##// END OF EJS Templates
jro_apps » redmine
RSS
Indentation....
Jean-Philippe Lang -
r5034:9df575090652
parent child
Show More
Side by Side Unified
Context file:
r5034:9df575090652 Loading diff...:
Show file before | Show file after | Hide comments
@@ -1,240 +1,240
1 1 # Redmine - project management software
2 2 # Copyright (C) 2006-2011 Jean-Philippe Lang
3 3 #
4 4 # This program is free software; you can redistribute it and/or
5 5 # modify it under the terms of the GNU General Public License
6 6 # as published by the Free Software Foundation; either version 2
7 7 # of the License, or (at your option) any later version.
8 8 #
9 9 # This program is distributed in the hope that it will be useful,
10 10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 12 # GNU General Public License for more details.
13 13 #
14 14 # You should have received a copy of the GNU General Public License
15 15 # along with this program; if not, write to the Free Software
16 16 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
17 17
18 18 class UsersController < ApplicationController
19 19 layout 'admin'
20 20
21 21 before_filter :require_admin, :except => :show
22 22 before_filter :find_user, :only => [:show, :edit, :update, :destroy, :edit_membership, :destroy_membership]
23 23 accept_key_auth :index, :show, :create, :update, :destroy
24 24
25 25 helper :sort
26 26 include SortHelper
27 27 helper :custom_fields
28 28 include CustomFieldsHelper
29 29
30 30 def index
31 31 sort_init 'login', 'asc'
32 32 sort_update %w(login firstname lastname mail admin created_on last_login_on)
33 33
34 34 case params[:format]
35 35 when 'xml', 'json'
36 36 @offset, @limit = api_offset_and_limit
37 37 else
38 38 @limit = per_page_option
39 39 end
40 40
41 41 scope = User
42 42 scope = scope.in_group(params[:group_id].to_i) if params[:group_id].present?
43 43
44 44 @status = params[:status] ? params[:status].to_i : 1
45 45 c = ARCondition.new(@status == 0 ? "status <> 0" : ["status = ?", @status])
46 46
47 47 unless params[:name].blank?
48 48 name = "%#{params[:name].strip.downcase}%"
49 49 c << ["LOWER(login) LIKE ? OR LOWER(firstname) LIKE ? OR LOWER(lastname) LIKE ? OR LOWER(mail) LIKE ?", name, name, name, name]
50 50 end
51 51
52 52 @user_count = scope.count(:conditions => c.conditions)
53 53 @user_pages = Paginator.new self, @user_count, @limit, params['page']
54 54 @offset ||= @user_pages.current.offset
55 55 @users = scope.find :all,
56 56 :order => sort_clause,
57 57 :conditions => c.conditions,
58 58 :limit => @limit,
59 59 :offset => @offset
60 60
61 respond_to do |format|
62 format.html {
61 respond_to do |format|
62 format.html {
63 63 @groups = Group.all.sort
64 64 render :layout => !request.xhr?
65 65 }
66 66 format.api
67 end
67 end
68 68 end
69 69
70 70 def show
71 71 # show projects based on current user visibility
72 72 @memberships = @user.memberships.all(:conditions => Project.visible_by(User.current))
73 73
74 74 events = Redmine::Activity::Fetcher.new(User.current, :author => @user).events(nil, nil, :limit => 10)
75 75 @events_by_day = events.group_by(&:event_date)
76 76
77 77 unless User.current.admin?
78 78 if !@user.active? || (@user != User.current && @memberships.empty? && events.empty?)
79 79 render_404
80 80 return
81 81 end
82 82 end
83 83
84 84 respond_to do |format|
85 85 format.html { render :layout => 'base' }
86 86 format.api
87 87 end
88 88 end
89 89
90 90 def new
91 91 @user = User.new(:language => Setting.default_language, :mail_notification => Setting.default_notification_option)
92 92 @auth_sources = AuthSource.find(:all)
93 93 end
94 94
95 95 verify :method => :post, :only => :create, :render => {:nothing => true, :status => :method_not_allowed }
96 96 def create
97 97 @user = User.new(:language => Setting.default_language, :mail_notification => Setting.default_notification_option)
98 98 @user.safe_attributes = params[:user]
99 99 @user.admin = params[:user][:admin] || false
100 100 @user.login = params[:user][:login]
101 101 @user.password, @user.password_confirmation = params[:user][:password], params[:user][:password_confirmation] unless @user.auth_source_id
102 102
103 103 # TODO: Similar to My#account
104 104 @user.pref.attributes = params[:pref]
105 105 @user.pref[:no_self_notified] = (params[:no_self_notified] == '1')
106 106
107 107 if @user.save
108 108 @user.pref.save
109 109 @user.notified_project_ids = (@user.mail_notification == 'selected' ? params[:notified_project_ids] : [])
110 110
111 111 Mailer.deliver_account_information(@user, params[:user][:password]) if params[:send_information]
112 112
113 113 respond_to do |format|
114 114 format.html {
115 115 flash[:notice] = l(:notice_successful_create)
116 116 redirect_to(params[:continue] ?
117 117 {:controller => 'users', :action => 'new'} :
118 118 {:controller => 'users', :action => 'edit', :id => @user}
119 119 )
120 120 }
121 121 format.api { render :action => 'show', :status => :created, :location => user_url(@user) }
122 122 end
123 123 else
124 124 @auth_sources = AuthSource.find(:all)
125 125 # Clear password input
126 126 @user.password = @user.password_confirmation = nil
127 127
128 128 respond_to do |format|
129 129 format.html { render :action => 'new' }
130 130 format.api { render_validation_errors(@user) }
131 131 end
132 132 end
133 133 end
134 134
135 135 def edit
136 136 @auth_sources = AuthSource.find(:all)
137 137 @membership ||= Member.new
138 138 end
139 139
140 140 verify :method => :put, :only => :update, :render => {:nothing => true, :status => :method_not_allowed }
141 141 def update
142 142 @user.admin = params[:user][:admin] if params[:user][:admin]
143 143 @user.login = params[:user][:login] if params[:user][:login]
144 144 if params[:user][:password].present? && (@user.auth_source_id.nil? || params[:user][:auth_source_id].blank?)
145 145 @user.password, @user.password_confirmation = params[:user][:password], params[:user][:password_confirmation]
146 146 end
147 147 @user.safe_attributes = params[:user]
148 148 # Was the account actived ? (do it before User#save clears the change)
149 149 was_activated = (@user.status_change == [User::STATUS_REGISTERED, User::STATUS_ACTIVE])
150 150 # TODO: Similar to My#account
151 151 @user.pref.attributes = params[:pref]
152 152 @user.pref[:no_self_notified] = (params[:no_self_notified] == '1')
153 153
154 154 if @user.save
155 155 @user.pref.save
156 156 @user.notified_project_ids = (@user.mail_notification == 'selected' ? params[:notified_project_ids] : [])
157 157
158 158 if was_activated
159 159 Mailer.deliver_account_activated(@user)
160 160 elsif @user.active? && params[:send_information] && !params[:user][:password].blank? && @user.auth_source_id.nil?
161 161 Mailer.deliver_account_information(@user, params[:user][:password])
162 162 end
163 163
164 164 respond_to do |format|
165 165 format.html {
166 166 flash[:notice] = l(:notice_successful_update)
167 167 redirect_to :back
168 168 }
169 169 format.api { head :ok }
170 170 end
171 171 else
172 172 @auth_sources = AuthSource.find(:all)
173 173 @membership ||= Member.new
174 174 # Clear password input
175 175 @user.password = @user.password_confirmation = nil
176 176
177 177 respond_to do |format|
178 178 format.html { render :action => :edit }
179 179 format.api { render_validation_errors(@user) }
180 180 end
181 181 end
182 182 rescue ::ActionController::RedirectBackError
183 183 redirect_to :controller => 'users', :action => 'edit', :id => @user
184 184 end
185 185
186 186 verify :method => :delete, :only => :destroy, :render => {:nothing => true, :status => :method_not_allowed }
187 187 def destroy
188 188 @user.destroy
189 189 respond_to do |format|
190 190 format.html { redirect_to(users_url) }
191 191 format.api { head :ok }
192 192 end
193 193 end
194 194
195 195 def edit_membership
196 196 @membership = Member.edit_membership(params[:membership_id], params[:membership], @user)
197 197 @membership.save if request.post?
198 198 respond_to do |format|
199 199 if @membership.valid?
200 200 format.html { redirect_to :controller => 'users', :action => 'edit', :id => @user, :tab => 'memberships' }
201 201 format.js {
202 202 render(:update) {|page|
203 203 page.replace_html "tab-content-memberships", :partial => 'users/memberships'
204 204 page.visual_effect(:highlight, "member-#{@membership.id}")
205 205 }
206 206 }
207 207 else
208 208 format.js {
209 209 render(:update) {|page|
210 210 page.alert(l(:notice_failed_to_save_members, :errors => @membership.errors.full_messages.join(', ')))
211 211 }
212 212 }
213 213 end
214 214 end
215 215 end
216 216
217 217 def destroy_membership
218 218 @membership = Member.find(params[:membership_id])
219 219 if request.post? && @membership.deletable?
220 220 @membership.destroy
221 221 end
222 222 respond_to do |format|
223 223 format.html { redirect_to :controller => 'users', :action => 'edit', :id => @user, :tab => 'memberships' }
224 224 format.js { render(:update) {|page| page.replace_html "tab-content-memberships", :partial => 'users/memberships'} }
225 225 end
226 226 end
227 227
228 228 private
229 229
230 230 def find_user
231 231 if params[:id] == 'current'
232 232 require_login || return
233 233 @user = User.current
234 234 else
235 235 @user = User.find(params[:id])
236 236 end
237 237 rescue ActiveRecord::RecordNotFound
238 238 render_404
239 239 end
240 240 end
General Comments 0
You need to be logged in to leave comments. Login now