app/controllers/user_sessions_controller.rb app/controllers/users_controller.rb app/helpers/user_sessions_helper.rb app/helpers/users_helper.rb app/models/user.rb app/models/user_session.rb app/views/user_sessions/new.html.haml app/views/users/_form.html.haml app/views/users/edit.html.haml app/views/users/new.html.haml app/views/users/show.html.haml db/migrate/20090625145600_create_users.rb spec/controllers/user_sessions_controller_spec.rb spec/controllers/users_controller_spec.rb spec/factories/users.rb spec/models/user_spec.rb @@ -1,5 +1,6 @@ class Admin::CommentsController < ApplicationController layout "admin/admin" + before_filter :require_user def index @comments = Comment.paginate :page => params[:page], :order => "created_at DESC" app/controllers/admin/comments_controller.rb @@ -1,5 +1,6 @@ class Admin::PostsController < ApplicationController layout "admin/admin" + before_filter :require_user def index @posts = Post.paginate :page => params[:page], :order => "created_at DESC" app/controllers/admin/posts_controller.rb @@ -1,4 +1,6 @@ class Admin::UploadsController < ApplicationController + before_filter :require_user + def create @upload = Upload.new(params[:upload]) flash[:notice] = "Upload com sucesso." if @upload.save app/controllers/admin/uploads_controller.rb @@ -3,8 +3,47 @@ class ApplicationController < ActionController::Base helper :all # include all helpers, all the time + helper_method :current_user_session, :current_user protect_from_forgery # See ActionController::RequestForgeryProtection for details # Scrub sensitive parameters from your log - # filter_parameter_logging :password + filter_parameter_logging :password + + private + def current_user_session + return @current_user_session if defined?(@current_user_session) + @current_user_session = UserSession.find + end + + def current_user + return @current_user if defined?(@current_user) + @current_user = current_user_session && current_user_session.record + end + + def require_user + unless current_user + store_location + flash[:notice] = "You must be logged in to access this page" + redirect_to new_user_session_url + return false + end + end + + def require_no_user + if current_user + store_location + flash[:notice] = "You must be logged out to access this page" + redirect_to account_url + return false + end + end + + def store_location + session[:return_to] = request.request_uri + end + + def redirect_back_or_default(default) + redirect_to(session[:return_to] || default) + session[:return_to] = nil + end end app/controllers/application_controller.rb @@ -4,7 +4,7 @@ - form_for :upload, Upload.new, :url => admin_uploads_path, :html => { :multipart => true } do |form| = form.file_field :imagem - = form.submit "Enviar" + = form.submit "Upload" - form_for [:admin, @post] do |f| = f.error_messages app/views/admin/posts/_form.html.haml @@ -10,6 +10,15 @@ %body #container + #user_nav + = link_to "Posts", admin_posts_path + | + = link_to "Comentários", admin_comments_path + | + = link_to "Perfil", edit_user_path(:current) + | + = link_to "Logout", logout_path + - flash.each do |name, msg| = content_tag :div, msg, :id => "flash_#{name}" app/views/layouts/admin/admin.html.haml @@ -23,6 +23,7 @@ Rails::Initializer.run do |config| config.gem "RedCloth", :lib => "redcloth" config.gem "mislav-will_paginate", :lib => "will_paginate" config.gem "thoughtbot-paperclip", :lib => "paperclip" + config.gem "authlogic" # Only load the plugins named here, in the order given (default is alphabetical). # :all can be used as a placeholder for all plugins not explicitly named config/environment.rb @@ -1,4 +1,10 @@ ActionController::Routing::Routes.draw do |map| + map.login "login", :controller => "user_sessions", :action => "new" + map.logout "logout", :controller => "user_sessions", :action => "destroy" + map.resource :account, :controller => "users", :action => "edit" + map.resources :user_sessions + map.resources :users + map.namespace :admin do |admin| admin.resources :posts admin.resources :comments config/routes.rb @@ -9,7 +9,7 @@ # # It's strongly recommended to check this file into your