Skip to content

Instantly share code, notes, and snippets.

@Znow

Znow/gist:1010719

Created June 6, 2011 17:57
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save Znow/1010719 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save Znow/1010719 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
gistfile1.txt
class UsersController < ApplicationController
include SessionsHelper
#before_filter :authenticate, :only => [:index, :show, :edit, :update, :destroy]
#before_filter :correct_user, :only => [:edit, :update]
#before_filter :admin_user, :only => [:index, :destroy]
before_filter :signed_in_user, :only => [:new, :show, :create, :edit, :update, :destroy]
# GET /users
# GET /users.xml
def index
@users = User.all
respond_to do |format|
format.html # index.html.erb
format.xml { render :xml => @users }
end
end
# GET /users/1
# GET /users/1.xml
def show
@user = User.find(params[:id])
respond_to do |format|
format.html # show.html.erb
format.xml { render :xml => @user }
end
end
# GET /users/new
# GET /users/new.xml
def new
@user = User.new
respond_to do |format|
format.html # new.html.erb
format.xml { render :xml => @user }
end
end
# GET /users/1/edit
def edit
@user = User.find(params[:id])
end
# POST /users
# POST /users.xml
def create
@user = User.new(params[:user])
if @user.save
#sign_in @user
flash[:success] = "User created successfully!"
redirect_to @user
else
render 'new'
end
end
# PUT /users/1
# PUT /users/1.xml
def update
@user = User.find(params[:id])
respond_to do |format|
if @user.update_attributes(params[:user])
format.html { redirect_to(@user, :notice => 'User was successfully updated.') }
format.xml { head :ok }
else
format.html { render :action => "edit" }
format.xml { render :xml => @user.errors, :status => :unprocessable_entity }
end
end
end
# DELETE /users/1
# DELETE /users/1.xml
def destroy
@user = User.find(params[:id])
@user.destroy
respond_to do |format|
format.html { redirect_to(users_url) }
format.xml { head :ok }
end
end
private
# Private from Users_controller
#def correct_user
#@user = User.find(params[:id])
#redirect_to(root_path) unless current_user?(@user)
#end
def admin_user
flash[:error] = "You don't have permission to view users"
redirect_to(root_path) unless current_user.admin?
end
end
module SessionsHelper
def current_user
@current_user ||= user_from_remember_token
end
def current_user?(user)
user == current_user
end
def sign_in(user)
cookies.permanent.signed[:remember_token] = [user.id, user.salt]
self.current_user = user # Sets the current_user object to the user object
end
def current_user=(user)
@current_user = user
end
# Signs the user out
def sign_out
cookies.delete(:remember_token) # Deletes the cookie :remember_token
self.current_user = nil # sets the current_user object to nil
end
def signed_in?
!current_user.nil?
end
def signed_in_user
if signed_in?
flash[:error] = "You cannot create a user while signed in"
redirect_to users_path
end
end
def deny_access
store_location
redirect_to signin_path, :notice => "Please sign in to access this page" # A shortcut to put a message in flash[:notice] with redirect_to, also works with :error but not :success
end
def redirect_back_or(default)
redirect_to(session[:return_to] || default)
clear_return_to
end
private
def user_from_remember_token
User.authenticate_with_salt(*remember_token)
end
def remember_token
cookies.signed[:remember_token] || [nil, nil]
end
def store_location
session[:return_to] = request.fullpath
end
def clear_return_to
session[:return_to] = nil
end
end
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment