Sign upLogin

artirix/browsercms

View on GitHub
Star
app/controllers/cms/users_controller.rb

Summary

Maintainability
A
55 mins
Test Coverage
module Cms
  class UsersController < Cms::ResourceController
    include Cms::AdminTab

    check_permissions :administrate, :except => [:change_password, :update_password]
    before_filter :only_self_or_administrator, :only => [:change_password, :update_password]
    after_filter :update_flash, :only => [:update]


    def index
      @have_external_users = Cms::ExternalUser.count > 0

      query, conditions = [], []

      unless params[:show_expired]
        query << "expires_at IS NULL OR expires_at >= ?"
        conditions << Time.now.utc
      end

      unless params[:key_word].blank?
        query << %w(login email first_name last_name).collect { |f| "lower(#{f}) LIKE lower(?)" }.join(" OR ")
        4.times { conditions << "%#{params[:key_word]}%" }
      end

      unless params[:group_id].to_i == 0
        query << "#{UserGroupMembership.table_name}.group_id = ?"
        conditions << params[:group_id]
      end

      query.collect! { |q| "(#{q})" }
      conditions = conditions.unshift(query.join(" AND "))
      per_page = params[:per_page] || 10

      page_num = params[:page] ? params[:page].to_i : 1
      @users = PersistentUser.where(conditions).paginate(page: page_num, per_page: per_page).includes(:user_group_memberships).references(:user_group_memberships).order("first_name, last_name, email")
    end

    def new
      @user = Cms::User.new
    end

    def create
      @user = Cms::User.new(cms_user_params)
      if @user.save
        flash[:notice] = "User '#{@user.login}' was created"
        redirect_to users_path
      else
        render :action => 'new'
      end
    end

    def change_password
      user
    end

    def update_password
      if user.update(cms_user_params)
        flash[:notice] = "Password for '#{user.login}' was changed"
        redirect_to(current_user.able_to?(:administrate) ? users_path : "/")
      else
        render :action => 'change_password'
      end
    end

    def disable
      begin
        user.disable!
        flash[:notice] = "User #{user.login} disabled"
      rescue Exception => e
        flash[:error] = e.message
      end
      redirect_to users_path
    end

    def enable
      user.enable!
      redirect_to users_path
    end

    protected

    def cms_user_params
      params.require(:user).permit(Cms::User.permitted_params)
    end

    def after_create_url
      users_path
    end

    def after_update_url
      users_path
    end

    def update_flash
      if params[:on_fail_action] == "change_password"
        flash[:notice] = "Password for '#{@object.login}' changed"
      elsif params[:action] == "create"
        flash[:notice] = "User '#{@object.login}' was created"
      else
        flash[:notice] = "User '#{@object.login}' was updated"
      end
    end

    def resource_name
      'PersistentUser'
    end

    def variable_name
      'user'
    end

    private
    def user
      @user ||= PersistentUser.find(params[:id])
    end

    def set_menu_section
      @menu_section = 'users'
    end

    def only_self_or_administrator
      raise Cms::Errors::AccessDenied if !current_user.able_to?(:administrate) && params[:id].to_i != current_user.id
    end
  end
end