Mercurial > hg > soundsoftware-site

annotate app/controllers/users_controller.rb @ 126:11e93d30115a cannam

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Make repo-to-be-created text a label string, and make it a bit more helpful
author Chris Cannam <chris.cannam@soundsoftware.ac.uk>
date Wed, 19 Jan 2011 12:41:34 +0000
parents cd2282d2aa55
children 5e974759e8b2
rev   line source
Chris@0 1 # Redmine - project management software
Chris@117 2 # Copyright (C) 2006-2010 Jean-Philippe Lang
Chris@0 3 #
Chris@0 4 # This program is free software; you can redistribute it and/or
Chris@0 5 # modify it under the terms of the GNU General Public License
Chris@0 6 # as published by the Free Software Foundation; either version 2
Chris@0 7 # of the License, or (at your option) any later version.
Chris@0 8 #
Chris@0 9 # This program is distributed in the hope that it will be useful,
Chris@0 10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
Chris@0 11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
Chris@0 12 # GNU General Public License for more details.
Chris@0 13 #
Chris@0 14 # You should have received a copy of the GNU General Public License
Chris@0 15 # along with this program; if not, write to the Free Software
Chris@0 16 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
Chris@0 17
Chris@0 18 class UsersController < ApplicationController
Chris@0 19 layout 'admin'
Chris@0 20
Chris@0 21 before_filter :require_admin, :except => :show
Chris@117 22 before_filter :find_user, :only => [:show, :edit, :update, :edit_membership, :destroy_membership]
Chris@117 23 accept_key_auth :index, :show, :create, :update
Chris@0 24
Chris@0 25 helper :sort
Chris@0 26 include SortHelper
Chris@0 27 helper :custom_fields
Chris@0 28 include CustomFieldsHelper
Chris@0 29
Chris@0 30 def index
Chris@0 31 sort_init 'login', 'asc'
Chris@0 32 sort_update %w(login firstname lastname mail admin created_on last_login_on)
Chris@0 33
Chris@117 34 case params[:format]
Chris@117 35 when 'xml', 'json'
Chris@117 36 @offset, @limit = api_offset_and_limit
Chris@117 37 else
Chris@117 38 @limit = per_page_option
Chris@117 39 end
Chris@117 40
Chris@0 41 @status = params[:status] ? params[:status].to_i : 1
Chris@0 42 c = ARCondition.new(@status == 0 ? "status <> 0" : ["status = ?", @status])
Chris@0 43
Chris@0 44 unless params[:name].blank?
Chris@0 45 name = "%#{params[:name].strip.downcase}%"
Chris@0 46 c << ["LOWER(login) LIKE ? OR LOWER(firstname) LIKE ? OR LOWER(lastname) LIKE ? OR LOWER(mail) LIKE ?", name, name, name, name]
Chris@0 47 end
Chris@0 48
Chris@0 49 @user_count = User.count(:conditions => c.conditions)
Chris@117 50 @user_pages = Paginator.new self, @user_count, @limit, params['page']
Chris@117 51 @offset ||= @user_pages.current.offset
Chris@117 52 @users = User.find :all,
Chris@117 53 :order => sort_clause,
Chris@0 54 :conditions => c.conditions,
Chris@117 55 :limit => @limit,
Chris@117 56 :offset => @offset
Chris@0 57
Chris@117 58 respond_to do |format|
Chris@117 59 format.html { render :layout => !request.xhr? }
Chris@117 60 format.api
Chris@117 61 end
Chris@0 62 end
Chris@0 63
Chris@0 64 def show
luisf@92 65
luisf@92 66 if @user.ssamr_user_detail != nil
luisf@92 67 @description = @user.ssamr_user_detail.description
luisf@92 68 end
chris@37 69
Chris@14 70 # show projects based on current user visibility
Chris@14 71 @memberships = @user.memberships.all(:conditions => Project.visible_by(User.current))
Chris@0 72
Chris@0 73 events = Redmine::Activity::Fetcher.new(User.current, :author => @user).events(nil, nil, :limit => 10)
Chris@0 74 @events_by_day = events.group_by(&:event_date)
Chris@0 75
Chris@0 76 unless User.current.admin?
Chris@0 77 if !@user.active? || (@user != User.current && @memberships.empty? && events.empty?)
