app/controllers/users_controller.rb
class UsersController < BaseController
include Viewable
cache_sweeper :taggable_sweeper, :only => [:activate, :update, :destroy]
before_action :login_required, :only => [:edit, :edit_account, :update, :welcome_photo, :welcome_about,
:welcome_invite, :return_admin, :assume, :featured,
:toggle_featured, :edit_pro_details, :update_pro_details, :dashboard, :deactivate,
:crop_profile_photo, :upload_profile_photo]
before_action :find_user, :only => [:edit, :edit_pro_details, :show, :update, :statistics, :deactivate,
:crop_profile_photo, :upload_profile_photo ]
before_action :require_current_user, :only => [:edit, :update, :update_account,
:edit_pro_details, :update_pro_details,
:welcome_photo, :welcome_about, :welcome_invite, :deactivate,
:crop_profile_photo, :upload_profile_photo]
before_action :admin_required, :only => [:assume, :destroy, :featured, :toggle_featured, :toggle_moderator]
before_action :admin_or_current_user_required, :only => [:statistics]
def activate
redirect_to signup_path and return if params[:id].blank?
@user = User.find_by_activation_code(params[:id])
if @user and @user.activate
self.current_user = @user
@user.track_activity(:joined_the_site)
flash[:notice] = :thanks_for_activating_your_account.l
redirect_to welcome_photo_user_path(@user) and return
end
flash[:error] = :account_activation_error.l_with_args(:email => configatron.support_email)
redirect_to signup_path
end
def deactivate
@user.deactivate
current_user_session.destroy if current_user_session
flash[:notice] = :deactivate_completed.l
redirect_to login_path
end
def index
@users, @search, @metro_areas, @states = User.search_conditions_with_metros_and_states(params)
@users = @users.active.recent.includes(:tags).page(params[:page]).per(20)
@metro_areas, @states = User.find_country_and_state_from_search_params(params)
@tags = User.tag_counts :limit => 10
setup_metro_areas_for_cloud
end
def dashboard
@user = current_user
@network_activity = @user.network_activity
@recommended_posts = @user.recommended_posts
end
def show
@friend_count = @user.accepted_friendships.count
@accepted_friendships = @user.accepted_friendships.limit(5).to_a.collect{|f| f.friend }
@pending_friendships_count = @user.pending_friendships.count()
@comments = @user.comments.limit(10).order('created_at DESC')
@photo_comments = Comment.find_photo_comments_for(@user)
@users_comments = Comment.find_comments_by_user(@user).limit(5)
@recent_posts = @user.posts.recent.limit(2)
@clippings = @user.clippings.limit(5)
@photos = @user.photos.limit(5)
@comment = Comment.new
@my_activity = Activity.recent.by_users([@user.id]).limit(10)
update_view_count(@user) unless current_user && current_user.eql?(@user)
end
def new
@user = User.new(:birthday => Date.parse((Time.now - 25.years).to_s))
@inviter_id = params[:id]
@inviter_code = params[:code]
end
def create
@user = User.new(user_params)
@user.role = Role[:member]
if (!configatron.require_captcha_on_signup || verify_recaptcha(@user)) && @user.save
create_friendship_with_inviter(@user, params)
flash[:notice] = :email_signup_thanks.l_with_args(:email => @user.email)
redirect_to signup_completed_user_path(@user)
else
render :action => 'new'
end
end
def edit
@metro_areas, @states = setup_locations_for(@user)
@avatar = (@user.avatar || @user.build_avatar)
end
def update
@metro_areas, @states = setup_locations_for(@user)
unless params[:metro_area_id].blank?
@user.metro_area = MetroArea.find(params[:metro_area_id])
@user.state = (@user.metro_area && @user.metro_area.state) ? @user.metro_area.state : nil
@user.country = @user.metro_area.country if (@user.metro_area && @user.metro_area.country)
else
@user.metro_area = @user.state = @user.country = nil
end
@user.tag_list = params[:tag_list] || ''
if user_params
attributes = user_params.permit!
attributes[:avatar_attributes][:user_id] = @user.id if attributes[:avatar_attributes]
if @user.update_attributes(attributes)
@user.track_activity(:updated_profile)
flash[:notice] = :your_changes_were_saved.l
unless params[:welcome]
redirect_to user_path(@user)
else
redirect_to :action => "welcome_#{params[:welcome]}", :id => @user
end
else
render :action => 'edit'
end
else
render :action => 'edit'
end
end
def destroy
@user = User.find(params[:id])
unless @user.admin? || @user.featured_writer?
@user.spam! if params[:spam] && configatron.has_key?(:akismet_key)
@user.destroy
flash[:notice] = :the_user_was_deleted.l
else
flash[:error] = :you_cant_delete_that_user.l
end
respond_to do |format|
format.html { redirect_to users_url }
format.js {
render :inline => flash[:error], :status => 500 if flash[:error]
render if flash[:notice]
}
end
end
def change_profile_photo
@user = User.find(params[:id])
@photo = Photo.find(params[:photo_id])
@user.avatar = @photo
if @user.save!
flash[:notice] = :your_changes_were_saved.l
redirect_to user_photo_path(@user, @photo)
end
rescue ActiveRecord::RecordInvalid
@metro_areas, @states = setup_locations_for(@user)
render :action => 'edit'
end
def crop_profile_photo
unless @photo = @user.avatar
flash[:notice] = :no_profile_photo.l
redirect_to upload_profile_photo_user_path(@user) and return
end
return unless request.put? || request.patch?
@photo.update_attributes(:crop_x => params[:crop_x], :crop_y => params[:crop_y], :crop_w => params[:crop_w], :crop_h => params[:crop_h])
redirect_to user_path(@user)
end
def upload_profile_photo
@avatar = Photo.new(avatar_params)
return unless request.put? || request.patch?
@avatar.user = @user
if @avatar.save
@user.avatar = @avatar
@user.save
redirect_to crop_profile_photo_user_path(@user)
end
end
def edit_account
@user = current_user
@authorizations = current_user.authorizations
@is_current_user = true
end
def update_account
@user = current_user
if @user.update_attributes(user_params)
flash[:notice] = :your_changes_were_saved.l
respond_to do |format|
format.html {redirect_to user_path(@user)}
format.js
end
else
respond_to do |format|
format.html {render :action => 'edit_account'}
format.js
end
end
end
def edit_pro_details
@user = User.find(params[:id])
end
def update_pro_details
@user = User.find(params[:id])
if @user.update_attributes(user_params)
respond_to do |format|
format.html {
flash[:notice] = :your_changes_were_saved.l
redirect_to edit_pro_details_user_path(@user)
}
format.js {
render :text => 'success'
}
end
end
rescue ActiveRecord::RecordInvalid
render :action => 'edit_pro_details'
end
def create_friendship_with_inviter(user, options = {})
unless options[:inviter_code].blank? or options[:inviter_id].blank?
friend = User.find(options[:inviter_id])
if friend && friend.valid_invite_code?(options[:inviter_code])
accepted = FriendshipStatus[:accepted]
@friendship = Friendship.new(:user_id => friend.id,
:friend_id => user.id,
:friendship_status => accepted,
:initiator => true)
reverse_friendship = Friendship.new(:user_id => user.id,
:friend_id => friend.id,
:friendship_status => accepted )
@friendship.save!
reverse_friendship.save!
end
end
end
def signup_completed
@user = User.find(params[:id])
redirect_to home_path and return unless @user
end
def welcome_photo
@user = User.find(params[:id])
@avatar = (@user.avatar || @user.build_avatar)
end
def welcome_about
@user = User.find(params[:id])
@metro_areas, @states = setup_locations_for(@user)
end
def welcome_invite
@user = User.find(params[:id])
end
def invite
@user = User.find(params[:id])
end
def welcome_complete
flash[:notice] = :walkthrough_complete.l_with_args(:site => configatron.community_name)
redirect_to user_path
end
def forgot_username
return unless request.post?
