Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Mass assignment #246

Open
wants to merge 69 commits into
base: master
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
69 commits
Select commit Hold shift + click to select a range
98b374c
Initial tests and UI
ShishirSK Oct 17, 2013
736f246
Modified and Added Seed data
ShishirSK Oct 17, 2013
857a080
Placeholders for data needed for testing grading queue
ShishirSK Oct 18, 2013
51b87de
Get Whiteboard Updates
ShishirSK Oct 18, 2013
600b930
Travis.yml modified
ShishirSK Oct 18, 2013
eb27bf3
Merge branch 'RoughUI'
ShishirSK Oct 18, 2013
a2a637e
Factories added by Gonghan + Including db/seeds/development in spec_h…
ShishirSK Oct 19, 2013
097bead
Resolved conflict in _prof.seeds.rb
ShishirSK Oct 19, 2013
6dfb25d
Merging Factories
ShishirSK Oct 19, 2013
e1c0884
Rebased the RoughUI branch
ShishirSK Oct 20, 2013
0e63586
Placeholder UI for grading queue
ShishirSK Oct 20, 2013
7c3e3be
Added Capybara test cases
ShishirSK Oct 21, 2013
12ddf1e
Changes to avoid git conflict on grading_queue_spec
ShishirSK Oct 21, 2013
3895362
Merging master and RoughUI
ShishirSK Oct 21, 2013
1f8e8f5
Only run Travis builds on master and staged branch
qiao Oct 23, 2013
8d5a788
Added tests against mass assignment for effort_logs
Oct 11, 2013
2451d3c
Added strong_parameters gem for mass assignment protection
Oct 11, 2013
941a76e
Added tests for effort_log_line_items against mass assignment
Oct 11, 2013
ba98cf5
Added tests for peer_evaluation_learning_objectives against mass
Oct 11, 2013
8feb3ac
Added tests for peer_evaluation_reviews against mass assignment
Oct 11, 2013
459e059
Protected peer evaluation stuff (learning_objectives,
Oct 12, 2013
e6b862c
About to switch to master
Oct 18, 2013
e9a5a42
Added tests for job_employees and job_supervisors
Oct 18, 2013
ef7c217
Peer evaluation report/review/learning objective protected.
Oct 19, 2013
1520608
New Setup
anirudhbhargava7 Oct 19, 2013
ce493f1
Seeds from Professor/whiteboard
anirudhbhargava7 Oct 22, 2013
97ebde7
Ignore vim swap files
qiao Oct 22, 2013
a6041ee
Ignore tmpdir
qiao Oct 22, 2013
d4da465
update
Gonghan Oct 22, 2013
61cd93e
update
Gonghan Oct 22, 2013
a2a6b32
update
Gonghan Oct 22, 2013
e2d0bc6
Have a partially written rspec test for sorting by task number
Oct 23, 2013
6f298f4
Added rough grading queue UI
qiao Oct 23, 2013
9e1e92d
Added grading_queue_sort_by_task_spec for our added spec
Oct 23, 2013
f036473
Removing
Oct 23, 2013
56acb71
Removing strong_parameters stuff
Oct 23, 2013
144b90b
Commented out specs failing specs for mass assignment
Oct 23, 2013
5be7564
Revert modification of current_user
qiao Oct 23, 2013
12f91a0
mod: application_controller
qiao Oct 23, 2013
b480ad0
effort_log and effort_log_line_items are protected against mass
Oct 23, 2013
7d32bca
Improved readability
professor Oct 23, 2013
35308e6
Thanks team turing. Addding in Isil's indexes
professor Oct 23, 2013
b432046
Set half of the deliverables to be ungraded
qiao Oct 23, 2013
35034df
Implement graded filter for deliverables
qiao Oct 23, 2013
01c988f
Implement graded filter for deliverables
qiao Oct 23, 2013
3c399b3
Added capybara-webkit
qiao Oct 24, 2013
8e1d7e5
Removed attr_accessible from our mass assignment models
Oct 25, 2013
d6a9946
Removed tests against mass assignment in models
Oct 25, 2013
73538f2
Modified effort_logs_controller_spec to not feed effort_logs a sum di…
Oct 25, 2013
a4bf4a3
In process of writing mass assignment test for jobs
Oct 28, 2013
628b23d
Added cocaine gem
Oct 28, 2013
b7fd1b4
Protected job_supervisors from mass assignment,
Oct 28, 2013
a166183
Removed jobs_controller_spec
Oct 28, 2013
36edac7
Protected job_employees and job_supervisors from mass assignment
Oct 28, 2013
a954067
Protected effort_log_line_items from mass assignment. Weeee!
Oct 29, 2013
d931fd5
Protected effort_logs from mass assignment
Oct 29, 2013
003525d
Protected job_employees and job_supervisors from mass assignment.
Oct 29, 2013
1f5a0ab
Added include ActiveModel::ForbiddenAttributesProtection
Nov 6, 2013
e0d30c7
Modifying files to match professor/whiteboard
Nov 6, 2013
5e41c7f
Modifying files to match professor/whiteboard
Nov 6, 2013
3b40825
Merge https://github.com/professor/whiteboard into mass_assignment
Nov 6, 2013
695561d
Cleaning up files to match professor/whiteboard
Nov 6, 2013
8c63e16
Added strong_parameters gem
Nov 6, 2013
ca5bf10
Removed sort by task spec
Nov 6, 2013
39bc559
Removed some sensitive swap files
Nov 7, 2013
6d2fb25
Removed blank last line to closer match professor/whiteboard
Nov 7, 2013
4258013
Edited seeds to match professor/whiteboard
Nov 7, 2013
b15f302
Reverted .travis.yml to professor/whiteboard version
Nov 7, 2013
84bed65
Removed grading_queue_spec: not present in professor/whiteboard
Nov 7, 2013
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,8 @@
db/*.sqlite3
log/*.log
tmp/
*.swp
tmpdir/

.gems
20090827190915_mfse_add_people.rb
Expand Down
2 changes: 1 addition & 1 deletion .travis.yml
Original file line number Diff line number Diff line change
Expand Up @@ -29,4 +29,4 @@ notifications:
# on_success: [always|never|change] # default: change
# on_failure: [always|never|change] # default: always
on_success: change
on_failure: always
on_failure: always
2 changes: 1 addition & 1 deletion Gemfile
Original file line number Diff line number Diff line change
Expand Up @@ -95,6 +95,6 @@ group :development, :test do
# gem 'test-unit' #, '1.2.3' #Downgrading so that autotest, rspec will work
end


gem 'strong_parameters'

#gem 'gchartrb'
5 changes: 5 additions & 0 deletions Gemfile.lock
Original file line number Diff line number Diff line change
Expand Up @@ -242,6 +242,10 @@ GEM
rack (>= 1.0)
spreadsheet (0.8.3)
ruby-ole (>= 1.0)
strong_parameters (0.2.1)
actionpack (~> 3.0)
activemodel (~> 3.0)
railties (~> 3.0)
taps (0.3.24)
rack (>= 1.0.1)
rest-client (>= 1.4.0, < 1.7.0)
Expand Down Expand Up @@ -309,6 +313,7 @@ DEPENDENCIES
seedbank
shoulda
spreadsheet
strong_parameters
taps
thin
vestal_versions!
Expand Down
10 changes: 6 additions & 4 deletions app/controllers/application_controller.rb
Original file line number Diff line number Diff line change
Expand Up @@ -50,10 +50,12 @@ def current_person
end

