Adding capabilities to users, login/password/etc.
This commit is contained in:
parent
194dd6a64e
commit
bf5ed5f261
@ -1,14 +1,35 @@
|
|||||||
ActiveAdmin.register User do
|
ActiveAdmin.register User do
|
||||||
permit_params :login, :password, :email, :lastname, :firstname
|
index do
|
||||||
|
column :login
|
||||||
|
column :email
|
||||||
|
column :firstname
|
||||||
|
column :lastname
|
||||||
|
column :current_sign_in_at
|
||||||
|
column :last_sign_in_at
|
||||||
|
column :sign_in_count
|
||||||
|
actions
|
||||||
|
end
|
||||||
|
|
||||||
|
filter :login
|
||||||
|
filter :email
|
||||||
|
filter :firstname
|
||||||
|
filter :lastname
|
||||||
|
|
||||||
form do |f|
|
form do |f|
|
||||||
f.inputs do
|
f.inputs 'Admin Details' do
|
||||||
f.input :login
|
f.input :login
|
||||||
f.input :lastname
|
|
||||||
f.input :firstname
|
|
||||||
f.input :email
|
f.input :email
|
||||||
|
f.input :firstname
|
||||||
|
f.input :lastname
|
||||||
f.input :password
|
f.input :password
|
||||||
|
f.input :password_confirmation
|
||||||
end
|
end
|
||||||
f.actions
|
f.actions
|
||||||
end
|
end
|
||||||
|
controller do
|
||||||
|
def permitted_params
|
||||||
|
params.permit admin_user: %i[login email firstname lastname password
|
||||||
|
password_confirmation]
|
||||||
|
end
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
@ -1,3 +0,0 @@
|
|||||||
# Place all the behaviors and hooks related to the matching controller here.
|
|
||||||
# All this logic will automatically be available in application.js.
|
|
||||||
# You can use CoffeeScript in this file: http://coffeescript.org/
|
|
@ -1,5 +0,0 @@
|
|||||||
.sessions form
|
|
||||||
margin: 6em auto
|
|
||||||
|
|
||||||
.logout
|
|
||||||
margin: 2em auto
|
|
@ -1,3 +0,0 @@
|
|||||||
// Place all the styles related to the users controller here.
|
|
||||||
// They will automatically be included in application.css.
|
|
||||||
// You can use Sass (SCSS) here: http://sass-lang.com/
|
|
@ -1,6 +1,7 @@
|
|||||||
# The top level controller, where can be centralised almost everything
|
# The top level controller, where can be centralised almost everything
|
||||||
class ApplicationController < ActionController::Base
|
class ApplicationController < ActionController::Base
|
||||||
before_action :set_paper_trail_whodunnit, :set_locale, :discard
|
before_action :set_paper_trail_whodunnit, :set_locale, :discard
|
||||||
|
before_action :set_mailer_host, if: :devise_controller?
|
||||||
# Prevent CSRF attacks by raising an exception.
|
# Prevent CSRF attacks by raising an exception.
|
||||||
# For APIs, you may want to use :null_session instead.
|
# For APIs, you may want to use :null_session instead.
|
||||||
protect_from_forgery prepend: true, with: :exception
|
protect_from_forgery prepend: true, with: :exception
|
||||||
|
@ -76,11 +76,6 @@ class ModerationsController < ApplicationController
|
|||||||
:locality, :url, :contact, :submitter, :tag_list, :reason
|
:locality, :url, :contact, :submitter, :tag_list, :reason
|
||||||
end
|
end
|
||||||
|
|
||||||
# Useful to manage absolute url in mails
|
|
||||||
def set_mailer_host
|
|
||||||
ActionMailer::Base.default_url_options[:host] = request.host_with_port
|
|
||||||
end
|
|
||||||
|
|
||||||
def locked
|
def locked
|
||||||
redirect_to edit_moderation_url(@moderation), alert: t('staleObjectError')
|
redirect_to edit_moderation_url(@moderation), alert: t('staleObjectError')
|
||||||
end
|
end
|
||||||
|
@ -38,11 +38,6 @@ class NotesController < ApplicationController
|
|||||||
params.require(:note).permit :contents
|
params.require(:note).permit :contents
|
||||||
end
|
end
|
||||||
|
|
||||||
# Useful to manage absolute url in mails
|
|
||||||
def set_mailer_host
|
|
||||||
ActionMailer::Base.default_url_options[:host] = request.host_with_port
|
|
||||||
end
|
|
||||||
|
|
||||||
def send_mails
|
def send_mails
|
||||||
if params[:envoiParMail] == 'oui'
|
if params[:envoiParMail] == 'oui'
|
||||||
# Send an update mail to its author
|
# Send an update mail to its author
|
||||||
|
@ -1,74 +0,0 @@
|
|||||||
# Moderators life cycle
|
|
||||||
class UsersController < ApplicationController
|
|
||||||
before_action :authenticate_user!
|
|
||||||
before_action :set_user, only: %i[show edit update destroy]
|
|
||||||
|
|
||||||
# GET /users
|
|
||||||
# GET /users.json
|
|
||||||
def index
|
|
||||||
@users = User.all
|
|
||||||
end
|
|
||||||
|
|
||||||
# GET /users/new
|
|
||||||
def new
|
|
||||||
@user = User.new
|
|
||||||
end
|
|
||||||
|
|
||||||
# POST /users
|
|
||||||
# POST /users.json
|
|
||||||
def create
|
|
||||||
@user = User.new(user_params)
|
|
||||||
|
|
||||||
respond_to do |format|
|
|
||||||
if @user.save
|
|
||||||
format.html { redirect_to @user, notice: 'User successfully created' }
|
|
||||||
format.json { render action: 'show', status: :created, location: @user }
|
|
||||||
else
|
|
||||||
format.html { render action: 'new' }
|
|
||||||
format.json { render json: @user.errors, status: :unprocessable_entity }
|
|
||||||
end
|
|
||||||
end
|
|
||||||
end
|
|
||||||
|
|
||||||
def show; end
|
|
||||||
|
|
||||||
def edit; end
|
|
||||||
|
|
||||||
# PATCH/PUT /users/1
|
|
||||||
# PATCH/PUT /users/1.json
|
|
||||||
def update
|
|
||||||
respond_to do |format|
|
|
||||||
if @user.update(user_params)
|
|
||||||
format.html { redirect_to @user, notice: 'User successfully updated' }
|
|
||||||
format.json { head :no_content }
|
|
||||||
else
|
|
||||||
format.html { render action: 'edit' }
|
|
||||||
format.json { render json: @user.errors, status: :unprocessable_entity }
|
|
||||||
end
|
|
||||||
end
|
|
||||||
end
|
|
||||||
|
|
||||||
# DELETE /users/1
|
|
||||||
# DELETE /users/1.json
|
|
||||||
def destroy
|
|
||||||
@user.destroy
|
|
||||||
respond_to do |format|
|
|
||||||
format.html { redirect_to users_url }
|
|
||||||
format.json { head :no_content }
|
|
||||||
end
|
|
||||||
end
|
|
||||||
|
|
||||||
private
|
|
||||||
|
|
||||||
# Use callbacks to share common setup or constraints between actions.
|
|
||||||
def set_user
|
|
||||||
@user = User.find(params[:id])
|
|
||||||
end
|
|
||||||
|
|
||||||
# Never trust parameters from the scary internet, only allow the white list
|
|
||||||
# through.
|
|
||||||
def user_params
|
|
||||||
params.require(:user).permit :login, :email, :lastname, :firstname,
|
|
||||||
:password
|
|
||||||
end
|
|
||||||
end
|
|
@ -5,8 +5,9 @@ require 'digest/md5'
|
|||||||
class User < ApplicationRecord
|
class User < ApplicationRecord
|
||||||
# Include default devise modules. Others available are:
|
# Include default devise modules. Others available are:
|
||||||
# :confirmable, :lockable, :timeoutable and :omniauthable
|
# :confirmable, :lockable, :timeoutable and :omniauthable
|
||||||
devise :database_authenticatable, authentication_keys: [:login]
|
devise :database_authenticatable,
|
||||||
# :registerable, :validatable
|
:recoverable, :rememberable, :trackable, :validatable,
|
||||||
|
authentication_keys: [:login]
|
||||||
|
|
||||||
validates :login, presence: true
|
validates :login, presence: true
|
||||||
|
|
||||||
@ -24,7 +25,7 @@ class User < ApplicationRecord
|
|||||||
if login.present?
|
if login.present?
|
||||||
where(conditions).find_by login: login
|
where(conditions).find_by login: login
|
||||||
else
|
else
|
||||||
find_first(conditions)
|
where(conditions).limit(1).to_a[0]
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
@ -10,8 +10,8 @@
|
|||||||
= f.password_field :password, autocomplete: 'current-password'
|
= f.password_field :password, autocomplete: 'current-password'
|
||||||
- if devise_mapping.rememberable?
|
- if devise_mapping.rememberable?
|
||||||
.field
|
.field
|
||||||
= f.check_box :remember_me
|
|
||||||
= f.label :remember_me
|
= f.label :remember_me
|
||||||
|
= f.check_box :remember_me
|
||||||
.actions
|
.actions
|
||||||
= f.submit t('.sign_in')
|
= f.submit t('.sign_in')
|
||||||
|
|
||||||
|
@ -1,22 +0,0 @@
|
|||||||
= form_for @user do |f|
|
|
||||||
- if @user.errors.any?
|
|
||||||
#error_explanation
|
|
||||||
%h2= "#{pluralize(@user.errors.count, "error")} prohibited this user from being saved:"
|
|
||||||
%ul
|
|
||||||
- @user.errors.full_messages.each do |msg|
|
|
||||||
%li= msg
|
|
||||||
|
|
||||||
.field
|
|
||||||
= f.label :login
|
|
||||||
= f.text_field :login
|
|
||||||
.field
|
|
||||||
= f.label :email
|
|
||||||
= f.text_field :email
|
|
||||||
.field
|
|
||||||
= f.label :firstname
|
|
||||||
= f.text_field :firstname
|
|
||||||
.field
|
|
||||||
= f.label :lastname
|
|
||||||
= f.text_field :lastname
|
|
||||||
.actions
|
|
||||||
= f.submit 'Save'
|
|
@ -1,7 +0,0 @@
|
|||||||
%h1 Editing user
|
|
||||||
|
|
||||||
= render 'form'
|
|
||||||
|
|
||||||
= link_to 'Show', @user
|
|
||||||
\|
|
|
||||||
= link_to 'Back', users_path
|
|
@ -1,24 +0,0 @@
|
|||||||
%h1= User.model_name.human.pluralize
|
|
||||||
|
|
||||||
%table.list
|
|
||||||
%tr
|
|
||||||
%th= User.human_attribute_name :login
|
|
||||||
%th= User.human_attribute_name :email
|
|
||||||
%th= User.human_attribute_name :firstname
|
|
||||||
%th= User.human_attribute_name :lastname
|
|
||||||
%th
|
|
||||||
|
|
||||||
- @users.each do |user|
|
|
||||||
%tr{ class: cycle('odd', 'even') }
|
|
||||||
%td= user.login
|
|
||||||
%td= user.email
|
|
||||||
%td= user.firstname
|
|
||||||
%td= user.lastname
|
|
||||||
%td
|
|
||||||
= link_to user, class: 'view_link' do
|
|
||||||
%em.fa.fa-eye
|
|
||||||
= link_to t('edit'), edit_user_path(user), class: 'edit_link'
|
|
||||||
= link_to t('destroy'), user, method: :delete,
|
|
||||||
data: { confirm: 'Are you sure?' }, class: 'delete_link'
|
|
||||||
|
|
||||||
.actions= link_to 'New User', new_user_path
|
|
@ -1,4 +0,0 @@
|
|||||||
json.array!(@users) do |user|
|
|
||||||
json.extract! user, :login, :email, :lastname, :firstname
|
|
||||||
json.url user_url(user, format: :json)
|
|
||||||
end
|
|
@ -1,5 +0,0 @@
|
|||||||
%h1 New user
|
|
||||||
|
|
||||||
= render 'form'
|
|
||||||
|
|
||||||
= link_to 'Back', users_path
|
|
@ -1,19 +0,0 @@
|
|||||||
%h1= User.model_name.human
|
|
||||||
%fieldset
|
|
||||||
%p
|
|
||||||
%b Login:
|
|
||||||
= @user.login
|
|
||||||
%p
|
|
||||||
%b Email:
|
|
||||||
= @user.email
|
|
||||||
%p
|
|
||||||
%b Firstname:
|
|
||||||
= @user.firstname
|
|
||||||
%p
|
|
||||||
%b Lastname:
|
|
||||||
= @user.lastname
|
|
||||||
|
|
||||||
.actions
|
|
||||||
= link_to 'Edit', edit_user_path(@user)
|
|
||||||
\|
|
|
||||||
= link_to 'Back', users_path
|
|
@ -1,2 +0,0 @@
|
|||||||
json.extract! @user, :login, :email, :lastname, :firstname, :created_at,
|
|
||||||
:updated_at
|
|
@ -2,7 +2,6 @@ Rails.application.routes.draw do
|
|||||||
get 'stats', to: 'stats#index'
|
get 'stats', to: 'stats#index'
|
||||||
get 'versions', to: 'versions#index'
|
get 'versions', to: 'versions#index'
|
||||||
|
|
||||||
resources :users
|
|
||||||
resources :events do
|
resources :events do
|
||||||
get :cancel, on: :member
|
get :cancel, on: :member
|
||||||
post :preview, on: :collection, to: 'events#preview_create'
|
post :preview, on: :collection, to: 'events#preview_create'
|
||||||
