From 2c4cd4a020d5de82253c2e4aa53d8df02286a926 Mon Sep 17 00:00:00 2001
From: Will Bradley <bradley.will@gmail.com>
Date: Sun, 9 Feb 2014 05:01:52 -0700
Subject: [PATCH] Mooooore resources

---
 app/controllers/resources_controller.rb |  7 +++-
 app/models/ability.rb                   |  3 +-
 app/models/user.rb                      |  1 +
 app/views/layouts/resources.html.erb    |  2 +-
 app/views/resources/_form.html.erb      |  2 -
 app/views/resources/index.html.erb      | 10 ++---
 app/views/users/show.html.erb           | 49 ++++++++++++++++++++++++-
 7 files changed, 63 insertions(+), 11 deletions(-)

diff --git a/app/controllers/resources_controller.rb b/app/controllers/resources_controller.rb
index eebae3d..ca0adcc 100755
--- a/app/controllers/resources_controller.rb
+++ b/app/controllers/resources_controller.rb
@@ -1,11 +1,16 @@
 class ResourcesController < ApplicationController
   load_and_authorize_resource
-  before_filter :authenticate_user!, :load_users
+  before_filter :load_users
 
   def index
     @featured_resource = @resources.where("picture_file_name IS NOT NULL").sample
   end
 
+  def new
+    # don't get too excited... for some reason this gets set to the current_user
+    @resource.user_id = nil 
+  end
+
   def create
     authorize! :create, @resource
 
diff --git a/app/models/ability.rb b/app/models/ability.rb
index 8577e4a..65c3066 100755
--- a/app/models/ability.rb
+++ b/app/models/ability.rb
@@ -4,6 +4,7 @@ class Ability
   def initialize(user)
     can :read, Mac # Anonymous can read mac
     can :scan, Mac # Need anonymous so CRON can scan
+    can :read, Resource
 
     if !user.nil?
 
@@ -14,7 +15,7 @@ class Ability
       can [:update], Mac, :user_id => nil
       can [:create,:update], Mac, :user_id => user.id
       can :read, Payment, :user_id => user.id
-      can :read, Resource
+      can [:create,:update], Resource, :user_id => user.id
       can :read, UserCertification, :user_id => user.id
       can :read, User, :id => user.id #TODO: why can users update themselves? Maybe because Devise doesn't check users/edit?
       can :compose_email, User
diff --git a/app/models/user.rb b/app/models/user.rb
index 90586b2..232bf1d 100755
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -16,6 +16,7 @@ class User < ActiveRecord::Base
   has_many :certifications, :through => :user_certifications
   has_many :payments
   has_many :macs
+  has_many :resources
 
   validates_format_of [:twitter_url, :facebook_url, :github_url, :website_url], :with => URI::regexp(%w(http https)), :allow_blank => true
 
diff --git a/app/views/layouts/resources.html.erb b/app/views/layouts/resources.html.erb
index 7a35de0..54edb37 100755
--- a/app/views/layouts/resources.html.erb
+++ b/app/views/layouts/resources.html.erb
@@ -47,7 +47,7 @@
       <%= link_to 'People', users_path if can? :read, User %>
           </li>
           <li class="active">
-      <%= link_to 'Tools', resources_path if can? :read, Resource %>
+      <%= link_to 'Tools & Resources', resources_path if can? :read, Resource %>
           </li>
           <li>
       <%= link_to 'Access Cards', cards_path if can? :manage, Card %>
diff --git a/app/views/resources/_form.html.erb b/app/views/resources/_form.html.erb
index 3af8080..fb32a43 100644
--- a/app/views/resources/_form.html.erb
+++ b/app/views/resources/_form.html.erb
@@ -40,13 +40,11 @@
     <%= f.date_select :disposed_at, include_blank: true %>
   </p>
 
- <% if can? :assign_user, @resource %>
     <p>
       <%= f.label :user_id, "Owner" %>
       <br />
       <%= select(:resource, :user_id, options_from_collection_for_select(@users, :id, :name, @resource.user_id), include_blank: true) %>
     </p>
-  <% end %>
 
   <p>
     <%= f.label :donatable %><br />
diff --git a/app/views/resources/index.html.erb b/app/views/resources/index.html.erb
index dbd0fb1..2af7000 100755
--- a/app/views/resources/index.html.erb
+++ b/app/views/resources/index.html.erb
@@ -5,9 +5,9 @@
 <script src="/bootstrap/js/bootstrap.min.js" type="text/javascript" ></script>
 
 <style>
-  #accordion .thumbnail { height: 150px; position: relative; }
-  #accordion .thumbnail .ownership,
-  #accordion .thumbnail .disposed
+  .thumbnail { height: 150px; position: relative; }
+  .thumbnail .ownership,
+  .thumbnail .disposed
   { position: absolute; top: 1px; 
     text-shadow: 
       -1px -1px 0 #fff,
@@ -15,8 +15,8 @@
       -1px 1px 0 #fff,
       1px 1px 0 #fff;
     font-weight: bold; left: 10px; }
-  #accordion .thumbnail .disposed { color: red; }
-  #accordion .thumbnail h4 { position: absolute; bottom: 1px; margin-bottom: 1px; }
+  .thumbnail .disposed { color: red; }
+  .thumbnail h4 { position: absolute; bottom: 1px; margin-bottom: 1px; }
 </style>
 
 
diff --git a/app/views/users/show.html.erb b/app/views/users/show.html.erb
index 390e06a..8e573e8 100755
--- a/app/views/users/show.html.erb
+++ b/app/views/users/show.html.erb
@@ -120,7 +120,54 @@
     <% end %>
   <% end %>
 </p>
- 
+
+<p> 
+  <style>
+.row {
+margin-left: -15px;
+margin-right: -15px;
+}
+.col-sm-2 {
+width: 16.666666666666664%;
+float: left;
+position: relative;
+min-height: 1px;
+padding-left: 15px;
+padding-right: 15px;
+}
+    .thumbnail {
+display: block;
+padding: 4px;
+margin-bottom: 20px;
+line-height: 1.428571429;
+background-color: #fff;
+border: 1px solid #ddd;
+border-radius: 4px;
+-webkit-transition: all .2s ease-in-out;
+transition: all .2s ease-in-out;
+}
+.thumbnail a>img {
+display: block;
+max-width: 100%;
+height: auto;
+margin-left: auto;
+margin-right: auto;
+}
+.thumbnail a:hover { color: black; }
+
+  .thumbnail { height: 150px; position: relative; }
+  .thumbnail .ownership,
+  .thumbnail .disposed
+  { display: none; }
+  .thumbnail h4 { position: absolute; bottom: 1px; margin-bottom: 1px; }
+
+  .clearfix { clear: both }
+  </style>
+  <b>Resources: </b><%= link_to "+ Add", new_resource_path, :class => 'btn' if can? :create, Resource %>
+  <div class="row"><%= render @user.resources if @user.resources %></div>
+  <div class="clearfix"></div>
+</p>
+
 <p>
   <b>Waiver?</b>
   <%= @user.waiver.strftime("%B %d %Y") unless @user.waiver.blank? %>