## In development, if you want to pretend to be a different user, you can set it easily here
# def current_user
# User.find_by_id 725 #Cecile
## User.last
# end
#def current_user
#User.find_by_id 725 #Cecile
#User.last
#User.find_by_twiki_name("EdKatz")
#User.find_by_human_name "Todd Sedano"
#end

def authenticate_user!
if !current_user
Expand Down
10 changes: 8 additions & 2 deletions app/controllers/effort_log_line_items_controller.rb
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,7 @@ def edit
# POST /effort_log_line_items
# POST /effort_log_line_items.xml
def create
@effort_log_line_item = EffortLogLineItem.new(params[:effort_log_line_item])
@effort_log_line_item = EffortLogLineItem.new(elli_params)

respond_to do |format|
if @effort_log_line_item.save
Expand All @@ -70,7 +70,7 @@ def update
@effort_log_line_item = EffortLogLineItem.find(params[:id])

respond_to do |format|
if @effort_log_line_item.update_attributes(params[:effort_log_line_item])
if @effort_log_line_item.update_attributes(elli_params)
flash[:notice] = 'EffortLogLineItem was successfully updated.'
format.html { redirect_to(@effort_log_line_item) }
format.xml { head :ok }
Expand All @@ -97,4 +97,10 @@ def destroy
def redirect_to_effort_log_index
redirect_to :controller => :effort_logs, :action => :index
end

private
def elli_params
params.require(:effort_log_line_items).permit(:day1, :day2, :day3, :day4, :day5, :day6, :day7)
end

end
8 changes: 6 additions & 2 deletions app/controllers/effort_logs_controller.rb
Original file line number Diff line number Diff line change
Expand Up @@ -310,7 +310,7 @@ def edit
# POST /effort_logs
# POST /effort_logs.xml
def create
@effort_log = EffortLog.new(params[:effort_log])
@effort_log = EffortLog.new(effort_log_params)

setup_required_datastructures(@effort_log.year, @effort_log.week_number)

Expand Down Expand Up @@ -349,7 +349,7 @@ def update
setup_required_datastructures(@effort_log.year, @effort_log.week_number)

respond_to do |format|
if @effort_log.update_attributes(params[:effort_log])
if @effort_log.update_attributes(effort_log_params)
#check to see if user is logging effort for unregistered courses
course_error_msg = @effort_log.validate_effort_against_registered_courses()
flash[:notice] = 'EffortLog was successfully updated.'
Expand Down Expand Up @@ -424,5 +424,9 @@ def recent_foundations_or_course
Course.order("id DESC").first
end

private
def effort_log_params
params.require(:effort_log).permit(:user_id, :week_number, :year)
end

end
27 changes: 23 additions & 4 deletions app/controllers/jobs_controller.rb
Original file line number Diff line number Diff line change
Expand Up @@ -27,8 +27,9 @@ def edit
# POST /jobs
def create
authorize! :create, Job
params[:job][:supervisors_override] = params[:supervisors]
params[:job][:employees_override] = params[:students]
params[:job][:supervisors_override] = supervisors_params
params[:job][:employees_override] = []
params[:job][:employees_override] = students_params if params[:students]
@job = Job.new(params[:job])
@projects = SponsoredProject.current

Expand All @@ -44,8 +45,9 @@ def create
# PUT /jobs/1
# PUT /jobs/1.xml
def update
params[:job][:supervisors_override] = params[:supervisors]
params[:job][:employees_override] = params[:students]
params[:job][:supervisors_override] = supervisors_params
params[:job][:employees_override] = []
params[:job][:employees_override] = students_params if params[:students]
@job = Job.find(params[:id])
authorize! :update, @job
if params[:job][:is_closed].present? && params[:job][:is_closed] == "true"
Expand All @@ -67,5 +69,22 @@ def assignments
@jobs = Job.active
@all_employees = Job.all_employees
end

private
def supervisors_params
params.require(:supervisors)
end

def supervisor_params(supervisor)
supervisor.permit(:people_name)
end

def students_params
params.require(:students)
end

def student_params(student)
student.permit(:people_name)
end

end
2 changes: 2 additions & 0 deletions app/models/effort_log.rb
Original file line number Diff line number Diff line change
@@ -1,4 +1,6 @@
class EffortLog < ActiveRecord::Base
include ActiveModel::ForbiddenAttributesProtection

has_many :effort_log_line_items, :dependent => :destroy
belongs_to :user

Expand Down
1 change: 1 addition & 0 deletions app/models/effort_log_line_item.rb
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
class EffortLogLineItem < ActiveRecord::Base
include ActiveModel::ForbiddenAttributesProtection
acts_as_list :scope => :effort_log

belongs_to :effort_log
Expand Down
2 changes: 2 additions & 0 deletions app/models/job_employee.rb
Original file line number Diff line number Diff line change
@@ -1,4 +1,6 @@
class JobEmployee < ActiveRecord::Base
include ActiveModel::ForbiddenAttributesProtection

belongs_to :job
belongs_to :user
delegate :human_name, :to => :user
Expand Down
2 changes: 2 additions & 0 deletions app/models/job_supervisor.rb
Original file line number Diff line number Diff line change
@@ -1,4 +1,6 @@
class JobSupervisor < ActiveRecord::Base
include ActiveModel::ForbiddenAttributesProtection

belongs_to :job
belongs_to :user
delegate :human_name, :to => :user
Expand Down
1 change: 1 addition & 0 deletions app/models/peer_evaluation_learning_objective.rb
Original file line number Diff line number Diff line change
@@ -1,2 +1,3 @@
class PeerEvaluationLearningObjective < ActiveRecord::Base
include ActiveModel::ForbiddenAttributesProtection
end
1 change: 1 addition & 0 deletions app/models/peer_evaluation_report.rb
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
class PeerEvaluationReport < ActiveRecord::Base
include ActiveModel::ForbiddenAttributesProtection

def self.emailed_on(team_id)
report = PeerEvaluationReport.where(:team_id => team_id).first
Expand Down
1 change: 1 addition & 0 deletions app/models/peer_evaluation_review.rb
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,7 @@
# and integrated by Todd Sedano. Student teams can provide 360 review feedback
# when prompted by the faculty.
class PeerEvaluationReview < ActiveRecord::Base
include ActiveModel::ForbiddenAttributesProtection

belongs_to :team
belongs_to :author, :class_name => "User"
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -66,3 +66,4 @@
</tr>
<% end %>
</table>

2 changes: 1 addition & 1 deletion app/views/deliverables/grading_queue_for_course.html.erb
Original file line number Diff line number Diff line change
Expand Up @@ -92,4 +92,4 @@
</div>

<%= render :partial => "deliverable_listing_professor", :locals => {:deliverables => @deliverables, :skip_course_column => true} %>
<br/>
<br/>
2 changes: 1 addition & 1 deletion app/views/deliverables/index.html.erb
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@

<% if current_user.is_staff %>
<div class="staff"><p>Note that this view is intended for students. To find deliverables submitted for a course,
first select the course and then pick "deliverabes.
first select the course and then pick "deliverables.
See" <%= link_to "My courses", my_courses_path(current_user) %></p></div>
<% end %>

Expand Down
4 changes: 2 additions & 2 deletions config/initializers/session_store.rb
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# Be sure to restart your server when you modify this file.
# Be sure to restart your server when you modify this file.

CMUEducation::Application.config.session_store :cookie_store, :key => '_CMUEducation_session'
CMUEducation::Application.config.session_store :active_record_store

