diff options
Diffstat (limited to 'app')
| -rw-r--r-- | app/controllers/api/users_controller.rb | 11 | ||||
| -rw-r--r-- | app/controllers/application_controller.rb | 2 | ||||
| -rw-r--r-- | app/controllers/invite_codes_controller.rb | 4 | ||||
| -rw-r--r-- | app/models/account.rb | 78 | ||||
| -rw-r--r-- | app/models/invite_code.rb | 2 | ||||
| -rw-r--r-- | app/views/invite_codes/_invite_code.html.haml | 2 | ||||
| -rw-r--r-- | app/views/invite_codes/index.html.haml | 4 |
7 files changed, 65 insertions, 38 deletions
diff --git a/app/controllers/api/users_controller.rb b/app/controllers/api/users_controller.rb index 709e076..cb7b7bc 100644 --- a/app/controllers/api/users_controller.rb +++ b/app/controllers/api/users_controller.rb @@ -53,7 +53,7 @@ module Api end def update - @user.account.update params[:user] + @user.account.update user_update_params respond_with @user end @@ -67,6 +67,15 @@ module Api private + def user_update_params + params.require(:user).permit :login, + :password_verifier, + :password_salt, + :recovery_code_verifier, + :recovery_code_salt, + :public_key + end + def release_handles current_user.is_monitor? || params[:identities] == "destroy" end diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 1f37fea..d3cfc2b 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -99,7 +99,7 @@ class ApplicationController < ActionController::Base # # URL paths for which we don't enforce the locale as the prefix of the path. # - NON_LOCALE_PATHS = /^\/(assets|webfinger|.well-known|rails|key|[0-9]+)($|\/)/ + NON_LOCALE_PATHS = /^\/(assets|webfinger|.well-known|rails|key|[0-9]+|new)($|\/)/ # # For some requests, we ignore locale determination. diff --git a/app/controllers/invite_codes_controller.rb b/app/controllers/invite_codes_controller.rb index 6a7fef3..96836ee 100644 --- a/app/controllers/invite_codes_controller.rb +++ b/app/controllers/invite_codes_controller.rb @@ -7,7 +7,9 @@ class InviteCodesController < ApplicationController def index @invite = InviteCode.new # for the creation form. - @invites = InviteCode.all.page(params[:page]).per(APP_CONFIG[:pagination_size]) + @invites = InviteCode.by_updated_at.descending. + page(params[:page]). + per(APP_CONFIG[:pagination_size]) respond_with @invites end diff --git a/app/models/account.rb b/app/models/account.rb index 3283bcc..d77c61f 100644 --- a/app/models/account.rb +++ b/app/models/account.rb @@ -25,57 +25,57 @@ class Account # configuration by same name. # def self.create(attrs, options={}) + User.new(attrs).tap do |user| + self.new(user).create(options) + end + end + + def create(options={}) identity = nil - user = nil - user = User.new(attrs) if options[:invite_required] == false user.ignore_invites! end user.save # this is not very atomic, but we do the best we can: - if !user.is_tmp? && user.persisted? + return unless user.persisted? + if !user.is_tmp? identity = user.identity identity.user_id = user.id identity.save identity.errors.each do |attr, msg| user.errors.add(attr, msg) end - if user.invite_required? - user_invite_code = InviteCode.find_by_invite_code user.invite_code - user_invite_code.invite_count += 1 - user_invite_code.save - end end + consume_invite_code if user.invite_required? rescue VALIDATION_FAILED => ex - user.errors.add(:base, ex.to_s) if user + user.errors.add(:base, ex.to_s) ensure - if creation_problem?(user, identity) + if creation_problem?(identity) user.destroy if user && user.persisted? identity.destroy if identity && identity.persisted? end - return user end def update(attrs) if attrs[:password_verifier].present? update_login(attrs[:login]) - @user.update_attributes attrs.slice(:password_verifier, :password_salt) + user.update_attributes attrs.slice(:password_verifier, :password_salt) end if attrs[:recovery_code_verifier].present? - @user.update_attributes attrs.slice(:recovery_code_verifier, :recovery_code_salt) + user.update_attributes attrs.slice(:recovery_code_verifier, :recovery_code_salt) end # TODO: move into identity controller key = update_pgp_key(attrs[:public_key]) - @user.errors.set :public_key, key.errors.full_messages - @user.save && save_identities - @user.refresh_identity + user.errors.set :public_key, key.errors.full_messages + user.save && save_identities + user.refresh_identity end def destroy(release_handles=false) - return unless @user - if !