From b6d14dc19dd350a807826e3e097738a36613e083 Mon Sep 17 00:00:00 2001
From: Azul <azul@leap.se>
Date: Tue, 8 Apr 2014 11:49:14 +0200
Subject: moving users: app and test files

---
 app/controllers/users_controller.rb | 69 +++++++++++++++++++++++++++++++++++++
 1 file changed, 69 insertions(+)
 create mode 100644 app/controllers/users_controller.rb

(limited to 'app/controllers/users_controller.rb')

diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb
new file mode 100644
index 0000000..c8e09b6
--- /dev/null
+++ b/app/controllers/users_controller.rb
@@ -0,0 +1,69 @@
+#
+# This is an HTML-only controller. For the JSON-only controller, see v1/users_controller.rb
+#
+
+class UsersController < UsersBaseController
+
+  before_filter :require_login, :except => [:new]
+  before_filter :redirect_if_logged_in, :only => [:new]
+  before_filter :require_admin, :only => [:index, :deactivate, :enable]
+  before_filter :fetch_user, :only => [:show, :edit, :update, :destroy, :deactivate, :enable]
+
+  respond_to :html
+
+  def index
+    if params[:query]
+      if @user = User.find_by_login(params[:query])
+        redirect_to @user
+        return
+      else
+        @users = User.by_login.startkey(params[:query]).endkey(params[:query].succ)
+      end
+    else
+      @users = User.by_created_at.descending
+    end
+    @users = @users.limit(100)
+  end
+
+  def new
+    @user = User.new
+  end
+
+  def show
+  end
+
+  def edit
+  end
+
+  ## added so updating service level works, but not sure we will actually want this. also not sure that this is place to prevent user from updating own effective service level, but here as placeholder:
+  def update
+    @user.update_attributes(params[:user]) unless (!admin? and params[:user][:effective_service_level])
+    respond_with @user
+  end
+
+  def deactivate
+    @user.enabled = false
+    @user.save
+    respond_with @user
+  end
+
+  def enable
+    @user.enabled = true
+    @user.save
+    respond_with @user
+  end
+
+  def destroy
+    @user.account.destroy
+    flash[:notice] = I18n.t(:account_destroyed)
+    # admins can destroy other users
+    if @user != current_user
+      redirect_to users_url
+    else
+      # let's remove the invalid session
+      logout
+      redirect_to bye_url
+    end
+  end
+
+end
-- 
cgit v1.2.3