diff options
author | elijah <elijah@riseup.net> | 2013-07-02 23:17:44 -0700 |
---|---|---|
committer | elijah <elijah@riseup.net> | 2013-07-04 04:12:59 -0700 |
commit | fa7b7425e7c53282472c1c9ce1cdc7272f55cfd4 (patch) | |
tree | e5e1be6d8b273344e5297c2c97b9638ef66e8ba8 /users/app | |
parent | e996432cbd50f4dadaae0ff62ac3f286ab125b1f (diff) |
users engine changes - rewrite of the views, separate email settings to a separate controller, make users_controller html only and v1/users_controller json only.
Diffstat (limited to 'users/app')
28 files changed, 206 insertions, 248 deletions
diff --git a/users/app/controllers/email_aliases_controller.rb b/users/app/controllers/email_aliases_controller.rb index 3b0d5ac..4628a7f 100644 --- a/users/app/controllers/email_aliases_controller.rb +++ b/users/app/controllers/email_aliases_controller.rb @@ -1,20 +1,12 @@ -class EmailAliasesController < ApplicationController - +class EmailAliasesController < UsersBaseController before_filter :fetch_user - respond_to :html - def destroy @alias = @user.email_aliases.delete(params[:id]) - @user.save - flash[:notice] = t(:email_alias_destroyed_successfully, :alias => @alias) - redirect_to edit_user_path(@user, :anchor => :email) + if @user.save + flash[:notice] = t(:email_alias_destroyed_successfully, :alias => bold(@alias)) + end + redirect_to edit_user_email_settings_path(@user) end - protected - - def fetch_user - @user = User.find_by_param(params[:user_id]) - access_denied unless admin? or (@user == current_user) - end end diff --git a/users/app/controllers/email_settings_controller.rb b/users/app/controllers/email_settings_controller.rb index e69de29..0261b47 100644 --- a/users/app/controllers/email_settings_controller.rb +++ b/users/app/controllers/email_settings_controller.rb @@ -0,0 +1,34 @@ +class EmailSettingsController < UsersBaseController + + before_filter :authorize + before_filter :fetch_user + + def edit + @email_alias = LocalEmail.new + end + + def update + @user.attributes = params[:user] + if @user.changed? + if @user.save + flash[:notice] = t(:changes_saved) + redirect + else + if @user.email_aliases.last && !@user.email_aliases.last.valid? + # display bad alias in text field: + @email_alias = @user.email_aliases.pop + end + render 'email_settings/edit' + end + else + redirect + end + end + + private + + def redirect + redirect_to edit_user_email_settings_url(@user) + end + +end diff --git a/users/app/controllers/users_controller.rb b/users/app/controllers/users_controller.rb index 38a69e3..0dbf641 100644 --- a/users/app/controllers/users_controller.rb +++ b/users/app/controllers/users_controller.rb @@ -1,12 +1,14 @@ -class UsersController < ApplicationController +# +# This is an HTML-only controller. For the JSON-only controller, see v1/users_controller.rb +# - before_filter :authorize, :only => [:show, :edit, :destroy, :update] +class UsersController < UsersBaseController + + before_filter :authorize, :only => [:show, :edit, :update, :destroy] before_filter :fetch_user, :only => [:show, :edit, :update, :destroy] - before_filter :authorize_self, :only => [:update] - before_filter :set_anchor, :only => [:edit, :update] before_filter :authorize_admin, :only => [:index] - respond_to :json, :html + respond_to :html def index if params[:query] @@ -14,8 +16,7 @@ class UsersController < ApplicationController else @users = User.by_created_at.descending end - @users = @users.limit(10) - respond_with @users.map(&:login).sort + @users = @users.limit(APP_CONFIG[:pagination_size]) end def new @@ -27,48 +28,15 @@ class UsersController < ApplicationController respond_with @user end - def edit - @email_alias = LocalEmail.new + def show end - def update - @user.attributes = params[:user] - if @user.changed? and @user.save - flash[:notice] = t(:user_updated_successfully) - elsif @user.email_aliases.last and !