Class: Concen::UsersController
- Inherits:
-
ApplicationController
- Object
- ActionController::Base
- ApplicationController
- Concen::UsersController
- Defined in:
- app/controllers/concen/users_controller.rb
Instance Method Summary collapse
- #create ⇒ Object
- #destroy ⇒ Object
- #edit ⇒ Object
- #index ⇒ Object
- #invite ⇒ Object
- #new ⇒ Object
- #new_invite ⇒ Object
- #new_reset_password ⇒ Object
- #reset_password ⇒ Object
- #toggle_attribute ⇒ Object
- #update ⇒ Object
Instance Method Details
#create ⇒ Object
18 19 20 21 22 23 24 25 26 27 28 |
# File 'app/controllers/concen/users_controller.rb', line 18 def create if !User.all.any? || (current_concen_user && current_concen_user.full_control) @user = User.new(params[:concen_user]) @user.full_control = true if @user.save redirect_to(concen_users_path, :notice => "User was successfully created.") else render :new end end end |
#destroy ⇒ Object
65 66 67 68 69 70 71 72 73 74 |
# File 'app/controllers/concen/users_controller.rb', line 65 def destroy if current_concen_user.full_control @user = User.find(params[:id]) @user.destroy redirect_to concen_users_path else flash[:notice] = "Only user with full control can delete a user." redirect_to concen_users_path end end |
#edit ⇒ Object
30 31 32 33 34 35 36 37 38 39 40 |
# File 'app/controllers/concen/users_controller.rb', line 30 def edit if params[:password_reset_token] @user = User.where(:password_reset_token => params[:password_reset_token]).first elsif params[:invitation_token] @user = User.where(:invitation_token => params[:invitation_token]).first else @page_title = "Settings" @user = current_concen_user end redirect_to concen_signin_path unless @user end |
#index ⇒ Object
5 6 7 8 |
# File 'app/controllers/concen/users_controller.rb', line 5 def index @page_title = "Users" @users = User.all end |
#invite ⇒ Object
97 98 99 100 101 102 103 104 |
# File 'app/controllers/concen/users_controller.rb', line 97 def invite if current_concen_user.full_control @user = User.send_invitation params[:concen_user][:email] redirect_to concen_users_path, :notice => "Invitation has been sent." else redirect_to concen_users_path, :notice => "Only user with full control can invite." end end |
#new ⇒ Object
10 11 12 13 14 15 16 |
# File 'app/controllers/concen/users_controller.rb', line 10 def new if User.all.any? redirect_to root_path else @user = User.new end end |
#new_invite ⇒ Object
89 90 91 92 93 94 95 |
# File 'app/controllers/concen/users_controller.rb', line 89 def new_invite if current_concen_user.full_control @user = User.new else redirect_to(concen_users_path, :notice => "Only user with full control can invite.") end end |
#new_reset_password ⇒ Object
106 107 108 |
# File 'app/controllers/concen/users_controller.rb', line 106 def new_reset_password @user = User.new end |
#reset_password ⇒ Object
110 111 112 113 114 |
# File 'app/controllers/concen/users_controller.rb', line 110 def reset_password @user = User.where(:email => params[:concen_user][:email]).first @user.send_password_reset redirect_to concen_signin_path, :notice => "Password reset instruction has been sent." end |
#toggle_attribute ⇒ Object
76 77 78 79 80 81 82 83 84 85 86 87 |
# File 'app/controllers/concen/users_controller.rb', line 76 def toggle_attribute respond_to do |format| if current_concen_user.full_control @user = User.find(params[:id]) @user.write_attribute(params[:attribute].to_sym, !@user.read_attribute(params[:attribute].to_sym)) @user.save format.json { render :json => {:success => true} } else format.json { render :json => {:success => false, :message => "Only user with full control can toggle attribute."} } end end end |
#update ⇒ Object
42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 |
# File 'app/controllers/concen/users_controller.rb', line 42 def update if params[:concen_user][:password_reset_token] @user = User.where(:password_reset_token => params[:concen_user][:password_reset_token]).first authenticated = true if @user.password_reset_sent_at > 2.hours.ago elsif params[:concen_user][:invitation_token] @user = User.where(:invitation_token => params[:concen_user][:invitation_token]).first authenticated = true if @user.invitation_sent_at > 24.hours.ago else @user = current_concen_user authenticated = true if @user.authenticate(params[:concen_user].delete(:current_password)) end if @user && authenticated if @user.update_attributes(params[:concen_user]) redirect_to edit_concen_user_path @user else render :edit end else flash.now.alert = "Invalid password." render :edit end end |