Chris@0 78 render_404
Chris@0 79 return
Chris@0 80 end
Chris@0 81 end
Chris@117 82
Chris@117 83 respond_to do |format|
Chris@117 84 format.html { render :layout => 'base' }
Chris@117 85 format.api
Chris@117 86 end
Chris@0 87 end
Chris@0 88
luisf@61 89 def new
Chris@117 90 @user = User.new(:language => Setting.default_language, :mail_notification => Setting.default_notification_option)
chris@37 91 @auth_sources = AuthSource.find(:all)
luisf@60 92
luisf@60 93 @ssamr_user_details = SsamrUserDetail.new
luisf@61 94
chris@37 95 end
chris@37 96
chris@37 97 verify :method => :post, :only => :create, :render => {:nothing => true, :status => :method_not_allowed }
chris@37 98 def create
Chris@117 99 @user = User.new(:language => Setting.default_language, :mail_notification => Setting.default_notification_option)
Chris@117 100 @user.safe_attributes = params[:user]
luisf@60 101 @user = User.new(params[:user])
chris@37 102 @user.admin = params[:user][:admin] || false
chris@37 103 @user.login = params[:user][:login]
Chris@117 104 @user.password, @user.password_confirmation = params[:user][:password], params[:user][:password_confirmation] unless @user.auth_source_id
chris@37 105
chris@37 106 # TODO: Similar to My#account
chris@37 107 @user.pref.attributes = params[:pref]
chris@37 108 @user.pref[:no_self_notified] = (params[:no_self_notified] == '1')
chris@37 109
luisf@61 110 @ssamr_user_details = SsamrUserDetail.new(params[:ssamr_user_details])
luisf@61 111
luisf@61 112 # associates the 2 objects
luisf@61 113 @user.ssamr_user_detail = @ssamr_user_details
luisf@61 114
chris@37 115 if @user.save
chris@37 116 @user.pref.save
luisf@61 117
luisf@60 118 @ssamr_user_details.save!
luisf@60 119
chris@37 120
Chris@117 121 Mailer.deliver_account_information(@user, params[:user][:password]) if params[:send_information]
Chris@117 122
Chris@117 123 respond_to do |format|
Chris@117 124 format.html {
Chris@117 125 flash[:notice] = l(:notice_successful_create)
Chris@117 126 redirect_to(params[:continue] ?
Chris@117 127 {:controller => 'users', :action => 'new'} :
Chris@117 128 {:controller => 'users', :action => 'edit', :id => @user}
Chris@117 129 )
Chris@117 130 }
Chris@117 131 format.api { render :action => 'show', :status => :created, :location => user_url(@user) }
Chris@117 132 end
Chris@0 133 else
chris@37 134 @auth_sources = AuthSource.find(:all)
Chris@117 135 # Clear password input
Chris@117 136 @user.password = @user.password_confirmation = nil
chris@37 137
Chris@117 138 respond_to do |format|
Chris@117 139 format.html { render :action => 'new' }
Chris@117 140 format.api { render_validation_errors(@user) }
Chris@117 141 end
Chris@0 142 end
Chris@0 143 end
Chris@0 144
Chris@0 145 def edit
luisf@55 146
luisf@60 147 @ssamr_user_details = @user.ssamr_user_detail
luisf@60 148
Chris@0 149 @auth_sources = AuthSource.find(:all)
Chris@0 150 @membership ||= Member.new
chris@37 151 end
chris@37 152
chris@37 153 verify :method => :put, :only => :update, :render => {:nothing => true, :status => :method_not_allowed }
chris@37 154 def update
chris@37 155 @user.admin = params[:user][:admin] if params[:user][:admin]
chris@37 156 @user.login = params[:user][:login] if params[:user][:login]
Chris@117 157 if params[:user][:password].present? && (@user.auth_source_id.nil? || params[:user][:auth_source_id].blank?)
Chris@117 158 @user.password, @user.password_confirmation = params[:user][:password], params[:user][:password_confirmation]
chris@37 159 end
Chris@117 160 @user.safe_attributes = params[:user]
chris@37 161 # Was the account actived ? (do it before User#save clears the change)
chris@37 162 was_activated = (@user.status_change == [User::STATUS_REGISTERED, User::STATUS_ACTIVE])
chris@37 163 # TODO: Similar to My#account
chris@37 164 @user.pref.attributes = params[:pref]
chris@37 165 @user.pref[:no_self_notified] = (params[:no_self_notified] == '1')
chris@37 166
luisf@92 167 if @user.ssamr_user_detail == nil
luisf@92 168 @ssamr_user_details = SsamrUserDetail.new()
luisf@92 169 @user.ssamr_user_detail = @ssamr_user_details
luisf@92 170 else
luisf@92 171 @ssamr_user_details = @user.ssamr_user_detail
luisf@92 172 end
luisf@92 173
luisf@92 174
luisf@63 175 if params[:ssamr_user_details].nil? or params[:ssamr_user_details].empty?
luisf@63 176 @ssamr_user_details.description = @user.ssamr_user_detail.description
luisf@63 177 else
luisf@63 178 @ssamr_user_details.description = params[:ssamr_user_details][:description]
luisf@63 179 @ssamr_user_details.save!
luisf@63 180 end
luisf@63 181
chris@37 182 if @user.save
chris@37 183 @user.pref.save
Chris@117 184 @user.notified_project_ids = (@user.mail_notification == 'selected' ? params[:notified_project_ids] : [])
chris@37 185
chris@37 186 if was_activated
chris@37 187 Mailer.deliver_account_activated(@user)
Chris@117 188 elsif @user.active? && params[:send_information] && !params[:user][:password].blank? && @user.auth_source_id.nil?
Chris@117 189 Mailer.deliver_account_information(@user, params[:user][:password])
chris@37 190 end
Chris@117 191
Chris@117 192 respond_to do |format|
Chris@117 193 format.html {
Chris@117 194 flash[:notice] = l(:notice_successful_update)
Chris@117 195 redirect_to :back
Chris@117 196 }
Chris@117 197 format.api { head :ok }
Chris@117 198 end
chris@37 199 else
chris@37 200 @auth_sources = AuthSource.find(:all)
chris@37 201 @membership ||= Member.new
Chris@117 202 # Clear password input
Chris@117 203 @user.password = @user.password_confirmation = nil
chris@37 204
Chris@117 205 respond_to do |format|
Chris@117 206 format.html { render :action => :edit }
Chris@117 207 format.api { render_validation_errors(@user) }
Chris@117 208 end
chris@37 209 end
Chris@0 210 rescue ::ActionController::RedirectBackError
Chris@0 211 redirect_to :controller => 'users', :action => 'edit', :id => @user
Chris@0 212 end
chris@37 213
Chris@0 214 def edit_membership
Chris@0 215 @membership = Member.edit_membership(params[:membership_id], params[:membership], @user)
Chris@0 216 @membership.save if request.post?
Chris@0 217 respond_to do |format|
Chris@14 218 if @membership.valid?
Chris@14 219 format.html { redirect_to :controller => 'users', :action => 'edit', :id => @user, :tab => 'memberships' }
Chris@14 220 format.js {
Chris@14 221 render(:update) {|page|
Chris@14 222 page.replace_html "tab-content-memberships", :partial => 'users/memberships'
Chris@14 223 page.visual_effect(:highlight, "member-#{@membership.id}")
Chris@14 224 }
Chris@14 225 }
Chris@14 226 else
Chris@14 227 format.js {
Chris@14 228 render(:update) {|page|
Chris@14 229 page.alert(l(:notice_failed_to_save_members, :errors => @membership.errors.full_messages.join(', ')))
Chris@14 230 }
Chris@14 231 }
Chris@14 232 end
Chris@14 233 end
Chris@0 234 end
Chris@0 235
Chris@0 236 def destroy_membership
Chris@0 237 @membership = Member.find(params[:membership_id])
Chris@0 238 if request.post? && @membership.deletable?
Chris@0 239 @membership.destroy
Chris@0 240 end
Chris@0 241 respond_to do |format|
Chris@0 242 format.html { redirect_to :controller => 'users', :action => 'edit', :id => @user, :tab => 'memberships' }
Chris@0 243 format.js { render(:update) {|page| page.replace_html "tab-content-memberships", :partial => 'users/memberships'} }
Chris@0 244 end
Chris@0 245 end
Chris@117 246
Chris@117 247 private
Chris@117 248
Chris@117 249 def find_user
Chris@117 250 if params[:id] == 'current'
Chris@117 251 require_login || return
Chris@117 252 @user = User.current
Chris@117 253 else
Chris@117 254 @user = User.find(params[:id])
Chris@117 255 end
Chris@117 256 rescue ActiveRecord::RecordNotFound
Chris@117 257 render_404
Chris@117 258 end
Chris@0 259 end