Adding capabilities to users, login/password/etc.
This commit is contained in:
parent
194dd6a64e
commit
bf5ed5f261
@ -1,14 +1,35 @@
|
||||
ActiveAdmin.register User do
|
||||
permit_params :login, :password, :email, :lastname, :firstname
|
||||
index do
|
||||
column :login
|
||||
column :email
|
||||
column :firstname
|
||||
column :lastname
|
||||
column :current_sign_in_at
|
||||
column :last_sign_in_at
|
||||
column :sign_in_count
|
||||
actions
|
||||
end
|
||||
|
||||
filter :login
|
||||
filter :email
|
||||
filter :firstname
|
||||
filter :lastname
|
||||
|
||||
form do |f|
|
||||
f.inputs do
|
||||
f.inputs 'Admin Details' do
|
||||
f.input :login
|
||||
f.input :lastname
|
||||
f.input :firstname
|
||||
f.input :email
|
||||
f.input :firstname
|
||||
f.input :lastname
|
||||
f.input :password
|
||||
f.input :password_confirmation
|
||||
end
|
||||
f.actions
|
||||
end
|
||||
controller do
|
||||
def permitted_params
|
||||
params.permit admin_user: %i[login email firstname lastname password
|
||||
password_confirmation]
|
||||
end
|
||||
end
|
||||
end
|
||||
|
@ -1,3 +0,0 @@
|
||||
# Place all the behaviors and hooks related to the matching controller here.
|
||||
# All this logic will automatically be available in application.js.
|
||||
# You can use CoffeeScript in this file: http://coffeescript.org/
|
@ -1,5 +0,0 @@
|
||||
.sessions form
|
||||
margin: 6em auto
|
||||
|
||||
.logout
|
||||
margin: 2em auto
|
@ -1,3 +0,0 @@
|
||||
// Place all the styles related to the users controller here.
|
||||
// They will automatically be included in application.css.
|
||||
// You can use Sass (SCSS) here: http://sass-lang.com/
|
@ -1,6 +1,7 @@
|
||||
# The top level controller, where can be centralised almost everything
|
||||
class ApplicationController < ActionController::Base
|
||||
before_action :set_paper_trail_whodunnit, :set_locale, :discard
|
||||
before_action :set_mailer_host, if: :devise_controller?
|
||||
# Prevent CSRF attacks by raising an exception.
|
||||
# For APIs, you may want to use :null_session instead.
|
||||
protect_from_forgery prepend: true, with: :exception
|
||||
|
@ -76,11 +76,6 @@ class ModerationsController < ApplicationController
|
||||
:locality, :url, :contact, :submitter, :tag_list, :reason
|
||||
end
|
||||
|
||||
# Useful to manage absolute url in mails
|
||||
def set_mailer_host
|
||||
ActionMailer::Base.default_url_options[:host] = request.host_with_port
|
||||
end
|
||||
|
||||
def locked
|
||||
redirect_to edit_moderation_url(@moderation), alert: t('staleObjectError')
|
||||
end
|
||||
|
@ -38,11 +38,6 @@ class NotesController < ApplicationController
|
||||
params.require(:note).permit :contents
|
||||
end
|
||||
|
||||
# Useful to manage absolute url in mails
|
||||
def set_mailer_host
|
||||
ActionMailer::Base.default_url_options[:host] = request.host_with_port
|
||||
end
|
||||
|
||||
def send_mails
|
||||
if params[:envoiParMail] == 'oui'
|
||||
# Send an update mail to its author
|
||||
|
@ -1,74 +0,0 @@
|
||||
# Moderators life cycle
|
||||
class UsersController < ApplicationController
|
||||
before_action :authenticate_user!
|
||||
before_action :set_user, only: %i[show edit update destroy]
|
||||
|
||||
# GET /users
|
||||
# GET /users.json
|
||||
def index
|
||||
@users = User.all
|
||||
end
|
||||
|
||||
# GET /users/new
|
||||
def new
|
||||
@user = User.new
|
||||
end
|
||||
|
||||
# POST /users
|
||||
# POST /users.json
|
||||
def create
|
||||
@user = User.new(user_params)
|
||||
|
||||
respond_to do |format|
|
||||
if @user.save
|
||||
format.html { redirect_to @user, notice: 'User successfully created' }
|
||||
format.json { render action: 'show', status: :created, location: @user }
|
||||
else
|
||||
format.html { render action: 'new' }
|
||||
format.json { render json: @user.errors, status: :unprocessable_entity }
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
def show; end
|
||||
|
||||
def edit; end
|
||||
|
||||
# PATCH/PUT /users/1
|
||||
# PATCH/PUT /users/1.json
|
||||
def update
|
||||
respond_to do |format|
|
||||
if @user.update(user_params)
|
||||
format.html { redirect_to @user, notice: 'User successfully updated' }
|
||||
format.json { head :no_content }
|
||||
else
|
||||
format.html { render action: 'edit' }
|
||||
format.json { render json: @user.errors, status: :unprocessable_entity }
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
# DELETE /users/1
|
||||
# DELETE /users/1.json
|
||||
def destroy
|
||||
@user.destroy
|
||||
respond_to do |format|
|
||||
format.html { redirect_to users_url }
|
||||
format.json { head :no_content }
|
||||
end
|
||||
end
|
||||
|
||||
private
|
||||
|
||||
# Use callbacks to share common setup or constraints between actions.
|
||||
def set_user
|
||||
@user = User.find(params[:id])
|
||||
end
|
||||
|
||||
# Never trust parameters from the scary internet, only allow the white list
|
||||
# through.
|
||||
def user_params
|
||||
params.require(:user).permit :login, :email, :lastname, :firstname,
|
||||
:password
|
||||
end
|
||||
end
|
@ -5,8 +5,9 @@ require 'digest/md5'
|
||||
class User < ApplicationRecord
|
||||
# Include default devise modules. Others available are:
|
||||
# :confirmable, :lockable, :timeoutable and :omniauthable
|
||||
devise :database_authenticatable, authentication_keys: [:login]
|
||||
# :registerable, :validatable
|
||||
devise :database_authenticatable,
|
||||
:recoverable, :rememberable, :trackable, :validatable,
|
||||
authentication_keys: [:login]
|
||||
|
||||
validates :login, presence: true
|
||||
|
||||
@ -24,7 +25,7 @@ class User < ApplicationRecord
|
||||
if login.present?
|
||||
where(conditions).find_by login: login
|
||||
else
|
||||
find_first(conditions)
|
||||
where(conditions).limit(1).to_a[0]
|
||||
end
|
||||
end
|
||||
|
||||
|
@ -10,8 +10,8 @@
|
||||
= f.password_field :password, autocomplete: 'current-password'
|
||||
- if devise_mapping.rememberable?
|
||||
.field
|
||||
= f.check_box :remember_me
|
||||
= f.label :remember_me
|
||||
= f.check_box :remember_me
|
||||
.actions
|
||||
= f.submit t('.sign_in')
|
||||
|
||||
|
@ -1,22 +0,0 @@
|
||||
= form_for @user do |f|
|
||||
- if @user.errors.any?
|
||||
#error_explanation
|
||||
%h2= "#{pluralize(@user.errors.count, "error")} prohibited this user from being saved:"
|
||||
%ul
|
||||
- @user.errors.full_messages.each do |msg|
|
||||
%li= msg
|
||||
|
||||
.field
|
||||
= f.label :login
|
||||
= f.text_field :login
|
||||
.field
|
||||
= f.label :email
|
||||
= f.text_field :email
|
||||
.field
|
||||
= f.label :firstname
|
||||
= f.text_field :firstname
|
||||
.field
|
||||
= f.label :lastname
|
||||
= f.text_field :lastname
|
||||
.actions
|
||||
= f.submit 'Save'
|
@ -1,7 +0,0 @@
|
||||
%h1 Editing user
|
||||
|
||||
= render 'form'
|
||||
|
||||
= link_to 'Show', @user
|
||||
\|
|
||||
= link_to 'Back', users_path
|
@ -1,24 +0,0 @@
|
||||
%h1= User.model_name.human.pluralize
|
||||
|
||||
%table.list
|
||||
%tr
|
||||
%th= User.human_attribute_name :login
|
||||
%th= User.human_attribute_name :email
|
||||
%th= User.human_attribute_name :firstname
|
||||
%th= User.human_attribute_name :lastname
|
||||
%th
|
||||
|
||||
- @users.each do |user|
|
||||
%tr{ class: cycle('odd', 'even') }
|
||||
%td= user.login
|
||||
%td= user.email
|
||||
%td= user.firstname
|
||||
%td= user.lastname
|
||||
%td
|
||||
= link_to user, class: 'view_link' do
|
||||
%em.fa.fa-eye
|
||||
= link_to t('edit'), edit_user_path(user), class: 'edit_link'
|
||||
= link_to t('destroy'), user, method: :delete,
|
||||
data: { confirm: 'Are you sure?' }, class: 'delete_link'
|
||||
|
||||
.actions= link_to 'New User', new_user_path
|
@ -1,4 +0,0 @@
|
||||
json.array!(@users) do |user|
|
||||
json.extract! user, :login, :email, :lastname, :firstname
|
||||
json.url user_url(user, format: :json)
|
||||
end
|
@ -1,5 +0,0 @@
|
||||
%h1 New user
|
||||
|
||||
= render 'form'
|
||||
|
||||
= link_to 'Back', users_path
|
@ -1,19 +0,0 @@
|
||||
%h1= User.model_name.human
|
||||
%fieldset
|
||||
%p
|
||||
%b Login:
|
||||
= @user.login
|
||||
%p
|
||||
%b Email:
|
||||
= @user.email
|
||||
%p
|
||||
%b Firstname:
|
||||
= @user.firstname
|
||||
%p
|
||||
%b Lastname:
|
||||
= @user.lastname
|
||||
|
||||
.actions
|
||||
= link_to 'Edit', edit_user_path(@user)
|
||||
\|
|
||||
= link_to 'Back', users_path
|
@ -1,2 +0,0 @@
|
||||
json.extract! @user, :login, :email, :lastname, :firstname, :created_at,
|
||||
:updated_at
|
@ -2,7 +2,6 @@ Rails.application.routes.draw do
|
||||
get 'stats', to: 'stats#index'
|
||||
get 'versions', to: 'versions#index'
|
||||
|
||||
resources :users
|
||||
resources :events do
|
||||
get :cancel, on: :member
|
||||
post :preview, on: :collection, to: 'events#preview_create'
|
||||
@ -42,8 +41,7 @@ Rails.application.routes.draw do
|
||||
get '(:format).php',
|
||||
to: redirect { |_, r| "events.#{r.format.to_sym}?#{r.query_string}" }
|
||||
|
||||
devise_for :users,
|
||||
path: '', path_names: { sign_in: 'login', sign_out: 'logout' }
|
||||
devise_for :users
|
||||
devise_for :admin_users, ActiveAdmin::Devise.config
|
||||
ActiveAdmin.routes(self)
|
||||
|
||||
|
18
db/migrate/20190509170714_add_abilities_to_devise.rb
Normal file
18
db/migrate/20190509170714_add_abilities_to_devise.rb
Normal file
@ -0,0 +1,18 @@
|
||||
# Add some capacities to users, to facilitate their mgmt
|
||||
class AddAbilitiesToDevise < ActiveRecord::Migration[5.2]
|
||||
def change
|
||||
## Recoverable
|
||||
add_column :users, :reset_password_token, :string
|
||||
add_column :users, :reset_password_sent_at, :datetime
|
||||
|
||||
## Rememberable
|
||||
add_column :users, :remember_created_at, :datetime
|
||||
|
||||
## Trackable
|
||||
add_column :users, :sign_in_count, :integer, default: 0, null: false
|
||||
add_column :users, :current_sign_in_at, :datetime
|
||||
add_column :users, :last_sign_in_at, :datetime
|
||||
add_column :users, :current_sign_in_ip, :string
|
||||
add_column :users, :last_sign_in_ip, :string
|
||||
end
|
||||
end
|
17
db/schema.rb
17
db/schema.rb
@ -10,7 +10,7 @@
|
||||
#
|
||||
# It's strongly recommended that you check this file into your version control system.
|
||||
|
||||
ActiveRecord::Schema.define(version: 20180408212139) do
|
||||
ActiveRecord::Schema.define(version: 2019_05_09_170714) do
|
||||
|
||||
create_table "active_admin_comments", force: :cascade do |t|
|
||||
t.string "namespace"
|
||||
@ -66,7 +66,7 @@ ActiveRecord::Schema.define(version: 20180408212139) do
|
||||
t.string "contact", limit: 255, default: ""
|
||||
t.string "submitter", limit: 255, default: "", null: false
|
||||
t.integer "moderated", limit: 4, default: 0, null: false
|
||||
t.text "tags", limit: 255, null: true
|
||||
t.text "tags", limit: 255, default: ""
|
||||
t.string "secret", limit: 255, default: "", null: false
|
||||
t.datetime "decision_time"
|
||||
t.datetime "submission_time"
|
||||
@ -119,7 +119,7 @@ ActiveRecord::Schema.define(version: 20180408212139) do
|
||||
t.datetime "created_at"
|
||||
t.datetime "updated_at"
|
||||
t.text "tag"
|
||||
t.text "tags", null: true
|
||||
t.text "tags", default: ""
|
||||
t.text "diaspora"
|
||||
t.text "object_changes"
|
||||
t.text "place_name"
|
||||
@ -174,11 +174,14 @@ ActiveRecord::Schema.define(version: 20180408212139) do
|
||||
t.string "email", limit: 255, default: "", null: false
|
||||
t.string "lastname", limit: 255, default: "", null: false
|
||||
t.string "firstname", limit: 255, default: "", null: false
|
||||
t.string "confirmation_token"
|
||||
t.datetime "confirmed_at"
|
||||
t.datetime "confirmation_sent_at"
|
||||
t.string "reset_password_token"
|
||||
t.datetime "reset_password_sent_at"
|
||||
t.datetime "remember_created_at"
|
||||
t.index ["confirmation_token"], name: "index_users_on_confirmation_token", unique: true
|
||||
t.integer "sign_in_count", default: 0, null: false
|
||||
t.datetime "current_sign_in_at"
|
||||
t.datetime "last_sign_in_at"
|
||||
t.string "current_sign_in_ip"
|
||||
t.string "last_sign_in_ip"
|
||||
end
|
||||
|
||||
create_table "versions", force: :cascade do |t|
|
||||
|
@ -1,81 +0,0 @@
|
||||
require 'test_helper'
|
||||
|
||||
# Test moderator management controller
|
||||
class UsersControllerTest < ActionDispatch::IntegrationTest
|
||||
include Devise::Test::IntegrationHelpers
|
||||
|
||||
setup do
|
||||
@user = users(:one)
|
||||
|
||||
sign_in users(:one)
|
||||
end
|
||||
|
||||
test 'should get index' do
|
||||
get users_url
|
||||
assert_response :success
|
||||
assert_not_nil assigns(:users)
|
||||
end
|
||||
|
||||
test 'should get new' do
|
||||
get new_user_url
|
||||
assert_response :success
|
||||
end
|
||||
|
||||
test 'should create user' do
|
||||
assert_difference('User.count') do
|
||||
post users_url, params: {
|
||||
user: {
|
||||
email: 'original@example.com',
|
||||
firstname: @user.firstname,
|
||||
lastname: @user.lastname,
|
||||
login: @user.login,
|
||||
password: 'abcdefghijklmnopqrstuvwxyz'
|
||||
}
|
||||
}
|
||||
end
|
||||
|
||||
assert_redirected_to user_path(assigns(:user))
|
||||
end
|
||||
|
||||
test 'should not create user' do
|
||||
assert_no_difference('User.count') do
|
||||
post users_url, params: { user: { login: nil } }
|
||||
end
|
||||
end
|
||||
|
||||
test 'should show user' do
|
||||
get user_url(@user)
|
||||
assert_response :success
|
||||
end
|
||||
|
||||
test 'should get edit' do
|
||||
get edit_user_url(@user)
|
||||
assert_response :success
|
||||
end
|
||||
|
||||
test 'should update user' do
|
||||
patch user_url(@user), params: {
|
||||
user: {
|
||||
email: @user.email,
|
||||
firstname: @user.firstname,
|
||||
lastname: @user.lastname,
|
||||
login: @user.login
|
||||
}
|
||||
}
|
||||
assert_redirected_to user_path(assigns(:user))
|
||||
end
|
||||
|
||||
test 'should not update user' do
|
||||
patch user_url(@user), params: { user: { login: nil } }
|
||||
|
||||
assert_not_empty assigns(:user).errors
|
||||
end
|
||||
|
||||
test 'should destroy user' do
|
||||
assert_difference('User.count', -1) do
|
||||
delete user_url(@user)
|
||||
end
|
||||
|
||||
assert_redirected_to users_path
|
||||
end
|
||||
end
|
Loading…
Reference in New Issue
Block a user