Mercurial > hg > soundsoftware-site

comparison app/controllers/users_controller.rb @ 119:8661b858af72

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
* Update to Redmine trunk rev 4705
author Chris Cannam
date Thu, 13 Jan 2011 14:12:06 +0000
parents 94944d00e43c
children b859cc0c4fa1 07fa8a8b56a8
comparison
equal deleted inserted replaced
39:150ceac17a8d 119:8661b858af72
1 # Redmine - project management software 1 # Redmine - project management software
2 # Copyright (C) 2006-2009 Jean-Philippe Lang 2 # Copyright (C) 2006-2010 Jean-Philippe Lang
3 # 3 #
4 # This program is free software; you can redistribute it and/or 4 # This program is free software; you can redistribute it and/or
5 # modify it under the terms of the GNU General Public License 5 # modify it under the terms of the GNU General Public License
6 # as published by the Free Software Foundation; either version 2 6 # as published by the Free Software Foundation; either version 2
7 # of the License, or (at your option) any later version. 7 # of the License, or (at your option) any later version.
17 17
18 class UsersController < ApplicationController 18 class UsersController < ApplicationController
19 layout 'admin' 19 layout 'admin'
20 20
21 before_filter :require_admin, :except => :show 21 before_filter :require_admin, :except => :show
22 before_filter :find_user, :only => [:show, :edit, :update, :edit_membership, :destroy_membership]
23 accept_key_auth :index, :show, :create, :update
22 24
23 helper :sort 25 helper :sort
24 include SortHelper 26 include SortHelper
25 helper :custom_fields 27 helper :custom_fields
26 include CustomFieldsHelper 28 include CustomFieldsHelper
27 29
28 def index 30 def index
29 sort_init 'login', 'asc' 31 sort_init 'login', 'asc'
30 sort_update %w(login firstname lastname mail admin created_on last_login_on) 32 sort_update %w(login firstname lastname mail admin created_on last_login_on)
31 33
34 case params[:format]
35 when 'xml', 'json'
36 @offset, @limit = api_offset_and_limit
37 else
38 @limit = per_page_option
39 end
40
32 @status = params[:status] ? params[:status].to_i : 1 41 @status = params[:status] ? params[:status].to_i : 1
33 c = ARCondition.new(@status == 0 ? "status <> 0" : ["status = ?", @status]) 42 c = ARCondition.new(@status == 0 ? "status <> 0" : ["status = ?", @status])
34 43
35 unless params[:name].blank? 44 unless params[:name].blank?
36 name = "%#{params[:name].strip.downcase}%" 45 name = "%#{params[:name].strip.downcase}%"
37 c << ["LOWER(login) LIKE ? OR LOWER(firstname) LIKE ? OR LOWER(lastname) LIKE ? OR LOWER(mail) LIKE ?", name, name, name, name] 46 c << ["LOWER(login) LIKE ? OR LOWER(firstname) LIKE ? OR LOWER(lastname) LIKE ? OR LOWER(mail) LIKE ?", name, name, name, name]
38 end 47 end
39 48
40 @user_count = User.count(:conditions => c.conditions) 49 @user_count = User.count(:conditions => c.conditions)
41 @user_pages = Paginator.new self, @user_count, 50 @user_pages = Paginator.new self, @user_count, @limit, params['page']
42 per_page_option, 51 @offset ||= @user_pages.current.offset
43 params['page'] 52 @users = User.find :all,
44 @users = User.find :all,:order => sort_clause, 53 :order => sort_clause,
45 :conditions => c.conditions, 54 :conditions => c.conditions,
46 :limit => @user_pages.items_per_page, 55 :limit => @limit,
47 :offset => @user_pages.current.offset 56 :offset => @offset
48 57
49 render :layout => !request.xhr? 58 respond_to do |format|
59 format.html { render :layout => !request.xhr? }
60 format.api
61 end
50 end 62 end
51 63
52 def show 64 def show
53 @user = User.find(params[:id])
54
55 # show projects based on current user visibility 65 # show projects based on current user visibility
56 @memberships = @user.memberships.all(:conditions => Project.visible_by(User.current)) 66 @memberships = @user.memberships.all(:conditions => Project.visible_by(User.current))
57 67
58 events = Redmine::Activity::Fetcher.new(User.current, :author => @user).events(nil, nil, :limit => 10) 68 events = Redmine::Activity::Fetcher.new(User.current, :author => @user).events(nil, nil, :limit => 10)
59 @events_by_day = events.group_by(&:event_date) 69 @events_by_day = events.group_by(&:event_date)
62 if !@user.active? || (@user != User.current && @memberships.empty? && events.empty?) 72 if !@user.active? || (@user != User.current && @memberships.empty? && events.empty?)
