Class: Auth::ProfilesController

Inherits:

Object
ApplicationController
ApplicationController
Auth::ProfilesController

show all

Includes:: Concerns::DeviseConcern, Concerns::TokenConcern

Defined in:: app/controllers/auth/profiles_controller.rb

Constant Summary collapse

CONDITIONS_FOR_TOKEN_AUTH =

[:get_user_id,:show,:update,:set_proxy_resource]

TCONDITIONS =

{:only => CONDITIONS_FOR_TOKEN_AUTH}

Instance Method Summary collapse

#credential_exists ⇒ Object

@used_in: email check if already exists.
#get_user_id ⇒ Object

here the idea is to just return the current_signed_in_resource’s id.
#initialize_vars ⇒ Object
#set_proxy_resource ⇒ Object

THIS IS HOW YOU SET A PROXY USER AS AN ADMIN.
#show ⇒ Object

this method needs token authentication, or for the user to be authenticated.
#update ⇒ Object

this method needs the token authentication and an :id, hence the profile resource is updated.

Methods inherited from ApplicationController

#authenticate_resource!, #check_for_create, #check_for_destroy, #check_for_update, #from_bson, #from_view, #not_found

Instance Method Details

#credential_exists ⇒ `Object`

@used_in: email check if already exists. this method is only usable through web. not available currently for api use.

# File 'app/controllers/auth/profiles_controller.rb', line 110

def credential_exists
  filt = permitted_params
  resource = get_model(filt["resource"])
  is_valid = false
  if resource
    conditions = resource.credential_exists(filt)
    is_valid = (resource.or(*conditions).count == 0)
  end
  respond_to do |format|
    format.json { render json: {"is_valid" => is_valid} }
  end
end

#get_user_id ⇒ `Object`

here the idea is to just return the current_signed_in_resource’s id. it doesn’t have anything to do with the profiel since no id is sent into the params, so profile_resource will never be found.

# File 'app/controllers/auth/profiles_controller.rb', line 77

def get_user_id
  res = current_signed_in_resource
  res.m_client = self.m_client
  respond_with current_signed_in_resource do |format|
    format.json {render json: current_signed_in_resource.as_json({:show_id => true})}
  end
end

#initialize_vars ⇒ `Object`

# File 'app/controllers/auth/profiles_controller.rb', line 14

def initialize_vars
  puts "---------------------------------------------------"
  @resource_params = {}
  @profile_resource = nil
  @all_params = permitted_params.deep_symbolize_keys
  
  
    if collection = @all_params[:resource]
      
      if Auth.configuration.auth_resources[collection.singularize.capitalize]

        @resource_class = collection.singularize.capitalize.constantize
        @resource_symbol = collection.singularize.to_sym
        
        @resource_params = @all_params.fetch(@resource_symbol,{})
        
        @profile_resource = @all_params[:id] ? @resource_class.find_resource(@all_params[:id],current_signed_in_resource) : @resource_class.new(@resource_params)
      end
    end      
end

#set_proxy_resource ⇒ `Object`

THIS IS HOW YOU SET A PROXY USER AS AN ADMIN. this method takes an id. it also needs current signed in user to be an admin. it basically takes the @profile_resource then it shoves it into the session as proxy_resource_id and proxy_resource_class then it returns the profile_resource. it responds only to js it is meant to be used only for setting the proxied user by an admin in the web application. expect the params to contain params and params

# File 'app/controllers/auth/profiles_controller.rb', line 95

def set_proxy_resource
  not_found("that user doesn't exist") unless @profile_resource
  session[:proxy_resource_id] = @profile_resource.id.to_s
  session[:proxy_resource_class] = @profile_resource.class.name.to_s
  #puts "the session variables set are as follows:"
  #puts session[:proxy_resource_id]
  #puts session[:proxy_resource_class]
end

#show ⇒ `Object`

this method needs token authentication, or for the user to be authenticated. this method also needs an :id, hence the profile_resource is returned. so what if i sign in as one user,and send in the id of another user?, no because we use the find_resource method, which also considers the current_signed_in_Resource.



39
40
41

# File 'app/controllers/auth/profiles_controller.rb', line 39

def show
  @profile_resource
end

#update ⇒ `Object`

this method needs the token authentication and an :id, hence the profile resource is updated. expected params hash: => “users”, :user => {:admin,:request_send_reset_password_link, :id}

# File 'app/controllers/auth/profiles_controller.rb', line 47

def update
  check_for_update(@profile_resource)
  
  if @resource_params[:admin]
    @profile_resource.admin = @resource_params[:admin]
  end

  if @resource_params[:created_by_admin]
    @profile_resource.created_by_admin = @resource_params[:created_by_admin]
  end

  @profile_resource.m_client = self.m_client
  
  
  respond_to do |format|
      if @profile_resource.save
         flash[:notice] = "Success"
        format.json {head :no_content}
        format.html {redirect_to profile_path({:id => @profile_resource.id.to_s, :resource => @profile_resource.class.name.pluralize.downcase.to_s})}
      else
         flash[:notice] = "Failed"
         format.json {render :json => @profile_resource.errors, :status => :unprocessable_entity}
         format.html {redirect_to profile_path({:id => @profile_resource.id.to_s, :resource => @profile_resource.class.name.pluralize.downcase.to_s})}
      end
    end
end

Class: Auth::ProfilesController

Constant Summary collapse

Instance Method Summary collapse

Methods inherited from ApplicationController

Instance Method Details

#credential_exists ⇒ Object

#get_user_id ⇒ Object

#initialize_vars ⇒ Object

#set_proxy_resource ⇒ Object