muck-users 0.1.0

data/app/controllers/muck/users_controller.rb

@@ -0,0 +1,211 @@
+class Muck::UsersController < ApplicationController
+  unloadable
+
+  ssl_required :show, :new, :edit, :create, :update
+  before_filter :not_logged_in_required, :only => [:new, :create] 
+  before_filter :login_required, :only => [:show, :edit, :update, :welcome]
+  before_filter :check_administrator_role, :only => [:enable]
+
+  def show
+    @user = User.find(params[:id]) if params[:id]
+    @user ||= current_user
+    if @user == current_user || admin?
+      @page_title = @user.to_param
+      standard_response('show')
+    else
+      redirect_to public_user_path(@user)
+    end
+  end
+  
+  def welcome
+    @page_title = t('muck.users.welcome')
+    @user = User.find(params[:id])
+    respond_to do |format|
+      format.html { render :template => 'users/welcome' }
+    end
+  end
+  
+  def activation_instructions
+    @page_title = t('muck.users.welcome')
+    @user = User.find(params[:id])
+    respond_to do |format|
+      format.html { render :template => 'users/activation_instructions' }
+    end
+  end
+
+  def new
+    @page_title = t('muck.users.register_account', :application_name => GlobalConfig.application_name)
+    @user = User.new
+    standard_response('new')
+  end
+  
+  def edit
+    @page_title = t('muck.users.update_profile')
+    @user = admin? ? User.find(params[:id]) : current_user
+    respond_to do |format|
+      format.html { render :template => 'users/edit' }
+    end
+  end
+    
+  def create
+    @page_title = t('muck.users.register_account', :application_name => GlobalConfig.application_name)
+    cookies.delete :auth_token
+    @user = User.new(params[:user])
+
+    if GlobalConfig.use_recaptcha
+      if !(verify_recaptcha(@user) && @user.valid?)
+        raise ActiveRecord::RecordInvalid, @user
+      end
+    end
+
+    if GlobalConfig.automatically_activate
+      if GlobalConfig.automatically_login_after_account_create
+        if @user.save
+          @user.activate!
+          @user.deliver_welcome_email
+          flash[:notice] = t('muck.users.thanks_sign_up')
+          after_create_response(true, signup_complete_path(@user))
+        else
+          after_create_response(false)
+        end
+      else
+        if @user.save_without_session_maintenance
+          @user.activate!
+          @user.deliver_welcome_email
+          flash[:notice] = t('muck.users.thanks_sign_up_login')
+          after_create_response(true, signup_complete_login_required_path(@user))
+        else
+          after_create_response(false)
+        end
+      end
+    else
+      if @user.save_without_session_maintenance      
+        @user.deliver_activation_instructions!
+        flash[:notice] = t('muck.users.thanks_sign_up_check')
+        after_create_response(true, signup_complete_activation_required_path(@user))
+      else
+        after_create_response(false)
+      end
+    end
+  end
+
+  def update
+    @title = t("users.update_profile")
+    @user = admin? ? User.find(params[:id]) : User.find(current_user)
+    if @user.update_attributes(params[:user])
+      flash[:notice] = t("muck.users.user_update")
+      after_update_response(true)
+    else
+      after_update_response(false)
+    end
+  end
+
+  def destroy
+    return unless admin? || GlobalConfig.let_users_delete_their_account
+    @user = admin? ? User.find(params[:id]) : User.find(current_user)
+    if @user.destroy
+      flash[:notice] = t("muck.users.user_account_deleted")
+    end
+    after_destroy_response
+  end
+
+  def is_login_available
+    result = t('muck.users.username_not_available')
+    if params[:user_login] && params[:user_login].length <= 0
+      result = ''
+    elsif !User.login_exists?(params[:user_login])
+      @user = User.new(:login => params[:user_login])
+      if !@user.validate_attributes(:only => [:login])
+        result = t('muck.users.invalid_username')
+        @user.errors.full_messages.each do |message|
+          if !message.include? 'blank'
+            result += "<br />#{message}"
+          end
+        end
+      else
+        result = t('muck.users.username_available')
+      end
+    end
+    respond_to do |format|
+      format.html { render :text => result}
+    end
+  end
+
+  def is_email_available
+    # TODO add in link to let the user recover their password
+    #recover_password_prompt = link_to(t('muck.users.recover_password_prompt'), reset_password_path)
+    recover_password_prompt = ''
+    result = t('muck.users.email_not_available', :reset_password_help => recover_password_prompt)
+    
+    if params[:user_email] && params[:user_email].length <= 0
+      result = ''
+    elsif !User.email_exists?(params[:user_email])
+      result = t('muck.users.email_available')
+    end
+    respond_to do |format|
+      format.html { render :text => result}
+    end
+  end
+
+  protected 
+
+  def standard_response(template)
+    respond_to do |format|
+      format.html { render :template => "users/#{template}" }
+      format.xml { render :xml => @user }
+    end
+  end
+  
+  def after_create_response(success, local_uri = '')
+    if success
+      respond_to do |format|
+        format.html { redirect_to local_uri }
+        format.xml { render :xml => @user, :status => :created, :location => user_url(@user) }
+      end
+    else
+      respond_to do |format|
+        format.html { render :template => "users/new" }
+        format.xml  { render :xml => @user.errors, :status => :unprocessable_entity }
+      end
+    end
+  end
+  
+  def after_update_response(success)
+    if success
+      respond_to do |format|
+        format.html do
+          get_redirect_to do
+            redirect_to admin? ? profile_path(@user) : user_path(@user)
+          end
+        end
+        format.xml{ head :ok }
+      end
+    else
+      respond_to do |format|
+        format.html { render :template => 'users/edit' }
+        format.xml  { render :xml => @user.errors, :status => :unprocessable_entity }
+      end
+    end
+  end
+  
+  def after_destroy_response
+    respond_to do |format|
+      format.html do
+        get_redirect_to do
+          redirect_to(root_url)
+        end
+      end
+      format.xml { head :ok }
+    end
+  end
+  
+  def permission_denied
+    flash[:notice] = t('muck.users.permission_denied')
+    respond_to do |format|
+      format.html do
+        redirect_to user_path(current_user)
+      end
+    end
+  end
+
+end

