Commit 0359891d authored by jz143's avatar jz143

require signin to add apps, permission changes, show author name, styling improvements

parent e05c32a0
......@@ -40,3 +40,9 @@ body {
h1 {
color: $brand-primary;
}
.footer {
margin-top: 20px;
padding-top: 10px;
border-top: 1px solid #e5e5e5;
}
......@@ -6,4 +6,14 @@ class ApplicationController < ActionController::Base
protect_from_forgery with: :exception
include SessionsHelper
rescue_from Pundit::NotAuthorizedError, with: :user_not_authorized
private
def user_not_authorized
flash[:alert] = "You are not authorized to perform this action."
redirect_to(request.referrer || root_path)
end
end
......@@ -10,6 +10,8 @@ class AppsController < ApplicationController
# GET /apps/1
# GET /apps/1.json
def show
authorize @app
# find latest versions for each platform
@latest_ios = @app.app_files.where(platform: 'iOS', code_signing_status: AppFile.code_signing_statuses[:signed]).order(created_at: :desc).first
@latest_android = @app.app_files.where(:platform => 'Android').order(created_at: :desc).first
......@@ -32,6 +34,8 @@ class AppsController < ApplicationController
@app = App.new(app_params)
@app.user = current_user
authorize @app
respond_to do |format|
if @app.save
format.html { redirect_to @app, notice: 'App was successfully created.' }
......@@ -46,6 +50,7 @@ class AppsController < ApplicationController
# PATCH/PUT /apps/1
# PATCH/PUT /apps/1.json
def update
authorize @app
respond_to do |format|
if @app.update(app_params)
format.html { redirect_to @app, notice: 'App was successfully updated.' }
......@@ -60,6 +65,7 @@ class AppsController < ApplicationController
# DELETE /apps/1
# DELETE /apps/1.json
def destroy
authorize @app
@app.destroy
respond_to do |format|
format.html { redirect_to apps_url, notice: 'App was successfully destroyed.' }
......
......@@ -11,11 +11,11 @@ class AppFilePolicy < ApplicationPolicy
end
def show?
scope.where(:id => record.id).exists?
true
end
def create?
app_file.app.user == user
app_file.app.user == user || user.try(:admin?)
end
def new?
......@@ -23,7 +23,7 @@ class AppFilePolicy < ApplicationPolicy
end
def update?
app_file.app.user == user
app_file.app.user == user || user.try(:admin?)
end
def edit?
......@@ -31,7 +31,7 @@ class AppFilePolicy < ApplicationPolicy
end
def destroy?
app_file.app.user == user
app_file.app.user == user || user.try(:admin?)
end
end
......@@ -11,11 +11,11 @@ class AppPolicy < ApplicationPolicy
end
def show?
scope.where(:id => record.id).exists?
true
end
def create?
true
user
end
def new?
......@@ -23,15 +23,15 @@ class AppPolicy < ApplicationPolicy
end
def update?
app.user == user
app.user == user || user.try(:admin?)
end
def edit?
update?
update? || user.try(:admin?)
end
def destroy?
app.user == user
app.user == user || user.try(:admin?)
end
end
......@@ -2,7 +2,7 @@
<div class="row">
<div class="col-sm-12">
<p class="lead">Welcome to the Duke App Store. All apps below are free to download for use within the Duke community. Questions? Let us know at <%= link_to 'colab-ops@duke.edu', 'mailto:colab-ops@duke.edu' %></p>
<p class="lead">Welcome to the Duke App Store. &nbsp;All apps below are free to download for use within the Duke community. &nbsp;Questions? &nbsp;Let us know at <%= link_to 'colab-ops@duke.edu', 'mailto:colab-ops@duke.edu' %></p>
</div>
</div>
<div class="row app-list">
......@@ -14,7 +14,14 @@
</div>
<div class="col-xs-9">
<div class="caption">
<h4><%= app.name %></h4>
<h4>
<%= app.name %>
<small>
<% unless app.try(:user).try(:display_name).nil? %>
by <%= app.try(:user).try(:display_name) %>
<% end %>
</small>
</h4>
<p>
<%= link_to 'Details', app, class: 'btn btn-primary btn-sm' %>
</p>
......@@ -27,4 +34,8 @@
<br>
<%= link_to 'New App', new_app_path %>
<% if policy(App).create? %>
<%= link_to 'New App', new_app_path %>
<% else %>
<p>Developer? &nbsp;Sign in with your NetID to create new apps.</p>
<% end %>
......@@ -11,8 +11,9 @@
<p>
<a class="btn btn-primary btn-sm btn-download" href="itms-services://?action=download-manifest&url=<%= app_app_file_download_url(@app, @latest_ios, protocol: 'https', format: :plist) %>">
<span class='download-icon'><%= image_tag 'download-icon.png', :size => '17x17' %></span>
<span>Install on iPhone (must agree to prompt)</span>
<span>Install on iPhone</span>
</a>
<p><strong>If this is your first download to iOS 9 or later:</strong> After you download one of our apps on iOS, go to Settings app, tap General > Profile. &nbsp;Under Enterprise App, tap Duke University, and then tap Trust Duke University.</p>
</p>
<% end %>
</div>
......@@ -33,5 +34,8 @@
<%= link_to 'View all versions of my app', app_app_files_path(@app) %> |
<% end %>
<%= link_to 'Edit', edit_app_path(@app) %> |
<% if policy(@app).update? %>
<%= link_to 'Edit', edit_app_path(@app) %> |
<% end %>
<%= link_to 'Back', apps_path %>
......@@ -35,9 +35,9 @@
<%= yield %>
<%= debug current_user %>
<%= debug DeployEnv.git_commit %>
<div class="footer">
<p>Innovation Co-Lab App Store version <%= DeployEnv.git_commit %>.</p>
</div>
</div>
</body>
......
class AddAdminToUser < ActiveRecord::Migration
def change
add_column :users, :admin, :boolean
end
end
......@@ -11,7 +11,7 @@
#
# It's strongly recommended that you check this file into your version control system.
ActiveRecord::Schema.define(version: 20151122224414) do
ActiveRecord::Schema.define(version: 20151124061142) do
create_table "app_files", force: :cascade do |t|
t.string "platform"
......@@ -71,6 +71,7 @@ ActiveRecord::Schema.define(version: 20151122224414) do
t.datetime "created_at", null: false
t.datetime "updated_at", null: false
t.string "display_name"
t.boolean "admin"
end
end
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment