Class: UsersController
- Inherits:
-
ApplicationController
- Object
- ActionController::Base
- ApplicationController
- UsersController
- Defined in:
- app/controllers/users_controller.rb
Instance Method Summary collapse
- #autocomplete ⇒ Object
- #batch_create ⇒ Object
-
#create ⇒ Object
POST /users.
-
#destroy ⇒ Object
DELETE /users/:id.
-
#edit ⇒ Object
GET /users/:id/edit.
-
#forgot_password ⇒ Object
GET /forgot_password.
-
#index ⇒ Object
GET /users.
-
#new ⇒ Object
GET /signup.
-
#password_reset ⇒ Object
GET /password_reset.
- #preferences ⇒ Object
- #recently_created ⇒ Object
- #recently_created_stats ⇒ Object
-
#send_password_reset ⇒ Object
POST /send_password_reset.
-
#set_password ⇒ Object
PATCH /set_password.
- #set_user ⇒ Object private
-
#show ⇒ Object
GET /users/:id.
-
#update ⇒ Object
PATCH or PUT /users/:id.
- #user_params ⇒ Object private
Methods included from RedirectHelper
Methods included from RequestType
Methods included from LogRecent
Methods included from Cookies
#digest_cookie, #digested_cookie_exists?
Methods included from Whitelist
Methods included from Api::Intercept
Methods included from TokenAuthentication
#intercept_project, #intercept_user, #intercept_user_or_project, #project_token_authenticate, #token_authenticate
Instance Method Details
#autocomplete ⇒ Object
133 134 135 |
# File 'app/controllers/users_controller.rb', line 133 def autocomplete @users = Queries::User::Autocomplete.new(params.require(:term)).autocomplete end |
#batch_create ⇒ Object
137 138 139 140 141 142 143 144 145 146 147 |
# File 'app/controllers/users_controller.rb', line 137 def batch_create @users = User.batch_create( users: params[:users], create_api_token: params[:create_api_token], is_administrator: params[:is_administrator], project_id: params[:project_id], created_by: sessions_current_user_id ) render '/tasks/administrator/batch_add_users/index' end |
#create ⇒ Object
POST /users
29 30 31 32 33 34 35 36 37 38 39 40 |
# File 'app/controllers/users_controller.rb', line 29 def create @user = User.new(user_params) @user.is_flagged_for_password_reset = is_superuser? if @user.save flash[:success] = "User #{@user.email} successfully created." # TODO: Email the user their information. redirect_to root_path else render 'new' end end |
#destroy ⇒ Object
DELETE /users/:id
59 60 61 62 63 |
# File 'app/controllers/users_controller.rb', line 59 def destroy User.find(params[:id]).destroy flash[:success] = 'Account has been deleted.' redirect_to root_url end |
#edit ⇒ Object
GET /users/:id/edit
25 26 |
# File 'app/controllers/users_controller.rb', line 25 def edit end |
#forgot_password ⇒ Object
GET /forgot_password
66 67 |
# File 'app/controllers/users_controller.rb', line 66 def forgot_password end |
#index ⇒ Object
GET /users
11 12 13 |
# File 'app/controllers/users_controller.rb', line 11 def index @users = User.all.order(:name, :email) end |
#new ⇒ Object
GET /signup
16 17 18 |
# File 'app/controllers/users_controller.rb', line 16 def new @user = User.new end |
#password_reset ⇒ Object
GET /password_reset
97 98 99 100 |
# File 'app/controllers/users_controller.rb', line 97 def password_reset @user = User.find_by_password_reset_token(Utilities::RandomToken.digest(params[:token])) render 'invalid_token' unless @user && @user.password_reset_token_date > 1.day.ago end |
#preferences ⇒ Object
128 129 130 131 |
# File 'app/controllers/users_controller.rb', line 128 def preferences @user = sessions_current_user redirect_to hub_path and return if @user.nil? end |
#recently_created ⇒ Object
121 122 |
# File 'app/controllers/users_controller.rb', line 121 def recently_created end |
#recently_created_stats ⇒ Object
124 125 126 |
# File 'app/controllers/users_controller.rb', line 124 def recently_created_stats render json: @user.data_breakdown_for_chartkick_recent end |
#send_password_reset ⇒ Object
POST /send_password_reset
70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 |
# File 'app/controllers/users_controller.rb', line 70 def send_password_reset if params[:email] user = User.find_by_email(params[:email].downcase) end if user.nil? redirect_to :forgot_password if params[:email].blank? flash[:alert] = 'No e-mail was given' else flash[:alert] = 'The supplied e-mail does not belong to a registered user' end else token = user.generate_password_reset_token Current.user_id = user.id user.save begin UserMailer.password_reset_email(user, token).deliver_now rescue redirect_to :forgot_password flash[:alert] = 'Failed to send e-mail. Please try again in a few minutes.' end end end |
#set_password ⇒ Object
PATCH /set_password
103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 |
# File 'app/controllers/users_controller.rb', line 103 def set_password @user = User.find_by_password_reset_token!(Utilities::RandomToken.digest(params[:token])) Current.user_id = @user.id # WHY? @user.require_password_presence @user.password_reset_token = nil @user.is_flagged_for_password_reset = false if @user.update(params.require(:user).permit([:password, :password_confirmation])) flash[:notice] = 'Password successfuly changed.' redirect_to root_path else render 'password_reset' end end |
#set_user ⇒ Object (private)
167 168 169 170 171 172 |
# File 'app/controllers/users_controller.rb', line 167 def set_user own_id = (params[:id].to_i == sessions_current_user_id) @user = User.find((is_superuser? || own_id) ? params[:id] : nil) @recent_object = @user end |
#show ⇒ Object
GET /users/:id
21 22 |
# File 'app/controllers/users_controller.rb', line 21 def show end |
#update ⇒ Object
PATCH or PUT /users/:id
43 44 45 46 47 48 49 50 51 52 53 54 55 56 |
# File 'app/controllers/users_controller.rb', line 43 def update respond_to do |format| if @user.update(user_params) format.html do flash[:success] = 'Changes to your account information have been saved.' redirect_to @user end format.json { render :show, location: @user } else format.html { render 'edit' } format.json { render json: @user.errors, status: :unprocessable_entity } end end end |
#user_params ⇒ Object (private)
151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 |
# File 'app/controllers/users_controller.rb', line 151 def user_params # TODO: revisit authorization of specific field settings basic = [ :name, :email, :person_id, :password, :password_confirmation, :set_new_api_access_token] basic += [:is_project_administrator, :is_flagged_for_password_reset] if is_superuser? basic += [:is_administrator] if is_administrator? params.require(:user).permit(basic, User.key_value_preferences, User.array_preferences, User.hash_preferences) end |