summaryrefslogtreecommitdiff
path: root/app
diff options
context:
space:
mode:
Diffstat (limited to 'app')
-rw-r--r--app/assets/javascripts/ajax.js19
-rw-r--r--app/assets/stylesheets/application.css12
-rw-r--r--app/assets/stylesheets/custom.css.scss47
-rw-r--r--app/assets/stylesheets/scaffolds.css.scss40
-rw-r--r--app/assets/stylesheets/static.css.scss9
-rw-r--r--app/controllers/alerts_controller.rb10
-rw-r--r--app/controllers/application_controller.rb3
-rw-r--r--app/controllers/servers_controller.rb10
-rw-r--r--app/controllers/sessions_controller.rb121
-rw-r--r--app/controllers/static_controller.rb2
-rw-r--r--app/controllers/tournaments_controller.rb27
-rw-r--r--app/controllers/users_controller.rb28
-rw-r--r--app/helpers/sessions_helper.rb71
-rw-r--r--app/models/tournament.rb19
-rw-r--r--app/models/user.rb147
-rw-r--r--app/views/alerts/show.html.erb2
-rw-r--r--app/views/application/permission_denied.html.erb1
-rw-r--r--app/views/common/_error_messages.html.erb11
-rw-r--r--app/views/games/index.html.erb4
-rw-r--r--app/views/games/show.html.erb2
-rw-r--r--app/views/layouts/application.html.erb28
-rw-r--r--app/views/matches/show.html.erb2
-rw-r--r--app/views/pms/show.html.erb2
-rw-r--r--app/views/servers/show.html.erb2
-rw-r--r--app/views/sessions/_form.html.erb21
-rw-r--r--app/views/sessions/edit.html.erb6
-rw-r--r--app/views/sessions/index.html.erb27
-rw-r--r--app/views/sessions/index.json.jbuilder4
-rw-r--r--app/views/sessions/new.html.erb21
-rw-r--r--app/views/sessions/show.html.erb9
-rw-r--r--app/views/sessions/show.json.jbuilder1
-rw-r--r--app/views/static/homepage.html.erb18
-rw-r--r--app/views/tournaments/_selected.html.erb15
-rw-r--r--app/views/tournaments/index.html.erb2
-rw-r--r--app/views/tournaments/new.html.erb15
-rw-r--r--app/views/tournaments/show.html.erb6
-rw-r--r--app/views/users/already_signed_in.html.erb1
-rw-r--r--app/views/users/index.html.erb6
-rw-r--r--app/views/users/new.html.erb33
-rw-r--r--app/views/users/show.html.erb2
40 files changed, 630 insertions, 176 deletions
diff --git a/app/assets/javascripts/ajax.js b/app/assets/javascripts/ajax.js
new file mode 100644
index 0000000..040c100
--- /dev/null
+++ b/app/assets/javascripts/ajax.js
@@ -0,0 +1,19 @@
+function populate() {
+ //populate optionArray
+ //make a form element
+ var e = document.getElementById("tournament_id");
+ var gameType = e.options[e.selectedIndex].text;
+ if (gameType != "Select a Game Type") {
+ alert(gameType + " was Selected!");
+ //populate optionArray via AJAX
+ //select * from tournament_settings where gametype = GameType
+ for(var option in optionArray){
+ //identify the number of
+ ;
+ }
+ };
+
+//$.ajax(url: "/selected").done (html) -> $("#ajax-form").append html
+
+}
+
diff --git a/app/assets/stylesheets/application.css b/app/assets/stylesheets/application.css
index 3192ec8..b3f5d46 100644
--- a/app/assets/stylesheets/application.css
+++ b/app/assets/stylesheets/application.css
@@ -11,3 +11,15 @@
*= require_self
*= require_tree .