# Use the database for sessions instead of the cookie-based default,
# which shouldn't be used to store highly confidential information
Expand Down
10 changes: 10 additions & 0 deletions db/schema.rb
Original file line number Diff line number Diff line change
Expand Up @@ -458,6 +458,16 @@

add_index "scotty_dog_sayings", ["user_id"], :name => "index_scotty_dog_sayings_on_user_id"

create_table "sessions", :force => true do |t|
t.string "session_id", :null => false
t.text "data"
t.datetime "created_at"
t.datetime "updated_at"
end

add_index "sessions", ["session_id"], :name => "index_sessions_on_session_id"
add_index "sessions", ["updated_at"], :name => "index_sessions_on_updated_at"

create_table "sponsored_project_allocations", :force => true do |t|
t.integer "sponsored_project_id"
t.integer "user_id"
Expand Down
1 change: 0 additions & 1 deletion db/seeds.rb
Original file line number Diff line number Diff line change
Expand Up @@ -130,4 +130,3 @@
FactoryGirl.create(:presentation_feedback_questions, :label => "Visuals", :text => "Were they well-designed? Were all of them readable? Were they helpful? Were they manipulated well?")
FactoryGirl.create(:presentation_feedback_questions, :label => "Delivery", :text => "Bodily delivery: (eye-contact, gestures, energy) Vocal delivery: (loudness, rate, articulation) Question handling (poise, tact, team support; did the team answer the question asked?)")


4 changes: 2 additions & 2 deletions db/seeds/development/dda.seeds.rb
Original file line number Diff line number Diff line change
Expand Up @@ -75,10 +75,10 @@
assignment = Assignment.find_by_name("Patronous Charm")
team.members.each do |member|
grade = Grade.get_grade(course_dda.id, assignment.id, member.id)
grade.destroy
grade.destroy if grade
end

deliverable = Deliverable.find_by_assignment_id_and_team_id(assignment.id, team.id)
attachment = FactoryGirl.create(:deliverable_attachment, :deliverable_id=>deliverable.id, :submitter_id=>team.members.first.id, :attachment_file_name=>"#{team.name}_old_file", :submission_date=>Time.now)
attachment.submission_date = assignment.due_date
attachment.save
attachment.save
4 changes: 2 additions & 2 deletions db/seeds/development/jobs.seeds.rb
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@
],
[
"An Interchange Ontology for Mobile Sensor Platforms in Home Health Management",
%q(This project is in year 2 of a 3-year grant, and concerns the application of ontological engineering methods to the use of mobile sensor platforms in the home health management domain. To date we have defined a simple ontology and a mapping to a standard (IEEE 11073) for exchanging health monitoring data, such as blood pressure, pulse rate, temperature, etc. This year we will explore two tasks: 1. Building a proof of concept smart phone app that automatically converts health monitoring data into IEEE 11073-compatible form using the ontology, 2. Apply automated reasoning techniques to validate portions of the IEEE 11073 standard after converting it into an OWLrepresentation.),
%q(This project is in year 2 of a 3-year grant, and concerns the application of ontological engineering methods to the use of mobile sensor platforms in the home health management domain. To date we have defined a simple ontology and a mapping to a standard (IEEE 11073) for exchanging health monitoring data, such as blood pressure, pulse rate, temperature, etc. This year we will explore two tasks: 1. Building a proof of concept smart phone app that automatically converts health monitoring data into IEEE 11073-compatible form using the ontology, 2. Apply automated reasoning techniques to validate portions of the IEEE 11073 standard after converting it into an OWLrepresentation.),
"Experience with mobile device app development",
"some experience with Semantic Web technology (RDF, OWL, SPARQL) would be preferred",
" Fall, Spring and Summer semesters, 10 hours per week. Would like a commitment for the full year",
Expand All @@ -34,4 +34,4 @@
:duration => job[4],
:is_closed => job[8]
)
end
end
4 changes: 2 additions & 2 deletions db/seeds/development/req.seeds.rb
Original file line number Diff line number Diff line change
Expand Up @@ -154,10 +154,10 @@
assignment_validation = Assignment.find_by_name("Elaboration and Validation")
team_cooper.members.each do |member|
grade = Grade.get_grade(course_req.id, assignment_validation.id, member.id)
grade.destroy
grade.destroy if grade
end

