diff --git a/Gemfile b/Gemfile index 1cb466f..ab0fe33 100644 --- a/Gemfile +++ b/Gemfile @@ -78,7 +78,7 @@ group :development do end group :production do - gem 'mysql2' + gem 'mysql2', '~> 0.3.0' end gem 'high_voltage', '~> 2.4.0' diff --git a/Gemfile.lock b/Gemfile.lock index 072e322..4ffca3f 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -268,7 +268,7 @@ DEPENDENCIES jbuilder (~> 2.0) jquery-datatables-rails jquery-rails - mysql2 + mysql2 (~> 0.3.0) omniauth-oauth2 purecss-rails rails (= 4.2.4) diff --git a/app/assets/stylesheets/application.css b/app/assets/stylesheets/application.css index 98af4c5..788352b 100644 --- a/app/assets/stylesheets/application.css +++ b/app/assets/stylesheets/application.css @@ -14,4 +14,5 @@ *= require dataTables/jquery.dataTables *= require select2 *= require_self + *= require purecss */ diff --git a/app/assets/stylesheets/purecss.css b/app/assets/stylesheets/purecss.css new file mode 100644 index 0000000..a8615b6 --- /dev/null +++ b/app/assets/stylesheets/purecss.css @@ -0,0 +1,9 @@ +/* + =require purecss/base + =require purecss/buttons + =require purecss/forms + =require purecss/grids + =require purecss/grids-responsive + =require purecss/menus + =require purecss/tables +*/ diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index d83690e..3ea39cf 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -2,4 +2,8 @@ class ApplicationController < ActionController::Base # Prevent CSRF attacks by raising an exception. # For APIs, you may want to use :null_session instead. protect_from_forgery with: :exception + + rescue_from CanCan::AccessDenied do |exception| + redirect_to root_url, alert: exception.message + end end diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb index 3e74dea..d191303 100644 --- a/app/controllers/users_controller.rb +++ b/app/controllers/users_controller.rb @@ -1,2 +1,11 @@ class UsersController < ApplicationController + load_and_authorize_resource + + def show + @user = User.find(params[:id]) + end + + def index + @users = User.all + end end diff --git a/app/models/ability.rb b/app/models/ability.rb new file mode 100644 index 0000000..f04be4f --- /dev/null +++ b/app/models/ability.rb @@ -0,0 +1,13 @@ +class Ability + include CanCan::Ability + + def initialize(user) + user ||= User.new # guest user (not logged in) + + if user.penning? + can :manage, :all + else + can :read, user, id: user.id + end + end +end diff --git a/app/models/client.rb b/app/models/client.rb index bb8f315..bb674c5 100644 --- a/app/models/client.rb +++ b/app/models/client.rb @@ -12,6 +12,9 @@ class Client < ActiveRecord::Base before_create :generate_key + validates :name, presence: true, uniqueness: true + validates :key, presence: true, uniqueness: true + def transactions Transaction.where(origin: name) end diff --git a/app/models/transaction.rb b/app/models/transaction.rb index 6dd1bbb..2e6f346 100644 --- a/app/models/transaction.rb +++ b/app/models/transaction.rb @@ -19,13 +19,21 @@ class Transaction < ActiveRecord::Base after_save :recalculate_balances after_destroy :recalculate_balances + validates :amount, numericality: { greater_than: 0 } + validate :different_debtor_creditor + def client Client.find_by name: origin end private + def recalculate_balances creditor.calculate_balance! debtor.calculate_balance! end + + def different_debtor_creditor + self.errors.add :base, "Can't write money to yourself" if self.debtor == self.creditor + end end diff --git a/app/models/user.rb b/app/models/user.rb index 18f7582..f29c0af 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -17,6 +17,9 @@ class User < ActiveRecord::Base has_many :outgoing_transactions, class_name: 'Transaction', foreign_key: 'debtor_id' + validates :name, presence: true, uniqueness: true + validates :balance, presence: true + def transactions Transaction.where("creditor_id = ? OR debtor_id = ?", id, id) end diff --git a/app/views/layouts/application.html.haml b/app/views/layouts/application.html.haml index 2e2b5a0..41f8d44 100644 --- a/app/views/layouts/application.html.haml +++ b/app/views/layouts/application.html.haml @@ -7,4 +7,5 @@ = javascript_include_tag 'application', 'data-turbolinks-track' => true = csrf_meta_tags %body + = content_tag :div, flash[:alert] if flash[:alert] = yield diff --git a/app/views/users/index.html.erb b/app/views/users/index.html.erb new file mode 100644 index 0000000..f673952 --- /dev/null +++ b/app/views/users/index.html.erb @@ -0,0 +1,20 @@ +

