added owner to every model to provide public/private functionality

- patched with patch from @lhm - updated seeded user - added new rake task permissions:add:all to add all permissions to an user - updated factories - added a few tests - add correct paging path when searching this fixes #27 and #34
apileipzig · Dec 9, 2011 · 4f25acd · 4f25acd
1 parent f9c7b02
commit 4f25acd
Show file tree

Hide file tree

Showing 14 changed files with 284 additions and 124 deletions.
diff --git a/Rakefile b/Rakefile
@@ -9,11 +9,9 @@ require 'tasks/permissions'
 require 'rake'
 require 'rake/testtask'
 
-
 desc "Run all tests"
 Rake::TestTask.new do |t|
   t.libs << "test"
   t.test_files = FileList['test/*_test.rb']
   t.ruby_opts = ['-r test_helper']
 end
-
diff --git a/config.ru b/config.ru
@@ -1,3 +1,4 @@
+$:.unshift File.expand_path(File.dirname(__FILE__))
 require 'lib/api.rb'
 run Sinatra::Application
 
diff --git a/db/migrate/20111201180424_remove_timestamps_from_permissions_users.rb b/db/migrate/20111201180424_remove_timestamps_from_permissions_users.rb
@@ -7,4 +7,3 @@ def self.down
 		add_timestamps :permissions_users
 	end
 end
-
diff --git a/db/migrate/20111202182217_add_property_stuff.rb b/db/migrate/20111202182217_add_property_stuff.rb
@@ -0,0 +1,19 @@
+class AddPropertyStuff < ActiveRecord::Migration
+  def self.up
+    remove_column :data_calendar_events, :public
+    remove_column :data_calendar_events, :user_id
+    ActiveRecord::Base.connection.tables.select{|t| t =~ /^data_/}.each do |table|
+      add_column table, :owner_id, :integer
+      add_column table, :public, :boolean, :default => true
+    end
+  end
+
+  def self.down
+    ActiveRecord::Base.connection.tables.select{|t| t =~ /^data_/}.each do |table|
+      remove_column table, :owner_id
+      remove_column table, :public
+    end
+    add_column :data_calendar_events, :public, :boolean
+    add_column :data_calendar_events, :user_id, :integer
+  end
+end
diff --git a/db/schema.rb b/db/schema.rb
@@ -11,7 +11,7 @@
 #
 # It's strongly recommended to check this file into your version control system.
 
-ActiveRecord::Schema.define(:version => 20111201180424) do
+ActiveRecord::Schema.define(:version => 20111202182217) do
 
   create_table "data_calendar_events", :force => true do |t|
     t.integer  "category_id"
@@ -26,10 +26,10 @@
     t.string   "url"
     t.datetime "created_at"
     t.datetime "updated_at"
-    t.boolean  "public"
-    t.integer  "user_id"
     t.string   "image_url"
     t.string   "document_url"
+    t.integer  "owner_id"
+    t.boolean  "public",       :default => true
   end
 
   create_table "data_calendar_hosts", :force => true do |t|
@@ -49,6 +49,8 @@
     t.string   "email"
     t.string   "fax"
     t.text     "comment"
+    t.integer  "owner_id"
+    t.boolean  "public",                 :default => true
   end
 
   create_table "data_calendar_venues", :force => true do |t|
@@ -63,13 +65,17 @@
     t.string   "url"
     t.datetime "created_at"
     t.datetime "updated_at"
+    t.integer  "owner_id"
+    t.boolean  "public",                 :default => true
   end
 
   create_table "data_district_districts", :force => true do |t|
     t.integer  "number"
     t.string   "name"
     t.datetime "created_at"
     t.datetime "updated_at"
+    t.integer  "owner_id"
+    t.boolean  "public",     :default => true
   end
 
   create_table "data_district_ihkcompanies", :force => true do |t|
@@ -99,6 +105,8 @@
     t.integer  "other"
     t.datetime "created_at"
     t.datetime "updated_at"
+    t.integer  "owner_id"
+    t.boolean  "public",                            :default => true
   end
 
   create_table "data_district_statistics", :force => true do |t|
@@ -317,6 +325,8 @@
     t.integer  "religion_protestant"
     t.integer  "religion_catholic"
     t.integer  "religion_other_or_none"
+    t.integer  "owner_id"
+    t.boolean  "public",                                   :default => true
   end
 
   create_table "data_district_streets", :force => true do |t|
@@ -328,6 +338,8 @@
     t.string   "postcode"
     t.datetime "created_at"
     t.datetime "updated_at"
+    t.integer  "owner_id"
+    t.boolean  "public",                 :default => true
   end
 
   create_table "data_mediahandbook_branches", :force => true do |t|
@@ -338,6 +350,8 @@
     t.text     "description",   :limit => 255
     t.datetime "created_at"
     t.datetime "updated_at"
+    t.integer  "owner_id"
+    t.boolean  "public",                       :default => true
   end
 
   create_table "data_mediahandbook_companies", :force => true do |t|
@@ -367,6 +381,8 @@
     t.text     "resources"
     t.text     "past_customers"
     t.integer  "mkw_branch_id"
+    t.integer  "owner_id"
+    t.boolean  "public",                 :default => true
   end
 
   create_table "data_mediahandbook_people", :force => true do |t|
@@ -378,6 +394,8 @@
     t.string   "occupation"
     t.datetime "created_at"
     t.datetime "updated_at"
+    t.integer  "owner_id"
+    t.boolean  "public",     :default => true
   end
 
   create_table "mediahandbook_branches_companies", :id => false, :force => true do |t|

diff --git a/db/seeds.rb b/db/seeds.rb
diff --git a/lib/api.rb b/lib/api.rb
@@ -32,7 +32,7 @@
     conditions[:limit] = params[:limit] unless params[:limit].nil?
     conditions[:offset] = params[:offset] unless params[:offset].nil?
     #only set pagination if limit is set
-    output :data => params[:model].singularize.capitalize.constantize.all(conditions), :pagination => conditions[:limit] ? true : false
+    output :data => params[:model].singularize.capitalize.constantize.owner(params[:api_key]).all(conditions), :pagination => conditions[:limit] ? true : false
   end
 
   get '/:source/:model/search/?' do
@@ -73,7 +73,7 @@
       count = data.all(c).length
       c[:limit] = params[:limit] unless params[:limit].nil?
       c[:offset] = params[:offset] unless params[:offset].nil?
-      output :data => data.all(c), :pagination => c[:limit] ? true : false, :count => count
+      output :data => data.owner(params[:api_key]).all(c), :pagination => c[:limit] ? true : false, :count => count
     else
       output :error => "No search parameters."
     end
@@ -82,8 +82,7 @@
   get '/:source/:model/count/?' do
     logger
     validate
-    puts params[:model].singularize.capitalize.constantize.count
-    output :count => params[:model].singularize.capitalize.constantize.count
+    output :count => params[:model].singularize.capitalize.constantize.owner(params[:api_key]).count
   end
 
   #per model requests
@@ -105,6 +104,8 @@
       end
     end
 
+    data.owner = User.find_by_single_access_token(params[:api_key])
+
     if data.save
       output :success => {:message => "#{params[:model].singularize.capitalize} was saved with id = #{data.id}.", :id => data.id}
     else
@@ -118,9 +119,9 @@
     validate
 
     begin
-      output :model => params[:model].singularize.capitalize.constantize.find(params[:id], :select => only_permitted_columns)
+      output :model => params[:model].singularize.capitalize.constantize.owner(params[:api_key]).find(params[:id], :select => only_permitted_columns)
     rescue Exception => e
-      throw_error 404, :message => {:message => e.to_s, :id => params[:id].to_i}
+      throw_error 404
     end
   end
 
@@ -130,7 +131,7 @@
     validate
 
     begin
-      data = params[:model].singularize.capitalize.constantize.find(params[:id])
+      data = params[:model].singularize.capitalize.constantize.owner(params[:api_key]).find(params[:id])
       data.class.reflect_on_all_associations.map do |assoc|
         if assoc.macro == :has_many or assoc.macro == :has_and_belongs_to_many
           unless params[assoc.name].nil?
@@ -159,7 +160,7 @@
     validate
 
     begin
-      data = params[:model].singularize.capitalize.constantize.find(params[:id])
+      data = params[:model].singularize.capitalize.constantize.owner(params[:api_key]).find(params[:id])
       data.destroy
       output :success => {:message => "Deleted #{params[:model].singularize.capitalize} with id = #{params[:id]}.", :id => params[:id].to_i}
     rescue Exception => e

diff --git a/lib/helpers.rb b/lib/helpers.rb
@@ -95,7 +95,10 @@ def output options={}
         params[:offset] = 0 if params[:offset].nil?
         query_string = ""
         request.env['rack.request.query_hash'].each { |k,v| query_string += "#{k}=#{v}&" unless k == 'offset' }
-        url = API_URL+params[:source]+'/'+params[:model]+'?'+query_string
+
+        search = env['REQUEST_PATH'].match(/(\/search\/?)$/) ? Regexp.last_match(0) : ""
+
+        url = API_URL+params[:source]+'/'+params[:model]+search+'?'+query_string
 
         #only next if limit+offset < count
         ne = params[:offset] + params[:limit]

diff --git a/lib/models.rb b/lib/models.rb
@@ -2,6 +2,13 @@
 
 ActiveRecord::Base.include_root_in_json = false # removes table names in json
 
+class ApiModel < ActiveRecord::Base
+  belongs_to :owner, :class_name => "User"
+  scope :owner, lambda {|single_access_token| where("owner_id = ? OR public = ?", User.find_by_single_access_token(single_access_token), true) }
+
+  validates_presence_of :owner_id
+end
+
 class User < ActiveRecord::Base
   acts_as_authentic
   has_and_belongs_to_many :permissions
@@ -21,7 +28,7 @@ class TempSync < ActiveRecord::Base
 #Mediahandbook
 ##############
 
-class Company < ActiveRecord::Base
+class Company < ApiModel
   set_table_name "data_mediahandbook_companies"
   belongs_to :sub_market, :class_name => "Branch", :conditions => "internal_type = 'sub_market'"
   belongs_to :main_branch, :class_name => "Branch", :conditions => "internal_type = 'main_branch'"
@@ -35,7 +42,7 @@ class Company < ActiveRecord::Base
   validates_presence_of :sub_market_id
   validates_numericality_of :sub_market_id, :allow_nil => true
   validate :existence_of_sub_market_id, :allow_nil => true
-  
+
   validates_numericality_of :main_branch_id, :allow_nil => true
   validate :existence_of_main_branch_id
 
@@ -51,27 +58,27 @@ class Company < ActiveRecord::Base
   validates_format_of :phone_primary, :phone_secondary, :fax_primary, :fax_secondary, :mobile_primary, :mobile_secondary, :with => /^(\+[0-9]+ |0)[1-9]{2,} [0-9]{2,}(\-[0-9]+|)$/, :allow_nil => true
   validates_format_of :email_primary, :email_secondary, :with => /^[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,4}$/, :allow_nil => true
   validates_format_of :url_primary, :url_secondary, :with => /^(http|https)\:\/\/[a-zA-Z0-9\-\.]+[a-zA-Z0-9\-]+\.[a-zA-Z]{2,3}(\/\S*)?$/, :allow_nil => true
-  
+
   def existence_of_main_branch_id
     errors.add(:main_branch_id, "does not exist.") unless Branch.exists?(:id => main_branch_id, :internal_type => 'main_branch') unless main_branch_id.nil?
   end
-  
+
   def existence_of_mkw_branch_id
     errors.add(:mkw_branch_id, "does not exist.") unless Branch.exists?(:id => mkw_branch_id, :internal_type => 'mkw_branch') unless mkw_branch_id.nil?
   end
-  
+
   def existence_of_sub_market_id
     #only check if sub_market is an integer > 0
     errors.add(:sub_market_id, "does not exist.") unless Branch.exists?(:id => sub_market_id, :internal_type => 'sub_market') unless sub_market_id.to_i == 0
   end
 end
 
-class Branch < ActiveRecord::Base
+class Branch < ApiModel
   set_table_name "data_mediahandbook_branches"
   has_and_belongs_to_many :companies, :join_table => "mediahandbook_branches_companies"
 end
 
-class Person < ActiveRecord::Base
+class Person < ApiModel
   set_table_name "data_mediahandbook_people"
   belongs_to :company
 
@@ -94,8 +101,9 @@ def type_of_occupation
 #Calendar
 #########
 
-class Event < ActiveRecord::Base
+class Event < ApiModel
   set_table_name "data_calendar_events"
+
   belongs_to :category, :class_name => "Branch", :conditions => "internal_type = 'sub_market'"
   belongs_to :host
   belongs_to :venue
@@ -112,10 +120,6 @@ class Event < ActiveRecord::Base
   validates_numericality_of :venue_id, :allow_nil => true
   validate :existence_of_venue_id, :allow_nil => true
 
