Class: Concen::UsersController

Inherits:

ApplicationController

• Object
• ActionController::Base
• ApplicationController
• Concen::UsersController

Defined in:

app/controllers/concen/users_controller.rb

Instance Method Summary

• #create ⇒ Object
• #destroy ⇒ Object
• #edit ⇒ Object
• #index ⇒ Object
• #invite ⇒ Object
• #new ⇒ Object
• #new_invite ⇒ Object
• #new_reset_password ⇒ Object
• #reset_password ⇒ Object
• #toggle_attribute ⇒ Object
• #update ⇒ Object

Instance Method Details

#create ⇒ Object

# File 'app/controllers/concen/users_controller.rb', line 18

def create
  if !User.all.any? || (current_concen_user && current_concen_user.full_control)
    @user = User.new(params[:concen_user])
    @user.full_control = true
    if @user.save
      redirect_to(concen_users_path, :notice => "User was successfully created.")
    else
      render :new
    end
  end
end

#destroy ⇒ Object

# File 'app/controllers/concen/users_controller.rb', line 65

def destroy
  if current_concen_user.full_control
    @user = User.find(params[:id])
    @user.destroy
    redirect_to concen_users_path
  else
    flash[:notice] = "Only user with full control can delete a user."
    redirect_to concen_users_path
  end
end

#edit ⇒ Object

# File 'app/controllers/concen/users_controller.rb', line 30

def edit
  if params[:password_reset_token]
    @user = User.where(:password_reset_token => params[:password_reset_token]).first
  elsif params[:invitation_token]
    @user = User.where(:invitation_token => params[:invitation_token]).first
  else
    @page_title = "Settings"
    @user = current_concen_user
  end
  redirect_to concen_signin_path unless @user
end

#index ⇒ Object

# File 'app/controllers/concen/users_controller.rb', line 5

def index
  @page_title = "Users"
  @users = User.all
end

#invite ⇒ Object

# File 'app/controllers/concen/users_controller.rb', line 97

def invite
  if current_concen_user.full_control
    @user = User.send_invitation params[:concen_user][:email]
    redirect_to concen_users_path, :notice => "Invitation has been sent."
  else
    redirect_to concen_users_path, :notice => "Only user with full control can invite."
  end
end

#new ⇒ Object

# File 'app/controllers/concen/users_controller.rb', line 10

def new
  if User.all.any?
    redirect_to root_path
  else
    @user = User.new
  end
end

#new_invite ⇒ Object

# File 'app/controllers/concen/users_controller.rb', line 89

def new_invite
  if current_concen_user.full_control
    @user = User.new
  else
    redirect_to(concen_users_path, :notice => "Only user with full control can invite.")
  end
end

#new_reset_password ⇒ Object

# File 'app/controllers/concen/users_controller.rb', line 106

def new_reset_password
  @user = User.new
end

#reset_password ⇒ Object

# File 'app/controllers/concen/users_controller.rb', line 110

def reset_password
  @user = User.where(:email => params[:concen_user][:email]).first
  @user.send_password_reset
  redirect_to concen_signin_path, :notice => "Password reset instruction has been sent."
end

#toggle_attribute ⇒ Object

# File 'app/controllers/concen/users_controller.rb', line 76

def toggle_attribute
  respond_to do |format|
    if current_concen_user.full_control
      @user = User.find(params[:id])
      @user.write_attribute(params[:attribute].to_sym, !@user.read_attribute(params[:attribute].to_sym))
      @user.save
      format.json { render :json => {:success => true} }
    else
      format.json { render :json => {:success => false, :message => "Only user with full control can toggle attribute."} }
    end
  end
end

#update ⇒ Object

# File 'app/controllers/concen/users_controller.rb', line 42

def update
  if params[:concen_user][:password_reset_token]
    @user = User.where(:password_reset_token => params[:concen_user][:password_reset_token]).first
    authenticated = true if @user.password_reset_sent_at > 2.hours.ago
  elsif params[:concen_user][:invitation_token]
    @user = User.where(:invitation_token => params[:concen_user][:invitation_token]).first
    authenticated = true if @user.invitation_sent_at > 24.hours.ago
  else
    @user = current_concen_user
    authenticated = true if @user.authenticate(params[:concen_user].delete(:current_password))
  end
  if @user && authenticated
    if @user.update_attributes(params[:concen_user])
      redirect_to edit_concen_user_path @user
    else
      render :edit
    end
  else
    flash.now.alert = "Invalid password."
    render :edit
  end
end