Mercurial > hg > soundsoftware-site

annotate app/controllers/users_controller.rb @ 1471:d65e60e20a50 bug_531

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Close obsolete branch bug_531
author Chris Cannam
date Fri, 23 Nov 2012 18:10:33 +0000
parents 5e80956cc792
children bb32da3bea34 875b5b4c574d
rev   line source
Chris@0 1 # Redmine - project management software
Chris@441 2 # Copyright (C) 2006-2011 Jean-Philippe Lang
Chris@0 3 #
Chris@0 4 # This program is free software; you can redistribute it and/or
Chris@0 5 # modify it under the terms of the GNU General Public License
Chris@0 6 # as published by the Free Software Foundation; either version 2
Chris@0 7 # of the License, or (at your option) any later version.
Chris@909 8 #
Chris@0 9 # This program is distributed in the hope that it will be useful,
Chris@0 10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
Chris@0 11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
Chris@0 12 # GNU General Public License for more details.
Chris@909 13 #
Chris@0 14 # You should have received a copy of the GNU General Public License
Chris@0 15 # along with this program; if not, write to the Free Software
Chris@0 16 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
Chris@0 17
Chris@0 18 class UsersController < ApplicationController
Chris@0 19 layout 'admin'
Chris@909 20
Chris@0 21 before_filter :require_admin, :except => :show
Chris@128 22 before_filter :find_user, :only => [:show, :edit, :update, :destroy, :edit_membership, :destroy_membership]
Chris@507 23 accept_api_auth :index, :show, :create, :update, :destroy
Chris@0 24
Chris@0 25 helper :sort
Chris@0 26 include SortHelper
Chris@0 27 helper :custom_fields
Chris@909 28 include CustomFieldsHelper
Chris@0 29
Chris@0 30 def index
Chris@0 31 sort_init 'login', 'asc'
Chris@0 32 sort_update %w(login firstname lastname mail admin created_on last_login_on)
Chris@909 33
Chris@117 34 case params[:format]
Chris@117 35 when 'xml', 'json'
Chris@117 36 @offset, @limit = api_offset_and_limit
Chris@117 37 else
Chris@117 38 @limit = per_page_option
Chris@117 39 end
Chris@909 40
Chris@441 41 scope = User
Chris@441 42 scope = scope.in_group(params[:group_id].to_i) if params[:group_id].present?
Chris@909 43
Chris@0 44 @status = params[:status] ? params[:status].to_i : 1
Chris@0 45 c = ARCondition.new(@status == 0 ? "status <> 0" : ["status = ?", @status])
Chris@0 46
Chris@0 47 unless params[:name].blank?
Chris@0 48 name = "%#{params[:name].strip.downcase}%"
Chris@0 49 c << ["LOWER(login) LIKE ? OR LOWER(firstname) LIKE ? OR LOWER(lastname) LIKE ? OR LOWER(mail) LIKE ?", name, name, name, name]
Chris@0 50 end
Chris@909 51
Chris@441 52 @user_count = scope.count(:conditions => c.conditions)
Chris@117 53 @user_pages = Paginator.new self, @user_count, @limit, params['page']
Chris@117 54 @offset ||= @user_pages.current.offset
Chris@441 55 @users = scope.find :all,
Chris@117 56 :order => sort_clause,
Chris@0 57 :conditions => c.conditions,
Chris@117 58 :limit => @limit,
Chris@117 59 :offset => @offset
Chris@0 60
Chris@441 61 respond_to do |format|
Chris@441 62 format.html {
Chris@441 63 @groups = Group.all.sort
Chris@441 64 render :layout => !request.xhr?
Chris@441 65 }
Chris@117 66 format.api
Chris@441 67 end
Chris@0 68 end
Chris@909 69
Chris@0 70 def show
luisf@92 71
luisf@92 72 if @user.ssamr_user_detail != nil
luisf@92 73 @description = @user.ssamr_user_detail.description
luisf@160 74
luisf@160 75 if @user.ssamr_user_detail.institution_type != nil
luisf@160 76 # institution_type is true for listed institutions
luisf@160 77 if (@user.ssamr_user_detail.institution_type)
luisf@160 78 @institution_name = Institution.find(@user.ssamr_user_detail.institution_id).name
luisf@160 79 else
luisf@160 80 @institution_name = @user.ssamr_user_detail.other_institution
luisf@160 81 end
luisf@104 82 end
luisf@92 83 end
chris@37 84
Chris@14 85 # show projects based on current user visibility
Chris@441 86 @memberships = @user.memberships.all(:conditions => Project.visible_condition(User.current))
Chris@909 87
Chris@0 88 events = Redmine::Activity::Fetcher.new(User.current, :author => @user).events(nil, nil, :limit => 10)
Chris@0 89 @events_by_day = events.group_by(&:event_date)
Chris@909 90
Chris@0 91 unless User.current.admin?
Chris@0 92 if !@user.active? || (@user != User.current && @memberships.empty? && events.empty?)
Chris@0 93 render_404
Chris@0 94 return
Chris@0 95 end
Chris@0 96 end
Chris@909 97
Chris@117 98 respond_to do |format|
Chris@117 99 format.html { render :layout => 'base' }
Chris@117 100 format.api
Chris@117 101 end
Chris@0 102 end
Chris@0 103
luisf@61 104 def new
Chris@117 105 @user = User.new(:language => Setting.default_language, :mail_notification => Setting.default_notification_option)
chris@37 106 @auth_sources = AuthSource.find(:all)
luisf@60 107
luisf@60 108 @ssamr_user_details = SsamrUserDetail.new
chris@37 109 end
Chris@909 110
chris@37 111 verify :method => :post, :only => :create, :render => {:nothing => true, :status => :method_not_allowed }
chris@37 112 def create
Chris@117 113 @user = User.new(:language => Setting.default_language, :mail_notification => Setting.default_notification_option)
Chris@117 114 @user.safe_attributes = params[:user]
luisf@60 115 @user = User.new(params[:user])
chris@37 116 @user.admin = params[:user][:admin] || false
chris@37 117 @user.login = params[:user][:login]
Chris@117 118 @user.password, @user.password_confirmation = params[:user][:password], params[:user][:password_confirmation] unless @user.auth_source_id
chris@37 119
chris@37 120 # TODO: Similar to My#account
chris@37 121 @user.pref.attributes = params[:pref]
chris@37 122 @user.pref[:no_self_notified] = (params[:no_self_notified] == '1')
chris@37 123
luisf@61 124 @ssamr_user_details = SsamrUserDetail.new(params[:ssamr_user_details])
luisf@61 125
luisf@61 126 # associates the 2 objects
luisf@61 127 @user.ssamr_user_detail = @ssamr_user_details
luisf@61 128
chris@37 129 if @user.save
chris@37 130 @user.pref.save
luisf@61 131
luisf@60 132 @ssamr_user_details.save!
luisf@60 133
chris@37 134
Chris@117 135 Mailer.deliver_account_information(@user, params[:user][:password]) if params[:send_information]
Chris@909 136
Chris@117 137 respond_to do |format|
Chris@117 138 format.html {
Chris@117 139 flash[:notice] = l(:notice_successful_create)
Chris@909 140 redirect_to(params[:continue] ?
Chris@909 141 {:controller => 'users', :action => 'new'} :
Chris@117 142 {:controller => 'users', :action => 'edit', :id => @user}
Chris@117 143 )
Chris@117 144 }
Chris@117 145 format.api { render :action => 'show', :status => :created, :location => user_url(@user) }
Chris@117 146 end
Chris@0 147 else
chris@37 148 @auth_sources = AuthSource.find(:all)
Chris@117 149 # Clear password input
Chris@117 150 @user.password = @user.password_confirmation = nil
chris@37 151
Chris@117 152 respond_to do |format|
Chris@117 153 format.html { render :action => 'new' }
Chris@117 154 format.api { render_validation_errors(@user) }
Chris@117 155 end
Chris@0 156 end
Chris@0 157 end
Chris@0 158
Chris@0 159 def edit
luisf@55 160
luisf@60 161 @ssamr_user_details = @user.ssamr_user_detail
luisf@161 162
luisf@185 163 if @user.ssamr_user_detail == nil
luisf@185 164 @selected_institution_id = nil
luisf@185 165 else
luisf@185 166 @selected_institution_id = @user.ssamr_user_detail.institution_id.to_i
luisf@185 167 end
luisf@60 168
Chris@0 169 @auth_sources = AuthSource.find(:all)
Chris@0 170 @membership ||= Member.new
chris@37 171 end
Chris@909 172
chris@37 173 verify :method => :put, :only => :update, :render => {:nothing => true, :status => :method_not_allowed }
chris@37 174 def update
chris@37 175 @user.admin = params[:user][:admin] if params[:user][:admin]
chris@37 176 @user.login = params[:user][:login] if params[:user][:login]
Chris@117 177 if params[:user][:password].present? && (@user.auth_source_id.nil? || params[:user][:auth_source_id].blank?)
Chris@117 178 @user.password, @user.password_confirmation = params[:user][:password], params[:user][:password_confirmation]
chris@37 179 end
Chris@117 180 @user.safe_attributes = params[:user]
chris@37 181 # Was the account actived ? (do it before User#save clears the change)
chris@37 182 was_activated = (@user.status_change == [User::STATUS_REGISTERED, User::STATUS_ACTIVE])
chris@37 183 # TODO: Similar to My#account
chris@37 184 @user.pref.attributes = params[:pref]
chris@37 185 @user.pref[:no_self_notified] = (params[:no_self_notified] == '1')
chris@37 186
luisf@92 187 if @user.ssamr_user_detail == nil
luisf@92 188 @ssamr_user_details = SsamrUserDetail.new()
luisf@92 189 @user.ssamr_user_detail = @ssamr_user_details
luisf@92 190 else
luisf@92 191 @ssamr_user_details = @user.ssamr_user_detail
luisf@92 192 end
luisf@108 193
luisf@63 194 if params[:ssamr_user_details].nil? or params[:ssamr_user_details].empty?
