Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- The following changes since commit 15ebae65be71236447bb46a6f86af3367f5ead86:
- adding whitelisteds to album (2011-09-24 20:16:17 +0200)
- are available in the git repository at:
- git@codeplane.com:elland/pixplx.git whitelist
- Igor Ranieri Elland (4):
- privacy settings
- HABTM
- scoping whitelisted
- helper for available users
- app/controllers/albums_controller.rb | 4 +-
- app/helpers/albums_helper.rb | 3 +
- app/models/album.rb | 10 +++-
- app/models/user.rb | 2 +-
- app/views/albums/show.html.haml | 63 +++++++++++--------
- db/migrate/20110924181123_add_album_id_to_users.rb | 5 --
- ...0110924184734_create_albums_users_join_table.rb | 8 +++
- db/schema.rb | 8 ++-
- 8 files changed, 65 insertions(+), 38 deletions(-)
- delete mode 100644 db/migrate/20110924181123_add_album_id_to_users.rb
- create mode 100644 db/migrate/20110924184734_create_albums_users_join_table.rb
- diff --git a/app/controllers/albums_controller.rb b/app/controllers/albums_controller.rb
- index 7ca72ea..f6d6c10 100644
- --- a/app/controllers/albums_controller.rb
- +++ b/app/controllers/albums_controller.rb
- @@ -7,7 +7,7 @@ class AlbumsController < ApplicationController
- @user = User.find(params[:user_id])
- @albums = @user.albums.order{updated_at.desc}.page(params[:page]).per(12)
- else
- - @albums = Album.where{private != true}.order{updated_at.desc}.includes(:pictures).page(params[:page]).per(12)
- + @albums = Album.visible_for(current_user).order{updated_at.desc}.includes(:pictures).page(params[:page]).per(12)
- end
- respond_to do |format|
- format.html # index.html.erb
- @@ -22,7 +22,7 @@ class AlbumsController < ApplicationController
- @album = User.find(params[:user_id]).albums.find(params[:id], :include => :pictures)
- @pictures = @album.pictures.order{updated_at.desc}.page{params[:page]}.per(6)
- \#@album = User.find(params[:user_id]).albums.find(params[:id], :conditions => {:private => false} ,:include => :pictures) unless user_signed_in?
- - if @album.private? and @album.user != current_user
- + if @album.private? and @album.user != current_user and !(@album.whitelisteds.include? current_user)
- redirect_to root_path, alert: "You're not authorized to access this album" and return
- end
- end
- diff --git a/app/helpers/albums_helper.rb b/app/helpers/albums_helper.rb
- index d976b7c..369301c 100644
- --- a/app/helpers/albums_helper.rb
- +++ b/app/helpers/albums_helper.rb
- @@ -1,2 +1,5 @@
- module AlbumsHelper
- + def whitelistable_users_for_album album
- + User.all - [album.user]
- + end
- end
- diff --git a/app/models/album.rb b/app/models/album.rb
- index b215eec..8226d1d 100644
- --- a/app/models/album.rb
- +++ b/app/models/album.rb
- @@ -5,7 +5,7 @@ class Album < ActiveRecord::Base
- belongs_to :cover_picture, :class_name => 'Picture'
- has_many :pictures, :inverse_of => :album, :dependent => :destroy
- belongs_to :user, :inverse_of => :albums
- - has_many :whitelisteds, :class_name => "User"
- + has_and_belongs_to_many :whitelisteds, :class_name => "User"
- validates :title, :presence => true, :uniqueness => {:scope => :user_id}
- @@ -27,6 +27,14 @@ class Album < ActiveRecord::Base
- []
- end
- + def self.visible_for(user)
- + if user.nil?
- + where{private != true}
- + else
- + Album.where{(private != true) | (id >> Album.joins{whitelisteds}.where{albums_users.user_id == 2}.select{id})}
- + end
- + end
- +
- def cover
- return self.cover_picture.image.thumb.url if self.cover_picture
- 'default.png'
- diff --git a/app/models/user.rb b/app/models/user.rb
- index b57d274..f8f0912 100644
- --- a/app/models/user.rb
- +++ b/app/models/user.rb
- @@ -13,7 +13,7 @@ class User < ActiveRecord::Base
- has_many :albums, :dependent => :destroy
- has_many :pictures, :dependent => :destroy
- - belongs_to :album
- + has_and_belongs_to_many :visible_albums, :class_name => "Album"
- validates_presence_of :username, :email
- before_create :set_invitation_limit_and_cap
- diff --git a/app/views/albums/show.html.haml b/app/views/albums/show.html.haml
- index 54105bc..420d9f9 100644
- --- a/app/views/albums/show.html.haml
- +++ b/app/views/albums/show.html.haml
- @@ -1,32 +1,41 @@
- .left_content
- - %h1= link_to @album.title, user_album_path(@album.user, @album)
- - = render :partial => "partials/upload_pictures_to_album"
- - %p
- - %strong Short url
- - %input.short_url{:value => @album.short_url }
- + %h1= link_to @album.title, user_album_path(@album.user, @album)
- + = render :partial => "partials/upload_pictures_to_album"
- + %p
- + %strong Short url
- + %input.short_url{:value => @album.short_url }
- - - if can? :destroy, @album
- - = button_to "delete", user_album_path(@album.user, @album), :method => :delete, :confirm => "Are you sure?"
- + - if can? :destroy, @album
- + = button_to "delete", user_album_path(@album.user, @album), :method => :delete, :confirm => "Are you sure?"
- - - unless @pictures.empty?
- - %ol.pictures
- - - @pictures.each do |picture|
- - %li.picture
- - .album_image
- - = link_to image_tag(picture.image.thumb.url, :size => "200x150"), user_album_picture_path(picture.user, picture.album, picture), 'data-skip-pjax' => true
- - - if @album.user == current_user
- - = render :partial => "partials/picture_options", :locals => {:param => picture }
- - = paginate @pictures
- - - else
- - %h2 Ops, no pictures here yet...
- + - unless @pictures.empty?
- + %ol.pictures
- + - @pictures.each do |picture|
- + %li.picture
- + .album_image
- + = link_to image_tag(picture.image.thumb.url, :size => "200x150"), user_album_picture_path(picture.user, picture.album, picture), 'data-skip-pjax' => true
- + - if @album.user == current_user
- + = render :partial => "partials/picture_options", :locals => {:param => picture }
- + = paginate @pictures
- + - else
- + %h2 Ops, no pictures here yet...
- - %span
- - = link_to "Back to \#{@album.user}'s albums", user_albums_path(@album.user)
- + %span
- + = link_to "Back to \#{@album.user}'s albums", user_albums_path(@album.user)
- - .description
- - - if can? :update, @album
- - .editable= @album.description
- - - else
- - = @album.description
- - %p
- - = render "partials/comment", :resource => @album
- + .description
- + - if can? :update, @album
- + .editable= @album.description
- + - else
- + = @album.description
- + - if @album.user == current_user
- + = simple_form_for @album do |f|
- + = f.input :private
- + = f.submit "Update privacy settings"
- + - if @album.private
- + %p
- + = simple_form_for @album do |f|
- + = f.association :whitelisteds, :as => :select, :collection => whitelistable_users_for_album(@album), :label => "Whitelisted users", :hint => "Users you want to be able to see private album"
- + = f.submit "Update whitelist"
- + %p
- + = render "partials/comment", :resource => @album
- diff --git a/db/migrate/20110924181123_add_album_id_to_users.rb b/db/migrate/20110924181123_add_album_id_to_users.rb
- deleted file mode 100644
- index d0df2b9..0000000
- --- a/db/migrate/20110924181123_add_album_id_to_users.rb
- +++ /dev/null
- @@ -1,5 +0,0 @@
- -class AddAlbumIdToUsers < ActiveRecord::Migration
- - def change
- - add_column :users, :album_id, :integer
- - end
- -end
- diff --git a/db/migrate/20110924184734_create_albums_users_join_table.rb b/db/migrate/20110924184734_create_albums_users_join_table.rb
- new file mode 100644
- index 0000000..a7f340c
- --- /dev/null
- +++ b/db/migrate/20110924184734_create_albums_users_join_table.rb
- @@ -0,0 +1,8 @@
- +class CreateAlbumsUsersJoinTable < ActiveRecord::Migration
- + def change
- + create_table :albums_users, :id => false do |t|
- + t.integer :album_id
- + t.integer :user_id
- + end
- + end
- +end
- diff --git a/db/schema.rb b/db/schema.rb
- index eae6c3a..fcd0054 100644
- --- a/db/schema.rb
- +++ b/db/schema.rb
- @@ -11,7 +11,7 @@
- #
- # It's strongly recommended to check this file into your version control system.
- -ActiveRecord::Schema.define(:version => 20110924181123) do
- +ActiveRecord::Schema.define(:version => 20110924184734) do
- create_table "albums", :force => true do |t|
- t.string "title"
- @@ -25,6 +25,11 @@ ActiveRecord::Schema.define(:version => 20110924181123) do
- t.integer "cover_picture_id"
- end
- + create_table "albums_users", :id => false, :force => true do |t|
- + t.integer "album_id"
- + t.integer "user_id"
- + end
- +
- create_table "comments", :force => true do |t|
- t.integer "commentable_id", :default => 0
- t.string "commentable_type", :default => ""
- @@ -89,7 +94,6 @@ ActiveRecord::Schema.define(:version => 20110924181123) do
- t.string "gravatar"
- t.integer "total_storage"
- t.integer "current_storage"
- - t.integer "album_id"
- end
- add_index "users", ["authentication_token"], :name => "index_users_on_authentication_token", :unique => true
Add Comment
Please, Sign In to add comment