From ee3c9146e4bbe93ec1f00ee45386a82ec4363c4d Mon Sep 17 00:00:00 2001
From: Azul <azul@leap.se>
Date: Fri, 23 Nov 2012 12:11:11 +0100
Subject: identify user by id so rerendering the form does not use new invalid
login
---
users/app/controllers/users_controller.rb | 15 +++++++++++----
users/app/models/user.rb | 8 ++------
2 files changed, 13 insertions(+), 10 deletions(-)
(limited to 'users/app')
diff --git a/users/app/controllers/users_controller.rb b/users/app/controllers/users_controller.rb
index ecab53b..3913d0d 100644
--- a/users/app/controllers/users_controller.rb
+++ b/users/app/controllers/users_controller.rb
@@ -1,6 +1,8 @@
class UsersController < ApplicationController
- skip_before_filter :verify_authenticity_token
+ skip_before_filter :verify_authenticity_token, :only => [:create]
+
+ before_filter :fetch_user, :only => [:edit, :update]
respond_to :json, :html
@@ -17,12 +19,17 @@ class UsersController < ApplicationController
end
def edit
- @user = current_user
end
def update
- @user = current_user
- @user.update(params[:user])
+ @user.update_attributes(params[:user])
respond_with(@user, :location => edit_user_path(@user))
end
+
+ protected
+
+ def fetch_user
+ @user = User.find_by_param(params[:id])
+ access_denied unless @user == current_user
+ end
end
diff --git a/users/app/models/user.rb b/users/app/models/user.rb
index 507eda5..624754b 100644
--- a/users/app/models/user.rb
+++ b/users/app/models/user.rb
@@ -29,9 +29,7 @@ class User < CouchRest::Model::Base
end
class << self
- def find_by_param(login)
- return find_by_login(login) || raise(RECORD_NOT_FOUND)
- end
+ alias_method :find_by_param, :find
# valid set of attributes for testing
def valid_attributes_hash
@@ -42,9 +40,7 @@ class User < CouchRest::Model::Base
end
- def to_param
- self.login
- end
+ alias_method :to_param, :id
def to_json(options={})
{
--
cgit v1.2.3
From 76a3b91ad78d12ef82a0c01ca702720a510f1e22 Mon Sep 17 00:00:00 2001
From: Azul <azul@leap.se>
Date: Sun, 25 Nov 2012 13:21:23 +0100
Subject: basic changing of password and login working
---
users/app/assets/javascripts/srp | 2 +-
users/app/assets/javascripts/users.js.coffee | 36 ++++++----------------------
users/app/views/users/_form.html.haml | 3 ++-
3 files changed, 10 insertions(+), 31 deletions(-)
(limited to 'users/app')
diff --git a/users/app/assets/javascripts/srp b/users/app/assets/javascripts/srp
index 076d6e2..fff770a 160000
--- a/users/app/assets/javascripts/srp
+++ b/users/app/assets/javascripts/srp
@@ -1 +1 @@
-Subproject commit 076d6e251e4caf826787d87b11434e535960455c
+Subproject commit fff770a866b44abce6fe0fc5d5ffde034225436d
diff --git a/users/app/assets/javascripts/users.js.coffee b/users/app/assets/javascripts/users.js.coffee
index d0ec32f..5663161 100644
--- a/users/app/assets/javascripts/users.js.coffee
+++ b/users/app/assets/javascripts/users.js.coffee
@@ -1,40 +1,17 @@
preventDefault = (event) ->
event.preventDefault()
-validOrAbort = (event) ->
- errors = {}
-
- abortIfErrors = ->
- return if $.isEmptyObject(errors)
- # we're relying on client_side_validations here instead of printing
- # our own errors. This gets us translatable error messages.
- $('.control-group.error input, .control-group.error select, control-group.error textarea').first().focus()
- event.stopImmediatePropagation()
-
- validatePassword = ->
- password = $('#srp_password').val()
- confirmation = $('#srp_password_confirmation').val()
- login = $('#srp_username').val()
-
- if password != confirmation
- errors.password_confirmation = "Confirmation does not match!"
- if password == login
- errors.password = "Password and Login may not match!"
- if password.length < 8
- errors.password = "Password needs to be at least 8 characters long!"
-
- validatePassword()
- abortIfErrors()
-
-
-
srp.session = new srp.Session()
srp.signedUp = ->
- window.location = '/'
+ srp.login
srp.loggedIn = ->
window.location = '/'
+#// TODO: not sure this is what we want.