if @user = User.active.find_by_email(params[:email])
UserNotifier.forgot_username(@user).deliver
redirect_to login_url
flash[:info] = :your_username_was_emailed_to_you.l
else
flash[:error] = :sorry_we_dont_recognize_that_email_address.l
end
end
def resend_activation
if params[:email]
@user = User.find_by_email(params[:email])
else
@user = User.find(params[:id])
end
if @user && !@user.active?
flash[:notice] = :activation_email_resent_message.l
UserNotifier.signup_notification(@user).deliver
redirect_to login_path and return
else
flash[:notice] = :activation_email_not_sent_message.l
end
end
def assume
user = User.find(params[:id])
if assumed_user_session = self.assume_user(user)
redirect_to user_path(assumed_user_session.record)
else
redirect_to users_path
end
end
def return_admin
return_to_admin
end
def metro_area_update
country = Country.find(params[:country_id]) unless params[:country_id].blank?
state = State.find(params[:state_id]) unless params[:state_id].blank?
states = country ? country.states : []
if states.any?
metro_areas = state ? state.metro_areas.order("name ASC") : []
else
metro_areas = country ? country.metro_areas.order("name ASC") : []
end
respond_to do |format|
format.js {
render :partial => 'shared/location_chooser', :locals => {
:states => states,
:metro_areas => metro_areas,
:selected_country => params[:country_id].to_i,
:selected_state => params[:state_id].to_i,
:selected_metro_area => nil,
:js => true }
}
end
end
def toggle_featured
@user = User.find(params[:id])
@user.toggle!(:featured_writer)
redirect_to user_path(@user)
end
def toggle_moderator
@user = User.find(params[:id])
if not @user.admin?
@user.role = @user.moderator? ? Role[:member] : Role[:moderator]
@user.save!
else
flash[:error] = :you_cannot_make_an_administrator_a_moderator.l
end
redirect_to user_path(@user)
end
def statistics
if params[:date]
date = Date.new(params[:date][:year].to_i, params[:date][:month].to_i)
@month = Time.parse(date.to_s)
else
@month = Date.today
end
start_date = @month.beginning_of_month
end_date = @month.end_of_month.end_of_day
@posts = @user.posts.where('? <= published_at AND published_at <= ?', start_date, end_date)
@estimated_payment = @posts.to_a.sum do |p|
7
end
respond_to do |format|
format.html
format.xml {
render :xml => @posts.to_xml(:include => :category)
}
end
end
def delete_selected
if params[:delete]
params[:delete].each { |id|
user = User.find(id)
unless user.admin? || user.featured_writer?
user.spam! if params[:spam] && configatron.has_key?(:akismet_key)
user.destroy
end
}
end
flash[:notice] = :the_selected_users_were_deleted.l
redirect_to admin_users_path
end
protected
def setup_metro_areas_for_cloud
@metro_areas_for_cloud = MetroArea.where("users_count > 0", :order => "users_count DESC").limit(100)
@metro_areas_for_cloud = @metro_areas_for_cloud.sort_by{|m| m.name}
end
def setup_locations_for(user)
metro_areas = states = []
states = user.country.states if user.country
metro_areas = user.state.metro_areas.order("name") if user.state
return metro_areas, states
end
def admin_or_current_user_required
current_user && (current_user.admin? || @is_current_user) ? true : access_denied
end
def avatar_params
params[:avatar] && params[:avatar].permit(:name, :description, :album_id, :photo)
end
def user_params
params[:user].permit(:avatar_id, :company_name, :country_id, :description, :email,
:firstname, :fullname, :gender, :lastname, :login, :metro_area_id,
:middlename, :notify_comments, :notify_community_news,
:notify_friend_requests, :password, :password_confirmation,
:profile_public, :state_id, :stylesheet, :time_zone, :vendor, :zip,
:tag_list,
{:avatar_attributes => [:id, :name, :description, :album_id, :user, :user_id, :photo, :photo_remote_url]}, :birthday) if params[:user]
end
def comment_params
params[:comment].permit(:author_name, :author_email, :notify_by_email, :author_url, :comment)
end
end