diff options
author | rhenium <re4k@re4k.info> | 2013-05-30 00:54:47 +0900 |
---|---|---|
committer | rhenium <re4k@re4k.info> | 2013-05-30 00:54:47 +0900 |
commit | 75e30f750533af57057fd5a9b7f725218f4be7d0 (patch) | |
tree | 9f6f379530d75aeb12b705edbb00c98d03ac8271 | |
parent | 8d0657441ad76b23684d13f8790df2a3c0cb84ff (diff) | |
download | aclog-75e30f750533af57057fd5a9b7f725218f4be7d0.tar.gz |
add private account (!= protected Twitter account) feature
-rw-r--r-- | app/controllers/application_controller.rb | 50 | ||||
-rw-r--r-- | app/controllers/errors_controller.rb | 3 | ||||
-rw-r--r-- | app/controllers/tweets_controller.rb | 35 | ||||
-rw-r--r-- | app/controllers/users_controller.rb | 3 | ||||
-rw-r--r-- | app/models/user.rb | 10 | ||||
-rw-r--r-- | app/views/layouts/_base.html.haml | 4 | ||||
-rw-r--r-- | app/views/shared/sidebar/_users.html.haml | 31 | ||||
-rw-r--r-- | app/views/tweets/_tweet.html.haml | 10 | ||||
-rw-r--r-- | app/views/users/_user_ranking.html.haml | 2 | ||||
-rw-r--r-- | config/routes.rb | 3 | ||||
-rw-r--r-- | lib/aclog/exceptions.rb | 1 | ||||
-rw-r--r-- | lib/aclog/receiver/register_server.rb | 4 |
12 files changed, 100 insertions, 56 deletions
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 70d2075..bd7112a 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -5,7 +5,7 @@ class ApplicationController < ActionController::Base protect_from_forgery before_filter :check_format, :check_session after_filter :xhtml - helper_method :authorized_to_show? + helper_method :authorized_to_show_user?, :authorized_to_show_best? protected def _get_user(id, screen_name) @@ -16,25 +16,45 @@ class ApplicationController < ActionController::Base end end - def authorized_to_show?(user) - return true unless user.protected? - - if session[:user_id] - return session[:user_id] == user.id || session[:account].following?(user.id) - elsif request.headers["X-Verify-Credentials-Authorization"] - # OAuth Echo - user_id = authenticate_with_twitter_oauth_echo - account = Account.find_by(user_id: user_id) - if account - return account.user_id == user.id || account.following?(user.id) + def authorized_to_show_user?(user) + @authorized_to_show_user ||= {} + @authorized_to_show_user[user.id] ||= begin + if !user.protected? + true + elsif session[:user_id] == user.id + true + elsif session[:account] && session[:account].following?(user.id) + true + elsif request.headers["X-Verify-Credentials-Authorization"] + # OAuth Echo + user_id = authenticate_with_twitter_oauth_echo + account = Account.find_by(user_id: user_id) + if account && (account.user_id == user.id || account.following?(user.id)) + true + else + false + end else - return false + false end - else - return false end end + def authorized_to_show_best?(user) + authorized_to_show_user?(user) && user.registered? && (!user.account.private? || user.id == session[:user_id]) + end + + def authorize_to_show_user!(user) + authorized_to_show_user?(user) or raise Aclog::Exceptions::UserProtected + end + + def authorize_to_show_best!(user) + authorize_to_show_user!(user) + raise Aclog::Exceptions::UserNotRegistered unless user.registered? + raise Aclog::Exceptions::AccountPrivate if user.account.private? && user.id != session[:user_id] + true + end + private def check_format unless request.format == :html || request.format == :json || request.format == :rss diff --git a/app/controllers/errors_controller.rb b/app/controllers/errors_controller.rb index 5ea964d..1a7eed9 100644 --- a/app/controllers/errors_controller.rb +++ b/app/controllers/errors_controller.rb @@ -31,6 +31,9 @@ class ErrorsController < ApplicationController when Aclog::Exceptions::OAuthEchoUnauthorized @status = 401 @message = "OAuth Echo 認証に失敗しました。" + when Aclog::Exceptions::AccountPrivate + @status = 403 + @message = "ユーザーの best は非公開です" when ActionController::RoutingError @status = 404 @message = "このページは存在しません。" diff --git a/app/controllers/tweets_controller.rb b/app/controllers/tweets_controller.rb index dc46d8a..b252406 100644 --- a/app/controllers/tweets_controller.rb +++ b/app/controllers/tweets_controller.rb @@ -1,32 +1,42 @@ # -*- encoding: utf-8 -*- class TweetsController < ApplicationController before_filter :set_user_limit + helper_method :account_private? def show tweet_required @caption = "#{@user.screen_name}'s Tweet" end + def index + user_required + best rescue timeline + end + def best user_required + check_public! @caption = "#{@user.screen_name}'s Best" @tweets = @user.tweets.reacted.order_by_reactions.list(params, force_page: true, cache: 3.minutes) end def favorited user_required + check_public! @caption = "#{@user.screen_name}'s Most Favorited" @tweets = @user.tweets.reacted.order_by_favorites.list(params, force_page: true, cache: 3.minutes) end def retweeted user_required + check_public! @caption = "#{@user.screen_name}'s Most Retweeted" @tweets = @user.tweets.reacted.order_by_retweets.list(params, force_page: true, cache: 3.minutes) end def recent user_required + check_public! @caption = "#{@user.screen_name}'s Recent Best" @tweets = @user.tweets.recent.reacted.order_by_reactions.list(params, force_page: true, cache: 3.minutes) end @@ -78,14 +88,6 @@ class TweetsController < ApplicationController end private - def render(*args) - if lookup_context.exists?(params[:action], params[:controller]) - super(*args) - else - super("_tweets") - end - end - def user_required @user = _require_user(params[:user_id], params[:screen_name]) end @@ -97,8 +99,7 @@ class TweetsController < ApplicationController def tweet_required @tweet = Tweet.find_by(id: params[:id]) raise Aclog::Exceptions::TweetNotFound unless @tweet - @user = @tweet.user - raise Aclog::Exceptions::UserProtected unless authorized_to_show?(@user) + @user = _require_user(@tweet.user_id, nil) end def set_user_limit @@ -121,10 +122,22 @@ class TweetsController < ApplicationController end end + def check_public! + authorize_to_show_best!(@user) + end + + def render(*args) + if lookup_context.exists?(params[:action], params[:controller]) + super(*args) + else + super("_tweets") + end + end + def _require_user(user_id, screen_name) user = _get_user(user_id, screen_name) raise Aclog::Exceptions::UserNotFound unless user - raise Aclog::Exceptions::UserProtected unless authorized_to_show?(user) + raise Aclog::Exceptions::UserProtected unless authorized_to_show_user?(user) user end end diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb index 98a28aa..7cdba1d 100644 --- a/app/controllers/users_controller.rb +++ b/app/controllers/users_controller.rb @@ -8,6 +8,7 @@ class UsersController < ApplicationController def discovered_by user_required + authorize_to_show_best!(@user) @result = @user.count_discovered_by.take(Settings.user_ranking.count) @caption = "Discovered By" render "_user_ranking" @@ -15,6 +16,7 @@ class UsersController < ApplicationController def discovered_users user_required + authorize_to_show_best!(@user) @result = @user.count_discovered_users.take(Settings.user_ranking.count) @caption = "Discovered Users" render "_user_ranking" @@ -31,6 +33,5 @@ class UsersController < ApplicationController def user_required @user = _get_user(params[:id] || params[:user_id], params[:screen_name]) raise Aclog::Exceptions::UserNotFound unless @user - raise Aclog::Exceptions::UserProtected unless authorized_to_show?(@user) end end diff --git a/app/models/user.rb b/app/models/user.rb index 7009b59..ac35061 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -71,14 +71,8 @@ class User < ActiveRecord::Base ret.retweeted_count = retweeted_counts.sum ret.average_favorited_count = favorited_counts.inject(:+).to_f / ret.tweets_count ret.average_retweeted_count = retweeted_counts.inject(:+).to_f / ret.tweets_count - - _conv = lambda do |i| - g = 10 ** (i.to_s.size - 4) - m = (i / g * g).to_i - "#{m}#{(m == i) ? "" : "+"}" - end - ret.retweeted_count_str = _conv.call(ret.retweeted_count) - ret.favorited_count_str = _conv.call(ret.favorited_count) + ret.retweeted_count_str = ret.retweeted_count.to_s + ret.favorited_count_str = ret.favorited_count.to_s ret end diff --git a/app/views/layouts/_base.html.haml b/app/views/layouts/_base.html.haml index 907bd45..7494f89 100644 --- a/app/views/layouts/_base.html.haml +++ b/app/views/layouts/_base.html.haml @@ -15,9 +15,9 @@ %li = link_to "about", about_path - if logged_in? - %li= link_to "logout", logout_path %li= link_to "settings", settings_path - %li= link_to session[:account].user.screen_name, user_best_path(session[:account].user.screen_name) + %li= link_to "logout", logout_path + %li= link_to session[:account].user.screen_name, user_path(session[:account].user.screen_name) - else %li= link_to "login", "/i/login" .container diff --git a/app/views/shared/sidebar/_users.html.haml b/app/views/shared/sidebar/_users.html.haml index a23445a..dba837e 100644 --- a/app/views/shared/sidebar/_users.html.haml +++ b/app/views/shared/sidebar/_users.html.haml @@ -1,6 +1,6 @@ .sidebar .avatar - = link_to user_best_path(@user.screen_name) do + = link_to user_path(@user.screen_name) do = image_tag @user.profile_image_url_original, alt: @user.screen_name, width: 64, height: 64, class: "icon img-rounded" .screen_name= link_to @user.screen_name, twitter_user_url(@user.screen_name) - if @user.registered? @@ -22,16 +22,23 @@ = "@#{@user.screen_name} has never signed in to aclog" .user_nav %ul.nav.nav-tabs.nav-stacked - - if @user.registered? + - if authorized_to_show_best?(@user) + %li + = link_to "best", user_path(@user.screen_name) + %li + = link_to "timeline", user_timeline_path(@user.screen_name) + %li + = link_to "discoveries", user_discoveries_path(@user.screen_name) + %li + = link_to "discovered by", user_discovered_by_path(@user.screen_name) + %li + = link_to "discovered users", user_discovered_users_path(@user.screen_name) + %li + = link_to "stats", user_stats_path(@user.screen_name) + - else + %li + = link_to "timeline", user_path(@user.screen_name) + %li + = link_to "discoveries", user_discoveries_path(@user.screen_name) %li = link_to "stats", user_stats_path(@user.screen_name) - %li - = link_to "best", user_best_path(@user.screen_name) - %li - = link_to "timeline", user_timeline_path(@user.screen_name) - %li - = link_to "discoveries", user_discoveries_path(@user.screen_name) - %li - = link_to "discovered by", user_discovered_by_path(@user.screen_name) - %li - = link_to "discovered users", user_discovered_users_path(@user.screen_name) diff --git a/app/views/tweets/_tweet.html.haml b/app/views/tweets/_tweet.html.haml index 8f6f4e8..b624080 100644 --- a/app/views/tweets/_tweet.html.haml +++ b/app/views/tweets/_tweet.html.haml @@ -2,7 +2,7 @@ .tweet .left .avatar - = link_to user_best_path(tweet.user.screen_name) do + = link_to user_path(tweet.user.screen_name) do = image_tag tweet.user.profile_image_url, alt: tweet.user.screen_name, title: tweet.user.name %ul.inline.actions %li.twitter @@ -12,10 +12,10 @@ .tweet_content_fix .tweet_content .user - %span.nam= link_to tweet.user.name, user_best_path(tweet.user.screen_name) - %span.screen_name= link_to tweet.user.screen_name, user_best_path(tweet.user.screen_name) + %span.nam= link_to tweet.user.name, user_path(tweet.user.screen_name) + %span.screen_name= link_to tweet.user.screen_name, user_path(tweet.user.screen_name) .text - - if authorized_to_show?(tweet.user) + - if authorized_to_show_user?(tweet.user) = simple_format(format_tweet_text(tweet.text)) - else %span.quiet @@ -41,5 +41,5 @@ %ul.inline - users.limit(@user_limit).each do |m| %li - = link_to user_best_path(m.screen_name) do + = link_to user_path(m.screen_name) do = image_tag m.profile_image_url, alt: m.screen_name, title: m.name diff --git a/app/views/users/_user_ranking.html.haml b/app/views/users/_user_ranking.html.haml index 0e57f2c..7ee34cc 100644 --- a/app/views/users/_user_ranking.html.haml +++ b/app/views/users/_user_ranking.html.haml @@ -4,7 +4,7 @@ - target = User.find(user_id) %li .avatar - = link_to user_best_path(target.screen_name) do + = link_to user_path(target.screen_name) do = image_tag target.profile_image_url, alt: target.screen_name, title: target.name .data .count diff --git a/config/routes.rb b/config/routes.rb index 2419eb0..333b96c 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -54,7 +54,8 @@ Aclog::Application.routes.draw do # TweetController / Tweets scope ":screen_name" do - get "/", action: "best", as: "user_best" + get "/", action: "index", as: "user" + get "/best", action: "best", as: "user_best" get "/favorited", action: "favorited", as: "user_favorited" get "/retweeted", action: "retweeted", as: "user_retweeted" get "/recent", action: "recent", as: "user_recent" diff --git a/lib/aclog/exceptions.rb b/lib/aclog/exceptions.rb index 4e136a1..befcbde 100644 --- a/lib/aclog/exceptions.rb +++ b/lib/aclog/exceptions.rb @@ -5,6 +5,7 @@ module Aclog class UserProtected < StandardError; end class LoginRequired < StandardError; end class TweetNotFound < StandardError; end + class AccountPrivate < StandardError; end class OAuthEchoUnauthorized < StandardError; end end end diff --git a/lib/aclog/receiver/register_server.rb b/lib/aclog/receiver/register_server.rb index ea097f1..4f8a06c 100644 --- a/lib/aclog/receiver/register_server.rb +++ b/lib/aclog/receiver/register_server.rb @@ -18,6 +18,10 @@ module Aclog end end + def unregister(account_) + account = Marshal.load(account_) + end + def unregister(account) # TODO end |