From 8f07e69eb29051e3aa001693af4ad822a8532276 Mon Sep 17 00:00:00 2001 From: profh Date: Wed, 20 May 2015 20:05:26 -0400 Subject: [PATCH 001/315] Removing unneeded file --- lib/helpers/team_scoring.rb~ | 5 ----- 1 file changed, 5 deletions(-) delete mode 100644 lib/helpers/team_scoring.rb~ diff --git a/lib/helpers/team_scoring.rb~ b/lib/helpers/team_scoring.rb~ deleted file mode 100644 index d339a5d..0000000 --- a/lib/helpers/team_scoring.rb~ +++ /dev/null @@ -1,5 +0,0 @@ -module QuizHelpers - module TeamScoring - - end #module TeamScoring -end #module QuizHelpers From 40a31abe1dcab87111489758632e61dfe7c07954 Mon Sep 17 00:00:00 2001 From: profh Date: Wed, 20 May 2015 20:37:26 -0400 Subject: [PATCH 002/315] Trying to undo the rolify install --- Gemfile | 2 - Gemfile.lock | 16 +- app/models/role.rb | 10 -- app/models/user.rb | 1 - app/null_objects/null_user.rb | 16 ++ config/initializers/rolify.rb | 7 - db/#schema.rb# | 137 ------------------ .../20150408001025_rolify_create_roles.rb | 19 --- db/schema.rb | 20 +-- 9 files changed, 23 insertions(+), 205 deletions(-) delete mode 100644 app/models/role.rb delete mode 100644 config/initializers/rolify.rb delete mode 100644 db/#schema.rb# delete mode 100644 db/migrate/20150408001025_rolify_create_roles.rb diff --git a/Gemfile b/Gemfile index c698eba..4ae8254 100644 --- a/Gemfile +++ b/Gemfile @@ -67,8 +67,6 @@ gem 'jquery-ui-rails' gem 'chronic' gem 'time_date_helpers', '0.0.2' -gem 'cancancan' -gem 'rolify' gem 'best_in_place', github: 'cmu-is-projects/best_in_place' # Additional gems that are very useful in Rails development diff --git a/Gemfile.lock b/Gemfile.lock index bb717af..d13b885 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -61,7 +61,6 @@ GEM debug_inspector (>= 0.0.1) builder (3.1.4) callsite (0.0.11) - cancancan (1.10.1) capistrano (2.13.5) highline net-scp (>= 1.0.0) @@ -110,7 +109,7 @@ GEM railties (>= 3.0.0) faker (1.4.3) i18n (~> 0.5) - foundation-rails (5.5.1.2) + foundation-rails (5.5.2.1) railties (>= 3.1.0) sass (>= 3.3.0, < 3.5) geocoder (1.2.8) @@ -125,7 +124,7 @@ GEM jquery-rails (3.1.2) railties (>= 3.0, < 5.0) thor (>= 0.14, < 2.0) - jquery-ui-rails (5.0.3) + jquery-ui-rails (5.0.5) railties (>= 3.2.16) json (1.8.2) launchy (2.4.3) @@ -154,10 +153,10 @@ GEM net-ssh (>= 2.6.5) nokogiri (1.6.6.2) mini_portile (~> 0.6.0) - pg (0.18.1) + pg (0.18.2) quiet_assets (1.1.0) railties (>= 3.1, < 5.0) - rack (1.5.2) + rack (1.5.3) rack-contrib (1.2.0) rack (>= 0.9.1) rack-test (0.6.3) @@ -178,7 +177,6 @@ GEM rake (10.4.2) rdoc (4.2.0) json (~> 1.4) - rolify (4.0.0) sass (3.4.13) sass-rails (5.0.3) railties (>= 4.0.0, < 5.0) @@ -205,9 +203,9 @@ GEM simplecov-html (0.8.0) single_test (0.6.0) rake - sprockets (3.0.3) + sprockets (3.1.0) rack (~> 1.0) - sprockets-rails (2.2.4) + sprockets-rails (2.3.1) actionpack (>= 3.0) activesupport (>= 3.0) sprockets (>= 2.8, < 4.0) @@ -246,7 +244,6 @@ DEPENDENCIES best_in_place! better_errors (= 2.0.0) binding_of_caller (= 0.7.2) - cancancan capistrano (= 2.13.5) capybara chronic @@ -270,7 +267,6 @@ DEPENDENCIES pg quiet_assets (= 1.1.0) rails (= 4.0.13) - rolify sass-rails (~> 5.0.0) sdoc shoulda (= 3.5.0) diff --git a/app/models/role.rb b/app/models/role.rb deleted file mode 100644 index f8583ab..0000000 --- a/app/models/role.rb +++ /dev/null @@ -1,10 +0,0 @@ -class Role < ActiveRecord::Base - has_and_belongs_to_many :users, :join_table => :users_roles - belongs_to :resource, :polymorphic => true - - validates :resource_type, - :inclusion => { :in => Rolify.resource_types }, - :allow_nil => true - - scopify -end diff --git a/app/models/user.rb b/app/models/user.rb index 128b41a..0341058 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -1,5 +1,4 @@ class User < ActiveRecord::Base - rolify # get modules to help with some functionality include QuizHelpers::Validations include Activeable diff --git a/app/null_objects/null_user.rb b/app/null_objects/null_user.rb index 50671a6..44b0359 100644 --- a/app/null_objects/null_user.rb +++ b/app/null_objects/null_user.rb @@ -22,4 +22,20 @@ def inactive def coach NullCoach.new end + + def humanize_role + "Guest" + end + + def is_admin? + false + end + + def is_area_admin? + false + end + + def is_coach? + false + end end diff --git a/config/initializers/rolify.rb b/config/initializers/rolify.rb deleted file mode 100644 index 25a2519..0000000 --- a/config/initializers/rolify.rb +++ /dev/null @@ -1,7 +0,0 @@ -Rolify.configure do |config| - # By default ORM adapter is ActiveRecord. uncomment to use mongoid - # config.use_mongoid - - # Dynamic shortcuts for User class (user.is_admin? like methods). Default is: false - # config.use_dynamic_shortcuts -end \ No newline at end of file diff --git a/db/#schema.rb# b/db/#schema.rb# deleted file mode 100644 index 4848422..0000000 --- a/db/#schema.rb# +++ /dev/null @@ -1,137 +0,0 @@ -# encoding: UTF-8 -# This file is auto-generated from the current state of the database. Instead -# of editing this file, please use the migrations feature of Active Record to -# incrementally modify your database, and then regenerate this schema definition. -# -# Note that this schema.rb definition is the authoritative source for your -# database schema. If you need to create the application database on another -# system, you should be using db:schema:load, not running all the migrations -# from scratch. The latter is a flawed and unsustainable approach (the more migrations -# you'll amass, the slower it'll run and the greater likelihood for issues). -# -# It's strongly recommended that you check this file into your version control system. - -ActiveRecord::Schema.define(version: 20150330222533) do - - create_table "categories", force: true do |t| - t.string "name" - end - - create_table "coaches", force: true do |t| - t.integer "user_id" - t.integer "organization_id" - t.string "first_name" - t.string "last_name" - t.string "phone" - t.string "email" - t.boolean "active", default: true - end - - create_table "divisions", force: true do |t| - t.string "name" - t.integer "start_grade" - t.integer "end_grade" - t.boolean "active", default: true - end - - create_table "events", force: true do |t| - t.date "start_date" - t.date "end_date" - t.time "start_time" - t.integer "num_rounds" - t.integer "organization_id" - end - - create_table "organization_students", force: true do |t| - t.integer "organization_id" - t.integer "student_id" - t.date "start_date" - t.date "end_date" - end - - create_table "organizations", force: true do |t| - t.string "name" - t.string "short_name" - t.string "street_1" - t.string "street_2" - t.string "city" - t.string "state" - t.string "zip" - t.decimal "latitude" - t.decimal "longitude" - t.boolean "active", default: true - t.integer "primary_contact" - end - - create_table "quiz_teams", force: true do |t| - t.integer "quiz_id" - t.integer "team_id" - t.integer "position" - t.integer "raw_score" - t.integer "points" - t.integer "failed_challenges", default: 0 - end - - create_table "quizzes", force: true do |t| - t.integer "division_id" - t.integer "event_id" - t.string "room_num" - t.integer "round_num" - t.boolean "active", default: true - t.integer "category_id" - end - - create_table "settings", force: true do |t| - t.date "roster_lock_date" - t.boolean "drop_lowest_score" - t.boolean "roster_lock_toggle" - t.boolean "auto_promote_students" - end - - create_table "student_quizzes", force: true do |t| - t.integer "student_id" - t.integer "quiz_id" - t.integer "num_correct" - t.integer "num_attempts" - t.integer "num_fouls" - t.integer "score" - end - - create_table "student_teams", force: true do |t| - t.integer "student_id" - t.integer "team_id" - t.boolean "is_captain", default: false - t.boolean "active", default: true - t.date "start_date" - t.date "end_date" - end - - create_table "students", force: true do |t| - t.string "first_name" - t.string "last_name" - t.integer "grade" - t.boolean "active", default: true - end - - create_table "team_coaches", force: true do |t| - t.integer "team_id" - t.integer "coach_id" - t.date "start_date" - t.date "end_date" - end - - create_table "teams", force: true do |t| - t.integer "division_id" - t.string "name" - t.boolean "active", default: true - t.integer "organization_id" - end - - create_table "users", force: true do |t| - t.string "user_name" - t.string "role" - t.string "password_digest" - t.boolean "active", default: true - end - -end diff --git a/db/migrate/20150408001025_rolify_create_roles.rb b/db/migrate/20150408001025_rolify_create_roles.rb deleted file mode 100644 index 999c94a..0000000 --- a/db/migrate/20150408001025_rolify_create_roles.rb +++ /dev/null @@ -1,19 +0,0 @@ -class RolifyCreateRoles < ActiveRecord::Migration - def change - create_table(:roles) do |t| - t.string :name - t.references :resource, :polymorphic => true - - t.timestamps - end - - create_table(:users_roles, :id => false) do |t| - t.references :user - t.references :role - end - - add_index(:roles, :name) - add_index(:roles, [ :name, :resource_type, :resource_id ]) - add_index(:users_roles, [ :user_id, :role_id ]) - end -end diff --git a/db/schema.rb b/db/schema.rb index fe04fe2..955959b 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -11,7 +11,7 @@ # # It's strongly recommended that you check this file into your version control system. -ActiveRecord::Schema.define(version: 20150408001025) do +ActiveRecord::Schema.define(version: 20150330222533) do create_table "categories", force: true do |t| t.string "name" @@ -81,17 +81,6 @@ t.integer "category_id" end - create_table "roles", force: true do |t| - t.string "name" - t.integer "resource_id" - t.string "resource_type" - t.datetime "created_at" - t.datetime "updated_at" - end - - add_index "roles", ["name", "resource_type", "resource_id"], name: "index_roles_on_name_and_resource_type_and_resource_id" - add_index "roles", ["name"], name: "index_roles_on_name" - create_table "settings", force: true do |t| t.date "roster_lock_date" t.boolean "drop_lowest_score" @@ -145,11 +134,4 @@ t.boolean "active", default: true end - create_table "users_roles", id: false, force: true do |t| - t.integer "user_id" - t.integer "role_id" - end - - add_index "users_roles", ["user_id", "role_id"], name: "index_users_roles_on_user_id_and_role_id" - end From 6e167d25a1ddda79f005299cde183ac3c6d20a15 Mon Sep 17 00:00:00 2001 From: profh Date: Wed, 20 May 2015 21:33:51 -0400 Subject: [PATCH 003/315] Removing cancan, ability.rb and working on exceptions --- app/controllers/application_controller.rb | 63 ++++++++++------------- app/models/ability.rb | 44 ---------------- lib/exceptions.rb | 2 +- 3 files changed, 28 insertions(+), 81 deletions(-) delete mode 100644 app/models/ability.rb diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 42093f7..fc1b403 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -7,47 +7,38 @@ class ApplicationController < ActionController::Base ### --------------------------- # TODO: handle missing pages... - # rescue_from ActiveRecord::RecordNotFound do |exception| - # render template: 'errors/not_found' - # end - - # rescue_from AbstractController::ActionNotFound do |exception| - # render template: 'errors/not_found' - # end + rescue_from ActiveRecord::RecordNotFound do |exception| + # render template: 'errors/not_found' + redirect_to home_path, error: "Record not found in the system." + end - # # Rescue from no database error - # rescue_from Exceptions::NoDatabaseExists do |exception| - # flash[:error] = "The district or area you are looking for is not currently available." - # redirect_to root_url(:host => request.domain) - # end + rescue_from AbstractController::ActionNotFound do |exception| + render template: 'errors/not_found' + end - # # Rescue from bad password reset token - # rescue_from Exceptions::NoPasswordResetToken do |exception| - # flash[:error] = "The password reset token is either invalid or has expired." - # redirect_to root_url(:host => request.domain) - # end + # Rescue from no database error + rescue_from Exceptions::NoDatabaseExists do |exception| + flash[:error] = "The district or area you are looking for is not currently available." + redirect_to root_url(:host => request.domain) + end - # # Rescue from timed out user - # rescue_from Exceptions::UserIsTimedOut do |exception| - # flash[:error] = "This user's account has been timed out. Please try again in a few hours." - # redirect_to root_url(:host => request.domain) - # end + # Rescue from bad password reset token + rescue_from Exceptions::NoPasswordResetToken do |exception| + flash[:error] = "The