@ -42,8 +41,7 @@ Rails.application.routes.draw do
|
|||||||
get '(:format).php',
|
get '(:format).php',
|
||||||
to: redirect { |_, r| "events.#{r.format.to_sym}?#{r.query_string}" }
|
to: redirect { |_, r| "events.#{r.format.to_sym}?#{r.query_string}" }
|
||||||
|
|
||||||
devise_for :users,
|
devise_for :users
|
||||||
path: '', path_names: { sign_in: 'login', sign_out: 'logout' }
|
|
||||||
devise_for :admin_users, ActiveAdmin::Devise.config
|
devise_for :admin_users, ActiveAdmin::Devise.config
|
||||||
ActiveAdmin.routes(self)
|
ActiveAdmin.routes(self)
|
||||||
|
|
||||||
|
18
db/migrate/20190509170714_add_abilities_to_devise.rb
Normal file
18
db/migrate/20190509170714_add_abilities_to_devise.rb
Normal file
@ -0,0 +1,18 @@
|
|||||||
|
# Add some capacities to users, to facilitate their mgmt
|
||||||
|
class AddAbilitiesToDevise < ActiveRecord::Migration[5.2]
|
||||||
|
def change
|
||||||
|
## Recoverable
|
||||||
|
add_column :users, :reset_password_token, :string
|
||||||
|
add_column :users, :reset_password_sent_at, :datetime
|
||||||
|
|
||||||
|
## Rememberable
|
||||||
|
add_column :users, :remember_created_at, :datetime
|
||||||
|
|
||||||
|
## Trackable
|
||||||
|
add_column :users, :sign_in_count, :integer, default: 0, null: false
|
||||||
|
add_column :users, :current_sign_in_at, :datetime
|
||||||
|
add_column :users, :last_sign_in_at, :datetime
|
||||||
|
add_column :users, :current_sign_in_ip, :string
|
||||||
|
add_column :users, :last_sign_in_ip, :string
|
||||||
|
end
|
||||||
|
end
|
17
db/schema.rb
17
db/schema.rb
@ -10,7 +10,7 @@
|
|||||||
#
|
#
|
||||||
# It's strongly recommended that you check this file into your version control system.
|
# It's strongly recommended that you check this file into your version control system.
|
||||||
|
|
||||||
ActiveRecord::Schema.define(version: 20180408212139) do
|
ActiveRecord::Schema.define(version: 2019_05_09_170714) do
|
||||||
|
|
||||||
create_table "active_admin_comments", force: :cascade do |t|
|
create_table "active_admin_comments", force: :cascade do |t|
|
||||||
t.string "namespace"
|
t.string "namespace"
|
||||||
@ -66,7 +66,7 @@ ActiveRecord::Schema.define(version: 20180408212139) do
|
|||||||
t.string "contact", limit: 255, default: ""
|
t.string "contact", limit: 255, default: ""
|
||||||
t.string "submitter", limit: 255, default: "", null: false
|
t.string "submitter", limit: 255, default: "", null: false
|
||||||
t.integer "moderated", limit: 4, default: 0, null: false
|
t.integer "moderated", limit: 4, default: 0, null: false
|
||||||
t.text "tags", limit: 255, null: true
|
t.text "tags", limit: 255, default: ""
|
||||||
t.string "secret", limit: 255, default: "", null: false
|
t.string "secret", limit: 255, default: "", null: false
|
||||||
t.datetime "decision_time"
|
t.datetime "decision_time"
|
||||||
t.datetime "submission_time"
|
t.datetime "submission_time"
|
||||||
@ -119,7 +119,7 @@ ActiveRecord::Schema.define(version: 20180408212139) do
|
|||||||
t.datetime "created_at"
|
t.datetime "created_at"
|
||||||
t.datetime "updated_at"
|
t.datetime "updated_at"
|
||||||
t.text "tag"
|
t.text "tag"
|
||||||
t.text "tags", null: true
|
t.text "tags", default: ""
|
||||||
t.text "diaspora"
|
t.text "diaspora"
|
||||||
t.text "object_changes"
|
t.text "object_changes"
|
||||||
t.text "place_name"
|
t.text "place_name"
|
||||||
@ -174,11 +174,14 @@ ActiveRecord::Schema.define(version: 20180408212139) do
|
|||||||
t.string "email", limit: 255, default: "", null: false
