Merge branch 'feature/users-change-passwords' into develop

5 files changed, 33 insertions, 48 deletions

diff --git a/users/app/assets/javascripts/srp b/users/app/assets/javascripts/srp
-Subproject 076d6e251e4caf826787d87b11434e535960455
+Subproject fff770a866b44abce6fe0fc5d5ffde034225436
diff --git a/users/app/assets/javascripts/users.js.coffee b/users/app/assets/javascripts/users.js.coffee
index d0ec32f..f0bb3dd 100644
--- a/users/app/assets/javascripts/users.js.coffee
+++ b/users/app/assets/javascripts/users.js.coffee
@@ -1,44 +1,21 @@
 preventDefault = (event) ->
   event.preventDefault()
 
-validOrAbort = (event) ->
-  errors = {}
-  
-  abortIfErrors = ->
-    return if $.isEmptyObject(errors)
-    # we're relying on client_side_validations here instead of printing
-    # our own errors. This gets us translatable error messages.
-    $('.control-group.error input, .control-group.error select, control-group.error textarea').first().focus()
-    event.stopImmediatePropagation()
-    
-  validatePassword = ->
-    password = $('#srp_password').val()
-    confirmation = $('#srp_password_confirmation').val()
-    login = $('#srp_username').val()
-  
-    if password != confirmation
-      errors.password_confirmation = "Confirmation does not match!"
-    if password == login
-      errors.password = "Password and Login may not match!"
-    if password.length < 8
-      errors.password = "Password needs to be at least 8 characters long!"
-
-  validatePassword()
-  abortIfErrors()
-  
-  
-
 srp.session = new srp.Session()
 srp.signedUp = ->
-  window.location = '/'
+  srp.login
 
 srp.loggedIn = ->
   window.location = '/'
 
+#// TODO: not sure this is what we want.
+srp.updated = ->
+  window.location = '/'
+
 srp.error = (message) ->
   if $.isPlainObject(message) && message.errors
     for field, error of message.errors
-      element = $('form input[name="session['+field+']"]')
+      element = $('form input[name$="['+field+']"]')
       next unless element
       element.trigger('element:validate:fail.ClientSideValidations', error).data('valid', false)
   else
@@ -46,8 +23,9 @@ srp.error = (message) ->
 
 $(document).ready ->
   $('#new_user').submit preventDefault
-  $('#new_user').submit validOrAbort
   $('#new_user').submit srp.signup
   $('#new_session').submit preventDefault
   $('#new_session').submit srp.login
+  $('.user.form.edit').submit srp.update
+  $('.user.form.edit').submit preventDefault
 
diff --git a/users/app/controllers/users_controller.rb b/users/app/controllers/users_controller.rb
index ecab53b..5be1fa9 100644
--- a/users/app/controllers/users_controller.rb
+++ b/users/app/controllers/users_controller.rb
@@ -1,6 +1,8 @@
 class UsersController < ApplicationController
 
-  skip_before_filter :verify_authenticity_token
+  skip_before_filter :verify_authenticity_token, :only => [:create]
+
+  before_filter :fetch_user, :only => [:edit, :update]
 
   respond_to :json, :html
 
@@ -9,20 +11,22 @@ class UsersController < ApplicationController
   end
 
   def create
-    @user = User.create!(params[:user])
-    respond_with(@user, :location => root_url, :notice => "Signed up!")
-  rescue VALIDATION_FAILED => e
-    @user = e.document
-    respond_with(@user, :location => new_user_path)
+    @user = User.create(params[:user])
+    respond_with @user
   end
 
   def edit
-    @user = current_user
   end
 
   def update
-    @user = current_user
-    @user.update(params[:user])
-    respond_with(@user, :location => edit_user_path(@user))
+    @user.update_attributes(params[:user])
+    respond_with @user
+  end
+
+  protected
+
+  def fetch_user
+    @user = User.find_by_param(params[:id])
+    access_denied unless @user == current_user
   end
 end
diff --git a/users/app/models/user.rb b/users/app/models/user.rb
index 507eda5..39d079a 100644
--- a/users/app/models/user.rb
+++ b/users/app/models/user.rb
@@ -9,7 +9,8 @@ class User < CouchRest::Model::Base
     :presence => true
 
   validates :login,
-    :uniqueness => true
+    :uniqueness => true,
+    :if => :serverside?
 
   validates :login,
     :format => { :with => /\A[A-Za-z\d_]+\z/,
@@ -29,9 +30,7 @@ class User < CouchRest::Model::Base
   end
 
   class << self
-    def find_by_param(login)
-      return find_by_login(login) || raise(RECORD_NOT_FOUND)
-    end
+    alias_method :find_by_param, :find
 
     # valid set of attributes for testing
     def valid_attributes_hash
@@ -42,9 +41,7 @@ class User < CouchRest::Model::Base
 
   end
 
-  def to_param
-    self.login
-  end
+  alias_method :to_param, :id
 
   def to_json(options={})
     {
@@ -78,4 +75,9 @@ class User < CouchRest::Model::Base
   def password
     password_verifier
   end
+
+  # used as a condition for validations that are server side only
+  def serverside?
+    true
+  end
 end
diff --git a/users/app/views/users/_form.html.haml b/users/app/views/users/_form.html.haml
index 8914241..fc835af 100644
--- a/users/app/views/users/_form.html.haml
+++ b/users/app/views/users/_form.html.haml
@@ -1,4 +1,5 @@
-= simple_form_for @user, :validate => true, :html => {:class => 'form-horizontal'} do |f|
+- html = {:class => 'form-horizontal user form ' + (@user.new_record? ? 'new' : 'edit')}
+= simple_form_for @user, :validate => true, :format => :json, :html => html do |f|
   %legend
     = @user.new_record? ? t(:signup_message) : t(:edit_settings)
   = f.input :login, :input_html => { :id => :srp_username }