From 5dbe2c84c056c5fa90a432bc41f21f139bea074f Mon Sep 17 00:00:00 2001
From: Marcin Kulik <m@ku1ik.com>
Date: Sat, 15 Nov 2014 18:30:05 +0000
Subject: [PATCH] UI for toggling asciicasts private/public

---
 app/models/asciicast.rb                    |  4 ++
 app/policies/asciicast_policy.rb           | 19 ++++++++--
 app/presenters/asciicast_page_presenter.rb |  8 ++++
 app/views/asciicasts/show.html.slim        | 10 +++++
 spec/policies/asciicast_policy_spec.rb     | 44 +++++++++++++++++++++-
 5 files changed, 80 insertions(+), 5 deletions(-)

diff --git a/app/models/asciicast.rb b/app/models/asciicast.rb
index 4ea2c2a..1360d53 100644
--- a/app/models/asciicast.rb
+++ b/app/models/asciicast.rb
@@ -92,6 +92,10 @@ class Asciicast < ActiveRecord::Base
     !image.file || (image.file.filename != image_filename)
   end
 
+  def owner?(user)
+    user && self.user == user
+  end
+
   private
 
   def get_stdout
diff --git a/app/policies/asciicast_policy.rb b/app/policies/asciicast_policy.rb
index 707c257..b5a985e 100644
--- a/app/policies/asciicast_policy.rb
+++ b/app/policies/asciicast_policy.rb
@@ -7,9 +7,10 @@ class AsciicastPolicy < ApplicationPolicy
   end
 
   def permitted_attributes
-    if user.admin? || record.user == user
+    if user.admin? || record.owner?(user)
       attrs = [:title, :description, :theme_name, :snapshot_at]
       attrs << :featured if user.admin?
+      attrs << :private if record.owner?(user)
 
       attrs
     else
@@ -20,13 +21,13 @@ class AsciicastPolicy < ApplicationPolicy
   def update?
     return false unless user
 
-    user.admin? || record.user == user
+    user.admin? || record.owner?(user)
   end
 
   def destroy?
     return false unless user
 
-    user.admin? || record.user == user
+    user.admin? || record.owner?(user)
   end
 
   def feature?
@@ -41,4 +42,16 @@ class AsciicastPolicy < ApplicationPolicy
     user.admin?
   end
 
+  def make_public?
+    return false unless user
+
+    record.owner?(user)
+  end
+
+  def make_private?
+    return false unless user
+
+    record.owner?(user)
+  end
+
 end
diff --git a/app/presenters/asciicast_page_presenter.rb b/app/presenters/asciicast_page_presenter.rb
index fa70729..be18b53 100644
--- a/app/presenters/asciicast_page_presenter.rb
+++ b/app/presenters/asciicast_page_presenter.rb
@@ -94,6 +94,14 @@ class AsciicastPagePresenter
     asciicast.featured? && policy.unfeature?
   end
 
+  def show_make_private_link?
+    !asciicast.private? && policy.make_private?
+  end
+
+  def show_make_public_link?
+    asciicast.private? && policy.make_public?
+  end
+
   def show_description?
     asciicast.description.present?
   end
diff --git a/app/views/asciicasts/show.html.slim b/app/views/asciicasts/show.html.slim
index 8825f6f..cfe57f2 100644
--- a/app/views/asciicasts/show.html.slim
+++ b/app/views/asciicasts/show.html.slim
@@ -55,6 +55,16 @@
                     = link_to(asciicast_path(page.asciicast, 'asciicast[featured]' => 0), method: :put) do
                       span.glyphicon.glyphicon-eye-close
                       '  Make not featured
+                - if page.show_make_public_link?
+                  li
+                    = link_to(asciicast_path(page.asciicast, 'asciicast[private]' => 0), method: :put) do
+                      span.glyphicon.glyphicon-eye-open
+                      '  Make public
+                - if page.show_make_private_link?
+                  li
+                    = link_to(asciicast_path(page.asciicast, 'asciicast[private]' => 1), method: :put) do
+                      span.glyphicon.glyphicon-eye-close
+                      '  Make private
                 - if page.show_delete_link?
                   li
                     = link_to(asciicast_path(page.asciicast), method: :delete, data: { confirm: 'Really delete this asciicast?' }) do
diff --git a/spec/policies/asciicast_policy_spec.rb b/spec/policies/asciicast_policy_spec.rb
index 443ebac..f333bf7 100644
--- a/spec/policies/asciicast_policy_spec.rb
+++ b/spec/policies/asciicast_policy_spec.rb
@@ -27,8 +27,8 @@ describe AsciicastPolicy do
       context "and is creator of the asciicast" do
         let(:asciicast) { Asciicast.new(user: user) }
 
-        it "includes form field, but no featured" do
-          expect(subject).to eq([:title, :description, :theme_name, :snapshot_at])
+        it "doesn't include featured but includes private" do
+          expect(subject).to eq([:title, :description, :theme_name, :snapshot_at, :private])
         end
       end
     end
@@ -106,4 +106,44 @@ describe AsciicastPolicy do
     end
   end
 
+  permissions :make_public? do
+    let(:asciicast) { Asciicast.new }
+
+    it "denies access if user is nil" do
+      expect(subject).not_to permit(nil, asciicast)
+    end
+
+    it "grants access if user is owner of the asciicast" do
+      user = stub_model(User)
+      asciicast.user = user
+      expect(subject).to permit(user, asciicast)
+    end
+
+    it "denies access if user isn't owner of the asciicast" do
+      user = stub_model(User)
+      asciicast.user = stub_model(User)
+      expect(subject).not_to permit(user, asciicast)
+    end
+  end
+
+  permissions :make_private? do
+    let(:asciicast) { Asciicast.new }
+
+    it "denies access if user is nil" do
+      expect(subject).not_to permit(nil, asciicast)
+    end
+
+    it "grants access if user is owner of the asciicast" do
+      user = stub_model(User)
+      asciicast.user = user
+      expect(subject).to permit(user, asciicast)
+    end
+
+    it "denies access if user isn't owner of the asciicast" do
+      user = stub_model(User)
+      asciicast.user = stub_model(User)
+      expect(subject).not_to permit(user, asciicast)
+    end
+  end
+
 end