diff --git a/Gemfile.lock b/Gemfile.lock index d18bb7ea6..31113ea38 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -174,15 +174,15 @@ GEM faraday multi_json erubis (2.7.0) - excon (0.59.0) + excon (0.60.0) execjs (2.7.0) factory_bot (4.8.2) activesupport (>= 3.0.0) factory_bot_rails (4.8.2) factory_bot (~> 4.8.2) railties (>= 3.0.0) - faker (1.8.5) - i18n (~> 0.9.1) + faker (1.8.7) + i18n (>= 0.7) faraday (0.12.2) multipart-post (>= 1.2, < 3) ffi (1.9.18) @@ -238,7 +238,7 @@ GEM rake (>= 10, < 13) rubocop (>= 0.49.0) sysexits (~> 1.1) - hashie (3.5.6) + hashie (3.5.7) heroics (0.0.24) erubis (~> 2.0) excon @@ -276,7 +276,7 @@ GEM thor (>= 0.14, < 2.0) jquery-ui-rails (5.0.5) railties (>= 3.2.16) - js-routes (1.4.2) + js-routes (1.4.3) railties (>= 3.2) sprockets-rails json (2.1.0) @@ -297,7 +297,7 @@ GEM activerecord kaminari-core (= 1.1.1) kaminari-core (1.1.1) - kgio (2.11.0) + kgio (2.11.1) kramdown (1.16.2) launchy (2.4.3) addressable (~> 2.3) @@ -329,7 +329,7 @@ GEM multi_xml (0.6.0) multipart-post (2.0.0) nenv (0.3.0) - newrelic_rpm (4.6.0.338) + newrelic_rpm (4.7.1.340) nokogiri (1.8.1) mini_portile2 (~> 2.3.0) notiffany (0.1.1) @@ -366,7 +366,7 @@ GEM cocaine (~> 0.5.5) mime-types mimemagic (~> 0.3.0) - parallel (1.12.0) + parallel (1.12.1) parser (2.4.0.2) ast (~> 2.3) pg (0.21.0) @@ -408,8 +408,8 @@ GEM rails-assets-leaflet (>= 1.0.3) rails-deprecated_sanitizer (1.0.3) activesupport (>= 4.2.0.alpha) - rails-dom-testing (1.0.8) - activesupport (>= 4.2.0.beta, < 5.0) + rails-dom-testing (1.0.9) + activesupport (>= 4.2.0, < 5.0) nokogiri (~> 1.6) rails-deprecated_sanitizer (>= 1.0.1) rails-html-sanitizer (1.0.3) @@ -475,7 +475,7 @@ GEM ruby_parser (3.10.1) sexp_processor (~> 4.9) rubyzip (1.2.1) - sass (3.5.3) + sass (3.5.4) sass-listen (~> 4.0.0) sass-listen (4.0.0) rb-fsevent (~> 0.9, >= 0.9.4) @@ -528,7 +528,7 @@ GEM uglifier (4.0.2) execjs (>= 0.3.0, < 3) unicode-display_width (1.3.0) - unicorn (5.3.1) + unicorn (5.4.0) kgio (~> 2.6) raindrops (~> 0.7) uniform_notifier (1.10.0) diff --git a/app/controllers/admin/members_controller.rb b/app/controllers/admin/members_controller.rb new file mode 100644 index 000000000..55cbdcf34 --- /dev/null +++ b/app/controllers/admin/members_controller.rb @@ -0,0 +1,14 @@ +module Admin + class MembersController < ApplicationController + before_action :auth! + def index + @members = Member.order(:login_name).paginate(page: params[:page]) + end + + private + + def auth! + authorize! :manage, :all + end + end +end diff --git a/app/controllers/admin/orders_controller.rb b/app/controllers/admin/orders_controller.rb index f5867a80e..d4f727ec0 100644 --- a/app/controllers/admin/orders_controller.rb +++ b/app/controllers/admin/orders_controller.rb @@ -1,21 +1,23 @@ -class Admin::OrdersController < ApplicationController - def index - authorize! :manage, :all - respond_to do |format| - format.html # index.html.haml - end - end - - def search - authorize! :manage, :all - @orders = Order.search(by: params[:search_by], for: params[:search_text]) - - if @orders.empty? - flash[:alert] = "Couldn't find order with #{params[:search_by]} = #{params[:search_text]}" +module Admin + class OrdersController < ApplicationController + def index + authorize! :manage, :all + respond_to do |format| + format.html # index.html.haml + end end - respond_to do |format| - format.html # index.html.haml + def search + authorize! :manage, :all + @orders = Order.search(by: params[:search_by], for: params[:search_text]) + + if @orders.empty? + flash[:alert] = "Couldn't find order with #{params[:search_by]} = #{params[:search_text]}" + end + + respond_to do |format| + format.html # index.html.haml + end end end end diff --git a/app/controllers/harvests_controller.rb b/app/controllers/harvests_controller.rb index 9b148c3f5..2e7fbef3e 100644 --- a/app/controllers/harvests_controller.rb +++ b/app/controllers/harvests_controller.rb @@ -18,6 +18,7 @@ class HarvestsController < ApplicationController def show @matching_plantings = matching_plantings if @harvest.owner == current_member + @photos = @harvest.photos.order(created_at: :desc).paginate(page: params[:page]) respond_with(@harvest) end diff --git a/app/controllers/plantings_controller.rb b/app/controllers/plantings_controller.rb index 334118dc5..0853b897a 100644 --- a/app/controllers/plantings_controller.rb +++ b/app/controllers/plantings_controller.rb @@ -31,6 +31,7 @@ class PlantingsController < ApplicationController @planting = Planting.includes(:owner, :crop, :garden, :photos) .friendly .find(params[:id]) + @photos = @planting.photos.order(created_at: :desc).includes(:owner).paginate(page: params[:page]) respond_with @planting end diff --git a/app/models/ability.rb b/app/models/ability.rb index 37f7babba..efba2aeb0 100644 --- a/app/models/ability.rb +++ b/app/models/ability.rb @@ -1,7 +1,13 @@ class Ability include CanCan::Ability - def initialize(member) # rubocop:disable Metrics/AbcSize, Metrics/MethodLength + def initialize(member) + anon_abilities(member) + member_abilities(member) if member.present? + admin_abilities(member) if member.present? && member.role?(:admin) + end + + def anon_abilities(_member) # See the wiki for details: https://github.com/ryanb/cancan/wiki/Defining-Abilities # everyone can do these things, even non-logged in @@ -35,7 +41,9 @@ class Ability can :read, AlternateName do |an| an.crop.approved? end + end + def member_abilities(member) # rubocop:disable Metrics/AbcSize, Metrics/MethodLength return unless member # members can see even rejected or pending crops if they requested it @@ -126,7 +134,9 @@ class Ability can :destroy, Follow cannot :destroy, Follow, followed_id: member.id # can't unfollow yourself + end + def admin_abilities(member) return unless member.role? :admin can :read, :all diff --git a/app/views/admin/index.html.haml b/app/views/admin/index.html.haml index 5e5ffeec5..294e16199 100644 --- a/app/views/admin/index.html.haml +++ b/app/views/admin/index.html.haml @@ -2,16 +2,28 @@ %h2 Manage -%ul#admin_links - %li= link_to "Account types", account_types_path - %li= link_to "Alternate names", alternate_names_path - %li= link_to "Scientific names", scientific_names_path - %li= link_to "Products", products_path - %li= link_to "Roles", roles_path - %li= link_to "Forums", forums_path - %li= link_to "Newsletter subscribers", admin_newsletter_path - %li= link_to "CMS", comfy_admin_cms_path +.row + .col-md-4 + %h2 Site admin + %ul#site_admin + %li= link_to "Account types", account_types_path + %li= link_to "Products", products_path + %li= link_to "Roles", roles_path + %li= link_to "Forums", forums_path + %li= link_to "CMS", comfy_admin_cms_path -%h2 Orders + .col-md-4 + %h2 Crop data admin + %ul + %li= link_to "Alternate names", alternate_names_path + %li= link_to "Scientific names", scientific_names_path + .col-md-4 + %h2 Member admin + %ul + %li= link_to "Newsletter subscribers", admin_newsletter_path + %li= link_to "Members", admin_members_path -= render "admin/orders/searchform" +.row + .col-md-12 + %h2 Orders + = render "admin/orders/searchform" diff --git a/app/views/admin/members/index.html.haml b/app/views/admin/members/index.html.haml new file mode 100644 index 000000000..2408a55db --- /dev/null +++ b/app/views/admin/members/index.html.haml @@ -0,0 +1,15 @@ +.pagination + = page_entries_info @members + = will_paginate @members + + +%table.table.table-striped + %tr + %th Name + %th Email + %th + %th + - @members.each do |member| + %tr + %td= ember.login_name + %td= member.email diff --git a/app/views/harvests/show.html.haml b/app/views/harvests/show.html.haml index bf9c770cf..2f9114084 100644 --- a/app/views/harvests/show.html.haml +++ b/app/views/harvests/show.html.haml @@ -48,15 +48,4 @@ :growstuff_markdown #{ @harvest.description != "" ? strip_tags(@harvest.description) : "No description given." } -- if !@harvest.photos.empty? || (can?(:edit, @harvest) && can?(:create, Photo)) - %h2 Pictures - - %ul.thumbnails - - @harvest.photos.each do |p| - .col-md-2.six-across - = render partial: 'photos/thumbnail', locals: { photo: p } - - if can?(:create, Photo) && can?(:edit, @harvest) - .col-md-2 - .thumbnail{ style: 'height: 220px' } - %p{ style: 'text-align: center; padding-top: 50px' } - = link_to "Add photo", new_photo_path(type: "harvest", id: @harvest.id), class: 'btn btn-primary' += render 'photos/item_photos', item: @harvest, type: 'harvest', photos: @photos diff --git a/app/views/photos/_item_photos.haml b/app/views/photos/_item_photos.haml new file mode 100644 index 000000000..679871680 --- /dev/null +++ b/app/views/photos/_item_photos.haml @@ -0,0 +1,16 @@ +- if photos.size.positive? || (can?(:edit, item) && can?(:create, Photo)) + %h2 Photos + - if photos.size.positive? + .row + .pagination + = page_entries_info photos + = will_paginate photos + .row + - photos.each do |photo| + .col-md-2.six-across= render 'photos/thumbnail', photo: photo + - if can?(:create, Photo) && can?(:edit, item) + .col-md-2 + .thumbnail + = link_to new_photo_path(type: type, id: item.id), class: 'btn btn-primary' do + %span.glyphicon.glyphicon-camera{ title: "Add photo" } + Add photo diff --git a/app/views/plantings/show.html.haml b/app/views/plantings/show.html.haml index 7c197b7bd..88789ed5a 100644 --- a/app/views/plantings/show.html.haml +++ b/app/views/plantings/show.html.haml @@ -83,15 +83,4 @@ :growstuff_markdown #{ @planting.description != "" ? strip_tags(@planting.description) : "No description given." } -- if !@planting.photos.empty? || (can?(:edit, @planting) && can?(:create, Photo)) - %h2 Photos - - .row - - @planting.photos.includes(:owner).each do |p| - .col-md-2.six-across - = render partial: 'photos/thumbnail', locals: { photo: p } - - if can?(:create, Photo) && can?(:edit, @planting) - .col-md-2 - .thumbnail{ style: 'height: 220px' } - %p{ style: 'text-align: center; padding-top: 50px' } - = link_to "Add photo", new_photo_path(type: "planting", id: @planting.id), class: 'btn btn-primary' += render 'photos/item_photos', item: @planting, type: 'planting', photos: @photos diff --git a/app/views/roles/_form.html.haml b/app/views/roles/_form.html.haml index 785590a18..67393b833 100644 --- a/app/views/roles/_form.html.haml +++ b/app/views/roles/_form.html.haml @@ -1,18 +1,19 @@ = form_for @role do |f| - - if @role.errors.any? - #error_explanation - %h2 - = pluralize(@role.errors.size, "error") - prohibited this role from being saved: - %ul - - @role.errors.full_messages.each do |msg| - %li= msg + .row + - if @role.errors.any? + #error_explanation + %h2 + = pluralize(@role.errors.size, "error") + prohibited this role from being saved: + %ul + - @role.errors.full_messages.each do |msg| + %li= msg .field - = f.label :name - = f.text_field :name + .col-md2= f.label :name + .col-md10= f.text_field :name .field - = f.label :description - = f.text_area :description + .col-md2= f.label :description + .col-md10= f.text_area :description .actions - = f.submit 'Save' + = f.submit 'Save', class: 'btn btn-default' diff --git a/app/views/roles/edit.html.haml b/app/views/roles/edit.html.haml index 83520111b..f0864018c 100644 --- a/app/views/roles/edit.html.haml +++ b/app/views/roles/edit.html.haml @@ -2,6 +2,4 @@ = render 'form' -= link_to 'Show', @role -\| = link_to 'Back', roles_path diff --git a/app/views/roles/index.html.haml b/app/views/roles/index.html.haml index b8f27feaa..9a19a7959 100644 --- a/app/views/roles/index.html.haml +++ b/app/views/roles/index.html.haml @@ -3,17 +3,16 @@ - if can? :create, Role %p= link_to 'New Role', new_role_path, class: 'btn btn-primary' -%table +%table.table.table-striped %tr %th Name %th Description %th %th - %th - @roles.each do |role| %tr - %td= link_to role.name, role + %td= role.name %td= role.description - if can? :edit, role %td= link_to 'Edit', edit_role_path(role), class: 'btn btn-default btn-xs' diff --git a/app/views/seeds/show.html.haml b/app/views/seeds/show.html.haml index b1573c7b0..e15ffb46d 100644 --- a/app/views/seeds/show.html.haml +++ b/app/views/seeds/show.html.haml @@ -76,15 +76,4 @@ = link_to "purchase seeds via Ebay", crop_ebay_seeds_url(@seed.crop), target: "_blank", rel: "noopener noreferrer" -- if @photos.size.positive? - .row - .pagination - = page_entries_info @photos - = will_paginate @photos -.row - - @photos.each do |p| - .col-md-2.six-across - = render 'photos/thumbnail', photo: p - - if can?(:create, Photo) && can?(:edit, @seed) - .col-md-2 - = link_to "Add photo", new_photo_path(type: "seed", id: @seed.id), class: 'btn btn-primary' += render 'photos/item_photos', item: @seed, type: 'seed', photos: @photos diff --git a/config/routes.rb b/config/routes.rb index 2a9aa7d5e..eb963311a 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -90,6 +90,9 @@ Growstuff::Application.routes.draw do get '/shop/:action' => 'shop#:action' comfy_route :cms_admin, path: '/admin/cms' + namespace :admin do + resources :members + end get '/admin/orders' => 'admin/orders#index' get '/admin/orders/:action' => 'admin/orders#:action' get '/admin' => 'admin#index' diff --git a/spec/features/admin/forums_spec.rb b/spec/features/admin/forums_spec.rb index 1ff1398a4..87f44f26d 100644 --- a/spec/features/admin/forums_spec.rb +++ b/spec/features/admin/forums_spec.rb @@ -13,7 +13,7 @@ feature "forums", js: true do visit root_path click_link "Admin" expect(current_path).to eq admin_path - within 'ul#admin_links' do + within 'ul#site_admin' do click_link "Forums" end expect(current_path).to eq forums_path @@ -25,7 +25,7 @@ feature "forums", js: true do click_link member.login_name click_link "Admin" expect(current_path).to eq admin_path - within 'ul#admin_links' do + within 'ul#site_admin' do click_link "Forums" end expect(current_path).to eq forums_path diff --git a/spec/views/harvests/show.html.haml_spec.rb b/spec/views/harvests/show.html.haml_spec.rb index 5e2f167af..624cf88c4 100644 --- a/spec/views/harvests/show.html.haml_spec.rb +++ b/spec/views/harvests/show.html.haml_spec.rb @@ -6,6 +6,7 @@ describe "harvests/show" do before do controller.stub(:current_user) { nil } assign(:harvest, harvest) + assign(:photos, harvest.photos.paginate(page: 1)) render end diff --git a/spec/views/plantings/show.html.haml_spec.rb b/spec/views/plantings/show.html.haml_spec.rb index c20f7e909..040a0f6b0 100644 --- a/spec/views/plantings/show.html.haml_spec.rb +++ b/spec/views/plantings/show.html.haml_spec.rb @@ -12,6 +12,7 @@ describe "plantings/show" do before(:each) do assign(:planting, planting) + assign(:photos, planting.photos.paginate(page: 1)) controller.stub(:current_user) { member } end diff --git a/spec/views/seeds/show.html.haml_spec.rb b/spec/views/seeds/show.html.haml_spec.rb index 4feb75d55..fd2848f97 100644 --- a/spec/views/seeds/show.html.haml_spec.rb +++ b/spec/views/seeds/show.html.haml_spec.rb @@ -5,7 +5,7 @@ describe "seeds/show" do controller.stub(:current_user) { nil } @seed = FactoryBot.create(:seed) assign(:seed, @seed) - assign(:photos, @seed.photos) + assign(:photos, @seed.photos.paginate(page: 1)) end it "renders attributes in

" do