From 2291caa3fd9b7677a43d6a6ea6ac4d9b0fad310b Mon Sep 17 00:00:00 2001
From: rgarcia <voodoorai2000@gmail.com>
Date: Sun, 21 Feb 2016 14:28:48 +0100
Subject: [PATCH 1/4] users can view their own spending proposals

---
 .../spending_proposals_controller.rb          | 12 ++++-----
 spec/features/spending_proposals_spec.rb      | 25 ++++++++++++++++++-
 2 files changed, 30 insertions(+), 7 deletions(-)

diff --git a/app/controllers/spending_proposals_controller.rb b/app/controllers/spending_proposals_controller.rb
index a07783d3d..17b7ad738 100644
--- a/app/controllers/spending_proposals_controller.rb
+++ b/app/controllers/spending_proposals_controller.rb
@@ -1,11 +1,11 @@
 class SpendingProposalsController < ApplicationController
   include FeatureFlags
 
-  before_action :authenticate_user!, except: [:index]
-  before_action :verify_valuator, only: [:show]
-
   load_and_authorize_resource
 
+  before_action :authenticate_user!, except: [:index]
+  before_action :verify_access, only: [:show]
+
   feature_flag :spending_proposals
 
   def index
@@ -20,7 +20,7 @@ class SpendingProposalsController < ApplicationController
     @spending_proposal.author = current_user
 
     if @spending_proposal.save_with_captcha
-      redirect_to spending_proposals_path, notice: t("flash.actions.create.spending_proposal")
+      redirect_to @spending_proposal, notice: t("flash.actions.create.spending_proposal")
     else
       render :new
     end
@@ -32,8 +32,8 @@ class SpendingProposalsController < ApplicationController
       params.require(:spending_proposal).permit(:title, :description, :external_url, :geozone_id, :association_name, :terms_of_service, :captcha, :captcha_key)
     end
 
-    def verify_valuator
-      raise CanCan::AccessDenied unless current_user.try(:valuator?) || current_user.try(:administrator?)
+    def verify_access
+      raise CanCan::AccessDenied unless current_user.try(:valuator?) || current_user.try(:administrator?) || @spending_proposal.author == current_user
     end
 
 end
diff --git a/spec/features/spending_proposals_spec.rb b/spec/features/spending_proposals_spec.rb
index 9a4d56fd7..484444fbb 100644
--- a/spec/features/spending_proposals_spec.rb
+++ b/spec/features/spending_proposals_spec.rb
@@ -2,7 +2,7 @@ require 'rails_helper'
 
 feature 'Spending proposals' do
 
-  let(:author) { create(:user, :level_two) }
+  let(:author) { create(:user, :level_two, username: 'Isabel') }
 
   scenario 'Index' do
     visit spending_proposals_path
@@ -33,6 +33,11 @@ feature 'Spending proposals' do
     click_button 'Create'
 
     expect(page).to have_content 'Spending proposal created successfully'
+    expect(page).to have_content('Build a skyscraper')
+    expect(page).to have_content('I want to live in a high tower over the clouds')
+    expect(page).to have_content('Isabel')
+    expect(page).to have_content('People of the neighbourhood')
+    expect(page).to have_content('All city')
   end
 
   scenario 'Captcha is required for proposal creation' do
@@ -100,6 +105,24 @@ feature 'Spending proposals' do
     expect(page).to have_content(spending_proposal.geozone.name)
   end
 
+  scenario "Show (as author)" do
+    author = create(:user)
+    login_as(author)
+
+    spending_proposal = create(:spending_proposal,
+                                geozone: create(:geozone),
+                                association_name: 'People of the neighbourhood',
+                                author: author)
+
+    visit spending_proposal_path(spending_proposal)
+
+    expect(page).to have_content(spending_proposal.title)
+    expect(page).to have_content(spending_proposal.description)
+    expect(page).to have_content(spending_proposal.author.name)
+    expect(page).to have_content(spending_proposal.association_name)
+    expect(page).to have_content(spending_proposal.geozone.name)
+  end
+
   scenario "Show (as user)" do
     user = create(:user)
     login_as(user)

