diff options
Diffstat (limited to 'users/app')
m--------- | users/app/assets/javascripts/srp | 0 | ||||
-rw-r--r-- | users/app/assets/javascripts/users.js.coffee | 38 | ||||
-rw-r--r-- | users/app/controllers/users_controller.rb | 24 | ||||
-rw-r--r-- | users/app/models/user.rb | 16 | ||||
-rw-r--r-- | users/app/views/users/_form.html.haml | 3 |
5 files changed, 33 insertions, 48 deletions
diff --git a/users/app/assets/javascripts/srp b/users/app/assets/javascripts/srp -Subproject 076d6e251e4caf826787d87b11434e535960455 +Subproject fff770a866b44abce6fe0fc5d5ffde034225436 diff --git a/users/app/assets/javascripts/users.js.coffee b/users/app/assets/javascripts/users.js.coffee index d0ec32f..f0bb3dd 100644 --- a/users/app/assets/javascripts/users.js.coffee +++ b/users/app/assets/javascripts/users.js.coffee @@ -1,44 +1,21 @@ preventDefault = (event) -> event.preventDefault() -validOrAbort = (event) -> - errors = {} - - abortIfErrors = -> - return if $.isEmptyObject(errors) - # we're relying on client_side_validations here instead of printing - # our own errors. This gets us translatable error messages. - $('.control-group.error input, .control-group.error select, control-group.error textarea').first().focus() - event.stopImmediatePropagation() - - validatePassword = -> - password = $('#srp_password').val() - confirmation = $('#srp_password_confirmation').val() - login = $('#srp_username').val() - - if password != confirmation - errors.password_confirmation = "Confirmation does not match!" - if password == login - errors.password = "Password and Login may not match!" - if password.length < 8 - errors.password = "Password needs to be at least 8 characters long!" - - validatePassword() - abortIfErrors() - - - srp.session = new srp.Session() srp.signedUp = -> - window.location = '/' + srp.login srp.loggedIn = -> window.location = '/' +#// TODO: not sure this is what we want. +srp.updated = -> + window.location = '/' + srp.error = (message) -> if $.isPlainObject(message) && message.errors for field, error of message.errors - element = $('form input[name="session['+field+']"]') + element = $('form input[name$="['+field+']"]') next unless element element.trigger('element:validate:fail.ClientSideValidations', error).data('valid', false) else @@ -46,8 +23,9 @@ srp.error = (message) -> $(document).ready -> $('#new_user').submit preventDefault - $('#new_user').submit validOrAbort $('#new_user').submit srp.signup $('#new_session').submit preventDefault $('#new_session').submit srp.login + $('.user.form.edit').submit srp.update + $('.user.form.edit').submit preventDefault diff --git a/users/app/controllers/users_controller.rb b/users/app/controllers/users_controller.rb index ecab53b..5be1fa9 100644 --- a/users/app/controllers/users_controller.rb +++ b/users/app/controllers/users_controller.rb @@ -1,6 +1,8 @@ class UsersController < ApplicationController - skip_before_filter :verify_authenticity_token + skip_before_filter :verify_authenticity_token, :only => [:create] + + before_filter :fetch_user, :only => [:edit, :update] respond_to :json, :html @@ -9,20 +11,22 @@ class UsersController < ApplicationController end def create - @user = User.create!(params[:user]) - respond_with(@user, :location => root_url, :notice => "Signed up!") - rescue VALIDATION_FAILED => e - @user = e.document - respond_with(@user, :location => new_user_path) + @user = User.create(params[:user]) + respond_with @user end def edit - @user = current_user end def update - @user = current_user - @user.update(params[:user]) - respond_with(@user, :location => edit_user_path(@user)) + @user.update_attributes(params[:user]) + respond_with @user + end + + protected + + def fetch_user + @user = User.find_by_param(params[:id]) + access_denied unless @user == current_user end end diff --git a/users/app/models/user.rb b/users/app/models/user.rb index 507eda5..39d079a 100644 --- a/users/app/models/user.rb +++ b/users/app/models/user.rb @@ -9,7 +9,8 @@ class User < CouchRest::Model::Base :presence => true validates :login, - :uniqueness => true + :uniqueness => true, + :if => :serverside? validates :login, :format => { :with => /\A[A-Za-z\d_]+\z/, @@ -29,9 +30,7 @@ class User < CouchRest::Model::Base end class << self - def find_by_param(login) - return find_by_login(login) || raise(RECORD_NOT_FOUND) - end + alias_method :find_by_param, :find # valid set of attributes for testing def valid_attributes_hash @@ -42,9 +41,7 @@ class User < CouchRest::Model::Base end - def to_param - self.login - end + alias_method :to_param, :id def to_json(options={}) { @@ -78,4 +75,9 @@ class User < CouchRest::Model::Base def password password_verifier end + + # used as a condition for validations that are server side only + def serverside? + true + end end diff --git a/users/app/views/users/_form.html.haml b/users/app/views/users/_form.html.haml index 8914241..fc835af 100644 --- a/users/app/views/users/_form.html.haml +++ b/users/app/views/users/_form.html.haml @@ -1,4 +1,5 @@ -= simple_form_for @user, :validate => true, :html => {:class => 'form-horizontal'} do |f| +- html = {:class => 'form-horizontal user form ' + (@user.new_record? ? 'new' : 'edit')} += simple_form_for @user, :validate => true, :format => :json, :html => html do |f| %legend = @user.new_record? ? t(:signup_message) : t(:edit_settings) = f.input :login, :input_html => { :id => :srp_username } |