Lindsey - Pipes - media ranker

.gitignore

@@ -15,3 +15,4 @@
 
 # Ignore Byebug command history file.
 .byebug_history
+.env

Gemfile

@@ -21,7 +21,7 @@ gem 'uglifier', '>= 1.3.0'
 gem 'coffee-rails', '~> 4.2'
 # See https://github.com/rails/execjs#readme for more supported runtimes
 # gem 'therubyracer', platforms: :ruby
-
+gem 'simplecov'
 # Use jquery as the JavaScript library
 gem 'jquery-rails'
 # Turbolinks makes navigating your web application faster. Read more: https://github.com/turbolinks/turbolinks
@@ -32,7 +32,8 @@ gem 'jbuilder', '~> 2.5'
 # gem 'redis', '~> 3.0'
 # Use ActiveModel has_secure_password
 # gem 'bcrypt', '~> 3.1.7'
-
+gem 'omniauth'
+gem 'omniauth-github'
 # Use Capistrano for deployment
 # gem 'capistrano-rails', group: :development
 
@@ -61,6 +62,8 @@ group :development do
   # Access an IRB console on exception pages or by using <%= console %> anywhere in the code.
   gem 'web-console', '>= 3.3.0'
   gem 'listen', '~> 3.0.5'
+  gem 'dotenv-rails'
+  gem 'binding_of_caller'
   # Spring speeds up development by keeping your application running in the background. Read more: https://github.com/rails/spring
   gem 'spring'
   gem 'spring-watcher-listen', '~> 2.0.0'

Gemfile.lock

@@ -49,6 +49,8 @@ GEM
       erubis (>= 2.6.6)
       rack (>= 0.9.0)
     bindex (0.5.0)
+    binding_of_caller (0.7.3)
+      debug_inspector (>= 0.0.1)
     builder (3.2.3)
     byebug (9.0.6)
     coderay (1.1.1)
@@ -60,15 +62,24 @@ GEM
       execjs
     coffee-script-source (1.12.2)
     concurrent-ruby (1.0.5)
+    debug_inspector (0.0.3)
+    docile (1.1.5)
+    dotenv (2.2.1)
+    dotenv-rails (2.2.1)
+      dotenv (= 2.2.1)
+      railties (>= 3.2, < 5.2)
     erubis (2.7.0)
     execjs (2.7.0)
+    faraday (0.12.2)
+      multipart-post (>= 1.2, < 3)
     ffi (1.9.18)
     foundation-rails (6.3.0.0)
       railties (>= 3.1.0)
       sass (>= 3.3.0, < 3.5)
       sprockets-es6 (>= 0.9.0)
     globalid (0.3.7)
       activesupport (>= 4.1.0)
+    hashie (3.5.6)
     i18n (0.8.1)
     jbuilder (2.6.3)
       activesupport (>= 3.0.0, < 5.2)
@@ -77,6 +88,8 @@ GEM
       rails-dom-testing (>= 1, < 3)
       railties (>= 4.2.0)
       thor (>= 0.14, < 2.0)
+    json (2.0.2)
+    jwt (1.5.6)
     listen (3.0.8)
       rb-fsevent (~> 0.9, >= 0.9.4)
       rb-inotify (~> 0.9, >= 0.9.7)
@@ -104,9 +117,26 @@ GEM
       minitest (~> 5.0)
       rails (>= 4.1)
     multi_json (1.12.1)
+    multi_xml (0.6.0)
+    multipart-post (2.0.0)
     nio4r (2.0.0)
     nokogiri (1.7.1)
       mini_portile2 (~> 2.1.0)
+    oauth2 (1.4.0)
+      faraday (>= 0.8, < 0.13)
+      jwt (~> 1.0)
+      multi_json (~> 1.3)
+      multi_xml (~> 0.5)
+      rack (>= 1.2, < 3)
+    omniauth (1.7.1)
+      hashie (>= 3.4.6, < 3.6.0)
+      rack (>= 1.6.2, < 3)
+    omniauth-github (1.3.0)
+      omniauth (~> 1.5)
+      omniauth-oauth2 (>= 1.4.0, < 2.0)
+    omniauth-oauth2 (1.4.0)
+      oauth2 (~> 1.0)
+      omniauth (~> 1.2)
     pg (0.20.0)
     pry (0.10.4)
       coderay (~> 1.1.0)
@@ -153,6 +183,11 @@ GEM
       sprockets (>= 2.8, < 4.0)
       sprockets-rails (>= 2.0, < 4.0)
       tilt (>= 1.1, < 3)
+    simplecov (0.15.1)
+      docile (~> 1.1.0)
+      json (>= 1.8, < 3)
+      simplecov-html (~> 0.10.0)
+    simplecov-html (0.10.2)
     slop (3.6.0)
     spring (2.0.1)
       activesupport (>= 4.2)
@@ -194,8 +229,10 @@ PLATFORMS
 
