From f57eef4929a21ccf81c7816fded8ef0923c04622 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Juanjo=20Baza=CC=81n?= <jjbazan@gmail.com>
Date: Wed, 4 Nov 2015 13:47:55 +0100
Subject: [PATCH] makes public activity toggleable

---
 app/controllers/account_controller.rb         |  2 +-
 app/controllers/users_controller.rb           | 12 +++-
 app/views/devise/menu/_login_items.html.erb   |  3 +
 app/views/users/show.html.erb                 | 28 ++++----
 config/locales/en.yml                         |  2 +
 config/locales/es.yml                         |  2 +
 ...1103194329_add_public_activity_to_users.rb |  5 ++
 db/schema.rb                                  |  3 +-
 spec/features/users_spec.rb                   | 65 +++++++++++++++++++
 9 files changed, 105 insertions(+), 17 deletions(-)
 create mode 100644 db/migrate/20151103194329_add_public_activity_to_users.rb

diff --git a/app/controllers/account_controller.rb b/app/controllers/account_controller.rb
index 38bd4bfe5..f2a553c38 100644
--- a/app/controllers/account_controller.rb
+++ b/app/controllers/account_controller.rb
@@ -25,7 +25,7 @@ class AccountController < ApplicationController
       if @account.organization?
         params.require(:account).permit(:phone_number, :email_on_comment, :email_on_comment_reply, organization_attributes: [:name, :responsible_name])
       else
-        params.require(:account).permit(:username, :email_on_comment, :email_on_comment_reply)
+        params.require(:account).permit(:username, :public_activity, :email_on_comment, :email_on_comment_reply)
       end
     end
 
diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb
index 38c36b7cc..a978cd1ce 100644
--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@@ -3,10 +3,8 @@ class UsersController < ApplicationController
 
   load_and_authorize_resource
 
-  before_action :set_activity_counts, only: :show
-
   def show
-    load_filtered_activity
+    load_filtered_activity if valid_access?
   end
 
   private
@@ -18,6 +16,7 @@ class UsersController < ApplicationController
     end
 
     def load_filtered_activity
+      set_activity_counts
       case params[:filter]
       when "proposals" then load_proposals
       when "debates"   then load_debates
@@ -51,4 +50,11 @@ class UsersController < ApplicationController
       @comments = Comment.where(user_id: @user.id).includes(:commentable).order(created_at: :desc).page(params[:page])
     end
 
+    def valid_access?
+      @user.public_activity || authorized_current_user?
+    end
+
+    def authorized_current_user?
+      @authorized_current_user ||= current_user && (current_user == @user || current_user.moderator? || current_user.administrator?)
+    end
 end
diff --git a/app/views/devise/menu/_login_items.html.erb b/app/views/devise/menu/_login_items.html.erb
index 6cd27160d..b0998949f 100644
--- a/app/views/devise/menu/_login_items.html.erb
+++ b/app/views/devise/menu/_login_items.html.erb
@@ -1,5 +1,8 @@
 <ul class="right">
   <% if user_signed_in? %>
+    <li>
+      <%= link_to(t("layouts.header.my_activity_link"), user_path(current_user)) %>
+    </li>
     <li>
       <%= link_to(t("layouts.header.my_account_link"), account_path) %>
     </li>
diff --git a/app/views/users/show.html.erb b/app/views/users/show.html.erb
index 4f5bc3e20..51bfee34c 100644
--- a/app/views/users/show.html.erb
+++ b/app/views/users/show.html.erb
@@ -4,21 +4,25 @@
 
       <h2><%= avatar_image(@user, seed: @user.id, size: 60) %> <%= @user.name %></h2>
 
-      <dl class="sub-nav">
-        <% @valid_filters.each do |filter| %>
-          <% if @activity_counts[filter] > 0 %>
-            <% if @current_filter == filter %>
-              <dd class="active"> <%= t("users.show.filters.#{filter}", count: @activity_counts[filter]) %></dd>
-            <% else %>
-              <dd><%= link_to t("users.show.filters.#{filter}", count: @activity_counts[filter]),
-                current_path_with_query_params(filter: filter, page: 1) %></dd>
+      <% if @user.public_activity || @authorized_current_user %>
+        <dl class="sub-nav">
+          <% @valid_filters.each do |filter| %>
+            <% if @activity_counts[filter] > 0 %>
+              <% if @current_filter == filter %>
+                <dd class="active"> <%= t("users.show.filters.#{filter}", count: @activity_counts[filter]) %></dd>
+              <% else %>
+                <dd><%= link_to t("users.show.filters.#{filter}", count: @activity_counts[filter]),
+                  current_path_with_query_params(filter: filter, page: 1) %></dd>
+              <% end %>
             <% end %>
           <% end %>
-        <% end %>
-        <%= t("users.show.no_activity") if @activity_counts.values.inject(&:+) == 0 %>
-      </dl>
+          <%= t("users.show.no_activity") if @activity_counts.values.inject(&:+) == 0 %>
+        </dl>
 
-      <%= render "activity_page" %>
+        <%= render "activity_page" %>
+      <% else %>
+        <p><%= t('users.show.private_activity') %></p>
+      <% end %>
 
