spec/policies/comment_policy_spec.rb`
172. Run options: exclude {:slow=>true}
173. FFFFFF
174.  
175. Failure/Error: subject { CommentPolicy.new(user, comment) }
176.  
177. NameError:
178. undefined local variable or method `comment' for #<RSpec::ExampleGroups::CommentPolicy::Permissions::.....
179.  
180. Run options: exclude {:slow=>true}
181. FFFFF.
182. Failure/Error: user.try(:admin?) || record.commentable.has_manager?(user)
183.  
184. NoMethodError:
185. undefined method `commentable' for #<Post:0x007f9cc3dba328>
186. Did you mean? comments
187.  
188. class Comment < ActiveRecord::Base
189. belongs_to :commentable, polymorphic: true
190. #etc...
191. end
192.  
193. class Post < ActiveRecord::Base
194. has_many :comments, as: :commentable, dependent: :destroy
195. #etc...
196. end
197.  
198. belongs_to :post
199. belongs_to :commentable, polymorphic: true
200.  
201. @post.comments.build
202. #this will set comment.commentable_id = @post.id, and comment.commentable_type = "Post"
203. #but will not set comment.post_id
204.  
205. scope.joins(:roles).where(roles: {user_id: user}
206.  
207. scope.joins(:roles).where(roles: {user_id: user.id}