Merge pull request #611 from CartoDB/CDB-3549

fixed clone for shared visualizations CDB-3549

app/controllers/api/json/users_controller.rb

@@ -23,11 +23,12 @@ class Api::Json::UsersController < Api::ApplicationController
       organization_username = referer_match[5]
     end
 
-    # This array is actually a hack. We will only return at most 1 url, but this way is compatible with the old endpoint
     dashboard_urls = []
     dashboard_base_url = ''
+    username = nil
     can_fork = false
 
+
     if !authenticated_users.empty?
       # It doesn't have a organization username component
       # We assume it's not a organization referer
@@ -35,7 +36,7 @@ class Api::Json::UsersController < Api::ApplicationController
         # The user is seeing its own dashboard
         if authenticated_users.include?(subdomain)
           dashboard_base_url = CartoDB.base_url(subdomain)
-          can_fork = can_org_user_fork_resource(referer, User.where(username: authenticated_users.first).first)
+          username = authenticated_users.first
         # The user is authenticated but seeing another user dashboard
         else
           user_belongs_to_organization = CartoDB::UserOrganization.user_belongs_to_organization?(authenticated_users.first)
@@ -44,7 +45,7 @@ class Api::Json::UsersController < Api::ApplicationController
             dashboard_base_url = CartoDB.base_url(authenticated_users.first)
           else
             dashboard_base_url = CartoDB.base_url(user_belongs_to_organization, authenticated_users.first)
-            can_fork = can_org_user_fork_resource(referer, User.where(username: authenticated_users.first).first)
+            username = authenticated_users.first
           end
         end
       else
@@ -52,6 +53,7 @@ class Api::Json::UsersController < Api::ApplicationController
         if authenticated_users.include?(organization_username)
           dashboard_base_url = CartoDB.base_url(subdomain, organization_username)
           can_fork = can_org_user_fork_resource(referer, User.where(username: authenticated_users.first).first)
+          username = authenticated_users.first
         # The user is seeing a organization dashboard, but not its one
         else
           # Get all users on the referer organization and intersect with the authenticated users list
@@ -63,6 +65,8 @@ class Api::Json::UsersController < Api::ApplicationController
           # The user is authenticated with a user of the organization
           if !users_intersection.empty?
             dashboard_base_url = CartoDB.base_url(subdomain, users_intersection.first)
+            can_fork = can_org_user_fork_resource(referer, User.where(username: users_intersection.first).first)
+            username = users_intersection.first
           # The user is authenticated with a user not belonging to the requested organization dashboard
           # Let's get the first user in the session
           else
@@ -83,7 +87,8 @@ class Api::Json::UsersController < Api::ApplicationController
 
     render json: {
       urls: dashboard_urls,
-      can_fork: can_fork
+      can_fork: can_fork,
+      username: username
     }
 
   end
@@ -113,9 +118,6 @@ class Api::Json::UsersController < Api::ApplicationController
     else
       #a public table always can be forked by org user
       true
-      #res = referer_match[1]
-      #vis = Table.get_by_id_or_name(res, current_user).table_visualization
-      #vis.has_permission?(current_user, CartoDB::Visualization::Member::PERMISSION_READONLY)
     end
   end
 

app/views/admin/visualizations/public_map.html.erb

@@ -393,18 +393,22 @@
 
           $('.fork').click(function(e) {
             e.preventDefault();
-            var baseUrl = location.pathname.substring(0, location.pathname.indexOf('/viz/'))
+            var baseUrl = location.origin
+            // HACK
+            // gloabl AUTH_USERNAME is set from a javascript request. That request enables .fork button
+            // so in theory when this code is executed AUTH_USER should be set
+            // see public_dashboard.js
             $.ajax({
-              url: baseUrl + '/api/v1/viz/',
+              url: baseUrl + '/u/' + window.AUTH_USER + '/api/v1/viz/',
               type: 'POST',
               data: JSON.stringify({
-                source_visualization_id: '<%= @visualization.id%>',
-                name: '<%= @visualization.name %> copy'
+                source_visualization_id: '<%= @visualization.id %>',
+                name: '<%= @visualization.name %> clone'
               }),
               dataType: 'json',
               contentType: 'application/json',
               success: function(vis) {
-                window.location = baseUrl + "/viz/" + vis.id
+                window.location = baseUrl + '/u/' + window.AUTH_USER + "/viz/" + vis.id
               }
             });
             return false;

lib/assets/javascripts/cartodb/public_dashboard/public_dashboard.js

@@ -50,6 +50,7 @@ $(function() {
       if (users.can_fork) {
         // enable copy table
         $('.fork').show();
+        window.AUTH_USER = users.username;
       }
     } else {
       // Check if domain comes from cartodb or other place