SHARE
TWEET

Untitled

a guest Apr 26th, 2018 153 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. ## acounts_controler
  2. class AccountsController < ApplicationController
  3.  
  4.   before_filter :login_required, :except => :show
  5.   before_filter :not_logged_in_required, :only => :show
  6.  
  7.   # Activate action
  8.   def show
  9.     # Uncomment and change paths to have user logged in after activation - not recommended
  10.     #self.current_user = User.find_and_activate!(params[:id])
  11.   User.find_and_activate!(params[:id])
  12.     flash[:notice] = 'Your account has been activated! You can now login.'
  13.     redirect_to login_path
  14.   rescue User::ArgumentError
  15.     flash[:notice] = 'Activation code not found. Please try creating a new account.'
  16.     redirect_to new_user_path
  17.   rescue User::ActivationCodeNotFound
  18.     flash[:notice] = 'Activation code not found. Please try creating a new account.'
  19.     redirect_to new_user_path
  20.   rescue User::AlreadyActivated
  21.     flash[:notice] = 'Your account has already been activated. You can log in below.'
  22.     redirect_to login_path
  23.   end
  24.  
  25.   def edit
  26.   end
  27.  
  28.   # Change password action  
  29.   def update
  30.   return unless request.post?
  31.     if User.authenticate(current_user.login, params[:old_password])
  32.       if ((params[:password] == params[:password_confirmation]) && !params[:password_confirmation].blank?)
  33.         current_user.password_confirmation = params[:password_confirmation]
  34.         current_user.password = params[:password]        
  35.     if current_user.save
  36.           flash[:notice] = "Password successfully updated."
  37.           redirect_to root_path #profile_url(current_user.login)
  38.         else
  39.           flash[:error] = "An error occured, your password was not changed."
  40.           render :action => 'edit'
  41.         end
  42.       else
  43.         flash[:error] = "New password does not match the password confirmation."
  44.         @old_password = params[:old_password]
  45.         render :action => 'edit'      
  46.       end
  47.     else
  48.       flash[:error] = "Your old password is incorrect."
  49.       render :action => 'edit'
  50.     end
  51.   end
  52.  
  53. end
  54.  
  55. ##aplication.rb
  56. # Filters added to this controller apply to all controllers in the application.
  57. # Likewise, all the methods added will be available for all controllers.
  58.  
  59. class ApplicationController < ActionController::Base
  60.   helper :all # include all helpers, all the time
  61. include AuthenticatedSystem
  62.   # See ActionController::RequestForgeryProtection for details
  63.   # Uncomment the :secret if you're not using the cookie session store
  64.   protect_from_forgery # :secret => 'e2cff4756d4a087f2f0fe972811c4abe'
  65. end
  66.  
  67. ##pass_controller
  68. class PasswordsController < ApplicationController
  69.  
  70.   before_filter :not_logged_in_required, :only => [:new, :create]
  71.  
  72.   # Enter email address to recover password
  73.   def new
  74.   end
  75.  
  76.   # Forgot password action
  77.   def create    
  78.     return unless request.post?
  79.   if @user = User.find_for_forget(params[:email])
  80.       @user.forgot_password
  81.       @user.save      
  82.       flash[:notice] = "A password reset link has been sent to your email address."
  83.     redirect_to login_path
  84.     else
  85.       flash[:notice] = "Could not find a user with that email address."
  86.       render :action => 'new'
  87.     end  
  88.   end
  89.  
  90.   # Action triggered by clicking on the /reset_password/:id link recieved via email
  91.   # Makes sure the id code is included
  92.   # Checks that the id code matches a user in the database
  93.   # Then if everything checks out, shows the password reset fields
  94.   def edit
  95.     if params[:id].nil?
  96.       render :action => 'new'
  97.       return
  98.     end
  99.     @user = User.find_by_password_reset_code(params[:id]) if params[:id]
  100.     raise if @user.nil?
  101.   rescue
  102.     logger.error "Invalid Reset Code entered."
  103.     flash[:notice] = "Sorry - That is an invalid password reset code. Please check your code and try again. (Perhaps your email client inserted a carriage return?)"
  104.     #redirect_back_or_default('/')
  105.     redirect_to new_user_path
  106.   end
  107.    
  108.   # Reset password action /reset_password/:id
  109.   # Checks once again that an id is included and makes sure that the password field isn't blank
  110.   def update
  111.     if params[:id].nil?
  112.       render :action => 'new'
  113.       return
  114.     end
  115.     if params[:password].blank?
  116.       flash[:notice] = "Password field cannot be blank."
  117.       render :action => 'edit', :id => params[:id]
  118.       return
  119.     end
  120.     @user = User.find_by_password_reset_code(params[:id]) if params[:id]
  121.     raise if @user.nil?
  122.     return if @user unless params[:password]
  123.       if (params[:password] == params[:password_confirmation])
  124.       #Uncomment and comment lines with @user to have the user logged in after reset - not recommended
  125.         #self.current_user = @user #for the next two lines to work
  126.         #current_user.password_confirmation = params[:password_confirmation]
  127.         #current_user.password = params[:password]
  128.         #@user.reset_password
  129.     #flash[:notice] = current_user.save ? "Password reset" : "Password not reset"
  130.     @user.password_confirmation = params[:password_confirmation]
  131.     @user.password = params[:password]
  132.     @user.reset_password        
  133.     flash[:notice] = @user.save ? "Password reset." : "Password not reset."
  134.       else
  135.         flash[:notice] = "Password mismatch."