@user.is_tmp? - @user.identities.each do |id| + return unless user + if !user.is_tmp? + user.identities.each do |id| if release_handles == false id.orphan! else @@ -83,44 +83,56 @@ class Account end end end - @user.destroy + user.destroy end # when a user is disable, all their data and associations remain # in place, but the user should not be able to send email or # create new authentication certificates. def disable - if @user && !@user.is_tmp? - @user.enabled = false - @user.save - @user.identities.each do |id| + if user && !user.is_tmp? + user.enabled = false + user.save + user.identities.each do |id| id.disable! end end end def enable - @user.enabled = true - @user.save - @user.identities.each do |id| + user.enabled = true + user.save + user.identities.each do |id| id.enable! end end protected + attr_reader :user + + def consume_invite_code + invite_code = InviteCode.find_by_invite_code user.invite_code + if user.is_test? && invite_code.max_uses == 1 + invite_code.destroy + else + invite_code.invite_count += 1 + invite_code.save + end + end + def update_login(login) return unless login.present? - @old_identity = Identity.for(@user) - @user.login = login - @new_identity = Identity.for(@user) # based on the new login - @old_identity.destination = @user.email_address # alias old -> new + @old_identity = Identity.for(user) + user.login = login + @new_identity = Identity.for(user) # based on the new login + @old_identity.destination = user.email_address # alias old -> new end def update_pgp_key(key) PgpKey.new(key).tap do |key| if key.present? && key.valid? - @new_identity ||= Identity.for(@user) + @new_identity ||= Identity.for(user) @new_identity.set_key(:pgp, key) end end @@ -130,7 +142,7 @@ class Account @new_identity.try(:save) && @old_identity.try(:save) end - def self.creation_problem?(user, identity) + def creation_problem?(identity) return true if user.nil? || !user.persisted? || user.errors.any? if !user.is_tmp? return true if identity.nil? || !identity.persisted? || identity.errors.any? diff --git a/app/models/invite_code.rb b/app/models/invite_code.rb index 9c6df66..8a56484 100644 --- a/app/models/invite_code.rb +++ b/app/models/invite_code.rb @@ -12,6 +12,8 @@ class InviteCode < CouchRest::Model::Base design do view :by_invite_code view :by_invite_count + view :by_created_at + view :by_updated_at end def initialize(attributes = {}, options = {}) diff --git a/app/views/invite_codes/_invite_code.html.haml b/app/views/invite_codes/_invite_code.html.haml index a3c420d..a167432 100644 --- a/app/views/invite_codes/_invite_code.html.haml +++ b/app/views/invite_codes/_invite_code.html.haml @@ -1,5 +1,7 @@ %tr %td + = simple_date(invite_code.updated_at) + %td = simple_date(invite_code.created_at) %td %input.invite-code{:value => invite_code.invite_code} diff --git a/app/views/invite_codes/index.html.haml b/app/views/invite_codes/index.html.haml index 40fccdf..98c49c7 100644 --- a/app/views/invite_codes/index.html.haml +++ b/app/views/invite_codes/index.html.haml @@ -11,10 +11,10 @@ %td= f.text_field :max_uses, style: 'width: 4em' %td= f.submit t("helpers.submit.invites.create"), style: 'margin-bottom: 10px', class: 'btn btn-default' -= table @invites, %w(created code uses actions) += table @invites, %w(updated created code uses actions) -# select the text of the invite code when you click on it: :javascript $("input.invite-code").focus(function(){ this.select(); - });
\ No newline at end of file + }); |