From bb5dc339fd287f2509216533d3c7dae13687d23d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Juanjo=20Baz=C3=A1n?= <jjbazan@gmail.com>
Date: Sun, 19 Jul 2015 13:27:44 +0200
Subject: [PATCH 1/3] changes default title

---
 app/views/layouts/application.html.erb | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/app/views/layouts/application.html.erb b/app/views/layouts/application.html.erb
index 85f4e3838..71b8f2805 100644
--- a/app/views/layouts/application.html.erb
+++ b/app/views/layouts/application.html.erb
@@ -4,7 +4,7 @@
     <meta charset="utf-8" />
     <meta name="viewport" content="width=device-width, initial-scale=1.0" />
 
-    <title><%= content_for?(:title) ? yield(:title) : "foundation-rails" %></title>
+    <title><%= content_for?(:title) ? yield(:title) : "Participación" %></title>
 
     <%= stylesheet_link_tag    "application" %>
     <%= javascript_include_tag "vendor/modernizr" %>
@@ -13,7 +13,7 @@
   </head>
   <body style="margin:50px">
     <p class="alert"><%= notice %></p>
-    <p class="alert"><%= alert %></p> 
+    <p class="alert"><%= alert %></p>
 
     <%= render 'devise/menu/login_items' %>
 

From df1a800d9466c5df298ea4fa4e3118648c6599ad Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Juanjo=20Baz=C3=A1n?= <jjbazan@gmail.com>
Date: Sun, 19 Jul 2015 14:46:21 +0200
Subject: [PATCH 2/3] adds editable methods to Debate

---
 app/models/debate.rb       | 10 +++++++++-
 spec/models/debate_spec.rb | 39 +++++++++++++++++++++++++++++++++++++-
 2 files changed, 47 insertions(+), 2 deletions(-)

diff --git a/app/models/debate.rb b/app/models/debate.rb
index 01dfa07c3..5104bec97 100644
--- a/app/models/debate.rb
+++ b/app/models/debate.rb
@@ -3,7 +3,7 @@ class Debate < ActiveRecord::Base
   acts_as_votable
   acts_as_commentable
   acts_as_taggable
-  
+
   belongs_to :author, class_name: 'User', foreign_key: 'author_id'
 
   validates :title, presence: true
@@ -24,4 +24,12 @@ class Debate < ActiveRecord::Base
     votes_for.size
   end
 
+  def editable?
+    total_votes == 0
+  end
+
+  def editable_by?(user)
+    editable? && author == user
+  end
+
 end
\ No newline at end of file
diff --git a/spec/models/debate_spec.rb b/spec/models/debate_spec.rb
index f277f1d7b..91797cb71 100644
--- a/spec/models/debate_spec.rb
+++ b/spec/models/debate_spec.rb
@@ -29,5 +29,42 @@ describe Debate do
     @debate.terms_of_service = nil
     expect(@debate).to_not be_valid
   end
-  
+
+  describe "#editable?" do
+    before(:each) do
+      @debate = create(:debate)
+    end
+
+    it "should be true if debate has no votes yet" do
+      expect(@debate.total_votes).to eq(0)
+      expect(@debate.editable?).to be true
+    end
+
+    it "should be false if debate has votes" do
+      create(:vote, votable: @debate)
+      expect(@debate.total_votes).to eq(1)
+      expect(@debate.editable?).to be false
+    end
+  end
+
+  describe "#editable_by?" do
+    before(:each) do
+      @debate = create(:debate)
+    end
+
+    it "should be true if user is the author and debate is editable" do
+      expect(@debate.editable_by?(@debate.author)).to be true
+    end
+
+    it "should be false if debate is not editable" do
+      create(:vote, votable: @debate)
+      expect(@debate.editable_by?(@debate.author)).to be false
+    end
+
+    it "should be false if user is not the author" do
+      expect(@debate.editable_by?(create(:user))).to be false
+
+    end
+  end
+
 end

From 2a63d1f95338987e7d85c2587cf76791a59de1d7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Juanjo=20Baz=C3=A1n?= <jjbazan@gmail.com>
Date: Sun, 19 Jul 2015 14:47:14 +0200
Subject: [PATCH 3/3] manages permissions for debate editing

