Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Spaghettsi - Amanda, Christina, Daniela, Hannah #17

Open
wants to merge 619 commits into
base: master
Choose a base branch
from
Open

Spaghettsi - Amanda, Christina, Daniela, Hannah #17

wants to merge 619 commits into from

Conversation

hertweckhr1
Copy link

@hertweckhr1 hertweckhr1 commented Oct 26, 2018
edited
Loading

bEtsy

Congratulations! You're submitting your assignment! These comprehension questions should be answered by all members of your team, not by a single teammate.

Comprehension Questions

Question Answer
Each team member: what is one thing you were primarily responsible for that you're proud of? Amanda: omniauth and authorization, Christina: reviews and controller testing, Daniela: Shopping Cart, orders, logic, Hannah: user experience , HTML/CSS/Bootstrap
Each team member: what is one thing you were primarily responsible for that you would like targeted feedback on? Please see above responsibilities - we each welcome feedback in all of those areas.
How did your team break up the work to be done? We each picked categories to work on based on interest and what was needed. Hannah expressed interest in learning more Bootstrap, Daniela wanted to work only back-end logic, Christina was willing to take on any area provided I would't kill the site.
How did your team utilize git to collaborate? In best possible cases, we each worked off our own branches then merged to the master when work was complete and bug free.
What did your group do to try to keep your code DRY while many people collaborated on it? We often paired up to have two eyes on task and worked on drying code once we were complete. If we had more time we would sweep through the entire codebase, especially our routes (we are sure that we have many unused routes and due to time constraints were not able to clean this up by EOD Friday).
What was a technical challenge that you faced as a group? We had a situation where we could not update products in the cart, because the form was split between different html containers and not rendering correctly. We fixed it by giving the form an id and linking each form field to that id. (Seen in shopping cart html)
What was a team/personal challenge that you faced as a group? Each of us had personal affairs and emotional situations going on that would interrupt with project time. We worked on meeting each other where we were at and still keeping structure to what was being done/expected each day.
What was your application's ERD? (include a link) https://www.lucidchart.com/invitations/accept/7e968e2e-8ee9-4067-a2bc-d3da6ceae716
What is your Trello URL? https://trello.com/b/SHDoGJdG/spaghettsi
What is the Heroku URL of your deployed application? https://spagh-ettsi.herokuapp.com/

amandaungco and others added 30 commits October 23, 2018 17:31
@amandaungco
added ship items button
d2c531b
@hertweckhr1
fixed css viewing with shopping cart
80104ea
@amandaungco
fixed route merge
b7c5b1f
@amandaungco
Merge branch 'master' of https://github.com/amandaungco/spagh-ettsi
ab89cd5
@mystioreo
merchant view my products page
d640f5e
@hertweckhr1
completed dashboard with table
4ecc13f
@mystioreo
styling merchant my products page
c524f7d
switching to reviews
6b98b41
Merge branch 'master' of https://github.com/amandaungco/spagh-ettsi
dfc3448 
merging
@mystioreo
show page stars fill based on rating, uncomment later
cefd2bc
@hertweckhr1
completed orders for merchant and fixed up spacing of show page
a5f33d1
@hertweckhr1
merged conflicts but cannot see yet
3ff295e
@mystioreo
merchant my products card stars
402850b
@mystioreo
Merge branch 'stars'
9148930
@hertweckhr1
added correct links to all sidebar views
6e24da8
added avg rating method to reviews model
967b7f3
Merge branch 'master' of https://github.com/amandaungco/spagh-ettsi
84ea95a 
merging
Merge branch 'reviews'
19db5b3 
merging in review changes
@mystioreo
avg rating to product.rb, stars active on show page
698d40d
switching back to reviews branch
e7bcb0e
@mystioreo
attempt to put stars on merchant my product cards
8019b48
@mystioreo
Merge branch 'master' of https://github.com/amandaungco/spagh-ettsi
57eaeec
@hertweckhr1
added edit icons to index product page
3194068
@hertweckhr1
cannot see merges in products show
91b3e33
@hertweckhr1
now fixed merges
dff71f0
seven of eight tests passing
d618e93
added new review form
e13055a
merging in reviews
1691b05
@amandaungco
fixed deactivate button
ae926d3
@amandaungco
added simplecov
4f78fdf
amandaungco and others added 26 commits October 26, 2018 11:05
@amandaungco
product controller test up to 74%
facb0ac
@amandaungco
fixed merge in reviews controller
9893889
@mystioreo
orderproducts controller test
4eb4577
@hertweckhr1
removed 150vh height for products
013dcf6
@mystioreo
change product edit form to keep existing image link
995eea7
@hertweckhr1
Merge branch 'master' of https://github.com/amandaungco/spagh-ettsi
ef4bb1e
@amandaungco
products controller 84.5%
d5e3d0a
@amandaungco
Merge branch 'master' of https://github.com/amandaungco/spagh-ettsi
20e76ed
@amandaungco
added product image validation
9678afd
@amandaungco
amanda checked ut
c1968c4
@hertweckhr1
index pages are now back to when they overlap footer
d1234f3
@hertweckhr1
Merge branch 'master' of https://github.com/amandaungco/spagh-ettsi
543ebbf
catching up
f7a4e72
Merge branch 'master' of https://github.com/amandaungco/spagh-ettsi
df11245 
merge
@mystioreo
test for custom index by merchant method
496645d
@hertweckhr1
done playing around - contact still doesn't send
a7da75c
@hertweckhr1
Merge branch 'master' of https://github.com/amandaungco/spagh-ettsi
edd10d0
@hertweckhr1
no 150vh
fe29d24
@mystioreo
moved conditional login in productscontroller
f330544
@mystioreo
productscontroller deactivate test passing
c0e8f39
@mystioreo
deactivate product test passes
90037a8
@mystioreo
deactivate product for another user test passes
79867a4
@mystioreo
productscontroller tests all passing except for http interference
379586c
@mystioreo
Merge branch 'productscontrollertest'
6822a4e
@hertweckhr1
commented out product validation
3e619f4
@hertweckhr1
Merge branch 'master' of https://github.com/amandaungco/spagh-ettsi
f04ff02
@hertweckhr1
Copy link
Author

Hey Chris - all tests were looking super swell! In order to deploy to heroku, we needed to cahnge the semantics of the image tags - when this happened we got a few errors on our tests. Wanted to give you a heads up on this, and maybe we can over a solution, next week to this. Charles was unable to solve in the limited time we had.

@hertweckhr1
Copy link
Author

Don't forget to checkout our facebook and twitter :-D

@CheezItMan
Copy link

bEtsy

What We're Looking For

Feature Feedback
Baseline
Appropriate Git Usage with all members contributing Lots of commits and good commit messages
Answered comprehension questions Check, I'll try to look at those areas
Trello board is created and utilized in project management Check
Heroku instance is online Check
General
Nested routes follow RESTful conventions You have a TON of unused routes. So many I didn't bother to count'em all. This is wasteful and could lead to the app crashing if unused routes are accessed.
oAuth used for User authentication Check
Functionality restricted based on user roles I was able to go into another merchant's order and ship it! Doh! Lots of similar issues in your controllers.
Products can be added and removed from cart Check
Users can look up past orders by ID Yes, although I can peek at Hannah's order #55
Merchants can add, edit and view their products Check
Errors are reported to the user Check
Order Functionality
Reduces products' inventory Check, although it reduces the inventory based on the cart. If a bunch of people add things to their carts, they could block a merchant from selling anything.
Cannot order products that are out of stock Check
Changes order state Check
Clears current cart Check
Database
ERD includes all necessary tables and relationships Check
Table relationships Check
Models
Validation rules for Models Check
Business logic is in the models Check
Controllers
Controller Filters used to DRY up controller code Check
Testing 12 erring tests
Model Testing One bug that I found in , see comments
Controller Testing Check, see my test comments
Session Testing Check, but you didn't test the logout functionality
SimpleCov at 90% for controller and model tests 98% coverage
Front-end
The app is styled to create an attractive user interface The site looks good
Content is organized with HTML5 semantic tags Fairly semantic HTML, good use of head and footer and nav
CSS is DRY Some repeated styles, but mostly DRY
Overall Overall, nice work. You have some issues with permissions, and unused routes as well as some testing issues. You hit the learning goals, but I would advise you to review my comments especially on tests, and review your routes.rb files to ensure you don't have unused routes.

Only the person who submitted the PR will get an email about this feedback. Please let the rest of your team know about it.

CheezItMan
CheezItMan reviewed Nov 5, 2018
View reviewed changes
test/fixtures/products.yml
category: long
description: this is a box of spaghetti
is_active: true
image_url: http
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This field is causing controller tests to fail because it's not giving the local address of an image in the assets folder. Either provide a full path to something on the internet or, a path to something in the assets folder.

test/controllers/products_controller_test.rb
category: 'short',
quantity: 100,
description: 'these ones are ziti',
image_url: http
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What is http?

test/controllers/order_products_controller_test.rb
mock_params[:order_product][:product_id] = nil

expect {
post order_products_path, params: mock_params
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This test is failing because it's trying to access user_id for a nil object.

app/controllers/order_products_controller.rb


quantity = params[:order_product][:quantity]
if product.user_id == session[:user_id]
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You need to first check to see if product is nil!

test/models/review_test.rb
valid = review.valid?

expect(valid).must_equal false
expect(review.errors.messages[:rating]).must_equal "can't be blank", "Rating must be greater than 0", "We're flattered but this product can
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

must_equal only takes 1 argument. So this should be an array like

must_equal ["can't be blank", "Rating must be greater than 0", "We're flattered but this product can only be rated out of 5."]

app/controllers/order_products_controller.rb
end

def update
if order_product = OrderProduct.find_by(id: params[:order_product][:id])
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No test to make sure the current user is the "owner" of the product.

app/controllers/orders_controller.rb

def show

if !@order || @order.status == 'pending' || @order.user != @login_user
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍

app/controllers/orders_controller.rb
end

def mark_as_shipped
if @order.status != 'complete'
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

So anyone can mark an order as shipped?

app/controllers/orders_controller.rb
redirect_to products_path
flash[:warning] = "Error: Cannot checkout, cart is empty."

elsif !@login_user.update(user_params)
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This seems like it would let anyone take over someone else's order.

app/controllers/payments_controller.rb
@@ -0,0 +1,47 @@
class PaymentsController < ApplicationController
before_action :find_card_types, only: [:new, :edit, :update, :create]
def index
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There's nothing here to prevent someone else from seeing the payment of another user.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@CheezItMan CheezItMan CheezItMan left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@hertweckhr1 @CheezItMan @amandaungco @mystioreo