adva_user 0.0.1

data/app/models/password_mailer.rb

@@ -0,0 +1,43 @@
+require "login/mail_config"
+
+class PasswordMailer < ActionMailer::Base
+  include Login::MailConfig
+
+  class << self
+    def handle_user_password_reset_requested!(event)
+      deliver_reset_password_email(
+        :user => event.object, 
+        :from => site(event.source.site).email_from,
+        :reset_link => password_reset_link(event.source, event.token), 
+        :token => event.token
+      )
+    end
+
+    def handle_user_password_updated!(event)
+      deliver_updated_password_email(
+        :user => event.object, 
+        :from => site(event.source.site).email_from
+      )
+    end
+
+    private
+
+      def password_reset_link(controller, token)
+        controller.send(:url_for, :action => 'edit', :token => token)
+      end
+  end
+  
+  def reset_password_email(attributes = {})
+    recipients attributes[:user].email
+    from       attributes[:from]
+    subject    I18n.t(:'adva.passwords.notifications.reset_password.subject')
+    body       attributes
+  end
+
+  def updated_password_email(attributes = {})
+    recipients attributes[:user].email
+    from       attributes[:from]
+    subject    I18n.t(:'adva.passwords.notifications.password_updated.subject')
+    body       attributes
+  end
+end

data/app/models/user.rb

@@ -0,0 +1,106 @@
+class User < ActiveRecord::Base
+  acts_as_authenticated_user
+
+  # TODO how do we work this in?
+  #  acts_as_authenticated_user :token_with => 'Authentication::SingleToken',
+  #                             :authenticate_with => nil
+
+  scope :verified, -> { where.not(verified_at: nil) }
+
+  belongs_to :account
+  has_many :sites, :through => :memberships
+  has_many :memberships, :dependent => :delete_all
+
+  validates_presence_of     :first_name, :email
+  validates_uniqueness_of   :email # i.e. account attributes are unique per application, not per site
+  validates_length_of       :first_name, :within => 1..40
+  validates_length_of       :last_name, :allow_nil => true, :within => 0..40
+  validates_format_of       :email, :allow_nil => true,
+    :with => /(\A(\s*)\Z)|(\A([^@\s]+)@((?:[-a-z0-9]+\.)+[a-z]{2,})\Z)/i
+
+  validates_presence_of     :password,                         :if => :password_required?
+  validates_length_of       :password, :within => 4..40,       :if => :password_required?
+
+  class << self
+    def authenticate(credentials)
+      return false unless user = User.find_by_email(credentials[:email])
+      user.authenticate(credentials[:password]) ? user : false
+    end
+    
+    def anonymous(attributes = {}) # FIXME rename to build_anonymous
+      attributes[:anonymous] = true
+      new attributes
+    end
+  end
+
+  def attributes=(attributes)
+    attributes.symbolize_keys!
+    memberships = attributes.delete :memberships
+    super.tap do
+      update_memberships memberships if memberships
+    end
+  end
+
+  def update_memberships(memberships)
+    memberships.each do |site_id, active|
+      site = Site.find(site_id)
+      if active
+        self.sites << site unless member_of?(site)
+      else
+        self.sites.delete(site) if member_of?(site)
+      end
+    end
+  end
+
+  def member_of?(site)
+    sites.include?(site)
+  end
+
+  def verified?
+    !verified_at.nil?
+  end
+
+  def verify!
+    update_attributes :verified_at => Time.zone.now if verified_at.nil?
+  end
+
+  # def restore!
+  #   update_attributes :deleted_at => nil if deleted_at
+  # end
+
+  def registered?
+    !new_record? && !anonymous?
+  end
+
+  def name=(name)
+    self.first_name = name
+  end
+
+  def name
+    last_name ? "#{first_name} #{last_name}" : first_name
+  end
+
+  def to_s
+    name
+  end
+
+  def email_with_name
+    "#{name} <#{email}>"
+  end
+
+  def homepage
+    return nil unless self[:homepage]
+
+    self[:homepage][0..6] == 'http://' ? self[:homepage] : 'http://' + self[:homepage]
+  end
+
+  def first_name_from_email
+    self.first_name.blank? && self.email ? self.email.split('@').first : self.first_name
+  end
+
+  protected
+
+    def password_required?
+      !anonymous? && (password_hash.nil? || password.present?)
+    end
+end

data/app/views/admin/users/_form.html.erb

@@ -0,0 +1,29 @@
+<fieldset>
+  <div class="col">
+    <%= f.text_field :first_name, :label => "First name" %>
+    <%= f.text_field :email, :label => "Email" %>
+    <%= f.password_field :password, :label => "Password" %>
+  </div>
+
+  <div class="col">
+    <%= f.text_field :last_name, :label => "Last name" %>
+    <%= f.text_field :homepage, :label => "Homepage" %>
+  </div>
+</fieldset>
+
+<h4><%= t(:'adva.titles.roles') %></h4>
+<p class="hint text_only"><%= t(:'adva.hints.roles') %></p>
+
+<fieldset>
+  <% if current_user.has_role?(:superuser) %>
+    <p>
+    <%= hidden_field_tag "user[roles_attributes][0][selected]", 0 %>
+    <span class='hint'><%= t(:'adva.roles.hints.superuser') %></span>
+      <%= check_box_tag "user[roles_attributes][0][selected]", 1, @user.has_global_role?(:superuser), :id => "user_role_superuser" %>
+      <%= hidden_field_tag "user[roles_attributes][0][name]", 'superuser' %>
+      <%= f.label "role_superuser", t(:'adva.roles.labels.superuser'), :class => 'light inline' %>
+    </p>
+  <% end %>
+</fieldset>
+
+<% save_or_cancel_links(f, :cancel_url => admin_site_users_path(@site)) %>

