Merge pull request #36 from DMPRoadmap/development

Development

Author: vyruss

…rs/admin/suggested_answers_controller.rb …trollers/admin/annotations_controller.rbapp/controllers/admin/suggested_answers_controller.rb renamed to app/controllers/admin/annotations_controller.rb app/controllers/admin/suggested_answers_controller.rb renamed to app/controllers/admin/annotations_controller.rb

@@ -1,18 +1,18 @@
 module Admin
-  class SuggestedAnswersController < Admin::ApplicationController
+  class AnnotationsController < Admin::ApplicationController
     # To customize the behavior of this controller,
     # you can overwrite any of the RESTful actions. For example:
     #
     # def index
     #   super
-    #   @resources = SuggestedAnswer.
+    #   @resources = Annotation.
     #     page(params[:page]).
     #     per(10)
     # end
 
     # Define a custom finder by overriding the `find_resource` method:
     # def find_resource(param)
-    #   SuggestedAnswer.find_by!(slug: param)
+    #   Annotation.find_by!(slug: param)
     # end
 
     # See https://administrate-prototype.herokuapp.com/customizing_controller_actions

app/controllers/annotations_controller.rb

@@ -0,0 +1,53 @@
+class AnnotationsController < ApplicationController
+  respond_to :html
+  after_action :verify_authorized
+
+  #create annotations
+  def admin_create
+    @example_answer = Annotation.new(params[:annotation])
+    authorize @example_answer
+    if @example_answer.save
+      redirect_to admin_show_phase_path(id: @example_answer.question.section.phase_id, section_id: @example_answer.question.section_id, question_id: @example_answer.question.id, edit: 'true'), notice: _('Information was successfully created.')
+    else
+      @section = @example_answer.question.section
+      @phase = @section.phase
+      @open = true
+      @sections = @phase.sections
+      @section_id = @section.id
+      @question_id = @example_answer.question
+      flash[:notice] = failed_create_error(@example_answer, _('example answer'))
+      render "phases/admin_show"
+    end
+  end
+
+
+  #update a example answer of a template
+  def admin_update
+    @example_answer = Annotation.includes(question: { section: {phase: :template}}).find(params[:id])
+    authorize @example_answer #.question.section.phase.template
+    @question = @example_answer.question
+    @section = @question.section
+    @phase = @section.phase
+    if @example_answer.update_attributes(params[:annotation])
+      redirect_to admin_show_phase_path(id: @phase.id, section_id: @section.id, question_id: @question.id, edit: 'true'), notice: _('Information was successfully updated.')
+    else
+      flash[:notice] = failed_update_error(@example_answer, _('example answer'))
+      render action: "phases/admin_show"
+    end
+  end
+
+  #delete an annotation
+  def admin_destroy
+    @example_answer = Annotation.includes(question: { section: {phase: :template}}).find(params[:id])
+    authorize @example_answer
+    @question = @example_answer.question
+    @section = @question.section
+    @phase = @section.phase
+    if @example_answer.destroy
+      redirect_to admin_show_phase_path(id: @phase.id, section_id: @section.id, edit: 'true'), notice: _('Information was successfully deleted.')
+    else
+      redirect_to admin_show_phase_path(id: @phase.id, section_id: @section.id, edit: 'true'), notice: flash[:notice] = failed_destroy_error(@example_answer, _('example answer'))
+    end
+  end
+
+end

app/controllers/phases_controller.rb

@@ -4,14 +4,16 @@ class PhasesController < ApplicationController
   after_action :verify_authorized
 
 
-	# GET /plans/:plan_id/phases/:id/edit
-	def edit
+    # GET /plans/:plan_id/phases/:id/edit
+    def edit
 
     @plan = Plan.eager_load2(params[:plan_id])
+    # authorization done on plan so found in plan_policy
     authorize @plan
 
     phase_id = params[:id].to_i
     @phase = @plan.template.phases.select {|p| p.id == phase_id}.first
+    @readonly = !@plan.editable_by?(current_user.id)
 
     # the eager_load pulls in ALL answers
     # need to restrict to just ones for this plan
@@ -43,7 +45,7 @@ def edit
 
     # create a map from theme to array of guidances
     # where guidance is a hash with the text and the org name
-    theme_guidance = {} 
+    theme_guidance = {}
 
     guidance_groups.each do |guidance_group|
       guidance_group.guidances.each do |guidance|
@@ -83,14 +85,14 @@ def edit
 
     if !user_signed_in? then
       respond_to do |format|
-				format.html { redirect_to edit_user_registration_path }
-			end
-		end
+                format.html { redirect_to edit_user_registration_path }
+            end
+        end
 
