Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # cat user.rb
- require 'digest/sha1'
- class User < ActiveRecord::Base
- #
- # Ads.
- #
- # Virtual attribute for the unencrypted password.
- #
- attr_accessor :password
- validates_presence_of :email
- validates_presence_of :password, :if => :password_required?
- validates_presence_of :password_confirmation, :if => :password_required?
- validates_length_of :password, :within => 4..40, :if => :password_required?
- validates_confirmation_of :password, :if => :password_required?
- validates_length_of :email, :within => 3..100
- validates_uniqueness_of :email, :case_sensitive => false
- before_save :encrypt_password
- #
- # Authenticate user by her e-mail and unencrypted password.
- #
- def self.authenticate(email, password)
- u = find_by_email(email) # Salt.
- u && u.authenticated?(password) ? u : nil
- end
- #
- # Encrypt data with the salt.
- #
- def self.encrypt(password, salt)
- Digest::SHA1.hexdigest("--#{salt}--#{password}--")
- end
- #
- # Encrypt password with the user salt.
- #
- def encrypt(password)
- self.class.encrypt(password, salt)
- end
- def authenticated?(password)
- crypted_password == encrypt(password)
- end
- def remember_token?
- remember_token_expires_at && Time.now.utc < remember_token_expires_at
- end
- #
- # Create and unset fields to remember users between browser closes.
- #
- def remember_me
- self.remember_token_expires_at = 2.weeks.from_now.utc
- self.remember_token = encrypt("#{email}--#{remember_token_expires_at}")
- save(false)
- end
- def forget_me
- self.remember_token_expires_at = nil
- self.remember_token = nil
- save(false)
- end
- #
- # Forums.
- #
- concerned_with :validation, :states, :activation, :posting
- formats_attributes :bio
- belongs_to :site, :counter_cache => true
- validates_presence_of :site_id
- has_many :posts, :order => "#{Post.table_name}.created_at desc"
- has_many :topics, :order => "#{Topic.table_name}.created_at desc"
- has_many :moderatorships, :dependent => :delete_all
- has_many :forums, :through => :moderatorships, :source => :forum
- has_many :monitorships, :dependent => :delete_all
- has_many :monitored_topics, :through => :monitorships, :source => :topic, :conditions => {"#{Monitorship.table_name}.active" => true}
- has_permalink :login
- attr_readonly :posts_count, :last_seen_at
- def self.prefetch_from(records)
- find(:all, :select => 'distinct *', :conditions => ['id in (?)', records.collect(&:user_id).uniq])
- end
- def self.index_from(records)
- prefetch_from(records).index_by(&:id)
- end
- def available_forums
- @available_forums ||= site.ordered_forums - forums
- end
- def moderator_of?(forum)
- admin? || Moderatorship.exists?(:user_id => id, :forum_id => forum.id)
- end
- def display_name
- n = read_attribute(:display_name)
- n.blank? ? login : n
- end
- #
- # Keep track of when a user was last seen.
- #
- def seen!
- now = Time.now.utc
- self.class.update_all ['last_seen_at = ?', now], ['id = ?', id]
- write_attribute :last_seen_at, now
- end
- def to_param
- permalink
- end
- protected
- #
- # Before filter.
- #
- def encrypt_password
- return if password.blank?
- self.salt = Digest::SHA1.hexdigest("--#{Time.now.to_s}--#{email}--") if new_record?
- self.crypted_password = encrypt(password)
- end
- def password_required?
- crypted_password.blank? || !password.blank?
- end
- def first_record_is_admin
- if User.count == 0
- self.isAdmin = true
- end
- end
- end
- # cat users_controller.rb
- class UsersController < ApplicationController
- before_filter :admin_required, :only => [:suspend, :unsuspend, :destroy, :purge, :edit]
- before_filter :find_user, :only => [:update, :show, :edit, :suspend, :unsuspend, :destroy, :purge]
- before_filter :login_required, :only => [:settings, :update]
- def index
- @users = current_site.users.paginate :all, :page => current_page
- end
- #
- # Render new.rhtml.
- #
- def new
- end
- def create
- cookies.delete :auth_token
- @user = current_site.users.build(params[:user])
- @user.register! if @user.valid?
- unless @user.new_record?
- self.current_user = @user
- redirect_back_or_default('/')
- flash[:notice] = "thank you for joining"
- else
- render :action => 'new'
- end
- end
- def settings
- @user = current_user
- render :action => "edit"
- end
- def edit
- @user = find_user
- end
- def update
- @user = admin? ? find_user : current_user
- respond_to do |format|
- if @user.update_attributes(params[:user])
- flash[:notice] = 'account updated'
- format.html { redirect_to(settings_path) }
- format.xml { head :ok }
- else
- format.html { render :action => "edit" }
- format.xml { render :xml => @user.errors, :status => :unprocessable_entity }
- end
- end
- end
- def activate
- self.current_user = params[:forum_activation_code].blank? ? :false : current_site.all_users.find_in_state(:first, :pending, :conditions => {:forum_activation_code => params[:forum_activation_code]})
- if logged_in?
- current_user.activate!
- flash[:notice] = "signup complete"
- end
- redirect_back_or_default('/')
- end
- def suspend
- @user.suspend!
- flash[:notice] = "user suspended"
- redirect_to users_path
- end
- def unsuspend
- @user.unsuspend!
- flash[:notice] = "user unsuspended"
- redirect_to users_path
- end
- def destroy
- @user.delete!
- redirect_to users_path
- end
- def purge
- @user.destroy
- redirect_to users_path
- end
- protected
- def find_user
- @user = if admin?
- current_site.all_users.find_by_permalink(params[:id])
- else
- current_site.users.find_by_permalink(params[:id])
- end or raise ActiveRecord::RecordNotFound
- end
- def authorized?
- admin? || params[:id].blank? || @user == current_user
- end
- end
Add Comment
Please, Sign In to add comment