*/
+
+#query{
+ background-color: white;
+ border: 2px solid #ED9C28;
+ border-radius: 5px;
+ color: #FFF;
+ font-weight: bold;
+ height: 30px;
+}
+.navbar{
+ background-color: white;
+}
diff --git a/app/assets/stylesheets/custom.css.scss b/app/assets/stylesheets/custom.css.scss
new file mode 100644
index 0000000..d4c81a0
--- /dev/null
+++ b/app/assets/stylesheets/custom.css.scss
@@ -0,0 +1,47 @@
+@import "bootstrap";
+
+header > nav {
+ @extend .navbar;
+ @extend .navbar-inverse;
+ color: white;
+
+ #log-buttons {
+ margin-top: 8px;
+ form { display: inline; }
+ a, input[type="submit"] {
+ @extend .btn;
+ &.user { @extend .btn-info; }
+ &.signup { @extend .btn-success; }
+ &.signin { @extend .btn-info; }
+ &.signout { @extend .btn-danger; }
+ }
+ }
+ form.search {
+ @extend .navbar-form;
+ @extend .navbar-right;
+ input[type="submit"] {
+ @extend .btn-warning;
+ }
+ }
+}
+
+p.errors {
+ background-color: #FCF8C7;
+ color: red;
+ border-radius: 7px;
+ padding: 10px;
+}
+
+#errorExplanation {
+ h2 {
+ font-size: 1em;
+ color: red;
+ font-weight: bold;
+ }
+ li {
+ font-size: 1em;
+ color: red;
+ font-style: italic;
+ }
+
+}
diff --git a/app/assets/stylesheets/scaffolds.css.scss b/app/assets/stylesheets/scaffolds.css.scss
index 6ec6a8f..6700fef 100644
--- a/app/assets/stylesheets/scaffolds.css.scss
+++ b/app/assets/stylesheets/scaffolds.css.scss
@@ -1,3 +1,5 @@
+@import "bootstrap";
+
body {
background-color: #fff;
color: #333;
@@ -6,6 +8,10 @@ body {
line-height: 18px;
}
+h1, h2, h3, h4, h5{
+ color: #0f0f0f;
+}
+
p, ol, ul, td {
font-family: verdana, arial, helvetica, sans-serif;
font-size: 13px;
@@ -21,11 +27,11 @@ pre {
a {
color: #000;
&:visited {
- color: #666;
+ color: #000;
}
&:hover {
- color: #fff;
- background-color: #000;
+ color: green;
+ text-decoration: none;
}
}
@@ -40,8 +46,9 @@ div {
}
.field_with_errors {
- padding: 2px;
- background-color: red;
+ padding: 1px;
+ background-color: #FF4C4C;
+ box-shadow: 0px 0px 5px red;
display: table;
}
@@ -67,3 +74,26 @@ div {
list-style: square;
}
}
+
+.navbar-brand {
+ @extend .no-dec;
+ a{
+ color: white;
+ &:hover, &:active, &:focus {
+ color: white;
+ font-weight: normal;
+ text-decoration: none;
+ }
+ }
+}
+
+footer {
+ text-align: center;
+ border-top: solid 1px #999999;
+ padding-top: 18px;
+ margin-top: 18px;
+}
+
+button, input[type="submit"] {
+ @extend .btn;
+}
diff --git a/app/assets/stylesheets/static.css.scss b/app/assets/stylesheets/static.css.scss
index 5a803c8..d73e77d 100644
--- a/app/assets/stylesheets/static.css.scss
+++ b/app/assets/stylesheets/static.css.scss
@@ -1,3 +1,12 @@
// Place all the styles related to the static controller here.
// They will automatically be included in application.css.
// You can use Sass (SCSS) here: http://sass-lang.com/
+
+.jumbotron {
+ background-color: #FFF;
+
+ p {
+ line-height: 1.5em;
+ }
+
+}
diff --git a/app/controllers/alerts_controller.rb b/app/controllers/alerts_controller.rb
index 873e9b7..ac11854 100644
--- a/app/controllers/alerts_controller.rb
+++ b/app/controllers/alerts_controller.rb
@@ -1,5 +1,6 @@
class AlertsController < ApplicationController
before_action :set_alert, only: [:show, :edit, :update, :destroy]
+ before_action :check_perms, only: [:new, :create, :edit, :update, :destroy]
# GET /alerts
# GET /alerts.json
@@ -67,6 +68,15 @@ class AlertsController < ApplicationController
@alert = Alert.find(params[:id])
end
+ def check_perms
+ unless (signed_in? and (current_user.in_group?(:admin) or current_user.in_group?(:host)))
+ respond_to do |format|
+ format.html { render action: 'permission_denied', status: :forbidden }
+ format.json { render json: "Permission denied", status: :forbidden }
+ end
+ end
+ end
+
# Never trust parameters from the scary internet, only allow the white list through.
def alert_params
params.require(:alert).permit(:author_id, :message)
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index d83690e..7487f87 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -2,4 +2,7 @@ class ApplicationController < ActionController::Base
# Prevent CSRF attacks by raising an exception.
# For APIs, you may want to use :null_session instead.
protect_from_forgery with: :exception
+
+ #include sessionhelper for the session controller and view
+ include SessionsHelper
end
diff --git a/app/controllers/servers_controller.rb b/app/controllers/servers_controller.rb
index 7d54eb6..bb5d5f7 100644
--- a/app/controllers/servers_controller.rb
+++ b/app/controllers/servers_controller.rb
@@ -1,5 +1,6 @@
class ServersController < ApplicationController
before_action :set_server, only: [:show, :edit, :update, :destroy]
+ before_action :check_perms
# GET /servers
# GET /servers.json
@@ -67,6 +68,15 @@ class ServersController < ApplicationController
@server = Server.find(params[:id])
end
+ def check_perms
+ unless (signed_in? and current_user.in_group?(:admin))
