ricola/vedia
0
0
Fork 0
Code Issues 17 Pull requests Projects Releases Packages Wiki Activity Actions
vedia/vedia.rb

367 lines
7.7 KiB
Ruby
Raw Blame History

require 'sinatra'
require 'sinatra/activerecord'
require 'bcrypt'
require 'gettext'
require 'securerandom'
require 'chartkick'
require 'mail'
require_relative 'mj'
require_relative "config/environments/#{settings.environment}"
class Vote < ActiveRecord::Base
has_many :candidates, dependent: :destroy
has_many :ratings, dependent: :destroy
has_many :organizers, dependent: :destroy
has_many :users, through: :organizers
validates :state, inclusion: { in: ['draft', 'open', 'closed'] }
end
class Candidate < ActiveRecord::Base
belongs_to :vote
has_many :ratings, dependent: :destroy
def mj
return MajorityJudgment.new(self.ratings.collect {|r| r.value })
end
end
class User < ActiveRecord::Base
has_many :ratings
has_many :organizers
has_many :votes, through: :organizers
validates :email, uniqueness: true
validates :email, format: URI::MailTo::EMAIL_REGEXP
end
class Organizer < ActiveRecord::Base
belongs_to :vote
belongs_to :user
validates :vote_id, uniqueness: { scope: :user_id }
validates :user_id, uniqueness: { scope: :vote_id }
end
class Rating < ActiveRecord::Base
belongs_to :vote
belongs_to :user
belongs_to :candidate
end
def hash_password(password)
BCrypt::Password.create(password).to_s
end
def verify_password(password, hash)
BCrypt::Password.new(hash) == password
end
include GetText
set_output_charset('UTF-8')
bindtextdomain('vedia', 'locale')
set_locale('ca')
enable :sessions
set :values, [ { :id => 1, :label => _("Awful"), :color => '#ff4500' },
{ :id => 2, :label => _("Very bad"), :color => '#ffa500' },
{ :id => 3, :label => _("Bad"), :color => '#ffff00' },
{ :id => 4, :label => _("Mediocre"), :color => '#9acd32' },
{ :id => 5, :label => _("Good"), :color => '#228b22' },
{ :id => 6, :label => _("Very good"), :color => '#006400' } ]
set :admin_email, 'vedia@potager.org'
MajorityJudgment.values = settings.values
get '/' do
require_login
@votes = Vote.all
erb :home
end
get '/style.css' do
content_type 'text/css'
erb :style, :layout => false
end
get '/signup' do
erb :signup
end
post '/signup' do
@user = User.create(email: params[:email])
@errors = []
if params[:password].empty?
@errors << OpenStruct.new(:attribute => :password, :type => :blank)
else
@user.password = hash_password(params[:password])
end
if @errors.empty? and @user.valid?
@user.save
session.clear
session[:user_id] = @user.id
redirect '/'
else
erb :signup
end
end
get '/login' do
erb :login
end
post '/login' do
user = User.find_by(email: params[:email])
if user && verify_password(params[:password], user.password)
if not user.reset.nil?
user.reset = nil
user.save
end
session.clear
session[:user_id] = user.id
redirect '/'
else
@error = _("Incorrect email or password.")
erb :login
end
end
get '/reset' do
erb :reset
end
post '/reset' do
@user = User.find_by(email: params[:email])
if @user
@reset = SecureRandom.uuid
@user.reset = hash_password(@reset)
@user.save
mail = Mail.new
mail.from = settings.admin_email
mail.to = @user.email
mail.subject = _("Reset your password")
mail.body = erb :reset_email, :layout => false
mail.deliver
end
erb :reset_sent
end
get '/reset/:uuid' do
@user = nil
User.where.not(reset: nil).each do |user|
@user = user if verify_password(params[:uuid], user.reset)
end
if @user
erb :reset_change
else
erb :reset_invalid
end
end
post '/reset/:uuid' do
@user = nil
User.where.not(reset: nil).each do |user|
@user = user if verify_password(params[:uuid], user.reset)
end
if @user
@errors = []
if params[:password].empty?
@errors << OpenStruct.new(:attribute => :password, :type => :blank)
else
@user.password = hash_password(params[:password])
end
if @errors.empty? and @user.valid?
@user.reset = nil
@user.save
session.clear
session[:user_id] = @user.id
redirect '/'
else
erb :reset_change
end
else
erb :reset_invalid
end
end
get '/logout' do
session.clear
redirect '/login'
end
post '/logout' do
session.clear
redirect '/login'
end
get '/votes/new' do
require_login
erb :votes_new
end
post '/votes' do
require_login
@vote = Vote.create(secure_id: SecureRandom.hex(8),
title: params[:title],
description: params[:description],
state: 'draft')
@vote.users << current_user
redirect '/votes/' + @vote.secure_id
end
get '/votes/:id' do
require_login
find_vote
case @vote.state
when 'draft'
if @vote.users.exists?(current_user.id)
erb :votes_edit
else
erb :votes_show_draft
end
when 'open'
erb :votes_show_open
when 'closed'
erb :votes_show_closed
else
@vote.state = 'draft'
@vote.save
erb :votes_edit
end
end
post '/votes/:id/edit' do
require_login
find_vote
require_organizer
require_draft_vote
@vote.title = params[:title]
@vote.description = params[:description]
@vote.save
erb :votes_edit
end
post '/votes/:id/candidates' do
require_login
find_vote
require_organizer
require_draft_vote
@candidate = Candidate.new(name: params[:name],
description: params[:description])
@candidate.vote = @vote
@candidate.save
redirect '/votes/' + @vote.secure_id
end
post '/votes/:id/candidates/:cid/delete' do
require_login
find_vote
require_organizer
require_draft_vote
@candidate = Candidate.find(params[:cid])
@candidate.destroy
redirect '/votes/' + @vote.secure_id
end
post '/votes/:id/open' do
require_login
find_vote
require_organizer
require_draft_vote
if not @vote.candidates.length < 2
@vote.state = 'open'
@vote.save
end
redirect '/votes/' + @vote.secure_id
end
post '/votes/:id/draft' do
require_login
find_vote
require_organizer
require_open_vote
@vote.ratings.each {|r| r.destroy}
@vote.state = 'draft'
@vote.save
redirect '/votes/' + @vote.secure_id
end
post '/votes/:id/close' do
require_login
find_vote
require_organizer
require_open_vote
@vote.state = 'closed'
@vote.save
redirect '/votes/' + @vote.secure_id
end
post '/votes/:id/reopen' do
require_login
find_vote
require_organizer
require_closed_vote
@vote.state = 'open'
@vote.save
redirect '/votes/' + @vote.secure_id
end
post '/votes/:id/ratings' do
require_login
find_vote
require_open_vote
@vote.candidates.each do |candidate|
rating = Rating.find_or_initialize_by(vote: @vote, user: current_user, candidate: candidate)
rating.value = params[candidate.id.to_s]
rating.save
end
redirect '/votes/' + @vote.secure_id
end
post '/votes/:id/organizers' do
require_login
find_vote
require_organizer
user = User.find_by(email: params[:email])
@vote.users << user
redirect '/votes/' + @vote.secure_id
end
post '/votes/:id/delete' do
require_login
find_vote
require_organizer
@vote.destroy
redirect '/'
end
helpers do
def current_user
if session[:user_id]
User.find(session[:user_id])
else
nil
end
end
def require_login
redirect '/login' unless current_user
end
def find_vote
@vote = Vote.find_by(secure_id: params[:id])
end
def require_organizer
redirect '/votes/' + @vote.secure_id unless @vote.users.exists?(current_user.id)
end
def require_draft_vote
redirect '/votes/' + @vote.secure_id unless @vote.state == 'draft'
end
def require_open_vote
redirect '/votes/' + @vote.secure_id unless @vote.state == 'open'
end
def require_closed_vote
redirect '/votes/' + @vote.secure_id unless @vote.state == 'closed'
end
end
Reference in a new issue View git blame Copy permalink