  136.         render :action => 'edit', :id => params[:id]
  137.       return
  138.       end  
  139.       redirect_to login_path
  140.   rescue
  141.     logger.error "Invalid Reset Code entered"
  142.     flash[:notice] = "Sorry - That is an invalid password reset code. Please check your code and try again. (Perhaps your email client inserted a carriage return?)"
  143.     redirect_to new_user_path
  144.   end
  145.    
  146. end
  147. ##Roles Controler
  148. class RolesController < ApplicationController
  149.  
  150.   before_filter :check_administrator_role
  151.  
  152.   def index
  153.     @user = User.find(params[:user_id])
  154.     @all_roles = Role.find(:all)
  155.   end
  156.  
  157.   def update
  158.     @user = User.find(params[:user_id])
  159.     @role = Role.find(params[:id])
  160.     unless @user.has_role?(@role.rolename)
  161.       @user.roles << @role
  162.     end
  163.     redirect_to :action => 'index'
  164.   end
  165.  
  166.   def destroy
  167.     @user = User.find(params[:user_id])
  168.     @role = Role.find(params[:id])
  169.     if @user.has_role?(@role.rolename)
  170.       @user.roles.delete(@role)
  171.     end
  172.     redirect_to :action => 'index'
  173.   end
  174.  
  175. end
  176.  
  177. ##Sessions controler
  178.  
  179. # This controller handles the login/logout function of the site.  
  180. class SessionsController < ApplicationController
  181.   layout 'application'
  182.   before_filter :login_required, :only => :destroy
  183.   before_filter :not_logged_in_required, :only => [:new, :create]
  184.  
  185.   # render new.rhtml
  186.   def new
  187.   end
  188.  
  189.   def create
  190.     password_authentication(params[:login], params[:password])
  191.   end
  192.  
  193.   def destroy
  194.     self.current_user.forget_me if logged_in?
  195.     cookies.delete :auth_token
  196.     reset_session
  197.     flash[:notice] = 'You have been logged out.'
  198.   redirect_to login_path    
  199.   end
  200.  
  201.   protected
  202.  
  203.   # Updated 2/20/08
  204.   def password_authentication(login, password)
  205.     user = User.authenticate(login, password)
  206.     if user == nil
  207.       failed_login('Your username or password is incorrect.')
  208.     elsif user.activated_at.blank?  
  209.       failed_login('Your account is not active, please check your email for the activation code.')
  210.     elsif user.enabled == false
  211.       failed_login('Your account has been disabled.')
  212.     else
  213.       self.current_user = user
  214.       successful_login
  215.     end
  216.   end
  217.  
  218.   private
  219.  
  220.   def failed_login(message)
  221.     flash.now[:error] = message
  222.     render :action => 'new'
  223.   end
  224.  
  225.   def successful_login
  226.     if params[:remember_me] == "1"
  227.       self.current_user.remember_me
  228.       cookies[:auth_token] = { :value => self.current_user.remember_token , :expires => self.current_user.remember_token_expires_at }
  229.     end
  230.       flash[:notice] = 'Logged in successfully'
  231.       return_to = session[:return_to]
  232.       if return_to.nil?
  233.         redirect_to user_path(self.current_user)
  234.       else
  235.         redirect_to return_to
  236.       end
  237.   end
  238.  
  239. end
  240.  
  241. ##User Controler
  242.  
  243. class UsersController < ApplicationController
  244.  
  245.   before_filter :not_logged_in_required, :only => [:new, :create]
  246.   before_filter :login_required, :only => [:show, :edit, :update]
  247.   before_filter :check_administrator_role, :only => [:index, :destroy, :enable]
  248.  
  249.   def index
  250.     @users = User.find(:all)
  251.   end
  252.  
  253.   #This show action only allows users to view their own profile
  254.   def show
  255.     @user = current_user
  256.   end
  257.    
  258.   # render new.rhtml
  259.   def new
  260.     @user = User.new
  261.   end
  262.  
  263.   def create
  264.     cookies.delete :auth_token
  265.     @user = User.new(params[:user])
  266.     @user.save!
  267.     #Uncomment to have the user logged in after creating an account - Not Recommended
  268.     #self.current_user = @user
  269.   flash[:notice] = "Thanks for signing up! Please check your email to activate your account before logging in."
  270.     redirect_to login_path    
  271.   rescue ActiveRecord::RecordInvalid
  272.     flash[:error] = "There was a problem creating your account."
  273.     render :action => 'new'
  274.   end
  275.  
  276.   def edit
  277.     @user = current_user
  278.   end
  279.  
  280.   def update
  281.     @user = User.find(current_user)
  282.     if @user.update_attributes(params[:user])
  283.       flash[:notice] = "User updated"
  284.       redirect_to :action => 'show', :id => current_user
  285.     else
  286.       render :action => 'edit'
  287.     end
  288.   end
  289.  
  290.   def destroy
  291.     @user = User.find(params[:id])
  292.     if @user.update_attribute(:enabled, false)
  293.       flash[:notice] = "User disabled"
  294.     else
  295.       flash[:error] = "There was a problem disabling this user."
  296.     end
  297.     redirect_to :action => 'index'
  298.   end
  299.  
  300.   def enable
  301.     @user = User.find(params[:id])
  302.     if @user.update_attribute(:enabled, true)
  303.       flash[:notice] = "User enabled"
  304.     else
  305.       flash[:error] = "There was a problem enabling this user."
  306.     end
  307.       redirect_to :action => 'index'
  308.   end
  309.  
  310. end
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top