data/app/models/muck_user_mailer.rb

@@ -0,0 +1,53 @@
+class MuckUserMailer < ActionMailer::Base
+  unloadable
+  
+  default_url_options[:host] = GlobalConfig.application_url
+  
+  def activation_confirmation(user)
+    setup_email(user)
+    subject   I18n.t('muck.users.activation_complete')
+    body      :user => user
+  end
+  
+  def activation_instructions(user)
+    setup_email(user)
+    subject   I18n.t('muck.users.activation_instructions')
+    body      :user => user,
+              :account_activation_url => activate_url(user.perishable_token)
+  end
+
+  def password_not_active_instructions(user)
+    setup_email(user)
+    subject   I18n.t('muck.users.account_not_activated', :application_name => GlobalConfig.application_name)
+    body      :user => user
+  end
+
+  def password_reset_instructions(user)
+    setup_email(user)
+    subject   I18n.t('muck.users.password_reset_email_subject', :application_name => GlobalConfig.application_name)
+    body      :user => user
+  end
+
+  def welcome_notification(user)
+    setup_email(user)
+    subject   I18n.t('muck.users.welcome_email_subject', :application_name => GlobalConfig.application_name)
+    body      :login => user.login,
+              :application_name => GlobalConfig.application_name
+  end
+
+  def username_request(user)
+    setup_email(user)
+    subject   I18n.t('muck.users.request_username_subject', :application_name => GlobalConfig.application_name)
+    body      :login => user.login,
+              :application_name => GlobalConfig.application_name
+  end
+  
+  protected
+  def setup_email(user)
+    @recipients  = "#{user.email}"
+    @from        = "#{GlobalConfig.from_email}"
+    @sent_on     = Time.now
+    @body[:user] = user
+  end
+
+end

data/app/models/permission.rb

@@ -0,0 +1,17 @@
+# == Schema Information
+#
+# Table name: permissions
+#
+#  id         :integer(4)      not null, primary key
+#  role_id    :integer(4)      not null
+#  user_id    :integer(4)      not null
+#  created_at :datetime
+#  updated_at :datetime
+#
+
+class Permission < ActiveRecord::Base
+  unloadable
+  
+  belongs_to :user
+  belongs_to :role
+end

data/app/models/role.rb

@@ -0,0 +1,25 @@
+# == Schema Information
+#
+# Table name: roles
+#
+#  id         :integer(4)      not null, primary key
+#  rolename   :string(255)
+#  created_at :datetime
+#  updated_at :datetime
+#
+
+class Role < ActiveRecord::Base
+  unloadable
+  
+  has_many :permissions
+  has_many :users, :through => :permissions
+
+  validates_presence_of :rolename
+
+  # roles can be defined as symbols.  We want to store them as strings in the database
+  def rolename= val
+    write_attribute(:rolename, val.to_s)
+  end
+
+end
+

data/app/views/admin/roles/_role.html.erb

@@ -0,0 +1,9 @@
+<li>
+  <%= role.rolename %>
+  <% if @user.has_role?(role.rolename) %>
+    <%= link_to I18n.t('muck.roles.remove_role'), user_role_url(:id => role.id, :user_id => @user.id), :method => :delete %>
+  <% else %>
+    <%= link_to I18n.t('muck.roles.assign_role'), user_role_url(:id => role.id, :user_id => @user.id), :method => :put %>
+  <% end %>
+</li>
+

data/app/views/admin/roles/edit.html.erb

@@ -0,0 +1,17 @@
+<h1><%= I18n.t('Editing role') %></h1>
+
+<%= error_messages_for :role %>
+
+<% form_for(admin_roles_path(@role)) do |f| %>
+  <p>
+    <b><%= I18n.t('Rolename') %></b><br />
+    <%= f.text_field :rolename %>
+  </p>
+
+  <p>
+    <%= f.submit I18n.t('Update') %>
+  </p>
+<% end %>
+
+<%= link_to I18n.t('Show'), @role %> |
+<%= link_to I18n.t('Back'), admin_roles_path %>

data/app/views/admin/roles/index.html.erb

@@ -0,0 +1,8 @@
+<h2><%= I18n.t('Roles for %{user}') % {:user => h(@user.login.capitalize)} %></h2>
+ 
+<h3><%= I18n.t('Roles assigned:') %></h3>
+<ul><%= render :partial => 'role', :collection => @user.roles %></ul>
+ 
+<h3><%= I18n.t('Roles available:') %></h3>
+<ul><%= render :partial => 'role', :collection => (@all_roles - @user.roles) %></ul>
+

data/app/views/admin/roles/new.html.erb

@@ -0,0 +1,16 @@
+<h1><%= I18n.t('New role') %></h1>
+
+<%= error_messages_for :role %>
+
+<% form_for @role, :url => admin_role_path(@role) do |f| %>
+  <p>
+    <b><%= I18n.t('Rolename') %></b><br />
+    <%= f.text_field :rolename %>
+  </p>
+
+  <p>
+    <%= f.submit I18n.t('Create') %>
+  </p>
+<% end %>
+
+<%= link_to I18n.t('Back'), admin_roles_path %>

data/app/views/admin/roles/show.html.erb

@@ -0,0 +1,7 @@
+<p>
+  <b><%= I18n.t('Rolename:') %></b>
+  <%=h @role.rolename %>
+</p>
+
+<%= link_to I18n.t('Edit'), edit_role_path(@role) %> |
+<%= link_to I18n.t('Back'), admin_roles_path %>

data/app/views/admin/users/_activate.html.erb

@@ -0,0 +1,5 @@
+<% if user.active? -%>
+	<%= link_to_remote I18n.t('muck.general.deactivate'), { :url => admin_user_path(user, :format => 'js'), :method => :put } -%>
+<% else -%>
+	<%= link_to_remote I18n.t('muck.general.activate'), { :url => admin_user_path(user, :format => 'js'), :method => :put } -%>
+<% end -%>

data/app/views/admin/users/_ajax_search_box.html.erb

@@ -0,0 +1,6 @@
+<div id="ajax_search_box" class="box" style="display: none;" >
+  <% form_remote_tag :action => 'ajax_search', :url => '/admin/users/ajax_search', :update => "manage" do %>
+    <%= text_field_tag :query, '', :class => 'span-5' %>
+    <%= submit_tag t("muck.users.admin.search_users") %>
+  <% end %>
+</div>

data/app/views/admin/users/_row.html.erb

@@ -0,0 +1,6 @@
+<tr id="<%=user.dom_id('row')%>" class="<%= cycle('odd','even') %>">
+	<td><%= link_to h(user.full_name), user %></td>
+	<td><%= mail_to h(user.email), user.email %></td>
+	<td id="<%=user.dom_id('link')%>"><%= render :partial => 'admin/users/activate', :locals => { :user => user } %></td>
+	<td><%= link_to_remote t("muck.general.delete"), { :url => admin_user_path(user.id), :method => :delete }, { :title => t('muck.users.delete_this_user'), :class => 'delete-user' } -%></td>
+</tr>

data/app/views/admin/users/_search_box.html.erb

@@ -0,0 +1,6 @@
+<div id="search_box" class="box">
+  <% form_tag :action => 'search' do %>
+    <%= text_field_tag :query, '', :class => 'span-5' %>
+    <%= submit_tag t("muck.users.admin.search_users") %>
+  <% end %>
+</div>

data/app/views/admin/users/_table.html.erb

@@ -0,0 +1,21 @@
+<table id="manage" class="manage">
+	<thead>
+	<tr>
+		<th><%= t('muck.users.name') %></th>
+		<th><%= t('muck.users.email_address') %></th>
+		<th></th>
+		<th></th>
+	</tr>
+	</thead>
+	<tbody>
+	  <%= render :partial => 'admin/users/row', :collection => @users, :as => :user %>
+	</tbody>
+</table>
+<%= will_paginate @users %>
+<script type="text/javascript" language="JavaScript">
+jQuery(document).ready(function() {	
+	jQuery(".delete-user").click(function() {
+		jQuery(this).parent().html('deleting user...');
+	});
+});
+</script>

data/app/views/admin/users/_user_navigation.html.erb

@@ -0,0 +1,11 @@
+<% content_for :sidebar do -%>
+  <%= render :partial => 'admin/users/search_box' -%>
+  <%= render :partial => 'admin/users/ajax_search_box' -%>
+  <div id="user-navigation" class="box">
+    <ul>
+      <li><%= link_to t("muck.users.navigation.all_users"), admin_users_path %></li>
+      <li><%= link_to t("muck.users.navigation.inactive_users"), inactive_admin_users_path %></li>
+      <li><%= link_to t("muck.users.navigation.search_users"), search_admin_users_path %></li>
+    </ul>
+  </div>
+<% end -%>

data/app/views/admin/users/do_search.html.erb

@@ -0,0 +1,5 @@
+<%= render :partial => 'admin/users/user_navigation' -%>
+
+<%= render :partial => 'admin/users/search_box' -%>
+
+<%= render :partial => 'admin/users/table' -%>

data/app/views/admin/users/inactive.html.erb

@@ -0,0 +1,8 @@
+<%= render :partial => 'admin/users/user_navigation' -%>
+<div>
+  <h2><%= t('muck.users.admin.unactivated_users', :count => @user_inactive_count) %> 
+		<span class="link-button"><%= link_to t('muck.users.admin.activate_all_inactive_users'), activate_all_admin_users_path, :confirm => t('muck.users.admin.activate_all_inactive_users_confirm') %></span>
+		<span class="link-button"><%= link_to t('muck.users.admin.show_emails'), inactive_emails_admin_users_path %></span>
+	</h2>
+	<%= render :partial => 'admin/users/table' -%>
+</div>

