From cfbdfa9068ba545efdce5f221e5171b721000eb5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Dav=C3=AD=C3=B0=20L=C3=BA=C3=B0v=C3=ADksson?= Date: Fri, 10 Apr 2009 03:10:49 +0000 Subject: [PATCH] Added Admin functionallity --- app/controllers/admin_controller.rb | 27 ++++++++++++++++++ app/controllers/application.rb | 12 +++++++- app/controllers/users_controller.rb | 9 +++++- app/helpers/admin_helper.rb | 2 ++ app/models/user.rb | 6 ++-- app/views/admin/index.html.erb | 9 ++++++ app/views/admin/login.html.erb | 22 +++++++++++++++ app/views/layouts/admin.html.erb | 15 ++++++++++ app/views/users/edit.html.erb | 8 +++--- app/views/users/index.html.erb | 4 +++ app/views/users/show.html.erb | 1 - config/environment.rb | 2 +- db/migrate/20090409004707_create_sessions.rb | 16 +++++++++++ db/schema.rb | 12 +++++++- public/stylesheets/scaffold.css | 11 ++++++++ test/functional/admin_controller_test.rb | 8 ++++++ test/functional/users_controller_test.rb | 19 +++++++++---- test/unit/user_test.rb | 29 +++++++++++++++++--- 18 files changed, 190 insertions(+), 22 deletions(-) create mode 100644 app/controllers/admin_controller.rb create mode 100644 app/helpers/admin_helper.rb create mode 100644 app/views/admin/index.html.erb create mode 100644 app/views/admin/login.html.erb create mode 100644 app/views/layouts/admin.html.erb create mode 100644 db/migrate/20090409004707_create_sessions.rb create mode 100644 test/functional/admin_controller_test.rb diff --git a/app/controllers/admin_controller.rb b/app/controllers/admin_controller.rb new file mode 100644 index 0000000..dce6806 --- /dev/null +++ b/app/controllers/admin_controller.rb @@ -0,0 +1,27 @@ +class AdminController < ApplicationController + def login + session[:user_id] = nil + if request.post? + user = User.authenticate(params[:name], params[:password]) + if user + session[:user_id] = user.id + uri = session[:original_uri] + session[:original_uri] = nil + redirect_to(:action => "index") + else + flash.now[:notice] = "Invalid user/password combination" + end + end + end + + def logout + session[:user_id] = nil + flash[:notice] = "Logged out" + redirect_to(:action => "login") + end + + def index + @user = User.find(session[:user_id]) + @time = Time.now + end +end diff --git a/app/controllers/application.rb b/app/controllers/application.rb index 172af02..7332081 100755 --- a/app/controllers/application.rb +++ b/app/controllers/application.rb @@ -2,14 +2,24 @@ # Likewise, all the methods added will be available for all controllers. class ApplicationController < ActionController::Base + before_filter :authorize, :except => :login helper :all # include all helpers, all the time # See ActionController::RequestForgeryProtection for details # Uncomment the :secret if you're not using the cookie session store - protect_from_forgery # :secret => 'b87f90d2c51e7f2d846cd1fe2becec2e' + protect_from_forgery :secret => 'b87f90d2c51e7f2d846cd1fe2becec2e' # See ActionController::Base for details # Uncomment this to filter the contents of submitted sensitive data parameters # from your application log (in this case, all fields with names like "password"). # filter_parameter_logging :password + +protected + def authorize + unless User.find_by_id(session[:user_id]) + session[:orginal_uri] = request.request_uri + flash[:notice] = "Please log in" + redirect_to :controller => 'admin', :action => 'login' + end + end end diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb index 3ca4e42..90f6b59 100644 --- a/app/controllers/users_controller.rb +++ b/app/controllers/users_controller.rb @@ -12,6 +12,7 @@ def index # GET /users/1 # GET /users/1.xml + def show @user = User.find(params[:id]) @@ -23,6 +24,7 @@ def show # GET /users/new # GET /users/new.xml + def new @user = User.new @@ -33,12 +35,15 @@ def new end # GET /users/1/edit + def edit @user = User.find(params[:id]) + end # POST /users # POST /users.xml + def create @user = User.new(params[:user]) @@ -56,6 +61,7 @@ def create # PUT /users/1 # PUT /users/1.xml + def update @user = User.find(params[:id]) @@ -73,9 +79,10 @@ def update # DELETE /users/1 # DELETE /users/1.xml + def destroy @user = User.find(params[:id]) - @user.destroy + @user.destroy respond_to do |format| format.html { redirect_to(users_url) } diff --git a/app/helpers/admin_helper.rb b/app/helpers/admin_helper.rb new file mode 100644 index 0000000..d5c6d35 --- /dev/null +++ b/app/helpers/admin_helper.rb @@ -0,0 +1,2 @@ +module AdminHelper +end diff --git a/app/models/user.rb b/app/models/user.rb index 1ce036f..aa9cc12 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -6,7 +6,7 @@ class User < ActiveRecord::Base validates_uniqueness_of :name attr_accessor :password_confirmation validates_confirmation_of :password - validate :password_non_blank + validate :password_non_blank validates_format_of :email, :with => /\A([^@\s]+)@((?:[-a-z0-9]+\.)+[a-z]{2,})\Z/i def self.authenticate(name, password) @@ -33,8 +33,8 @@ def password=(pwd) def password_non_blank - errors.add(:password, "missing") if hashed_password.blank? - errors.add(:password_confirmation, "missing") if password_confirmation.blank? + errors.add(:password, "missing") if hashed_password.blank? + errors.add(:password_confirmation, "missing") if password_confirmation.blank? end private diff --git a/app/views/admin/index.html.erb b/app/views/admin/index.html.erb new file mode 100644 index 0000000..8a13245 --- /dev/null +++ b/app/views/admin/index.html.erb @@ -0,0 +1,9 @@ +

