diff options
Diffstat (limited to 'users/app')
| m--------- | users/app/assets/javascripts/srp | 0 | ||||
| -rw-r--r-- | users/app/assets/javascripts/users.js.coffee | 56 | ||||
| -rw-r--r-- | users/app/controllers/controller_extension/authentication.rb | 8 | ||||
| -rw-r--r-- | users/app/controllers/sessions_controller.rb | 6 | ||||
| -rw-r--r-- | users/app/controllers/users_controller.rb | 31 | ||||
| -rw-r--r-- | users/app/models/session.rb | 34 | ||||
| -rw-r--r-- | users/app/models/user.rb | 18 | ||||
| -rw-r--r-- | users/app/views/sessions/_admin_nav.html.haml | 6 | ||||
| -rw-r--r-- | users/app/views/sessions/_nav.html.haml | 10 | ||||
| -rw-r--r-- | users/app/views/sessions/new.html.haml | 2 | ||||
| -rw-r--r-- | users/app/views/users/_form.html.haml | 9 | ||||
| -rw-r--r-- | users/app/views/users/edit.html.haml | 3 | ||||
| -rw-r--r-- | users/app/views/users/index.html.haml | 1 | ||||
| -rw-r--r-- | users/app/views/users/new.html.haml | 8 |
14 files changed, 126 insertions, 66 deletions
diff --git a/users/app/assets/javascripts/srp b/users/app/assets/javascripts/srp -Subproject efac662cdf31bc4b61ffb97b8c398e22a86c364 +Subproject fff770a866b44abce6fe0fc5d5ffde034225436 diff --git a/users/app/assets/javascripts/users.js.coffee b/users/app/assets/javascripts/users.js.coffee index ab437f6..f0bb3dd 100644 --- a/users/app/assets/javascripts/users.js.coffee +++ b/users/app/assets/javascripts/users.js.coffee @@ -1,47 +1,31 @@ preventDefault = (event) -> event.preventDefault() -validOrAbort = (event) -> - errors = {} - - abortIfErrors = -> - return if $.isEmptyObject(errors) - # we're relying on client_side_validations here instead of printing - # our own errors. This gets us translatable error messages. - $('.control-group.error input, .control-group.error select, control-group.error textarea').first().focus() - event.stopImmediatePropagation() - - validatePassword = -> - password = $('#srp_password').val() - confirmation = $('#srp_password_confirmation').val() - login = $('#srp_username').val() - - if password != confirmation - errors.password_confirmation = "Confirmation does not match!" - if password == login - errors.password = "Password and Login may not match!" - if password.length < 8 - errors.password = "Password needs to be at least 8 characters long!" +srp.session = new srp.Session() +srp.signedUp = -> + srp.login - validatePassword() - abortIfErrors() - - -signup = (event) -> - srp = new SRP(jqueryRest()) - srp.register -> - window.location = '/' +srp.loggedIn = -> + window.location = '/' -login = (event) -> - srp = new SRP(jqueryRest()) - srp.identify -> - window.location = '/' +#// TODO: not sure this is what we want. +srp.updated = -> + window.location = '/' +srp.error = (message) -> + if $.isPlainObject(message) && message.errors + for field, error of message.errors + element = $('form input[name$="['+field+']"]') + next unless element + element.trigger('element:validate:fail.ClientSideValidations', error).data('valid', false) + else + alert(message) $(document).ready -> $('#new_user').submit preventDefault - $('#new_user').submit validOrAbort - $('#new_user').submit signup + $('#new_user').submit srp.signup $('#new_session').submit preventDefault - $('#new_session').submit login + $('#new_session').submit srp.login + $('.user.form.edit').submit srp.update + $('.user.form.edit').submit preventDefault diff --git a/users/app/controllers/controller_extension/authentication.rb b/users/app/controllers/controller_extension/authentication.rb index 1726278..f2184d9 100644 --- a/users/app/controllers/controller_extension/authentication.rb +++ b/users/app/controllers/controller_extension/authentication.rb @@ -7,8 +7,12 @@ module ControllerExtension::Authentication helper_method :current_user, :logged_in?, :admin? end - def authentication_error - warden.winning_strategy.try(:message) + def authentication_errors + return unless errors = warden.winning_strategy.try(:message) + errors.inject({}) do |translated,err| + translated[err.first] = I18n.t(err.last) + translated + end end def logged_in? diff --git a/users/app/controllers/sessions_controller.rb b/users/app/controllers/sessions_controller.rb index 486f67e..bc910b5 100644 --- a/users/app/controllers/sessions_controller.rb +++ b/users/app/controllers/sessions_controller.rb @@ -3,7 +3,11 @@ class SessionsController < ApplicationController skip_before_filter :verify_authenticity_token def new - @errors = authentication_error + @session = Session.new + if authentication_errors + @errors = authentication_errors + render :status => 422 + end end def create diff --git a/users/app/controllers/users_controller.rb b/users/app/controllers/users_controller.rb index 82d2eac..4912ac8 100644 --- a/users/app/controllers/users_controller.rb +++ b/users/app/controllers/users_controller.rb @@ -1,18 +1,37 @@ class UsersController < ApplicationController - skip_before_filter :verify_authenticity_token + skip_before_filter :verify_authenticity_token, :only => [:create] + + before_filter :fetch_user, :only => [:edit, :update] + before_filter :authorize_admin, :only => [:index] respond_to :json, :html + def index + @users = User.all + end + def new @user = User.new end def create - @user = User.create!(params[:user]) - respond_with(@user, :location => root_url, :notice => "Signed up!") - rescue VALIDATION_FAILED => e - @user = e.document - respond_with(@user, :location => new_user_path) + @user = User.create(params[:user]) + respond_with @user + end + + def edit + end + + def update + @user.update_attributes(params[:user]) + respond_with @user + end + + protected + + def fetch_user + @user = User.find_by_param(params[:id]) + access_denied unless @user == current_user end end diff --git a/users/app/models/session.rb b/users/app/models/session.rb new file mode 100644 index 0000000..a9fdb1b --- /dev/null +++ b/users/app/models/session.rb @@ -0,0 +1,34 @@ +class Session < SRP::Session + include ActiveModel::Validations + + attr_accessor :login + + validates :login, + :presence => true, + :format => { :with => /\A[A-Za-z\d_]+\z/, + :message => "Only letters, digits and _ allowed" } + + def initialize(user = nil, aa = nil) + super(user, aa) if user + end + + def persisted? + false + end + + def new_record? + true + end + + def to_model + self + end + + def to_key + [object_id] + end + + def to_param + nil + end +end diff --git a/users/app/models/user.rb b/users/app/models/user.rb index 824c439..39d079a 100644 --- a/users/app/models/user.rb +++ b/users/app/models/user.rb @@ -9,7 +9,8 @@ class User < CouchRest::Model::Base :presence => true validates :login, - :uniqueness => true + :uniqueness => true, + :if => :serverside? validates :login, :format => { :with => /\A[A-Za-z\d_]+\z/, @@ -29,22 +30,18 @@ class User < CouchRest::Model::Base end class << self - def find_by_param(login) - return find_by_login(login) || raise(RECORD_NOT_FOUND) - end + alias_method :find_by_param, :find # valid set of attributes for testing def valid_attributes_hash { :login => "me", - :password_verifier => "1234ABC", + :password_verifier => "1234ABCD", :password_salt => "4321AB" } end end - def to_param - self.login - end + alias_method :to_param, :id def to_json(options={}) { @@ -78,4 +75,9 @@ class User < CouchRest::Model::Base def password password_verifier end + + # used as a condition for validations that are server side only + def serverside? + true + end end diff --git a/users/app/views/sessions/_admin_nav.html.haml b/users/app/views/sessions/_admin_nav.html.haml new file mode 