@user.email_aliases.last.valid? - @email_alias = @user.email_aliases.pop - end - respond_with @user, :location => edit_user_path(@user, :anchor => @anchor) + def edit end def destroy @user.destroy - redirect_to admin? ? users_path : root_path + redirect_to admin? ? users_path : login_path end - protected - - def fetch_user - # authorize filter has been checked first, so won't get here unless authenticated - @user = User.find_by_param(params[:id]) - if !@user and admin? - redirect_to users_path, :alert => t(:no_such_thing, :thing => 'user') - return - end - access_denied unless admin? or (@user == current_user) - end - - def authorize_self - # have already checked that authorized - access_denied unless (@user == current_user) - end - - def set_anchor - @anchor = email_settings? ? :email : :account - end - - def email_settings? - params[:user] && - params[:user].keys.detect{|key| key.index('email')} - end end diff --git a/users/app/controllers/v1/users_controller.rb b/users/app/controllers/v1/users_controller.rb index 617bd4b..e7516bc 100644 --- a/users/app/controllers/v1/users_controller.rb +++ b/users/app/controllers/v1/users_controller.rb @@ -1,8 +1,9 @@ module V1 - class UsersController < ApplicationController + class UsersController < UsersBaseController skip_before_filter :verify_authenticity_token before_filter :authorize, :only => [:update] + before_filter :fetch_user, :only => [:update] respond_to :json @@ -12,9 +13,11 @@ module V1 end def update - # For now, only allow public key to be updated via the API. Eventually we might want to store in a config what attributes can be updated via the API. @user = User.find_by_param(params[:id]) - @user.update_attributes params[:user].slice(:public_key) if params[:user].respond_to?(:slice) + @user.update_attributes params[:user] + if @user.valid? + flash[:notice] = t(:user_updated_successfully) + end respond_with @user end diff --git a/users/app/helpers/users_helper.rb b/users/app/helpers/users_helper.rb index 559b3f7..f56faab 100644 --- a/users/app/helpers/users_helper.rb +++ b/users/app/helpers/users_helper.rb @@ -1,39 +1,7 @@ module UsersHelper - def user_form_with(partial, options = {}) - user_form(options) do |f| - options[:f] = f - render :partial => partial, - :layout => 'legend_and_submit', - :locals => options - end - end - - def user_form(options = {}) - simple_form_for @user, - :html => user_form_html_options(options), - :validate => true do |f| - yield f - end - end - - def user_form_html_options(options) - { :class => user_form_html_classes(options).join(" "), - :id => dom_id(@user, options[:legend]) - } - end - - def user_form_html_classes(options) - classes = %W/user form/ - classes << options[:legend] - classes << (@user.new_record? ? 'new' : 'edit') - classes.compact - end - - def user_field(field) - value = @user.send(field) - value = value.to_s(:long) if field.end_with? '_at' - value || 'not set' + def user_form_class(*classes) + (classes + ['user', 'form', (@user.new_record? ? 'new' : 'edit')]).compact.join(' ') end def wrapped(item, options = {}) diff --git a/users/app/views/_login_or_signup.html.haml b/users/app/views/_login_or_signup.html.haml deleted file mode 100644 index b353526..0000000 --- a/users/app/views/_login_or_signup.html.haml +++ /dev/null @@ -1,25 +0,0 @@ -// -// displays a little widget to login or sign up -// - -%ul.nav.nav-tabs - %li.active - %a{:href => ''}= t(:login) - %li - = link_to t(:signup), new_user_path - -= render 'sessions/new' - -// -// this is nice, but it doesn't work because both forms have the same names for fields. -// -// %ul.nav.nav-tabs -// %li.active -// %a{:href => '#login', 'data-toggle' => 'tab'}= t(:login) -// %li -// %a{:href => '#signup', 'data-toggle' => 'tab'}= t(:signup) -// .tab-content -// #login.tab-pane.active -// = render 'sessions/new' -// #signup.tab-pane -// = render 'users/new' diff --git a/users/app/views/email_settings/edit.html.haml b/users/app/views/email_settings/edit.html.haml new file mode 100644 index 0000000..7757a31 --- /dev/null +++ b/users/app/views/email_settings/edit.html.haml @@ -0,0 +1,38 @@ +- form_options = {:url => user_email_settings_path(@user), :html => {:class => 'form-horizontal'}, :validate => true} +- alias_error_class = @email_alias.username && !