-  validates_presence_of :user_id
-  validates_numericality_of :user_id, :allow_nil => true
-  validate :existence_of_user_id, :allow_nil => true
-
   validates_presence_of :name, :description, :date_from
   validates_length_of :name, :maximum => 255
   validates_format_of :date_from, :with => /^(1|2)[0-9]{3}\-(0|1)[0-9]{1}\-[0-3]{1}[0-9]{1}$/
@@ -126,7 +130,7 @@ class Event < ActiveRecord::Base
   validates_format_of :url, :with => /^(http|https)\:\/\/[a-zA-Z0-9\-\.]+[a-zA-Z0-9\-]+\.[a-zA-Z]{2,3}(\/\S*)?$/, :allow_nil => true
   validates_format_of :image_url, :with => /^(http|https)\:\/\/[a-zA-Z0-9\-\.]+[a-zA-Z0-9\-]+\.[a-zA-Z]{2,3}(\/\S*)?$/, :allow_nil => true
   validates_format_of :document_url, :with => /^(http|https)\:\/\/[a-zA-Z0-9\-\.]+[a-zA-Z0-9\-]+\.[a-zA-Z]{2,3}(\/\S*)?$/, :allow_nil => true
-  
+
   def format_of_time_from
     errors.add(:time_from, "is invalid.") unless time_from_before_type_cast =~ /^[0-2]{1}[0-9]{1}\:[0-5]{1}[0-9]{1}\:[0-5]{1}[0-9]{1}$/ unless time_from_before_type_cast.nil?
   end
@@ -146,13 +150,9 @@ def existence_of_host_id
   def existence_of_venue_id
     errors.add(:venue_id, "does not exist.") unless Venue.exists?(:id => venue_id) unless venue_id.to_i == 0
   end
-
-  def existence_of_user_id
-    errors.add(:user_id, "does not exist.") unless User.exists?(:id => user_id) unless user_id.to_i == 0
-  end
 end
 
-class Venue < ActiveRecord::Base
+class Venue < ApiModel
   set_table_name "data_calendar_venues"
   has_many :events
 
@@ -168,7 +168,7 @@ class Venue < ActiveRecord::Base
   validates_format_of :url, :with => /^(http|https)\:\/\/[a-zA-Z0-9\-\.]+[a-zA-Z0-9\-]+\.[a-zA-Z]{2,3}(\/\S*)?$/, :allow_nil => true
 end
 
-class Host < ActiveRecord::Base
+class Host < ApiModel
   set_table_name "data_calendar_hosts"
   has_many :events
   validates_presence_of :first_name, :last_name
@@ -187,7 +187,7 @@ class Host < ActiveRecord::Base
 #Districts
 ##########
 
-class District < ActiveRecord::Base
+class District < ApiModel
   set_table_name "data_district_districts"
   validates_presence_of :number, :name
   validates_numericality_of :number, :only_integer => true
@@ -196,7 +196,7 @@ class District < ActiveRecord::Base
 end
 
 
-class Street < ActiveRecord::Base
+class Street < ApiModel
   set_table_name "data_district_streets"
   belongs_to :district, :class_name => "District"
   validates_presence_of :district_id
@@ -208,18 +208,18 @@ class Street < ActiveRecord::Base
   validates_length_of :postcode, :maximum => 5
 end
 