---
 app/controllers/debates_controller.rb |  9 ++++++--
 app/views/debates/show.html.erb       |  8 ++++---
 spec/features/debates_spec.rb         | 33 +++++++++++++++++++++++----
 3 files changed, 40 insertions(+), 10 deletions(-)

diff --git a/app/controllers/debates_controller.rb b/app/controllers/debates_controller.rb
index 2bf5a0024..9ad043bb6 100644
--- a/app/controllers/debates_controller.rb
+++ b/app/controllers/debates_controller.rb
@@ -1,7 +1,8 @@
 class DebatesController < ApplicationController
   before_action :set_debate, only: [:show, :edit, :update]
-  before_action :authenticate_user!, only: [:new, :create]
-  
+  before_action :authenticate_user!, except: [:show, :index]
+  before_action :validate_ownership, only: [:edit, :update]
+
   def index
     if params[:tag]
       @debates = Debate.tagged_with(params[:tag])
@@ -42,4 +43,8 @@ class DebatesController < ApplicationController
       params.require(:debate).permit(:title, :description, :tag_list, :terms_of_service)
     end
 
+    def validate_ownership
+      raise ActiveRecord::RecordNotFound unless @debate.editable_by?(current_user)
+    end
+
 end
diff --git a/app/views/debates/show.html.erb b/app/views/debates/show.html.erb
index fbdc444ac..d549ee499 100644
--- a/app/views/debates/show.html.erb
+++ b/app/views/debates/show.html.erb
@@ -12,12 +12,12 @@
     <%= link_to "up", debate_votes_path(@debate, value: 'yes'), method: "post" %>
     <%= percentage('likes', @debate) %>
   </div>
-  
+
   <div id='against'>
     <%= link_to "down", debate_votes_path(@debate, value: 'no'), method: "post" %>
     <%= percentage('dislikes', @debate) %>
   </div>
-  
+
   Votos <%= @debate.total_votes %>
 </span>
 
@@ -35,5 +35,7 @@
   <%= render @debate.root_comments %>
 </div>
 
-<%= link_to 'Edit', edit_debate_path(@debate) %> |
+<% if current_user && @debate.editable_by?(current_user) %>
+  <%= link_to 'Edit', edit_debate_path(@debate) %> |
+<% end %>
 <%= link_to 'Back', debates_path %>
\ No newline at end of file
diff --git a/spec/features/debates_spec.rb b/spec/features/debates_spec.rb
index ecc4892af..df1b8bb3c 100644
--- a/spec/features/debates_spec.rb
+++ b/spec/features/debates_spec.rb
@@ -1,7 +1,7 @@
 require 'rails_helper'
 
 feature 'Debates' do
-  
+
   scenario 'Index' do
     3.times { create(:debate) }
 
@@ -35,7 +35,7 @@ feature 'Debates' do
     fill_in 'debate_title', with: 'Acabar con los desahucios'
     fill_in 'debate_description', with: 'Esto es un tema muy importante porque...'
     check 'debate_terms_of_service'
-    
+
     click_button 'Crear Debate'
 
     expect(page).to have_content 'Debate creado correctamente'
@@ -45,13 +45,36 @@ feature 'Debates' do
     expect(page).to have_content "por: #{author.name}"
   end
 
-  scenario 'Update' do
+  scenario 'Update should not be posible if logged user is not the author' do
     debate = create(:debate)
+    expect(debate).to be_editable
+    login_as(create(:user))
 
-    visit edit_debate_path(debate)
+    expect {
+      visit edit_debate_path(debate)
+    }.to raise_error ActiveRecord::RecordNotFound
+  end
+
+  scenario 'Update should not be posible if debate is not editable' do
+    debate = create(:debate)
+    vote = create(:vote, votable: debate)
+    expect(debate).to_not be_editable
+    login_as(debate.author)
+
+    expect {
+      visit edit_debate_path(debate)
+    }.to raise_error ActiveRecord::RecordNotFound
+  end
+
+  scenario 'Update should be posible for the author of an editable debate' do
+    debate = create(:debate)
+    login_as(debate.author)
+
+    visit debate_path(debate)
+    click_link 'Edit'
     fill_in 'debate_title', with: 'Dimisión Rajoy'
     fill_in 'debate_description', with: 'Podríamos...'
-    
+
     click_button 'Actualizar Debate'
 
     expect(page).to have_content 'Debate actualizado correctamente'