Class: Auth::ProfilesController
- Inherits:
-
ApplicationController
- Object
- ApplicationController
- ApplicationController
- Auth::ProfilesController
- Includes:
- Concerns::DeviseConcern, Concerns::TokenConcern
- Defined in:
- app/controllers/auth/profiles_controller.rb
Constant Summary collapse
- CONDITIONS_FOR_TOKEN_AUTH =
[:get_user_id,:show,:update,:set_proxy_resource, :edit]
- TCONDITIONS =
{:only => CONDITIONS_FOR_TOKEN_AUTH}
Instance Method Summary collapse
-
#credential_exists ⇒ Object
@used_in: email check if already exists.
-
#get_user_id ⇒ Object
here the idea is to just return the current_signed_in_resource’s id.
- #initialize_vars ⇒ Object
-
#set_proxy_resource ⇒ Object
THIS IS HOW YOU SET A PROXY USER AS AN ADMIN.
-
#show ⇒ Object
this method needs token authentication, or for the user to be authenticated.
-
#update ⇒ Object
this method needs the token authentication and an :id, hence the profile resource is updated.
Methods inherited from ApplicationController
#authenticate_resource!, #build_model_from_params, #check_for_create, #check_for_destroy, #check_for_update, #from_bson, #from_view, #get_model_class_name, #instantiate_classes, #not_found
Instance Method Details
#credential_exists ⇒ Object
@used_in: email check if already exists. this method is only usable through web. not available currently for api use.
116 117 118 119 120 121 122 123 124 125 126 127 |
# File 'app/controllers/auth/profiles_controller.rb', line 116 def credential_exists filt = permitted_params resource = get_model(filt["resource"]) is_valid = false if resource conditions = resource.credential_exists(filt) is_valid = (resource.or(*conditions).count == 0) end respond_to do |format| format.json { render json: {"is_valid" => is_valid} } end end |
#get_user_id ⇒ Object
here the idea is to just return the current_signed_in_resource’s id. it doesn’t have anything to do with the profiel since no id is sent into the params, so profile_resource will never be found.
80 81 82 83 84 85 86 |
# File 'app/controllers/auth/profiles_controller.rb', line 80 def get_user_id res = current_signed_in_resource res.m_client = self.m_client respond_with current_signed_in_resource do |format| format.json {render json: current_signed_in_resource.as_json({:show_id => true})} end end |
#initialize_vars ⇒ Object
16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 |
# File 'app/controllers/auth/profiles_controller.rb', line 16 def initialize_vars @resource_params = {} @profile_resource = nil @all_params = permitted_params if collection = @all_params[:resource] if Auth.configuration.auth_resources[collection.singularize.capitalize] @resource_class = collection.singularize.capitalize.constantize @resource_symbol = collection.singularize.to_sym @resource_params = @all_params.fetch(@resource_symbol,{}) @profile_resource = @all_params[:id] ? @resource_class.find_resource(@all_params[:id],current_signed_in_resource) : @resource_class.new(@resource_params) end end end |
#set_proxy_resource ⇒ Object
THIS IS HOW YOU SET A PROXY USER AS AN ADMIN. this method takes an id. it also needs current signed in user to be an admin. it basically takes the @profile_resource then it shoves it into the session as proxy_resource_id and proxy_resource_class then it returns the profile_resource. it responds only to js it is meant to be used only for setting the proxied user by an admin in the web application. expect the params to contain params and params
98 99 100 101 102 103 104 105 106 107 108 |
# File 'app/controllers/auth/profiles_controller.rb', line 98 def set_proxy_resource not_found("that user doesn't exist") unless @profile_resource if params[:unset_proxy] ## this unsets the proxy user. session[:proxy_resource_id] = nil session[:proxy_resource_class] = nil else session[:proxy_resource_id] = @profile_resource.id.to_s session[:proxy_resource_class] = @profile_resource.class.name.to_s end end |
#show ⇒ Object
this method needs token authentication, or for the user to be authenticated. this method also needs an :id, hence the profile_resource is returned. so what if i sign in as one user,and send in the id of another user?, no because we use the find_resource method, which also considers the current_signed_in_Resource. now suppose we need to change something, so in show profiles, we will give this method, in the view, to update a signature
42 43 44 |
# File 'app/controllers/auth/profiles_controller.rb', line 42 def show @profile_resource end |
#update ⇒ Object
this method needs the token authentication and an :id, hence the profile resource is updated. expected params hash: => “users”, :user => {:admin,:request_send_reset_password_link, :id}
50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 |
# File 'app/controllers/auth/profiles_controller.rb', line 50 def update #puts "the profile resource is:" #puts @profile_resource.to_s check_for_update(@profile_resource) #puts "going to assing attributes." #puts "resource params are: #{}" @profile_resource.assign_attributes(@resource_params) @profile_resource.m_client = self.m_client respond_to do |format| if @profile_resource.save flash[:notice] = "Success" format.json {head :no_content} format.html {redirect_to profile_path({:id => @profile_resource.id.to_s, :resource => @profile_resource.class.name.pluralize.downcase.to_s})} else flash[:notice] = "Failed" format.json {render :json => @profile_resource.errors, :status => :unprocessable_entity} format.html {redirect_to profile_path({:id => @profile_resource.id.to_s, :resource => @profile_resource.class.name.pluralize.downcase.to_s})} end end end |