 DEPENDENCIES
   better_errors
+  binding_of_caller
   byebug
   coffee-rails (~> 4.2)
+  dotenv-rails
   foundation-rails
   jbuilder (~> 2.5)
   jquery-rails
@@ -204,11 +241,14 @@ DEPENDENCIES
   minitest-reporters
   minitest-skip
   minitest-spec-rails
+  omniauth
+  omniauth-github
   pg (~> 0.18)
   pry-rails
   puma (~> 3.0)
   rails (~> 5.0.2)
   sass-rails (~> 5.0)
+  simplecov
   spring
   spring-watcher-listen (~> 2.0.0)
   turbolinks (~> 5)
@@ -220,4 +260,4 @@ RUBY VERSION
    ruby 2.4.0p0
 
 BUNDLED WITH
-   1.14.4
+   1.16.0

app/controllers/application_controller.rb

@@ -1,17 +1,32 @@
 class ApplicationController < ActionController::Base
   protect_from_forgery with: :exception
 
-  before_action :find_user
+  before_action :require_login
 
   def render_404
     # DPR: supposedly this will actually render a 404 page in production
     raise ActionController::RoutingError.new('Not Found')
   end
 
 private
+=begin
   def find_user
     if session[:user_id]
       @login_user = User.find_by(id: session[:user_id])
     end
   end
+=end
+  def require_login
+    @user = User.find_by(id: session[:user_id])
+    unless @user
+      flash[:status] = :failure
+      flash[:message] = "You must be logged in to do that"
+      redirect_to root_path
+    end
+  end
+=begin
+  def logged_in
+    return session[:user_id] != nil
+  end
+=end
 end

app/controllers/sessions_controller.rb

@@ -1,7 +1,41 @@
 class SessionsController < ApplicationController
+  skip_before_action :require_login, only: [:create, :logout]
+
   def login_form
   end
 
+  def create
+    auth_hash = request.env['omniauth.auth']
+
+    if auth_hash['uid']
+      @user = User.find_by(uid: auth_hash[:uid], provider: 'github')
+      if @user.nil?
+        user = User.new
+        user.provider = 'github'
+        user.uid = auth_hash['uid']
+        user.email = auth_hash['info']['email']
+        user.username = auth_hash['info']['nickname']
+        if user.save
+          session[:user_id] = user.id
+          flash[:success] = "Created new user: #{user.username}"
+          redirect_to root_path
+        else
+          flash[:error] = "Could not save new user: #{user.username}"
+          redirect_to root_path
+        end
+      else
+        session[:user_id] = @user.id
+        flash[:success] = "Logged in successfully"
+        redirect_to root_path
+      end
+    else
+      flash[:error] = "Could not log in"
+      redirect_to root_path
+    end
+
+  end
+
+=begin
   def login
     username = params[:username]
     if username and user = User.find_by(username: username)
@@ -24,7 +58,7 @@ def login
     end
     redirect_to root_path
   end
-
+=end
   def logout
     session[:user_id] = nil
     flash[:status] = :success

app/controllers/users_controller.rb

@@ -1,4 +1,5 @@
 class UsersController < ApplicationController
+
   def index
     @users = User.all
   end

app/controllers/works_controller.rb

@@ -2,7 +2,7 @@ class WorksController < ApplicationController
   # We should always be able to tell what category
   # of work we're dealing with
   before_action :category_from_work, except: [:root, :index, :new, :create]
-
+  skip_before_action :require_login, only: [:root]
   def root
     @albums = Work.best_albums
     @books = Work.best_books
@@ -19,7 +19,9 @@ def new
   end
 