version control system. -ActiveRecord::Schema.define(:version => 20090625144110) do +ActiveRecord::Schema.define(:version => 20090625145600) do create_table "comments", :force => true do |t| t.integer "post_id" @@ -39,4 +39,23 @@ ActiveRecord::Schema.define(:version => 20090625144110) do t.datetime "updated_at" end + create_table "users", :force => true do |t| + t.datetime "created_at" + t.datetime "updated_at" + t.string "email", :null => false + t.string "crypted_password", :null => false + t.string "password_salt", :null => false + t.string "persistence_token", :null => false + t.integer "login_count", :default => 0, :null => false + t.datetime "last_request_at" + t.datetime "last_login_at" + t.datetime "current_login_at" + t.string "last_login_ip" + t.string "current_login_ip" + end + + add_index "users", ["email"], :name => "index_users_on_email" + add_index "users", ["last_request_at"], :name => "index_users_on_last_request_at" + add_index "users", ["persistence_token"], :name => "index_users_on_persistence_token" + end db/schema.rb @@ -5,7 +5,8 @@ Como um evangelizador Quero poder mostrar um blog em funcionamento Cenário: Criar Posts - Dado que estou na homepage + Dado que estou logado + E que estou na homepage E clico em "Novo Post" Quando for redirecionado para a página de Criar Post E preencher o "titulo" com "Meu primeiro post" @@ -20,6 +21,7 @@ Cenário: Criar Comentário Então quero ver o comentário listado "meu comentário" Cenário: Apagar Comentário - Dado que estou visualizando a lista de comentários + Dado que estou logado + E que estou visualizando a lista de comentários Quando clicar em "Apagar" Então quero que o comentário seja apagado \ No newline at end of file features/blog_simples.feature @@ -1,3 +1,11 @@ +Dado /^que estou logado$/ do + Factory(:valid_user) + visit login_path + fill_in "email", :with => "john@doe.com" + fill_in "password", :with => "john" + click_button "Submit" +end + Dado /^que estou na homepage$/ do visit admin_posts_url end features/step_definitions/blog_simples_steps.rb @@ -22,4 +22,5 @@ Webrat.configure do |config| end require 'cucumber/rails/rspec' -require 'webrat/core/matchers' \ No newline at end of file +require 'webrat/core/matchers' +require "authlogic/test_case" \ No newline at end of file features/support/env.rb @@ -13,4 +13,10 @@ Factory.define :valid_comment, :class => Comment do |p| p.autor "Fabio" p.url "http://www.akitaonrails.com" p.comentario "meu comentario" -end \ No newline at end of file +end + +Factory.define :valid_user, :class => User do |u| + u.email 'john@doe.com' + u.password 'john' + u.password_confirmation 'john' +end features/support/factories.rb @@ -65,4 +65,9 @@ a { #uploadBox { float: right; width: 300px; +} + +#user_nav { + float: right; + font-size: 12px; } \ No newline at end of file public/stylesheets/admin.css @@ -3,6 +3,11 @@ require File.dirname(__FILE__) + '/../../spec_helper' describe Admin::CommentsController do integrate_views + before(:each) do + activate_authlogic + UserSession.create(Factory(:valid_user)) + end + it "index action should render index template" do get :index response.should render_template(:index) spec/controllers/admin/comments_controller_spec.rb @@ -2,6 +2,11 @@ require File.dirname(__FILE__) + '/../../spec_helper' describe Admin::PostsController do integrate_views + + before(:each) do + activate_authlogic + UserSession.create(Factory(:valid_user)) + end it "index action should render index template" do get :index spec/controllers/admin/posts_controller_spec.rb @@ -49,3 +49,5 @@ Spec::Runner.configure do |config| # # For more information take a look at Spec::Runner::Configuration and Spec::Runner end + +require "authlogic/test_case" \ No newline at end of file spec/spec_helper.rb be209cb528e6e0a82d2dca6716f3da32195113c1 AkitaOnRails fabioakita@gmail.com http://github.com/akitaonrails/fisl_10_demo/commit/d7730678e30a2d04b47f7f0d2fb466b671f51374 d7730678e30a2d04b47f7f0d2fb466b671f51374 2009-06-25T08:31:54-07:00 2009-06-25T08:31:54-07:00 adicionando suporte a login 6c467c377e90e773a89ff46975cbf6ce0e768e17 AkitaOnRails fabioakita@gmail.com