From 2fb0ab223941df683470f933c1a228d8272ba84f Mon Sep 17 00:00:00 2001
From: Mateus Rambo Strey <mars11@inf.ufpr.br>
Date: Fri, 25 Nov 2016 10:47:01 -0200
Subject: [PATCH] fix collection creation

---
 app/controllers/v1/collections_controller.rb | 8 +++-----
 app/policies/collection_policy.rb            | 2 +-
 2 files changed, 4 insertions(+), 6 deletions(-)

diff --git a/app/controllers/v1/collections_controller.rb b/app/controllers/v1/collections_controller.rb
index d55a52d4..600fe8a7 100644
--- a/app/controllers/v1/collections_controller.rb
+++ b/app/controllers/v1/collections_controller.rb
@@ -6,10 +6,9 @@ class V1::CollectionsController < ApplicationController
   include ::HighlightsController
   include ::Paginator
 
-
+  before_action :authenticate_user!, only: [:create, :update, :destroy]
   before_action :set_collection, only: [:show, :update, :destroy, :add_object, :delete_object]
   before_action :set_new_collection, only: :index
-  before_action :authenticate_user!, only: [:create, :update, :destroy]
   before_action :authorize!, except: [:create, :tagging, :untagging]
 
   # GET /v1/collections
@@ -29,8 +28,9 @@ class V1::CollectionsController < ApplicationController
   # POST /v1/collection.json
   def create
     collection = Collection.new(collection_params)
-
+    collection.owner = current_user if collection.owner.nil?
     authorize collection
+
     if collection.save
       collection_associations(collection)
       render json: collection, status: :created
@@ -42,7 +42,6 @@ class V1::CollectionsController < ApplicationController
   # PUT/PATCH /v1/users/1
   # PUT/PATCH /v1/users/1.json
   def update
-
     if @collection.update(collection_params)
       @collection.add_items(extra_params[:items])
       render json: @collection, status: :ok
@@ -111,5 +110,4 @@ class V1::CollectionsController < ApplicationController
   def authorize!
     authorize @collection
   end
-
 end
diff --git a/app/policies/collection_policy.rb b/app/policies/collection_policy.rb
index 7a2aed4f..a73da745 100644
--- a/app/policies/collection_policy.rb
+++ b/app/policies/collection_policy.rb
@@ -32,7 +32,7 @@ class CollectionPolicy < ApplicationPolicy
   end
 
   def create?
-    record if user_exists?
+    record if owns?
   end
 
   def show?
-- 
GitLab