The following changes since commit 15ebae65be71236447bb46a6f86af3367f5ead86:

1. The following changes since commit 15ebae65be71236447bb46a6f86af3367f5ead86:
2.  
3. adding whitelisteds to album (2011-09-24 20:16:17 +0200)
4.  
5. are available in the git repository at:
6. git@codeplane.com:elland/pixplx.git whitelist
7.  
8. Igor Ranieri Elland (4):
9. privacy settings
10. HABTM
11. scoping whitelisted
12. helper for available users
13.  
14. app/controllers/albums_controller.rb | 4 +-
15. app/helpers/albums_helper.rb | 3 +
16. app/models/album.rb | 10 +++-
17. app/models/user.rb | 2 +-
18. app/views/albums/show.html.haml | 63 +++++++++++--------
19. db/migrate/20110924181123_add_album_id_to_users.rb | 5 --
20. ...0110924184734_create_albums_users_join_table.rb | 8 +++
21. db/schema.rb | 8 ++-
22. 8 files changed, 65 insertions(+), 38 deletions(-)
23. delete mode 100644 db/migrate/20110924181123_add_album_id_to_users.rb
24. create mode 100644 db/migrate/20110924184734_create_albums_users_join_table.rb
25.  
26. diff --git a/app/controllers/albums_controller.rb b/app/controllers/albums_controller.rb
27. index 7ca72ea..f6d6c10 100644
28. --- a/app/controllers/albums_controller.rb
29. +++ b/app/controllers/albums_controller.rb
30. @@ -7,7 +7,7 @@ class AlbumsController < ApplicationController
31. @user = User.find(params[:user_id])
32. @albums = @user.albums.order{updated_at.desc}.page(params[:page]).per(12)
33. else
34. - @albums = Album.where{private != true}.order{updated_at.desc}.includes(:pictures).page(params[:page]).per(12)
35. + @albums = Album.visible_for(current_user).order{updated_at.desc}.includes(:pictures).page(params[:page]).per(12)
36. end
37. respond_to do |format|
38. format.html # index.html.erb
39. @@ -22,7 +22,7 @@ class AlbumsController < ApplicationController
40. @album = User.find(params[:user_id]).albums.find(params[:id], :include => :pictures)
41. @pictures = @album.pictures.order{updated_at.desc}.page{params[:page]}.per(6)
42. \#@album = User.find(params[:user_id]).albums.find(params[:id], :conditions => {:private => false} ,:include => :pictures) unless user_signed_in?
43. - if @album.private? and @album.user != current_user
44. + if @album.private? and @album.user != current_user and !(@album.whitelisteds.include? current_user)
45. redirect_to root_path, alert: "You're not authorized to access this album" and return
46. end
47. end
48. diff --git a/app/helpers/albums_helper.rb b/app/helpers/albums_helper.rb
49. index d976b7c..369301c 100644
50. --- a/app/helpers/albums_helper.rb
51. +++ b/app/helpers/albums_helper.rb
52. @@ -1,2 +1,5 @@
53. module AlbumsHelper
54. + def whitelistable_users_for_album album
55. + User.all - [album.user]
56. + end
57. end
58. diff --git a/app/models/album.rb b/app/models/album.rb
59. index b215eec..8226d1d 100644
60. --- a/app/models/album.rb
61. +++ b/app/models/album.rb
62. @@ -5,7 +5,7 @@ class Album < ActiveRecord::Base
63. belongs_to :cover_picture, :class_name => 'Picture'
64. has_many :pictures, :inverse_of => :album, :dependent => :destroy
65. belongs_to :user, :inverse_of => :albums
66. - has_many :whitelisteds, :class_name => "User"
67. + has_and_belongs_to_many :whitelisteds, :class_name => "User"
68.  
69. validates :title, :presence => true, :uniqueness => {:scope => :user_id}
70.  
71. @@ -27,6 +27,14 @@ class Album < ActiveRecord::Base
72. []
73. end
74.  
75. + def self.visible_for(user)
76. + if user.nil?
77. + where{private != true}
78. + else
79. + Album.where{(private != true) | (id >> Album.joins{whitelisteds}.where{albums_users.user_id == 2}.select{id})}
80. + end
81. + end
82. +
83. def cover
84. return self.cover_picture.image.thumb.url if self.cover_picture
85. 'default.png'
86. diff --git a/app/models/user.rb b/app/models/user.rb
87. index b57d274..f8f0912 100644
88. --- a/app/models/user.rb
89. +++ b/app/models/user.rb
90. @@ -13,7 +13,7 @@ class User < ActiveRecord::Base
91.  
92. has_many :albums, :dependent => :destroy
93. has_many :pictures, :dependent => :destroy
94. - belongs_to :album
95. + has_and_belongs_to_many :visible_albums, :class_name => "Album"
96.  
97. validates_presence_of :username, :email
98. before_create :set_invitation_limit_and_cap
99. diff --git a/app/views/albums/show.html.haml b/app/views/albums/show.html.haml
100. index 54105bc..420d9f9 100644
101. --- a/app/views/albums/show.html.haml
102. +++ b/app/views/albums/show.html.haml
103. @@ -1,32 +1,41 @@
104. .left_content
105. - %h1= link_to @album.title, user_album_path(@album.user, @album)
106. - = render :partial => "partials/upload_pictures_to_album"
107. - %p
108. - %strong Short url
109. - %input.short_url{:value => @album.short_url }
110. + %h1= link_to @album.title, user_album_path(@album.user, @album)
111. + = render :partial => "partials/upload_pictures_to_album"
112. + %p
113. + %strong Short url
114. + %input.short_url{:value => @album.short_url }
115.  
