Class: Caboose::UsersController

Inherits:

ApplicationController

• Object
• ActionController::Base
• ApplicationController
• Caboose::UsersController

Defined in:

app/controllers/caboose/users_controller.rb

Instance Method Summary

• #before_action ⇒ Object
• #create ⇒ Object

  POST /admin/users.

• #destroy ⇒ Object

  DELETE /admin/users/1.

• #edit ⇒ Object

  GET /admin/users/1/edit.

• #edit_password ⇒ Object

  GET /admin/users/1/edit-password.

• #index ⇒ Object

  GET /admin/users.

• #new ⇒ Object

  GET /admin/users/new.

• #options ⇒ Object

  GET /admin/users/options.

• #update ⇒ Object

  PUT /admin/users/1.

• #update_pic ⇒ Object

  POST /admin/users/1/update-pic.

Methods inherited from ApplicationController

#before_before_action, #logged_in?, #logged_in_user, #login_user, #reject_param, #user_is_allowed, #validate_token, #var

Instance Method Details

#before_action ⇒ Object

# File 'app/controllers/caboose/users_controller.rb', line 6

def before_action
  @page = Page.page_with_uri('/admin')
end

#create ⇒ Object

POST /admin/users

# File 'app/controllers/caboose/users_controller.rb', line 49

def create
  return if !user_is_allowed('users', 'add')
  
  resp = StdClass.new({
      'error' => nil,
      'redirect' => nil
  })
  
  user = User.new()
  user.username = params[:username]
  
  if (user.username.length == 0)
    resp.error = "Your username is required."
  elsif      
    user.save
    resp.redirect = "/admin/users/#{user.id}/edit"
  end
  render json: resp
end

#destroy ⇒ Object

DELETE /admin/users/1

# File 'app/controllers/caboose/users_controller.rb', line 110

def destroy
  return if !user_is_allowed('users', 'delete')
  user = User.find(params[:id])
  user.destroy
  
  resp = StdClass.new({
    'redirect' => '/admin/users'
  })
  render json: resp
end

#edit ⇒ Object

GET /admin/users/1/edit

# File 'app/controllers/caboose/users_controller.rb', line 35

def edit
  return if !user_is_allowed('users', 'edit')
  @edituser = User.find(params[:id])    
  @all_roles = Role.tree
  @roles = Role.roles_with_user(@edituser.id)
end

#edit_password ⇒ Object

GET /admin/users/1/edit-password

# File 'app/controllers/caboose/users_controller.rb', line 43

def edit_password
  return if !user_is_allowed('users', 'edit')
  @edituser = User.find(params[:id])
end

#index ⇒ Object

GET /admin/users

# File 'app/controllers/caboose/users_controller.rb', line 11

def index
  return if !user_is_allowed('users', 'view')
  
  @gen = PageBarGenerator.new(params, {
		  'first_name'  => '',
		  'last_name'		=> '',
		  'username'	  => '',
		  'email' 		  => '',
		},{
		  'model'       => 'Caboose::User',
	    'sort'			  => 'last_name, first_name',
		  'desc'			  => false,
		  'base_url'		=> '/admin/users'
	})
	@users = @gen.items
end

#new ⇒ Object

GET /admin/users/new

# File 'app/controllers/caboose/users_controller.rb', line 29

def new
  return if !user_is_allowed('users', 'add')
  @newuser = User.new
end

#options ⇒ Object

GET /admin/users/options

# File 'app/controllers/caboose/users_controller.rb', line 122

def options
  return if !user_is_allowed('users', 'view')
  @users = User.reorder('last_name, first_name').all
  options = @users.collect { |u| { 'value' => u.id, 'text' => "#{u.first_name} #{u.last_name}"}}
  render json: options
end

#update ⇒ Object

PUT /admin/users/1

# File 'app/controllers/caboose/users_controller.rb', line 70

def update
  return if !user_is_allowed('users', 'edit')

  resp = StdClass.new     
  user = User.find(params[:id])

  save = true
  params.each do |name,value|
    case name
	  	when "first_name", "last_name", "username", "email"
	  	  user[name.to_sym] = value
	  	when "password"			  
	  	  confirm = params[:confirm]
	  		if (value != confirm)			
	  		  resp.error = "Passwords do not match.";
	  		  save = false
	  		elsif (value.length < 8)
	  		  resp.error = "Passwords must be at least 8 characters.";
	  		  save = false
	  		else
	  		  user.password = Digest::SHA1.hexdigest(Caboose::salt + value)
	  		end
	  	when "roles"
	  	  user.roles = [];
	  	  value.each { |rid| user.roles << Role.find(rid) } unless value.nil?
	  	  resp.attribute = { 'text' => user.roles.collect{ |r| r.name }.join(', ') }    		  
	  end
	end
	
	resp.success = save && user.save
	render json: resp
end

#update_pic ⇒ Object

POST /admin/users/1/update-pic

# File 'app/controllers/caboose/users_controller.rb', line 104

def update_pic
  @edituser = User.find(params[:id])
  @new_value = "Testing"
end