data/app/views/admin/users/inactive_emails.html.erb

@@ -0,0 +1,6 @@
+<%= render :partial => 'admin/users/user_navigation' -%>
+<div id="inactive-emails" class="activity_box">
+  <h2><%= I18n.t("Inactive User's Emails (%{count} total)") % {:count => @user_inactive_count} %></h2>
+	<textarea id="user-emails"><%= @users.collect{|user| user.email}.join(', ') -%></textarea>
+</div>
+

data/app/views/admin/users/index.html.erb

@@ -0,0 +1,12 @@
+<%= render :partial => 'admin/users/user_navigation' -%>
+<div>
+  <h2><%= t('muck.users.admin_users_title') %></h2>
+	<%= render :partial => 'admin/users/table' -%>
+</div>
+
+<script type="text/javascript" language="JavaScript">
+jQuery(document).ready(function() {	
+	jQuery("#search_box").hide();
+ jQuery("#ajax_search_box").show();
+});
+</script>

data/app/views/admin/users/search.html.erb

@@ -0,0 +1,5 @@
+<%= render :partial => 'admin/users/user_navigation' -%>
+
+<%= render :partial => 'admin/users/search_box' -%>
+
+

data/app/views/muck_user_mailer/activation_confirmation.html.erb

@@ -0,0 +1,7 @@
+Welcome <%= h(@user.login) %>,
+
+Your account has been activated.
+
+<%= root_url %>
+
+If the above URL does not work try copying and pasting it into your browser. If you continue to have problem, please feel free to contact us.

data/app/views/muck_user_mailer/activation_instructions.html.erb

@@ -0,0 +1,7 @@
+Welcome <%= h(@user.login) %>,
+
+Thank you for creating an account! Click the url below to activate your account!
+
+<%= @account_activation_url %>
+
+If the above URL does not work try copying and pasting it into your browser. If you continue to have problem, please feel free to contact us.

data/app/views/muck_user_mailer/password_not_active_instructions.html.erb

@@ -0,0 +1,10 @@
+Hello <%= h(@user.login) %>,
+
+A request to reset your password has been made.
+If you did not make this request, simply ignore this email.
+
+Your account has not yet been activated. Simply click the url below to activate your account. After that you may change your password to something that is easy to remember.
+
+<%= activate_url(@user.perishable_token) %>
+
+If the above URL does not work try copying and pasting it into your browser. If you continue to have problem, please feel free to contact us.

data/app/views/muck_user_mailer/password_reset_instructions.html.erb

@@ -0,0 +1,10 @@
+Hello <%= h(@user.login) %>,
+
+A request to reset your password has been made.
+If you did not make this request, simply ignore this email.
+If you did make this request just click the link below:
+
+<%= reset_password_url(@user.perishable_token) %>
+
+If the above URL does not work try copying and pasting it into your browser.
+If you continue to have problem please feel free to contact us.

data/app/views/muck_user_mailer/username_request.html.erb

@@ -0,0 +1,3 @@
+Your login for <%= GlobalConfig.application_name %> is <%= h(@login) %>,
+
+<%= @root_url %>

data/app/views/muck_user_mailer/welcome_notification.html.erb

@@ -0,0 +1,5 @@
+Hello <%= h(@login) %>,
+
+Welcome to <%= GlobalConfig.application_name %>.  Your account has been successfully created.
+
+<%= @root_url %>

data/app/views/password_resets/edit.html.erb

@@ -0,0 +1,9 @@
+<div id="reset-password-confirm" class="common-form">
+  <h1><%= t('muck.users.select_new_password') %></h1>
+  <%= output_errors(t('muck.users.select_new_password'), {:class => 'help-box'}) %>
+  <% custom_form_for :reset_password, :url => password_resets_path, :html => {:method => :put} do |f| -%>
+    <%= f.text_field :password, { :label => t('muck.users.password'), :hide_required => true } -%>
+    <%= f.text_field :password_confirmation, { :label => t('muck.users.confirm_password'), :hide_required => true } -%>
+    <%= submit_tag t('muck.users.confirm_select_new_password') %>
+  <% end -%>
+</div>

data/app/views/password_resets/new.html.erb

@@ -0,0 +1,11 @@
+<div id="reset-password" class="common-form">
+  <h1><%= t('muck.users.forgot_password') %></h1>
+  <%= output_errors(t('muck.users.reset_password'), {:class => 'help-box'}) %>
+  <% custom_form_for :reset_password, :url => password_resets_path do |f| -%>
+    <p><%= t('muck.users.email_recover_prompt') %></p>
+    <%= f.text_field :email, { :label => t('muck.users.email_address'), :hide_required => true } -%>
+    <div class="button form-row">
+      <%= submit_tag t('muck.users.reset_password') %>
+    </div>
+  <% end -%>
+</div>

data/app/views/user_sessions/new.html.erb

@@ -0,0 +1,17 @@
+<div id="sign_in" class="common-form">
+  <% custom_form_for @user_session, :url => user_session_path do |f| -%>
+    <h1><%= I18n.t('muck.users.login_title') %></h1>
+    <%= output_errors(t('muck.users.login_fail'), {:class => 'help-box'}) %>
+	  <%= f.text_field :login, { :label => I18n.t('muck.users.username'), :hide_required => true, :hide_control_error => true } -%>
+	  <%= f.password_field :password, { :label => I18n.t('muck.users.password'), :hide_required => true, :hide_control_error => true } -%>
+	  <%= f.check_box :remember_me, { :label => I18n.t('muck.users.remember_me'), :hide_required => true, :hide_control_error => true } %>
+    <div class="button form-row">
+      <%= submit_tag I18n.t('muck.users.sign_in') %>
+    </div>
+    <div class="form-row">
+      <span class="instruction"><%= link_to I18n.t('muck.users.register_for_account'), signup_url  %></span> | 
+  		  <span class="instruction"><%= link_to I18n.t('muck.users.forgot_your_password'), forgot_password_path %></span> |
+      <span class="instruction"><%= link_to I18n.t('muck.users.forgot_your_username'), forgot_username_path %></span>
+  	</div>
+  <% end %>
+</div>

data/app/views/username_request/new.html.erb

@@ -0,0 +1,11 @@
+<div id="request-username" class="common-form">
+  <h1><%= t('muck.users.forgot_username') %></h1>
+  <%= output_errors(t('muck.users.request_username'), {:class => 'help-box'}) %>
+  <% custom_form_for :request_username, :url => username_request_path do |f| -%>
+    <p><%= t('muck.users.username_recover_prompt') %></p>
+    <%= f.text_field :email, { :label => t('muck.users.email_address'), :hide_required => true } -%>
+    <div class="button form-row">
+      <%= submit_tag t('muck.users.request_username') %>
+    </div>
+  <% end -%>
+</div>

data/app/views/users/_user.html.erb

@@ -0,0 +1,15 @@
+ <tr class="<%= cycle('odd', 'even') %>">
+   <td><%=h user.login %></td>
+   <td><%=h user.email %></td>
+   <td><%= user.enabled ? I18n.t('muck.general.yes') : I18n.t('muck.general.no') %>
+     <% unless user == current_user %>
+       <% if user.enabled %>
+         <%= link_to(I18n.t('muck.general.disable'), user_path(user.id), :method => :delete) %>
+       <% else %>
+         <%= link_to(I18n.t('muck.general.enable'), enable_user_path(user.id), :method => :put) %>
+       <% end %>
+     <% end %>
+   </td>
+   <td><%= link_to I18n.t('muck.roles.edit_roles'), user_admin_roles_path(user) %>]</td>
+ </tr>
+

data/app/views/users/activation_confirmation.html.erb

@@ -0,0 +1 @@
+Thank you for activating your account

data/app/views/users/activation_instructions.html.erb

@@ -0,0 +1 @@
+You will receive an email with instructions on how to activate your account.