csrf/tabelas documentos reunioes arrumadas com JULIA ROCHA E MARIA CLARA

backend/app/controllers/documentos_controller.rb

@@ -1,31 +1,30 @@
 class DocumentosController < ApplicationController
-  before_action :set_documento, only: %i[ show edit update destroy ]
+  before_action :set_documento, only: %i[show edit update destroy]
 
   # GET /documentos or /documentos.json
   def index
     @documentos = Documento.all
+    render json: @documentos
   end
 
   # GET /documentos/1 or /documentos/1.json
-  def show
-  end
+  def show; end
 
   # GET /documentos/new
   def new
     @documento = Documento.new
   end
 
   # GET /documentos/1/edit
-  def edit
-  end
+  def edit; end
 
   # POST /documentos or /documentos.json
   def create
     @documento = Documento.new(documento_params)
 
     respond_to do |format|
       if @documento.save
-        format.html { redirect_to documento_url(@documento), notice: "Documento was successfully created." }
+        format.html { redirect_to documento_url(@documento), notice: 'Documento was successfully created.' }
         format.json { render :show, status: :created, location: @documento }
       else
         format.html { render :new, status: :unprocessable_entity }
@@ -38,7 +37,7 @@ def create
   def update
     respond_to do |format|
       if @documento.update(documento_params)
-        format.html { redirect_to documento_url(@documento), notice: "Documento was successfully updated." }
+        format.html { redirect_to documento_url(@documento), notice: 'Documento was successfully updated.' }
         format.json { render :show, status: :ok, location: @documento }
       else
         format.html { render :edit, status: :unprocessable_entity }
@@ -52,19 +51,20 @@ def destroy
     @documento.destroy!
 
     respond_to do |format|
-      format.html { redirect_to documentos_url, notice: "Documento was successfully destroyed." }
+      format.html { redirect_to documentos_url, notice: 'Documento was successfully destroyed.' }
       format.json { head :no_content }
     end
   end
 
   private
-    # Use callbacks to share common setup or constraints between actions.
-    def set_documento
-      @documento = Documento.find(params[:id])
-    end
 
-    # Only allow a list of trusted parameters through.
-    def documento_params
-      params.fetch(:documento, {})
-    end
+  # Use callbacks to share common setup or constraints between actions.
+  def set_documento
+    @documento = Documento.find(params[:id])
+  end
+
+  # Only allow a list of trusted parameters through.
+  def documento_params
+    params.require(:documento).permit(:nome, :link, :user_id)
+  end
 end

backend/app/controllers/reuniaos_controller.rb

@@ -1,34 +1,31 @@
 class ReuniaosController < ApplicationController
-  before_action :set_reuniao, only: %i[ show edit update destroy ]
+  before_action :set_reuniao, only: %i[show edit update destroy]
 
   # GET /reuniaos or /reuniaos.json
   def index
     @reuniaos = Reuniao.all
+    render json: @reuniaos
   end
 
   # GET /reuniaos/1 or /reuniaos/1.json
-  def show
-  end
+  def show; end
 
   # GET /reuniaos/new
   def new
     @reuniao = Reuniao.new
   end
 
   # GET /reuniaos/1/edit
-  def edit
-  end
+  def edit; end
 
   # POST /reuniaos or /reuniaos.json
   def create
-    @reuniao = Reuniao.new(reuniao_params)
-
+    nome = reuniao_params[:nome]
+    @reuniao = Reuniao.new(nome: nome, link: 'NULL', user_id: 1)
     respond_to do |format|
       if @reuniao.save
-        format.html { redirect_to reuniao_url(@reuniao), notice: "Reuniao was successfully created." }
         format.json { render :show, status: :created, location: @reuniao }
       else
-        format.html { render :new, status: :unprocessable_entity }
         format.json { render json: @reuniao.errors, status: :unprocessable_entity }
       end
     end
@@ -38,7 +35,7 @@ def create
   def update
     respond_to do |format|
       if @reuniao.update(reuniao_params)
-        format.html { redirect_to reuniao_url(@reuniao), notice: "Reuniao was successfully updated." }
+        format.html { redirect_to reuniao_url(@reuniao), notice: 'Reuniao was successfully updated.' }
         format.json { render :show, status: :ok, location: @reuniao }
       else
         format.html { render :edit, status: :unprocessable_entity }
@@ -52,19 +49,20 @@ def destroy
     @reuniao.destroy!
 