-	end
+    end
 
 
-	# GET /plans/PLANID/phases/PHASEID/status.json
+    # GET /plans/PLANID/phases/PHASEID/status.json
   def status
     @plan = Plan.eager_load(params[:plan_id])
     authorize @plan
@@ -110,9 +112,10 @@ def admin_show
     @phase = Phase.eager_load(:sections).find_by('phases.id = ?', params[:id])
     authorize @phase
 
-    @edit = (@phase.template.org == current_user.org)
+    @current = Template.current(@phase.template.dmptemplate_id)
+    @edit = (@phase.template.org == current_user.org) && (@phase.template == @current)
     #@edit = params[:edit] == "true" ? true : false
-    
+
         #verify if there are any sections if not create one
     @sections = @phase.sections
     if !@sections.any?() || @sections.count == 0
@@ -158,13 +161,13 @@ def admin_add
   def admin_create
     @phase = Phase.new(params[:phase])
     authorize @phase
-    
+
     @phase.description = params["phase-desc"]
     @phase.modifiable = true
     if @phase.save
       @phase.template.dirty = true
       @phase.template.save!
-      
+
       redirect_to admin_show_phase_path(id: @phase.id, edit: 'true'), notice: _('Information was successfully created.')
     else
       flash[:notice] = failed_create_error(@phase, _('phase'))
@@ -182,15 +185,15 @@ def admin_update
     if @phase.update_attributes(params[:phase])
       @phase.template.dirty = true
       @phase.template.save!
-      
+
       redirect_to admin_show_phase_path(@phase), notice: _('Information was successfully updated.')
     else
       @sections = @phase.sections
       @template = @phase.template
       # These params may not be available in this context so they may need
       # to be set to true without the check
       @edit = true
-      @open = !params[:section_id].nil? 
+      @open = !params[:section_id].nil?
       @section_id = (params[:section_id].nil? ? nil : params[:section_id].to_i)
       @question_id = (params[:question_id].nil? ? nil : params[:question_id].to_i)
       flash[:notice] = failed_update_error(@phase, _('phase'))
@@ -206,15 +209,15 @@ def admin_destroy
     if @phase.destroy
       @template.dirty = true
       @template.save!
-      
+
       redirect_to admin_template_template_path(@template), notice: _('Information was successfully deleted.')
     else
       @sections = @phase.sections
-      
+
       # These params may not be available in this context so they may need
       # to be set to true without the check
       @edit = true
-      @open = !params[:section_id].nil? 
+      @open = !params[:section_id].nil?
       @section_id = (params[:section_id].nil? ? nil : params[:section_id].to_i)
       @question_id = (params[:question_id].nil? ? nil : params[:question_id].to_i)
       flash[:notice] = failed_destroy_error(@phase, _('phase'))

app/controllers/plans_controller.rb

@@ -140,7 +140,7 @@ def edit
     authorize @plan
     # If there was no phase specified use the template's 1st phase
     @phase = (params[:phase].nil? ? @plan.template.phases.first : Phase.find(params[:phase]))
-    @readonly = @plan.editable_by?(current_user.id)
+    @readonly = !@plan.editable_by?(current_user.id)
     respond_to :html
   end
 

app/controllers/questions_controller.rb

@@ -6,12 +6,24 @@ class QuestionsController < ApplicationController
   def admin_create
     @question = Question.new(params[:question])
     authorize @question
-    @question.guidance = params["new-question-guidance"]
+    example = @question.annotations.first
+    if example.present?
+      example.org_id = current_user.org_id
+      example.example_answer!
+    end
+    if params["new-question-guidance"].present?
+      guidance = @question.annotations.build
+      guidance.text = params["new-question-guidance"]
+      guidance.org_id = current_user.org_id
+      guidance.guidance!
+      guidance.save
+    end
     @question.default_value = params["new-question-default-value"]
+    @question.modifiable = true
     if @question.save
       @question.section.phase.template.dirty = true
       @question.section.phase.template.save!
-      
+
       redirect_to admin_show_phase_path(id: @question.section.phase_id, section_id: @question.section_id, question_id: @question.id, edit: 'true'), notice: _('Information was successfully created.')
     else
       @edit = (@question.section.phase.template.org == current_user.org)
@@ -21,7 +33,7 @@ def admin_create
       @sections = @phase.sections
       @section_id = @question.section.id
       @question_id = @question.id
-      
+
       flash[:notice] = failed_create_error(@question, _('question'))
       render template: 'phases/admin_show'
     end
@@ -31,22 +43,31 @@ def admin_create
   def admin_update
     @question = Question.find(params[:id])
     authorize @question
-    @question.guidance = params["question-guidance-#{params[:id]}"]
+    guidance = @question.get_guidance_annotation(current_user.org_id) 
+    if params["question-guidance-#{params[:id]}"].present?
+      if guidance.blank?
+        guidance = @question.annotations.build
+        guidance.type = :guidance
+      end
+      guidance.text = params["question-guidance-#{params[:id]}"]
+      guidance.save
+    end
     @question.default_value = params["question-default-value-#{params[:id]}"]
     @section = @question.section
     @phase = @section.phase
+    template = @phase.template
     if @question.update_attributes(params[:question])
-      @question.section.phase.template.dirty = true
-      @question.section.phase.template.save!
-      
+      @phase.template.dirty = true
+      @phase.template.save!
+
       redirect_to admin_show_phase_path(id: @phase.id, section_id: @section.id, question_id: @question.id, edit: 'true'), notice: _('Information was successfully updated.')
     else
       @edit = (@phase.template.org == current_user.org)
       @open = true
       @sections = @phase.sections
       @section_id = @section.id
       @question_id = @question.id
-      
+
       flash[:notice] = failed_update_error(@question, _('question'))
       render template: 'phases/admin_show'
     end

app/controllers/registrations_controller.rb

@@ -40,10 +40,10 @@ def create
       redirect_to after_sign_up_error_path_for(resource), alert: _('You must accept the terms and conditions to register.')
     else
       existing_user = User.find_by_email(sign_up_params[:email])
-      if !existing_user.nil? then
-        if (existing_user.password == "" || existing_user.password.nil?) && existing_user.confirmed_at.nil? then
-          @user = existing_user
-          do_update(false, true)
+      if !existing_user.nil? # If email exists
+        if (existing_user.password == "" || existing_user.password.nil?) && existing_user.confirmed_at.nil? # If user has not accepted invitation yet
+          existing_user.destroy # Only solution for now
+          super
         else
           redirect_to after_sign_up_error_path_for(resource), alert: _('That email address is already registered.')
         end
@@ -91,16 +91,16 @@ def needs_password?(user, params)
   end
 
   def do_update(require_password = true, confirm = false)
-    if require_password                        # user is changing email or password
-      if current_user.email != params[:user][:email]   # if user changing email
-        if params[:user][:current_password].blank?    # password needs to be present
+    if require_password                              # user is changing email or password
+      if current_user.email != params[:user][:email]   # if user is changing email
+        if params[:user][:current_password].blank?       # password needs to be present
           message = _('Please enter your password to change email address.')
           successfully_updated = false
         else
           successfully_updated = current_user.update_with_password(password_update)
         end
-      elsif params[:user][:password].present? # user is changing password
-        successfully_updated = false      # shared across first 3 conditions
+      elsif params[:user][:password].present?          # if user is changing password
+        successfully_updated = false                     # shared across first 3 conditions
         if params[:user][:current_password].blank?
           message = _('Please enter your current password')
         elsif params[:user][:password_confirmation].blank?
@@ -110,10 +110,10 @@ def do_update(require_password = true, confirm = false)
         else
           successfully_updated = current_user.update_with_password(password_update)
         end
-      else    # potentially unreachable... but I dont like to leave off the else
+      else                                           # potentially unreachable... but I dont like to leave off the else
         successfully_updated = current_user.update_with_password(password_update)
       end
-    else        # password not required
+    else                                             # password not required
       successfully_updated = current_user.update_without_password(update_params)
     end
 
@@ -125,7 +125,7 @@ def do_update(require_password = true, confirm = false)
     #render the correct page
     if successfully_updated
       if confirm
-        current_user.skip_confirmation!
+        current_user.skip_confirmation! # will error out if confirmable is turned off in user model
         current_user.save!
       end
       session[:locale] = current_user.get_locale unless current_user.get_locale.nil?