100644 index 0000000..14dfbdc --- /dev/null +++ b/users/app/views/sessions/_admin_nav.html.haml @@ -0,0 +1,6 @@ +%a#admin-menu{"data-toggle" => "dropdown", :role => :button} + Admin +%ul.dropdown-menu{:role => "menu", "aria-labelledby" => "admin-menu"} + %li + = link_to Ticket.model_name.human(:count => ""), tickets_path, {:tabindex => -1} + = link_to User.model_name.human(:count => ""), users_path, {:tabindex => -1} diff --git a/users/app/views/sessions/_nav.html.haml b/users/app/views/sessions/_nav.html.haml index b738504..398a794 100644 --- a/users/app/views/sessions/_nav.html.haml +++ b/users/app/views/sessions/_nav.html.haml @@ -1,11 +1,11 @@ -- if logged_in? +but - if logged_in? + - if admin? + %li.dropdown + = render 'sessions/admin_nav' %li - = 'logged in as ' + current_user.login + = link_to current_user.login, edit_user_path(current_user) %li = link_to t(:logout), logout_path - - if admin? - %li - = 'ADMIN' # obviously not like this - else %li = link_to t(:login), login_path diff --git a/users/app/views/sessions/new.html.haml b/users/app/views/sessions/new.html.haml index c91d3f2..a04f584 100644 --- a/users/app/views/sessions/new.html.haml +++ b/users/app/views/sessions/new.html.haml @@ -1,6 +1,6 @@ .span8.offset2 %h2=t :login - = simple_form_for :session, :url => sessions_path, :html => { :id => :new_session, :class => 'form-horizontal' } do |f| + = simple_form_for @session, :validate => true, :html => { :id => :new_session, :class => 'form-horizontal' } do |f| %legend=t :login_message = f.input :login, :input_html => { :id => :srp_username } = f.input :password, :required => true, :input_html => { :id => :srp_password } diff --git a/users/app/views/users/_form.html.haml b/users/app/views/users/_form.html.haml new file mode 100644 index 0000000..fc835af --- /dev/null +++ b/users/app/views/users/_form.html.haml @@ -0,0 +1,9 @@ +- html = {:class => 'form-horizontal user form ' + (@user.new_record? ? 'new' : 'edit')} += simple_form_for @user, :validate => true, :format => :json, :html => html do |f| + %legend + = @user.new_record? ? t(:signup_message) : t(:edit_settings) + = f.input :login, :input_html => { :id => :srp_username } + = f.input :password, :required => true, :validate => true, :input_html => { :id => :srp_password } + = f.input :password_confirmation, :required => true, :input_html => { :id => :srp_password_confirmation } + = f.button :submit, :class => 'btn-primary' + = link_to t(:cancel), root_url, :class => :btn diff --git a/users/app/views/users/edit.html.haml b/users/app/views/users/edit.html.haml new file mode 100644 index 0000000..8298443 --- /dev/null +++ b/users/app/views/users/edit.html.haml @@ -0,0 +1,3 @@ +.span8.offset2 + %h2=t :settings + = render 'form' diff --git a/users/app/views/users/index.html.haml b/users/app/views/users/index.html.haml new file mode 100644 index 0000000..7db6038 --- /dev/null +++ b/users/app/views/users/index.html.haml @@ -0,0 +1 @@ +%h1= User.model_name.human(:count =>@users.count) diff --git a/users/app/views/users/new.html.haml b/users/app/views/users/new.html.haml index be14c52..c1c4208 100644 --- a/users/app/views/users/new.html.haml +++ b/users/app/views/users/new.html.haml @@ -1,9 +1,3 @@ .span8.offset2 %h2=t :signup - = simple_form_for @user, :validate => true, :html => {:class => 'form-horizontal'} do |f| - %legend=t :signup_message - = f.input :login, :input_html => { :id => :srp_username } - = f.input :password, :required => true, :validate => true, :input_html => { :id => :srp_password } - = f.input :password_confirmation, :required => true, :input_html => { :id => :srp_password_confirmation } - = f.button :submit, :value => t(:signup), :class => 'btn-primary' - = link_to t(:cancel), root_url, :class => :btn + = render 'form' |