Add - Grant option to market

Fix - Market hanging
Add - hide button to ysws dashboard

Author: EnterpriseGoose

app/assets/stylesheets/application.css

@@ -179,3 +179,26 @@ h2 {
   z-index: 1;
   text-decoration: none;
 }
+
+/* Greg project hide/unhide button styles */
+.greg-hide-btn {
+  background-color: #dc2626 !important;
+  color: white !important;
+  border-color: #dc2626 !important;
+}
+
+.greg-hide-btn:hover {
+  background-color: #b91c1c !important;
+  border-color: #b91c1c !important;
+}
+
+.greg-unhide-btn {
+  background-color: #059669 !important;
+  color: white !important;
+  border-color: #059669 !important;
+}
+
+.greg-unhide-btn:hover {
+  background-color: #047857 !important;
+  border-color: #047857 !important;
+}

app/controllers/greg_controller.rb

@@ -5,6 +5,12 @@ def index
     @projects = Project.includes(:user)
                       .where(status: [ "submitted", "pending_voting", "waiting_for_review", "finished" ])
 
+    # Filter out hidden projects by default, unless super admin explicitly shows them
+    @show_hidden = current_user&.super_admin? && params[:show_hidden] == 'true'
+    unless @show_hidden
+      @projects = @projects.where(hidden: false)
+    end
+
     # Default to showing only sus projects
     fraud_status_filter = params[:fraud_status].presence || "sus"
 
@@ -120,6 +126,46 @@ def update_fraud_status
     end
   end
 
+  def hide_project
+    unless current_user&.super_admin?
+      render json: { success: false, error: "Access denied. Super admin privileges required." }
+      return
+    end
+
+    @project = Project.find(params[:id])
+    
+    # Skip screenshot validation when hiding project
+    @project.skip_screenshot_validation!
+    
+    if @project.update(hidden: true)
+      render json: { success: true, message: "Project '#{@project.name}' has been hidden." }
+    else
+      render json: { success: false, error: "Failed to hide project." }
+    end
+  rescue ActiveRecord::RecordNotFound
+    render json: { success: false, error: "Project not found." }
+  end
+
+  def unhide_project
+    unless current_user&.super_admin?
+      render json: { success: false, error: "Access denied. Super admin privileges required." }
+      return
+    end
+
+    @project = Project.find(params[:id])
+    
+    # Skip screenshot validation when unhiding project
+    @project.skip_screenshot_validation!
+    
+    if @project.update(hidden: false)
+      render json: { success: true, message: "Project '#{@project.name}' has been unhidden." }
+    else
+      render json: { success: false, error: "Failed to unhide project." }
+    end
+  rescue ActiveRecord::RecordNotFound
+    render json: { success: false, error: "Project not found." }
+  end
+
   private
 
   def generate_fraud_leaderboard(week_number)
@@ -172,13 +218,19 @@ def require_fraud_access
   def get_project_navigation(current_project, filter_params)
     # Convert params to hash safely
     safe_params = filter_params.respond_to?(:permit) ?
-      filter_params.permit(:name, :author, :week, :fraud_status, :reasoning).to_h :
+      filter_params.permit(:name, :author, :week, :fraud_status, :reasoning, :show_hidden).to_h :
       filter_params.to_h
 
     # Build the same query as index action to get the filtered list
     projects = Project.includes(:user)
                      .where(status: [ "submitted", "pending_voting", "waiting_for_review", "finished" ])
 
+    # Apply hidden filter (same logic as index action)
+    show_hidden = current_user&.super_admin? && (safe_params[:show_hidden] == 'true' || safe_params["show_hidden"] == 'true')
+    unless show_hidden
+      projects = projects.where(hidden: false)
+    end
+
     # Apply the same filters as index action
     fraud_status_filter = safe_params[:fraud_status].presence || safe_params["fraud_status"].presence || "sus"
 

app/controllers/market_controller.rb

@@ -16,10 +16,10 @@ def index
                                           .pluck(:item_name)
     @purchasable_cosmetics = Cosmetic.purchasable
                                     .where.not(name: purchased_cosmetic_names)
-                                    .includes(image_attachment: :blob)
+                                    .includes(:image_attachment)
 
     # Get all purchasable physical items (can be bought multiple times)
-    @purchasable_physical_items = PhysicalItem.purchasable.includes(image_attachment: :blob)
+    @purchasable_physical_items = PhysicalItem.purchasable.includes(:image_attachment)
 
     # Check if user is in supported region for regular tech tree
     @user_in_supported_region = user_in_supported_region?
@@ -87,14 +87,17 @@ def purchase
             render json: { success: false, error: "You've already purchased the maximum amount of this item! (#{purchased_count}/#{max_purchases})" }
             return
           end
+        elsif tech_tree_item[:maxPurchases].nil?
+          # Unlimited purchases (maxPurchases is null)
+          # No purchase limit check needed
         elsif tech_tree_item[:maxPurchases] && tech_tree_item[:maxPurchases] > 1
           # Multi-purchase item with static limit
           if purchased_count >= tech_tree_item[:maxPurchases]
             render json: { success: false, error: "You've already purchased the maximum amount of this item!" }
             return
           end
         else
-          # Default: Single purchase item (maxPurchases nil or 1)
+          # Default: Single purchase item (maxPurchases is 1)
           if purchased_count > 0
             render json: { success: false, error: "You already own this item!" }
             return

app/controllers/ysws_review_controller.rb

@@ -223,7 +223,7 @@ def show
       @time_readable = view_context.format_time_from_seconds(@time_seconds)
       @votes = @project ? Vote.joins(:ballot).includes(ballot: :user).where(project: @project).order("ballots.created_at DESC") : []
 
-      cast_votes = @votes.where(voted: true)
+      cast_votes = @project ? @votes.where(voted: true) : []
       @average_score = cast_votes.any? ? cast_votes.average(:star_count).to_f.round(2) : nil
       @raw_hours = (@time_seconds / 3600.0).round(2)
 

app/views/greg/index.html.erb

@@ -505,6 +505,17 @@
                 placeholder: "Search in reasoning text", 
                 class: "filter-input" %>
           </div>
+          
+          <% if current_user&.super_admin? %>
+            <div class="filter-group">
+              <label class="filter-label" style="display: flex; align-items: center; gap: 0.5rem;">
+                <%= form.check_box :show_hidden, 
+                    { checked: params[:show_hidden] == 'true' }, 
+                    'true', 'false' %>
+                Show Hidden Projects
+              </label>
+            </div>
+          <% end %>
         </div>
 
         <div class="filter-actions">
@@ -604,6 +615,18 @@
               <% if project.user.slack_id.present? %>
                 <%= link_to "Joe Profile", "https://dash.fraud.land/profile/#{project.user.slack_id}", target: "_blank", class: "greg-project-link", onclick: "event.stopPropagation()" %>
               <% end %>
+              
+              <% if current_user&.super_admin? %>
+                <% if project.hidden? %>
+                  <button class="greg-project-link greg-unhide-btn" onclick="event.stopPropagation(); unhideProject(<%= project.id %>)" title="Unhide project">
+                    Unhide
+                  </button>
+                <% else %>
+                  <button class="greg-project-link greg-hide-btn" onclick="event.stopPropagation(); hideProject(<%= project.id %>)" title="Hide project">
+                    Hide
+                  </button>
+                <% end %>
+              <% end %>
             </div>
           </div>
         <% end %>
@@ -676,4 +699,73 @@
     localStorage.removeItem('greg-dark-mode');
   }
 })();
+
+// Hide/Unhide project functionality
+function hideProject(projectId) {
+  if (!confirm('Are you sure you want to hide this project?')) {
+    return;
+  }
+  
+  fetch(`/fraud/projects/${projectId}/hide`, {
+    method: 'PATCH',
+    headers: {
+      'Content-Type': 'application/json',
+      'X-CSRF-Token': document.querySelector('meta[name="csrf-token"]').getAttribute('content')
+    }
+  })
+  .then(response => response.json())
+  .then(data => {
+    if (data.success) {
+      // Update the button to show "Unhide"
+      const hideBtn = document.querySelector(`button[onclick*="hideProject(${projectId})"]`);
+      if (hideBtn) {
+        hideBtn.textContent = 'Unhide';
+        hideBtn.setAttribute('onclick', `event.stopPropagation(); unhideProject(${projectId})`);
+        hideBtn.className = 'greg-project-link greg-unhide-btn';
+        hideBtn.title = 'Unhide project';
+      }
+      alert(data.message);
+    } else {
+      alert('Error: ' + data.error);
+    }
+  })
+  .catch(error => {
+    console.error('Error:', error);
+    alert('An error occurred while hiding the project.');
+  });
+}
+
+function unhideProject(projectId) {
+  if (!confirm('Are you sure you want to unhide this project?')) {
+    return;
+  }
+  
+  fetch(`/fraud/projects/${projectId}/unhide`, {
+    method: 'PATCH',
+    headers: {
+      'Content-Type': 'application/json',
+      'X-CSRF-Token': document.querySelector('meta[name="csrf-token"]').getAttribute('content')
+    }
+  })
+  .then(response => response.json())
+  .then(data => {
+    if (data.success) {
+      // Update the button to show "Hide"
+      const unhideBtn = document.querySelector(`button[onclick*="unhideProject(${projectId})"]`);
+      if (unhideBtn) {
+        unhideBtn.textContent = 'Hide';
+        unhideBtn.setAttribute('onclick', `event.stopPropagation(); hideProject(${projectId})`);
+        unhideBtn.className = 'greg-project-link greg-hide-btn';
+        unhideBtn.title = 'Hide project';
+      }
+      alert(data.message);
+    } else {
+      alert('Error: ' + data.error);
+    }
+  })
+  .catch(error => {
+    console.error('Error:', error);
+    alert('An error occurred while unhiding the project.');
+  });
+}
 </script>