summaryrefslogtreecommitdiff
path: root/users/app
diff options
context:
space:
mode:
authorjessib <jessib@leap.se>2012-11-26 10:15:22 -0800
committerjessib <jessib@leap.se>2012-11-26 10:15:22 -0800
commit3e744e4e226eae3ea2f900d9fccc32b6c046d65f (patch)
tree1b19232d08229b178c094c92e2242ce1686099ae /users/app
parentd9d67bd60d3fdfa4106977de9e5aba11f659fc79 (diff)
parentbf74255d1530fe5852dc6e6c27ef975ce9aa8d3c (diff)
Merge branch 'develop' into help_develop
Conflicts: users/app/views/sessions/_nav.html.haml
Diffstat (limited to 'users/app')
m---------users/app/assets/javascripts/srp0
-rw-r--r--users/app/assets/javascripts/users.js.coffee56
-rw-r--r--users/app/controllers/controller_extension/authentication.rb8
-rw-r--r--users/app/controllers/sessions_controller.rb6
-rw-r--r--users/app/controllers/users_controller.rb31
-rw-r--r--users/app/models/session.rb34
-rw-r--r--users/app/models/user.rb18
-rw-r--r--users/app/views/sessions/_admin_nav.html.haml6
-rw-r--r--users/app/views/sessions/_nav.html.haml10
-rw-r--r--users/app/views/sessions/new.html.haml2
-rw-r--r--users/app/views/users/_form.html.haml9
-rw-r--r--users/app/views/users/edit.html.haml3
-rw-r--r--users/app/views/users/index.html.haml1
-rw-r--r--users/app/views/users/new.html.haml8
14 files changed, 126 insertions, 66 deletions
diff --git a/users/app/assets/javascripts/srp b/users/app/assets/javascripts/srp
-Subproject efac662cdf31bc4b61ffb97b8c398e22a86c364
+Subproject fff770a866b44abce6fe0fc5d5ffde034225436
diff --git a/users/app/assets/javascripts/users.js.coffee b/users/app/assets/javascripts/users.js.coffee
index ab437f6..f0bb3dd 100644
--- a/users/app/assets/javascripts/users.js.coffee
+++ b/users/app/assets/javascripts/users.js.coffee
@@ -1,47 +1,31 @@
preventDefault = (event) ->
event.preventDefault()
-validOrAbort = (event) ->
- errors = {}
-
- abortIfErrors = ->
- return if $.isEmptyObject(errors)
- # we're relying on client_side_validations here instead of printing
- # our own errors. This gets us translatable error messages.
- $('.control-group.error input, .control-group.error select, control-group.error textarea').first().focus()
- event.stopImmediatePropagation()
-
- validatePassword = ->
- password = $('#srp_password').val()
- confirmation = $('#srp_password_confirmation').val()
- login = $('#srp_username').val()
-
- if password != confirmation
- errors.password_confirmation = "Confirmation does not match!"
- if password == login
- errors.password = "Password and Login may not match!"
- if password.length < 8
- errors.password = "Password needs to be at least 8 characters long!"
+srp.session = new srp.Session()
+srp.signedUp = ->
+ srp.login
- validatePassword()
- abortIfErrors()
-
-
-signup = (event) ->
- srp = new SRP(jqueryRest())
- srp.register ->
- window.location = '/'
+srp.loggedIn = ->
+ window.location = '/'
-login = (event) ->
- srp = new SRP(jqueryRest())
- srp.identify ->
- window.location = '/'
+#// TODO: not sure this is what we want.
+srp.updated = ->
+ window.location = '/'
+srp.error = (message) ->
+ if $.isPlainObject(message) && message.errors
+ for field, error of message.errors
+ element = $('form input[name$="['+field+']"]')
+ next unless element
+ element.trigger('element:validate:fail.ClientSideValidations', error).data('valid', false)
+ else
+ alert(message)
$(document).ready ->
$('#new_user').submit preventDefault
- $('#new_user').submit validOrAbort
- $('#new_user').submit signup
+ $('#new_user').submit srp.signup
$('#new_session').submit preventDefault
- $('#new_session').submit login
+ $('#new_session').submit srp.login
+ $('.user.form.edit').submit srp.update
+ $('.user.form.edit').submit preventDefault
diff --git a/users/app/controllers/controller_extension/authentication.rb b/users/app/controllers/controller_extension/authentication.rb
index 1726278..f2184d9 100644
--- a/users/app/controllers/controller_extension/authentication.rb
+++ b/users/app/controllers/controller_extension/authentication.rb
@@ -7,8 +7,12 @@ module ControllerExtension::Authentication
helper_method :current_user, :logged_in?, :admin?
