diff --git a/Gemfile b/Gemfile index 4979ec84..039e1d41 100644 --- a/Gemfile +++ b/Gemfile @@ -1,6 +1,6 @@ source 'https://rubygems.org' -gem 'rails', '4.2.0' +gem 'rails', '4.2.8' # Bundle edge Rails instead: # gem 'rails', :git => 'git://github.com/rails/rails.git' @@ -63,10 +63,8 @@ group :mysql do gem 'mysql2', :require => false end -group :postgres do - # adapter: postgresql - gem 'pg', :require => false -end +# adapter: postgresql +gem 'pg', '~> 0.18', :require => false group :sqlite do # adapter: sqlite3 diff --git a/Gemfile.lock b/Gemfile.lock index ef12f6a5..8ba710f8 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -1,48 +1,46 @@ GEM remote: https://rubygems.org/ specs: - actionmailer (4.2.0) - actionpack (= 4.2.0) - actionview (= 4.2.0) - activejob (= 4.2.0) + actionmailer (4.2.8) + actionpack (= 4.2.8) + actionview (= 4.2.8) + activejob (= 4.2.8) mail (~> 2.5, >= 2.5.4) rails-dom-testing (~> 1.0, >= 1.0.5) - actionpack (4.2.0) - actionview (= 4.2.0) - activesupport (= 4.2.0) - rack (~> 1.6.0) + actionpack (4.2.8) + actionview (= 4.2.8) + activesupport (= 4.2.8) + rack (~> 1.6) rack-test (~> 0.6.2) rails-dom-testing (~> 1.0, >= 1.0.5) - rails-html-sanitizer (~> 1.0, >= 1.0.1) - actionview (4.2.0) - activesupport (= 4.2.0) + rails-html-sanitizer (~> 1.0, >= 1.0.2) + actionview (4.2.8) + activesupport (= 4.2.8) builder (~> 3.1) erubis (~> 2.7.0) rails-dom-testing (~> 1.0, >= 1.0.5) - rails-html-sanitizer (~> 1.0, >= 1.0.1) - activejob (4.2.0) - activesupport (= 4.2.0) + rails-html-sanitizer (~> 1.0, >= 1.0.3) + activejob (4.2.8) + activesupport (= 4.2.8) globalid (>= 0.3.0) - activemodel (4.2.0) - activesupport (= 4.2.0) + activemodel (4.2.8) + activesupport (= 4.2.8) builder (~> 3.1) - activerecord (4.2.0) - activemodel (= 4.2.0) - activesupport (= 4.2.0) + activerecord (4.2.8) + activemodel (= 4.2.8) + activesupport (= 4.2.8) arel (~> 6.0) - activesupport (4.2.0) + activesupport (4.2.8) i18n (~> 0.7) - json (~> 1.7, >= 1.7.7) minitest (~> 5.1) thread_safe (~> 0.3, >= 0.3.4) tzinfo (~> 1.1) - addressable (2.3.8) - arel (6.0.0) - bcrypt (3.1.10) - binding_of_caller (0.7.2) - debug_inspector (>= 0.0.1) + addressable (2.5.2) + public_suffix (>= 2.0.2, < 4.0) + arel (6.0.4) + bcrypt (3.1.12) bluecloth (2.2.0) - builder (3.2.2) + builder (3.2.3) cancan (1.6.10) capybara (2.2.1) mime-types (>= 1.16) @@ -50,141 +48,151 @@ GEM rack (>= 1.0.0) rack-test (>= 0.5.4) xpath (~> 2.0) - capybara-screenshot (1.0.9) - capybara (>= 1.0, < 3) + capybara-screenshot (1.0.21) + capybara (>= 1.0, < 4) launchy capybara-webkit (1.3.1) capybara (>= 2.0.2, < 2.5.0) json - celluloid (0.16.0) - timers (~> 4.0.0) - coderay (1.1.0) - coffee-rails (4.1.0) + coderay (1.1.2) + coffee-rails (4.2.2) coffee-script (>= 2.2.0) - railties (>= 4.0.0, < 5.0) + railties (>= 4.0.0) coffee-script (2.4.1) coffee-script-source execjs - coffee-script-source (1.9.1.1) + coffee-script-source (1.12.2) + concurrent-ruby (1.0.5) + crass (1.0.4) css3buttons (1.0.1) actionpack (>= 3.0.0) - database_cleaner (1.4.1) - debug_inspector (0.0.2) - default_value_for (3.0.1) - activerecord (>= 3.2.0, < 5.0) - devise (3.4.1) + database_cleaner (1.7.0) + debug_inspector (0.0.3) + default_value_for (3.1.0) + activerecord (>= 3.2.0, < 6.0) + devise (4.4.3) bcrypt (~> 3.0) orm_adapter (~> 0.1) - railties (>= 3.2.6, < 5) + railties (>= 4.1.0, < 6.0) responders - thread_safe (~> 0.1) warden (~> 1.2.3) - diff-lcs (1.2.5) + diff-lcs (1.3) em-websocket (0.5.1) eventmachine (>= 0.12.9) http_parser.rb (~> 0.6.0) erubis (2.7.0) - eventmachine (1.0.7) - execjs (2.5.2) - factory_girl (4.5.0) + eventmachine (1.2.7) + execjs (2.7.0) + factory_girl (4.9.0) activesupport (>= 3.0.0) - factory_girl_rails (4.5.0) - factory_girl (~> 4.5.0) + factory_girl_rails (4.9.0) + factory_girl (~> 4.9.0) railties (>= 3.0.0) - ffi (1.9.8) + ffi (1.9.25) formatador (0.2.5) - globalid (0.3.5) - activesupport (>= 4.1.0) - guard (2.12.5) + globalid (0.4.1) + activesupport (>= 4.2.0) + guard (2.14.2) formatador (>= 0.2.4) - listen (~> 2.7) - lumberjack (~> 1.0) + listen (>= 2.7, < 4.0) + lumberjack (>= 1.0.12, < 2.0) nenv (~> 0.1) notiffany (~> 0.0) pry (>= 0.9.12) shellany (~> 0.0) thor (>= 0.18.1) - guard-livereload (2.4.0) + guard-compat (1.2.1) + guard-livereload (2.5.2) em-websocket (~> 0.5) guard (~> 2.8) + guard-compat (~> 1.0) multi_json (~> 1.8) - hitimes (1.2.2) http_parser.rb (0.6.0) - i18n (0.7.0) - jquery-rails (4.0.3) - rails-dom-testing (~> 1.0) + i18n (0.9.5) + concurrent-ruby (~> 1.0) + its-it (1.3.0) + jquery-rails (4.3.3) + rails-dom-testing (>= 1, < 3) railties (>= 4.2.0) thor (>= 0.14, < 2.0) - json (1.8.2) + json (2.1.0) + key_struct (0.4.2) launchy (2.4.3) addressable (~> 2.3) - listen (2.10.0) - celluloid (~> 0.16.0) - rb-fsevent (>= 0.9.3) - rb-inotify (>= 0.9) - loofah (2.0.1) + listen (3.1.5) + rb-fsevent (~> 0.9, >= 0.9.4) + rb-inotify (~> 0.9, >= 0.9.7) + ruby_dep (~> 1.2) + loofah (2.2.2) + crass (~> 1.0.2) nokogiri (>= 1.5.9) - lumberjack (1.0.9) - mail (2.6.3) - mime-types (>= 1.16, < 3) - method_source (0.8.2) - mime-types (2.4.3) - mini_portile (0.6.2) - minitest (5.6.0) - multi_json (1.11.0) - mysql2 (0.3.18) - nenv (0.2.0) - nokogiri (1.6.6.2) - mini_portile (~> 0.6.0) - notiffany (0.0.6) + lumberjack (1.0.13) + mail (2.7.0) + mini_mime (>= 0.1.1) + method_source (0.9.0) + mime-types (3.1) + mime-types-data (~> 3.2015) + mime-types-data (3.2016.0521) + mini_mime (1.0.0) + mini_portile2 (2.3.0) + minitest (5.11.3) + modware (0.1.3) + key_struct (~> 0.4) + multi_json (1.13.1) + mysql2 (0.5.2) + nenv (0.3.0) + nokogiri (1.8.4) + mini_portile2 (~> 2.3.0) + notiffany (0.1.1) nenv (~> 0.1) shellany (~> 0.0) orm_adapter (0.5.0) - pg (0.18.1) - protected_attributes (1.0.9) + pg (1.0.0) + protected_attributes (1.1.4) activemodel (>= 4.0.1, < 5.0) - pry (0.10.1) + pry (0.11.3) coderay (~> 1.1.0) - method_source (~> 0.8.1) - slop (~> 3.4) - rack (1.6.0) + method_source (~> 0.9.0) + public_suffix (3.0.2) + rack (1.6.10) rack-test (0.6.3) rack (>= 1.0) - rails (4.2.0) - actionmailer (= 4.2.0) - actionpack (= 4.2.0) - actionview (= 4.2.0) - activejob (= 4.2.0) - activemodel (= 4.2.0) - activerecord (= 4.2.0) - activesupport (= 4.2.0) + rails (4.2.8) + actionmailer (= 4.2.8) + actionpack (= 4.2.8) + actionview (= 4.2.8) + activejob (= 4.2.8) + activemodel (= 4.2.8) + activerecord (= 4.2.8) + activesupport (= 4.2.8) bundler (>= 1.3.0, < 2.0) - railties (= 4.2.0) + railties (= 4.2.8) sprockets-rails rails-deprecated_sanitizer (1.0.3) activesupport (>= 4.2.0.alpha) - rails-dom-testing (1.0.6) - activesupport (>= 4.2.0.beta, < 5.0) - nokogiri (~> 1.6.0) + rails-dom-testing (1.0.9) + activesupport (>= 4.2.0, < 5.0) + nokogiri (~> 1.6) rails-deprecated_sanitizer (>= 1.0.1) - rails-html-sanitizer (1.0.2) - loofah (~> 2.0) - railties (4.2.0) - actionpack (= 4.2.0) - activesupport (= 4.2.0) + rails-html-sanitizer (1.0.4) + loofah (~> 2.2, >= 2.2.2) + railties (4.2.8) + actionpack (= 4.2.8) + activesupport (= 4.2.8) rake (>= 0.8.7) thor (>= 0.18.1, < 2.0) - rake (10.4.2) - rb-fsevent (0.9.4) - rb-inotify (0.9.5) - ffi (>= 0.5.0) - responders (2.1.0) - railties (>= 4.2.0, < 5) + rake (12.3.1) + rb-fsevent (0.10.3) + rb-inotify (0.9.10) + ffi (>= 0.5.0, < 2) + responders (2.4.0) + actionpack (>= 4.2.0, < 5.3) + railties (>= 4.2.0, < 5.3) rspec (3.0.0) rspec-core (~> 3.0.0) rspec-expectations (~> 3.0.0) rspec-mocks (~> 3.0.0) - rspec-activemodel-mocks (1.0.1) + rspec-activemodel-mocks (1.0.3) activemodel (>= 3.0) activesupport (>= 3.0) rspec-mocks (>= 2.99, < 4.0) @@ -204,47 +212,111 @@ GEM rspec-mocks (~> 3.0.0) rspec-support (~> 3.0.0) rspec-support (3.0.4) - sass (3.4.13) - sass-rails (5.0.3) - railties (>= 4.0.0, < 5.0) + ruby_dep (1.5.0) + sass (3.5.6) + sass-listen (~> 4.0.0) + sass-listen (4.0.0) + rb-fsevent (~> 0.9, >= 0.9.4) + rb-inotify (~> 0.9, >= 0.9.7) + sass-rails (5.0.7) + railties (>= 4.0.0, < 6) sass (~> 3.1) sprockets (>= 2.8, < 4.0) sprockets-rails (>= 2.0, < 4.0) - tilt (~> 1.1) - schema_plus (1.8.8) - activerecord (>= 3.2, <= 4.2.0) + tilt (>= 1.1, < 3) + schema_auto_foreign_keys (0.1.3) + its-it (~> 1.2) + schema_plus_foreign_keys (~> 0.1) + schema_plus_indexes (~> 0.2) + schema_monkey (2.1.5) + activerecord (>= 4.2) + modware (~> 0.1) + schema_plus (2.0.1) + activerecord (~> 4.2) + schema_auto_foreign_keys (~> 0.1) + schema_monkey (~> 2.1) + schema_plus_columns (~> 0.1) + schema_plus_core (~> 1.0) + schema_plus_db_default (~> 0.1) + schema_plus_default_expr (~> 0.1) + schema_plus_enums (~> 0.1) + schema_plus_foreign_keys (~> 0.1) + schema_plus_indexes (~> 0.1, >= 0.1.3) + schema_plus_pg_indexes (~> 0.1, >= 0.1.3) + schema_plus_tables (~> 0.1) + schema_plus_views (~> 0.1) + schema_plus_columns (0.3.0) + activerecord (>= 4.2, < 5.3) + its-it (~> 1.2) + schema_plus_core + schema_plus_indexes (~> 0.2) + schema_plus_compatibility (0.4.0) + activerecord (>= 4.2, < 5.3) + schema_monkey (~> 2.1) + schema_plus_core (1.0.2) + activerecord (~> 4.2) + its-it (~> 1.2) + schema_monkey (~> 2.1) + schema_plus_db_default (0.1.1) + activerecord (~> 4.2) + schema_plus_core (~> 1.0) + schema_plus_default_expr (0.1.4) + activerecord (>= 4.2, < 6.0) + its-it (~> 1.2) + schema_plus_core (>= 1.0, < 3.0) + schema_plus_enums (0.1.7) + activerecord (>= 4.2, < 5.2) + its-it (~> 1.2) + schema_plus_core + schema_plus_foreign_keys (0.1.7) + activerecord (>= 4.2, < 5.1) + its-it (~> 1.2) + schema_plus_compatibility (~> 0.2) + schema_plus_core valuable + schema_plus_indexes (0.3.0) + activerecord (>= 4.2, < 5.2) + its-it (~> 1.2) + schema_plus_core + schema_plus_pg_indexes (0.1.12) + activerecord (~> 4.2) + its-it (~> 1.2) + schema_plus_core (~> 1.0) + schema_plus_indexes (~> 0.1, >= 0.1.3) + schema_plus_tables (0.1.1) + activerecord (~> 4.2) + schema_plus_core (~> 1.0) + schema_plus_views (0.3.1) + activerecord (~> 4.2) + schema_plus_core (~> 1.0) shellany (0.0.1) - slop (3.6.0) spork (0.9.0.rc9) - spring (1.3.4) - sprockets (3.0.1) - rack (~> 1.0) - sprockets-rails (2.2.4) - actionpack (>= 3.0) - activesupport (>= 3.0) - sprockets (>= 2.8, < 4.0) - sqlite3 (1.3.10) - thor (0.19.1) - thread_safe (0.3.5) - tilt (1.4.1) - timers (4.0.1) - hitimes - tzinfo (1.2.2) + spring (2.0.2) + activesupport (>= 4.2) + sprockets (3.7.2) + concurrent-ruby (~> 1.0) + rack (> 1, < 3) + sprockets-rails (3.2.1) + actionpack (>= 4.0) + activesupport (>= 4.0) + sprockets (>= 3.0.0) + sqlite3 (1.3.13) + thor (0.20.0) + thread_safe (0.3.6) + tilt (2.0.8) + tzinfo (1.2.5) thread_safe (~> 0.1) - uglifier (2.7.1) - execjs (>= 0.3.0) - json (>= 1.8.0) - valuable (0.9.9) - warden (1.2.3) + uglifier (4.1.14) + execjs (>= 0.3.0, < 3) + valuable (0.9.14) + warden (1.2.7) rack (>= 1.0) - web-console (2.1.2) - activemodel (>= 4.0) - binding_of_caller (>= 0.7.2) - railties (>= 4.0) - sprockets-rails (>= 2.0, < 4.0) - will_paginate (3.0.7) - xpath (2.0.0) + web-console (3.3.0) + activemodel (>= 4.2) + debug_inspector + railties (>= 4.2) + will_paginate (3.1.6) + xpath (2.1.0) nokogiri (~> 1.3) PLATFORMS @@ -272,7 +344,7 @@ DEPENDENCIES protected_attributes pry rack - rails (= 4.2.0) + rails (= 4.2.8) rspec rspec-activemodel-mocks rspec-rails (~> 3.0.0) @@ -284,3 +356,6 @@ DEPENDENCIES uglifier web-console will_paginate + +BUNDLED WITH + 1.16.0 diff --git a/app/controllers/admin/comments_controller.rb b/app/controllers/admin/comments_controller.rb index bb3a1aec..5556646e 100644 --- a/app/controllers/admin/comments_controller.rb +++ b/app/controllers/admin/comments_controller.rb @@ -23,7 +23,7 @@ def edit def update @comment = Comment.find(params[:id]) authorize! :update, @comment - if @comment.update_attributes(params[:comment], :as => current_user.role) + if @comment.update_attributes(comment_params) redirect_back(admin_comments_path) else render :action => 'edit' @@ -82,6 +82,12 @@ def import end private + def comment_params + params.require(:comment).permit( + :author_name, :author_email, :content + ) + end + def set_navigation_ids @navigation_ids = [:dashboard, :comments] end diff --git a/app/controllers/admin/topics_controller.rb b/app/controllers/admin/topics_controller.rb index 02ec8e00..7a99e88c 100644 --- a/app/controllers/admin/topics_controller.rb +++ b/app/controllers/admin/topics_controller.rb @@ -5,13 +5,16 @@ class Admin::TopicsController < ApplicationController before_filter :set_navigation_ids def show - show! do - @comments = @topic.comments.page(params[:page]) + @comments = @topic.comments.page(params[:page]) + respond_to do |format| + format.json { render json: @topic.to_json } + format.html end end def destroy - destroy! { admin_site_path(@topic.site) } + @topic.destroy + redirect_to admin_site_path(@topic.site) end def index diff --git a/app/models/topic.rb b/app/models/topic.rb index 4f2ee561..d406cee1 100644 --- a/app/models/topic.rb +++ b/app/models/topic.rb @@ -44,6 +44,10 @@ def self.alt_key(topic_key) topic_key.match(/\/$/) ? topic_key.chop : "#{topic_key}/" end + def to_json + {:comments => {count: comments.count}} + end + private def self.find_by_site_key_and_topic_key(site_key, topic_key) Topic. diff --git a/app/views/admin/comments/_comment.html.erb b/app/views/admin/comments/_comment.html.erb index 5de5c49f..1e2a1041 100644 --- a/app/views/admin/comments/_comment.html.erb +++ b/app/views/admin/comments/_comment.html.erb @@ -3,7 +3,7 @@
- <%= comment.author_name || 'Anonymous' %> diff --git a/app/views/api/_comment.html.erb b/app/views/api/_comment.html.erb index 5f2fb692..85e16d86 100644 --- a/app/views/api/_comment.html.erb +++ b/app/views/api/_comment.html.erb @@ -2,14 +2,14 @@
<% if comment.author_email %>
- <%= comment.author_name || 'Anonymous' %>
<% else %>
- <%= comment.author_name || 'Anonymous' %> diff --git a/config/environments/production.rb b/config/environments/production.rb index 79214056..9279965e 100644 --- a/config/environments/production.rb +++ b/config/environments/production.rb @@ -23,6 +23,8 @@ # (comment out if your front-end server doesn't support this) config.action_dispatch.x_sendfile_header = "X-Sendfile" # Use 'X-Accel-Redirect' for nginx + config.log_level = :debug + # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies. # config.force_ssl = true diff --git a/db/seeds.rb b/db/seeds.rb index 7c6be43f..f42adc3b 100644 --- a/db/seeds.rb +++ b/db/seeds.rb @@ -27,9 +27,9 @@ :referer => 'http://www.google.com') else User.create!