password reset token is either invalid or has expired." + redirect_to root_url(:host => request.domain) + end - # # Rescue from timed out user - # rescue_from Exceptions::AttemptedHammering do |exception| - # flash[:error] = "Too many login attempts. This user's account has been timed out. Please try again in an hour." - # redirect_to root_url(:host => request.domain) - # end + # Rescue from timed out user + rescue_from Exceptions::UserIsTimedOut do |exception| + flash[:error] = "This user's account has been timed out. Please try again in a few hours." + redirect_to root_url(:host => request.domain) + end - # Just show a flash message instead of full CanCan exception - # rescue_from CanCan::AccessDenied do |exception| - # flash[:error] = "You are not authorized to take this action. Go away or I shall taunt you a second time." - # redirect_to home_path - # end - - # rescue_from ActiveRecord::RecordNotFound do |exception| - # redirect_to home_path, error: "Record not found in the system." - # end + # Rescue from attempted hammering + rescue_from Exceptions::AttemptedHammering do |exception| + flash[:error] = "Too many login attempts. This user's account has been timed out. Please try again in an hour." + redirect_to root_url(:host => request.domain) + end #used for adding a quiz to an event (quiz needs and event_id to save) def set_session_event diff --git a/app/models/ability.rb b/app/models/ability.rb deleted file mode 100644 index 7b54c87..0000000 --- a/app/models/ability.rb +++ /dev/null @@ -1,44 +0,0 @@ -class Ability - include CanCan::Ability - - def initialize(user) - # Define abilities for the passed in user here. For example: - # - # user ||= User.new # guest user (not logged in) - # if user.admin? - # can :manage, :all - # else - # can :read, :all - # end - # - # The first argument to `can` is the action you are giving the user - # permission to do. - # If you pass :manage it will apply to every action. Other common actions - # here are :read, :create, :update and :destroy. - # - # The second argument is the resource the user can perform the action on. - # If you pass :all it will apply to every resource. Otherwise pass a Ruby - # class of the resource. - # - # The third argument is an optional hash of conditions to further filter the - # objects. - # For example, here the user can only update published articles. - # - # can :update, Article, :published => true - # - # See the wiki for details: - # https://github.com/CanCanCommunity/cancancan/wiki/Defining-Abilities - user ||= User.new #empty user for guest - - if user.role? :admin - can :manage, :all - elsif user.role? :coach - can :read, :all - can :manage, user.coach.organization.teams - can :manage, user.coach.organization.students - can :manage, user.coach.organization - else - can :read, :all - end - end -end diff --git a/lib/exceptions.rb b/lib/exceptions.rb index 98f8554..5cac469 100644 --- a/lib/exceptions.rb +++ b/lib/exceptions.rb @@ -1,5 +1,5 @@ module Exceptions - # a general cmuis error + # a general quizzing error class Error < StandardError; end # a custom exception when no database for subdomain From 9ad526d3a25ddf7f662e2adade239f9f799fe4bd Mon Sep 17 00:00:00 2001 From: profh Date: Thu, 21 May 2015 15:43:45 -0400 Subject: [PATCH 004/315] Adding in code to handle multi-tenancy --- app/controllers/application_controller.rb | 56 ++++++++------------- app/controllers/coaches_controller.rb | 1 + app/controllers/organizations_controller.rb | 2 + app/controllers/sessions_controller.rb | 38 ++++++++------ app/controllers/users_controller.rb | 2 +- app/models/user.rb | 21 +++++--- app/null_objects/null_user.rb | 6 ++- app/views/layouts/application.html.erb | 2 +- app/views/sessions/new.html.erb | 4 +- app/views/students/index.html.erb | 2 +- app/views/users/_form.html.erb | 2 +- app/views/users/_show_details.html.erb | 2 +- app/views/users/_users.html.erb | 2 +- app/views/users/index.json.jbuilder | 2 +- app/views/users/show.json.jbuilder | 2 +- db/migrate/20150216225013_create_users.rb | 2 +- db/schema.rb | 2 +- lib/auth_security.rb | 20 ++++++++ lib/database_switcher.rb | 27 ++++++++++ lib/exception_manager.rb | 23 +++++++++ lib/exceptions.rb | 2 +- lib/session_manager.rb | 53 +++++++++++++++++++ test/controllers/users_controller_test.rb | 4 +- test/factories.rb | 2 +- test/models/user_test.rb | 34 ++++++------- test/null_objects/null_user_test.rb | 4 +- test/sets/user_contexts.rb | 12 ++--- 27 files changed, 229 insertions(+), 100 deletions(-) create mode 100644 lib/auth_security.rb create mode 100644 lib/database_switcher.rb create mode 100644 lib/exception_manager.rb create mode 100644 lib/session_manager.rb diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index fc1b403..a65a09b 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -1,11 +1,11 @@ class ApplicationController < ActionController::Base + include ExceptionManager + include DatabaseSwitcher + # Prevent CSRF attacks by raising an exception. # For APIs, you may want to use :null_session instead. protect_from_forgery with: :exception - ### Handling various exceptions - ### --------------------------- - # TODO: handle missing pages... rescue_from ActiveRecord::RecordNotFound do |exception| # render template: 'errors/not_found' @@ -16,37 +16,11 @@ class ApplicationController < ActionController::Base render template: 'errors/not_found' end - # Rescue from no database error - rescue_from Exceptions::NoDatabaseExists do |exception| - flash[:error] = "The district or area you are looking for is not currently available." - redirect_to root_url(:host => request.domain) - end - - # Rescue from bad password reset token - rescue_from Exceptions::NoPasswordResetToken do |exception| - flash[:error] = "The password reset token is either invalid or has expired." - redirect_to root_url(:host => request.domain) - end - - # Rescue from timed out user - rescue_from Exceptions::UserIsTimedOut do |exception| - flash[:error] = "This user's account has been timed out. Please try again in a few hours." - redirect_to root_url(:host => request.domain) - end - - # Rescue from attempted hammering - rescue_from Exceptions::AttemptedHammering do |exception| - flash[:error] = "Too many login attempts. This user's account has been timed out. Please try again in an hour." - redirect_to root_url(:host => request.domain) - end - - #used for adding a quiz to an event (quiz needs and event_id to save) - def set_session_event - #Documentation: Assumed to be the quiz for today's date or the next one - e = Event.where("start_date >= ?", Date.today).order(:start_date).first - session[:event_id] = e.id - end - + # Rescue from custom exceptions + rescue_from Exceptions::NoDatabaseExists, with: :no_database_exists + rescue_from Exceptions::NoPasswordResetToken, with: :no_reset_token + rescue_from Exceptions::UserIsTimedOut, with: :user_timed_out + rescue_from Exceptions::AttemptedHammering, with: :stop_hammering private # Handling authentication @@ -65,7 +39,19 @@ def logged_in? helper_method :logged_in? def check_login - redirect_to login_url, alert: "You need to log in to view this page." if current_user.nil? + redirect_to login_path, alert: "You need to log in as a coach or adminstrator to view this page." if current_user.nil? || current_user.is_guest? + end + + def verify_user_is_admin + redirect_to home_path, alert: "You need to be a system administrator to access this page." unless current_user.is_admin? + end + + def verify_user_is_area_admin + redirect_to home_path, alert: "You need to be an area administrator to access this page." unless current_user.is_area_admin? || current_user.is_admin? + end + + def verify_user_is_coach + redirect_to home_path, alert: "You need to be a coach to access this page." unless current_user.is_coach? end end diff --git a/app/controllers/coaches_controller.rb b/app/controllers/coaches_controller.rb index 61813ca..24c27eb 100644 --- a/app/controllers/coaches_controller.rb +++ b/app/controllers/coaches_controller.rb @@ -1,5 +1,6 @@ class CoachesController < ApplicationController before_action :set_coach, only: [:show, :edit, :update, :destroy] + before_action :verify_user_is_area_admin, :only => [:new, :create, :edit, :update, :destroy] # GET /coaches # GET /coaches.json diff --git a/app/controllers/organizations_controller.rb b/app/controllers/organizations_controller.rb index d397c79..24f7b46 