     respond_to do |format|
-      format.html { redirect_to reuniaos_url, notice: "Reuniao was successfully destroyed." }
+      format.html { redirect_to reuniaos_url, notice: 'Reuniao was successfully destroyed.' }
       format.json { head :no_content }
     end
   end
 
   private
-    # Use callbacks to share common setup or constraints between actions.
-    def set_reuniao
-      @reuniao = Reuniao.find(params[:id])
-    end
 
-    # Only allow a list of trusted parameters through.
-    def reuniao_params
-      params.fetch(:reuniao, {})
-    end
+  # Use callbacks to share common setup or constraints between actions.
+  def set_reuniao
+    @reuniao = Reuniao.find(params[:id])
+  end
+
+  # Only allow a list of trusted parameters through.
+  def reuniao_params
+    params.require(:reuniao).permit(:nome, :link, :user_id)
+  end
 end

backend/app/controllers/users_controller.rb

@@ -1,46 +1,43 @@
-require "bcrypt"
-require 'jwt'
+require 'bcrypt'
+# require 'jwt'
 class UsersController < ApplicationController
   protect_from_forgery with: :null_session
-  before_action :set_user, only: %i[ show edit update destroy ]
+  before_action :set_user, only: %i[show edit update destroy]
 
   # GET /users or /users.json
   def index
     @users = User.all
-    render json: @users   
+    render json: @users
   end
 
   # GET /users/1 or /users/1.json
-  def show
-  end
+  def show; end
 
   def login
-   if User.find_by(matricula: user_params[:matricula])
+    if User.find_by(matricula: user_params[:matricula])
       user = User.find_by(matricula: user_params[:matricula])
-      pass = BCrypt::Password.new(user.senha) 
-   else
-      render json: "MATRICULA INEXISTENTE"
-   return
-   end
-   if pass == user_params[:senha]
-    hmac_secret = 'Secreto'
-    payload = user_params[:matricula]    
-    token = JWT.encode payload, hmac_secret, 'HS256'
+      pass = BCrypt::Password.new(user.senha)
+    else
+      render json: 'MATRICULA INEXISTENTE'
+      return
+    end
+    if pass == user_params[:senha]
+      hmac_secret = 'Secreto'
+      payload = user_params[:matricula]
+      token = JWT.encode payload, hmac_secret, 'HS256'
       render json: token
-   else
-      render json: "SENHA INCORRETA" 
-   end
+    else
+      render json: 'SENHA INCORRETA'
+    end
   end
 
-
   # GET /users/new
   def new
-    #@user = User.new
+    # @user = User.new
   end
 
   # GET /users/1/edit
-  def edit
-  end
+  def edit; end
 
   # POST /users or /users.json
   def create
@@ -50,23 +47,23 @@ def create
     matricula = user_params[:matricula]
     email = user_params[:email]
     cargoID = user_params[:cargo_id]
-    @user = User.new(nome: nome,matricula: matricula,email: email,senha: hash,cargo_id: cargoID)
+    @user = User.new(nome:, matricula:, email:, senha: hash, cargo_id: cargoID)
 
     if @user.save
       render json: @user
     else
       render json: @user.errors
     end
-      
-    #respond_to do |format|
+
+    # respond_to do |format|
     #  if @user.save
     #    format.html { redirect_to user_url(@user), notice: "User was successfully created." }
     #    format.json { render :show, status: :created, location: @user }
     #  else
     #    format.html { render :new, status: :unprocessable_entity }
     #    format.json { render json: @user.errors, status: :unprocessable_entity }
     #  end
-    #end
+    # end
   end
 
   # PATCH/PUT /users/1 or /users/1.json
@@ -79,34 +76,35 @@ def update
     end
   end
 
-  #PATCH /users/password/:id
+  # PATCH /users/password/:id
   def update_password
     set_user
     senha = password_params[:senha]
     pp senha
     hash = BCrypt::Password.create(senha)
     @user.senha = hash
-    
+
     if @user.save
       render json: @user
     else
       render json: @user.errors
     end
   end
+
   # DELETE /users/1 or /users/1.json
   def destroy
     @user.destroy!
   end
 
   private
-    # Use callbacks to share common setup or constraints between actions.
-    def set_user
-      @user = User.find(params[:id])
-    end
 
-    # Only allow a list of trusted parameters through.
-    def user_params
-      params.require(:user).permit(:nome, :matricula, :email, :senha, :cargo_id, :token)
-    end
+  # Use callbacks to share common setup or constraints between actions.
+  def set_user
+    @user = User.find(params[:id])
+  end
 
+  # Only allow a list of trusted parameters through.
+  def user_params
+    params.require(:user).permit(:nome, :matricula, :email, :senha, :cargo_id, :token)
+  end
 end

backend/app/models/reuniao.rb

@@ -1,3 +1,4 @@
 class Reuniao < ApplicationRecord
-  belongs_to :user
+  has_many :reunioes_usuarios
+  has_many :user, through: :reunioes_usuarios
 end

backend/app/models/user.rb

@@ -3,5 +3,6 @@ class User < ApplicationRecord
   has_many :estoques
   has_many :tarefas
   has_many :documentos
-  has_many :reuniaos
+  has_many :reunioes_usuarios
+  has_many :reuniaos, through: :reunioes_usuarios
 end

backend/app/views/documentos/_documento.html.erb

@@ -0,0 +1,17 @@
+<div id="<%= dom_id documento %>">
+  <p>
+    <strong>Nome:</strong>
+    <%= documento.nome %>
+  </p>
+
+  <p>
+    <strong>Link:</strong>
+    <%= documento.link %>
+  </p>
+
+  <p>
+    <strong>User:</strong>
+    <%= documento.user_id %>
+  </p>
+
+</div>

backend/app/views/documentos/_documento.json.jbuilder

@@ -0,0 +1,2 @@
+json.extract! documento, :id, :nome, :link, :user_id, :created_at, :updated_at
+json.url documento_url(documento, format: :json)

backend/app/views/documentos/_form.html.erb

@@ -0,0 +1,32 @@
+<%= form_with(model: documento) do |form| %>
+  <% if documento.errors.any? %>
+    <div style="color: red">
+      <h2><%= pluralize(documento.errors.count, "error") %> prohibited this documento from being saved:</h2>
+
+      <ul>
+        <% documento.errors.each do |error| %>
+          <li><%= error.full_message %></li>
+        <% end %>
+      </ul>
+    </div>
+  <% end %>
+
+  <div>
+    <%= form.label :nome, style: "display: block" %>
+    <%= form.text_field :nome %>
+  </div>
+
+  <div>
+    <%= form.label :link, style: "display: block" %>
+    <%= form.text_field :link %>
+  </div>
+
+  <div>
+    <%= form.label :user_id, style: "display: block" %>
+    <%= form.text_field :user_id %>
+  </div>
+
+  <div>
+    <%= form.submit %>
+  </div>
+<% end %>

backend/app/views/documentos/edit.html.erb

@@ -0,0 +1,10 @@
+<h1>Editing documento</h1>
+
+<%= render "form", documento: @documento %>
+
+<br>
+
+<div>
+  <%= link_to "Show this documento", @documento %> |
+  <%= link_to "Back to documentos", documentos_path %>
+</div>

backend/app/views/documentos/index.html.erb

@@ -0,0 +1,14 @@
+<p style="color: green"><%= notice %></p>
+
+<h1>Documentos</h1>
+
+<div id="documentos">
+  <% @documentos.each do |documento| %>
+    <%= render documento %>
+    <p>
+      <%= link_to "Show this documento", documento %>
+    </p>
+  <% end %>
+</div>
+
+<%= link_to "New documento", new_documento_path %>

backend/app/views/documentos/index.json.jbuilder

@@ -0,0 +1 @@
+json.array! @documentos, partial: "documentos/documento", as: :documento