+srp.updated = ->
+ window.location = '/'
+
srp.error = (message) ->
if $.isPlainObject(message) && message.errors
for field, error of message.errors
@@ -46,8 +23,9 @@ srp.error = (message) ->
$(document).ready ->
$('#new_user').submit preventDefault
- $('#new_user').submit validOrAbort
$('#new_user').submit srp.signup
$('#new_session').submit preventDefault
$('#new_session').submit srp.login
+ $('.user.form.edit').submit srp.update
+ $('.user.form.edit').submit preventDefault
diff --git a/users/app/views/users/_form.html.haml b/users/app/views/users/_form.html.haml
index 8914241..d26d17d 100644
--- a/users/app/views/users/_form.html.haml
+++ b/users/app/views/users/_form.html.haml
@@ -1,4 +1,5 @@
-= simple_form_for @user, :validate => true, :html => {:class => 'form-horizontal'} do |f|
+- html = {:class => 'form-horizontal user form ' + (@user.new_record? ? 'new' : 'edit')}
+= simple_form_for @user, :validate => true, :html => html do |f|
%legend
= @user.new_record? ? t(:signup_message) : t(:edit_settings)
= f.input :login, :input_html => { :id => :srp_username }
--
cgit v1.2.3
From ce0999ead0d61db1f6534ee9d8114c4551542e80 Mon Sep 17 00:00:00 2001
From: Azul <azul@leap.se>
Date: Mon, 26 Nov 2012 10:59:50 +0100
Subject: minor: client side validations fixed + .json request
---
users/app/assets/javascripts/users.js.coffee | 2 +-
users/app/models/user.rb | 8 +++++++-
users/app/views/users/_form.html.haml | 2 +-
3 files changed, 9 insertions(+), 3 deletions(-)
(limited to 'users/app')
diff --git a/users/app/assets/javascripts/users.js.coffee b/users/app/assets/javascripts/users.js.coffee
index 5663161..f0bb3dd 100644
--- a/users/app/assets/javascripts/users.js.coffee
+++ b/users/app/assets/javascripts/users.js.coffee
@@ -15,7 +15,7 @@ srp.updated = ->
srp.error = (message) ->
if $.isPlainObject(message) && message.errors
for field, error of message.errors
- element = $('form input[name="session['+field+']"]')
+ element = $('form input[name$="['+field+']"]')
next unless element
element.trigger('element:validate:fail.ClientSideValidations', error).data('valid', false)
else
diff --git a/users/app/models/user.rb b/users/app/models/user.rb
index 624754b..39d079a 100644
--- a/users/app/models/user.rb
+++ b/users/app/models/user.rb
@@ -9,7 +9,8 @@ class User < CouchRest::Model::Base
:presence => true
validates :login,
- :uniqueness => true
+ :uniqueness => true,
+ :if => :serverside?
validates :login,
:format => { :with => /\A[A-Za-z\d_]+\z/,
@@ -74,4 +75,9 @@ class User < CouchRest::Model::Base
def password
password_verifier
end
+
+ # used as a condition for validations that are server side only
+ def serverside?
+ true
+ end
end
diff --git a/users/app/views/users/_form.html.haml b/users/app/views/users/_form.html.haml
index d26d17d..fc835af 100644
--- a/users/app/views/users/_form.html.haml
+++ b/users/app/views/users/_form.html.haml
@@ -1,5 +1,5 @@
- html = {:class => 'form-horizontal user form ' + (@user.new_record? ? 'new' : 'edit')}
-= simple_form_for @user, :validate => true, :html => html do |f|
+= simple_form_for @user, :validate => true, :format => :json, :html => html do |f|
%legend
= @user.new_record? ? t(:signup_message) : t(:edit_settings)
= f.input :login, :input_html => { :id => :srp_username }
--
cgit v1.2.3
From 595518684b9c4364f96c97a84cc481b5ae0da981 Mon Sep 17 00:00:00 2001
From: Azul <azul@leap.se>
Date: Mon, 26 Nov 2012 11:54:11 +0100
Subject: simplified controller and adjusted tests
Also added #assert_json_error to tests.
---
users/app/controllers/users_controller.rb | 9 +++------
1 file changed, 3 insertions(+), 6 deletions(-)
(limited to 'users/app')
diff --git a/users/app/controllers/users_controller.rb b/users/app/controllers/users_controller.rb
index 3913d0d..5be1fa9 100644
--- a/users/app/controllers/users_controller.rb
+++ b/users/app/controllers/users_controller.rb
@@ -11,11 +11,8 @@ class UsersController < ApplicationController
end
def create
- @user = User.create!(params[:user])
- respond_with(@user, :location => root_url, :notice => "Signed up!")
- rescue VALIDATION_FAILED => e
- @user = e.document
- respond_with(@user, :location => new_user_path)
+ @user = User.create(params[:user])
+ respond_with @user
end
def edit
@@ -23,7 +20,7 @@ class UsersController < ApplicationController
def update
@user.update_attributes(params[:user])
- respond_with(@user, :location => edit_user_path(@user))
+ respond_with @user
end
protected
--
cgit v1.2.3