Merge branch 'main' into sprint3-issue19#Fix-Image-Size

Gemfile.lock

@@ -135,6 +135,12 @@ GEM
     jbuilder (2.11.5)
       actionview (>= 5.0.0)
       activesupport (>= 5.0.0)
+    jquery-rails (4.6.0)
+      rails-dom-testing (>= 1, < 3)
+      railties (>= 4.2.0)
+      thor (>= 0.14, < 2.0)
+    jquery-ui-rails (6.0.1)
+      railties (>= 3.2.16)
     json (2.7.1)
     jwt (2.8.1)
       base64
@@ -355,6 +361,8 @@ DEPENDENCIES
   image_processing (>= 1.2)
   importmap-rails
   jbuilder
+  jquery-rails
+  jquery-ui-rails
   omniauth
   omniauth-google-oauth2
   omniauth-rails_csrf_protection (~> 1.0)
@@ -371,7 +379,7 @@ DEPENDENCIES
   web-console
 
 RUBY VERSION
-   ruby 3.1.2p20
+   ruby 3.1.3p185
 
 BUNDLED WITH
    2.5.5

app/controllers/application_controller.rb

@@ -1,2 +1,9 @@
 class ApplicationController < ActionController::Base
+  before_action :configure_permitted_parameters, if: :devise_controller?
+
+  private
+
+  def configure_permitted_parameters
+    devise_parameter_sanitizer.permit(:sign_up, keys: %i[name lastName image_profile])
+  end
 end

app/controllers/posts_controller.rb

@@ -1,6 +1,7 @@
 class PostsController < ApplicationController
-  before_action :authenticate_user!
   before_action :set_post, only: %i[show destroy edit update]
+  before_action :authenticate_user!, except: %i[show index]
+
   def new
     @post = Post.new
   end
@@ -23,9 +24,22 @@ def index
     @posts = Post.user_post(current_user)
   end
 
-  def edit; end
+  def edit
+    unless current_user == @post.user
+      redirect_to root_path, alert: 'You are not authorized to edit this post.'
+    end
+  end
+
+  def show
+    @post = Post.find(params[:id])
+  end
 
   def update
+    unless current_user == @post.user
+      redirect_to root_path, alert: 'You are not authorized to update this post.'
+      return
+    end
+
     respond_to do |format|
       if @post.update(post_params)
         update_status(format)
@@ -37,10 +51,15 @@ def update
   end
 
   def destroy
+    unless current_user == @post.user
+      redirect_to root_path, alert: 'You are not authorized to delete this post.'
+      return
+    end
+
     @post.destroy
 
     respond_to do |format|
-      format.html { redirect_to root_path, notice: 'Post was succesfully deleted.' }
+      format.html { redirect_to root_path, notice: 'Post was successfully deleted.' }
       format.json { head :no_content }
     end
   end
@@ -49,7 +68,7 @@ def destroy
 
   # Use callbacks to share common setup or constraints between actions.
   def set_post
-    @post = Post.user_post(current_user).find(params[:id])
+    @post = Post.find(params[:id])
   end
 
   # Only allow a list of trusted parameters through.

app/mailers/application_mailer.rb

@@ -1,4 +1,4 @@
 class ApplicationMailer < ActionMailer::Base
-  default from: "from@example.com"
-  layout "mailer"
+  default from: 'megatorterra@hotmail.com'
+  layout 'mailer'
 end

app/models/post.rb

@@ -6,7 +6,6 @@ class Post < ApplicationRecord
   has_many_attached :images
 
   validates :body, presence: true
-  validate :validate_at_least_one_image_attached
   validate :validate_image_content_type
 
   attr_accessor :images_to_remove

app/models/user.rb

@@ -6,7 +6,8 @@ class User < ApplicationRecord
   has_many :posts
 
   devise :database_authenticatable, :registerable,
-         :recoverable, :rememberable, :validatable, :omniauthable, omniauth_providers: %i[google_oauth2]
+         :recoverable, :rememberable, :validatable,
+         :confirmable, :omniauthable, omniauth_providers: %i[google_oauth2]
 
   def self.from_omniauth(access_token)
     data = access_token.info

app/views/devise/registrations/new.html.erb

@@ -3,6 +3,21 @@
 <%= form_for(resource, as: resource_name, url: registration_path(resource_name)) do |f| %>
   <%= render "devise/shared/error_messages", resource: resource %>
 
+  <div class="field">
+    <%= f.label :name %>
+    <%= f.text_field :name, autofocus: true %>
+  </div>
+
+  <div class="field">
+    <%= f.label :lastName %>
+    <%= f.text_field :lastName, autofocus: true %>
+  </div>
+
+  <div class="field">
+    <%= f.label :image_profile, "Upload a new image", style: "display: block" %>
+    <%= f.file_field :image_profile %>
+  </div>
+
   <div class="field">
     <%= f.label :email %>
     <%= f.email_field :email, autofocus: true, autocomplete: "email" %>

app/views/posts/_cards.html.erb

@@ -1,4 +1,4 @@
-<%= link_to "Sign Out", destroy_user_session_path %>
+<%= button_to "Sign Out", destroy_user_session_path, method: :delete %>
 
 <div class="posts">
   <% @posts.each do |post| %>
@@ -8,8 +8,8 @@
           <div class="user">
             <%= image_tag('default-light.png') %>
             <div>
-              <h2>John Doe</h2>
-              <p>1 hour ago</p>
+              <h2><%=post.user.name%> <%=post.user.lastName%></h2>
+              <p><%= post.created_at.strftime("%d-%m-%Y a las %H:%M") %></p>
             </div>
           </div>
           <i class="bi bi-three-dots"></i>

app/views/posts/show.html.erb

@@ -1,4 +1,4 @@
-<h1>Publicación de <%= current_user.email %></h1>
+<h1>Publicación de <%= @post.user.name %></h1>
 <h2><%=@post.body%></h2>
 <div class="post-images">
     <% if @post.images.attached? %>

config/environment.rb

@@ -1,5 +1,15 @@
 # Load the Rails application.
-require_relative "application"
+require_relative 'application'
 
 # Initialize the Rails application.
 Rails.application.initialize!
+
+ActionMailer::Base.smtp_settings = {
+  user_name: 'apikey', # This is the string literal 'apikey', NOT the ID of your API key
+  password: ENV['SENDGRID_API_KEY'], # This is the secret sendgrid API key which was issued during API key creation
+  domain: 'hotmail.com',
+  address: 'smtp.sendgrid.net',
+  port: 587,
+  authentication: :plain,
+  enable_starttls_auto: true
+}

config/environments/development.rb

@@ -2,6 +2,7 @@
 
 Rails.application.configure do
   # Settings specified here will take precedence over those in config/application.rb.
+  config.action_mailer.default_url_options = { host: 'localhost', port: 3000 }
 
   # In the development environment your application's code is reloaded any time
   # it changes. This slows down response time but is perfect for development

config/initializers/devise.rb

@@ -24,7 +24,7 @@
   # Configure the e-mail address which will be shown in Devise::Mailer,
   # note that it will be overwritten if you use your own mailer class
   # with default "from" parameter.
-  config.mailer_sender = 'please-change-me-at-config-initializers-devise@example.com'
+  config.mailer_sender = 'megatorterra@hotmail.com'
   config.omniauth :google_oauth2, Rails.application.credentials.GOOGLE_OAUTH_CLIENT_ID,
                   Rails.application.credentials.GOOGLE_OAUTH_CLIENT_SERVER
 

db/migrate/20240314180719_add_confirmable_to_users_from_add_devise_to_users.rb

@@ -0,0 +1,11 @@
+class AddConfirmableToUsersFromAddDeviseToUsers < ActiveRecord::Migration[7.1]
+  def change
+    change_table :users do |t|
+      ## Confirmable
+      t.string   :confirmation_token
+      t.datetime :confirmed_at
+      t.datetime :confirmation_sent_at
+      t.string   :unconfirmed_email # Only if using reconfirmable
+    end
+  end
+end

test/mailers/previews/user_notifier_mailer_preview.rb

@@ -0,0 +1,4 @@
+# Preview all emails at http://localhost:3000/rails/mailers/user_notifier_mailer
+class UserNotifierMailerPreview < ActionMailer::Preview
+
+end

test/mailers/user_notifier_mailer_test.rb

@@ -0,0 +1,7 @@
+require "test_helper"
+
+class UserNotifierMailerTest < ActionMailer::TestCase
+  # test "the truth" do
+  #   assert true
+  # end
+end