Created
January 17, 2010 19:39
-
-
Save elricstorm/279536 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| class UsersController < ApplicationController | |
| before_filter :find_user, :only => [:suspend, :unsuspend, :destroy, :purge] | |
| before_filter :login_required, :except => [:new, :create, :activate, :change_password, :forgot_password, :reset_password] | |
| before_filter :authorize, :except => [:new, :create, :activate, :change_password, :forgot_password, :reset_password] | |
| def index | |
| @users = User.find(:all) | |
| respond_to do |format| | |
| format.html # index.html.erb | |
| format.xml { render :xml => @messages } | |
| end | |
| end | |
| def force_activate | |
| @user = User.force_activate_now(params[:id]) | |
| respond_to do |format| | |
| format.html { redirect_to users_path } | |
| format.xml { head :ok } | |
| end | |
| end | |
| def show | |
| @user = User.find(params[:id]) | |
| respond_to do |format| | |
| format.html # show.html.erb | |
| format.xml { render :xml => @message } | |
| end | |
| end | |
| def edit | |
| @user = User.find(params[:id]) | |
| end | |
| def update | |
| @user = User.find(params[:id]) | |
| respond_to do |format| | |
| if @user.update_attributes(params[:user]) | |
| flash[:notice] = 'User was successfully updated.' | |
| format.html { redirect_to users_path } | |
| format.xml { head :ok } | |
| else | |
| format.html { render :action => "edit" } | |
| format.xml { render :xml => @user.errors, :status => :unprocessable_entity } | |
| end | |
| end | |
| end | |
| def destroy | |
| @user = User.find(params[:id]) | |
| @user.destroy | |
| respond_to do |format| | |
| format.html { redirect_to users_path } | |
| format.xml { head :ok } | |
| end | |
| end | |
| def new | |
| @user = User.new | |
| respond_to do |format| | |
| format.html # new.html.erb | |
| format.xml { render :xml => @message } | |
| end | |
| end | |
| def create | |
| logout_keeping_session! | |
| @user = User.new(params[:user]) | |
| @user.register! if @user && @user.valid? | |
| success = @user && @user.valid? | |
| if success && @user.errors.empty? | |
| flash[:notice] = "Thanks for signing up! We're sending you an email with your activation code." | |
| else | |
| flash[:error] = "We couldn't set up that account, sorry. Please try again, or contact an admin (link is above)." | |
| render :action => 'new' | |
| end | |
| end | |
| def activate | |
| logout_keeping_session! | |
| user = User.find_by_activation_code(params[:activation_code]) unless params[:activation_code].blank? | |
| case | |
| when (!params[:activation_code].blank?) && user && !user.active? | |
| user.activate! | |
| flash[:notice] = "Signup complete! Please sign in to continue." | |
| redirect_to '/login' | |
| when params[:activation_code].blank? | |
| flash[:error] = "The activation code was missing. Please follow the URL from your email." | |
| redirect_back_or_default('/') | |
| else | |
| flash[:error] = "We couldn't find a user with that activation code -- check your email? Or maybe you've already activated -- try signing in." | |
| redirect_back_or_default('/') | |
| end | |
| end | |
| def suspend | |
| @user.suspend! | |
| redirect_to users_path | |
| end | |
| def unsuspend | |
| @user.unsuspend! | |
| redirect_to users_path | |
| end | |
| def purge | |
| @user.destroy | |
| redirect_to users_path | |
| end | |
| def change_password | |
| return unless request.post? | |
| if User.authenticate(current_user.login, params[:old_password]) | |
| if ((params[:password] == params[:password_confirmation]) && !params[:password_confirmation].blank?) | |
| current_user.password_confirmation = params[:password_confirmation] | |
| current_user.password = params[:password] | |
| if current_user.save | |
| flash[:notice] = "Password was successfully updated." | |
| redirect_to profile_url(current_user.login) | |
| else | |
| flash[:alert] = "Password has not been changed." | |
| end | |
| else | |
| flash[:alert] = "New Password mismatch.." | |
| @old_password = params[:old_password] | |
| end | |
| else | |
| flash[:alert] = "Your old password is incorrect." | |
| end | |
| end | |
| #gain email address | |
| def forgot_password | |
| return unless request.post? | |
| if @user = User.find_by_email(params[:user][:email]) | |
| @user.forgot_password | |
| @user.save | |
| redirect_back_or_default('/') | |
| flash[:notice] = "A password reset link has been sent to your email address" | |
| else | |
| flash[:alert] = "Could not find a user with that email address" | |
| end | |
| end | |
| #reset password | |
| def reset_password | |
| @user = User.find_by_password_reset_code(params[:id]) | |
| return if @user unless params[:user] | |
| if ((params[:user][:password] && params[:user][:password_confirmation]) && !params[:user][:password_confirmation].blank?) | |
| self.current_user = @user #for the next two lines to work | |
| current_user.password_confirmation = params[:user][:password_confirmation] | |
| current_user.password = params[:user][:password] | |
| @user.reset_password | |
| flash[:notice] = current_user.save ? "Password reset was successful." : "Password reset has failed." | |
| redirect_back_or_default('/') | |
| else | |
| flash[:alert] = "Password mismatch.." | |
| end | |
| end | |
| protected | |
| def find_user | |
| @user = User.find(params[:id]) | |
| end | |
| end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment