From 97e0d5ad1f89b4717ddcc5d7280dc6c39341aa93 Mon Sep 17 00:00:00 2001
From: Tom Hughes <tom@compton.nu>
Date: Thu, 28 Mar 2013 18:50:18 +0000
Subject: [PATCH] Add a new write_notes permission needed for OAuth access to
 notes

---
 app/controllers/application_controller.rb             |  3 +++
 app/controllers/notes_controller.rb                   |  1 +
 app/models/client_application.rb                      |  6 ++++--
 .../20130328184137_add_write_notes_permission.rb      | 11 +++++++++++
 db/structure.sql                                      |  8 ++++++--
 5 files changed, 25 insertions(+), 4 deletions(-)
 create mode 100644 db/migrate/20130328184137_add_write_notes_permission.rb

diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 4ac3297c6..3c7dba984 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -116,6 +116,9 @@ class ApplicationController < ActionController::Base
   def require_allow_write_gpx
     require_capability(:allow_write_gpx)
   end
+  def require_allow_write_notes
+    require_capability(:allow_write_notes)
+  end
 
   ##
   # require that the user is a moderator, or fill out a helpful error message
diff --git a/app/controllers/notes_controller.rb b/app/controllers/notes_controller.rb
index b25dc9a9e..b7d6631ae 100644
--- a/app/controllers/notes_controller.rb
+++ b/app/controllers/notes_controller.rb
@@ -7,6 +7,7 @@ class NotesController < ApplicationController
   before_filter :setup_user_auth, :only => [:create, :comment]
   before_filter :authorize, :only => [:close, :destroy]
   before_filter :check_api_writable, :only => [:create, :comment, :close, :destroy]
+  before_filter :require_allow_write_notes, :only => [:create, :comment, :close, :destroy]
   before_filter :set_locale, :only => [:mine]
   after_filter :compress_output
   around_filter :api_call_handle_error, :api_call_timeout
diff --git a/app/models/client_application.rb b/app/models/client_application.rb
index 9a074fb30..0619e75a3 100644
--- a/app/models/client_application.rb
+++ b/app/models/client_application.rb
@@ -16,7 +16,8 @@ class ClientApplication < ActiveRecord::Base
   attr_accessible :name, :url, :support_url, :callback_url,
                   :allow_read_prefs, :allow_write_prefs,
                   :allow_write_diary, :allow_write_api,
-                  :allow_read_gpx, :allow_write_gpx
+                  :allow_read_gpx, :allow_write_gpx,
+                  :allow_write_notes
 
   before_validation :generate_keys, :on => :create
 
@@ -87,7 +88,8 @@ protected
   # have to say up-front what permissions they want and when users sign up they
   # can agree or not agree to each of them.
   PERMISSIONS = [:allow_read_prefs, :allow_write_prefs, :allow_write_diary,
-                 :allow_write_api, :allow_read_gpx, :allow_write_gpx ]
+                 :allow_write_api, :allow_read_gpx, :allow_write_gpx,
+                 :allow_write_notes]
 
   def generate_keys
     self.key = OAuth::Helper.generate_key(40)[0,40]
diff --git a/db/migrate/20130328184137_add_write_notes_permission.rb b/db/migrate/20130328184137_add_write_notes_permission.rb
new file mode 100644
index 000000000..c7da1740f
--- /dev/null
+++ b/db/migrate/20130328184137_add_write_notes_permission.rb
@@ -0,0 +1,11 @@
+class AddWriteNotesPermission < ActiveRecord::Migration
+  def up
+    add_column :oauth_tokens, :allow_write_notes, :boolean, :null => false, :default => false
+    add_column :client_applications, :allow_write_notes, :boolean, :null => false, :default => false
+  end
+
+  def down
+    remove_column :client_applications, :allow_write_notes
+    remove_column :oauth_tokens, :allow_write_notes
+  end
+end
diff --git a/db/structure.sql b/db/structure.sql
index b76995b68..4ed873628 100644
--- a/db/structure.sql
+++ b/db/structure.sql
@@ -249,7 +249,8 @@ CREATE TABLE client_applications (
     allow_write_diary boolean DEFAULT false NOT NULL,
     allow_write_api boolean DEFAULT false NOT NULL,
     allow_read_gpx boolean DEFAULT false NOT NULL,
-    allow_write_gpx boolean DEFAULT false NOT NULL
+    allow_write_gpx boolean DEFAULT false NOT NULL,
+    allow_write_notes boolean DEFAULT false NOT NULL
 );
 
 
@@ -850,7 +851,8 @@ CREATE TABLE oauth_tokens (
     callback_url character varying(255),
     verifier character varying(20),
     scope character varying(255),
-    valid_to timestamp without time zone
+    valid_to timestamp without time zone,
+    allow_write_notes boolean DEFAULT false NOT NULL
 );
 
 
@@ -2451,6 +2453,8 @@ INSERT INTO schema_migrations (version) VALUES ('20121202155309');
 
 INSERT INTO schema_migrations (version) VALUES ('20121203124841');
 
+INSERT INTO schema_migrations (version) VALUES ('20130328184137');
+
 INSERT INTO schema_migrations (version) VALUES ('21');
 
 INSERT INTO schema_migrations (version) VALUES ('22');
-- 
2.43.2