Skip to content

Instantly share code, notes, and snippets.

@elricstorm
Created January 17, 2010 19:39
Show Gist options
  • Save elricstorm/279536 to your computer and use it in GitHub Desktop.
Save elricstorm/279536 to your computer and use it in GitHub Desktop.
class UsersController < ApplicationController
before_filter :find_user, :only => [:suspend, :unsuspend, :destroy, :purge]
before_filter :login_required, :except => [:new, :create, :activate, :change_password, :forgot_password, :reset_password]
before_filter :authorize, :except => [:new, :create, :activate, :change_password, :forgot_password, :reset_password]
def index
@users = User.find(:all)
respond_to do |format|
format.html # index.html.erb
format.xml { render :xml => @messages }
end
end
def force_activate
@user = User.force_activate_now(params[:id])
respond_to do |format|
format.html { redirect_to users_path }
format.xml { head :ok }
end
end
def show
@user = User.find(params[:id])
respond_to do |format|
format.html # show.html.erb
format.xml { render :xml => @message }
end
end
def edit
@user = User.find(params[:id])
end
def update
@user = User.find(params[:id])
respond_to do |format|
if @user.update_attributes(params[:user])
flash[:notice] = 'User was successfully updated.'
format.html { redirect_to users_path }
format.xml { head :ok }
else
format.html { render :action => "edit" }
format.xml { render :xml => @user.errors, :status => :unprocessable_entity }
end
end
end
def destroy
@user = User.find(params[:id])
@user.destroy
respond_to do |format|
format.html { redirect_to users_path }
format.xml { head :ok }
end
end
def new
@user = User.new
respond_to do |format|
format.html # new.html.erb
format.xml { render :xml => @message }
end
end
def create
logout_keeping_session!
@user = User.new(params[:user])
@user.register! if @user && @user.valid?
success = @user && @user.valid?
if success && @user.errors.empty?
flash[:notice] = "Thanks for signing up! We're sending you an email with your activation code."
else
flash[:error] = "We couldn't set up that account, sorry. Please try again, or contact an admin (link is above)."
render :action => 'new'
end
end
def activate
logout_keeping_session!
user = User.find_by_activation_code(params[:activation_code]) unless params[:activation_code].blank?
case
when (!params[:activation_code].blank?) && user && !user.active?
user.activate!
flash[:notice] = "Signup complete! Please sign in to continue."
redirect_to '/login'
when params[:activation_code].blank?
flash[:error] = "The activation code was missing. Please follow the URL from your email."
redirect_back_or_default('/')
else
flash[:error] = "We couldn't find a user with that activation code -- check your email? Or maybe you've already activated -- try signing in."
redirect_back_or_default('/')
end
end
def suspend
@user.suspend!
redirect_to users_path
end
def unsuspend
@user.unsuspend!
redirect_to users_path
end
def purge
@user.destroy
redirect_to users_path
end
def change_password
return unless request.post?
if User.authenticate(current_user.login, params[:old_password])
if ((params[:password] == params[:password_confirmation]) && !params[:password_confirmation].blank?)
current_user.password_confirmation = params[:password_confirmation]
current_user.password = params[:password]
if current_user.save
flash[:notice] = "Password was successfully updated."
redirect_to profile_url(current_user.login)
else
flash[:alert] = "Password has not been changed."
end
else
flash[:alert] = "New Password mismatch.."
@old_password = params[:old_password]
end
else
flash[:alert] = "Your old password is incorrect."
end
end
#gain email address
def forgot_password
return unless request.post?
if @user = User.find_by_email(params[:user][:email])
@user.forgot_password
@user.save
redirect_back_or_default('/')
flash[:notice] = "A password reset link has been sent to your email address"
else
flash[:alert] = "Could not find a user with that email address"
end
end
#reset password
def reset_password
@user = User.find_by_password_reset_code(params[:id])
return if @user unless params[:user]
if ((params[:user][:password] && params[:user][:password_confirmation]) && !params[:user][:password_confirmation].blank?)
self.current_user = @user #for the next two lines to work
current_user.password_confirmation = params[:user][:password_confirmation]
current_user.password = params[:user][:password]
@user.reset_password
flash[:notice] = current_user.save ? "Password reset was successful." : "Password reset has failed."
redirect_back_or_default('/')
else
flash[:alert] = "Password mismatch.."
end
end
protected
def find_user
@user = User.find(params[:id])
end
end
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment