Mercurial > hg > soundsoftware-site

comparison app/controllers/users_controller.rb @ 511:107d36338b70 live

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Merge from branch "cannam"
author Chris Cannam
date Thu, 14 Jul 2011 10:43:07 +0100
parents 851510f1b535
children 5e80956cc792
comparison
equal deleted inserted replaced
451:a9f6345cb43d 511:107d36338b70
1 # Redmine - project management software 1 # Redmine - project management software
2 # Copyright (C) 2006-2009 Jean-Philippe Lang 2 # Copyright (C) 2006-2011 Jean-Philippe Lang
3 # 3 #
4 # This program is free software; you can redistribute it and/or 4 # This program is free software; you can redistribute it and/or
5 # modify it under the terms of the GNU General Public License 5 # modify it under the terms of the GNU General Public License
6 # as published by the Free Software Foundation; either version 2 6 # as published by the Free Software Foundation; either version 2
7 # of the License, or (at your option) any later version. 7 # of the License, or (at your option) any later version.
17 17
18 class UsersController < ApplicationController 18 class UsersController < ApplicationController
19 layout 'admin' 19 layout 'admin'
20 20
21 before_filter :require_admin, :except => :show 21 before_filter :require_admin, :except => :show
22 before_filter :find_user, :only => [:show, :edit, :update, :destroy, :edit_membership, :destroy_membership]
23 accept_api_auth :index, :show, :create, :update, :destroy
22 24
23 helper :sort 25 helper :sort
24 include SortHelper 26 include SortHelper
25 helper :custom_fields 27 helper :custom_fields
26 include CustomFieldsHelper 28 include CustomFieldsHelper
27 29
28 def index 30 def index
29 sort_init 'login', 'asc' 31 sort_init 'login', 'asc'
30 sort_update %w(login firstname lastname mail admin created_on last_login_on) 32 sort_update %w(login firstname lastname mail admin created_on last_login_on)
31 33
34 case params[:format]
35 when 'xml', 'json'
36 @offset, @limit = api_offset_and_limit
37 else
38 @limit = per_page_option
39 end
40
41 scope = User
42 scope = scope.in_group(params[:group_id].to_i) if params[:group_id].present?
43
32 @status = params[:status] ? params[:status].to_i : 1 44 @status = params[:status] ? params[:status].to_i : 1
33 c = ARCondition.new(@status == 0 ? "status <> 0" : ["status = ?", @status]) 45 c = ARCondition.new(@status == 0 ? "status <> 0" : ["status = ?", @status])
34 46
35 unless params[:name].blank? 47 unless params[:name].blank?
36 name = "%#{params[:name].strip.downcase}%" 48 name = "%#{params[:name].strip.downcase}%"
37 c << ["LOWER(login) LIKE ? OR LOWER(firstname) LIKE ? OR LOWER(lastname) LIKE ? OR LOWER(mail) LIKE ?", name, name, name, name] 49 c << ["LOWER(login) LIKE ? OR LOWER(firstname) LIKE ? OR LOWER(lastname) LIKE ? OR LOWER(mail) LIKE ?", name, name, name, name]
38 end 50 end
39 51
40 @user_count = User.count(:conditions => c.conditions) 52 @user_count = scope.count(:conditions => c.conditions)
41 @user_pages = Paginator.new self, @user_count, 53 @user_pages = Paginator.new self, @user_count, @limit, params['page']
42 per_page_option, 54 @offset ||= @user_pages.current.offset
43 params['page'] 55 @users = scope.find :all,
44 @users = User.find :all,:order => sort_clause, 56 :order => sort_clause,
45 :conditions => c.conditions, 57 :conditions => c.conditions,
46 :limit => @user_pages.items_per_page, 58 :limit => @limit,
47 :offset => @user_pages.current.offset 59 :offset => @offset
48 60
49 render :layout => !request.xhr? 61 respond_to do |format|
62 format.html {
63 @groups = Group.all.sort
64 render :layout => !request.xhr?
65 }
66 format.api
67 end
50 end 68 end
51 69
52 def show 70 def show
53 @user = User.find(params[:id])
54 71
55 if @user.ssamr_user_detail != nil 72 if @user.ssamr_user_detail != nil
56 @description = @user.ssamr_user_detail.description 73 @description = @user.ssamr_user_detail.description
57 74
58 if @user.ssamr_user_detail.institution_type != nil 75 if @user.ssamr_user_detail.institution_type != nil
64 end 81 end
65 end 82 end
66 end 83 end
67 84
68 # show projects based on current user visibility 85 # show projects based on current user visibility
69 @memberships = @user.memberships.all(:conditions => Project.visible_by(User.current)) 86 @memberships = @user.memberships.all(:conditions => Project.visible_condition(User.current))
70 87
71 events = Redmine::Activity::Fetcher.new(User.current, :author => @user).events(nil, nil, :limit => 10) 88 events = Redmine::Activity::Fetcher.new(User.current, :author => @user).events(nil, nil, :limit => 10)
72 @events_by_day = events.group_by(&:event_date) 89 @events_by_day = events.group_by(&:event_date)
73 90
74 unless User.current.admin? 91 unless User.current.admin?
75 if !@user.active? || (@user != User.current && @memberships.empty? && events.empty?) 92 if !@user.active? || (@user != User.current && @memberships.empty? && events.empty?)
76 render_404 93 render_404
77 return 94 return
78 end 95 end
79 end 96 end
80 render :layout => 'base' 97
81 98 respond_to do |format|
82 rescue ActiveRecord::RecordNotFound 99 format.html { render :layout => 'base' }
83 render_404 100 format.api
101 end
84 end 102 end
85 103
86 def new 104 def new
87 @notification_options = User::MAIL_NOTIFICATION_OPTIONS 105 @user = User.new(:language => Setting.default_language, :mail_notification => Setting.default_notification_option)
88 @notification_option = Setting.default_notification_option
89
90 @user = User.new(:language => Setting.default_language)
91 @auth_sources = AuthSource.find(:all) 106 @auth_sources = AuthSource.find(:all)
92 107
93 @ssamr_user_details = SsamrUserDetail.new 108 @ssamr_user_details = SsamrUserDetail.new
94 end 109 end
95 110
96 verify :method => :post, :only => :create, :render => {:nothing => true, :status => :method_not_allowed } 111 verify :method => :post, :only => :create, :render => {:nothing => true, :status => :method_not_allowed }
97 def create 112 def create
98 @notification_options = User::MAIL_NOTIFICATION_OPTIONS 113 @user = User.new(:language => Setting.default_language, :mail_notification => Setting.default_notification_option)
99 @notification_option = Setting.default_notification_option 114 @user.safe_attributes = params[:user]
100
101 @user = User.new(params[:user]) 115 @user = User.new(params[:user])
102 @user.admin = params[:user][:admin] || false 116 @user.admin = params[:user][:admin] || false
103 @user.login = params[:user][:login] 117 @user.login = params[:user][:login]
104 @user.password, @user.password_confirmation = params[:password], params[:password_confirmation] unless @user.auth_source_id 118 @user.password, @user.password_confirmation = params[:user][:password], params[:user][:password_confirmation] unless @user.auth_source_id
105 119
106 # TODO: Similar to My#account 120 # TODO: Similar to My#account
107 @user.mail_notification = params[:notification_option] || 'only_my_events'
108 @user.pref.attributes = params[:pref] 121 @user.pref.attributes = params[:pref]
109 @user.pref[:no_self_notified] = (params[:no_self_notified] == '1') 122 @user.pref[:no_self_notified] = (params[:no_self_notified] == '1')
110 123
111 @ssamr_user_details = SsamrUserDetail.new(params[:ssamr_user_details]) 124 @ssamr_user_details = SsamrUserDetail.new(params[:ssamr_user_details])
112 125
116 if @user.save 129 if @user.save
117 @user.pref.save 130 @user.pref.save
118 131
119 @ssamr_user_details.save! 132 @ssamr_user_details.save!
