From 21b0848030f8942e342c556d76329f811fb0cc0e Mon Sep 17 00:00:00 2001
From: Kyle Drake <kyle@kyledrake.net>
Date: Tue, 7 Oct 2014 12:48:04 -0700
Subject: [PATCH] switch sites ability, some cleanup

---
 app.rb                           | 27 +++++++++++---
 models/site.rb                   | 64 ++++++++++++++++++--------------
 views/_header.erb                | 22 ++++++-----
 views/settings/account/email.erb |  2 +-
 4 files changed, 70 insertions(+), 45 deletions(-)

diff --git a/app.rb b/app.rb
index 3853f248..6b827ace 100644
--- a/app.rb
+++ b/app.rb
@@ -548,11 +548,6 @@ get '/dashboard' do
   erb :'dashboard'
 end
 
-get '/signin' do
-  dashboard_if_signed_in
-  erb :'signin'
-end
-
 get '/settings/?' do
   require_login
   @site = parent_site
@@ -779,7 +774,7 @@ end
 post '/settings/change_email' do
   require_login
   
-  if params[:email] == current_site.email
+  if params[:email] == parent_site.email
     flash[:error] = 'You are already using this email address for this account.'
     redirect '/settings#email'
   end
@@ -870,6 +865,11 @@ get '/password_reset_confirm' do
   redirect '/'
 end
 
+get '/signin/?' do
+  dashboard_if_signed_in
+  erb :'signin'
+end
+
 post '/signin' do
   dashboard_if_signed_in
 
@@ -897,6 +897,21 @@ get '/signout' do
   redirect '/'
 end
 
+get '/signin/:username' do
+  require_login
+  @site = Site[username: params[:username]]
+
+  not_found if @site.nil?
+
+  if @site.owned_by? current_site
+    session[:id] = @site.id
+    redirect request.referrer
+  end
+
+  flash[:error] = 'You do not have permission to switch to this site.'
+  redirect request.referrer
+end
+
 get '/about' do
   erb :'about'
 end
diff --git a/models/site.rb b/models/site.rb
index fef4d5bc..6252282e 100644
--- a/models/site.rb
+++ b/models/site.rb
@@ -148,24 +148,33 @@ class Site < Sequel::Model
   many_to_one :parent, :key => :parent_site_id, :class => self
   one_to_many :children, :key => :parent_site_id, :class => self
 
-  def account_sites
-    if parent?
-      sites = [self] + children
-    else
-      sites = [parent] + parent.children
-    end
+  def account_sites_dataset
+    Site.where(Sequel.|({id: owner.id}, {parent_site_id: owner.id}))
+  end
 
-    sites.compact
+  def account_sites
+    account_sites_dataset.all
+  end
+
+  def other_sites_dataset
+    account_sites_dataset.exclude(id: self.id)
   end
 
   def other_sites
-    if parent?
-      return children
-    else
-      sites = ([parent] + children)
-      sites.delete self
-      sites
-    end
+    account_sites_dataset.exclude(id: self.id).all
+  end
+
+  def account_sites_events_dataset
+    ids = account_sites_dataset.select(:id).all.collect {|s| s.id}
+    Event.where(id: ids)
+  end
+
+  def owner
+    parent? ? self : parent
+  end
+
+  def owned_by?(site)
+    !account_sites_dataset.select(:id).where(id: site.id).first.nil?
   end
 
   class << self
@@ -204,14 +213,6 @@ class Site < Sequel::Model
     false
   end
 
-  def owner
-    parent? ? self : parent
-  end
-
-  def owned_by?(site)
-    account_sites.include? site
-  end
-
   def is_following?(site)
     followings_dataset.select(:id).filter(site_id: site.id).first ? true : false
   end
@@ -242,7 +243,14 @@ class Site < Sequel::Model
   end
 
   def valid_password?(plaintext)
-    BCrypt::Password.new(values[:password]) == plaintext
+    valid = BCrypt::Password.new(owner.values[:password]) == plaintext
+
+    if !valid?
+      return false if values[:password].nil?
+      valid = BCrypt::Password.new(values[:password]) == plaintext
+    end
+
+    valid
   end
 
   def password=(plaintext)
@@ -353,18 +361,18 @@ class Site < Sequel::Model
 =end
 
   def commenting_allowed?
-    return true if commenting_allowed
+    return true if owner.commenting_allowed
 
-    if supporter?
+    if owner.supporter?
       set commenting_allowed: true
       save_changes validate: false
       return true
     end
 
-    if events_dataset.exclude(site_change_id: nil).count >= COMMENTING_ALLOWED_UPDATED_COUNT &&
+    if account_sites_events_dataset.exclude(site_change_id: nil).count >= COMMENTING_ALLOWED_UPDATED_COUNT &&
        created_at < Time.now - 604800
-      set commenting_allowed: true
-      save_changes validate: false
+      owner.set commenting_allowed: true
+      owner.save_changes validate: false
       return true
     end
 
diff --git a/views/_header.erb b/views/_header.erb
index fe6e3b2c..4c6ee1f4 100644
--- a/views/_header.erb
+++ b/views/_header.erb
@@ -39,16 +39,18 @@
             <%= current_site.username %> <b class="caret"></b>
           </a>
           <ul class="dropdown-menu pull-left">
-            <li class="dropdown-submenu pull-left">
-              <a tabindex="-1" href="#">Change Site</a>
-              <ul class="dropdown-menu">
-                <% current_site.other_sites.each do |site| %>
-                  <li>
-                    <a href="#"><%= site.username %></a><br>
-                  </li>
-                <% end %>
-              </ul>
-            </li>
+            <% if current_site.other_sites_dataset.count > 0 %>
+              <li class="dropdown-submenu pull-left">
+                <a tabindex="-1" href="#">Switch Site</a>
+                <ul class="dropdown-menu">
+                  <% current_site.other_sites_dataset.select(:username).all.each do |site| %>
+                    <li>
+                      <a href="/signin/<%= site.username %>"><%= site.username %></a><br>
+                    </li>
+                  <% end %>
+                </ul>
+              </li>
+            <% end %>
             <li>
               <a href="/dashboard" class="sign-In">Edit Site</a>
             </li>
diff --git a/views/settings/account/email.erb b/views/settings/account/email.erb
index fee181e4..13bd875b 100644
--- a/views/settings/account/email.erb
+++ b/views/settings/account/email.erb
@@ -2,7 +2,7 @@
 <form method="POST" action="/settings/change_email">
   <%== csrf_token_input_html %>
 
-  <p>Current Email: <strong><%= current_site.email %></strong></p>
+  <p>Current Email: <strong><%= parent_site.email %></strong></p>
   <p>New Email:</p>
   <input class="input-Area" name="email" type="text">