+ respond_to do |format|
+ format.html { render action: 'permission_denied', status: :forbidden }
+ format.json { render json: "Permission denied", status: :forbidden }
+ end
+ end
+ end
+
# Never trust parameters from the scary internet, only allow the white list through.
def server_params
params[:server]
diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb
index 2f72bf7..b5ea29b 100644
--- a/app/controllers/sessions_controller.rb
+++ b/app/controllers/sessions_controller.rb
@@ -1,74 +1,51 @@
class SessionsController < ApplicationController
- before_action :set_session, only: [:show, :edit, :update, :destroy]
-
- # GET /sessions
- # GET /sessions.json
- def index
- @sessions = Session.all
- end
-
- # GET /sessions/1
- # GET /sessions/1.json
- def show
- end
-
- # GET /sessions/new
- def new
- @session = Session.new
- end
-
- # GET /sessions/1/edit
- def edit
- end
-
- # POST /sessions
- # POST /sessions.json
- def create
- @session = Session.new(session_params)
-
- respond_to do |format|
- if @session.save
- format.html { redirect_to @session, notice: 'Session was successfully created.' }
- format.json { render action: 'show', status: :created, location: @session }
- else
- format.html { render action: 'new' }
- format.json { render json: @session.errors, status: :unprocessable_entity }
- end
- end
- end
-
- # PATCH/PUT /sessions/1
- # PATCH/PUT /sessions/1.json
- def update
- respond_to do |format|
- if @session.update(session_params)
- format.html { redirect_to @session, notice: 'Session was successfully updated.' }
- format.json { head :no_content }
- else
- format.html { render action: 'edit' }
- format.json { render json: @session.errors, status: :unprocessable_entity }
- end
- end
- end
-
- # DELETE /sessions/1
- # DELETE /sessions/1.json
- def destroy
- @session.destroy
- respond_to do |format|
- format.html { redirect_to sessions_url }
- format.json { head :no_content }
- end
- end
-
- private
- # Use callbacks to share common setup or constraints between actions.
- def set_session
- @session = Session.find(params[:id])
- end
-
- # Never trust parameters from the scary internet, only allow the white list through.
- def session_params
- params.require(:session).permit(:user_id)
- end
+ before_action :set_session, only: [:destroy]
+
+ # GET /sessions/new
+ def new
+ @user = User.new
+ #@session = Session.new
+ end
+
+ # POST /sessions
+ # POST /sessions.json
+ def create
+ # find the user...
+ @user = User.find_by(email: params[:session][:email].downcase)
+ #@session = Session.new(@user)
+ # ... and create a new session
+ respond_to do |format|
+ if @user && @user.authenticate(params[:session][:password])
+ sign_in @user
+ format.html { redirect_to root_path }
+ #format.json { #TODO }
+ else
+ format.html { render action: 'new' }
+ format.json { render json: @user.errors, status: :unprocessable_entity }
+ end
+ end
+ end
+
+ # DELETE /sessions/1
+ # DELETE /sessions/1.json
+ def destroy
+ #@session.destroy
+ sign_out
+ respond_to do |format|
+ format.html { redirect_to root_path }
+ format.json { head :no_content }
+ end
+ end
+
+ private
+
+ # Use callbacks to share common setup or constraints between actions.
+ def set_session
+ #@session = Session.find(cookies[:remember_token])
+ end
+
+ # Never trust parameters from the scary internet, only allow the white list through.
+ def session_params
+ params.require(:session).permit(:session_email, :session_password)
+ end
end
diff --git a/app/controllers/static_controller.rb b/app/controllers/static_controller.rb
index c6df11e..6fc9490 100644
--- a/app/controllers/static_controller.rb
+++ b/app/controllers/static_controller.rb
@@ -1,2 +1,4 @@
class StaticController < ApplicationController
+ def homepage
+ end
end
diff --git a/app/controllers/tournaments_controller.rb b/app/controllers/tournaments_controller.rb
index 346e16b..169a348 100644
--- a/app/controllers/tournaments_controller.rb
+++ b/app/controllers/tournaments_controller.rb
@@ -1,5 +1,6 @@
class TournamentsController < ApplicationController
- before_action :set_tournament, only: [:show, :edit, :update, :destroy]
+ before_action :set_tournament, only: [:show, :edit, :update, :destroy, :join]
+ before_action :check_perms, only: [:new, :create, :edit, :update, :destroy]
# GET /tournaments
# GET /tournaments.json
@@ -14,6 +15,8 @@ class TournamentsController < ApplicationController
# GET /tournaments/new
def new
+ @games = Game.all
+ @game = Game.find_by_id(params[:game])
@tournament = Tournament.new
end
@@ -61,12 +64,34 @@ class TournamentsController < ApplicationController
end
end
+ # POST /tournaments/1/join
+ # POST /tournaments/1/join.json
+ def join
+ respond_to do |format|
+ if @tournament.join(current_user)
+ format.html { redirect_to @tournament, notice: 'You have joined this tournament.' }
+ format.json { head :no_content }
+ end
+ format.html { render action: 'permission_denied', status: :forbidden }
+ format.json { render json: "Permission denied", status: :forbidden }
+ end
+ end
+
private
# Use callbacks to share common setup or constraints between actions.
def set_tournament
@tournament = Tournament.find(params[:id])
end
+ def check_perms
+ unless (signed_in? and current_user.in_group?(:host))
