Merge branch 'master' of github.com:diaspora/diaspora

app/controllers/albums_controller.rb

@@ -16,9 +16,7 @@ class AlbumsController < ApplicationController
   def create
     aspect = params[:album][:to]
 
-    data = clean_hash(params[:album])
+    @album = current_user.post(:album, params[:album])
-
-    @album = current_user.post(:album, data)
     flash[:notice] = I18n.t 'albums.create.success', :name  => @album.name
     redirect_to :action => :show, :id => @album.id, :aspect => aspect
   end
@@ -53,9 +51,7 @@ class AlbumsController < ApplicationController
   def update
     @album = current_user.find_visible_post_by_id params[:id]
 
-    data = clean_hash(params[:album])
+    if current_user.update_post( @album, params[:album] )
-
-    if current_user.update_post( @album, data )
       flash[:notice] =  I18n.t 'albums.update.success', :name  => @album.name
       respond_with @album
     else
@@ -63,12 +59,4 @@ class AlbumsController < ApplicationController
       render :action => :edit
     end
   end
-
-  private
-  def clean_hash(params)
-    return {
-      :name => params[:name],
-      :to   => params[:to]
-    }
-  end
 end

app/controllers/dev_utilities_controller.rb

@@ -39,7 +39,7 @@ class DevUtilitiesController < ApplicationController
 
   def set_profile_photo
     render :nothing => true
-    album = Album.create(:person => current_user.person, :name => "Profile Photos")
+    album = current_user.post(:album, :name => "Profile Photos", :to => current_user.aspects.first.id)
     current_user.raw_visible_posts << album
     current_user.save
 

app/models/album.rb

@@ -16,6 +16,8 @@ class Album < Post
 
   before_destroy :destroy_photos
 
+  attr_accessible :name
+
   def self.mine_or_friends(friend_param, current_user)
     friend_param ? Album.find_all_by_person_id(current_user.friend_ids) : current_user.person.albums
   end

app/models/photo.rb

@@ -5,7 +5,7 @@
 class PhotoAlbumValidator < ActiveModel::Validator
   def validate(document)
     unless document.album.person_id == document.person_id
-      document.errors[:base] << "You post photos to that album"
+      document.errors[:base] << "You can't post photos to that album"
     end
   end
 end

app/models/post.rb

@@ -33,7 +33,11 @@ class Post
   after_destroy :destroy_comments
 
   def self.instantiate params
-    self.create params.to_hash
+    new_post = self.new params.to_hash
+    new_post.person = params[:person]
+    new_post.public = params[:public]
+    new_post.save
+    new_post
   end
 
   def as_json(opts={})

spec/controllers/albums_controller_spec.rb

@@ -13,11 +13,6 @@ describe AlbumsController do
     sign_in :user, @user
   end
 
-  it "should update the name of an album" do
-    put :update, :id => @album.id, :album => { :name => "new_name"}
-    @album.reload.name.should eql("new_name")
-  end
-
   describe '#create' do
     it 'all aspects' do
       params = {"album" => {"name" => "Sunsets","to" => "all"}}
@@ -28,4 +23,19 @@ describe AlbumsController do
       post :create, params
     end
   end
+
+  describe "#update" do
+    it "should update the name of an album" do
+      put :update, :id => @album.id, :album => { :name => "new_name"}
+      @album.reload.name.should eql("new_name")
+    end
+    
+    it "doesn't overwrite random attributes" do
+      new_user = Factory.create :user
+      params = {:name => "Bruisers", :person_id => new_user.person.id}
+      put('update', :id => @album.id, "album" => params)
+      @album.reload.person_id.should == @user.person.id
+      @album.name.should == 'Bruisers'
+    end
+  end
 end

spec/controllers/dev_utilities_controller_spec.rb

@@ -8,7 +8,7 @@ describe DevUtilitiesController do
   render_views
 
   before do
-    @tom = Factory.create(:user, :email => "tom@tom.joindiaspora.org")
+    @tom = Factory.create(:user_with_aspect, :email => "tom@tom.joindiaspora.org")
     sign_in :user, @tom
   end
 

spec/models/photo_spec.rb

@@ -39,13 +39,14 @@ describe Photo do
   end
 
   it 'must have an album' do
-    photo = Photo.new(:person => @user.person)
+    photo = Photo.new()
+    photo.person = @user.person
     photo.image = File.open(@fixture_name)
     photo.save
     photo.valid?.should be false
-    photo.album = Album.create(:name => "foo", :person => @user.person)
+    photo.album = @album
     photo.save
-    Photo.first.album.name.should == 'foo'
+    photo.reload.album.name.should == 'foo'
   end
 
   it 'should have a caption' do

spec/models/user_spec.rb

@@ -14,6 +14,30 @@ describe User do
     user.encryption_key.should_not be nil
   end
 
+  describe 'overwriting people' do
+    it 'does not overwrite old users with factory' do
+      new_user = Factory.create(:user, :id => user.id)
+      new_user.persisted?.should be_true
+      new_user.id.should_not == user.id
+    end
+    it 'does not overwrite old users with create' do
+          params = {:username => "ohai",
+                    :email => "ohai@example.com",
+                    :password => "password",
+                    :password_confirmation => "password",
+                    :person => 
+                      {:profile => 
+                        {:first_name => "O", 
+                         :last_name => "Hai"}
+                      }
+          }
+          params[:id] = user.id
+      new_user = User.build(params)
+      new_user.save
+      new_user.persisted?.should be_true
+      new_user.id.should_not == user.id
+    end
+  end
   describe "validation" do
     describe "of associated person" do
       it "fails if person is not valid" do