Fix merge request #2

a01f17cd · Hoang Phuc Do · 764def09 · a01f17cd · a01f17cd · a01f17cd
Commit a01f17cd authored Jun 14, 2017 by Hoang Phuc Do
9 changed files
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
 class ApplicationController < ActionController::Base
  protect_from_forgery with: :exception
+  # rescue_from ActiveRecord::RecordNotFound, :with => :render_404
  def authenticate_active_admin_user!
    authenticate_user!
@@ -8,4 +9,12 @@ class ApplicationController < ActionController::Base
      redirect_to root_path
    end
  end
+  def render_404
+    respond_to do |format|
+      format.html { render file: "#{Rails.root}/public/404", layout: false, status: :not_found }
+      format.xml  { head :not_found }
+      format.any  { head :not_found }
+    end
+  end
 end
--- a/app/controllers/products_controller.rb
+++ b/app/controllers/products_controller.rb
 class ProductsController < ApplicationController
  before_action :authenticate_user!, only: [:new, :edit, :create, :update, :destroy]
-  before_action :correct_user, only: [:edit, :destroy]
+  before_action :set_product, only: [:show]
+  before_action :user_can_edit_product, only: [:edit, :update, :destroy]
+  # GET /products/new
  def new
-    @product = current_user.products.build
+    @product = Product.new
  end
+  # POST /products
  def create
-    @product = current_user.products.build(product_params)
+    @product = Product.new(product_params.merge(user_id: current_user.id))
    if @product.save
-      redirect_to root_url
+      redirect_to root_url, flash: { success: "Product #{@product.title} is sucessfully created" }
    else
      render 'new'
    end
  end
-  def edit
+  # PATCH/PUT /products/1
-    @product = Product.find(params[:id])
-  end
-  def show
-    @product = Product.find(params[:id])
-  end
  def update
-    @product = Product.find(params[:id])
    if @product.update(product_params)
-      redirect_to root_url
+      redirect_to root_url, flash: { success: "Product #{@product.title} is sucessfully updated" }
    else
      render 'edit'
    end
  end
+  # DELETE /products/1
+  def destroy
+    if @product.destroy
+      flash[:success] = "Product #{@product.title} deleted"
+    else
+      flash[:danger] = "Product #{@product.title} can't be deleted"
+    end
+    redirect_to root_url
+  end
  private
+  # Use callbacks to share common setup or constraints between actions.
+  def set_product
+    @product = Product.find(params[:id])
+  end
+  # Never trust parameters from the scary internet, only allow the white list through.
  def product_params
    params.require(:product).permit(:title, :sku, :price, :description,
                                    :category_id, :image_url)
  end
-  def correct_user
+  # Is current user own current editing product?
-    product = current_user.products.find_by(id: params[:id])
+  def user_can_edit_product
-    redirect_to root_url if product.nil?
+    @product = current_user.products.find_by(id: params[:id])
+    redirect_to root_url, flash: { danger: 'You do not have permission to edit this product' } if @product.blank?
  end
 end
\ No newline at end of file
--- a/app/helpers/products_helper.rb
+++ b/app/helpers/products_helper.rb
 module ProductsHelper
  def get_product_thumbnail(product, thumbnail_width, thumbnail_height)
-    # product.image_url always returns PictureUploader object
    default_img_path = "product/placeholder_#{thumbnail_width}x#{thumbnail_height}"
-    product.image_url.present? ? product.image_url : default_img_path
+    # product.image_url always returns PictureUploader object
+    product.image_url? ? product.image_url : default_img_path
  end
 end
\ No newline at end of file
--- a/app/views/products/_product.html.erb
+++ b/app/views/products/_product.html.erb
 <li class="product-<%= product.id %>">
  <div class="product product-list">
    <figure class="product-image-area">
-      <a href="<%= product_url(product) %>">
+      <%= link_to image_tag(get_product_thumbnail(product, 170, 204)), product_path(product) %>
-        <%= image_tag(get_product_thumbnail(product, 170, 204)) %>
-      </a>
    </figure>
    <div class="product-details-area">
      <h2 class="product-name">

--- a/app/views/products/_recommended.html.erb
+++ b/app/views/products/_recommended.html.erb
-<div class="products-grid columns3">
 <% @recommended_products.each do |product| %>
      <li class="product-<%= product.id %>">
        <div class="product">
          <figure class="product-image-area">
-            <a href="<%= product_url(product) %>">
+            <%= link_to image_tag(get_product_thumbnail(product, 170, 204)), product_path(product) %>
-              <%= image_tag(get_product_thumbnail(product, 170, 204)) %>
-            </a>
          </figure>
          <div class="product-details-area">
            <h2 class="product-name">
@@ -18,4 +15,3 @@
        </div>
      </li>
 <% end %>
\ No newline at end of file
-</div>
\ No newline at end of file
--- a/app/views/products/edit.html.erb
+++ b/app/views/products/edit.html.erb
@@ -3,6 +3,7 @@
    <div class="col-md-9 col-md-push-3 create-product form-section">
      <h1 class="h2 heading-primary font-weight-normal">
        Edit Product #<%= @product.id %>
+        (<%= link_to 'Delete', @product, method: :delete, data: { confirm: 'Are your sure?' } %>)
      </h1>
      <div class="featured-box featured-box-primary featured-box-flat featured-box-text-left mt-md">

--- a/app/views/shared/_flash_messages.html.erb
+++ b/app/views/shared/_flash_messages.html.erb
+<% flash.each do |message_type, message| %>
+    <div class="alert alert-<%= message_type %>">
+      <span><%= message %></span>
+    </div>
+<% end %>
\ No newline at end of file
--- a/app/views/static_pages/index.html.erb
+++ b/app/views/static_pages/index.html.erb
 <div class="container">
  <div class="row">
    <div class="col-md-9 col-md-push-3">
+      <%= render 'shared/flash_messages' %>
      <h2 class="h2 heading-primary mt-lg clearfix">
        <span>Recommended Items</span>
      </h2>

--- a/db/migrate/20170608073720_add_user_ref_to_products.rb
+++ b/db/migrate/20170608073720_add_user_ref_to_products.rb
 class AddUserRefToProducts < ActiveRecord::Migration[5.1]
  def change
-    add_reference :products, :user, foreign_key: true
+    add_reference :products, :user, index: true
  end
 end