From 6c413d3b0c4f9343fe35dbd6ad65b87dca4b4831 Mon Sep 17 00:00:00 2001 From: jessib Date: Wed, 3 Jul 2013 14:07:59 -0700 Subject: Accounts can be enabled or not. Admins can edit this property. --- users/app/controllers/users_controller.rb | 16 ++++++++++++++-- users/app/helpers/users_helper.rb | 3 ++- users/app/models/user.rb | 2 ++ users/app/views/users/_deactivate_account.html.haml | 6 ++++++ users/app/views/users/_enable_account.html.haml | 6 ++++++ users/app/views/users/edit.html.haml | 2 ++ users/app/views/users/show.html.haml | 2 +- users/config/locales/en.yml | 2 ++ users/config/routes.rb | 2 ++ 9 files changed, 37 insertions(+), 4 deletions(-) create mode 100644 users/app/views/users/_deactivate_account.html.haml create mode 100644 users/app/views/users/_enable_account.html.haml (limited to 'users') diff --git a/users/app/controllers/users_controller.rb b/users/app/controllers/users_controller.rb index 38a69e3..189e7d4 100644 --- a/users/app/controllers/users_controller.rb +++ b/users/app/controllers/users_controller.rb @@ -1,10 +1,10 @@ class UsersController < ApplicationController before_filter :authorize, :only => [:show, :edit, :destroy, :update] - before_filter :fetch_user, :only => [:show, :edit, :update, :destroy] + before_filter :fetch_user, :only => [:show, :edit, :update, :destroy, :deactivate, :enable] before_filter :authorize_self, :only => [:update] before_filter :set_anchor, :only => [:edit, :update] - before_filter :authorize_admin, :only => [:index] + before_filter :authorize_admin, :only => [:index, :deactivate, :enable] respond_to :json, :html @@ -41,6 +41,18 @@ class UsersController < ApplicationController respond_with @user, :location => edit_user_path(@user, :anchor => @anchor) end + def deactivate + @user.enabled = false + @user.save + respond_with @user + end + + def enable + @user.enabled = true + @user.save + respond_with @user + end + def destroy @user.destroy redirect_to admin? ? users_path : root_path diff --git a/users/app/helpers/users_helper.rb b/users/app/helpers/users_helper.rb index 9feae62..f731aab 100644 --- a/users/app/helpers/users_helper.rb +++ b/users/app/helpers/users_helper.rb @@ -33,7 +33,8 @@ module UsersHelper def user_field(field) value = @user.send(field) value = value.to_s(:long) if field.end_with? '_at' - value || 'not set' + value = 'not set' if value.nil? + value end def wrapped(item, options = {}) diff --git a/users/app/models/user.rb b/users/app/models/user.rb index 5c849f0..0cf37cf 100644 --- a/users/app/models/user.rb +++ b/users/app/models/user.rb @@ -11,6 +11,8 @@ class User < CouchRest::Model::Base property :public_key, :accessible => true + property :enabled, TrueClass, :default => true + validates :login, :password_salt, :password_verifier, :presence => true diff --git a/users/app/views/users/_deactivate_account.html.haml b/users/app/views/users/_deactivate_account.html.haml new file mode 100644 index 0000000..fec0afa --- /dev/null +++ b/users/app/views/users/_deactivate_account.html.haml @@ -0,0 +1,6 @@ +%legend + =t :deactivate_account + %small=t :deactivate_description += link_to deactivate_user_path(@user), :method => :post, :class => "btn" do + %i.icon-remove.icon-white + =t :deactivate_account \ No newline at end of file diff --git a/users/app/views/users/_enable_account.html.haml b/users/app/views/users/_enable_account.html.haml new file mode 100644 index 0000000..5ecca48 --- /dev/null +++ b/users/app/views/users/_enable_account.html.haml @@ -0,0 +1,6 @@ +%legend + =t :enable_account + %small=t :enable_description += link_to enable_user_path(@user), :method => :post, :class => "btn" do + %i.icon-remove.icon-white + =t :enable_account \ No newline at end of file diff --git a/users/app/views/users/edit.html.haml b/users/app/views/users/edit.html.haml index 97bd48d..49b4f6c 100644 --- a/users/app/views/users/edit.html.haml +++ b/users/app/views/users/edit.html.haml @@ -3,6 +3,8 @@ - tabs = [] - content_for :account do = user_form_with 'login_and_password_fields', :legend => :update_login_and_password if @user == current_user + = render 'deactivate_account' if @user != current_user and @user.enabled? + = render 'enable_account' if @user != current_user and !