     </div>
   </div>
diff --git a/config/locales/en.yml b/config/locales/en.yml
index db8505853..506a13763 100755
--- a/config/locales/en.yml
+++ b/config/locales/en.yml
@@ -283,6 +283,7 @@ en:
       title: "My account"
       save_changes_submit: "Save changes"
       change_credentials_link: "Change my credentials"
+      public_activity_label: "Keep my list of activities public"
       email_on_comment_label: "Notify me by email when someone comments on my proposals or debates"
       email_on_comment_reply_label: "Notify me by email when someone replies to my comments"
       erase_account_link: "Erase my account"
@@ -337,6 +338,7 @@ en:
           one: "1 Comment"
           other: "%{count} Comments"
       no_activity: "User has no public activity"
+      private_activity: "This user decided to keep the activity list private"
       comment_to: "Comment in: "
   unauthorized:
     default: "You do not have permission to access this page."
diff --git a/config/locales/es.yml b/config/locales/es.yml
index b9b6b8a9c..2fb7b5ccf 100644
--- a/config/locales/es.yml
+++ b/config/locales/es.yml
@@ -283,6 +283,7 @@ es:
       title: "Mi cuenta"
       save_changes_submit: "Guardar cambios"
       change_credentials_link: "Cambiar mis datos de acceso"
+      public_activity_label: "Mostrar públicamente mi lista de actividades"
       email_on_comment_label: "Recibir un email cuando alguien comenta en mis propuestas o debates"
       email_on_comment_reply_label: "Recibir un email cuando alguien contesta a mis comentarios"
       erase_account_link: "Darme de baja"
@@ -337,6 +338,7 @@ es:
           one: "1 Comentario"
           other: "%{count} Comentarios"
       no_activity: "Usuario sin actividad pública"
+      private_activity: "Este usuario ha decidido mantener en privado su lista de actividades"
       comment_to: "Comentario en: "
   unauthorized:
     default: "No tienes permiso para acceder a esta página."
diff --git a/db/migrate/20151103194329_add_public_activity_to_users.rb b/db/migrate/20151103194329_add_public_activity_to_users.rb
new file mode 100644
index 000000000..8feebdff7
--- /dev/null
+++ b/db/migrate/20151103194329_add_public_activity_to_users.rb
@@ -0,0 +1,5 @@
+class AddPublicActivityToUsers < ActiveRecord::Migration
+  def change
+    add_column :users, :public_activity, :boolean, default: true
+  end
+end
diff --git a/db/schema.rb b/db/schema.rb
index 320bfffc1..fe174eb0c 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -11,7 +11,7 @@
 #
 # It's strongly recommended that you check this file into your version control system.
 
-ActiveRecord::Schema.define(version: 20151103175139) do
+ActiveRecord::Schema.define(version: 20151103194329) do
 
   # These are extensions that must be enabled in order to support this database
   enable_extension "plpgsql"
@@ -306,6 +306,7 @@ ActiveRecord::Schema.define(version: 20151103175139) do
     t.datetime "level_two_verified_at"
     t.string   "erase_reason"
     t.datetime "erased_at"
+    t.boolean  "public_activity",                      default: true
   end
 
   add_index "users", ["confirmation_token"], name: "index_users_on_confirmation_token", unique: true, using: :btree
diff --git a/spec/features/users_spec.rb b/spec/features/users_spec.rb
index 8d203ffec..26500797c 100644
--- a/spec/features/users_spec.rb
+++ b/spec/features/users_spec.rb
@@ -65,4 +65,69 @@ feature 'Users' do
 
   end
 
+  feature 'Public activity' do
+    background do
+      @user = create(:user)
+    end
+
+    scenario 'visible by default' do
+      visit user_path(@user)
+
+      expect(page).to have_content(@user.username)
+      expect(page).to_not have_content('activity list private')
+    end
+
+    scenario 'user can hide public page' do
+      login_as(@user)
+      visit account_path
+
+      uncheck 'account_public_activity'
+      click_button 'Save changes'
+
+      logout
+
+      visit user_path(@user)
+      expect(page).to have_content('activity list private')
+    end
+
+    scenario 'is always visible for the owner' do
+      login_as(@user)
+      visit account_path
+
+      uncheck 'account_public_activity'
+      click_button 'Save changes'
+
+      visit user_path(@user)
+      expect(page).to_not have_content('activity list private')
+    end
+
+    scenario 'is always visible for admins' do
+      login_as(@user)
+      visit account_path
+
+      uncheck 'account_public_activity'
+      click_button 'Save changes'
+
+      logout
+
+      login_as(create(:administrator).user)
+      visit user_path(@user)
+      expect(page).to_not have_content('activity list private')
+    end
+
+    scenario 'is always visible for moderators' do
+      login_as(@user)
+      visit account_path
+
+      uncheck 'account_public_activity'
+      click_button 'Save changes'
+
+      logout
+
+      login_as(create(:moderator).user)
+      visit user_path(@user)
+      expect(page).to_not have_content('activity list private')
+    end
+  end
+
 end
\ No newline at end of file