@email_alias.valid? ? 'error' : '' + +- content_for :head do + :css + table.aliases tr:first-child td { + border-top: none; + } + += simple_form_for @user, form_options.dup do |f| + %legend= t(:email_aliases) + .control-group + %label.control-label= t(:current_aliases) + .controls + %table.table.table-condensed.no-header.slim.aliases + - if @user.email_aliases.any? + - @user.email_aliases.each do |email| + %tr + %td= email + %td= link_to(icon(:remove) + t(:remove), user_email_alias_path(@user, email), :method => :delete) + - else + %tr + %td{:colspan=>2}= t(:none) + .control-group{:class => alias_error_class} + %label.control-label= t(:add_email_alias) + .controls + = f.simple_fields_for :email_aliases, @email_alias do |e| + .input-append + = e.input_field :username + = e.submit t(:add), :class => 'btn' + = e.error :username + += simple_form_for @user, form_options do |f| + %legend= t(:advanced_options) + = f.input :email_forward + = f.input :public_key, :as => :text, :hint => t(:use_ascii_key), :input_html => {:class => "full-width", :rows => 4} + .form-actions + = f.submit t(:save), :class => 'btn btn-primary' diff --git a/users/app/views/emails/_email.html.haml b/users/app/views/emails/_email.html.haml index c81b396..ea59cec 100644 --- a/users/app/views/emails/_email.html.haml +++ b/users/app/views/emails/_email.html.haml @@ -3,4 +3,4 @@ - if local_assigns[:with].try(:include?, :delete) = link_to(user_email_alias_path(@user, email), :method => :delete) do %i.icon-remove -.clearfix + diff --git a/users/app/views/emails/edit.html.haml b/users/app/views/emails/edit.html.haml deleted file mode 100644 index b44b569..0000000 --- a/users/app/views/emails/edit.html.haml +++ /dev/null @@ -1,5 +0,0 @@ - - -= user_form_with 'public_key_field', :legend => :public_key -= user_form_with 'email_forward_field', :legend => :forward_email -= user_form_with 'email_aliases', :legend => :add_email_alias diff --git a/users/app/views/sessions/_admin_nav.html.haml b/users/app/views/sessions/_admin_nav.html.haml deleted file mode 100644 index 14dfbdc..0000000 --- a/users/app/views/sessions/_admin_nav.html.haml +++ /dev/null @@ -1,6 +0,0 @@ -%a#admin-menu{"data-toggle" => "dropdown", :role => :button} - Admin -%ul.dropdown-menu{:role => "menu", "aria-labelledby" => "admin-menu"} - %li - = link_to Ticket.model_name.human(:count => ""), tickets_path, {:tabindex => -1} - = link_to User.model_name.human(:count => ""), users_path, {:tabindex => -1} diff --git a/users/app/views/sessions/_nav.html.haml b/users/app/views/sessions/_nav.html.haml deleted file mode 100644 index ac85bb5..0000000 --- a/users/app/views/sessions/_nav.html.haml +++ /dev/null @@ -1,13 +0,0 @@ -- if logged_in? - - if admin? - %li.dropdown - = render 'sessions/admin_nav' - %li - = link_to current_user.login, edit_user_path(current_user) - %li - = link_to t(:logout), logout_path, :method => :delete -- else - %li - = link_to t(:login), login_path - %li - = link_to t(:signup), signup_path diff --git a/users/app/views/sessions/_new.html.haml b/users/app/views/sessions/_new.html.haml deleted file mode 100644 index 640fec5..0000000 --- a/users/app/views/sessions/_new.html.haml +++ /dev/null @@ -1,7 +0,0 @@ -- @session ||= Session.new -= simple_form_for @session, :validate => true, :html => { :id => :new_session, :class => '' } do |f| - = f.input :login, :required => false, :label => t(:username), :input_html => { :id => :srp_username } - = f.input :password, :required => false, :input_html => { :id => :srp_password } - .form-actions - = f.button :submit, :value => t(:login), :class => 'btn-primary' - // = f.button :submit, :value => t(:login), :class => 'btn-primary'
\ No newline at end of file diff --git a/users/app/views/sessions/new.html.haml b/users/app/views/sessions/new.html.haml index 960919a..c915968 100644 --- a/users/app/views/sessions/new.html.haml +++ b/users/app/views/sessions/new.html.haml @@ -1,9 +1,10 @@ -.span8.offset2 +.span1 +.span9 = render :partial => 'users/warnings' %h2=t :login = simple_form_for @session, :validate => true, :html => { :id => :new_session, :class => 'form-horizontal' } do |f| - %legend=t :login_message - = f.input :login, :input_html => { :id => :srp_username } - = f.input :password, :required => true, :input_html => { :id => :srp_password } - = f.button :submit, :value => t(:login), :class => 'btn-primary' - = link_to t(:cancel), root_url, :class => :btn + = f.input :login, :required => false, :label => t(:username), :input_html => { :id => :srp_username } + = f.input :password, :required => false, :input_html => { :id => :srp_password } + .form-actions + = f.button :submit, :value => t(:login), :class => 'btn-primary' + = link_to t(:cancel), root_path, :class => 'btn' diff --git a/users/app/views/users/_cancel_account.html.haml b/users/app/views/users/_cancel_account.html.haml deleted file mode 100644 index c5ab36a..0000000 --- a/users/app/views/users/_cancel_account.html.haml +++ /dev/null @@ -1,9 +0,0 @@ -%legend - - if @user == current_user - =t :cancel_account - %small You will not be able to login anymore. - - else - =t :admin_cancel_account, :username => @user.login -= link_to user_path(@user), :method => :delete, :confirm => t(:confirm_question), :class => "btn btn-danger" do - %i.icon-remove.icon-white - =t :remove_account diff --git a/users/app/views/users/_edit.html.haml b/users/app/views/users/_edit.html.haml new file mode 100644 index 0000000..adee8a4 --- /dev/null +++ b/users/app/views/users/_edit.html.haml @@ -0,0 +1,37 @@ +-# +-# edit user form, used by both show and edit actions. +-# + +-# +-# CHANGE PASSWORD +-# +-# * everything about this form is handled with javascript. So take care when changing any ids. +-# * the login is required when changing the password because it is used as part of the salt when calculating the password verifier. +-# however, we don't want the user to change their login without generating a new key, so we hide the ui for this +-# (although it works perfectly fine to change username if the field was visible). +-# +- form_options = {:url => '/not-used', :html => {:class => user_form_class('form-horizontal'), :id => 'update_login_and_password'}, :validate => true} += simple_form_for @user, form_options do |f| + %legend= t(:change_password) + = hidden_field_tag 'user_param', @user.to_param + .hidden + = f.input :login, :label => t(:username), :required => false, :input_html => {:id => :srp_username} + = f.input :password, :required => false, :validate => true, :input_html => { :id => :srp_password } + = f.input :password_confirmation, :required => false, :input_html => { :id => :srp_password_confirmation } + .control-group + .controls + = f.submit t(:save), :class => 'btn btn-primary' + +-# +-# DESTROY ACCOUNT +-# + +%legend + - if @user == current_user + = t(:destroy_my_account) + - else + = t(:admin_destroy_account, :username => @user.login) +%p= t(:destroy_account_info) += link_to user_path(@user), :method => :delete, :confirm => t(:are_you_sure), :class => "btn btn-danger" do + %i.icon-remove.icon-white + = t(:destroy_my_account) diff --git a/users/app/views/users/_email_aliases.html.haml b/users/app/views/users/_email_aliases.html.haml deleted file mode 100644 index 6e32700..0000000 --- a/users/app/views/users/_email_aliases.html.haml +++ /dev/null @@ -1,6 +0,0 @@ -.span6 - %ul.unstyled - = render @user.email_aliases, :as => :li, :with => [:delete] -.clearfix -= f.simple_fields_for :email_aliases, @email_alias do |e| - = e.input :username, :placeholder => "alias" diff --git a/users/app/views/users/_email_field.html.haml b/users/app/views/users/_email_field.html.haml deleted file mode 100644 index edf62c9..0000000 --- a/users/app/views/users/_email_field.html.haml +++ /dev/null @@ -1 +0,0 @@ -= f.input :email, :placeholder => "me@#{APP_CONFIG[:domain]}" diff --git a/users/app/views/users/_email_forward_field.html.haml b/users/app/views/users/_email_forward_field.html.haml deleted file mode 100644 index 049428f..0000000 --- a/users/app/views/users/_email_forward_field.html.haml +++ /dev/null @@ -1 +0,0 @@ -= f.input :email_forward diff --git a/users/app/views/users/_form.html.haml b/users/app/views/users/_form.html.haml deleted file mode 100644 index cb51175..0000000 --- a/users/app/views/users/_form.html.haml +++ /dev/null @@ -1,11 +0,0 @@ -- only = local_assigns[:only] -- html = {:class => 'form-horizontal user form ' + (@user.new_record? ? 'new' : 'edit')} -= simple_form_for @user, :validate => true, :format => :json, :html => html do |f| - %legend - = t(only || :signup_message) - = yield - .pull-right - = f.button :submit - - unless only - = link_to t(:cancel), root_url, :class => :btn - .clearfix diff --git a/users/app/views/users/_legend_and_submit.html.haml b/users/app/views/users/_legend_and_submit.html.haml deleted file mode 100644 index 6fc0e4a..0000000 --- a/users/app/views/users/_legend_and_submit.html.haml +++ /dev/null @@ -1,4 +0,0 @@ -%legend= t(legend) -=yield -.pull-right= f.button :submit, :value => t(legend) -.clearfix diff --git a/users/app/views/users/_login_and_password_fields.html.haml b/users/app/views/users/_login_and_password_fields.html.haml deleted file mode 100644 index 0baefc7..0000000 --- a/users/app/views/users/_login_and_password_fields.html.haml +++ /dev/null @@ -1,2 +0,0 @@ -= render :partial => 'login_field', :locals => {:f => f} -= render :partial => 'password_fields', :locals => {:f => f, :password_confirmation_hint => t(:can_retype_old_password)}
\ No newline at end of file diff --git a/users/app/views/users/_login_field.html.haml b/users/app/views/users/_login_field.html.haml deleted file mode 100644 index e58c36f..0000000 --- a/users/app/views/users/_login_field.html.haml +++ /dev/null @@ -1 +0,0 @@ -= f.input :login, :label => t(:username), :required => false, :input_html => { :id => :srp_username } diff --git a/users/app/views/users/_password_fields.html.haml b/users/app/views/users/_password_fields.html.haml deleted file mode 100644 index 7b3358d..0000000 --- a/users/app/views/users/_password_fields.html.haml +++ /dev/null @@ -1,2 +0,0 @@ -= f.input :password, :required => false, :validate => true, :input_html => { :id => :srp_password } -= f.input :password_confirmation, :required => false, :hint => local_assigns[:password_confirmation_hint], :input_html => { :id => :srp_password_confirmation } diff --git a/users/app/views/users/_public_key_field.html.haml b/users/app/views/users/_public_key_field.html.haml deleted file mode 100644 index af88cbd..0000000 --- a/users/app/views/users/_public_key_field.html.haml +++ /dev/null @@ -1 +0,0 @@ -= f.input :public_key, :as => :text, :hint => t(:use_ascii_key), :input_html => {:class => "span5", :rows => 20} # will want to tweak this to be wide enough (maybe smaller text?) diff --git a/users/app/views/users/edit.html.haml b/users/app/views/users/edit.html.haml index 4e70d69..f06df44 100644 --- a/users/app/views/users/edit.html.haml +++ b/users/app/views/users/edit.html.haml @@ -1,3 +1,6 @@ -= user_form_with 'login_and_password_fields', :legend => :update_login_and_password if @user == current_user -= render 'cancel_account' += render 'edit' + + +=# user_form_with 'login_and_password_fields', :legend => :update_login_and_password if @user == current_user +=# render 'cancel_account' diff --git a/users/app/views/users/index.html.haml b/users/app/views/users/index.html.haml index 9e6a179..254e177 100644 --- a/users/app/views/users/index.html.haml +++ b/users/app/views/users/index.html.haml @@ -1,17 +1,14 @@ -.page-header - %h1= User.model_name.human(:count =>User.count) -.row - .span8 - %h2= params[:query] ? "Users starting with '#{params[:query]}'" : "Last users who signed up" - %table.table.table-hover - %tr - %th Login - %th Created - %th Action - = render @users.all - .span4 - %h4 Find user - = form_tag users_path, :method => :get, :class => "form-search" do - .input-append - = text_field_tag :query, "", :class => "user typeahead span2 search-query", :autocomplete => :off - %button.btn{:type => :submit} Search +- @show_navigation = false + += form_tag users_path, :method => :get, :class => "form-search" do + .input-append + = text_field_tag :query, "", :class => "user typeahead span2 search-query", :autocomplete => :off + %button.btn{:type => :submit} Search + +%table.table.table-hover + %tr + %th Login + %th Created + %th Action + = render @users.all + diff --git a/users/app/views/users/new.html.haml b/users/app/views/users/new.html.haml index 7d29de2..f8d14b5 100644 --- a/users/app/views/users/new.html.haml +++ b/users/app/views/users/new.html.haml @@ -1,11 +1,19 @@ -.span8.offset2 +-# +-# This form is handled entirely by javascript, so take care when changing element ids. +-# + +- form_options = {:url => '/not-used', :html => {:id => 'new_user', :class => user_form_class('form-horizontal')}, :validate => true} + +.span1 +.span9 = render :partial => 'warnings' %h2=t :signup - = user_form do |f| + = simple_form_for(@user, form_options) do |f| %legend= t(:signup_message) - = render :partial => 'login_field', :locals => {:f => f} - = render :partial => 'password_fields', :locals => {:f => f} + = f.input :login, :label => t(:username), :required => false, :input_html => { :id => :srp_username } + = f.input :password, :required => false, :validate => true, :input_html => { :id => :srp_password } + = f.input :password_confirmation, :required => false, :validate => true, :input_html => { :id => :srp_password_confirmation } .form-actions - = f.button :submit, :value => t(:signup), :class => 'btn-primary' - = link_to t(:cancel), root_url, :class => :btn + = f.button :submit, :value => t(:signup), :class => 'btn btn-primary' + = link_to t(:cancel), root_url, :class => 'btn' diff --git a/users/app/views/users/show.html.haml b/users/app/views/users/show.html.haml index 056ed57..dc5e015 100644 --- a/users/app/views/users/show.html.haml +++ b/users/app/views/users/show.html.haml @@ -1,31 +1,34 @@ -.span8.offset1 - %h2= @user.login - .small - = link_to 'edit', edit_user_path(@user) - %dl.offset1 - - fields = ['login', 'email_address', 'created_at', 'updated_at', 'email_forward'] - - fields.each do |field| += render 'edit' + +-# + .span8.offset1 + %h2= @user.login + .small + = link_to 'edit', edit_user_path(@user) + %dl.offset1 + - fields = ['login', 'email_address', 'created_at', 'updated_at', 'email_forward'] + - fields.each do |field| + %dt + = field.titleize + %dd + = user_field(field) %dt - = field.titleize + =t :email_aliases %dd - = user_field(field) - %dt - =t :email_aliases - %dd - - aliases = @user.email_aliases - - if aliases.present? - %ul.pull-left.unstyled - = render aliases - - else - =t :none - .clearfix - %dt - =t :most_recently_updated_tickets - %dd - - tix = @user.most_recent_tickets - - if tix.present? - %table - %tbody - = render @user.most_recent_tickets - - else - =t :none
\ No newline at end of file + - aliases = @user.email_aliases + - if aliases.present? + %ul.pull-left.unstyled + = render aliases + - else + =t :none + .clearfix + %dt + =t :most_recently_updated_tickets + %dd + - tix = @user.most_recent_tickets + - if tix.present? + %table + %tbody + = render @user.most_recent_tickets + - else + =t :none
\ No newline at end of file |