summaryrefslogtreecommitdiff
path: root/users
diff options
context:
space:
mode:
authorazul <azul@riseup.net>2013-07-11 00:37:45 -0700
committerazul <azul@riseup.net>2013-07-11 00:37:45 -0700
commit02b69c78eed7682c24cb8361da094bdac45a7749 (patch)
treea45ed7076a96ddb1601cf9a2e44ae37160f90319 /users
parent3113f8b814417a896ad5340fda88927733f8ab22 (diff)
parenta40a83cb07d9aba8915cd2c4a25aa76e0cf6760e (diff)
Merge pull request #56 from leapcode/feature/disable_account
Feature/disable account
Diffstat (limited to 'users')
-rw-r--r--users/app/controllers/users_controller.rb16
-rw-r--r--users/app/models/user.rb2
-rw-r--r--users/app/views/overviews/show.html.haml3
-rw-r--r--users/app/views/users/_edit.html.haml14
-rw-r--r--users/app/views/users/edit.html.haml2
-rw-r--r--users/app/views/users/show.html.haml2
-rw-r--r--users/config/locales/en.yml7
-rw-r--r--users/config/routes.rb2
-rw-r--r--users/test/functional/users_controller_test.rb18
9 files changed, 62 insertions, 4 deletions
diff --git a/users/app/controllers/users_controller.rb b/users/app/controllers/users_controller.rb
index 4ce970b..f66277d 100644
--- a/users/app/controllers/users_controller.rb
+++ b/users/app/controllers/users_controller.rb
@@ -5,8 +5,8 @@
class UsersController < UsersBaseController
before_filter :authorize, :only => [:show, :edit, :update, :destroy]
- before_filter :fetch_user, :only => [:show, :edit, :update, :destroy]
- before_filter :authorize_admin, :only => [:index]
+ before_filter :fetch_user, :only => [:show, :edit, :update, :destroy, :deactivate, :enable]
+ before_filter :authorize_admin, :only => [:index, :deactivate, :enable]
respond_to :html
@@ -34,6 +34,18 @@ class UsersController < UsersBaseController
def edit
end
+ def deactivate
+ @user.enabled = false
+ @user.save
+ respond_with @user
+ end
+
+ def enable
+ @user.enabled = true
+ @user.save
+ respond_with @user
+ end
+
def destroy
@user.destroy
redirect_to admin? ? users_url : root_url
diff --git a/users/app/models/user.rb b/users/app/models/user.rb
index 3459520..413b4ac 100644
--- a/users/app/models/user.rb
+++ b/users/app/models/user.rb
@@ -11,6 +11,8 @@ class User < CouchRest::Model::Base
property :public_key, :accessible => true
+ property :enabled, TrueClass, :default => true
+
validates :login, :password_salt, :password_verifier,
:presence => true
diff --git a/users/app/views/overviews/show.html.haml b/users/app/views/overviews/show.html.haml
index b8ad814..898cfa0 100644
--- a/users/app/views/overviews/show.html.haml
+++ b/users/app/views/overviews/show.html.haml
@@ -9,6 +9,9 @@
%br
= t(:updated)
= @user.updated_at
+ %br
+ = t(:enabled)
+ = @user.enabled?
%p= t(:overview_intro)
diff --git a/users/app/views/users/_edit.html.haml b/users/app/views/users/_edit.html.haml
index adee8a4..0402f37 100644
--- a/users/app/views/users/_edit.html.haml
+++ b/users/app/views/users/_edit.html.haml
@@ -35,3 +35,17 @@
= link_to user_path(@user), :method => :delete, :confirm => t(:are_you_sure), :class => "btn btn-danger" do
%i.icon-remove.icon-white
= t(:destroy_my_account)
+- if @user != current_user and @user.enabled?
+ %legend
+ = t(:deactivate_account, :username => @user.login)
+ %p= t(:deactivate_description)
+ = link_to deactivate_user_path(@user), :method => :post, :class => "btn btn-warning" do
+ %i.icon-pause.icon-white
+ = t(:deactivate)
+- elsif @user != current_user and !@user.enabled?
+ %legend
+ = t(:enable_account, :username => @user.login)
+ %p= t(:enable_description)
+ = link_to enable_user_path(@user), :method => :post, :class => "btn btn-warning" do
+ %i.icon-ok.icon-white
+ = t(:enable) \ No newline at end of file
diff --git a/users/app/views/users/edit.html.haml b/users/app/views/users/edit.html.haml
index 08e9dc3..434c025 100644
--- a/users/app/views/users/edit.html.haml
+++ b/users/app/views/users/edit.html.haml
@@ -1 +1 @@
-= render 'edit' \ No newline at end of file
+= render 'edit'
diff --git a/users/app/views/users/show.html.haml b/users/app/views/users/show.html.haml
index 08e9dc3..434c025 100644
--- a/users/app/views/users/show.html.haml
+++ b/users/app/views/users/show.html.haml
@@ -1 +1 @@
-= render 'edit' \ No newline at end of file
+= render 'edit'
diff --git a/users/config/locales/en.yml b/users/config/locales/en.yml
index b880887..1aa7005 100644
--- a/users/config/locales/en.yml
+++ b/users/config/locales/en.yml
@@ -30,6 +30,13 @@ en:
not_authorized: "Sorry, but you are not authorized to perform that action."
not_authorized_login: "Please log in to perform that action."
search: "Search"
+ cookie_disabled_warning: "You have cookies disabled. You will not be able to login until you enable cookies."
+ js_required: "We are sorry, but this doesn't work without javascript enabled. This is for security reasons."
+ enable_account: "Enable the account %{username}"
+ enable_description: "This will restore the account to full functionality"
+ deactivate_account: "Deactivate the account %{username}"
+ deactivate_description: "This will temporarily deactivate some account functionality." #todo detail exact functionality. can receive email but not send or renew client certificate?
+
#
# overview
diff --git a/users/config/routes.rb b/users/config/routes.rb
index b6d583e..4fa185f 100644
--- a/users/config/routes.rb
+++ b/users/config/routes.rb
@@ -17,6 +17,8 @@ Rails.application.routes.draw do
resource :overview, :only => [:show]
resource :email_settings, :only => [:edit, :update]
resources :email_aliases, :only => [:destroy], :id => /.*/
+ post 'deactivate', on: :member
+ post 'enable', on: :member
end
get "/.well-known/host-meta" => 'webfinger#host_meta'
diff --git a/users/test/functional/users_controller_test.rb b/users/test/functional/users_controller_test.rb
index 92a5f6c..0ce5cc2 100644
--- a/users/test/functional/users_controller_test.rb
+++ b/users/test/functional/users_controller_test.rb
@@ -142,4 +142,22 @@ class UsersControllerTest < ActionController::TestCase
assert assigns(:users)
end
+ test "user cannot enable own account" do
+ user = find_record :user
+ login
+ post :enable, :id => user.id
+ assert_access_denied
+ end
+
+ test "admin can deactivate user" do
+ user = find_record :user
+ assert user.enabled?
+ user.expects(:save).returns(true)
+
+ login :is_admin? => true
+
+ post :deactivate, :id => user.id
+ assert !assigns(:user).enabled?
+ end
+
end