   def create
+
     @work = Work.new(media_params)
+    @work.creator = User.find(session[:user_id]).username
     @media_category = @work.category
     if @work.save
       flash[:status] = :success
@@ -41,34 +43,38 @@ def edit
   end
 
   def update
-    @work.update_attributes(media_params)
-    if @work.save
-      flash[:status] = :success
-      flash[:result_text] = "Successfully updated #{@media_category.singularize} #{@work.id}"
-      redirect_to work_path(@work)
+    if @work.creator == User.find(session[:user_id]).username
+      @work.update_attributes(media_params)
+      if @work.save
+        flash[:status] = :success
+        flash[:result_text] = "Successfully updated #{@media_category.singularize} #{@work.id}"
+        redirect_to work_path(@work)
+      else
+        flash.now[:status] = :failure
+        flash.now[:result_text] = "Could not update #{@media_category.singularize}"
+        flash.now[:messages] = @work.errors.messages
+        render :edit, status: :not_found
+      end
     else
-      flash.now[:status] = :failure
-      flash.now[:result_text] = "Could not update #{@media_category.singularize}"
-      flash.now[:messages] = @work.errors.messages
-      render :edit, status: :not_found
+      redirect_to work_path(@work.id)
     end
   end
 
   def destroy
-    @work.destroy
-    flash[:status] = :success
-    flash[:result_text] = "Successfully destroyed #{@media_category.singularize} #{@work.id}"
-    redirect_to root_path
+    if User.find(session[:user_id]).username == @work.creator
+      @work.destroy
+      flash[:status] = :success
+      flash[:result_text] = "Successfully destroyed #{@media_category.singularize} #{@work.id}"
+      redirect_to root_path
+    else
+      redirect_to works_path(@work)
+    end
   end
 
   def upvote
-    # Most of these varied paths end in failure
-    # Something tragically beautiful about the whole thing
-    # For status codes, see
-    # http://stackoverflow.com/questions/3825990/http-response-code-for-post-when-resource-already-exists
     flash[:status] = :failure
-    if @login_user
-      vote = Vote.new(user: @login_user, work: @work)
+    if session[:user_id]
+      vote = Vote.new(user: @user, work: @work)
       if vote.save
         flash[:status] = :success
         flash[:result_text] = "Successfully upvoted!"

app/views/layouts/application.html.erb

@@ -23,11 +23,10 @@
       <%= link_to "Add a new work", new_work_path, class: "button" %>
       <%= link_to "View all users", users_path, class: "button" %>
       <div class="float-right">
-        <% if @login_user %>
-          <%= link_to "Logged in as #{@login_user.username}", user_path(@login_user), class: "button" %>
-          <%= link_to "Log Out", logout_path, method: :post, class: "button" %>
+        <% if session[:user_id] %>
+          <%= link_to "Log Out", logout_path, method: :get, class: "button" %>
         <% else %>
-          <%= link_to "Log In", login_path, class: "button float-right" %>
+          <%= link_to "Log In", "/auth/github", class: "button float-right" %>
         <% end %>
       </div>
     </nav>

app/views/users/index.html.erb

@@ -1,3 +1,4 @@
+
 <h3>List of Users</h3>
 <table>
   <thead>

app/views/users/show.html.erb

@@ -1,3 +1,4 @@
+
 <h3>User Summary: <%= link_to @user.username, user_path(@user) %></h3>
 <p>Joined site <%= render_date @user.created_at %></p>
 

app/views/works/_form.html.erb

@@ -7,7 +7,7 @@
     <%= f.text_field :title %>
 
     <%= f.label :creator %>
-    <%= f.text_field :creator %>
+    <%= f.text_field :creator, :readonly => true, :value => User.find(session[:user_id]).username %>
 
     <%= f.label :publication_year %>
     <%= f.text_field :publication_year %>

app/views/works/index.html.erb

@@ -1,3 +1,4 @@
+
 <h3>List of works</h3>
 
 <% @works_by_category.each do |category, works| %>

app/views/works/new.html.erb

@@ -1,2 +1,3 @@
+
 <h3>Add a new work</h3>
 <%= render partial: "form" %>