Add stories and comments

Gemfile

@@ -1,12 +1,6 @@
 source 'https://rubygems.org'
 
 gem 'rails', '3.2.0'
-
-# Bundle edge Rails instead:
-# gem 'rails', :git => 'git://github.com/rails/rails.git'
-
-gem 'sqlite3'
-
 gem 'json'
 
 # Gems used only for assets and not required
@@ -22,13 +16,12 @@ group :assets do
 end
 
 gem 'devise'
+gem 'cancan'
 gem 'omniauth-facebook'
 gem 'omniauth-twitter'
 
 gem 'jquery-rails'
-
 gem 'haml-rails'
-
 gem 'chronic'
 
 group :production do
@@ -44,12 +37,6 @@ group :test do
   gem 'capybara'
 end
 
-# To use ActiveModel has_secure_password
-# gem 'bcrypt-ruby', '~> 3.0.0'
-
-# To use Jbuilder templates for JSON
-# gem 'jbuilder'
-
 # Use unicorn as the web server
 # gem 'unicorn'
 

Gemfile.lock

@@ -33,6 +33,7 @@ GEM
     bcrypt-ruby (3.0.1)
     bcrypt-ruby (3.0.1-x86-mingw32)
     builder (3.0.0)
+    cancan (1.6.5)
     capybara (1.1.2)
       mime-types (>= 1.16)
       nokogiri (>= 1.3.3)
@@ -172,6 +173,7 @@ PLATFORMS
   x86-mingw32
 
 DEPENDENCIES
+  cancan
   capybara
   chronic
   coffee-rails (~> 3.2.1)

app/assets/javascripts/comment.js.coffee

@@ -0,0 +1,3 @@
+# Place all the behaviors and hooks related to the matching controller here.
+# All this logic will automatically be available in application.js.
+# You can use CoffeeScript in this file: http://jashkenas.github.com/coffee-script/

app/assets/javascripts/story.js.coffee

@@ -0,0 +1,3 @@
+# Place all the behaviors and hooks related to the matching controller here.
+# All this logic will automatically be available in application.js.
+# You can use CoffeeScript in this file: http://jashkenas.github.com/coffee-script/

app/assets/stylesheets/comment.css.scss

@@ -0,0 +1,3 @@
+// Place all the styles related to the comment controller here.
+// They will automatically be included in application.css.
+// You can use Sass (SCSS) here: http://sass-lang.com/

app/assets/stylesheets/home.css.scss → app/assets/stylesheets/story.css.scss

@@ -1,3 +1,3 @@
-// Place all the styles related to the home controller here.
+// Place all the styles related to the story controller here.
 // They will automatically be included in application.css.
 // You can use Sass (SCSS) here: http://sass-lang.com/

app/controllers/comments_controller.rb

@@ -0,0 +1,14 @@
+class CommentsController < ApplicationController
+  load_and_authorize_resource :story
+
+  def create
+    @comment = Comment.new(params[:comment])
+    @comment.user = current_user
+    @comment.story = @story
+    if @comment.save
+      redirect_to @story
+    else
+      render :new
+    end
+  end
+end

app/controllers/stories_controller.rb

@@ -0,0 +1,21 @@
+class StoriesController < ApplicationController
+  load_and_authorize_resource
+
+  def index
+    # @stories = Story.all
+  end
+
+  def new
+    @story = Story.new(params[:story])
+  end
+
+  def create
+    @story = Story.new(params[:story])
+    @story.user = current_user
+    if @story.save
+      redirect_to @story
+    else
+      render :new
+    end
+  end
+end

app/helpers/comment_helper.rb

@@ -0,0 +1,2 @@
+module CommentHelper
+end

app/helpers/story_helper.rb

@@ -0,0 +1,2 @@
+module StoryHelper
+end

app/models/ability.rb

@@ -0,0 +1,35 @@
+class Ability
+  include CanCan::Ability
+
+  def initialize(user)
+
+    can :read, Story
+    can :create, Story
+
+    can :read, Comment
+    can :create, Comment
+
+    # Define abilities for the passed in user here. For example:
+    #
+    #   user ||= User.new # guest user (not logged in)
+    #   if user.admin?
+    #     can :manage, :all
+    #   else
+    #     can :read, :all
+    #   end
+    #
+    # The first argument to `can` is the action you are giving the user permission to do.
+    # If you pass :manage it will apply to every action. Other common actions here are
+    # :read, :create, :update and :destroy.
+    #
+    # The second argument is the resource the user can perform the action on. If you pass
+    # :all it will apply to every resource. Otherwise pass a Ruby class of the resource.
+    #
+    # The third argument is an optional hash of conditions to further filter the objects.
+    # For example, here the user can only update published articles.
+    #
+    #   can :update, Article, :published => true
+    #
+    # See the wiki for details: https://github.com/ryanb/cancan/wiki/Defining-Abilities
+  end
+end

app/models/comment.rb

@@ -0,0 +1,6 @@
+class Comment < ActiveRecord::Base
+  belongs_to :user
+  belongs_to :story
+
+  validates :user, :story, :body, presence: true
+end

app/models/story.rb

@@ -0,0 +1,6 @@
+class Story < ActiveRecord::Base
+  belongs_to :user
+  has_many :comments
+
+  validates :user, :title, :body, presence: true
+end

app/models/user.rb

@@ -7,6 +7,10 @@ class User < ActiveRecord::Base
   # Setup accessible (or protected) attributes for your model
   attr_accessible :email, :password, :password_confirmation, :remember_me
 