116. - - if can? :destroy, @album
117. - = button_to "delete", user_album_path(@album.user, @album), :method => :delete, :confirm => "Are you sure?"
118. + - if can? :destroy, @album
119. + = button_to "delete", user_album_path(@album.user, @album), :method => :delete, :confirm => "Are you sure?"
120.  
121. - - unless @pictures.empty?
122. - %ol.pictures
123. - - @pictures.each do |picture|
124. - %li.picture
125. - .album_image
126. - = link_to image_tag(picture.image.thumb.url, :size => "200x150"), user_album_picture_path(picture.user, picture.album, picture), 'data-skip-pjax' => true
127. - - if @album.user == current_user
128. - = render :partial => "partials/picture_options", :locals => {:param => picture }
129. - = paginate @pictures
130. - - else
131. - %h2 Ops, no pictures here yet...
132. + - unless @pictures.empty?
133. + %ol.pictures
134. + - @pictures.each do |picture|
135. + %li.picture
136. + .album_image
137. + = link_to image_tag(picture.image.thumb.url, :size => "200x150"), user_album_picture_path(picture.user, picture.album, picture), 'data-skip-pjax' => true
138. + - if @album.user == current_user
139. + = render :partial => "partials/picture_options", :locals => {:param => picture }
140. + = paginate @pictures
141. + - else
142. + %h2 Ops, no pictures here yet...
143.  
144. - %span
145. - = link_to "Back to \#{@album.user}'s albums", user_albums_path(@album.user)
146. + %span
147. + = link_to "Back to \#{@album.user}'s albums", user_albums_path(@album.user)
148.  
149. - .description
150. - - if can? :update, @album
151. - .editable= @album.description
152. - - else
153. - = @album.description
154. - %p
155. - = render "partials/comment", :resource => @album
156. + .description
157. + - if can? :update, @album
158. + .editable= @album.description
159. + - else
160. + = @album.description
161. + - if @album.user == current_user
162. + = simple_form_for @album do |f|
163. + = f.input :private
164. + = f.submit "Update privacy settings"
165. + - if @album.private
166. + %p
167. + = simple_form_for @album do |f|
168. + = f.association :whitelisteds, :as => :select, :collection => whitelistable_users_for_album(@album), :label => "Whitelisted users", :hint => "Users you want to be able to see private album"
169. + = f.submit "Update whitelist"
170. + %p
171. + = render "partials/comment", :resource => @album
172. diff --git a/db/migrate/20110924181123_add_album_id_to_users.rb b/db/migrate/20110924181123_add_album_id_to_users.rb
173. deleted file mode 100644
174. index d0df2b9..0000000
175. --- a/db/migrate/20110924181123_add_album_id_to_users.rb
176. +++ /dev/null
177. @@ -1,5 +0,0 @@
178. -class AddAlbumIdToUsers < ActiveRecord::Migration
179. - def change
180. - add_column :users, :album_id, :integer
181. - end
182. -end
183. diff --git a/db/migrate/20110924184734_create_albums_users_join_table.rb b/db/migrate/20110924184734_create_albums_users_join_table.rb
184. new file mode 100644
185. index 0000000..a7f340c
186. --- /dev/null
187. +++ b/db/migrate/20110924184734_create_albums_users_join_table.rb
188. @@ -0,0 +1,8 @@
189. +class CreateAlbumsUsersJoinTable < ActiveRecord::Migration
190. + def change
191. + create_table :albums_users, :id => false do |t|
192. + t.integer :album_id
193. + t.integer :user_id
194. + end
195. + end
196. +end
197. diff --git a/db/schema.rb b/db/schema.rb
198. index eae6c3a..fcd0054 100644
199. --- a/db/schema.rb
200. +++ b/db/schema.rb
201. @@ -11,7 +11,7 @@
202. #
203. # It's strongly recommended to check this file into your version control system.
204.  
205. -ActiveRecord::Schema.define(:version => 20110924181123) do
206. +ActiveRecord::Schema.define(:version => 20110924184734) do
207.  
208. create_table "albums", :force => true do |t|
209. t.string "title"
210. @@ -25,6 +25,11 @@ ActiveRecord::Schema.define(:version => 20110924181123) do
211. t.integer "cover_picture_id"
212. end
213.  
214. + create_table "albums_users", :id => false, :force => true do |t|
215. + t.integer "album_id"
216. + t.integer "user_id"
217. + end
218. +
219. create_table "comments", :force => true do |t|
220. t.integer "commentable_id", :default => 0
221. t.string "commentable_type", :default => ""
222. @@ -89,7 +94,6 @@ ActiveRecord::Schema.define(:version => 20110924181123) do
223. t.string "gravatar"
224. t.integer "total_storage"
225. t.integer "current_storage"
226. - t.integer "album_id"
227. end
228.  
229. add_index "users", ["authentication_token"], :name => "index_users_on_authentication_token", :unique => true