Class: UsersController

Inherits:
ApplicationController show all
Defined in:
app/controllers/users_controller.rb

Instance Method Summary collapse

Methods included from RequestType

#json_request?

Methods included from LogRecent

#log_user_recent_route

Methods included from Cookies

#digest_cookie, #digested_cookie_exists?

Methods included from Whitelist

#whitelist_constantize

Methods included from ProjectsHelper

#invalid_object, #project_link, #project_matches, #project_tag, #projects_list, #projects_search_form

Methods included from Api::Intercept

#intercept_api

Methods included from TokenAuthentication

#intercept_project, #intercept_user, #intercept_user_or_project, #project_token_authenticate, #token_authenticate

Instance Method Details

#autocompleteObject


132
133
134
# File 'app/controllers/users_controller.rb', line 132

def autocomplete
  @users = Queries::User::Autocomplete.new(params.require(:term)).autocomplete
end

#createObject

POST /users


29
30
31
32
33
34
35
36
37
38
39
40
# File 'app/controllers/users_controller.rb', line 29

def create
  @user = User.new(user_params)
  @user.is_flagged_for_password_reset = is_superuser?

  if @user.save
    flash[:success] = "User #{@user.email} successfully created."
    # TODO: Email the user their information.
    redirect_to root_path
  else
    render 'new'
  end
end

#destroyObject

DELETE /users/:id


59
60
61
62
63
# File 'app/controllers/users_controller.rb', line 59

def destroy
  User.find(params[:id]).destroy
  flash[:success] = 'Account has been deleted.'
  redirect_to root_url
end

#editObject

GET /users/:id/edit


25
26
# File 'app/controllers/users_controller.rb', line 25

def edit
end

#forgot_passwordObject

GET /forgot_password


66
67
# File 'app/controllers/users_controller.rb', line 66

def forgot_password
end

#indexObject

GET /users


11
12
13
# File 'app/controllers/users_controller.rb', line 11

def index
  @users = User.all.order(:name, :email)
end

#newObject

GET /signup


16
17
18
# File 'app/controllers/users_controller.rb', line 16

def new
  @user = User.new
end

#password_resetObject

GET /password_reset


97
98
99
100
# File 'app/controllers/users_controller.rb', line 97

def password_reset
  @user = User.find_by_password_reset_token(Utilities::RandomToken.digest(params[:token]))
  render 'invalid_token.html.erb' unless @user && @user.password_reset_token_date > 1.day.ago
end

#preferencesObject


128
129
130
# File 'app/controllers/users_controller.rb', line 128

def preferences
  @user = sessions_current_user
end

#recently_createdObject


121
122
# File 'app/controllers/users_controller.rb', line 121

def recently_created
end

#recently_created_statsObject


124
125
126
# File 'app/controllers/users_controller.rb', line 124

def recently_created_stats
  render json: @user.data_breakdown_for_chartkick_recent
end

#send_password_resetObject

POST /send_password_reset


70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
# File 'app/controllers/users_controller.rb', line 70

def send_password_reset
  if params[:email] 
    user = User.find_by_email(params[:email].downcase)
  end
  
  if user.nil? 
    redirect_to :forgot_password
  
    if params[:email].blank?
      flash[:alert] = 'No e-mail was given'
    else
      flash[:alert] = 'The supplied e-mail does not belong to a registered user'
    end
  else
    token = user.generate_password_reset_token
    Current.user_id = user.id
    user.save
    begin
      UserMailer.password_reset_email(user, token).deliver_now
    rescue
      redirect_to :forgot_password
      flash[:alert] = 'Failed to send e-mail. Please try again in a few minutes.'
    end
  end
end

#set_passwordObject

PATCH /set_password


103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
# File 'app/controllers/users_controller.rb', line 103

def set_password
  @user = User.find_by_password_reset_token!(Utilities::RandomToken.digest(params[:token]))

  Current.user_id = @user.id #  WHY?

  @user.require_password_presence
  
  @user.password_reset_token = nil
  @user.is_flagged_for_password_reset = false

  if @user.update(params.require(:user).permit([:password, :password_confirmation]))
    flash[:notice] = 'Password successfuly changed.'
    redirect_to root_path
  else
    render 'password_reset.html.erb'
  end
end

#set_userObject (private)


153
154
155
156
157
158
# File 'app/controllers/users_controller.rb', line 153

def set_user
  own_id = (params[:id].to_i == sessions_current_user_id)

  @user = User.find((is_superuser? || own_id) ? params[:id] : nil)
  @recent_object = @user 
end

#showObject

GET /users/:id


21
22
# File 'app/controllers/users_controller.rb', line 21

def show
end

#updateObject

PATCH or PUT /users/:id


43
44
45
46
47
48
49
50
51
52
53
54
55
56
# File 'app/controllers/users_controller.rb', line 43

def update
  respond_to do |format|
    if @user.update(user_params)
      format.html do
        flash[:success] = 'Changes to your account information have been saved.'
        redirect_to @user
      end
      format.json { render :show, location: @user }
    else
      format.html { render 'edit' }
      format.json { render json: @user.errors, status: :unprocessable_entity }
    end
  end
end

#user_paramsObject (private)


138
139
140
141
142
143
144
145
146
147
148
149
150
151
# File 'app/controllers/users_controller.rb', line 138

def user_params
  # TODO: revisit authorization of specific field settings
  basic = [
    :name,
    :email,
    :password,
    :password_confirmation,
    :set_new_api_access_token] 

  basic += [:is_project_administrator, :is_flagged_for_password_reset] if is_superuser?
  basic += [:is_administrator] if is_administrator?

  params.require(:user).permit(basic, User.key_value_preferences, User.array_preferences, User.hash_preferences)
end