deliverable = Deliverable.find_by_assignment_id_and_team_id(assignment_validation.id, team_cooper.id)
attachment = FactoryGirl.create(:deliverable_attachment, :deliverable_id=>deliverable.id, :submitter_id=>team_cooper.members.first.id, :attachment_file_name=>"#{team_cooper.name}_old_file", :submission_date=>Time.now)
attachment.submission_date = assignment_validation.due_date
attachment.save
attachment.save
14 changes: 8 additions & 6 deletions db/seeds/development/seeds_helper.rb
Original file line number Diff line number Diff line change
Expand Up @@ -14,11 +14,13 @@ def set_up_course(course)
course.teams.each do |team|
deliverable=FactoryGirl.create(:team_deliverable_simple, :team_id=>team.id, :creator_id=>team.members.first.id, :course_id=>course.id, :assignment_id=>assignment.id)
FactoryGirl.create(:deliverable_attachment, :deliverable_id=>deliverable.id, :submitter_id=>team.members.first.id, :attachment_file_name=>"#{team.name}_new_file", :submission_date=>Time.now)
score = 1+Random.rand(assignment.maximum_score)
team.members.each do |member|
grade = FactoryGirl.create(:grade_points, :course_id=>course.id, :assignment => assignment, :student_id => member.id, :is_student_visible => true)
grade.score = score
grade.save
if Random.rand > 0.5
score = 1+Random.rand(assignment.maximum_score)
team.members.each do |member|
grade = FactoryGirl.create(:grade_points, :course_id=>course.id, :assignment => assignment, :student_id => member.id, :is_student_visible => true)
grade.score = score
grade.save
end
end
end
elsif assignment.is_submittable
Expand All @@ -31,4 +33,4 @@ def set_up_course(course)
end
end
end
end
end
10 changes: 5 additions & 5 deletions spec/controllers/effort_logs_controller_spec.rb
Original file line number Diff line number Diff line change
Expand Up @@ -42,8 +42,8 @@

context "and there are effort logs" do
before do
@effort_logs = [EffortLog.new(:year => 2011, :week_number => 12, :sum => 8),
EffortLog.new(:year => 2011, :week_number => 12, :sum => 8)]
@effort_logs = [EffortLog.new(:year => 2011, :week_number => 12),
EffortLog.new(:year => 2011, :week_number => 12)]
EffortLog.stub(:find_effort_logs).and_return(@effort_logs)
end

Expand Down Expand Up @@ -81,8 +81,8 @@

context "and there are effort logs" do
before do
@effort_logs = [EffortLog.new(:year => 2011, :week_number => 12, :sum => 8),
EffortLog.new(:year => 2011, :week_number => 12, :sum => 8)]
@effort_logs = [EffortLog.new(:year => 2011, :week_number => 12),
EffortLog.new(:year => 2011, :week_number => 12)]
EffortLog.stub(:find_effort_logs).and_return(@effort_logs)
end

Expand Down Expand Up @@ -221,4 +221,4 @@
end

end
end
end
1 change: 0 additions & 1 deletion spec/models/effort_log_line_item_spec.rb
Original file line number Diff line number Diff line change
Expand Up @@ -47,5 +47,4 @@
end
end
end

end
1 change: 0 additions & 1 deletion spec/models/effort_log_model_spec.rb
Original file line number Diff line number Diff line change
Expand Up @@ -163,5 +163,4 @@
end
end


end
1 change: 0 additions & 1 deletion spec/models/peer_evaluation_review_spec.rb
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,5 @@
PeerEvaluationReview.is_completed_for?(nil, nil).should be_false
end


end

2 changes: 1 addition & 1 deletion spec/requests/deliverables_spec.rb
Original file line number Diff line number Diff line change
Expand Up @@ -142,7 +142,7 @@
login_with_oauth @professor
# visit deliverable_feedback_path(Deliverable.last) #if we separate out the feedback page
visit deliverable_path(Deliverable.last)
save_and_open_page
#save_and_open_page
page.should have_content("Grade Team Deliverable")
}

Expand Down
Loading