From 7699b996553ff07adbf0cd3255225814298b2360 Mon Sep 17 00:00:00 2001
From: rgarcia <voodoorai2000@gmail.com>
Date: Sun, 21 Feb 2016 17:27:54 +0100
Subject: [PATCH 2/4] allows authors and admins to view their spending
 proposals in my activity

---
 app/controllers/users_controller.rb          | 22 ++++++++++--
 app/models/spending_proposal.rb              |  4 +++
 app/views/comments/_flag_actions.html.erb    | 36 ++++++++++++++-----
 app/views/users/_activity_page.html.erb      |  1 +
 app/views/users/_spending_proposals.html.erb | 13 +++++++
 app/views/users/show.html.erb                | 16 ++++++---
 config/locales/en.yml                        |  3 ++
 config/locales/es.yml                        |  3 ++
 spec/features/users_spec.rb                  | 37 ++++++++++++++++++++
 9 files changed, 120 insertions(+), 15 deletions(-)
 create mode 100644 app/views/users/_spending_proposals.html.erb

diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb
index d505cef8c..5c5e68741 100644
--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@@ -1,7 +1,8 @@
 class UsersController < ApplicationController
-  has_filters %w{proposals debates comments}, only: :show
+  has_filters %w{proposals debates comments spending_proposals}, only: :show
 
   load_and_authorize_resource
+  helper_method :authorized_for_filter?
 
   def show
     load_filtered_activity if valid_access?
@@ -12,7 +13,8 @@ class UsersController < ApplicationController
       @activity_counts = HashWithIndifferentAccess.new(
                           proposals: Proposal.where(author_id: @user.id).count,
                           debates: Debate.where(author_id: @user.id).count,
-                          comments: Comment.not_as_admin_or_moderator.where(user_id: @user.id).count)
+                          comments: Comment.not_as_admin_or_moderator.where(user_id: @user.id).count,
+                          spending_proposals: SpendingProposal.where(author_id: @user.id).count)
     end
 
     def load_filtered_activity
@@ -21,6 +23,7 @@ class UsersController < ApplicationController
       when "proposals" then load_proposals
       when "debates"   then load_debates
       when "comments"  then load_comments
+      when "spending_proposals"  then load_spending_proposals
       else load_available_activity
       end
     end
@@ -35,6 +38,9 @@ class UsersController < ApplicationController
       elsif  @activity_counts[:comments] > 0
         load_comments
         @current_filter = "comments"
+      elsif  @activity_counts[:spending_proposals] > 0 && author_or_admin?
+        load_spending_proposals
+        @current_filter = "spending_proposals"
       end
     end
 
@@ -50,11 +56,23 @@ class UsersController < ApplicationController
       @comments = Comment.not_as_admin_or_moderator.where(user_id: @user.id).includes(:commentable).order(created_at: :desc).page(params[:page])
     end
 
+    def load_spending_proposals
+      @spending_proposals = SpendingProposal.where(author_id: @user.id).order(created_at: :desc).page(params[:page])
+    end
+
     def valid_access?
       @user.public_activity || authorized_current_user?
     end
 
+    def author_or_admin?
+      @author_or_admin ||= current_user && (current_user == @user || current_user.administrator?)
+    end
+
     def authorized_current_user?
       @authorized_current_user ||= current_user && (current_user == @user || current_user.moderator? || current_user.administrator?)
     end
+
+    def authorized_for_filter?(filter)
+      filter == "spending_proposals" ? author_or_admin? : true
+    end
 end
diff --git a/app/models/spending_proposal.rb b/app/models/spending_proposal.rb
index 90d2b06f6..c023f83f4 100644
--- a/app/models/spending_proposal.rb
+++ b/app/models/spending_proposal.rb
@@ -64,4 +64,8 @@ class SpendingProposal < ActiveRecord::Base
     end
   end
 
