Merge branch 'rails4' of https://github.com/expertiza/expertiza into …

…rails4 # Please enter a commit message to explain why this merge is necessary, # especially if it merges an updated upstream into a topic branch. # # Lines starting with '#' will be ignored, and an empty message aborts # the commit.
expertiza · Aug 23, 2015 · e23c48c · e23c48c
2 parents 18cd7e8 + 6959f4b
commit e23c48c
Show file tree

Hide file tree

Showing 7 changed files with 31 additions and 16 deletions.
diff --git a/app/assets/stylesheets/layout.scss b/app/assets/stylesheets/layout.scss
@@ -512,4 +512,11 @@ border-spacing: 0px; }
   float: left; width: 230px; margin-left: 16px; background: none repeat scroll 0pt 0pt rgb(250, 250, 234);
 }
 
+/* overriding bootstrap method */
+.modal-backdrop {
+  z-index: 0 !important;
+}
 
+.ui-dialog-titlebar-close {
+  visibility: hidden !important; 
+}
diff --git a/app/controllers/assignments_controller.rb b/app/controllers/assignments_controller.rb
@@ -31,8 +31,7 @@ def new
   end
 
   def create
-    params.permit!
-    @assignment_form = AssignmentForm.new(params[:assignment_form])
+    @assignment_form = AssignmentForm.new(assignment_form_params)
     #This one is working
     #       emails = Array.new
     #      #emails<<"vikas.023@gmail.com"
@@ -142,7 +141,6 @@ def edit
   end
 
   def update
-    params.permit!
     ##if params doesn't have assignment_form, it means the assignment is assigned to a course using the icon on the popup menu
     unless(params.has_key?(:assignment_form))
       @assignment=Assignment.find(params[:id])
@@ -170,7 +168,7 @@ def update
       flash[:error] = "We strongly suggest instructors specify the preferred timezone to guarantee the correct time display. For now we assume you are in " +parent_timezone
       session[:user].timezonepref=parent_timezone
     end
-    if @assignment_form.update_attributes(params[:assignment_form],session[:user])
+    if @assignment_form.update_attributes(assignment_form_params,session[:user])
         flash[:note] = 'Assignment was successfully saved.'
         #TODO: deal with submission path change
         # Need to rename the bottom-level directory and/or move intermediate directories on the path to an
@@ -322,4 +320,10 @@ def empty_rubrics_list
       end
       return rubrics_list
     end
+
+    private
+
+    def assignment_form_params
+      params.require(:assignment_form).permit!
+    end
 end
diff --git a/app/controllers/profile_controller.rb b/app/controllers/profile_controller.rb
@@ -4,26 +4,29 @@ def action_allowed?
   end
 
   def edit
-    params.permit!
     @user = session[:user]
     @assignment_questionnaire = AssignmentQuestionnaire.where(['user_id = ? and assignment_id is null and questionnaire_id is null', @user.id]).first
   end
 
   def update
-    params.permit!
     @user = session[:user]
 
     unless params[:assignment_questionnaire].nil? or params[:assignment_questionnaire][:notification_limit].blank?
       aq = AssignmentQuestionnaire.where(['user_id = ? and assignment_id is null and questionnaire_id is null',@user.id]).first
       aq.update_attribute('notification_limit',params[:assignment_questionnaire][:notification_limit])
     end
 
-    if @user.update_attributes(params[:user])
+    if @user.update_attributes(user_params)
       flash[:success] = 'Profile was successfully updated.'
     else
       flash[:error] = 'Profile was not updated.'
     end
 
     redirect_to controller: :profile, action: :edit
   end
+
+  private
+  def user_params
+    params.require(:user).permit(:name, :crypted_password, :role_id, :password_salt, :fullname, :email, :parent_id, :private_by_default, :mru_directory_path, :email_on_review, :email_on_submission, :email_on_review_of_review, :is_new_user, :master_permission_granted, :handle, :leaderboard_privacy, :digital_certificate, :persistence_token, :timezonepref, :public_key, :copy_of_emails)
+  end
 end
diff --git a/app/controllers/suggestion_controller.rb b/app/controllers/suggestion_controller.rb
@@ -198,7 +198,7 @@ def reject_suggestion
   end
 
   private
-    def suggestion_params
-      params.require(:suggestion).permit(:assignment_id, :title, :description, :status, :unityID, :signup_preference)
-    end
+  def suggestion_params
+    params.require(:suggestion).permit(:assignment_id, :title, :description, :status, :unityID, :signup_preference)
+  end
 end
diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb
@@ -119,7 +119,7 @@ def create
         params[:user][:name] = params[:user][:email]
       end
 
-      @user = User.new(params[:user])
+      @user = User.new(user_params)
       # record the person who created this new user
       @user.parent_id = (session[:user]).id
       # set the user's timezone to its parent's
@@ -144,14 +144,12 @@ def create
 
 
   def edit
-    params.permit!
     @user = User.find(params[:id])
     get_role
     foreign
   end
 
   def update
-    params.permit!
     @user = User.find params[:id]
 
     #update username, when the user cannot be deleted
@@ -160,7 +158,7 @@ def update
     if (request.original_fullpath == "/users/#{@user.id}?name=#{@user.id}")
       @user.name += '_hidden'
     end
-    if @user.update_attributes(params[:user])
+    if @user.update_attributes(user_params)
       undo_link("User \"#{@user.name}\" has been updated successfully. ")
       redirect_to @user
     else
@@ -203,6 +201,10 @@ def foreign
 
   private
 
+  def user_params
+    params.require(:user).permit(:name, :crypted_password, :role_id, :password_salt, :fullname, :email, :parent_id, :private_by_default, :mru_directory_path, :email_on_review, :email_on_submission, :email_on_review_of_review, :is_new_user, :master_permission_granted, :handle, :leaderboard_privacy, :digital_certificate, :persistence_token, :timezonepref, :public_key, :copy_of_emails)
+  end
+
   def get_role
     if @user && @user.role_id
       @role = Role.find(@user.role_id)

diff --git a/app/models/sign_up_topic.rb b/app/models/sign_up_topic.rb
@@ -3,7 +3,6 @@ class SignUpTopic < ActiveRecord::Base
   has_many :topic_dependencies, :foreign_key => 'topic_id', :dependent => :destroy
   has_many :topic_deadlines, :foreign_key => 'topic_id', :dependent => :destroy
   alias_method :deadlines, :topic_deadlines
-  has_and_belongs_to_many :bmappings
   has_many :bids, :foreign_key => 'topic_id', :dependent => :destroy
   belongs_to :assignment
 

diff --git a/app/views/suggestion/student_edit.html.erb b/app/views/suggestion/student_edit.html.erb
@@ -13,7 +13,7 @@
 
   <tr>
     <td><label for="suggestion_signup_preference">Do you wish to work on this topic?</label></td>
-    <td><%= select "suggestion", "signup_preference", {"Yes" =>"Y","No"=>"N","--"=>""} %> </td>
+    <td><%= select "suggestion", "signup_preference", {"Yes" =>"Y","No"=>"N"} %> </td>
   </tr>
 </table>