+ respond_to do |format|
+ format.html { render action: 'permission_denied', status: :forbidden }
+ format.json { render json: "Permission denied", status: :forbidden }
+ end
+ end
+ end
+
# Never trust parameters from the scary internet, only allow the white list through.
def tournament_params
params.require(:tournament).permit(:game_id, :min_players_per_team, :max_players_per_team, :min_teams_per_match, :max_teams_per_match, :set_rounds, :randomized_teams, :status)
diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb
index b18efed..907958b 100644
--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@@ -1,5 +1,7 @@
class UsersController < ApplicationController
before_action :set_user, only: [:show, :edit, :update, :destroy]
+ before_action :perms_edit, only: [:edit, :update, :destroy]
+ before_action :perms_create, only: [:new, :create]
# GET /users
# GET /users.json
@@ -10,6 +12,7 @@ class UsersController < ApplicationController
# GET /users/1
# GET /users/1.json
def show
+ @user = User.find(params[:id])
end
# GET /users/new
@@ -28,10 +31,11 @@ class UsersController < ApplicationController
respond_to do |format|
if @user.save
- format.html { redirect_to @user, notice: 'User was successfully created.' }
+ sign_in @user
+ format.html { redirect_to root_path, notice: 'User was successfully created.' }
format.json { render action: 'show', status: :created, location: @user }
else
- format.html { render action: 'new' }
+ format.html { render action: 'new', status: :unprocessable_entity }
format.json { render json: @user.errors, status: :unprocessable_entity }
end
end
@@ -67,8 +71,26 @@ class UsersController < ApplicationController
@user = User.find(params[:id])
end
+ def perms_edit
+ unless (current_user == @user) or (signed_in? and current_user.in_group? :admin)
+ respond_to do |format|
+ format.html { render action: 'permission_denied', status: :forbidden }
+ format.json { render json: "Permission denied", status: :forbidden }
+ end
+ end
+ end
+
+ def perms_create
+ if signed_in?
+ respond_to do |format|
+ format.html { render action: 'already_signed_in', status: :unprocessable_entity }
+ format.json { render json: "Already signed in", status: :unprocessable_entity }
+ end
+ end
+ end
+
# Never trust parameters from the scary internet, only allow the white list through.
def user_params
- params.require(:user).permit(:name, :email, :user_name)
+ params.require(:user).permit(:name, :email, :user_name, :password, :password_confirmation)
end
end
diff --git a/app/helpers/sessions_helper.rb b/app/helpers/sessions_helper.rb
index 309f8b2..046ca6f 100644
--- a/app/helpers/sessions_helper.rb
+++ b/app/helpers/sessions_helper.rb
@@ -1,2 +1,73 @@
module SessionsHelper
+
+ def sign_in(user)
+ #create a new remember token
+ remember_token = User.new_remember_token
+ #place token inside of the browser
+ cookies.permanent[:remember_token] = remember_token
+ #save the hashed token to the database
+ user.update_attribute(:remember_token,
+ User.hash(remember_token))
+ #set the current user to be the given user
+ self.current_user = user
+ end
+
+# The curret_user=(user) is the conversion of self.current_user = user
+ def current_user=(user)
+ @current_user = user
+ end
+
+# sets the @current_user instance virable to the user corresponding
+# to the remember token, but only if @current_user is undefined
+# since the remember token is hashed, we need to hash the cookie
+# to find match the remember token
+ def current_user
+ remember_token = User.hash(cookies[:remember_token])
+ @current_user ||= User.find_by(remember_token: remember_token)
+ end
+
+ # checks if someone is currently signed in
+ def signed_in?
+ !current_user.nil?
+ end
+
+ def sign_out
+ current_user.update_attribute(:remember_token, User.hash(User.new_remember_token))
+ cookies.delete(:remember_token)
+ self.current_user = nil
+ end
+
+=begin
+
+This is for anyone that cares about how long a user is signed
+in:
+
+Currently I have a user to be signed in forever unless they
+log out (cookies.permanent....).
+
+If you want to change that, change line 7 to this:
+
+cookies[:remember_token] = { value: remember_token,
+ expires: 20.years.from_now.utc }
+
+which will expire the cookie in 20 years from its date of
+creation.
+
+Oddly enough, this line above is equivalent to the:
+
+cookies.permanent
+
+This is just a short cut for this line since most people
+create permanent cookies these days.
+
+Other times are:
+
+10.weeks.from_now
+
+5.days.ago
+
+etc...
+
+=end
+
end
diff --git a/app/models/tournament.rb b/app/models/tournament.rb
index cc915a0..afdd27e 100644
--- a/app/models/tournament.rb
+++ b/app/models/tournament.rb
@@ -1,3 +1,20 @@
class Tournament < ActiveRecord::Base
- belongs_to :game
+ belongs_to :game
+ has_many :users, :through => :user_tournament_pair
+
+ def open?
+ return true
+ end
+
+ def joinable_by?(user)
+ return ((not user.nil?) and user.in_group?(:player) and open?)
+ end
+
+ def join(user)
+ unless joinable?(user)
+ return false
+ end
+ pair = new_user_tournament_pair(user: user)
+ return pair.save
+ end
end
diff --git a/app/models/user.rb b/app/models/user.rb
index 4a57cf0..976ecf4 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -1,2 +1,149 @@
class User < ActiveRecord::Base
+ has_many :tournaments, :through => :user_tournament_pair
+
+ before_save { self.email = email.downcase }
+ before_save { self.user_name = user_name }
+
+ ##
+ # Rails looks for the create_remember_token and runs the method
+ # before anything else.
+ #
+ # This method cannot be called by a user since it is denoted
+ # as private.
