From 4d20f49d415f260c14a441dc11df1d9e5e7f5afb Mon Sep 17 00:00:00 2001 From: Brian Smith Date: Thu, 22 Nov 2012 03:27:23 -0500 Subject: [PATCH] VRFS-81 --- lib/jam_ruby/models/band.rb | 4 +- lib/jam_ruby/models/band_recording.rb | 2 + lib/jam_ruby/models/musician_recording.rb | 2 + lib/jam_ruby/models/recording.rb | 59 ++++++++++++++++++++--- lib/jam_ruby/models/user.rb | 30 +++++++----- spec/jam_ruby/models/tire_search_spec.rb | 1 + spec/jam_ruby/models/user_search_spec.rb | 1 - 7 files changed, 75 insertions(+), 24 deletions(-) diff --git a/lib/jam_ruby/models/band.rb b/lib/jam_ruby/models/band.rb index b4856c363..08bd953f4 100644 --- a/lib/jam_ruby/models/band.rb +++ b/lib/jam_ruby/models/band.rb @@ -37,7 +37,7 @@ module JamRuby def follower_count return self.followers.size end - + def location # TODO: implement a single string version of location; # this will be indexed into elasticsearch and returned in search @@ -135,7 +135,7 @@ module JamRuby :mappings => { "jam_ruby/band" => { :properties => { - :logo_url => { :type => :string, :index => :not_analyzed, :include_in_all => false }, + :logo_url => { :type => :string, :index => :not_analyzed, :include_in_all => false }, :photo_url => { :type => :string, :index => :not_analyzed, :include_in_all => false}, :name => { :type => :string, :boost => 100}, :location => { :type => :string }, diff --git a/lib/jam_ruby/models/band_recording.rb b/lib/jam_ruby/models/band_recording.rb index 2076f2283..958dcd973 100644 --- a/lib/jam_ruby/models/band_recording.rb +++ b/lib/jam_ruby/models/band_recording.rb @@ -3,6 +3,8 @@ module JamRuby self.table_name = "bands_recordings" + attr_accessible :band_id, :recording_id + # bands has_many :bands, :through => :band_recordings, :class_name => "JamRuby::Band" diff --git a/lib/jam_ruby/models/musician_recording.rb b/lib/jam_ruby/models/musician_recording.rb index 74a827a41..30293ce6c 100644 --- a/lib/jam_ruby/models/musician_recording.rb +++ b/lib/jam_ruby/models/musician_recording.rb @@ -3,6 +3,8 @@ module JamRuby self.table_name = "musicians_recordings" + attr_accessible :user_id, :recording_id + # musicians has_many :musicians, :through => :musician_recordings, :class_name => "JamRuby::User" diff --git a/lib/jam_ruby/models/recording.rb b/lib/jam_ruby/models/recording.rb index 8006221c4..0d4cfa8fd 100644 --- a/lib/jam_ruby/models/recording.rb +++ b/lib/jam_ruby/models/recording.rb @@ -1,22 +1,41 @@ module JamRuby class Recording < ActiveRecord::Base + USER_NOT_MUSICIAN_VALIDATION_ERROR = "You must be a Musician to create a recording." + USER_NOT_BAND_MEMBER_VALIDATION_ERROR = "You must be a band member to create a recording." + self.primary_key = 'id' - has_many :musician_recordings + has_many :musician_recordings, :class_name => "JamRuby::MusicianRecording" + has_many :band_recordings, :class_name => "JamRuby::BandRecording" # favorites has_and_belongs_to_many :user_favorites, :class_name => "JamRuby::UserFavorite", :join_table => "users_favorites" validates :description, presence: true, length: {maximum: 200} - def self.save(id, is_public, description, owner_id, is_band) + def self.save(id, is_public, description, updater_id, owner_id, is_band) + + creator = User.find(updater_id) + + if is_band + band = Band.find(owner_id) + validate_user_is_band_member(creator, band) + else + user = User.find(owner_id) + validate_user_is_creator(user, creator) + validate_user_is_musician(user) + end + if id.nil? recording = Recording.new() + recording.creator_id = updater_id else recording = Recording.find(id) end + recording.updater_id = updater_id + # public flag unless is_public.nil? recording.public = is_public @@ -27,22 +46,46 @@ module JamRuby recording.description = description end - if is_band? - recording.band << Band.create(id: owner_id) + recording.updated_at = Time.now.getutc + + # TODO: wrap in transaction with statements below + recording.save + + if is_band + recording.band_recordings << BandRecording.create(band_id: owner_id, recording_id: recording.id) else - recording.user << User.create(id: owner_id) + recording.musician_recordings << MusicianRecording.create(user_id: owner_id, recording_id: recording.id) end - recording.updated_at = Time.now.getutc - recording.save return recording end + private + def self.validate_user_is_band_member(user, band) + unless band.users.exists? user + raise PermissionError, "You must be a band member to create a recording for the band." + end + end + + def self.validate_user_is_creator(user, creator) + unless user.id == creator.id + raise PermissionError, "You do not have permission to perform this action." + end + end + + def self.validate_user_is_musician(user) + unless user.musician? + raise PermissionError, USER_NOT_MUSICIAN_VALIDATION_ERROR + end + end + +=begin def self.delete(id, owner_id, is_band) if is_band? - JamRuby::UserFollower.delete_all "(user_id = '#{user_id}' AND follower_id = '#{follower_id}')" + JamRuby::Recording.delete_all "(user_id = '#{user_id}' AND follower_id = '#{follower_id}')" else end end +=end end end \ No newline at end of file diff --git a/lib/jam_ruby/models/user.rb b/lib/jam_ruby/models/user.rb index 9aad75372..87800b453 100644 --- a/lib/jam_ruby/models/user.rb +++ b/lib/jam_ruby/models/user.rb @@ -133,7 +133,7 @@ module JamRuby end # helper method for creating / updating a User - def self.save(id, first_name, last_name, email, password, password_confirmation, musician, gender, + def self.save(id, updater_id, first_name, last_name, email, password, password_confirmation, musician, gender, birth_date, internet_service_provider, city, state, country, instruments) if id.nil? user = User.new() @@ -141,6 +141,10 @@ module JamRuby user = User.find(id) end + if user.id != updater_id + raise PermissionError, "You do not have permissions to perform this action." + end + # first name unless first_name.nil? user.first_name = first_name @@ -227,10 +231,10 @@ module JamRuby end def self.create_user_following(user_id, follower_id) - @follower = UserFollower.new() - @follower.user_id = user_id - @follower.follower_id = follower_id - @follower.save + follower = UserFollower.new() + follower.user_id = user_id + follower.follower_id = follower_id + follower.save end def self.delete_user_following(user_id, follower_id) @@ -238,10 +242,10 @@ module JamRuby end def self.create_band_following(band_id, follower_id) - @follower = BandFollower.new() - @follower.band_id = band_id - @follower.follower_id = follower_id - @follower.save + follower = BandFollower.new() + follower.band_id = band_id + follower.follower_id = follower_id + follower.save end def self.delete_band_following(band_id, follower_id) @@ -249,10 +253,10 @@ module JamRuby end def self.create_favorite(user_id, recording_id) - @favorite = UserFavorite.new() - @favorite.user_id = user_id - @favorite.recording_id = recording_id - @favorite.save + favorite = UserFavorite.new() + favorite.user_id = user_id + favorite.recording_id = recording_id + favorite.save end def self.delete_favorite(user_id, recording_id) diff --git a/spec/jam_ruby/models/tire_search_spec.rb b/spec/jam_ruby/models/tire_search_spec.rb index 0a3f1ecc5..efc42c22d 100644 --- a/spec/jam_ruby/models/tire_search_spec.rb +++ b/spec/jam_ruby/models/tire_search_spec.rb @@ -22,6 +22,7 @@ describe "tire search" do it "full search for single user" do @user = FactoryGirl.create(:user, first_name: "User", last_name: "One", email: "user@example.com", musician: true, city: "Apex", state: "NC", country: "USA") + User.search_index.refresh s = Tire.search ['test-jamruby-users', 'test-jamruby-bands'], :load => true do diff --git a/spec/jam_ruby/models/user_search_spec.rb b/spec/jam_ruby/models/user_search_spec.rb index 038597dae..b4745cd6e 100644 --- a/spec/jam_ruby/models/user_search_spec.rb +++ b/spec/jam_ruby/models/user_search_spec.rb @@ -71,7 +71,6 @@ describe User do user_result.id.should == @user2.id end - it "users who have signed up, but not confirmed should not show up in search index" do @user3 = FactoryGirl.create(:user, first_name: "unconfirmed", last_name: "unconfirmed", email: "unconfirmed@example.com", password: "foobar", password_confirmation: "foobar", musician: true, email_confirmed: false,