adds require token removes startup application

Inosuke200 · Mar 4, 2014 · e87bb39 · e87bb39
1 parent 2d54afe
commit e87bb39
Show file tree

Hide file tree

Showing 14 changed files with 37 additions and 65 deletions.
diff --git a/app/admin/startup_application.rb b/app/admin/startup_application.rb
diff --git a/app/controllers/v1/base_controller.rb b/app/controllers/v1/base_controller.rb
@@ -1,7 +1,7 @@
 class V1::BaseController < ApplicationController
 	respond_to :json
 	skip_before_filter :verify_authenticity_token
-	# before_filter :require_token
+	before_filter :require_token
 
   def current_user
     return @current_user if @current_user
@@ -22,16 +22,15 @@ def current_user
   end
 
   def auth_token
-    params[:auth_token] || request.headers['HTTP_API_TOKEN']
+    params[:auth_token] || request.headers['HTTP_AUTH_TOKEN']
   end
 
 private
 
 	def require_token
-		raise "varify token requirment are satisfied"
 	  unless valid_token?
 	    logger.error "Request halted as no auth_token #{params}"
-	    # raise "auth_token required given: #{auth_token}"
+	    raise "auth_token required given: #{auth_token}"
 	  end
 	end
 

diff --git a/app/controllers/v1/events_controller.rb b/app/controllers/v1/events_controller.rb
@@ -1,4 +1,5 @@
 class V1::EventsController < V1::BaseController
+  skip_before_filter :require_token, only: [:index, :show]
 
 	def index
     @events = Event.where('date(end_at) >= date(?)', Time.now).order('start_at asc').limit(50)

diff --git a/app/controllers/v1/info_controller.rb b/app/controllers/v1/info_controller.rb
@@ -1,5 +1,7 @@
 class V1::InfoController < V1::BaseController
 
+  skip_before_filter :require_token, only: [:mentors, :advisory_council, :startup_stats]
+
   def mentors
     respond_to do |format|
         format.json

diff --git a/app/controllers/v1/news_controller.rb b/app/controllers/v1/news_controller.rb
@@ -1,5 +1,7 @@
 class V1::NewsController < V1::BaseController
 
+  skip_before_filter :require_token, only: [:index, :show]
+
 	def index
 		category = Category.find_by_name(params['category']) rescue nil
 		clause = category ? ["category_id = ?", category.id] : nil

diff --git a/app/controllers/v1/sessions_controller.rb b/app/controllers/v1/sessions_controller.rb
@@ -1,5 +1,6 @@
 class V1::SessionsController < V1::BaseController
   respond_to :json
+  skip_before_filter :require_token, only: [:create]
 
   def create
     hash_string = "#{params[:timestamp]}#{Svapp::Application.config.secret_key_base}#{params[:social_id]}#{params[:email]}"

diff --git a/app/controllers/v1/startup_applications_controller.rb b/app/controllers/v1/startup_applications_controller.rb
diff --git a/app/controllers/v1/startups_controller.rb b/app/controllers/v1/startups_controller.rb
@@ -1,5 +1,7 @@
 class V1::StartupsController < V1::BaseController
 
+  skip_before_filter :require_token, only: [:index, :show, :load_suggestions]
+
 	def index
 		category = Category.startup_category.find_by_name(params['category']) rescue nil
 		clause = category ? ["category_id = ?", category.id] : nil
@@ -13,6 +15,20 @@ def index
     end
 	end
 
+	def create
+		@current_user = current_user
+		raise "User(#{current_user.fullname}) is already linked to startup #{current_user.startup.name}" if current_user.startup
+  	startup = Startup.create(startup_params.merge({
+  		email: current_user.email,
+  		founders: [@current_user]
+		}))
+		@current_user.verify_self!
+		@current_user.update_attributes!(is_founder: true)
+		startup.save(validate: false)
+    respond_to do |format|
+        format.json
+    end
+	end
 
 	def show
 		@startup = Startup.find(params[:id])
@@ -26,8 +42,15 @@ def load_suggestions
 	end
 
 	def link_employee
-		@new_employee = User.find(params[:employee_id])
+		@new_employee = current_user
+		@new_employee.update_attributes!(startup: Startup.find(params[:id]), startup_link_verifier_id: nil)
 		StartupMailer.respond_to_new_employee(Startup.find(params[:id]), @new_employee).deliver
-		render nothing: true, status: :created
+		# render nothing: true, status: :created
 	end
+
+private
+  def startup_params
+    params.require(:startup).permit(:name, :phone, :idea, :website)
+  end
+
 end
diff --git a/app/controllers/v1/users_controller.rb b/app/controllers/v1/users_controller.rb
@@ -1,5 +1,6 @@
 class V1::UsersController < V1::BaseController
   respond_to :json
+  skip_before_filter :require_token, only: [:create, :forgot_password]
 
 	def show
 		@user = User.find params[:id]

diff --git a/app/helpers/v1/startup_application_helper.rb b/app/helpers/v1/startup_application_helper.rb
diff --git a/app/models/startup_application.rb b/app/models/startup_application.rb
diff --git a/config/routes/v1.rb b/config/routes/v1.rb
@@ -17,7 +17,6 @@
           post :link_employee
         end
 	    end
-	    resources :startup_applications
       get '/mentors' => 'info#mentors'
       get '/advisory-council' => 'info#advisory_council'
       get '/startup_stats' => 'info#startup_stats'

diff --git a/spec/controllers/v1/startup_applications_controller_spec.rb b/spec/controllers/v1/startup_applications_controller_spec.rb
diff --git a/spec/spec_helpers/v1/v1_api_helper.rb b/spec/spec_helpers/v1/v1_api_helper.rb
@@ -10,7 +10,7 @@ def check_type(response, path, type)
     expect(response.body).to have_json_type(type).at_path(path)
   end
 
-  def version_header
-    {"HTTP_ACCEPT"=>'application/vnd.svapp.v1+json', 'AUTH_TOKEN'=> (User.last or FactoryGirl.create(:employee)).auth_token}
+  def version_header(user = FactoryGirl.create(:user_with_out_password))
+    {"HTTP_ACCEPT"=>'application/vnd.svapp.v1+json', 'HTTP_AUTH_TOKEN'=> user.auth_token}
   end
 end