end
- def authentication_error
- warden.winning_strategy.try(:message)
+ def authentication_errors
+ return unless errors = warden.winning_strategy.try(:message)
+ errors.inject({}) do |translated,err|
+ translated[err.first] = I18n.t(err.last)
+ translated
+ end
end
def logged_in?
diff --git a/users/app/controllers/sessions_controller.rb b/users/app/controllers/sessions_controller.rb
index 486f67e..bc910b5 100644
--- a/users/app/controllers/sessions_controller.rb
+++ b/users/app/controllers/sessions_controller.rb
@@ -3,7 +3,11 @@ class SessionsController < ApplicationController
skip_before_filter :verify_authenticity_token
def new
- @errors = authentication_error
+ @session = Session.new
+ if authentication_errors
+ @errors = authentication_errors
+ render :status => 422
+ end
end
def create
diff --git a/users/app/controllers/users_controller.rb b/users/app/controllers/users_controller.rb
index 82d2eac..4912ac8 100644
--- a/users/app/controllers/users_controller.rb
+++ b/users/app/controllers/users_controller.rb
@@ -1,18 +1,37 @@
class UsersController < ApplicationController
- skip_before_filter :verify_authenticity_token
+ skip_before_filter :verify_authenticity_token, :only => [:create]
+
+ before_filter :fetch_user, :only => [:edit, :update]
+ before_filter :authorize_admin, :only => [:index]
respond_to :json, :html
+ def index
+ @users = User.all
+ end
+
def new
@user = User.new
end
def create
- @user = User.create!(params[:user])
- respond_with(@user, :location => root_url, :notice => "Signed up!")
- rescue VALIDATION_FAILED => e
- @user = e.document
- respond_with(@user, :location => new_user_path)
+ @user = User.create(params[:user])
+ respond_with @user
+ end
+
+ def edit
+ end
+
+ def update
+ @user.update_attributes(params[:user])
+ respond_with @user
+ end
+
+ protected
+
+ def fetch_user
+ @user = User.find_by_param(params[:id])
+ access_denied unless @user == current_user
end
end
diff --git a/users/app/models/session.rb b/users/app/models/session.rb
new file mode 100644
index 0000000..a9fdb1b
--- /dev/null
+++ b/users/app/models/session.rb
@@ -0,0 +1,34 @@
+class Session < SRP::Session
+ include ActiveModel::Validations
+
+ attr_accessor :login
+
+ validates :login,
+ :presence => true,
+ :format => { :with => /\A[A-Za-z\d_]+\z/,
+ :message => "Only letters, digits and _ allowed" }
+
+ def initialize(user = nil, aa = nil)
+ super(user, aa) if user
+ end
+
+ def persisted?
+ false
+ end
+
+ def new_record?
+ true
+ end
+
+ def to_model
+ self
+ end
+
+ def to_key
+ [object_id]
+ end
+
+ def to_param
+ nil
+ end
+end
diff --git a/users/app/models/user.rb b/users/app/models/user.rb
index 824c439..39d079a 100644
--- a/users/app/models/user.rb
+++ b/users/app/models/user.rb
@@ -9,7 +9,8 @@ class User < CouchRest::Model::Base
:presence => true
validates :login,
- :uniqueness => true
+ :uniqueness => true,
+ :if => :serverside?
validates :login,
:format => { :with => /\A[A-Za-z\d_]+\z/,
@@ -29,22 +30,18 @@ class User < CouchRest::Model::Base
end
class << self
- def find_by_param(login)
- return find_by_login(login) || raise(RECORD_NOT_FOUND)
- end
+ alias_method :find_by_param, :find
# valid set of attributes for testing
def valid_attributes_hash
{ :login => "me",
- :password_verifier => "1234ABC",
+ :password_verifier => "1234ABCD",
:password_salt => "4321AB" }
end
end
- def to_param
- self.login
- end
+ alias_method :to_param, :id
def to_json(options={})
{
@@ -78,4 +75,9 @@ class User < CouchRest::Model::Base
def password
password_verifier
end
+
+ # used as a condition for validations that are server side only
+ def serverside?
+ true
+ end
end
diff --git a/users/app/views/sessions/_admin_nav.html.haml b/users/app/views/sessions/_admin_nav.html.haml
new file mode 100644
index 0000000..14dfbdc
--- /dev/null
+++ b/users/app/views/sessions/_admin_nav.html.haml
@@ -0,0 +1,6 @@
+%a#admin-menu{"data-toggle" => "dropdown", :role => :button}
+ Admin
+%ul.dropdown-menu{:role => "menu", "aria-labelledby" => "admin-menu"}
+ %li
+ = link_to Ticket.model_name.human(:count => ""), tickets_path, {:tabindex => -1}
+ = link_to User.model_name.human(:count => ""), users_path, {:tabindex => -1}
diff --git a/users/app/views/sessions/_nav.html.haml b/users/app/views/sessions/_nav.html.haml
index b738504..398a794 100644
--- a/users/app/views/sessions/_nav.html.haml
+++ b/users/app/views/sessions/_nav.html.haml
@@ -1,11 +1,11 @@
-- if logged_in?
+but - if logged_in?
+ - if admin?
+ %li.dropdown
+ = render 'sessions/admin_nav'
%li
- = 'logged in as ' + current_user.login
+ = link_to current_user.login, edit_user_path(current_user)
%li
= link_to t(:logout), logout_path
- - if admin?
- %li
- = 'ADMIN' # obviously not like this
- else
%li
= link_to t(:login), login_path
diff --git a/users/app/views/sessions/new.html.haml b/users/app/views/sessions/new.html.haml
index c91d3f2..a04f584 100644
--- a/users/app/views/sessions/new.html.haml
+++ b/users/app/views/sessions/new.html.haml
@@ -1,6 +1,6 @@
.span8.offset2
%h2=t :login
- = simple_form_for :session, :url => sessions_path, :html => { :id => :new_session, :class => 'form-horizontal' } do |f|
+ = simple_form_for @session, :validate => true, :html => { :id => :new_session, :class => 'form-horizontal' } do |f|
%legend=t :login_message
= f.input :login, :input_html => { :id => :srp_username }
= f.input :password, :required => true, :input_html => { :id => :srp_password }
diff --git a/users/app/views/users/_form.html.haml b/users/app/views/users/_form.html.haml
new file mode 100644
index 0000000..fc835af
--- /dev/null
+++ b/users/app/views/users/_form.html.haml
@@ -0,0 +1,9 @@
+- html = {:class => 'form-horizontal user form ' + (@user.new_record? ? 'new' : 'edit')}
+= simple_form_for @user, :validate => true, :format => :json, :html => html do |f|
+ %legend
+ = @user.new_record? ? t(:signup_message) : t(:edit_settings)
+ = f.input :login, :input_html => { :id => :srp_username }
+ = f.input :password, :required => true, :validate => true, :input_html => { :id => :srp_password }
+ = f.input :password_confirmation, :required => true, :input_html => { :id => :srp_password_confirmation }
+ = f.button :submit, :class => 'btn-primary'
+ = link_to t(:cancel), root_url, :class => :btn
diff --git a/users/app/views/users/edit.html.haml b/users/app/views/users/edit.html.haml
new file mode 100644
index 0000000..8298443
--- /dev/null
+++ b/users/app/views/users/edit.html.haml
@@ -0,0 +1,3 @@
+.span8.offset2
+ %h2=t :settings
+ = render 'form'
diff --git a/users/app/views/users/index.html.haml b/users/app/views/users/index.html.haml
new file mode 100644
index 0000000..7db6038
--- /dev/null
+++ b/users/app/views/users/index.html.haml
@@ -0,0 +1 @@
+%h1= User.model_name.human(:count =>@users.count)
diff --git a/users/app/views/users/new.html.haml b/users/app/views/users/new.html.haml
index be14c52..c1c4208 100644
--- a/users/app/views/users/new.html.haml
+++ b/users/app/views/users/new.html.haml
@@ -1,9 +1,3 @@
.span8.offset2
%h2=t :signup
- = simple_form_for @user, :validate => true, :html => {:class => 'form-horizontal'} do |f|
- %legend=t :signup_message
- = f.input :login, :input_html => { :id => :srp_username }
- = f.input :password, :required => true, :validate => true, :input_html => { :id => :srp_password }
- = f.input :password_confirmation, :required => true, :input_html => { :id => :srp_password_confirmation }
- = f.button :submit, :value => t(:signup), :class => 'btn-primary'
- = link_to t(:cancel), root_url, :class => :btn
+ = render 'form'