|
t.string "email", limit: 255, default: "", null: false
|
||||||
t.string "lastname", limit: 255, default: "", null: false
|
t.string "lastname", limit: 255, default: "", null: false
|
||||||
t.string "firstname", limit: 255, default: "", null: false
|
t.string "firstname", limit: 255, default: "", null: false
|
||||||
t.string "confirmation_token"
|
t.string "reset_password_token"
|
||||||
t.datetime "confirmed_at"
|
t.datetime "reset_password_sent_at"
|
||||||
t.datetime "confirmation_sent_at"
|
|
||||||
t.datetime "remember_created_at"
|
t.datetime "remember_created_at"
|
||||||
t.index ["confirmation_token"], name: "index_users_on_confirmation_token", unique: true
|
t.integer "sign_in_count", default: 0, null: false
|
||||||
|
t.datetime "current_sign_in_at"
|
||||||
|
t.datetime "last_sign_in_at"
|
||||||
|
t.string "current_sign_in_ip"
|
||||||
|
t.string "last_sign_in_ip"
|
||||||
end
|
end
|
||||||
|
|
||||||
create_table "versions", force: :cascade do |t|
|
create_table "versions", force: :cascade do |t|
|
||||||
|
@ -1,81 +0,0 @@
|
|||||||
require 'test_helper'
|
|
||||||
|
|
||||||
# Test moderator management controller
|
|
||||||
class UsersControllerTest < ActionDispatch::IntegrationTest
|
|
||||||
include Devise::Test::IntegrationHelpers
|
|
||||||
|
|
||||||
setup do
|
|
||||||
@user = users(:one)
|
|
||||||
|
|
||||||
sign_in users(:one)
|
|
||||||
end
|
|
||||||
|
|
||||||
test 'should get index' do
|
|
||||||
get users_url
|
|
||||||
assert_response :success
|
|
||||||
assert_not_nil assigns(:users)
|
|
||||||
end
|
|
||||||
|
|
||||||
test 'should get new' do
|
|
||||||
get new_user_url
|
|
||||||
assert_response :success
|
|
||||||
end
|
|
||||||
|
|
||||||
test 'should create user' do
|
|
||||||
assert_difference('User.count') do
|
|
||||||
post users_url, params: {
|
|
||||||
user: {
|
|
||||||
email: 'original@example.com',
|
|
||||||
firstname: @user.firstname,
|
|
||||||
lastname: @user.lastname,
|
|
||||||
login: @user.login,
|
|
||||||
password: 'abcdefghijklmnopqrstuvwxyz'
|
|
||||||
}
|
|
||||||
}
|
|
||||||
end
|
|
||||||
|
|
||||||
assert_redirected_to user_path(assigns(:user))
|
|
||||||
end
|
|
||||||
|
|
||||||
test 'should not create user' do
|
|
||||||
assert_no_difference('User.count') do
|
|
||||||
post users_url, params: { user: { login: nil } }
|
|
||||||
end
|
|
||||||
end
|
|
||||||
|
|
||||||
test 'should show user' do
|
|
||||||
get user_url(@user)
|
|
||||||
assert_response :success
|
|
||||||
end
|
|
||||||
|
|
||||||
test 'should get edit' do
|
|
||||||
get edit_user_url(@user)
|
|
||||||
assert_response :success
|
|
||||||
end
|
|
||||||
|
|
||||||
test 'should update user' do
|
|
||||||
patch user_url(@user), params: {
|
|
||||||
user: {
|
|
||||||
email: @user.email,
|
|
||||||
firstname: @user.firstname,
|
|
||||||
lastname: @user.lastname,
|
|
||||||
login: @user.login
|
|
||||||
}
|
|
||||||
}
|
|
||||||
assert_redirected_to user_path(assigns(:user))
|
|
||||||
end
|
|
||||||
|
|
||||||
test 'should not update user' do
|
|
||||||
patch user_url(@user), params: { user: { login: nil } }
|
|
||||||
|
|
||||||
assert_not_empty assigns(:user).errors
|
|
||||||
end
|
|
||||||
|
|
||||||
test 'should destroy user' do
|
|
||||||
assert_difference('User.count', -1) do
|
|
||||||
delete user_url(@user)
|
|
||||||
end
|
|
||||||
|
|
||||||
assert_redirected_to users_path
|
|
||||||
end
|
|
||||||
end
|
|
Loading…
Reference in New Issue
Block a user