From 064a2758bb498331debc7071fc9b3e42cecffb33 Mon Sep 17 00:00:00 2001
From: Andrew Cockerham <cockerham.andrew@gmail.com>
Date: Sat, 31 Oct 2015 15:43:07 -0500
Subject: [PATCH] long time no push

---
 app/controllers/certificates_controller.rb   | 32 ++++++++++++++------
 app/controllers/pins_controller.rb           |  5 +++
 app/helpers/application_helper.rb            |  1 +
 app/models/user.rb                           |  6 ++--
 app/views/certificates/index.html.erb        |  2 +-
 app/views/certificates/show.html.erb         |  2 +-
 app/views/devise/registrations/edit.html.erb |  5 +--
 app/views/layouts/_header.html.erb           |  2 +-
 app/views/pages/about.html.erb               |  2 +-
 9 files changed, 39 insertions(+), 18 deletions(-)

diff --git a/app/controllers/certificates_controller.rb b/app/controllers/certificates_controller.rb
index 39e1302..41bcd1c 100644
--- a/app/controllers/certificates_controller.rb
+++ b/app/controllers/certificates_controller.rb
@@ -1,10 +1,13 @@
 class CertificatesController < ApplicationController
+  before_filter :authenticate_user!
+  #before_filter is_current_user?
+
   # GET /certificates
   # GET /certificates.json
   def index
     #@certificates = Certificate.all
     @certificates = current_user.certificates.all
-    
+
     respond_to do |format|
       format.html # index.html.erb
       format.json { render json: @certificates }
@@ -14,11 +17,13 @@ def index
   # GET /certificates/1
   # GET /certificates/1.json
   def show
-    @certificate = Certificate.find(params[:id])
-
-    respond_to do |format|
-      format.html # show.html.erb
-      format.json { render json: @certificate }
+    #@certificates = current_user.certificates.all
+    #@certificate = @certificates.find(params[:id])
+    #@certificate = current_user.certificates.all.find(params[:id])
+    if current_user.id == Certificate.find(params[:id]).user_id
+      @certificate = Certificate.find(params[:id])
+    else
+      redirect_to certificates_url, notice: 'You can only view your own certificates'
     end
   end
 
@@ -34,9 +39,13 @@ def new
   end
 
   # GET /certificates/1/edit
-  def edit
-    @certificate = Certificate.find(params[:id])
-  end
+#def edit
+#    if current_user.id == Certificate.find(params[:id]).user_id
+#      @certificate = Certificate.find(params[:id])
+#    else
+#      redirect_to certificates_url, notice: 'You can only edit your own certificates'
+#    end
+#  end
 
   # POST /certificates
   # POST /certificates.json
@@ -87,4 +96,9 @@ def destroy
    # send_file(pdf_filename, :filename => "19035122-V2W-LFCZ_(1).pdf", :disposition => 'inline', :type => "application/pdf")
     
   #end
+
+  #def is_current_user?
+  #  return current_user    
+  #end
+
 end
diff --git a/app/controllers/pins_controller.rb b/app/controllers/pins_controller.rb
index 2e862a5..acb544c 100644
--- a/app/controllers/pins_controller.rb
+++ b/app/controllers/pins_controller.rb
@@ -90,4 +90,9 @@ def destroy
       format.json { head :no_content }
     end
   end
+
+  # for rails 4
+  # def pin_params
+  #    params.require(:pin).permit(:description, :image)
+  # end
 end
diff --git a/app/helpers/application_helper.rb b/app/helpers/application_helper.rb
index de6be79..a2f4870 100644
--- a/app/helpers/application_helper.rb
+++ b/app/helpers/application_helper.rb
@@ -1,2 +1,3 @@
 module ApplicationHelper
+
 end
diff --git a/app/models/user.rb b/app/models/user.rb
index cc08d21..f90df72 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -6,7 +6,7 @@ class User < ActiveRecord::Base
          :rememberable, :trackable, :validatable 
 
   # Setup accessible (or protected) attributes for your model
-  attr_accessible :email, :password, :password_confirmation, :remember_me, :name, :hirer, :job_experience_attributes
+  attr_accessible :email, :password, :password_confirmation, :remember_me, :name, :hirer, :job_experiences_attributes
 
   # Validations
   validates_uniqueness_of :email
@@ -15,12 +15,12 @@ class User < ActiveRecord::Base
   has_many :pins, :dependent => :destroy
   has_many :job_postings, :dependent => :destroy
   has_many :job_applications, :dependent => :destroy
-  has_one :job_experience, :dependent => :destroy
+  has_many :job_experiences, :dependent => :destroy
 
   has_many :certificates
 
   # Nested Attributes
-  accepts_nested_attributes_for :job_experience
+  accepts_nested_attributes_for :job_experiences, :allow_destroy => true
    # :allow_destroy => true,
    # :reject_if     => :all_blank
 end
diff --git a/app/views/certificates/index.html.erb b/app/views/certificates/index.html.erb
index 3b2a395..bd70d7e 100644
--- a/app/views/certificates/index.html.erb
+++ b/app/views/certificates/index.html.erb
@@ -16,7 +16,7 @@
     <td><%= certificate.institution %></td>
     <td><%= certificate.date_completed %></td>
     <td><%= link_to 'Show', certificate %></td>
-    <td><%= link_to 'Edit', edit_certificate_path(certificate) %></td>
+    <!-- -->
     <td><%= link_to 'Destroy', certificate, method: :delete, data: { confirm: 'Are you sure?' } %></td>
   </tr>
 <% end %>
diff --git a/app/views/certificates/show.html.erb b/app/views/certificates/show.html.erb
index e9928d6..5117013 100644
--- a/app/views/certificates/show.html.erb
+++ b/app/views/certificates/show.html.erb
@@ -23,7 +23,7 @@
 			  <%= @certificate.date_completed %>
 			</p>
 
-<%= link_to 'Edit', edit_certificate_path(@certificate) %> |
+<!-- -->|
 <%= link_to 'Back', certificates_path %>
 
 		</div>
diff --git a/app/views/devise/registrations/edit.html.erb b/app/views/devise/registrations/edit.html.erb
index b37493e..2345d41 100644
--- a/app/views/devise/registrations/edit.html.erb
+++ b/app/views/devise/registrations/edit.html.erb
@@ -9,7 +9,8 @@
   <%= f.input :password_confirmation, label: "New Password Confirmation", autocomplete: "off" %>
   <%= f.input :current_password %>
 
-<!-- <h2> Job Experience </h2>
+ <h2> Job Experience </h2>
+
   <% job_experiences = JobExperience.find_all_by_user_id(current_user.id) %>
   <% if job_experiences.length == 0 %>
     <p>You have not entered any job experiences yet.</p>
@@ -23,7 +24,7 @@
       <% end %>      
     <% end %>
     -->
-  <%= f.fields_for :job_experience_attributes do |j| %>
+  <%= f.fields_for :job_experiences do |j| %> <!-- _attributes-->
     <%= j.input :company %>
     <%= j.input :job_title %>
     <%= j.input	:description, as: :text, input_html: { rows: "10" } %>
diff --git a/app/views/layouts/_header.html.erb b/app/views/layouts/_header.html.erb
index 6cca125..a02ce3d 100644
--- a/app/views/layouts/_header.html.erb
+++ b/app/views/layouts/_header.html.erb
@@ -34,7 +34,7 @@
 	     </ul>
 	     <ul class='nav pull-right'>
         <% if user_signed_in? %>
-          <li><%= link_to "Add Certificate", new_certificate_path %></li>
+          <li><%= link_to "My Certificates", certificates_path %></li>
           <li><%= link_to "Add +", new_pin_path %></li>
           <li><%= link_to "Edit Profile", edit_user_registration_path %></li>
           <li><%= link_to "Logout", destroy_user_session_path, method: :delete %></li>
diff --git a/app/views/pages/about.html.erb b/app/views/pages/about.html.erb
index 6c6b4aa..e2972a9 100644
--- a/app/views/pages/about.html.erb
+++ b/app/views/pages/about.html.erb
@@ -1,4 +1,4 @@
 <h1>About</h1>
 <p>
-	SkillChest was created for the future of learning and working.  Save all of your learning, including non-traditional learning such as conferences and certifications, and keep a verified record all in one place.  This can then be share with employers.
+	SkillChest was created for the future of learning and working.  Save all of your learning, including non-traditional learning such as conferences and certifications, and keep a verified record all in one place.  This can then be shared with employers.
 </p>
\ No newline at end of file