sto/puzzle-scoreboard
1
0
Fork 0
Code Issues 2 Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: sto:d47ebf22abd7eb4c88a53ef8c0e42cff0fcd2f57
Branches Tags
sto:main
..
compare: sto:5472a400d126fbadb8b61c71ea28a204c72a3a90
Branches Tags
sto:main

No commits in common. "d47ebf22abd7eb4c88a53ef8c0e42cff0fcd2f57" and "5472a400d126fbadb8b61c71ea28a204c72a3a90" have entirely different histories.
d47ebf22ab ... 5472a400d1

12 changed files with 7 additions and 108 deletions
Show Stats Expand all files Collapse all files

3
app/controllers/application_controller.rb
View File

@ -3,7 +3,8 @@ class ApplicationController < ActionController::Base
include Pundit::Authorization include Pundit::Authorization
before_action :set_title, :set_current_user before_action :set_title, :set_current_user
after_action :verify_authorized # TODO: add later
# after_action :verify_authorized
# Only allow modern browsers supporting webp images, web push, badges, import maps, CSS nesting, and CSS :has. # Only allow modern browsers supporting webp images, web push, badges, import maps, CSS nesting, and CSS :has.
allow_browser versions: :modern allow_browser versions: :modern

10
app/controllers/completions_controller.rb
View File

@ -4,14 +4,10 @@ class CompletionsController < ApplicationController
before_action :set_completion, only: %i[ destroy edit update ] before_action :set_completion, only: %i[ destroy edit update ]
def edit def edit
authorize @contest
@title = "Edit completion" @title = "Edit completion"
end end
def new def new
authorize @contest
@completion = Completion.new @completion = Completion.new
if params[:contestant_id] if params[:contestant_id]
@completion.contestant_id = params[:contestant_id] @completion.contestant_id = params[:contestant_id]
@ -20,8 +16,6 @@ class CompletionsController < ApplicationController
end end
def create def create
authorize @contest
@completion = Completion.new(completion_params) @completion = Completion.new(completion_params)
@completion.contest_id = @contest.id @completion.contest_id = @contest.id
if @completion.save if @completion.save
@ -35,8 +29,6 @@ class CompletionsController < ApplicationController
end end
def update def update
authorize @contest
if params[:contestant_id] if params[:contestant_id]
@completion.contestant_id = params[:contestant_id] @completion.contestant_id = params[:contestant_id]
end end
@ -49,8 +41,6 @@ class CompletionsController < ApplicationController
end end
def destroy def destroy
authorize @contest
@completion.destroy @completion.destroy
if params[:contestant_id] if params[:contestant_id]
redirect_to contest_contestant_path(@contest, params[:contestant_id]) redirect_to contest_contestant_path(@contest, params[:contestant_id])

10
app/controllers/contestants_controller.rb
View File

@ -4,21 +4,15 @@ class ContestantsController < ApplicationController
before_action :set_completions, only: %i[edit update ] before_action :set_completions, only: %i[edit update ]
def edit def edit
authorize @contest
@title = "Contestant" @title = "Contestant"
end end
def new def new
authorize @contest
@contestant = Contestant.new @contestant = Contestant.new
@title = "New contestant" @title = "New contestant"
end end
def create def create
authorize @contest
@contestant = Contestant.new(contestant_params) @contestant = Contestant.new(contestant_params)
@contestant.contest_id = @contest.id @contestant.contest_id = @contest.id
if @contestant.save if @contestant.save
@ -30,8 +24,6 @@ class ContestantsController < ApplicationController
end end
def update def update
authorize @contest
if @contestant.update(contestant_params) if @contestant.update(contestant_params)
redirect_to @contest redirect_to @contest
else else
@ -41,8 +33,6 @@ class ContestantsController < ApplicationController
end end
def destroy def destroy
authorize @contest
@contestant.destroy @contestant.destroy
redirect_to contest_path(@contest) redirect_to contest_path(@contest)
end end

13
app/controllers/contests_controller.rb
View File

@ -2,15 +2,11 @@ class ContestsController < ApplicationController
before_action :set_contest, only: %i[ destroy edit show update ] before_action :set_contest, only: %i[ destroy edit show update ]
def index def index
authorize :contest
@contests = current_user.contests @contests = current_user.contests
@title = "Welcome #{current_user.username}!" @title = "Welcome #{current_user.username}!"
end end
def show def show
authorize @contest
@title = @contest.name @title = @contest.name
@contestants = @contest.contestants.order(:name) @contestants = @contest.contestants.order(:name)
@puzzles = @contest.puzzles.order(:id) @puzzles = @contest.puzzles.order(:id)
@ -18,21 +14,15 @@ class ContestsController < ApplicationController
end end
def edit def edit
authorize @contest
@title = "Edit contest settings" @title = "Edit contest settings"
end end
def new def new
authorize :contest
@contest = Contest.new @contest = Contest.new
@title = "New jigsaw puzzle competition" @title = "New jigsaw puzzle competition"
end end
def create def create
authorize :contest
@contest = Contest.new(contest_params) @contest = Contest.new(contest_params)
@contest.user_id = current_user.id @contest.user_id = current_user.id
if @contest.save if @contest.save
@ -43,8 +33,6 @@ class ContestsController < ApplicationController
end end
def update def update
authorize @contest
if @contest.update(contest_params) if @contest.update(contest_params)
redirect_to @contest redirect_to @contest
else else
@ -53,7 +41,6 @@ class ContestsController < ApplicationController
end end
def destroy def destroy
authorize @contest
end end
private private