120 133
121 @user.notified_project_ids = (params[:notification_option] == 'selected' ? params[:notified_project_ids] : []) 134
122 135 Mailer.deliver_account_information(@user, params[:user][:password]) if params[:send_information]
123 Mailer.deliver_account_information(@user, params[:password]) if params[:send_information] 136
124 flash[:notice] = l(:notice_successful_create) 137 respond_to do |format|
125 redirect_to(params[:continue] ? {:controller => 'users', :action => 'new'} : 138 format.html {
126 {:controller => 'users', :action => 'edit', :id => @user}) 139 flash[:notice] = l(:notice_successful_create)
127 return 140 redirect_to(params[:continue] ?
141 {:controller => 'users', :action => 'new'} :
142 {:controller => 'users', :action => 'edit', :id => @user}
143 )
144 }
145 format.api { render :action => 'show', :status => :created, :location => user_url(@user) }
146 end
128 else 147 else
129 @auth_sources = AuthSource.find(:all) 148 @auth_sources = AuthSource.find(:all)
130 @notification_option = @user.mail_notification 149 # Clear password input
131 150 @user.password = @user.password_confirmation = nil
132 render :action => 'new' 151
152 respond_to do |format|
153 format.html { render :action => 'new' }
154 format.api { render_validation_errors(@user) }
155 end
133 end 156 end
134 end 157 end
135 158
136 def edit 159 def edit
137 @user = User.find(params[:id])
138 @notification_options = @user.valid_notification_options
139 @notification_option = @user.mail_notification
140 160
141 @ssamr_user_details = @user.ssamr_user_detail 161 @ssamr_user_details = @user.ssamr_user_detail
142 162
143 if @user.ssamr_user_detail == nil 163 if @user.ssamr_user_detail == nil
144 @selected_institution_id = nil 164 @selected_institution_id = nil
150 @membership ||= Member.new 170 @membership ||= Member.new
151 end 171 end
152 172
153 verify :method => :put, :only => :update, :render => {:nothing => true, :status => :method_not_allowed } 173 verify :method => :put, :only => :update, :render => {:nothing => true, :status => :method_not_allowed }
154 def update 174 def update
155 @user = User.find(params[:id])
156
157 @notification_options = @user.valid_notification_options
158 @notification_option = @user.mail_notification
159
160 @user.admin = params[:user][:admin] if params[:user][:admin] 175 @user.admin = params[:user][:admin] if params[:user][:admin]
161 @user.login = params[:user][:login] if params[:user][:login] 176 @user.login = params[:user][:login] if params[:user][:login]
162 if params[:password].present? && (@user.auth_source_id.nil? || params[:user][:auth_source_id].blank?) 177 if params[:user][:password].present? && (@user.auth_source_id.nil? || params[:user][:auth_source_id].blank?)
163 @user.password, @user.password_confirmation = params[:password], params[:password_confirmation] 178 @user.password, @user.password_confirmation = params[:user][:password], params[:user][:password_confirmation]
164 end 179 end
165 @user.group_ids = params[:user][:group_ids] if params[:user][:group_ids] 180 @user.safe_attributes = params[:user]
166 @user.attributes = params[:user]
167 # Was the account actived ? (do it before User#save clears the change) 181 # Was the account actived ? (do it before User#save clears the change)
168 was_activated = (@user.status_change == [User::STATUS_REGISTERED, User::STATUS_ACTIVE]) 182 was_activated = (@user.status_change == [User::STATUS_REGISTERED, User::STATUS_ACTIVE])
169 # TODO: Similar to My#account 183 # TODO: Similar to My#account
170 @user.mail_notification = params[:notification_option] || 'only_my_events'
171 @user.pref.attributes = params[:pref] 184 @user.pref.attributes = params[:pref]
172 @user.pref[:no_self_notified] = (params[:no_self_notified] == '1') 185 @user.pref[:no_self_notified] = (params[:no_self_notified] == '1')
173 186
174 if @user.ssamr_user_detail == nil 187 if @user.ssamr_user_detail == nil
175 @ssamr_user_details = SsamrUserDetail.new() 188 @ssamr_user_details = SsamrUserDetail.new()
191 @ssamr_user_details.institution_type = params[:ssamr_user_details][:institution_type] 204 @ssamr_user_details.institution_type = params[:ssamr_user_details][:institution_type]
192 end 205 end
193 206
194 if @user.save 207 if @user.save
195 @user.pref.save 208 @user.pref.save
196 @user.notified_project_ids = (params[:notification_option] == 'selected' ? params[:notified_project_ids] : []) 209 @user.notified_project_ids = (@user.mail_notification == 'selected' ? params[:notified_project_ids] : [])
197 210
198 if was_activated 211 if was_activated
199 Mailer.deliver_account_activated(@user) 212 Mailer.deliver_account_activated(@user)
200 elsif @user.active? && params[:send_information] && !params[:password].blank? && @user.auth_source_id.nil? 213 elsif @user.active? && params[:send_information] && !params[:user][:password].blank? && @user.auth_source_id.nil?