+  def description
+    super.try :html_safe
+  end
+
 end
diff --git a/app/views/comments/_flag_actions.html.erb b/app/views/comments/_flag_actions.html.erb
index 007ab90b4..b68b31038 100644
--- a/app/views/comments/_flag_actions.html.erb
+++ b/app/views/comments/_flag_actions.html.erb
@@ -1,24 +1,44 @@
 <span class="flag-content">
   <% if show_flag_action? comment %>
     <span class="divider">&nbsp;|&nbsp;</span>
-    <a class="button" id="flag-expand-comment-<%= comment.id %>" data-dropdown="flag-drop-comment-<%= comment.id %>" aria-controls="flag-drop-comment-<%= comment.id %>" aria-expanded="false" title="<%= t('shared.flag') %>">
-      &nbsp;<i class="icon-flag flag-disable"></i>&nbsp;&nbsp;
+    <a class="button" id="flag-expand-comment-<%= comment.id %>"
+      data-dropdown="flag-drop-comment-<%= comment.id %>"
+      aria-controls="flag-drop-comment-<%= comment.id %>"
+      aria-expanded="false"
+      title="<%= t('shared.flag') %>">
+      &nbsp;
+      <i class="icon-flag flag-disable"></i>&nbsp;&nbsp;
     </a>
-    <ul id="flag-drop-comment-<%= comment.id %>" class="f-dropdown" data-dropdown-content aria-hidden="true" tabindex="-1">
+    <ul id="flag-drop-comment-<%= comment.id %>"
+        class="f-dropdown"
+        data-dropdown-content
+        aria-hidden="true"
+        tabindex="-1">
       <li>
-        <%= link_to t("shared.flag"), flag_comment_path(comment), method: :put, remote: true, id: "flag-comment-#{comment.id}" %>
+        <%= link_to t("shared.flag"), flag_comment_path(comment), method: :put,
+                    remote: true, id: "flag-comment-#{comment.id}" %>
       </li>
     </ul>
   <% end %>
 
   <% if show_unflag_action? comment %>
     <span class="divider">&nbsp;|&nbsp;</span>
-    <a class="button" id="unflag-expand-comment-<%= comment.id %>" data-dropdown="unflag-drop-comment-<%= comment.id %>" aria-controls="unflag-drop-comment-<%= comment.id %>" aria-expanded="false" title="<%= t('shared.unflag') %>">
-      &nbsp;<i class="icon-flag flag-active"></i>&nbsp;&nbsp;
+    <a class="button" id="unflag-expand-comment-<%= comment.id %>"
+       data-dropdown="unflag-drop-comment-<%= comment.id %>"
+       aria-controls="unflag-drop-comment-<%= comment.id %>"
+       aria-expanded="false"
+       title="<%= t('shared.unflag') %>">
+      &nbsp;
+      <i class="icon-flag flag-active"></i>&nbsp;&nbsp;
     </a>
-    <ul id="unflag-drop-comment-<%= comment.id %>" class="f-dropdown" data-dropdown-content aria-hidden="true" tabindex="-1">
+    <ul id="unflag-drop-comment-<%= comment.id %>"
+        class="f-dropdown"
+        data-dropdown-content
+        aria-hidden="true"
+        tabindex="-1">
       <li>
-        <%= link_to t("shared.unflag"), unflag_comment_path(comment), method: :put, remote: true, id: "unflag-comment-#{comment.id}" %>
+        <%= link_to t("shared.unflag"), unflag_comment_path(comment), method: :put,
+                    remote: true, id: "unflag-comment-#{comment.id}" %>
       </li>
     </ul>
   <% end %>
diff --git a/app/views/users/_activity_page.html.erb b/app/views/users/_activity_page.html.erb
index e90b8ce93..dbda1da39 100644
--- a/app/views/users/_activity_page.html.erb
+++ b/app/views/users/_activity_page.html.erb
@@ -1,3 +1,4 @@
 <%= render "proposals" if @proposals.present? %>
 <%= render "debates" if @debates.present? && feature?(:debates) %>
 <%= render "comments" if @comments.present? %>
+<%= render "spending_proposals" if @spending_proposals.present? %>
diff --git a/app/views/users/_spending_proposals.html.erb b/app/views/users/_spending_proposals.html.erb
new file mode 100644
index 000000000..479688f86
--- /dev/null
+++ b/app/views/users/_spending_proposals.html.erb
@@ -0,0 +1,13 @@
+<table class="clear activity-proposals">
+  <% @spending_proposals.each do |spending_proposal| %>
+    <tr id="spending_proposal_<%= spending_proposal.id %>">
+      <td>
+        <%= link_to spending_proposal.title, spending_proposal %>
+        <br>
+        <%= spending_proposal.description %>
+      </td>
+    </tr>
+  <% end %>
+</table>
+
+<%= paginate @spending_proposals %>
\ No newline at end of file
diff --git a/app/views/users/show.html.erb b/app/views/users/show.html.erb
index 1b82049f8..7d14602a7 100644
--- a/app/views/users/show.html.erb
+++ b/app/views/users/show.html.erb
@@ -14,11 +14,17 @@
         <dl class="sub-nav margin-top">
           <% @valid_filters.each do |filter| %>
             <% if @activity_counts[filter] > 0 %>
-              <% if @current_filter == filter %>
-                <dd class="active"> <%= t("users.show.filters.#{filter}", count: @activity_counts[filter]) %></dd>
-              <% else %>
-                <dd><%= link_to t("users.show.filters.#{filter}", count: @activity_counts[filter]),
-                  current_path_with_query_params(filter: filter, page: 1) %></dd>
+              <% if authorized_for_filter?(filter) %>
+                <% if @current_filter == filter %>
+                  <dd class="active">
+                    <%= t("users.show.filters.#{filter}", count: @activity_counts[filter]) %>
+                  </dd>
+                <% else %>
+                  <dd>
+                    <%= link_to t("users.show.filters.#{filter}", count: @activity_counts[filter]),
+                                current_path_with_query_params(filter: filter, page: 1) %>
+                  </dd>
+                <% end %>
               <% end %>
             <% end %>
           <% end %>
diff --git a/config/locales/en.yml b/config/locales/en.yml
index f89aa48a0..cf210838c 100755
--- a/config/locales/en.yml
+++ b/config/locales/en.yml
@@ -453,6 +453,9 @@ en:
         proposals:
           one: 1 Proposal
           other: "%{count} Proposals"
+        spending_proposals:
+          one: 1 Spending proposal
+          other: "%{count} Spending proposals"
       no_activity: User has no public activity
       private_activity: This user decided to keep the activity list private
   votes:
diff --git a/config/locales/es.yml b/config/locales/es.yml
index 7b07bec45..6c6c65621 100755
--- a/config/locales/es.yml
+++ b/config/locales/es.yml
@@ -454,6 +454,9 @@ es:
         proposals:
           one: 1 Propuesta
           other: "%{count} Propuestas"
+        spending_proposals:
+          one: 1 Propuesta de inversión
+          other: "%{count} Propuestas de inversión"
       no_activity: Usuario sin actividad pública
       private_activity: Este usuario ha decidido mantener en privado su lista de actividades
   votes:
diff --git a/spec/features/users_spec.rb b/spec/features/users_spec.rb
index afd400c0d..247a77293 100644
--- a/spec/features/users_spec.rb
+++ b/spec/features/users_spec.rb
@@ -198,6 +198,43 @@ feature 'Users' do
       end
 
