VRFS-81

2012-11-22 03:27:23 -05:00 · 2012-11-22 03:27:23 -05:00 · 4d20f49d41
parent d73bbb822c
commit 4d20f49d41
7 changed files with 75 additions and 24 deletions
--- a/lib/jam_ruby/models/band.rb
+++ b/lib/jam_ruby/models/band.rb
@ -37,7 +37,7 @@ module JamRuby
    def follower_count
      return self.followers.size
    end
-    
+
    def location
      # TODO: implement a single string version of location;
      # this will be indexed into elasticsearch and returned in search
@ -135,7 +135,7 @@ module JamRuby
            :mappings => {
              "jam_ruby/band" => {
                :properties => {
-                  :logo_url         => { :type => :string,   :index     => :not_analyzed, :include_in_all => false },
+                  :logo_url         => { :type => :string,   :index => :not_analyzed, :include_in_all => false },
                  :photo_url        => { :type => :string,   :index => :not_analyzed, :include_in_all => false},
                  :name             => { :type => :string,   :boost => 100},
                  :location         => { :type => :string },
--- a/lib/jam_ruby/models/band_recording.rb
+++ b/lib/jam_ruby/models/band_recording.rb
@ -3,6 +3,8 @@ module JamRuby

    self.table_name = "bands_recordings"

+    attr_accessible :band_id, :recording_id
+
    # bands
    has_many :bands, :through => :band_recordings, :class_name => "JamRuby::Band"

--- a/lib/jam_ruby/models/musician_recording.rb
+++ b/lib/jam_ruby/models/musician_recording.rb
@ -3,6 +3,8 @@ module JamRuby

    self.table_name = "musicians_recordings"

+    attr_accessible :user_id, :recording_id
+
    # musicians
    has_many :musicians, :through => :musician_recordings, :class_name => "JamRuby::User"

--- a/lib/jam_ruby/models/recording.rb
+++ b/lib/jam_ruby/models/recording.rb
@ -1,22 +1,41 @@
 module JamRuby
  class Recording < ActiveRecord::Base

+    USER_NOT_MUSICIAN_VALIDATION_ERROR = "You must be a Musician to create a recording."
+    USER_NOT_BAND_MEMBER_VALIDATION_ERROR = "You must be a band member to create a recording."
+
    self.primary_key = 'id'

-    has_many :musician_recordings
+    has_many :musician_recordings, :class_name => "JamRuby::MusicianRecording"
+    has_many :band_recordings, :class_name => "JamRuby::BandRecording"

    # favorites
    has_and_belongs_to_many :user_favorites, :class_name => "JamRuby::UserFavorite", :join_table => "users_favorites"

    validates :description, presence: true, length: {maximum: 200}

-    def self.save(id, is_public, description, owner_id, is_band)
+    def self.save(id, is_public, description, updater_id, owner_id, is_band)
+
+      creator = User.find(updater_id)
+
+      if is_band
+        band = Band.find(owner_id)
+        validate_user_is_band_member(creator, band)
+      else
+        user = User.find(owner_id)
+        validate_user_is_creator(user, creator)
+        validate_user_is_musician(user)
+      end
+
      if id.nil?
        recording = Recording.new()
+        recording.creator_id = updater_id
      else
        recording = Recording.find(id)
      end

+      recording.updater_id = updater_id
+
      # public flag
      unless is_public.nil?
        recording.public = is_public
@ -27,22 +46,46 @@ module JamRuby
        recording.description = description
      end

-      if is_band?
-        recording.band << Band.create(id: owner_id)
+      recording.updated_at = Time.now.getutc
+
+      # TODO: wrap in transaction with statements below
+      recording.save
+
+      if is_band
+        recording.band_recordings << BandRecording.create(band_id: owner_id, recording_id: recording.id)
      else
-        recording.user << User.create(id: owner_id)
+        recording.musician_recordings << MusicianRecording.create(user_id: owner_id, recording_id: recording.id)
      end

-      recording.updated_at = Time.now.getutc
-      recording.save
      return recording
    end

+    private
+      def self.validate_user_is_band_member(user, band)
+        unless band.users.exists? user
+          raise PermissionError, "You must be a band member to create a recording for the band."
+        end
+      end
+
+      def self.validate_user_is_creator(user, creator)
+        unless user.id == creator.id
+          raise PermissionError, "You do not have permission to perform this action."
+        end
+      end
+
+      def self.validate_user_is_musician(user)
+        unless user.musician?
+          raise PermissionError, USER_NOT_MUSICIAN_VALIDATION_ERROR
+        end
+      end
+
+=begin
    def self.delete(id, owner_id, is_band)
      if is_band?
-        JamRuby::UserFollower.delete_all "(user_id = '#{user_id}' AND follower_id = '#{follower_id}')"
+        JamRuby::Recording.delete_all "(user_id = '#{user_id}' AND follower_id = '#{follower_id}')"
      else
      end
    end
+=end    
  end
 end
--- a/lib/jam_ruby/models/user.rb
+++ b/lib/jam_ruby/models/user.rb
@ -133,7 +133,7 @@ module JamRuby
    end

    # helper method for creating / updating a User
-    def self.save(id, first_name, last_name, email, password, password_confirmation, musician, gender,
+    def self.save(id, updater_id, first_name, last_name, email, password, password_confirmation, musician, gender,
                  birth_date, internet_service_provider, city, state, country, instruments) 
      if id.nil?
        user = User.new()
@ -141,6 +141,10 @@ module JamRuby
        user = User.find(id)
      end

+      if user.id != updater_id
+        raise PermissionError, "You do not have permissions to perform this action."
+      end 
+
      # first name
      unless first_name.nil?
        user.first_name = first_name
@ -227,10 +231,10 @@ module JamRuby
    end

    def self.create_user_following(user_id, follower_id)
-      @follower = UserFollower.new()
-      @follower.user_id = user_id
-      @follower.follower_id = follower_id
-      @follower.save
+      follower = UserFollower.new()
+      follower.user_id = user_id
+      follower.follower_id = follower_id
+      follower.save
    end

    def self.delete_user_following(user_id, follower_id)
@ -238,10 +242,10 @@ module JamRuby
    end

    def self.create_band_following(band_id, follower_id)
-      @follower = BandFollower.new()
-      @follower.band_id = band_id
-      @follower.follower_id = follower_id
-      @follower.save
+      follower = BandFollower.new()
+      follower.band_id = band_id
+      follower.follower_id = follower_id
+      follower.save
    end

    def self.delete_band_following(band_id, follower_id)
@ -249,10 +253,10 @@ module JamRuby
    end

    def self.create_favorite(user_id, recording_id)
-      @favorite = UserFavorite.new()
-      @favorite.user_id = user_id
-      @favorite.recording_id = recording_id
-      @favorite.save
+      favorite = UserFavorite.new()
+      favorite.user_id = user_id
+      favorite.recording_id = recording_id
+      favorite.save
    end

    def self.delete_favorite(user_id, recording_id)
--- a/spec/jam_ruby/models/tire_search_spec.rb
+++ b/spec/jam_ruby/models/tire_search_spec.rb
@ -22,6 +22,7 @@ describe "tire search" do
  it "full search for single user" do
    @user = FactoryGirl.create(:user, first_name: "User", last_name: "One", email: "user@example.com", musician: true,
      city: "Apex", state: "NC", country: "USA")
+    
    User.search_index.refresh
    
    s = Tire.search ['test-jamruby-users', 'test-jamruby-bands'], :load => true do
--- a/spec/jam_ruby/models/user_search_spec.rb
+++ b/spec/jam_ruby/models/user_search_spec.rb
@ -71,7 +71,6 @@ describe User do
    user_result.id.should == @user2.id
  end

-
  it "users who have signed up, but not confirmed should not show up in search index" do
    @user3 = FactoryGirl.create(:user, first_name: "unconfirmed", last_name: "unconfirmed", email: "unconfirmed@example.com",
                     password: "foobar", password_confirmation: "foobar", musician: true, email_confirmed: false,