Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- class UserController < ApplicationController
- cache_sweeper :audit_sweeper, :only => [:login, :update, :destroy]
- @user_list
- def index
- # for the "specials" table
- @auctions = Auction.find(:all,
- :conditions => "status in (0, 1, 2)",
- :order => "end_date DESC",
- :limit => 10)
- # for the news auctions
- # NOTE: we'll probably want "sticky" to be time-specific
- # i.e., let an auction show up at the top of the list for
- # only for a certain amount of time
- #
- # TODO: below should probably be one query to help performance
- @news_lma = News.find(:all,
- :conditions => "external=0 AND image_path != ''",
- :order => "sticky DESC, date_posted DESC",
- :limit => 3)
- @news_other = News.find(:all,
- :conditions => "external=1 AND image_path != ''",
- :order => "sticky DESC, date_posted DESC",
- :limit => 4)
- render :layout => false
- end
- def signup
- if request.post?
- case params[:user][:type]
- when "advertiser"
- @user = Advertiser.new(params[:user])
- @user.status = USER_WAIT_APPROVAL
- @user.roles << Role.find_by_name("advertiser")
- when "publisher"
- @user = Publisher.new(params[:user])
- @user.status = USER_ACTIVE
- @user.activate
- @user.roles << Role.find_by_name("publisher")
- end
- # FIXME: @user.status = USER_WAIT_APPROVAL
- # re-enable this before going into production, and remove
- # @user.status lines above
- if @user.save
- if "advertiser" == @user.roles.first.name
- Notifications.deliver_confirmation_email(self, @user.name,
- @user.email, @user.activation_code)
- else
- Notifications.deliver_publisher_reg_email(@user.name, @user.email)
- admin_role = Role.find(:first, :conditions => "name='admin'")
- admins = []
- admin_role.users.each do |user|
- admins << user.email
- end
- Notifications.deliver_admin_reg_email(admins, @user.name, @user.id)
- end
- flash[:notice] = MSG_SIGNUP_SUCCESS.t
- redirect_to :controller => "user", :action => "index" #Home, reminder: make a route to home.
- else
- flash[:error] = MSG_SIGNUP_FAIL.t
- end
- end
- end
- #The users have to provide some more information to be able to use the system
- # the way it should be used.
- def post_signup
- @user = User.find(:first, :conditions =>["id = ?", session[:user_id]])
- if request.post?
- params[:user][:first_time_login] = false
- if @user.update_attributes(params[:user])
- if @user.class.to_s == "Advertiser"
- flash[:notice] = MSG_REG_COMPLETED.t
- redirect_to :action => "welcome"
- else
- # user is Publisher
- flash[:notice] = MSG_CONTACT_COMPLETED.t
- redirect_to :action => "new", :controller => "media"
- end
- else
- flash[:notice] = MSG_USER_MISC.t
- end
- end
- end
- def login
- if request.post?
- @user = User.authenticate(params[:user][:login], params[:user][:password])
- #if session[:user_id] = @user #Is this necessary???
- if not @user.nil?
- @user.track_loggedin(@user.id)
- flash[:notice] = MSG_LOGIN_SUCCESS.t
- #It;successful enough to store just the user id in the session hash.
- session[:user_id] = @user.id
- @user.save_with_validation(false)
- if not @user.post_signup_complete
- redirect_to :controller => "user", :action => "post_signup"
- else
- if @user.class.to_s == "Publisher"
- if @user.media.length == 0
- flash[:notice] = MSG_MEDIA_MISSING.t
- redirect_to :controller => "media", :action => "new"
- else
- redirect_to :controller => "user", :action => "welcome"
- end
- elsif @user.class.to_s == "Advertiser"
- redirect_to :controller => "user", :action => "welcome"
- else #Must be admin type user
- redirect_to :controller => "admin/users", :action => "index"
- end #Publisher if
- end #First time if
- else
- flash[:notice] = MSG_LOGIN_FAIL.t
- redirect_to :action => "index"
- end
- end
- end
- def logout
- set_logout_time
- user_id = session[:user_id]
- User.track_loggedout(user_id)
- session[:user_id] = nil
- redirect_to :action => 'index'
- end
- def forgot_password
- if request.post?
- u= User.find_by_email(params[:user][:email])
- if u and u.send_new_password
- flash[:notice] = MSG_PASSWD_FORGOT.t
- redirect_to :action => 'login'
- else
- flash[:notice] = MSG_PASSWD_FORGOT_FAIL.t
- redirect_to :action => "login"
- end
- end
- end
- def change_password
- @user = User.find(session[:user_id])
- if request.post?
- @user.update_attributes(:password => params[:user][:password],
- :password_confirmation => params[:user][:password_confirmation])
- if @user.save
- flash[:notice] = MSG_PASSWD_CHANGE.t
- redirect_to :controller => "user", :action => "welcome"
- else
- flash[:notice] = MSG_PASSWD_CHANGE_FAIL.t
- end
- end
- end
- def activate
- if params[:activation_code]
- @user = User.find_by_activation_code(params[:activation_code])
- if @user and @user.activate
- self.current_user = @user
- redirect_back_or_default(:controller => 'user', :action => 'index')
- flash[:notice] = "Your account has been activated."
- else
- flash[:error] = "Unable to activate the account. Did you provide the correct information?"
- end
- else
- flash.clear
- end
- end
- # Provide information about current user activity
- def welcome
- @user = User.find(session[:user_id])
- if @user.class.to_s == "Publisher"
- @auctions = Auction.find(:all,
- :conditions => ["user_id = ? and status in (0, 1, 2)", session[:user_id]],
- :limit => 5)
- sql = "SELECT DISTINCT offers.* " +
- "FROM offers " +
- "INNER JOIN reverse_auctions ON offers.reverse_auction_id = reverse_auctions.id " +
- "INNER JOIN media ON offers.medium_id = media.id " +
- "WHERE media.publisher_id = #{@user.id} " +
- "ORDER BY created_at DESC"
- @offers = Offer.find_by_sql(sql)
- else
- @auctions = Auction.find(:all,
- :conditions => ["winner_id = ?", session[:user_id]],
- :limit => 5)
- @maxbids = MaxBid.find(:all,
- :conditions => ["max_bids.user_id = ? and auctions.status in (0, 1, 2)", session[:user_id]],
- :include => :auction,
- :order => "updated_at DESC",
- :limit => 5)
- end
Add Comment
Please, Sign In to add comment