201 Mailer.deliver_account_information(@user, params[:password]) 214 Mailer.deliver_account_information(@user, params[:user][:password])
202 end 215 end
203 flash[:notice] = l(:notice_successful_update) 216
204 redirect_to :back 217 respond_to do |format|
218 format.html {
219 flash[:notice] = l(:notice_successful_update)
220 redirect_to :back
221 }
222 format.api { head :ok }
223 end
205 else 224 else
206 @auth_sources = AuthSource.find(:all) 225 @auth_sources = AuthSource.find(:all)
207 @membership ||= Member.new 226 @membership ||= Member.new
208 227 # Clear password input
209 render :action => :edit 228 @user.password = @user.password_confirmation = nil
229
230 respond_to do |format|
231 format.html { render :action => :edit }
232 format.api { render_validation_errors(@user) }
233 end
210 end 234 end
211 rescue ::ActionController::RedirectBackError 235 rescue ::ActionController::RedirectBackError
212 redirect_to :controller => 'users', :action => 'edit', :id => @user 236 redirect_to :controller => 'users', :action => 'edit', :id => @user
213 end 237 end
214 238
239 verify :method => :delete, :only => :destroy, :render => {:nothing => true, :status => :method_not_allowed }
240 def destroy
241 @user.destroy
242 respond_to do |format|
243 format.html { redirect_to(users_url) }
244 format.api { head :ok }
245 end
246 end
247
215 def edit_membership 248 def edit_membership
216 @user = User.find(params[:id])
217 @membership = Member.edit_membership(params[:membership_id], params[:membership], @user) 249 @membership = Member.edit_membership(params[:membership_id], params[:membership], @user)
218 @membership.save if request.post? 250 @membership.save if request.post?
219 respond_to do |format| 251 respond_to do |format|
220 if @membership.valid? 252 if @membership.valid?
221 format.html { redirect_to :controller => 'users', :action => 'edit', :id => @user, :tab => 'memberships' } 253 format.html { redirect_to :controller => 'users', :action => 'edit', :id => @user, :tab => 'memberships' }
234 end 266 end
235 end 267 end
236 end 268 end
237 269
238 def destroy_membership 270 def destroy_membership
239 @user = User.find(params[:id])
240 @membership = Member.find(params[:membership_id]) 271 @membership = Member.find(params[:membership_id])
241 if request.post? && @membership.deletable? 272 if request.post? && @membership.deletable?
242 @membership.destroy 273 @membership.destroy
243 end 274 end
244 respond_to do |format| 275 respond_to do |format|
245 format.html { redirect_to :controller => 'users', :action => 'edit', :id => @user, :tab => 'memberships' } 276 format.html { redirect_to :controller => 'users', :action => 'edit', :id => @user, :tab => 'memberships' }
246 format.js { render(:update) {|page| page.replace_html "tab-content-memberships", :partial => 'users/memberships'} } 277 format.js { render(:update) {|page| page.replace_html "tab-content-memberships", :partial => 'users/memberships'} }
247 end 278 end
248 end 279 end
280
281 private
282
283 def find_user
284 if params[:id] == 'current'
285 require_login || return
286 @user = User.current
287 else
288 @user = User.find(params[:id])
289 end
290 rescue ActiveRecord::RecordNotFound
291 render_404
292 end
249 end 293 end