summaryrefslogtreecommitdiff
path: root/users/app/controllers
diff options
context:
space:
mode:
Diffstat (limited to 'users/app/controllers')
-rw-r--r--users/app/controllers/keys_controller.rb18
-rw-r--r--users/app/controllers/overviews_controller.rb9
-rw-r--r--users/app/controllers/sessions_controller.rb5
-rw-r--r--users/app/controllers/users_controller.rb20
-rw-r--r--users/app/controllers/v1/users_controller.rb8
5 files changed, 39 insertions, 21 deletions
diff --git a/users/app/controllers/keys_controller.rb b/users/app/controllers/keys_controller.rb
new file mode 100644
index 0000000..fb28901
--- /dev/null
+++ b/users/app/controllers/keys_controller.rb
@@ -0,0 +1,18 @@
+class KeysController < ApplicationController
+
+ #
+ # Render the user's key as plain text, without a layout.
+ #
+ # We will show blank page if user doesn't have key (which shouldn't generally occur)
+ # and a 404 error if user doesn't exist
+ #
+ def show
+ user = User.find_by_login(params[:login])
+ if user
+ render text: user.public_key, content_type: 'text/text'
+ else
+ raise ActionController::RoutingError.new('Not Found')
+ end
+ end
+
+end
diff --git a/users/app/controllers/overviews_controller.rb b/users/app/controllers/overviews_controller.rb
deleted file mode 100644
index 52ce267..0000000
--- a/users/app/controllers/overviews_controller.rb
+++ /dev/null
@@ -1,9 +0,0 @@
-class OverviewsController < UsersBaseController
-
- before_filter :authorize
- before_filter :fetch_user
-
- def show
- end
-
-end
diff --git a/users/app/controllers/sessions_controller.rb b/users/app/controllers/sessions_controller.rb
index 0494b51..ca228c2 100644
--- a/users/app/controllers/sessions_controller.rb
+++ b/users/app/controllers/sessions_controller.rb
@@ -1,6 +1,7 @@
class SessionsController < ApplicationController
def new
+ redirect_to root_path if logged_in?
@session = Session.new
if authentication_errors
@errors = authentication_errors
@@ -14,12 +15,12 @@ class SessionsController < ApplicationController
end
#
- # this is a bad hack, but user_overview_url(user) is not available
+ # this is a bad hack, but user_url(user) is not available
# also, this doesn't work because the redirect happens as a PUT. no idea why.
#
#Warden::Manager.after_authentication do |user, auth, opts|
# response = Rack::Response.new
- # response.redirect "/users/#{user.id}/overview"
+ # response.redirect "/users/#{user.id}"
# throw :warden, response.finish
#end
diff --git a/users/app/controllers/users_controller.rb b/users/app/controllers/users_controller.rb
index f66277d..0b32ec7 100644
--- a/users/app/controllers/users_controller.rb
+++ b/users/app/controllers/users_controller.rb
@@ -13,7 +13,7 @@ class UsersController < UsersBaseController
def index
if params[:query]
if @user = User.find_by_login(params[:query])
- redirect_to user_overview_url(@user)
+ redirect_to @user
return
else
@users = User.by_login.startkey(params[:query]).endkey(params[:query].succ)
@@ -34,6 +34,12 @@ class UsersController < UsersBaseController
def edit
end
+ ## added so updating service level works, but not sure we will actually want this. also not sure that this is place to prevent user from updating own effective service level, but here as placeholder:
+ def update
+ @user.update_attributes(params[:user]) unless (!admin? and params[:user][:effective_service_level])
+ respond_with @user
+ end
+
def deactivate
@user.enabled = false
@user.save
@@ -47,8 +53,16 @@ class UsersController < UsersBaseController
end
def destroy
- @user.destroy
- redirect_to admin? ? users_url : root_url
+ @user.account.destroy
+ flash[:notice] = I18n.t(:account_destroyed)
+ # admins can destroy other users
+ if @user != current_user
+ redirect_to users_url
+ else
+ # let's remove the invalid session
+ logout
+ redirect_to root_url
+ end
end
end
diff --git a/users/app/controllers/v1/users_controller.rb b/users/app/controllers/v1/users_controller.rb
index 03a5a62..0903888 100644
--- a/users/app/controllers/v1/users_controller.rb
+++ b/users/app/controllers/v1/users_controller.rb
@@ -24,15 +24,9 @@ module V1
end
def update
- account.update params[:user]
+ @user.account.update params[:user]
respond_with @user
end
- protected
-
- def account
- @user.account
- end
-
end
end