@user.enabled? = render 'cancel_account' - tabs << :account - if @user == current_user diff --git a/users/app/views/users/show.html.haml b/users/app/views/users/show.html.haml index 056ed57..52a9cf5 100644 --- a/users/app/views/users/show.html.haml +++ b/users/app/views/users/show.html.haml @@ -3,7 +3,7 @@ .small = link_to 'edit', edit_user_path(@user) %dl.offset1 - - fields = ['login', 'email_address', 'created_at', 'updated_at', 'email_forward'] + - fields = ['login', 'email_address', 'created_at', 'updated_at', 'email_forward', 'enabled'] - fields.each do |field| %dt = field.titleize diff --git a/users/config/locales/en.yml b/users/config/locales/en.yml index 32d183b..c527e56 100644 --- a/users/config/locales/en.yml +++ b/users/config/locales/en.yml @@ -25,6 +25,8 @@ en: associated_email: "The associated email address is" cookie_disabled_warning: "You have cookies disabled. You will not be able to login until you enable cookies." js_required: "We are sorry, but this doesn't work without javascript enabled. This is for security reasons." + enable_description: "This will restore the account to full functionality" + deactivate_description: "This will temporarily deactivate some account functionality." #todo detail exact functionality. can receive email but not send or renew client certificate? activemodel: models: diff --git a/users/config/routes.rb b/users/config/routes.rb index 9a9a40e..cd510a8 100644 --- a/users/config/routes.rb +++ b/users/config/routes.rb @@ -15,6 +15,8 @@ Rails.application.routes.draw do get "signup" => "users#new", :as => "signup" resources :users do resources :email_aliases, :only => [:destroy], :id => /.*/ + post 'deactivate', on: :member + post 'enable', on: :member end get "/.well-known/host-meta" => 'webfinger#host_meta' -- cgit v1.2.3 From cfb9e1d4c2e954222b77c4dd11e06ae3a0092be5 Mon Sep 17 00:00:00 2001 From: jessib Date: Thu, 4 Jul 2013 13:20:24 -0700 Subject: Add tests for enabling/deactivating. --- users/test/functional/users_controller_test.rb | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) (limited to 'users') diff --git a/users/test/functional/users_controller_test.rb b/users/test/functional/users_controller_test.rb index 7f81c59..9964df5 100644 --- a/users/test/functional/users_controller_test.rb +++ b/users/test/functional/users_controller_test.rb @@ -205,4 +205,22 @@ class UsersControllerTest < ActionController::TestCase assert assigns(:users) end + test "user cannot enable own account" do + user = find_record :user + login + post :enable, :id => user.id + assert_access_denied + end + + test "admin can deactivate user" do + user = find_record :user + assert user.enabled? + user.expects(:save).returns(true) + + login :is_admin? => true + + post :deactivate, :id => user.id + assert !assigns(:user).enabled? + end + end -- cgit v1.2.3 From a40a83cb07d9aba8915cd2c4a25aa76e0cf6760e Mon Sep 17 00:00:00 2001 From: jessib Date: Tue, 9 Jul 2013 10:35:14 -0700 Subject: Cleanup to show enable/deactivate account functionality in new UI. --- users/app/views/overviews/show.html.haml | 3 +++ users/app/views/users/_deactivate_account.html.haml | 6 ------ users/app/views/users/_edit.html.haml | 19 ++++++++++++++----- users/app/views/users/_enable_account.html.haml | 6 ------ users/config/locales/en.yml | 2 ++ 5 files changed, 19 insertions(+), 17 deletions(-) delete mode 100644 users/app/views/users/_deactivate_account.html.haml delete mode 100644 users/app/views/users/_enable_account.html.haml (limited to 'users') diff --git a/users/app/views/overviews/show.html.haml b/users/app/views/overviews/show.html.haml index b8ad814..898cfa0 100644 --- a/users/app/views/overviews/show.html.haml +++ b/users/app/views/overviews/show.html.haml @@ -9,6 +9,9 @@ %br = t(:updated) = @user.updated_at + %br + = t(:enabled) + = @user.enabled? %p= t(:overview_intro) diff --git a/users/app/views/users/_deactivate_account.html.haml b/users/app/views/users/_deactivate_account.html.haml deleted file mode 100644 index fec0afa..0000000 --- a/users/app/views/users/_deactivate_account.html.haml +++ /dev/null @@ -1,6 +0,0 @@ -%legend - =t :deactivate_account - %small=t :deactivate_description -= link_to deactivate_user_path(@user), :method => :post, :class => "btn" do - %i.icon-remove.icon-white - =t :deactivate_account \ No newline at end of file diff --git a/users/app/views/users/_edit.html.haml b/users/app/views/users/_edit.html.haml index 41a68fd..0402f37 100644 --- a/users/app/views/users/_edit.html.haml +++ b/users/app/views/users/_edit.html.haml @@ -35,8 +35,17 @@ = link_to user_path(@user), :method => :delete, :confirm => t(:are_you_sure), :class => "btn btn-danger" do %i.icon-remove.icon-white = t(:destroy_my_account) - -- # TODO: should show enabled field if admin is viewing another account. -- # TODO: admins should be able to deactivate/enable regular accounts, as appropriate. before had: -- # = render 'deactivate_account' if @user != current_user and @user.enabled? -- # = render 'enable_account' if @user != current_user and !@user.enabled? \ No newline at end of file +- if @user != current_user and @user.enabled? + %legend + = t(:deactivate_account, :username => @user.login) + %p= t(:deactivate_description) + = link_to deactivate_user_path(@user), :method => :post, :class => "btn btn-warning" do + %i.icon-pause.icon-white + = t(:deactivate) +- elsif @user != current_user and !@user.enabled? + %legend + = t(:enable_account, :username => @user.login) + %p= t(:enable_description) + = link_to enable_user_path(@user), :method => :post, :class => "btn btn-warning" do + %i.icon-ok.icon-white + = t(:enable) \ No newline at end of file diff --git a/users/app/views/users/_enable_account.html.haml b/users/app/views/users/_enable_account.html.haml deleted file mode 100644 index 5ecca48..0000000 --- a/users/app/views/users/_enable_account.html.haml +++ /dev/null @@ -1,6 +0,0 @@ -%legend - =t :enable_account - %small=t :enable_description -= link_to enable_user_path(@user), :method => :post, :class => "btn" do - %i.icon-remove.icon-white - =t :enable_account \ No newline at end of file diff --git a/users/config/locales/en.yml b/users/config/locales/en.yml index f4d3171..1aa7005 100644 --- a/users/config/locales/en.yml +++ b/users/config/locales/en.yml @@ -32,7 +32,9 @@ en: search: "Search" cookie_disabled_warning: "You have cookies disabled. You will not be able to login until you enable cookies." js_required: "We are sorry, but this doesn't work without javascript enabled. This is for security reasons." + enable_account: "Enable the account %{username}" enable_description: "This will restore the account to full functionality" + deactivate_account: "Deactivate the account %{username}" deactivate_description: "This will temporarily deactivate some account functionality." #todo detail exact functionality. can receive email but not send or renew client certificate? -- cgit v1.2.3