({ - :email => 'admin@localhost', - :password => 'admin', - :password_confirmation => 'admin', + :email => 'admin@localhost.com', + :password => 'adminadmin', + :password_confirmation => 'adminadmin', :admin => true }, :as => :admin) end diff --git a/spec/controllers/admin/topics_controller_spec.rb b/spec/controllers/admin/topics_controller_spec.rb new file mode 100644 index 00000000..faab6b39 --- /dev/null +++ b/spec/controllers/admin/topics_controller_spec.rb @@ -0,0 +1,126 @@ +require File.expand_path(File.dirname(__FILE__) + "/../../spec_helper") + +describe Admin::TopicsController, type: :controller do + let(:valid_attributes) { FactoryGirl.attributes_for(:topic) } + + before do + @site = FactoryGirl.create(:site1, :user => kotori) + @topic = FactoryGirl.create(:topic, site: @site) + end + + describe "GET index" do + def visit_normally + get :index + end + + include_examples "requires authentication" + end + + describe "GET show" do + def visit_normally + get :show, :id => @topic.id + end + + include_examples "requires authentication" + end + + describe "GET edit" do + def visit_normally + get :edit, :id => @topic.id + end + + include_examples "requires authentication" + end + + describe "POST create" do + def visit_normally + post :create, :topic => valid_attributes + end + + include_examples "requires authentication" + end + + describe "PUT update" do + def visit_normally + put :update, :id => @topic.id, :topic => valid_attributes + end + + include_examples "requires authentication" + end + + describe "DELETE destroy" do + def visit_normally + delete :destroy, :id => @topic.id + end + + include_examples "requires authentication" + end +end + +describe Admin::TopicsController, type: :controller do + render_views + + before do + sign_in(admin) + @site = FactoryGirl.create(:site1, :user => kotori) + @topic = FactoryGirl.create(:topic, site: @site) + end + + let(:valid_attributes) { FactoryGirl.attributes_for(:topic) } + + describe "GET show" do + def visit_normally + get :show, :id => @topic.id + end + + it "assigns the requested topic as @topic" do + visit_normally + expect(assigns(:topic)).to eq(@topic) + expect(assigns(:comments)).to eq(@topic.comments) + end + + context "as json" do + let(:json_response) { ActiveSupport::JSON.decode(response.body) } + + it "assigns the @topic and @comments" do + get :show, :id => @topic.id, format: :json + + expect(assigns(:topic)).to eq(@topic) + expect(assigns(:comments)).to eq(@topic.comments) + end + + it "returns valid JSON response" do + get :show, :id => @topic.id, format: :json + + expect(json_response['comments']).not_to be_nil + expect(json_response['comments']['count']).to eq(@topic.comments.count) + end + end + end + + describe "GET new" do + it "raises error" do + expect { get :new}.to raise_error + end + end + + describe "GET edit" do + it "raises error" do + expect { get :edit}.to raise_error + end + end + + describe "DELETE destroy" do + it "destroys the requested topic" do + expect { + delete :destroy, :id => @topic.id + }.to change(Topic, :count).by(-1) + end + + it "redirects to the site path" do + delete :destroy, :id => @topic.id + expect(response).to redirect_to(admin_site_path(@topic.site)) + end + end + +end