Class: UsersController

Inherits:
ApplicationController show all
Defined in:
app/controllers/users_controller.rb

Constant Summary

Constants included from ProjectsHelper

ProjectsHelper::CLASSIFIER, ProjectsHelper::CLASSIFIER_ANNOTATION

Instance Method Summary collapse

Methods included from RedirectHelper

#destroy_redirect

Methods included from RequestType

#json_request?

Methods included from LogRecent

#log_user_recent_route

Methods included from Cookies

#digest_cookie, #digested_cookie_exists?

Methods included from Whitelist

#whitelist_constantize

Methods included from ProjectsHelper

#cumulative_gb_per_year, #document_cumulative_gb_per_year, #document_gb_per_year, #gb_per_year, #image_cumulative_gb_per_year, #image_gb_per_year, #invalid_object, #project_classification, #project_link, #project_matches, #project_tag, #projects_list, #projects_search_form, #taxonworks_classification, #week_in_review_graphs

Methods included from Api::Intercept

#intercept_api

Methods included from TokenAuthentication

#intercept_project, #intercept_user, #intercept_user_or_project, #project_token_authenticate, #token_authenticate

Instance Method Details

#autocompleteObject



147
148
149
# File 'app/controllers/users_controller.rb', line 147

def autocomplete
  @users = Queries::User::Autocomplete.new(params.require(:term)).autocomplete
end

#batch_createObject



151
152
153
154
155
156
157
158
159
160
161
# File 'app/controllers/users_controller.rb', line 151

def batch_create
  @users = User.batch_create(
    users: params[:users],
    create_api_token: params[:create_api_token],
    is_administrator: params[:is_administrator],
    project_id: params[:project_id],
    created_by: sessions_current_user_id
  )

  render '/tasks/administrator/batch_add_users/index'
end

#createObject

POST /users



29
30
31
32
33
34
35
36
37
38
39
40
# File 'app/controllers/users_controller.rb', line 29

def create
  @user = User.new(user_params)
  @user.is_flagged_for_password_reset = is_superuser?

  if @user.save
    flash[:success] = "User #{@user.email} successfully created."
    # TODO: Email the user their information.
    redirect_to root_path
  else
    render 'new'
  end
end

#dataObject



163
164
165
166
167
# File 'app/controllers/users_controller.rb', line 163

def data
  weeks_ago = params[:weeks_ago]
  @weeks_ago = weeks_ago =~ (/\A\d+\z/) ? weeks_ago : nil
  @target = params[:target]&.to_sym || :created
end

#destroyObject

DELETE /users/:id



59
60
61
62
63
# File 'app/controllers/users_controller.rb', line 59

def destroy
  User.find(params[:id]).destroy
  flash[:success] = 'Account has been deleted.'
  redirect_to root_url
end

#editObject

GET /users/:id/edit



25
26
# File 'app/controllers/users_controller.rb', line 25

def edit
end

#forgot_passwordObject

GET /forgot_password



66
67
# File 'app/controllers/users_controller.rb', line 66

def forgot_password
end

#indexObject

GET /users



11
12
13
# File 'app/controllers/users_controller.rb', line 11

def index
  @users = User.all.order(:name, :email)
end

#newObject

GET /signup



16
17
18
# File 'app/controllers/users_controller.rb', line 16

def new
  @user = User.new
end

#password_resetObject

GET /password_reset



97
98
99
100
# File 'app/controllers/users_controller.rb', line 97

def password_reset
  @user = User.find_by_password_reset_token(Utilities::RandomToken.digest(params[:token]))
  render 'invalid_token' unless @user && @user.password_reset_token_date > 1.day.ago
end

#preferencesObject



126
127
128
129
# File 'app/controllers/users_controller.rb', line 126

def preferences
  @user = sessions_current_user
  redirect_to hub_path and return if @user.nil?
end

#recently_createdObject



121
122
# File 'app/controllers/users_controller.rb', line 121

def recently_created
end

#reset_hub_favoritesObject



139
140
141
142
143
144
145
# File 'app/controllers/users_controller.rb', line 139

def reset_hub_favorites
  @user = sessions_current_user
  redirect_to hub_path and return if @user.nil?
  @user.reset_hub_favorites(sessions_current_project_id)
  @user.save!
  redirect_to user_path(@user)
end

#reset_preferencesObject



131
132
133
134
135
136
137
# File 'app/controllers/users_controller.rb', line 131

def reset_preferences
  @user = sessions_current_user
  redirect_to hub_path and return if @user.nil?
  @user.reset_preferences
  @user.save!
  redirect_to user_path(@user)
end

#send_password_resetObject

POST /send_password_reset



70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
# File 'app/controllers/users_controller.rb', line 70

def send_password_reset
  if params[:email]
    user = User.find_by_email(params[:email].downcase)
  end

  if user.nil?
    redirect_to :forgot_password

    if params[:email].blank?
      flash[:alert] = 'No e-mail was given'
    else
      flash[:alert] = 'The supplied e-mail does not belong to a registered user'
    end
  else
    token = user.generate_password_reset_token
    Current.user_id = user.id
    user.save
    begin
      UserMailer.password_reset_email(user, token).deliver_now
    rescue
      redirect_to :forgot_password
      flash[:alert] = 'Failed to send e-mail. Please try again in a few minutes.'
    end
  end
end

#set_passwordObject

PATCH /set_password



103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
# File 'app/controllers/users_controller.rb', line 103

def set_password
  @user = User.find_by_password_reset_token!(Utilities::RandomToken.digest(params[:token]))

  Current.user_id = @user.id #  WHY?

  @user.require_password_presence

  @user.password_reset_token = nil
  @user.is_flagged_for_password_reset = false

  if @user.update(params.require(:user).permit([:password, :password_confirmation]))
    flash[:notice] = 'Password successfuly changed.'
    redirect_to root_path
  else
    render 'password_reset'
  end
end

#set_userObject (private)



187
188
189
190
191
192
# File 'app/controllers/users_controller.rb', line 187

def set_user
  own_id = (params[:id].to_i == sessions_current_user_id)

  @user = User.find((is_administrator? || own_id) ? params[:id] : nil)
  @recent_object = @user
end

#showObject

GET /users/:id



21
22
# File 'app/controllers/users_controller.rb', line 21

def show
end

#updateObject

PATCH or PUT /users/:id



43
44
45
46
47
48
49
50
51
52
53
54
55
56
# File 'app/controllers/users_controller.rb', line 43

def update
  respond_to do |format|
    if @user.update(user_params)
      format.html do
        flash[:success] = 'Changes to your account information have been saved.'
        redirect_to @user
      end
      format.json { render :show, location: @user }
    else
      format.html { render 'edit' }
      format.json { render json: @user.errors, status: :unprocessable_entity }
    end
  end
end

#user_paramsObject (private)



171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
# File 'app/controllers/users_controller.rb', line 171

def user_params
  # TODO: revisit authorization of specific field settings
  basic = [
    :name,
    :email,
    :person_id,
    :password,
    :password_confirmation,
    :set_new_api_access_token]

  basic += [:is_project_administrator, :is_flagged_for_password_reset] if is_superuser?
  basic += [:is_administrator] if is_administrator?

  params.require(:user).permit(basic, User.key_value_preferences, User.array_preferences, User.hash_preferences)
end