10
app/controllers/puzzles_controller.rb
View File

@ -3,21 +3,15 @@ class PuzzlesController < ApplicationController
before_action :set_puzzle, only: %i[ destroy edit update] before_action :set_puzzle, only: %i[ destroy edit update]
def edit def edit
authorize @contest
@title = "Edit contest puzzle" @title = "Edit contest puzzle"
end end
def new def new
authorize @contest
@puzzle = Puzzle.new @puzzle = Puzzle.new
@title = "New contest puzzle" @title = "New contest puzzle"
end end
def create def create
authorize @contest
@puzzle = Puzzle.new(puzzle_params) @puzzle = Puzzle.new(puzzle_params)
@puzzle.contest_id = @contest.id @puzzle.contest_id = @contest.id
if @puzzle.save if @puzzle.save
@ -29,8 +23,6 @@ class PuzzlesController < ApplicationController
end end
def update def update
authorize @contest
if @puzzle.update(puzzle_params) if @puzzle.update(puzzle_params)
redirect_to @contest redirect_to @contest
else else
@ -40,8 +32,6 @@ class PuzzlesController < ApplicationController
end end
def destroy def destroy
authorize @contest
@puzzle.destroy @puzzle.destroy
redirect_to contest_path(@contest) redirect_to contest_path(@contest)
end end

2
app/controllers/sessions_controller.rb
View File

@ -3,11 +3,9 @@ class SessionsController < ApplicationController
rate_limit to: 10, within: 3.minutes, only: :create, with: -> { redirect_to new_session_url, alert: "Try again later." } rate_limit to: 10, within: 3.minutes, only: :create, with: -> { redirect_to new_session_url, alert: "Try again later." }
def new def new
skip_authorization
end end
def create def create
skip_authorization
if user = User.authenticate_by(params.permit(:email_address, :password)) if user = User.authenticate_by(params.permit(:email_address, :password))
start_new_session_for user start_new_session_for user
redirect_to after_authentication_url redirect_to after_authentication_url

2
app/models/completion.rb
View File

@ -31,5 +31,5 @@ class Completion < ApplicationRecord
validates :time_seconds, presence: true validates :time_seconds, presence: true
validates_numericality_of :time_seconds validates_numericality_of :time_seconds
validates :puzzle_id, uniqueness: { scope: :contestant } validates :puzzle_id, uniqueness: { score: :contestant }
end end

9
app/policies/completion_policy.rb
View File

@ -1,9 +0,0 @@
class CompletionPolicy < ContestPolicy
def index?
false
end
def show?
false
end
end

29
app/policies/contest_policy.rb
View File

@ -1,29 +0,0 @@
class ContestPolicy < ApplicationPolicy
def index?
true
end
def show?
record.user.id == user.id || user.admin?
end
def new?
true
end
def create?
true
end
def edit?
record.user.id == user.id || user.admin?
end
def update?
record.user.id == user.id || user.admin?
end
def destroy?
record.user.id == user.id || user.admin?
end
end

9
app/policies/contestant_policy.rb
View File

@ -1,9 +0,0 @@
class ContestantPolicy < ContestPolicy
def index?
false
end
def show?
false
end
end

9
app/policies/puzzle_policy.rb
View File

@ -1,9 +0,0 @@
class PuzzlePolicy < ContestPolicy
def index?
false
end
def show?
false
end
end

9
app/views/contests/index.html.slim
View File

@ -15,10 +15,9 @@
.card-header .card-header
= contest.name = contest.name
.card-body .card-body
.card-text.mb-2 = "#{contest.puzzles.length} puzzles - #{contest.contestants.length} participants"
.row .row
.col - contest.puzzles.each do |puzzle|
- contest.puzzles.each do |puzzle| - if puzzle.image.attached?
- if puzzle.image.attached? .col
= image_tag puzzle.image, style: "max-height: 50px;", class: "mb-2 me-2" = image_tag puzzle.image, style: "max-height: 80px;"
a.stretched-link href=contest_path(contest) a.stretched-link href=contest_path(contest)