63 render_404 73 render_404
64 return 74 return
65 end 75 end
66 end 76 end
67 render :layout => 'base' 77
68 78 respond_to do |format|
69 rescue ActiveRecord::RecordNotFound 79 format.html { render :layout => 'base' }
70 render_404 80 format.api
81 end
71 end 82 end
72 83
73 def new 84 def new
74 @notification_options = User::MAIL_NOTIFICATION_OPTIONS 85 @user = User.new(:language => Setting.default_language, :mail_notification => Setting.default_notification_option)
75 @notification_option = Setting.default_notification_option
76
77 @user = User.new(:language => Setting.default_language)
78 @auth_sources = AuthSource.find(:all) 86 @auth_sources = AuthSource.find(:all)
79 end 87 end
80 88
81 verify :method => :post, :only => :create, :render => {:nothing => true, :status => :method_not_allowed } 89 verify :method => :post, :only => :create, :render => {:nothing => true, :status => :method_not_allowed }
82 def create 90 def create
83 @notification_options = User::MAIL_NOTIFICATION_OPTIONS 91 @user = User.new(:language => Setting.default_language, :mail_notification => Setting.default_notification_option)
84 @notification_option = Setting.default_notification_option 92 @user.safe_attributes = params[:user]
85
86 @user = User.new(params[:user])
87 @user.admin = params[:user][:admin] || false 93 @user.admin = params[:user][:admin] || false
88 @user.login = params[:user][:login] 94 @user.login = params[:user][:login]
89 @user.password, @user.password_confirmation = params[:password], params[:password_confirmation] unless @user.auth_source_id 95 @user.password, @user.password_confirmation = params[:user][:password], params[:user][:password_confirmation] unless @user.auth_source_id
90 96
91 # TODO: Similar to My#account 97 # TODO: Similar to My#account
92 @user.mail_notification = params[:notification_option] || 'only_my_events'
93 @user.pref.attributes = params[:pref] 98 @user.pref.attributes = params[:pref]
94 @user.pref[:no_self_notified] = (params[:no_self_notified] == '1') 99 @user.pref[:no_self_notified] = (params[:no_self_notified] == '1')
95 100
96 if @user.save 101 if @user.save
97 @user.pref.save 102 @user.pref.save
98 @user.notified_project_ids = (params[:notification_option] == 'selected' ? params[:notified_project_ids] : []) 103 @user.notified_project_ids = (@user.mail_notification == 'selected' ? params[:notified_project_ids] : [])
99 104
100 Mailer.deliver_account_information(@user, params[:password]) if params[:send_information] 105 Mailer.deliver_account_information(@user, params[:user][:password]) if params[:send_information]
101 flash[:notice] = l(:notice_successful_create) 106
102 redirect_to(params[:continue] ? {:controller => 'users', :action => 'new'} : 107 respond_to do |format|
103 {:controller => 'users', :action => 'edit', :id => @user}) 108 format.html {
104 return 109 flash[:notice] = l(:notice_successful_create)
110 redirect_to(params[:continue] ?
111 {:controller => 'users', :action => 'new'} :
112 {:controller => 'users', :action => 'edit', :id => @user}
113 )
114 }
115 format.api { render :action => 'show', :status => :created, :location => user_url(@user) }
116 end
105 else 117 else
106 @auth_sources = AuthSource.find(:all) 118 @auth_sources = AuthSource.find(:all)
107 @notification_option = @user.mail_notification 119 # Clear password input
108 120 @user.password = @user.password_confirmation = nil
109 render :action => 'new' 121
122 respond_to do |format|
123 format.html { render :action => 'new' }
124 format.api { render_validation_errors(@user) }
125 end
110 end 126 end
111 end 127 end
112 128
113 def edit 129 def edit
114 @user = User.find(params[:id])
115 @notification_options = @user.valid_notification_options
116 @notification_option = @user.mail_notification
117
118 @auth_sources = AuthSource.find(:all) 130 @auth_sources = AuthSource.find(:all)
119 @membership ||= Member.new 131 @membership ||= Member.new
120 end 132 end
121 133
122 verify :method => :put, :only => :update, :render => {:nothing => true, :status => :method_not_allowed } 134 verify :method => :put, :only => :update, :render => {:nothing => true, :status => :method_not_allowed }
123 def update 135 def update
124 @user = User.find(params[:id])
125 @notification_options = @user.valid_notification_options
126 @notification_option = @user.mail_notification
127
128 @user.admin = params[:user][:admin] if params[:user][:admin] 136 @user.admin = params[:user][:admin] if params[:user][:admin]
129 @user.login = params[:user][:login] if params[:user][:login] 137 @user.login = params[:user][:login] if params[:user][:login]
130 if params[:password].present? && (@user.auth_source_id.nil? || params[:user][:auth_source_id].blank?) 138 if params[:user][:password].present? && (@user.auth_source_id.nil? || params[:user][:auth_source_id].blank?)
131 @user.password, @user.password_confirmation = params[:password], params[:password_confirmation] 139 @user.password, @user.password_confirmation = params[:user][:password], params[:user][:password_confirmation]
132 end 140 end
133 @user.group_ids = params[:user][:group_ids] if params[:user][:group_ids] 141 @user.safe_attributes = params[:user]
134 @user.attributes = params[:user]
135 # Was the account actived ? (do it before User#save clears the change) 142 # Was the account actived ? (do it before User#save clears the change)
136 was_activated = (@user.status_change == [User::STATUS_REGISTERED, User::STATUS_ACTIVE]) 143 was_activated = (@user.status_change == [User::STATUS_REGISTERED, User::STATUS_ACTIVE])
137 # TODO: Similar to My#account 144 # TODO: Similar to My#account
138 @user.mail_notification = params[:notification_option] || 'only_my_events'
139 @user.pref.attributes = params[:pref] 145 @user.pref.attributes = params[:pref]
140 @user.pref[:no_self_notified] = (params[:no_self_notified] == '1') 146 @user.pref[:no_self_notified] = (params[:no_self_notified] == '1')
141 147
142 if @user.save 148 if @user.save
143 @user.pref.save 149 @user.pref.save
144 @user.notified_project_ids = (params[:notification_option] == 'selected' ? params[:notified_project_ids] : []) 150 @user.notified_project_ids = (@user.mail_notification == 'selected' ? params[:notified_project_ids] : [])
145 151
146 if was_activated 152 if was_activated
147 Mailer.deliver_account_activated(@user) 153 Mailer.deliver_account_activated(@user)
148 elsif @user.active? && params[:send_information] && !params[:password].blank? && @user.auth_source_id.nil? 154 elsif @user.active? && params[:send_information] && !params[:user][:password].blank? && @user.auth_source_id.nil?
149 Mailer.deliver_account_information(@user, params[:password]) 155 Mailer.deliver_account_information(@user, params[:user][:password])
150 end 156 end
151 flash[:notice] = l(:notice_successful_update) 157
152 redirect_to :back 158 respond_to do |format|
159 format.html {
160 flash[:notice] = l(:notice_successful_update)
161 redirect_to :back
162 }
163 format.api { head :ok }
164 end
153 else 165 else
154 @auth_sources = AuthSource.find(:all) 166 @auth_sources = AuthSource.find(:all)
155 @membership ||= Member.new 167 @membership ||= Member.new
156 168 # Clear password input
157 render :action => :edit 169 @user.password = @user.password_confirmation = nil
170
171 respond_to do |format|
172 format.html { render :action => :edit }
173 format.api { render_validation_errors(@user) }
174 end
158 end 175 end
159 rescue ::ActionController::RedirectBackError 176 rescue ::ActionController::RedirectBackError
160 redirect_to :controller => 'users', :action => 'edit', :id => @user 177 redirect_to :controller => 'users', :action => 'edit', :id => @user
161 end 178 end
162 179
163 def edit_membership 180 def edit_membership
164 @user = User.find(params[:id])
165 @membership = Member.edit_membership(params[:membership_id], params[:membership], @user) 181 @membership = Member.edit_membership(params[:membership_id], params[:membership], @user)
166 @membership.save if request.post? 182 @membership.save if request.post?
167 respond_to do |format| 183 respond_to do |format|
168 if @membership.valid? 184 if @membership.valid?
169 format.html { redirect_to :controller => 'users', :action => 'edit', :id => @user, :tab => 'memberships' } 185 format.html { redirect_to :controller => 'users', :action => 'edit', :id => @user, :tab => 'memberships' }
182 end 198 end
183 end 199 end
184 end 200 end
185 201
186 def destroy_membership 202 def destroy_membership
187 @user = User.find(params[:id])
188 @membership = Member.find(params[:membership_id]) 203 @membership = Member.find(params[:membership_id])
189 if request.post? && @membership.deletable? 204 if request.post? && @membership.deletable?
190 @membership.destroy 205 @membership.destroy
191 end 206 end
192 respond_to do |format| 207 respond_to do |format|
193 format.html { redirect_to :controller => 'users', :action => 'edit', :id => @user, :tab => 'memberships' } 208 format.html { redirect_to :controller => 'users', :action => 'edit', :id => @user, :tab => 'memberships' }
194 format.js { render(:update) {|page| page.replace_html "tab-content-memberships", :partial => 'users/memberships'} } 209 format.js { render(:update) {|page| page.replace_html "tab-content-memberships", :partial => 'users/memberships'} }
195 end 210 end
196 end 211 end
212
213 private
214
215 def find_user
216 if params[:id] == 'current'
217 require_login || return
218 @user = User.current
219 else
220 @user = User.find(params[:id])
221 end
222 rescue ActiveRecord::RecordNotFound
223 render_404
224 end
197 end 225 end