luisf@63 195 @ssamr_user_details.description = @user.ssamr_user_detail.description
luisf@108 196 @ssamr_user_details.institution_id = @user.ssamr_user_detail.institution_id
luisf@158 197 @ssamr_user_details.other_institution = @user.ssamr_user_detail.other_institution
luisf@158 198 @ssamr_user_details.institution_type = @user.ssamr_user_detail.institution_type
luisf@158 199
luisf@63 200 else
luisf@63 201 @ssamr_user_details.description = params[:ssamr_user_details][:description]
luisf@108 202 @ssamr_user_details.institution_id = params[:ssamr_user_details][:institution_id]
luisf@158 203 @ssamr_user_details.other_institution = params[:ssamr_user_details][:other_institution]
luisf@158 204 @ssamr_user_details.institution_type = params[:ssamr_user_details][:institution_type]
luisf@63 205 end
luisf@63 206
chris@37 207 if @user.save
chris@37 208 @user.pref.save
Chris@117 209 @user.notified_project_ids = (@user.mail_notification == 'selected' ? params[:notified_project_ids] : [])
chris@37 210
chris@37 211 if was_activated
chris@37 212 Mailer.deliver_account_activated(@user)
Chris@117 213 elsif @user.active? && params[:send_information] && !params[:user][:password].blank? && @user.auth_source_id.nil?
Chris@117 214 Mailer.deliver_account_information(@user, params[:user][:password])
chris@37 215 end
Chris@909 216
Chris@117 217 respond_to do |format|
Chris@117 218 format.html {
Chris@117 219 flash[:notice] = l(:notice_successful_update)
Chris@117 220 redirect_to :back
Chris@117 221 }
Chris@117 222 format.api { head :ok }
Chris@117 223 end
chris@37 224 else
chris@37 225 @auth_sources = AuthSource.find(:all)
chris@37 226 @membership ||= Member.new
Chris@117 227 # Clear password input
Chris@117 228 @user.password = @user.password_confirmation = nil
chris@37 229
Chris@117 230 respond_to do |format|
Chris@117 231 format.html { render :action => :edit }
Chris@117 232 format.api { render_validation_errors(@user) }
Chris@117 233 end
chris@37 234 end
Chris@0 235 rescue ::ActionController::RedirectBackError
Chris@0 236 redirect_to :controller => 'users', :action => 'edit', :id => @user
Chris@0 237 end
chris@37 238
Chris@128 239 verify :method => :delete, :only => :destroy, :render => {:nothing => true, :status => :method_not_allowed }
Chris@128 240 def destroy
Chris@128 241 @user.destroy
Chris@128 242 respond_to do |format|
Chris@128 243 format.html { redirect_to(users_url) }
Chris@128 244 format.api { head :ok }
Chris@128 245 end
Chris@128 246 end
Chris@128 247
Chris@0 248 def edit_membership
Chris@0 249 @membership = Member.edit_membership(params[:membership_id], params[:membership], @user)
Chris@0 250 @membership.save if request.post?
Chris@0 251 respond_to do |format|
Chris@14 252 if @membership.valid?
Chris@14 253 format.html { redirect_to :controller => 'users', :action => 'edit', :id => @user, :tab => 'memberships' }
Chris@14 254 format.js {
Chris@14 255 render(:update) {|page|
Chris@14 256 page.replace_html "tab-content-memberships", :partial => 'users/memberships'
Chris@14 257 page.visual_effect(:highlight, "member-#{@membership.id}")
Chris@14 258 }
Chris@14 259 }
Chris@14 260 else
Chris@14 261 format.js {
Chris@14 262 render(:update) {|page|
Chris@14 263 page.alert(l(:notice_failed_to_save_members, :errors => @membership.errors.full_messages.join(', ')))
Chris@14 264 }
Chris@14 265 }
Chris@14 266 end
Chris@14 267 end
Chris@0 268 end
Chris@909 269
Chris@0 270 def destroy_membership
Chris@0 271 @membership = Member.find(params[:membership_id])
Chris@0 272 if request.post? && @membership.deletable?
Chris@0 273 @membership.destroy
Chris@0 274 end
Chris@0 275 respond_to do |format|
Chris@0 276 format.html { redirect_to :controller => 'users', :action => 'edit', :id => @user, :tab => 'memberships' }
Chris@0 277 format.js { render(:update) {|page| page.replace_html "tab-content-memberships", :partial => 'users/memberships'} }
Chris@0 278 end
Chris@0 279 end
Chris@909 280
Chris@117 281 private
Chris@909 282
Chris@117 283 def find_user
Chris@117 284 if params[:id] == 'current'
Chris@117 285 require_login || return
Chris@117 286 @user = User.current
Chris@117 287 else
Chris@117 288 @user = User.find(params[:id])
Chris@117 289 end
Chris@117 290 rescue ActiveRecord::RecordNotFound
Chris@117 291 render_404
Chris@117 292 end
Chris@0 293 end