+ before_create :create_remember_token
+
+ def in_group?(group)
+ case group
+ when :admin
+ return ((groups & 2) != 0)
+ when :host
+ return ((groups & 1) != 0)
+ when :player
+ return true
+ when :specator
+ return true
+ else
+ return false
+ end
+ end
+
+ def join_groups(join=[])
+ # FIXME: race condition
+ join.each do |group|
+ case group
+ when :admin
+ groups |= 2
+ when :host
+ groups |= 1
+ else
+ end
+ end
+ end
+
+ def leave_groups(leave=[])
+ # FIXME: race condition
+ leave.each do |group|
+ case group
+ when :admin
+ groups &= ~ 2
+ when :host
+ groups &= ~ 1
+ else
+ end
+ end
+ end
+
+ ##
+ # VAILD_EMAIL is the regex used to validate a user given email.
+ VALID_EMAIL_REG = /\A\S+@\S+\.\S+\z/i
+
+ ##
+ # VALID_USER_NAME checks to make sure a user's user_name
+ # is in the proper format.
+ VALID_USER_NAME_REG = /\A[a-zA-Z0-9\-]+\z/
+
+ ##
+ # The following lines put a user account through a series of
+ # validations in order to make sure all of their information
+ # is in the proper format.
+ #
+ # validates :symbol_to_be_validated
+ #
+ # - presence: determines whether or not a symbol is filled or not
+ # - length: ensures there is a length limit on the symbol
+ # - format: checks the format of given information to ensure
+ # validity
+ validates(:name, presence: true, length: { maximum: 50 })
+ validates(:email, presence: true, format: {with:
+ VALID_EMAIL_REG},
+ uniqueness: { case_sensitive: false })
+ validates(:user_name, presence: true, length:{maximum: 50},
+ format: {with: VALID_USER_NAME_REG },
+ uniqueness: {case_sensitive: false })
+
+ ##
+ # Instead of adding password and password_confirmation
+ # attributes, requiring the presence of a password,
+ # requiring that pw and pw_com match, and add an authenticate
+ # method to compare an encrypted password to the
+ # password_digest to authenticate users, I can just add
+ # has_secure_password which does all of this for me.
+ has_secure_password
+
+ validates :password, length: { minimum: 6 }
+
+ ##
+ # Create a random remember token for the user. This will be
+ # changed every time the user creates a new session.
+ #
+ # By changing the cookie every new session, any hijacked sessions
+ # (where the attacker steals a cookie to sign in as a certain
+ # user) will expire the next time the user signs back in.
+ #
+ # The random string is of length 16 composed of A-Z, a-z, 0-9
+ # This is the browser's cookie value.
+ def User.new_remember_token
+ SecureRandom.urlsafe_base64
+ end
+
+ ##
+ # Encrypt the remember token.
+ # This is the encrypted version of the cookie stored on
+ # the database.
+ #
+ # The reasoning for storing a hashed token is so that even if
+ # the database is compromised, the attacker won't be able to use
+ # the remember tokens to sign in.
+ def User.hash(token)
+ Digest::SHA1.hexdigest(token.to_s)
+ end
+
+ ##
+ # SHA-1 (Secure Hash Algorithm) is a US engineered hash
+ # function that produces a 20 byte hash value which typically
+ # forms a hexadecimal number 40 digits long.
+ # The reason I am not using the Bcrypt algorithm is because
+ # SHA-1 is much faster and I will be calling this on
+ # every page a user accesses.
+ #
+ # https://en.wikipedia.org/wiki/SHA-1
+
+
+ # Everything under private is hidden so you cannot call.
+ private
+
+ ##
+ # Create_remember_token in order to ensure a user always has
+ # a remember token.
+ def create_remember_token
+ self.remember_token = User.hash(User.new_remember_token)
+ end
+
+ ##
+ # In order to ensure that someone did not accidentally submit
+ # two accounts rapidly (which would throw off the validates
+ # for user_name and email), I added an index to the Users
+ # email and user_name in the database to ensure uniqueness
+ # This also gives and index to the user_name and email
+ # so finding a user SHOULD be easier for the database.
end
diff --git a/app/views/alerts/show.html.erb b/app/views/alerts/show.html.erb
index eeab7f7..5dda2c9 100644
--- a/app/views/alerts/show.html.erb
+++ b/app/views/alerts/show.html.erb
@@ -1,5 +1,3 @@
-<p id="notice"><%= notice %></p>
-
<p>
<strong>Author:</strong>
<%= @alert.author %>
diff --git a/app/views/application/permission_denied.html.erb b/app/views/application/permission_denied.html.erb
new file mode 100644
index 0000000..1ef883c
--- /dev/null
+++ b/app/views/application/permission_denied.html.erb
@@ -0,0 +1 @@
+<h1>Permission denied</h1>
diff --git a/app/views/common/_error_messages.html.erb b/app/views/common/_error_messages.html.erb
new file mode 100644
index 0000000..731f62c
--- /dev/null
+++ b/app/views/common/_error_messages.html.erb
@@ -0,0 +1,11 @@
+<%# http://railscasts.com/episodes/211-validations-in-rails-3 %>
+<% if target.errors.any? %>
+<div id="errorExplanation">
+ <h2><%= pluralize(target.errors.count, "error") %> prohibited this form from being submitted:</h2>
+ <ul>
+ <% target.errors.full_messages.each do |msg| %>
+ <li><%= msg %></li>
+ <% end %>
+ </ul>
+</div>
+<% end %>
diff --git a/app/views/games/index.html.erb b/app/views/games/index.html.erb
index 27c5860..77f6a56 100644
--- a/app/views/games/index.html.erb
+++ b/app/views/games/index.html.erb
@@ -36,4 +36,6 @@
<br>
-<%= link_to 'New Game', new_game_path %>
+
+<%= link_to 'New Game', new_game_path, {:class => "btn btn-warning"} %>
+
diff --git a/app/views/games/show.html.erb b/app/views/games/show.html.erb
index 1f1a154..39d4a97 100644
--- a/app/views/games/show.html.erb
+++ b/app/views/games/show.html.erb
@@ -1,5 +1,3 @@
-<p id="notice"><%= notice %></p>
-
<p>
<strong>Name:</strong>
<%= @game.name %>
diff --git a/app/views/layouts/application.html.erb b/app/views/layouts/application.html.erb
index cefd1be..7578d82 100644
--- a/app/views/layouts/application.html.erb
+++ b/app/views/layouts/application.html.erb
@@ -5,10 +5,36 @@
<%= stylesheet_link_tag "application", media: "all", "data-turbolinks-track" => true %>
<%= javascript_include_tag "application", "data-turbolinks-track" => true %>
<%= csrf_meta_tags %>
+ <%= yield :head %>
</head>
<body>
+<header><nav>
+ <div class="navbar-brand"><%= link_to('Leaguer', root_path) %></div>
+ <div>
+ <%= form_tag("/search", method: "get", :class => "search") do %>
+ <%= text_field_tag(:query, nil, :placeholder => "Search") %>
+ <%= submit_tag("Go") %>
+ <% end %>
+ </div>
-<%= yield %>
+ <div id="log-buttons">
+ <% if signed_in? %>
+ <%= link_to current_user.user_name, current_user, :class => "user" %>
+ <%= link_to "Sign out", session_path("current"), method: "delete", :class => "signout" %>
+ <% else %>
+ <%= link_to "Log in", new_session_path, :class => "signin" %>
+ <%= link_to "Sign up", new_user_path, :class => "signup" %>
+ <% end %>
+ </div>
+</nav></header>
+<% if notice %><div id="notice"><p><%= notice %></p></div><% end %>
+
+<div class="container"><%= yield %></div>
+
+<footer>
+ <p>Leaguer is copyright &copy; 2014, Tomer Kimia, Andrew Murrell, Luke Shumaker, Nathaniel Foy, Davis Webb, and Guntas Grewal</p>
+</footer>
+<%= debug(params) if Rails.env.development? %>
</body>
</html>
diff --git a/app/views/matches/show.html.erb b/app/views/matches/show.html.erb
index 0b02ae7..9c9cbb4 100644
--- a/app/views/matches/show.html.erb
+++ b/app/views/matches/show.html.erb
@@ -1,5 +1,3 @@
-<p id="notice"><%= notice %></p>
-
<p>
<strong>Tournament:</strong>
<%= @match.tournament %>
diff --git a/app/views/pms/show.html.erb b/app/views/pms/show.html.erb
index 5ee483f..2a03716 100644
--- a/app/views/pms/show.html.erb
+++ b/app/views/pms/show.html.erb
@@ -1,5 +1,3 @@
-<p id="notice"><%= notice %></p>
-
<p>
<strong>Author:</strong>
<%= @pm.author %>
diff --git a/app/views/servers/show.html.erb b/app/views/servers/show.html.erb
index 039cd8f..67f7647 100644
--- a/app/views/servers/show.html.erb
+++ b/app/views/servers/show.html.erb
@@ -1,4 +1,2 @@
-<p id="notice"><%= notice %></p>
-
<%= link_to 'Edit', edit_server_path(@server) %> |
<%= link_to 'Back', servers_path %>
diff --git a/app/views/sessions/_form.html.erb b/app/views/sessions/_form.html.erb
deleted file mode 100644
index 1b94e77..0000000
--- a/app/views/sessions/_form.html.erb
+++ /dev/null
@@ -1,21 +0,0 @@
-<%= form_for(@session) do |f| %>
- <% if @session.errors.any? %>
