API tools faq
paste
Guest User

Untitled

a guest
May 23rd, 2018
192
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 5.35 KB | None | 0 0
raw download clone embed print report
  1. class AccountController < ApplicationController
  2. before_filter :login_required, :only => [:delete, :change_account_subdomain]
  3. access_rule 'admin', :only => [:change_account_subdomain, :delete]
  4. layout 'website'
  5.  
  6. def index
  7. redirect_to :action => 'login' unless logged_in?
  8. end
  9.  
  10. # User login
  11. def login
  12. redirect_to :controller => 'secret', :action => 'list' and return if logged_in?
  13.  
  14. if request.post?
  15. # Find account by subdomain param
  16. @account = Account.find_by_subdomain(params[:subdomain])
  17. self.current_user = User.authenticate(params[:login], params[:password], @account ? @account.id : 0)
  18. if current_user
  19. if params[:remember_me] == "1"
  20. self.current_user.remember_me
  21. cookies[:auth_token] = { :value => self.current_user.remember_token , :expires => self.current_user.remember_token_expires_at }
  22. end
  23.  
  24. # Redirect to settings if current user's last login is nil
  25. # (User redirected to settings first login)
  26. redirect_to_settings = self.current_user.last_login.nil?
  27.  
  28. self.current_user.last_login = Time.now
  29. self.current_user.save(false)
  30.  
  31. if redirect_to_settings
  32. flash[:notice] = "Welcome to SafetyPin. This is your first login, please verify your information."
  33. redirect_to user_settings_url and return
  34. end
  35.  
  36. flash[:notice] = "Hello again!"
  37. redirect_to :controller => 'secret', :action => 'list'
  38. else
  39. account = Account.find_by_subdomain(params[:subdomain])
  40. if !account.nil? && account.disabled?
  41. flash[:notice] = "Account disabled"
  42. else
  43. flash[:notice] = "The user name and/or password is invalid."
  44. end
  45. end
  46. end
  47. end
  48.  
  49. # Resets and e-mails a newly generated password given an e-mail
  50. def forgot_password
  51. @accounts = Account.find(:all)
  52. if request.post?
  53. @user = User.find_by_email(params[:email])
  54. if @user.nil?
  55. flash[:notice] = "Email address does not match our records."
  56. redirect_to :action => 'forgot_password' and return
  57. end
  58.  
  59. @user.reset_password!
  60.  
  61. #new_password = @user.reset_password!
  62. #Notifier::deliver_reset_password(@user, new_password)
  63. flash[:notice] = "A new temporary password has been sent to your email address."
  64. redirect_to :action => 'login' and return
  65. end
  66. end
  67.  
  68. # Account signup
  69. def signup
  70. @account = Account.new(params[:account])
  71. @user = User.new(params[:user])
  72.  
  73. return unless request.post?
  74.  
  75. # Populate user parameters with selected account parameters
  76. [:fullname, :email].each { |a| params[:account][a] = params[:user][a] }
  77.  
  78. @user = User.new(params[:user])
  79. @account = Account.new(params[:account])
  80.  
  81. # Have to run valid? across both user and account model before we can obtain error messages.
  82. # The if condition below doesn't do this for us (strange..).
  83. [@user, @account].each { |o| o.send('valid?') }
  84.  
  85. if @account.valid? && @user.valid?
  86. begin
  87. @account.users << @user
  88. @account.save!
  89. @user.roles << Role.find_by_title('admin')
  90. rescue
  91. flash[:error] = 'A fatal error has occurred. Please try again later.'
  92. redirect_to :action => 'signup', :fatal => 'true' and return
  93. end
  94.  
  95. self.current_user = @user
  96.  
  97. flash[:notice] = "Welcome to SafetyPin. Thanks for creating your new account. This is your first login, please verify your information."
  98. redirect_to user_settings_url and return
  99. else
  100. render :action => 'signup' and return false
  101. end
  102. end
  103.  
  104. # Checks the account name availability
  105. def check_subdomain_availability
  106. unless params[:name].empty?
  107. @status = Account.find_by_name(params[:name]).nil? ? 'The subdomain is AVAILABLE.' : 'The subdomain is UNAVAILABLE. Try another name.'
  108. else
  109. @status = ""
  110. end
  111. end
  112.  
  113. # Logout the current user
  114. def logout
  115. self.current_user.forget_me if logged_in?
  116. cookies.delete :auth_token
  117. reset_session
  118. flash[:notice] = "You have been logged out"
  119. redirect_to :action => 'login'
  120. end
  121.  
  122. # Delete account (doesn't actually delete, just disables)
  123. def delete
  124. @errors = []
  125.  
  126. if request.post?
  127. @errors << "Please tell us why you are leaving?" if params[:reason].to_s.empty?
  128. @errors << "Password is incorrect" unless User.authenticate(current_user.login, params[:password], current_user.account_id)
  129.  
  130. # Flag the account as deleted and create account closure record
  131. if @errors.empty?
  132. current_account.disable!
  133. AccountClosure.create!(:account_id => current_user.account_id, :reason => params[:reason])
  134.  
  135. logout
  136. end
  137. end
  138. end
  139.  
  140. # Change account name
  141. def change_account_subdomain
  142. @account = Account.find(current_account.id)
  143. @account.subdomain = params[:account_subdomain]
  144.  
  145. # Redirect back if no change was made
  146. if current_account.subdomain == params[:account_subdomain]
  147. redirect_to subscription_url and return
  148. end
  149.  
  150. if @account.save
  151. logout
  152. else
  153. flash[:error] = "Invalid subdomain"
  154. redirect_to subscription_url
  155. end
  156. end
  157. end
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!