-class Statistic < ActiveRecord::Base
+class Statistic < ApiModel
   set_table_name "data_district_statistics"
   belongs_to :district, :class_name => "District"
   validates_presence_of :district_id
   validates_numericality_of :district_id
- 
-  validates_numericality_of :area 
+
+  validates_numericality_of :area
   validates_numericality_of :inhabitants_total, :male_total, :male_0_4, :male_5_9, :male_10_14, :male_15_19, :male_20_24, :male_25_29, :male_30_34, :male_35_39, :male_40_44, :male_45_49, :male_50_54, :male_55_59, :male_60_64, :male_65_69, :male_70_74, :male_75_79, :male_80, :female_total, :female_0_4, :female_5_9, :female_10_14, :female_15_19, :female_20_24, :female_25_29, :female_30_34, :female_35_39, :female_40_44, :female_45_49, :female_50_54, :female_55_59, :female_60_64, :female_65_69, :female_70_74, :female_75_79, :female_80, :family_status_single, :family_status_married, :family_status_widowed, :family_status_divorced, :family_status_unknown, :religion_protestant, :religion_catholic, :religion_other_or_none, :citizenship_germany, :citizenship_albania, :citizenship_bosnia_and_herzegovina, :citizenship_belgium, :citizenship_bulgaria, :citizenship_denmark, :citizenship_estonia, :citizenship_finland, :citizenship_france, :citizenship_croatia, :citizenship_slovenia, :citizenship_serbia_and_montenegro, :citizenship_serbia_and_kosovo, :citizenship_greece, :citizenship_ireland, :citizenship_iceland, :citizenship_italy, :citizenship_latvia, :citizenship_montenegro, :citizenship_lithuania, :citizenship_luxembourg, :citizenship_macedonia, :citizenship_malta, :citizenship_moldova, :citizenship_netherlands, :citizenship_norway, :citizenship_kosovo, :citizenship_austria, :citizenship_poland, :citizenship_portugal, :citizenship_romania, :citizenship_slovakia, :citizenship_sweden, :citizenship_switzerland, :citizenship_russian_federation, :citizenship_spain, :citizenship_czechoslovakia, :citizenship_turkey, :citizenship_czech_republic, :citizenship_hungary, :citizenship_ukraine, :citizenship_united_kingdom, :citizenship_belarus, :citizenship_serbia, :citizenship_cyprus, :citizenship_algeria, :citizenship_angola, :citizenship_eritrea, :citizenship_ethopia, :citizenship_botswana, :citizenship_benin, :citizenship_cote_d_ivoire, :citizenship_nigeria, :citizenship_zimbabwe, :citizenship_gambia, :citizenship_ghana, :citizenship_mauritania, :citizenship_cap_verde, :citizenship_kenya, :citizenship_republic_of_congo, :citizenship_democratic_republic_of_congo, :citizenship_liberia, :citizenship_libya, :citizenship_madagascar, :citizenship_mali, :citizenship_morocco, :citizenship_mauritius, :citizenship_mozambique, :citizenship_niger, :citizenship_malawi, :citizenship_zambia, :citizenship_burkina_faso, :citizenship_guinea_bissau, :citizenship_guinea, :citizenship_cameroon, :citizenship_south_africa, :citizenship_rwanda, :citizenship_namibia, :citizenship_senegal, :citizenship_seychelles, :citizenship_sierra_leone, :citizenship_somalia, :citizenship_equatorial_guinea, :citizenship_sudan, :citizenship_tanzania, :citizenship_togo, :citizenship_tunisia, :citizenship_uganda, :citizenship_egypt, :citizenship_unknown, :citizenship_antigua_and_barbuda, :citizenship_argentinia, :citizenship_bahamas, :citizenship_bolvia, :citizenship_brazil, :citizenship_chile, :citizenship_costa_rica, :citizenship_dominican_republic, :citizenship_ecuador, :citizenship_el_salvador, :citizenship_guatemala, :citizenship_haiti, :citizenship_honduras, :citizenship_canada, :citizenship_colombia, :citizenship_cuba, :citizenship_mexico, :citizenship_nicaragua, :citizenship_jamaica, :citizenship_panama, :citizenship_peru, :citizenship_uruguay, :citizenship_venezuela, :citizenship_united_states, :citizenship_trinidad_and_tobago, :citizenship_unknown2, :citizenship_yemen, :citizenship_armenia, :citizenship_afghanistan, :citizenship_bahrain, :citizenship_azerbaijan, :citizenship_bhutan, :citizenship_myanmar, :citizenship_georgia, :citizenship_sri_lanka, :citizenship_vietnam, :citizenship_north_korea, :citizenship_india, :citizenship_indonesia, :citizenship_iraq, :citizenship_iran, :citizenship_israel, :citizenship_japan, :citizenship_kazakhstan, :citizenship_jordan, :citizenship_cambodia, :citizenship_kuwait, :citizenship_laos, :citizenship_kyrgyzstan, :citizenship_lebanon, :citizenship_maldives, :citizenship_oman, :citizenship_mongolia, :citizenship_nepal, :citizenship_bangladesh, :citizenship_pakistan, :citizenship_phillipines, :citizenship_taiwan, :citizenship_south_korea, :citizenship_tadzhikistan, :citizenship_turkmenistan, :citizenship_saudia_arabia, :citizenship_singapore, :citizenship_syria, :citizenship_thailand, :citizenship_uzbekistan, :citizenship_china, :citizenship_malaysia, :citizenship_remainig_asia, :citizenship_australia, :citizenship_solomon_islands, :citizenship_new_zealand, :citizenship_samoa, :citizenship_inapplicable, :citizenship_unknown3, :citizenship_not_specified, :allow_nil => true, :only_integer => true
 
 end
 
-class Ihkcompany < ActiveRecord::Base
+class Ihkcompany < ApiModel
   set_table_name "data_district_ihkcompanies"
   belongs_to :district, :class_name => "District"
   validates_presence_of :district_id
Original file line number	Diff line number	Diff line change
Expand Up		@@ -7,4 +7,3 @@ def self.down
		add_timestamps :permissions_users
		end
		end