- <div id="error_explanation">
- <h2><%= pluralize(@session.errors.count, "error") %> prohibited this session from being saved:</h2>
-
- <ul>
- <% @session.errors.full_messages.each do |msg| %>
- <li><%= msg %></li>
- <% end %>
- </ul>
- </div>
- <% end %>
-
- <div class="field">
- <%= f.label :user_id %><br>
- <%= f.text_field :user_id %>
- </div>
- <div class="actions">
- <%= f.submit %>
- </div>
-<% end %>
diff --git a/app/views/sessions/edit.html.erb b/app/views/sessions/edit.html.erb
deleted file mode 100644
index bbd8407..0000000
--- a/app/views/sessions/edit.html.erb
+++ /dev/null
@@ -1,6 +0,0 @@
-<h1>Editing session</h1>
-
-<%= render 'form' %>
-
-<%= link_to 'Show', @session %> |
-<%= link_to 'Back', sessions_path %>
diff --git a/app/views/sessions/index.html.erb b/app/views/sessions/index.html.erb
deleted file mode 100644
index 707a47d..0000000
--- a/app/views/sessions/index.html.erb
+++ /dev/null
@@ -1,27 +0,0 @@
-<h1>Listing sessions</h1>
-
-<table>
- <thead>
- <tr>
- <th>User</th>
- <th></th>
- <th></th>
- <th></th>
- </tr>
- </thead>
-
- <tbody>
- <% @sessions.each do |session| %>
- <tr>
- <td><%= session.user %></td>
- <td><%= link_to 'Show', session %></td>
- <td><%= link_to 'Edit', edit_session_path(session) %></td>
- <td><%= link_to 'Destroy', session, method: :delete, data: { confirm: 'Are you sure?' } %></td>
- </tr>
- <% end %>
- </tbody>
-</table>
-
-<br>
-
-<%= link_to 'New Session', new_session_path %>
diff --git a/app/views/sessions/index.json.jbuilder b/app/views/sessions/index.json.jbuilder
deleted file mode 100644
index 18fd4fa..0000000
--- a/app/views/sessions/index.json.jbuilder
+++ /dev/null
@@ -1,4 +0,0 @@
-json.array!(@sessions) do |session|
- json.extract! session, :id, :user_id
- json.url session_url(session, format: :json)
-end
diff --git a/app/views/sessions/new.html.erb b/app/views/sessions/new.html.erb
index 55c9eca..550a54d 100644
--- a/app/views/sessions/new.html.erb
+++ b/app/views/sessions/new.html.erb
@@ -1,5 +1,20 @@
-<h1>New session</h1>
+<h1>Sign in</h1>
+<% if @user.nil? %>
+ <p class="errors"> The username or password is incorrect. Verify that CAPS LOCK is not on, and then retype the current username and password. </p>
+<% end %>
+<div class="row">
+ <div class="span6 offset3">
+ <%= form_for(:session, url: sessions_path) do |f| %>
-<%= render 'form' %>
+ <%= f.label :email %>
+ <%= f.text_field :email %>
-<%= link_to 'Back', sessions_path %>
+ <%= f.label :password %>
+ <%= f.password_field :password %>
+
+ <%= f.submit "Sign in", class: "btn btn-large btn-primary" %>
+ <% end %>
+
+ <p>New user? <%= link_to "Sign up now!", new_user_path %></p>
+ </div>
+</div>
diff --git a/app/views/sessions/show.html.erb b/app/views/sessions/show.html.erb
deleted file mode 100644
index 5176869..0000000
--- a/app/views/sessions/show.html.erb
+++ /dev/null
@@ -1,9 +0,0 @@
-<p id="notice"><%= notice %></p>
-
-<p>
- <strong>User:</strong>
- <%= @session.user %>
-</p>
-
-<%= link_to 'Edit', edit_session_path(@session) %> |
-<%= link_to 'Back', sessions_path %>
diff --git a/app/views/sessions/show.json.jbuilder b/app/views/sessions/show.json.jbuilder
deleted file mode 100644
index 4ebf936..0000000
--- a/app/views/sessions/show.json.jbuilder
+++ /dev/null
@@ -1 +0,0 @@
-json.extract! @session, :id, :user_id, :created_at, :updated_at
diff --git a/app/views/static/homepage.html.erb b/app/views/static/homepage.html.erb
new file mode 100644
index 0000000..3ca8176
--- /dev/null
+++ b/app/views/static/homepage.html.erb
@@ -0,0 +1,18 @@
+<div role="main" class="container theme-showcase">
+
+ <div class="jumbotron">
+ <h1>Welcome to Leaguer</h1>
+ <p>This is a tournment management system designed to be used for any team sport. Our peer review system ensures that the best players move on to the next round! Try creating a new tournament and having people sign up for it. </p>
+ <p id="jumbo-buttons">
+ <% if !signed_in? %>
+ <%= link_to 'Log In', new_session_path, :class => "btn btn-warning btn-lg", :role => "button" %>
+ <%= link_to 'Sign Up', new_user_path, :class => "btn btn-warning btn-lg", :role => "button" %>
+ <% else %>
+ <%= link_to 'Start a Tournament', new_tournament_path, :class => "btn btn-warning btn-lg", :role => "button" %>
+ <% end %>
+ <%= link_to 'See Ongoing Tournaments', tournaments_path, :class => "btn btn-warning btn-lg", :role => "button" %>
