Class: Cally::UsersController

Inherits:

ApplicationController

• Object
• ActionController::Base
• ApplicationController
• Cally::UsersController

Defined in:

app/controllers/cally/users_controller.rb

Instance Method Summary

• #ask_security_question ⇒ Object
• #create ⇒ Object

  This method creates a user if the user.count is 0.

• #destroy ⇒ Object
• #edit ⇒ Object
• #execute_reset ⇒ Object
• #forgot_password ⇒ Object
• #index ⇒ Object
• #login ⇒ Object
• #new ⇒ Object

  This method shows the signup form if users count is 0.

• #reset ⇒ Object
• #reset_password ⇒ Object
• #show ⇒ Object
• #toggle_admin ⇒ Object
• #update ⇒ Object

Methods included from Methods

#admin_or_same_user?, #logged_in_as_admin?, #same_user?, #set_mailgun_prefix, #test_env?

Methods included from ApplicationHelper

#current_user, #is_admin?, #is_first_user?, #logged_in?

Instance Method Details

#ask_security_question ⇒ Object

# File 'app/controllers/cally/users_controller.rb', line 129

def ask_security_question
  # When a user want to reset his/her password then he/she have to
  # answer the security question given by him/her on signup
  # If the user doesn't exists it throws an error.
  user = User.find_by(email: user_params[:email])
  if user
    if retrieable?(user)
      @user_email = user.email
      @security_question = user.security_question
    else
      flash[:error] = 'You have reached your limit of password resets'
      redirect_to login_path
    end
  else
    flash[:error] = "User with email: '#{user_params[:email]}' not found."
    redirect_to forgot_password_path
  end
end

#create ⇒ Object

This method creates a user if the user.count is 0. if the user count >= 0 and there’s an valid invitation key then you can also create your account in all other cases this outputs an error saying there’s no valid invitation key

# File 'app/controllers/cally/users_controller.rb', line 36

def create
  if User.count == 0 || @invitation_only != 'true' || (@invitation_only == 'true' && valid_invitation_key?)
    @user = User.new(username: user_params[:username], email: user_params[:email], password: user_params[:password], 
                    security_question: user_params[:security_question], security_answer: user_params[:security_answer])
    
    # creates a rondow string of 32 characters which will be the user's key
    @user.user_key = OmwRandomString.generate(32)

    # If this is the first user created then automatically set him/her as administrator
    if User.count == 0
      @user.admin = true
    else
      @user.admin = false
    end

    if @user.save
      flash[:success] = "User '#{@user.username}' successfully created."
      session[:user_id] = @user.id 
      redirect_to user_path(@user)

      # if this creation is because of an invite then remove the invitation from the database
      if defined? @invitation_key
        Invitation.find_by(invitation_key: @invitation_key).destroy
      end
    else
      if defined? @invitation_key
        render 'new', locals: { invitation_key: @invitation_key }
      else
        flash[:error] = 'Error creating account'
        render 'new'
      end
    end
  else
    flash[:error] = 'This is invitation only'
    redirect_to invitation_path
  end
end

#destroy ⇒ Object

# File 'app/controllers/cally/users_controller.rb', line 96

def destroy
 if @user == current_user
   session[:user_id] = nil
 end

 if @user.destroy
  flash[:success] = 'User successfully deleted.'
  redirect_to login_path
 else
  flash[:error] = 'Error deleting user.'
  if logged_in?
    redirect_to user_path(current_user)
  else
    redirect_to login_path
  end
 end
end

#edit ⇒ Object

# File 'app/controllers/cally/users_controller.rb', line 83

def edit
end

#execute_reset ⇒ Object

# File 'app/controllers/cally/users_controller.rb', line 165

def execute_reset
  user = User.find_by(user_key: user_params[:user_key], reset_key: user_params[:reset_key])

  if user
    user.reset_key = nil
    user.save

    if retrieable?(user)
      added_retry = add_retry(user)
      user.password = user_params[:password]

      if user.save
        flash[:success] = 'Successfully updated password'
        redirect_to login_path
      else
        flash[:error] = 'Error updating password'
        redirect_to login_path
      end
    else
      flash[:error] = 'You have reached the limit of allowed password resets.'
      redirect_to login_path
    end
  else
    flash[:error] = "User not found"
    redirect_to login_path
  end
  
end

#forgot_password ⇒ Object

# File 'app/controllers/cally/users_controller.rb', line 126

def forgot_password
end

#index ⇒ Object

# File 'app/controllers/cally/users_controller.rb', line 16

def index
  @users = User.paginate(page: params[:page], per_page: 20)
end

#login ⇒ Object

# File 'app/controllers/cally/users_controller.rb', line 74

def login
  if User.count == 0
    redirect_to new_user_path
  end
end

#new ⇒ Object

This method shows the signup form if users count is 0. If this is invitation only then there must be a valid key

# File 'app/controllers/cally/users_controller.rb', line 22

def new
  # Checks if it is the first user or valid invitation key is provided
  # If the website is not invitation only then you can create a new user here
  if User.count == 0 || @invitation_only != 'true' || (@invitation_only == 'true' && valid_invitation_key?)
    @user = User.new
  else
    flash[:error] = 'This is invitation only, enter your email for asking for invitation.'
    redirect_to invitation_path
  end
end

#reset ⇒ Object

# File 'app/controllers/cally/users_controller.rb', line 147

def reset
  
end

#reset_password ⇒ Object

# File 'app/controllers/cally/users_controller.rb', line 151

def reset_password
  user = User.find_by(email: user_params[:email], security_answer: user_params[:security_answer].downcase)
 
  reset_key = OmwRandomString.generate(32)
  user.reset_key = reset_key

  if user && user.save
    redirect_to reset_path(user.user_key, user.reset_key)
  else
    flash[:error] = 'User email or security answer incorrect'
    redirect_to login_path
  end
end

#show ⇒ Object

# File 'app/controllers/cally/users_controller.rb', line 80

def show
end

#toggle_admin ⇒ Object

# File 'app/controllers/cally/users_controller.rb', line 114

def toggle_admin
  # Here you can toggle a user administration rights if it's not the first user.
  # The first user will always be an administrator.
  if @user != User.first && @user.update(admin: !@user.admin)
    flash[:success] = 'Admin status updated successfully.'
    redirect_to users_path
  else
    flash[:error] = 'Error updating admin status.'
    redirect_to users_path
  end 
end

#update ⇒ Object

# File 'app/controllers/cally/users_controller.rb', line 86

def update
  if @user.update(user_params)
    flash[:success] = 'Your profile is updated successfully.'
    redirect_to user_path(@user)
  else
    flash[:error] = 'Error updating your profile.'
    redirect_to edit_user_path(@user)
  end
end