Class: UsersController

Inherits:
ApplicationController show all
Defined in:
app/controllers/users_controller.rb

Instance Attribute Summary

Attributes inherited from ApplicationController

#is_data_controller, #is_task_controller, #meta_data, #meta_description, #meta_keywords, #meta_title, #page_title, #site_name

Instance Method Summary (collapse)

Methods inherited from ApplicationController

#digest_cookie, #digested_cookie_exists?, #disable_turbolinks, #invalid_object, #is_data_controller?, #is_task_controller?, #log_user_recent_route, #project_matches, #record_not_found, #set_project_from_params

Methods included from Whitelist

#whitelist_constantize

Methods included from ProjectsHelper

#project_link, #project_tag, #projects_list, #projects_search_form

Methods included from InterceptApi

#intercept_api, #token_authenticate

Instance Method Details

- (Object) autocomplete



127
128
129
# File 'app/controllers/users_controller.rb', line 127

def autocomplete
  @users = Queries::User::Autocomplete.new(params.require(:term)).autocomplete
end

- (Object) create

POST /users



29
30
31
32
33
34
35
36
37
38
39
40
# File 'app/controllers/users_controller.rb', line 29

def create
  @user = User.new(user_params)
  @user.is_flagged_for_password_reset = is_superuser?

  if @user.save
    flash[:success] = "User #{@user.email} successfully created."
    # TODO: Email the user their information.
    redirect_to root_path
  else
    render 'new'
  end
end

- (Object) destroy

DELETE /users/:id



59
60
61
62
63
# File 'app/controllers/users_controller.rb', line 59

def destroy
  User.find(params[:id]).destroy
  flash[:success] = 'Account has been deleted.'
  redirect_to root_url
end

- (Object) edit

GET /users/:id/edit



25
26
# File 'app/controllers/users_controller.rb', line 25

def edit
end

- (Object) forgot_password

GET /forgot_password



66
67
# File 'app/controllers/users_controller.rb', line 66

def forgot_password
end

- (Object) index

GET /users



11
12
13
# File 'app/controllers/users_controller.rb', line 11

def index
  @users = User.all.order(:name, :email)
end

- (Object) new

GET /signup



16
17
18
# File 'app/controllers/users_controller.rb', line 16

def new
  @user = User.new
end

- (Object) password_reset

GET /password_reset



92
93
94
95
# File 'app/controllers/users_controller.rb', line 92

def password_reset
  @user = User.find_by_password_reset_token(Utilities::RandomToken.digest(params[:token]))
  render 'invalid_token.html.erb' unless @user && @user.password_reset_token_date > 1.day.ago
end

- (Object) preferences



123
124
125
# File 'app/controllers/users_controller.rb', line 123

def preferences
  @user = sessions_current_user
end

- (Object) recently_created



116
117
# File 'app/controllers/users_controller.rb', line 116

def recently_created
end

- (Object) recently_created_stats



119
120
121
# File 'app/controllers/users_controller.rb', line 119

def recently_created_stats
  render json: @user.data_breakdown_for_chartkick_recent
end

- (Object) send_password_reset

POST /send_password_reset



70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
# File 'app/controllers/users_controller.rb', line 70

def send_password_reset
  if params[:email] 
    user = User.find_by_email(params[:email].downcase)
  end
  
  if user.nil? 
    redirect_to :forgot_password
  
    if params[:email].blank?
      flash[:notice] = 'No e-mail was given'
    else
      flash[:notice] = 'The supplied e-mail does not belong to a registered user'
    end
  else
    token = user.generate_password_reset_token
    Current.user_id = user.id
    user.save
    UserMailer.password_reset_email(user, token).deliver_now
  end
end

- (Object) set_password

PATCH /set_password



98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
# File 'app/controllers/users_controller.rb', line 98

def set_password
  @user = User.find_by_password_reset_token!(Utilities::RandomToken.digest(params[:token]))

  Current.user_id = @user.id # $user_id = @user.id WHY?

  @user.require_password_presence
  
  @user.password_reset_token = nil
  @user.is_flagged_for_password_reset = false

  if @user.update_attributes(params.require(:user).permit([:password, :password_confirmation]))
    flash[:notice] = 'Password successfuly changed.'
    redirect_to root_path
  else
    render 'password_reset.html.erb'
  end
end

- (Object) set_user (private)



148
149
150
151
152
153
# File 'app/controllers/users_controller.rb', line 148

def set_user
  own_id = (params[:id].to_i == sessions_current_user_id)

  @user = User.find((is_superuser? || own_id) ? params[:id] : nil)
  @recent_object = @user 
end

- (Object) show

GET /users/:id



21
22
# File 'app/controllers/users_controller.rb', line 21

def show
end

- (Object) update

PATCH or PUT /users/:id



43
44
45
46
47
48
49
50
51
52
53
54
55
56
# File 'app/controllers/users_controller.rb', line 43

def update
  respond_to do |format|
    if @user.update_attributes(user_params)
      format.html do
        flash[:success] = 'Changes to your account information have been saved.'
        redirect_to @user
      end
      format.json { render :show, location: @user }
    else
      format.html { render 'edit' }
      format.json { render json: @user.errors, status: :unprocessable_entity }
    end
  end
end

- (Object) user_params (private)



133
134
135
136
137
138
139
140
141
142
143
144
145
146
# File 'app/controllers/users_controller.rb', line 133

def user_params
  # TODO: revisit authorization of specific field settings
  basic = [
    :name,
    :email,
    :password,
    :password_confirmation,
    :set_new_api_access_token] 

  basic += [:is_project_administrator, :is_flagged_for_password_reset] if is_superuser?
  basic += [:is_administrator] if is_administrator?

  params.require(:user).permit(basic, User.key_value_preferences, User.array_preferences, User.hash_preferences)
end