data/app/views/admin/users/_sidebar.html.erb

@@ -0,0 +1,8 @@
+<% content_for :sidebar do %>
+	<div class="tabs">
+		<div class="tab active">
+		  <%= gravatar_img(@user) %>
+	  </div>  
+  </div>
+<% end -%>
+

data/app/views/admin/users/edit.html.erb

@@ -0,0 +1,7 @@
+<h2><%= t(:'adva.users.titles.edit') %></h2>
+
+<%= form_for [:admin, @site, @user] do |f| -%>
+  <%= render :partial => 'form', :locals => {:f => f} %>  
+<% end -%>
+
+<%= render :partial => 'sidebar' %>

data/app/views/admin/users/index.html.erb

@@ -0,0 +1,13 @@
+<ul id="users">
+  <% @users.each do |user| %>
+		<li>
+		  <%= gravatar_img(user) %>
+		  <h4><%= link_to user.name, [:admin, @site, user] %></h4>
+		  <p><%= user.email %></p>
+		  <p class="actions">
+		    <%= link_to t(:'adva.links.edit'), [:edit, :admin, @site, user], :class => 'edit' %>
+        <%= link_to t(:'adva.links.delete'), [:admin, @site, user], :class => 'delete', :data => { :confirm => t(:'adva.users.confirm_delete') }, :method => :delete %>
+		  </p>
+		</li> 
+	<% end %>
+</ul>	

data/app/views/admin/users/new.html.erb

@@ -0,0 +1,5 @@
+<h2><%= t(:'adva.users.titles.new') %></h2>
+
+<%= form_for [:admin, @site, @user] do |f| -%>
+  <%= render :partial => 'form', :locals => {:f => f} %>  
+<% end -%>

data/app/views/admin/users/show.html.erb

@@ -0,0 +1,27 @@
+<h2><%= @user.name %></h2>
+
+<h3><%= t(:'adva.common.details') %></h3>
+<p>
+  <%= t(:'adva.users.labels.email') %>:
+  <%= @user.email %>
+</p>
+
+<% if @user.homepage %>
+  <p>
+    <%= t(:'adva.users.labels.url') %>:
+    <%= link_to @user.homepage, @user.homepage %>
+  </p>
+<% end %>
+
+<h3><%= t(:'adva.common.events') %></h3>
+<p>
+  <%= t(:'adva.users.labels.created_at') %>:
+  <%= @user.created_at %>
+</p>
+
+<p>
+  <%= t(:'adva.users.labels.updated_at') %>:
+  <%= @user.updated_at %>
+</p>
+
+<%= render :partial => 'sidebar' %>

data/app/views/layouts/login.html.erb

@@ -0,0 +1,24 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+  <head>
+    <meta http-equiv="Content-type" content="text/html; charset=utf-8" />
+ 		<meta name="generator" content="adva-cms - Open source content management platform" /> 
+    <title>adva-cms: <%= controller.controller_name %></title>
+
+    <%= stylesheet_link_tag "adva_cms/admin" %>
+    <%= javascript_include_tag "adva_cms/application" %>
+    <%= yield :head %>
+  </head>
+  <body>   
+    <div id="header">
+    </div>
+    
+    <div class="main">
+      <div id="flashes"><%= render :partial => 'shared/flash' %></div>
+      <div id="content">
+        <%= yield %>      
+      </div>
+    </div>
+
+  </body>
+</html>

data/app/views/password/edit.html.erb

@@ -0,0 +1,14 @@
+<h2><%= t(:'adva.passwords.titles.edit') %></h2>
+
+<p><%= params[:token].blank? ? t(:'adva.passwords.info.please_enter_new_password_and_token') : t(:'adva.passwords.info.please_enter_new_password') %></p>
+
+<%= form_for 'user', :url => password_path, :html => { :method => :put } do |f| %>
+  <% f.field_set do %>
+		<%= label_tag(t(:'adva.passwords.attributes.token')) + text_field_tag('token') unless current_user %>
+		<%= f.password_field :password, :label => :"adva.users.attributes.new_password" %>
+  <% end %>
+
+  <% f.buttons do %>
+		<%= submit_tag t(:'adva.common.save') %>
+	<% end %>
+<% end %>

data/app/views/password/new.html.erb

@@ -0,0 +1,13 @@
+<h2><%= t(:'adva.passwords.titles.new') %></h2>
+
+<%= form_tag password_path do %>
+  <fieldset>
+    <p><%= t(:'adva.passwords.info.please_enter_email_to_reset_password') %></p>
+		<%= label_tag 'user[email]', t(:"adva.users.attributes.email") %>
+	  <%= text_field_tag 'user[email]' %>
+	</fieldset>
+	
+  <% buttons do %>
+    <%= submit_tag t(:'adva.passwords.links.reset') %>
+  <% end %>
+<% end %>

data/app/views/password_mailer/reset_password_email.html.erb

@@ -0,0 +1,3 @@
+<%= t(:'adva.passwords.notifications.reset_password.body', :name => @user.name, :link => @reset_link, :token => @token) %>
+
+

data/app/views/password_mailer/updated_password_email.html.erb

@@ -0,0 +1 @@
+<%= t(:'adva.passwords.notifications.password_updated.body', :name => @user.name) %>

data/app/views/session/new.html.erb

@@ -0,0 +1,17 @@
+<div id="centered_box">
+  <%= form_for @user, :url => session_path, :html => {:id => 'login'} do |f| %>
+    <%= hidden_field_tag :return_to, params[:return_to] if params[:return_to] %>
+
+  	<fieldset>
+  		<%= f.text_field :email, :class => 'big', :label => "Email" %>
+  		<%= f.password_field :password, :class => 'big', :label => "Password" %>
+  		<%= check_box_tag 'user[remember_me]', 1, @remember_me, :id => 'user_remember_me' %>
+			<%= label_tag :user_remember_me, t(:'adva.session.labels.remember_me'), :class => 'inline light' %>
+    </fieldset>
+  	
+  	<fieldset>
+  	  <%= submit_tag "Login", :id => 'commit' %> <%= t(:'adva.common.connector.or')%>
+  	  <%= link_to t(:'adva.passwords.titles.new'), new_password_path %>
+    </fieldset>
+  <% end %>
+</div>

data/config/initializers/menus.rb

@@ -0,0 +1,25 @@
+module Menus
+  module Admin
+    class Users < Menu::Group
+      define do
+        id :main
+        parent Sites.new.build(scope).find(:users)
+
+        menu :left, :class => 'left' do
+          item :users, :action => :index, :resource => [@site, :user]
+        end
+        menu :actions, :class => 'actions' do
+          activates object.parent.find(:users)
+          item :new, :action => :new, :resource => [@site, :user]
+          if @user && !@user.new_record?
+            item :show,   :url => admin_site_user_path(@site, @user)
+            item :edit,   :url => edit_admin_site_user_path(@site, @user)
+            # item :show,   :action  => :show, :resource => @user
+            # item :edit,   :action  => :edit, :resource => @user
+            item :delete, :content => link_to("Delete", [:admin, @site, @user], :method => :delete)
+          end
+        end
+      end
+    end
+  end
+end

data/config/routes.rb

@@ -0,0 +1,14 @@
+Rails.application.routes.draw do
+  get "login" => "session#new"
+  delete "logout" => "session#destroy"
+
+  resource :session,     :controller => "session"
+  resource :password,    :controller => "password"
+
+  namespace :admin do
+    resources :users
+    resources :sites do
+      resources :users
+    end
+  end
+end

data/db/migrate/20080402000001_create_users_table.rb

@@ -0,0 +1,33 @@
+class CreateUsersTable < ActiveRecord::Migration
+  def self.up
+    create_table :users do |t|
+      t.string     :first_name,       :limit => 40
+      t.string     :last_name,        :limit => 40
+      t.string     :email,            :limit => 100
+      t.string     :homepage
+      t.string     :about
+      t.string     :signature
+      
+      t.string     :password_hash,    :limit => 40
+      t.string     :password_salt,    :limit => 40
+      
+      t.string     :ip
+      t.string     :agent
+      t.string     :referer
+
+      t.string     :remember_me,      :limit => 40
+      t.string     :token_key,        :limit => 40
+      t.datetime   :token_expiration
+
+      t.boolean    :anonymous,        :default => false
+
+      t.timestamps
+      t.datetime   :verified_at
+      t.datetime   :deleted_at
+    end
+  end
+
+  def self.down
+    drop_table :users
+  end
+end

data/db/migrate/20080402000005_create_memberships_table.rb

@@ -0,0 +1,13 @@
+class CreateMembershipsTable < ActiveRecord::Migration
+  def self.up
+    create_table :memberships, :force => true do |t|
+      t.references :site
+      t.references :user
+      t.timestamps
+    end
+  end
+  
+  def self.down
+    drop_table :memberships
+  end
+end

data/db/migrate/20090625124502_create_accounts.rb

@@ -0,0 +1,13 @@
+class CreateAccounts < ActiveRecord::Migration
+  def self.up
+    create_table :accounts do |t|
+      t.string :name
+      
+      t.timestamps
+    end
+  end
+
+  def self.down
+    drop_table :accounts
+  end
+end

data/db/migrate/20090625133231_add_account_to_user.rb

@@ -0,0 +1,10 @@
+class AddAccountToUser < ActiveRecord::Migration
+  def self.up
+    add_column  :users, :account_id, :integer
+    add_index   :users, :account_id
+  end
+
+  def self.down
+    remove_column :users, :account_id
+  end
+end