     end
+
+    feature 'Spending proposals' do
+
+      background do
+        @author = create(:user)
+        create(:spending_proposal, author: @author, title: 'Build a school')
+      end
+
+      scenario 'is not shown if no user logged in' do
+        visit user_path(@user)
+        expect(page).to_not have_content('Build a school')
+      end
+
+      scenario 'is not shown if logged in user is a regular user' do
+        login_as(create(:user))
+        visit user_path(@author)
+        expect(page).to_not have_content('Build a school')
+      end
+
+      scenario 'is not shown if logged in user is moderator' do
+        login_as(create(:moderator).user)
+        visit user_path(@author)
+        expect(page).to_not have_content('Build a school')
+      end
+
+      scenario 'is shown if logged in user is admin' do
+        login_as(create(:administrator).user)
+        visit user_path(@author)
+        expect(page).to have_content('Build a school')
+      end
+
+      scenario 'is shown if logged in user is author' do
+        login_as(@author)
+        visit user_path(@author)
+        expect(page).to have_content('Build a school')
+      end
+    end
   end
 
   feature 'Special comments' do

From 17d6b55fb3e19d55be882311e03a32eadf42a2ec Mon Sep 17 00:00:00 2001
From: rgarcia <voodoorai2000@gmail.com>
Date: Sun, 21 Feb 2016 18:04:11 +0100
Subject: [PATCH 3/4] adds notice with html after spending proposal creation

---
 .../spending_proposals_controller.rb          |  4 ++-
 app/views/layouts/application.html.erb        |  4 +--
 config/locales/responders.en.yml              |  2 +-
 config/locales/responders.es.yml              |  2 +-
 spec/features/spending_proposals_spec.rb      | 26 +++++++++++++++++++
 5 files changed, 33 insertions(+), 5 deletions(-)

diff --git a/app/controllers/spending_proposals_controller.rb b/app/controllers/spending_proposals_controller.rb
index 17b7ad738..3965c7494 100644
--- a/app/controllers/spending_proposals_controller.rb
+++ b/app/controllers/spending_proposals_controller.rb
@@ -5,6 +5,7 @@ class SpendingProposalsController < ApplicationController
 
   before_action :authenticate_user!, except: [:index]
   before_action :verify_access, only: [:show]
+  before_filter -> { flash.now[:notice] = flash[:notice].html_safe if flash[:html_safe] && flash[:notice] }
 
   feature_flag :spending_proposals
 
@@ -20,7 +21,8 @@ class SpendingProposalsController < ApplicationController
     @spending_proposal.author = current_user
 
     if @spending_proposal.save_with_captcha
-      redirect_to @spending_proposal, notice: t("flash.actions.create.spending_proposal")
+      notice = t('flash.actions.create.spending_proposal', activity: "<a href='#{user_path(current_user, filter: :spending_proposals)}'>#{t('layouts.header.my_activity_link')}</a>"), flash: { html_safe: true }
+      redirect_to @spending_proposal, notice: notice
     else
       render :new
     end
diff --git a/app/views/layouts/application.html.erb b/app/views/layouts/application.html.erb
index fd95e30f1..22fd97143 100644
--- a/app/views/layouts/application.html.erb
+++ b/app/views/layouts/application.html.erb
@@ -41,7 +41,7 @@
       <![endif]-->
 
       <% if notice %>
-      <div class="alert-messages">
+      <div id="notice" class="alert-messages">
         <div class="row">
           <div data-alert class="alert-box success radius">
             <a href="#" class="close" title="<%= t("application.close") %>">&times;</a>
@@ -52,7 +52,7 @@
       <% end %>
 
       <% if alert %>
-      <div class="alert-messages">
+      <div id="alert" class="alert-messages">
         <div class="row">
           <div data-alert class="alert-box alert radius">
             <a href="#" class="close" title="<%= t("application.close") %>">&times;</a>
diff --git a/config/locales/responders.en.yml b/config/locales/responders.en.yml
index 47c437119..b2640c6ac 100755
--- a/config/locales/responders.en.yml
+++ b/config/locales/responders.en.yml
@@ -6,7 +6,7 @@ en:
         notice: "%{resource_name} created successfully."
         debate: "Debate created successfully."
         proposal: "Proposal created successfully."
-        spending_proposal: "Spending proposal created successfully."
+        spending_proposal: "Spending proposal created successfully. You can access it from %{activity}"
       save_changes:
         notice: Changes saved
       update:
diff --git a/config/locales/responders.es.yml b/config/locales/responders.es.yml
index 8dcb11db7..5c22856cc 100644
--- a/config/locales/responders.es.yml
+++ b/config/locales/responders.es.yml
@@ -6,7 +6,7 @@ es:
         notice: "%{resource_name} creado correctamente."
         debate: "Debate creado correctamente."
         proposal: "Propuesta creada correctamente."
-        spending_proposal: "Propuesta de gasto creada correctamente."
+        spending_proposal: "Propuesta de inversión creada correctamente. Puedes acceder a ella desde %{activity}"
       save_changes:
         notice: Cambios guardados
       update:
diff --git a/spec/features/spending_proposals_spec.rb b/spec/features/spending_proposals_spec.rb
index 484444fbb..12d692fcf 100644
--- a/spec/features/spending_proposals_spec.rb
+++ b/spec/features/spending_proposals_spec.rb
@@ -40,6 +40,32 @@ feature 'Spending proposals' do
     expect(page).to have_content('All city')
   end
 
+  scenario 'Create notice' do
+    login_as(author)
+
+    visit new_spending_proposal_path
+    fill_in 'spending_proposal_title', with: 'Build a skyscraper'
+    fill_in 'spending_proposal_description', with: 'I want to live in a high tower over the clouds'
+    fill_in 'spending_proposal_external_url', with: 'http://http://skyscraperpage.com/'
+    fill_in 'spending_proposal_association_name', with: 'People of the neighbourhood'
+    fill_in 'spending_proposal_captcha', with: correct_captcha_text
+    select  'All city', from: 'spending_proposal_geozone_id'
+    check 'spending_proposal_terms_of_service'
+
+    click_button 'Create'
+
+    expect(page).to have_content 'Spending proposal created successfully'
+    expect(page).to have_content 'You can access it from My activity'
+
+    within "#notice" do
+      click_link 'My activity'
+    end
+
+    expect(current_url).to eq(user_url(author, filter: :spending_proposals))
+    expect(page).to have_content "1 Spending proposal"
+    expect(page).to have_content "Build a skyscraper"
+  end
+
   scenario 'Captcha is required for proposal creation' do
     login_as(author)
 

From 6f1830b4d100bfac7d2b3fb7539f68d364afbce7 Mon Sep 17 00:00:00 2001
From: rgarcia <voodoorai2000@gmail.com>
Date: Sun, 21 Feb 2016 18:58:12 +0100
Subject: [PATCH 4/4] fixes specs

---
 app/controllers/spending_proposals_controller.rb | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/app/controllers/spending_proposals_controller.rb b/app/controllers/spending_proposals_controller.rb
index 3965c7494..7e32b0a93 100644
--- a/app/controllers/spending_proposals_controller.rb
+++ b/app/controllers/spending_proposals_controller.rb
@@ -21,8 +21,8 @@ class SpendingProposalsController < ApplicationController
     @spending_proposal.author = current_user
 
     if @spending_proposal.save_with_captcha
-      notice = t('flash.actions.create.spending_proposal', activity: "<a href='#{user_path(current_user, filter: :spending_proposals)}'>#{t('layouts.header.my_activity_link')}</a>"), flash: { html_safe: true }
-      redirect_to @spending_proposal, notice: notice
+      notice = t('flash.actions.create.spending_proposal', activity: "<a href='#{user_path(current_user, filter: :spending_proposals)}'>#{t('layouts.header.my_activity_link')}</a>")
+      redirect_to @spending_proposal, notice: notice, flash: { html_safe: true }
     else
       render :new
     end