Class: Concen::UsersController

Inherits:
ApplicationController show all
Defined in:
app/controllers/concen/users_controller.rb

Instance Method Summary collapse

Instance Method Details

#createObject



18
19
20
21
22
23
24
25
26
27
28
# File 'app/controllers/concen/users_controller.rb', line 18

def create
  if !User.all.any? || (current_concen_user && current_concen_user.full_control)
    @user = User.new(params[:concen_user])
    @user.full_control = true
    if @user.save
      redirect_to(concen_users_path, :notice => "User was successfully created.")
    else
      render :new
    end
  end
end

#destroyObject



65
66
67
68
69
70
71
72
73
74
# File 'app/controllers/concen/users_controller.rb', line 65

def destroy
  if current_concen_user.full_control
    @user = User.find(params[:id])
    @user.destroy
    redirect_to concen_users_path
  else
    flash[:notice] = "Only user with full control can delete a user."
    redirect_to concen_users_path
  end
end

#editObject



30
31
32
33
34
35
36
37
38
39
40
# File 'app/controllers/concen/users_controller.rb', line 30

def edit
  if params[:password_reset_token]
    @user = User.where(:password_reset_token => params[:password_reset_token]).first
  elsif params[:invitation_token]
    @user = User.where(:invitation_token => params[:invitation_token]).first
  else
    @page_title = "Settings"
    @user = current_concen_user
  end
  redirect_to  unless @user
end

#indexObject



5
6
7
8
# File 'app/controllers/concen/users_controller.rb', line 5

def index
  @page_title = "Users"
  @users = User.all
end

#inviteObject



97
98
99
100
101
102
103
104
# File 'app/controllers/concen/users_controller.rb', line 97

def invite
  if current_concen_user.full_control
    @user = User.send_invitation params[:concen_user][:email]
    redirect_to concen_users_path, :notice => "Invitation has been sent."
  else
    redirect_to concen_users_path, :notice => "Only user with full control can invite."
  end
end

#newObject



10
11
12
13
14
15
16
# File 'app/controllers/concen/users_controller.rb', line 10

def new
  if User.all.any?
    redirect_to root_path
  else
    @user = User.new
  end
end

#new_inviteObject



89
90
91
92
93
94
95
# File 'app/controllers/concen/users_controller.rb', line 89

def new_invite
  if current_concen_user.full_control
    @user = User.new
  else
    redirect_to(concen_users_path, :notice => "Only user with full control can invite.")
  end
end

#new_reset_passwordObject



106
107
108
# File 'app/controllers/concen/users_controller.rb', line 106

def new_reset_password
  @user = User.new
end

#reset_passwordObject



110
111
112
113
114
# File 'app/controllers/concen/users_controller.rb', line 110

def reset_password
  @user = User.where(:email => params[:concen_user][:email]).first
  @user.send_password_reset
  redirect_to , :notice => "Password reset instruction has been sent."
end

#toggle_attributeObject



76
77
78
79
80
81
82
83
84
85
86
87
# File 'app/controllers/concen/users_controller.rb', line 76

def toggle_attribute
  respond_to do |format|
    if current_concen_user.full_control
      @user = User.find(params[:id])
      @user.write_attribute(params[:attribute].to_sym, !@user.read_attribute(params[:attribute].to_sym))
      @user.save
      format.json { render :json => {:success => true} }
    else
      format.json { render :json => {:success => false, :message => "Only user with full control can toggle attribute."} }
    end
  end
end

#updateObject



42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
# File 'app/controllers/concen/users_controller.rb', line 42

def update
  if params[:concen_user][:password_reset_token]
    @user = User.where(:password_reset_token => params[:concen_user][:password_reset_token]).first
    authenticated = true if @user.password_reset_sent_at > 2.hours.ago
  elsif params[:concen_user][:invitation_token]
    @user = User.where(:invitation_token => params[:concen_user][:invitation_token]).first
    authenticated = true if @user.invitation_sent_at > 24.hours.ago
  else
    @user = current_concen_user
    authenticated = true if @user.authenticate(params[:concen_user].delete(:current_password))
  end
  if @user && authenticated
    if @user.update_attributes(params[:concen_user])
      redirect_to edit_concen_user_path @user
    else
      render :edit
    end
  else
    flash.now.alert = "Invalid password."
    render :edit
  end
end