+
+ </p>
+ </div>
+
+ </div>
diff --git a/app/views/tournaments/_selected.html.erb b/app/views/tournaments/_selected.html.erb
new file mode 100644
index 0000000..551dc40
--- /dev/null
+++ b/app/views/tournaments/_selected.html.erb
@@ -0,0 +1,15 @@
+<%= form_for(@tournament) do |f| %>
+ <%= render "common/error_messages", :target => @tournament %>
+ <%= f.hidden_field(:game_id) %>
+
+ <% @tournament.attributes.each do |name, value| %>
+ <% if (name == "id") or (name =~ /.*_at$/) %>
+ <% next %>
+ <% end %>
+ <p>
+ <%= f.label name %><br>
+ <%= f.text_field name %>
+ </p>
+ <% end %>
+ <%= f.submit %>
+<% end %>
diff --git a/app/views/tournaments/index.html.erb b/app/views/tournaments/index.html.erb
index dec16d1..3d54b8c 100644
--- a/app/views/tournaments/index.html.erb
+++ b/app/views/tournaments/index.html.erb
@@ -38,4 +38,4 @@
<br>
-<%= link_to 'New Tournament', new_tournament_path %>
+<%= link_to 'New Tournament', new_tournament_path, :class => "btn btn-warning btn-lg" %>
diff --git a/app/views/tournaments/new.html.erb b/app/views/tournaments/new.html.erb
index 2a60539..e007e31 100644
--- a/app/views/tournaments/new.html.erb
+++ b/app/views/tournaments/new.html.erb
@@ -1,5 +1,16 @@
-<h1>New tournament</h1>
+<h1>New Tournament</h1>
-<%= render 'form' %>
+<%= form_tag(new_tournament_path, method: "get") do %>
+ <%= select_tag('game',
+ options_from_collection_for_select(@games, 'id', 'name', @tournament.game.nil? || @tournament.game.id),
+ :prompt => "Select a Game Type") %>
+ <%= submit_tag("Select", :class => "btn-warning btn-lg") %>
+<% end %>
+
+<div id='ajax-form'>
+ <% unless @tournament.game.nil? %>
+ <%= render 'selected' %>
+ <% end %>
+</div>
<%= link_to 'Back', tournaments_path %>
diff --git a/app/views/tournaments/show.html.erb b/app/views/tournaments/show.html.erb
index 355bc90..85ed026 100644
--- a/app/views/tournaments/show.html.erb
+++ b/app/views/tournaments/show.html.erb
@@ -1,4 +1,8 @@
-<p id="notice"><%= notice %></p>
+<% if @tournament.joinable_by?(current_user) %>
+ <%= form_tag(tournament_page(@tournament)+"/join", method: "get") do %>
+ <%= submit_tag("Join") %>
+ <% end %>
+<% end %>
<p>
<strong>Game:</strong>
diff --git a/app/views/users/already_signed_in.html.erb b/app/views/users/already_signed_in.html.erb
new file mode 100644
index 0000000..04b4248
--- /dev/null
+++ b/app/views/users/already_signed_in.html.erb
@@ -0,0 +1 @@
+<h1>You are currently signed in</h1>
diff --git a/app/views/users/index.html.erb b/app/views/users/index.html.erb
index 3692112..89e369a 100644
--- a/app/views/users/index.html.erb
+++ b/app/views/users/index.html.erb
@@ -1,8 +1,9 @@
<h1>Listing users</h1>
-<table>
+<table class="table table-hover">
<thead>
<tr>
+ <th>Username</th>
<th>Name</th>
<th>Email</th>
<th>User name</th>
@@ -15,8 +16,9 @@
<tbody>
<% @users.each do |user| %>
<tr>
+ <td><%= link_to("#{user.user_name}", user, nil) %></td>
<td><%= user.name %></td>
- <td><%= user.email %></td>
+ <td> ******* </td>
<td><%= user.user_name %></td>
<td><%= link_to 'Show', user %></td>
<td><%= link_to 'Edit', edit_user_path(user) %></td>
diff --git a/app/views/users/new.html.erb b/app/views/users/new.html.erb
index efc0404..704aa10 100644
--- a/app/views/users/new.html.erb
+++ b/app/views/users/new.html.erb
@@ -1,5 +1,32 @@
-<h1>New user</h1>
+<h1> Sign Up </h1>
-<%= render 'form' %>
+<%= form_for @user do |f| %>
+ <%= render "common/error_messages", :target => @user %>
+ <p>
+ <%= f.label :name %><br>
+ <%= f.text_field :name %>
+ </p>
+ <p>
+ <%= f.label :email %><br>
+ <%= f.text_field :email %>
+ </p>
+ <p>
+ <%= f.label :user_name %><br>
+ <%= f.text_field :user_name %>
+ </p>
+ <p>
+ <%= f.label :password %><br>
+ <%= f.password_field :password %>
+ </p>
+ <p>
+ <%= f.label :password_confirm %><br>
+ <%= f.password_field :password_confirmation %>
+ </p>
+ <p>
+ <%= f.submit %>
+ </p>
+<% end %>
+
+
+<%= link_to 'Already Have an Account? Log in', new_session_path, :class => "btn btn-warning btn-lg" %>
-<%= link_to 'Back', users_path %>
diff --git a/app/views/users/show.html.erb b/app/views/users/show.html.erb
index 9455a3c..d8cc82b 100644
--- a/app/views/users/show.html.erb
+++ b/app/views/users/show.html.erb
@@ -1,5 +1,3 @@
-<p id="notice"><%= notice %></p>
-
<p>
<strong>Name:</strong>
<%= @user.name %>