diff --git a/app/controllers/main_controller.rb b/app/controllers/main_controller.rb index 46747f71..3d2a341f 100644 --- a/app/controllers/main_controller.rb +++ b/app/controllers/main_controller.rb @@ -127,7 +127,7 @@ class MainController < ApplicationController end #read this next line as 'delete a topic if its private and you're either 1. logged out or 2. logged in but not the topic creator - @topics.delete_if {|t| t.permission == "private" && (!authenticated? || (authenticated? && @current.id != t.user_id)) } + @topics.to_a.delete_if {|t| t.permission == "private" && (!authenticated? || (authenticated? && @current.id != t.user_id)) } render json: autocomplete_array_json(@topics) end @@ -163,7 +163,7 @@ class MainController < ApplicationController end #read this next line as 'delete a map if its private and you're either 1. logged out or 2. logged in but not the map creator - @maps.delete_if {|m| m.permission == "private" && (!authenticated? || (authenticated? && @current.id != m.user_id)) } + @maps.to_a.delete_if {|m| m.permission == "private" && (!authenticated? || (authenticated? && @current.id != m.user_id)) } render json: autocomplete_map_array_json(@maps) end @@ -199,7 +199,7 @@ class MainController < ApplicationController # remove any duplicate synapse types that just differ by # leading or trailing whitespaces collectedDesc = [] - @synapses.delete_if {|s| + @synapses.to_a.delete_if {|s| desc = s.desc == nil || s.desc == "" ? "" : s.desc.strip if collectedDesc.index(desc) == nil collectedDesc.push(desc) @@ -221,7 +221,7 @@ class MainController < ApplicationController @synapses.sort! {|s1,s2| s1.desc <=> s2.desc } #read this next line as 'delete a synapse if its private and you're either 1. logged out or 2. logged in but not the synapse creator - @synapses.delete_if {|s| s.permission == "private" && (!authenticated? || (authenticated? && @current.id != s.user_id)) } + @synapses.to_a.delete_if {|s| s.permission == "private" && (!authenticated? || (authenticated? && @current.id != s.user_id)) } render json: autocomplete_synapse_array_json(@synapses) else diff --git a/app/controllers/mappings_controller.rb b/app/controllers/mappings_controller.rb index 4898ceb4..79d8d80a 100644 --- a/app/controllers/mappings_controller.rb +++ b/app/controllers/mappings_controller.rb @@ -13,7 +13,7 @@ class MappingsController < ApplicationController # POST /mappings.json def create - @mapping = Mapping.new(params[:mapping]) + @mapping = Mapping.new(mapping_params) @mapping.map.touch(:updated_at) @@ -30,7 +30,7 @@ class MappingsController < ApplicationController @mapping.map.touch(:updated_at) - if @mapping.update_attributes(params[:mapping]) + if @mapping.update_attributes(mapping_params) head :no_content else render json: @mapping.errors, status: :unprocessable_entity diff --git a/app/controllers/topics_controller.rb b/app/controllers/topics_controller.rb index 7929c5ac..3cc029f9 100644 --- a/app/controllers/topics_controller.rb +++ b/app/controllers/topics_controller.rb @@ -14,7 +14,7 @@ class TopicsController < ApplicationController #read this next line as 'delete a topic if its private and you're either #1. logged out or 2. logged in but not the topic creator - @topics.delete_if {|t| t.permission == "private" && + @topics.to_a.delete_if {|t| t.permission == "private" && (!authenticated? || (authenticated? && @current.id != t.user_id)) } else @topics = [] @@ -34,7 +34,7 @@ class TopicsController < ApplicationController respond_to do |format| format.html { @alltopics = ([@topic] + @topic.relatives).delete_if {|t| t.permission == "private" && (!authenticated? || (authenticated? && @current.id != t.user_id)) } # should limit to topics visible to user - @allsynapses = @topic.synapses.delete_if {|s| s.permission == "private" && (!authenticated? || (authenticated? && @current.id != s.user_id)) } + @allsynapses = @topic.synapses.to_a.delete_if {|s| s.permission == "private" && (!authenticated? || (authenticated? && @current.id != s.user_id)) } @allcreators = [] @alltopics.each do |t| @@ -63,8 +63,8 @@ class TopicsController < ApplicationController redirect_to root_url, notice: "Access denied. That topic is private." and return end - @alltopics = @topic.relatives.delete_if {|t| t.permission == "private" && (!authenticated? || (authenticated? && @current.id != t.user_id)) } - @allsynapses = @topic.synapses.delete_if {|s| s.permission == "private" && (!authenticated? || (authenticated? && @current.id != s.user_id)) } + @alltopics = @topic.relatives.to_a.delete_if {|t| t.permission == "private" && (!authenticated? || (authenticated? && @current.id != t.user_id)) } + @allsynapses = @topic.synapses.to_a.delete_if {|s| s.permission == "private" && (!authenticated? || (authenticated? && @current.id != s.user_id)) } @allcreators = [] @allcreators.push(@topic.user) @alltopics.each do |t| @@ -100,7 +100,7 @@ class TopicsController < ApplicationController @topicsAlreadyHas = params[:network] ? params[:network].split(',') : [] - @alltopics = @topic.relatives.delete_if {|t| + @alltopics = @topic.relatives.to_a.delete_if {|t| @topicsAlreadyHas.index(t.id.to_s) != nil || (t.permission == "private" && (!authenticated? || (authenticated? && @current.id != t.user_id))) } @@ -132,7 +132,7 @@ class TopicsController < ApplicationController @topicsAlreadyHas = params[:network] ? params[:network].split(',') : [] - @alltopics = @topic.relatives.delete_if {|t| + @alltopics = @topic.relatives.to_a.delete_if {|t| @topicsAlreadyHas.index(t.id.to_s) != nil || (params[:metacode] && t.metacode_id.to_s != params[:metacode]) || (t.permission == "private" && (!authenticated? || (authenticated? && @current.id != t.user_id))) @@ -140,7 +140,7 @@ class TopicsController < ApplicationController @alltopics.uniq! - @allsynapses = @topic.synapses.delete_if {|s| + @allsynapses = @topic.synapses.to_a.delete_if {|s| (s.topic1 == @topic && @alltopics.index(s.topic2) == nil) || (s.topic2 == @topic && @alltopics.index(s.topic1) == nil) } @@ -171,7 +171,7 @@ class TopicsController < ApplicationController # POST /topics # POST /topics.json def create - @topic = Topic.new(params[:topic]) + @topic = Topic.new(topic_params) respond_to do |format| if @topic.save @@ -188,7 +188,7 @@ class TopicsController < ApplicationController @topic = Topic.find(params[:id]) respond_to do |format| - if @topic.update_attributes(params[:topic]) + if @topic.update_attributes(topic_params) format.json { head :no_content } else format.json { render json: @topic.errors, status: :unprocessable_entity } diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb index 0141e52d..52996f49 100644 --- a/app/controllers/users_controller.rb +++ b/app/controllers/users_controller.rb @@ -103,5 +103,6 @@ class UsersController < ApplicationController def user_params params.require(:user).permit(:name, :email, :image, :password, :password_confirmation, :code, :joinedwithcode, :remember_me) + end end diff --git a/config/application.rb b/config/application.rb index 0a5e6b51..f9e0a87d 100644 --- a/config/application.rb +++ b/config/application.rb @@ -44,5 +44,7 @@ module Metamaps # Version of your assets, change this if you want to expire all your assets config.assets.version = '2.0' + + config.active_record.raise_in_transactional_callbacks = true end end