100644 --- a/app/controllers/organizations_controller.rb +++ b/app/controllers/organizations_controller.rb @@ -1,5 +1,7 @@ class OrganizationsController < ApplicationController before_action :set_organization, only: [:show, :edit, :update, :destroy] + before_action :verify_user_is_area_admin, :only => [:new, :create, :edit, :update, :destroy] + # GET /organizations # GET /organizations.json diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb index 5f2265f..f9630fd 100644 --- a/app/controllers/sessions_controller.rb +++ b/app/controllers/sessions_controller.rb @@ -1,24 +1,32 @@ class SessionsController < ApplicationController + include AuthSecurity + include SessionManager + def new end def create - user = User.find_by_user_name(params[:user_name]) - if user && user.authenticate(params[:password]) - session[:user_id] = user.id - set_session_event #inherited from application_controller - #TODO1: - #event_id - #TODO: - # switch churches methods (changes session variable to that church id) - @u_coach = Coach.where(user_id: user.id).first - if @u_coach.nil? - session[:organization_id] = -1 + # count the number of authentication attempts + adjust_auth_attempts_count + + # find the user by username + user = User.find_by_username(params[:username]) + + if user + # assuming the username matches a user in the system... + verify_user_not_timed_out(user) + verify_account_not_being_hammered(user, session[:auth_attempts]) + + # make sure the user has the right password + if user.authenticate(params[:password]) + set_session_vars(user) + # connect_to_db(session[:subdomain]) + current_user + send_to_landing_page(session[:subdomain]) else - session[:organization_id] = @u_coach.organization_id + flash.now.alert = "Username or password is invalid" + render "new" end - session[:user_name] = user.user_name - redirect_to home_path, notice: "Logged in!" else flash.now.alert = "Username or password is invalid" render "new" @@ -26,7 +34,7 @@ def create end def destroy - session[:user_id] = nil + clear_session_data redirect_to home_path, notice: "Logged out!" end end diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb index ec57cd4..6edf55c 100644 --- a/app/controllers/users_controller.rb +++ b/app/controllers/users_controller.rb @@ -97,7 +97,7 @@ def set_user # Never trust parameters from the scary internet, only allow the white list through. def user_params - params.require(:user).permit(:user_name, + params.require(:user).permit(:username, :role, :password, :password_confirmation, diff --git a/app/models/user.rb b/app/models/user.rb index 0341058..12da2a8 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -12,8 +12,8 @@ class User < ActiveRecord::Base has_one :coach #Validations - validates_presence_of :user_name, :role - validates :user_name, uniqueness: { case_sensitive: false} + validates_presence_of :username, :role + validates :username, uniqueness: { case_sensitive: false} validates_presence_of :password, on: :create validates_presence_of :password_confirmation, on: :create validates_confirmation_of :password, on: :create, message: "does not match" @@ -21,19 +21,19 @@ class User < ActiveRecord::Base validate :role_is_valid #Scopes - scope :alphabetical, -> {order("user_name")} + scope :alphabetical, -> {order("username")} #Callbacks before_destroy :is_never_destroyable - before_save :downcase_user_name + before_save :downcase_username #Methods - def downcase_user_name - self.user_name = self.user_name.downcase + def downcase_username + self.username = self.username.downcase end - def self.authenticate(user_name,password) - find_by_user_name(user_name.downcase).try(:authenticate, password) + def self.authenticate(username,password) + find_by_username(username.downcase).try(:authenticate, password) end def role?(authorized_role) @@ -67,6 +67,11 @@ def is_coach? false end + def is_guest? + return true if self.role == 'guest' + false + end + private def role_is_valid if(!ROLES.include?(self.role)) diff --git a/app/null_objects/null_user.rb b/app/null_objects/null_user.rb index 44b0359..c1f7915 100644 --- a/app/null_objects/null_user.rb +++ b/app/null_objects/null_user.rb @@ -1,5 +1,5 @@ class NullUser - def user_name + def username "N/A" end @@ -38,4 +38,8 @@ def is_area_admin? def is_coach? false end + + def is_guest? + true + end end diff --git a/app/views/layouts/application.html.erb b/app/views/layouts/application.html.erb index bd95912..a77c774 100644 --- a/app/views/layouts/application.html.erb +++ b/app/views/layouts/application.html.erb @@ -18,7 +18,7 @@ <% else %>
- <%= link_to "Logout "+current_user.user_name, logout_url %> + <%= link_to "Logout "+current_user.username, logout_url %>
<% end %> - \ No newline at end of file + \ No newline at end of file diff --git a/app/views/partials/_side_nav.html.erb b/app/views/partials/_side_nav.html.erb index 727a0fa..6f8a825 100644 --- a/app/views/partials/_side_nav.html.erb +++ b/app/views/partials/_side_nav.html.erb @@ -1,4 +1,5 @@ -
+
+
    <% if (logged_in?) && ((current_user.role? :coach) || (current_user.role? :admin)) %> @@ -30,4 +31,3 @@ <% end %> <% end %>
-
\ No newline at end of file diff --git a/app/views/partials/_top_nav.html.erb b/app/views/partials/_top_nav.html.erb index f3c2b23..b42b759 100644 --- a/app/views/partials/_top_nav.html.erb +++ b/app/views/partials/_top_nav.html.erb @@ -1,6 +1,7 @@ +
+
+
+
+
+ + +
+
+
+
+ + +
-
-
-
- - -
-
-
- From 5f7447b931fdb3e15cb49db4a3d338dd01d0e0f0 Mon Sep 17 00:00:00 2001 From: Sanika Natu Date: Thu, 28 May 2015 11:40:31 -0400 Subject: [PATCH 038/315] Changed application layout --- app/views/layouts/application.html.erb | 2 -- 1 file changed, 2 deletions(-) diff --git a/app/views/layouts/application.html.erb b/app/views/layouts/application.html.erb index 19ae5da..0bd508a 100644 --- a/app/views/layouts/application.html.erb +++ b/app/views/layouts/application.html.erb @@ -27,8 +27,6 @@ 8-columns-wide on medium screens, 12-columns-wide on small screens --> <%= yield %> - <%= javascript_include_tag "application" %> - From faa119cb15edccff667981cb69fb0785a8fb5506 Mon Sep 17 00:00:00 2001 From: Clara Shim Date: Thu, 28 May 2015 11:40:42 -0400 Subject: [PATCH 039/315] team changes --- app/views/layouts/application.html.erb | 1 - 1 file changed, 1 deletion(-) diff --git a/app/views/layouts/application.html.erb b/app/views/layouts/application.html.erb index feb0078..ce518ba 100644 --- a/app/views/layouts/application.html.erb +++ b/app/views/layouts/application.html.erb @@ -30,7 +30,6 @@ 8-columns-wide on medium screens, 12-columns-wide on small screens --> <%= yield %> - <%= javascript_include_tag "application" %> From 6d1d0307a37dfdebf30ff7c2ef88e7e5248b2c28 Mon Sep 17 00:00:00 2001 From: Nick Gasbarro Date: Thu, 28 May 2015 12:02:30 -0400 Subject: [PATCH 040/315] All tests pass, relationships created for standings models --- app/models/indiv_standing.rb | 5 +++++ app/models/student.rb | 2 ++ app/models/team.rb | 3 +++ app/models/team_standing.rb | 6 +++++- app/null_objects/null_indiv_standing.rb | 6 +++--- app/null_objects/null_team_standing.rb | 10 +++++----- test/models/indiv_standing_test.rb | 5 +++++ test/models/team_standing_test.rb | 4 ++++ 8 files changed, 32 insertions(+), 9 deletions(-) diff --git a/app/models/indiv_standing.rb b/app/models/indiv_standing.rb index b0f52fd..3f5178c 100644 --- a/app/models/indiv_standing.rb +++ b/app/models/indiv_standing.rb @@ -1,4 +1,9 @@ class IndivStanding < ActiveRecord::Base + + # Relationships + belongs_to :student + belongs_to :team + belongs_to :division # Validations validates_presence_of :position, :student_id, :team_id, :division_id, :total_points, :lowest_score, :adjusted_points, :accuracy diff --git a/app/models/student.rb b/app/models/student.rb index 6ec5b61..3dacffc 100644 --- a/app/models/student.rb +++ b/app/models/student.rb @@ -13,6 +13,8 @@ class Student < ActiveRecord::Base has_many :organization_students has_many :organizations, through: :organization_students + has_one :indiv_standing + # Validations validates_presence_of :first_name, :last_name, :grade validates_numericality_of :grade, only_integer: true, greater_than: 1, less_than: 13 diff --git a/app/models/team.rb b/app/models/team.rb index 247f3f5..f0fcb40 100644 --- a/app/models/team.rb +++ b/app/models/team.rb @@ -13,6 +13,9 @@ class Team < ActiveRecord::Base has_many :team_coaches has_many :coaches, through: :team_coaches + has_one :team_standing + has_many :indiv_standings + accepts_nested_attributes_for :coaches accepts_nested_attributes_for :student_teams, reject_if: proc {|attr| attr['student_id'].blank?} diff --git a/app/models/team_standing.rb b/app/models/team_standing.rb index e8302fc..2b33bfa 100644 --- a/app/models/team_standing.rb +++ b/app/models/team_standing.rb @@ -1,5 +1,9 @@ class TeamStanding < ActiveRecord::Base + # Relationships + belongs_to :team + belongs_to :division + # Validations validates_presence_of :position, :team_id, :division_id, :total_points, :accuracy @@ -23,5 +27,5 @@ def self.for_team(team) return ts end end - + end \ No newline at end of file diff --git a/app/null_objects/null_indiv_standing.rb b/app/null_objects/null_indiv_standing.rb index fe5ae8d..4bf1151 100644 --- a/app/null_objects/null_indiv_standing.rb +++ b/app/null_objects/null_indiv_standing.rb @@ -4,15 +4,15 @@ def position end def student_id - 1 + null_student.new.id end def team_id - 1 + null_team.new.id end def division_id - 1 + null_division.new.id end def total_points diff --git a/app/null_objects/null_team_standing.rb b/app/null_objects/null_team_standing.rb index 3b72e4a..3711564 100644 --- a/app/null_objects/null_team_standing.rb +++ b/app/null_objects/null_team_standing.rb @@ -3,16 +3,16 @@ def position 1 end - def team_id - 1 + def team + NullTeam.new end - def division_id - 1 + def division + NullDivision.new end def total_points - 1234 + 0 end def accuracy diff --git a/test/models/indiv_standing_test.rb b/test/models/indiv_standing_test.rb index edb9639..778be08 100644 --- a/test/models/indiv_standing_test.rb +++ b/test/models/indiv_standing_test.rb @@ -1,6 +1,11 @@ require 'test_helper' class IndivStandingTest < ActiveSupport::TestCase + + should belong_to :student + should belong_to :team + should belong_to :division + should validate_presence_of(:position) should validate_presence_of(:student_id) should validate_presence_of(:team_id) diff --git a/test/models/team_standing_test.rb b/test/models/team_standing_test.rb index 8d08929..131e43e 100644 --- a/test/models/team_standing_test.rb +++ b/test/models/team_standing_test.rb @@ -1,6 +1,10 @@ require 'test_helper' class TeamStandingTest < ActiveSupport::TestCase + + should belong_to :team + should belong_to :division + should validate_presence_of(:position) should validate_presence_of(:team_id) should validate_presence_of(:division_id) From d535e202b9c404ba06f302fa57fca7460277fdde Mon Sep 17 00:00:00 2001 From: Audrey Alpizar Date: Thu, 28 May 2015 12:35:04 -0400 Subject: [PATCH 041/315] fixed structure one syntax error --- app/assets/stylesheets/style.scss | 10 ++++++-- app/views/events/show.html.erb | 26 +++++--------------- app/views/layouts/application.html.erb | 8 +++---- app/views/partials/_structure_1.html.erb | 30 ++++++++++++------------ 4 files changed, 33 insertions(+), 41 deletions(-) diff --git a/app/assets/stylesheets/style.scss b/app/assets/stylesheets/style.scss index e12fd1a..9bb4e72 100644 --- a/app/assets/stylesheets/style.scss +++ b/app/assets/stylesheets/style.scss @@ -30,12 +30,13 @@ div#search-bar { margin-left: auto; - margin-right: auto; + margin-right: auto; + display: none; } header, main, footer { - padding-left: 200px; + padding-left: 100px; } @media only screen and (max-width : 992px) { @@ -43,3 +44,8 @@ header, main, footer { padding-left: 0; } } + +div.color { + background-color: purple; + width: 100px; +} diff --git a/app/views/events/show.html.erb b/app/views/events/show.html.erb index 37e8f76..8848670 100644 --- a/app/views/events/show.html.erb +++ b/app/views/events/show.html.erb @@ -1,21 +1,7 @@ - - - - - -<%= render partial: "partials/structure_event_show", locals: {model_name: "event", - primary: "event_details", - secondary: nil, - sidebar: nil, - options: "partials/object_options", object: @event} %> \ No newline at end of file diff --git a/app/views/layouts/application.html.erb b/app/views/layouts/application.html.erb index e93c082..5f04fd2 100644 --- a/app/views/layouts/application.html.erb +++ b/app/views/layouts/application.html.erb @@ -19,8 +19,8 @@ <%= render :partial => "partials/side_nav" %> - -
+
+ <%= yield %> -
- + +