## Jotter Controllerclass JottersController < ApplicationControllerbefore_

1. ## Jotter Controller
2. class JottersController < ApplicationController
3.  
4. before_filter :login_required
5. # GET /jotters
6. # GET /jotters.xml
7. def index
8. if current_user.admin?
9. @jotters= @jotter = Jotter.find(:all,
10. :order => "created_at DESC")
11. else
12. @jotters = current_user.jotters
13. end
14.  
15. respond_to do |format|
16. format.html # index.rhtml
17. format.xml { render :xml => @jotters.to_xml }
18. end
19. end
20.  
21. # GET /jotters/1
22. # GET /jotters/1.xml
23. def show
24. @jotter = Jotter.find(params[:id])
25. respond_to do |format|
26. format.html # show.rhtml
27. format.xml { render :xml => @jotter.to_xml }
28. end
29. end
30.  
31. # GET /jotters/new
32. def new
33. @jotter = Jotter.new
34. @jotter.creator = current_user
35. end
36.  
37. # GET /jotters/1;edit
38. def edit
39. @jotter = Jotter.find(params[:id])
40. @jotter.user_id = current_user.id
41.  
42. end
43.  
44. # POST /jotters
45. # POST /jotters.xml
46. def create
47. @jotter = Jotter.new(params[:jotter])
48. @jotter.user_id = current_user.id
49. respond_to do |format|
50. if @jotter.save
51. flash[:notice] = 'Jotter was successfully created.'
52. format.html { redirect_to jotter_url(@jotter) }
53. format.xml { head :created, :location => jotter_url(@jotter) }
54. else
55. format.html { render :action => "new" }
56. format.xml { render :xml => @jotter.errors.to_xml }
57. end
58. end
59. end
60.  
61. # PUT /jotters/1
62. # PUT /jotters/1.xml
63. def update
64. @jotter = Jotter.find(params[:id])
65. @jotter.user_id = current_user.id
66. respond_to do |format|
67. if @jotter.update_attributes(params[:jotter])
68. flash[:notice] = 'Jotter was successfully updated.'
69. format.html { redirect_to jotter_url(@jotter) }
70. format.xml { head :ok }
71. for user in User.find(@jotter.users) do
72. email = user.email
73. SiteMailer.deliver_jotterUpdated(@jotter, email)
74. end
75. else
76. format.html { render :action => "edit" }
77. format.xml { render :xml => @jotter.errors.to_xml }
78. end
79. end
80. end
81.  
82. # DELETE /jotters/1
83. # DELETE /jotters/1.xml
84. def destroy
85. @jotter = Jotter.find(params[:id])
86. @jotter.destroy
87.  
88. respond_to do |format|
89. format.html { redirect_to jotters_url }
90. format.xml { head :ok }
91. end
92. end
93.  
94.  
95. private
96. end
97.  
98.  
99.  
100. ## Jotter Model
101. class Jotter < ActiveRecord::Base
102. acts_as_versioned
103. has_and_belongs_to_many :users
104. validates_presence_of :title
105. has_many :comments, :order => "created_at DESC"
106. belongs_to :creator, :class_name => "User", :foreign_key => "user_id"
107. def has_revisions?
108. version > 1
109. end
110.  
111. def jotter_owner?
112. current.user = jotter.owner
113. end
114.  
115. end
116.  
117. ## User Model
118. require 'digest/sha1'
119. class User < ActiveRecord::Base
120. # Virtual attribute for the unencrypted password
121. attr_accessor :password
122. has_and_belongs_to_many :jotters
123. has_many :created_jotters, :class_name => "Jotter"
124. validates_presence_of :login, :email
125. validates_presence_of :password, :if => :password_required?
126. validates_presence_of :password_confirmation, :if => :password_required?
127. validates_length_of :password, :within => 4..40, :if => :password_required?
128. validates_confirmation_of :password, :if => :password_required?
129. validates_length_of :login, :within => 3..40
130. validates_length_of :email, :within => 3..100
131. validates_uniqueness_of :login, :email, :case_sensitive => false
132. before_save :encrypt_password
133.  
134. # prevents a user from submitting a crafted form that bypasses activation
135. # anything else you want your user to change should be added here.
136. attr_accessible :login, :email, :password, :password_confirmation, :first_name, :last_name, :admin
137.  
138. # Authenticates a user by their login name and unencrypted password. Returns the user or nil.
139. def self.authenticate(login, password)
140. u = find_by_login(login) # need to get the salt
141. u && u.authenticated?(password) ? u : nil
142. end
143.  
144. # Encrypts some data with the salt.
145. def self.encrypt(password, salt)
146. Digest::SHA1.hexdigest("--#{salt}--#{password}--")
147. end
148.  
149. # Encrypts the password with the user salt
150. def encrypt(password)
151. self.class.encrypt(password, salt)
152. end
153.  
154. def authenticated?(password)
155. crypted_password == encrypt(password)
156. end
157.  
158. def remember_token?
159. remember_token_expires_at && Time.now.utc < remember_token_expires_at
160. end
161.  
162. # These create and unset the fields required for remembering users between browser closes
163. def remember_me
164. remember_me_for 2.weeks
165. end
166.  
167. def remember_me_for(time)
168. remember_me_until time.from_now.utc
169. end
170.  
171. def remember_me_until(time)
172. self.remember_token_expires_at = time
173. self.remember_token = encrypt("#{email}--#{remember_token_expires_at}")
174. save(false)
175. end
176.  
177. def forget_me
178. self.remember_token_expires_at = nil
179. self.remember_token = nil
180. save(false)
181. end
182.  
183. # Returns true if the user has just been activated.
184. def recently_activated?
185. @activated
186. end
187.  
188. protected
189. # before filter
190. def encrypt_password
191. return if password.blank?
192. self.salt = Digest::SHA1.hexdigest("--#{Time.now.to_s}--#{login}--") if new_record?
193. self.crypted_password = encrypt(password)
194. end
195.  
196. def password_required?
197. crypted_password.blank? || !password.blank?
198. end
199.  
200.  
201. end