+  def to_s
+    email
+  end
+
   def self.find_for_facebook_oauth(access_token, signed_in_resource = nil)
     data = access_token.extra.raw_info
     User.where(:facebook_id => data.id).first

app/views/shared/_header.html.haml

@@ -4,7 +4,8 @@
       = link_to Rails.configuration.application_name, '/', class: 'brand'
       - if user_signed_in?
         %ul.nav
-          %li= link_to 'Something', '#'
+          %li= link_to 'Read Stories', '/'
+          %li= link_to 'Post Story', new_story_path
         .pull-right
           %ul.nav
             %li= link_to current_user.email, edit_user_registration_path

app/views/stories/index.html.haml

@@ -0,0 +1,8 @@
+- @stories.each do |story|
+  %article
+    %h3= link_to story.title, story
+    .author= story.user
+    .created= story.created_at
+
+- unless @stories.any?
+  %h3 No Stories have been uploded

app/views/stories/new.html.haml

@@ -0,0 +1,7 @@
+= form_for(@story) do |f|
+  .field
+    = f.text_field :title, placeholder: 'Title'
+  .field
+    = f.text_area :body, placeholder: 'Body Text'
+  %div
+    = f.submit

app/views/stories/show.html.haml

@@ -0,0 +1,26 @@
+%h3= @story.title
+.posted
+  %b Posted By:
+  %span.author= @story.user
+  (
+  %span.created= @story.created_at
+  )
+
+.body= @story.body
+
+.comments
+  = form_for([ @story, @comment ||= Comment.new(params[:comment]) ]) do |f|
+    .field
+      = f.text_area :body, placeholder: 'Body Text'
+    %div
+      = f.submit
+
+  - @story.comments.each do |comment|
+    .comment
+      .author= comment.user
+      .created= comment.created_at
+      .body= comment.body
+
+  - unless @story.comments.any?
+    %b No Comments have been posted
+

config/routes.rb

@@ -1,67 +1,15 @@
 StoryShare::Application.routes.draw do
 
-  match '/', :controller => :home, :action => :index
+  match '/', :controller => :stories, :action => :index
+  root :to => 'stories#index'
 
   devise_for :users, :controllers => { :omniauth_callbacks => "users/omniauth_callbacks" } do
     delete '/users/disconnect/:provider',
       :to => 'users#disconnect_omniauth_provider',
       :as => 'disconnect_omniauth_provider'
   end
 
-  # The priority is based upon order of creation:
-  # first created -> highest priority.
-
-  # Sample of regular route:
-  #   match 'products/:id' => 'catalog#view'
-  # Keep in mind you can assign values other than :controller and :action
-
-  # Sample of named route:
-  #   match 'products/:id/purchase' => 'catalog#purchase', :as => :purchase
-  # This route can be invoked with purchase_url(:id => product.id)
-
-  # Sample resource route (maps HTTP verbs to controller actions automatically):
-  #   resources :products
-
-  # Sample resource route with options:
-  #   resources :products do
-  #     member do
-  #       get 'short'
-  #       post 'toggle'
-  #     end
-  #
-  #     collection do
-  #       get 'sold'
-  #     end
-  #   end
-
-  # Sample resource route with sub-resources:
-  #   resources :products do
-  #     resources :comments, :sales
-  #     resource :seller
-  #   end
-
-  # Sample resource route with more complex sub-resources
-  #   resources :products do
-  #     resources :comments
-  #     resources :sales do
-  #       get 'recent', :on => :collection
-  #     end
-  #   end
-
-  # Sample resource route within a namespace:
-  #   namespace :admin do
-  #     # Directs /admin/products/* to Admin::ProductsController
-  #     # (app/controllers/admin/products_controller.rb)
-  #     resources :products
-  #   end
-
-  # You can have the root of your site routed with "root"
-  # just remember to delete public/index.html.
-  root :to => 'home#index'
-
-  # See how all your routes lay out with "rake routes"
-
-  # This is a legacy wild controller route that's not recommended for RESTful applications.
-  # Note: This route will make all actions in every controller accessible via GET requests.
-  # match ':controller(/:action(/:id))(.:format)'
+  resources :stories do
+    resources :comments
+  end
 end

db/migrate/20120219203406_create_stories.rb

@@ -0,0 +1,11 @@
+class CreateStories < ActiveRecord::Migration
+  def change
+    create_table :stories do |t|
+      t.references :user, null: false
+      t.string :title, null: false
+      t.text :body, null: false
+
+      t.timestamps
+    end
+  end
+end

db/migrate/20120219203549_create_comments.rb

@@ -0,0 +1,11 @@
+class CreateComments < ActiveRecord::Migration
+  def change
+    create_table :comments do |t|
+      t.references :user, null: false
+      t.references :story, null: false
+      t.text :body, null: false
+
+      t.timestamps
+    end
+  end
+end

db/schema.rb

@@ -11,7 +11,23 @@
 #
 # It's strongly recommended to check this file into your version control system.
 
-ActiveRecord::Schema.define(:version => 20120128210241) do
+ActiveRecord::Schema.define(:version => 20120219203549) do
+
+  create_table "comments", :force => true do |t|
+    t.integer  "user_id",    :null => false
+    t.integer  "story_id",   :null => false
+    t.text     "body",       :null => false
+    t.datetime "created_at", :null => false
+    t.datetime "updated_at", :null => false
+  end
+
+  create_table "stories", :force => true do |t|
+    t.integer  "user_id",    :null => false
+    t.string   "title",      :null => false
+    t.text     "body",       :null => false
+    t.datetime "created_at", :null => false
+    t.datetime "updated_at", :null => false
+  end
 
   create_table "users", :force => true do |t|
     t.string   "email",                                 :default => "", :null => false