Users

+ + + + + + + + + + + <% @users.each do |user| %> + + + + + + <% end %> + +
IDNameBalance
<%= user.id %><%= user.name %><%= user.balance %>
diff --git a/app/views/users/show.html.erb b/app/views/users/show.html.erb new file mode 100644 index 0000000..6719a08 --- /dev/null +++ b/app/views/users/show.html.erb @@ -0,0 +1,28 @@ +

<%= @user.name %>

+ + + + + + + + + + + + + + + <% @user.transactions.each do |transaction| %> + + + + + + + + + + <% end %> + +
IDDebtorCreditorAmountOriginMessageTime
<%= transaction.id %><%= transaction.debtor.name %><%= transaction.creditor.name %><%= transaction.amount %><%= transaction.origin %><%= transaction.message %><%= transaction.created_at %>
diff --git a/config/routes.rb b/config/routes.rb index 2c34218..3ac9949 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -6,59 +6,5 @@ Rails.application.routes.draw do root to: 'high_voltage/pages#show', id: "landing" resources :transactions, only: [:new, :index, :create] - - # The priority is based upon order of creation: first created -> highest priority. - # See how all your routes lay out with "rake routes". - - # You can have the root of your site routed with "root" - # root 'welcome#index' - - # Example of regular route: - # get 'products/:id' => 'catalog#view' - - # Example of named route that can be invoked with purchase_url(id: product.id) - # get 'products/:id/purchase' => 'catalog#purchase', as: :purchase - - # Example resource route (maps HTTP verbs to controller actions automatically): - # resources :products - - # Example resource route with options: - # resources :products do - # member do - # get 'short' - # post 'toggle' - # end - # - # collection do - # get 'sold' - # end - # end - - # Example resource route with sub-resources: - # resources :products do - # resources :comments, :sales - # resource :seller - # end - - # Example resource route with more complex sub-resources: - # resources :products do - # resources :comments - # resources :sales do - # get 'recent', on: :collection - # end - # end - - # Example resource route with concerns: - # concern :toggleable do - # post 'toggle' - # end - # resources :posts, concerns: :toggleable - # resources :photos, concerns: :toggleable - - # Example resource route within a namespace: - # namespace :admin do - # # Directs /admin/products/* to Admin::ProductsController - # # (app/controllers/admin/products_controller.rb) - # resources :products - # end + resources :users, only: [:show, :index] end diff --git a/db/migrate/20150908091546_create_transactions.rb b/db/migrate/20150908091546_create_transactions.rb index de40fa3..dda51f7 100644 --- a/db/migrate/20150908091546_create_transactions.rb +++ b/db/migrate/20150908091546_create_transactions.rb @@ -1,13 +1,16 @@ class CreateTransactions < ActiveRecord::Migration def change create_table :transactions do |t| - t.references :debtor, index: true, foreign_key: true, null: false - t.references :creditor, index: true, foreign_key: true, null: false + t.references :debtor, index: true, null: false + t.references :creditor, index: true, null: false t.integer :amount, null: false, default: 0 t.string :origin, null: false t.string :message t.timestamps null: false end + + add_foreign_key :transactions, :users, column: :creditor_id + add_foreign_key :transactions, :users, column: :debtor_id end end