Velkominn <%= @user.name %>

+ +<%= @time %> + +
+ +<%= link_to 'Users', :controller => 'users' %>
+ +<%= link_to 'logout', :action => 'logout' %> \ No newline at end of file diff --git a/app/views/admin/login.html.erb b/app/views/admin/login.html.erb new file mode 100644 index 0000000..43e8eea --- /dev/null +++ b/app/views/admin/login.html.erb @@ -0,0 +1,22 @@ +
+ <% if flash[:notice] -%> +
<%= flash[:notice] %>
+ <% end -%> + <% form_tag do %> +
+ Please Log In +
+ + <%= text_field_tag :name, params[:name] %> +
+
+ + <%= password_field_tag :password, params[:password] %> +
+
+ <%= submit_tag "Login" %> +
+
+ <% end %> +
+ diff --git a/app/views/layouts/admin.html.erb b/app/views/layouts/admin.html.erb new file mode 100644 index 0000000..2bdb95f --- /dev/null +++ b/app/views/layouts/admin.html.erb @@ -0,0 +1,15 @@ + + + + + + Admin: <%= controller.action_name %> + <%= stylesheet_link_tag 'scaffold' %> + + + +<%= yield %> + + + \ No newline at end of file diff --git a/app/views/users/edit.html.erb b/app/views/users/edit.html.erb index 8565f61..cf8cce9 100644 --- a/app/views/users/edit.html.erb +++ b/app/views/users/edit.html.erb @@ -12,12 +12,12 @@ <%= f.text_field :email %>

- <%= f.label :hashed_password %>
- <%= f.text_field :hashed_password %> + <%= f.label :password %>
+ <%= f.text_field :password %>

- <%= f.label :salt %>
- <%= f.text_field :salt %> + <%= f.label :user_password_confirmation %>
+ <%= f.text_field :password_confirmation %>

<%= f.submit "Update" %> diff --git a/app/views/users/index.html.erb b/app/views/users/index.html.erb index b5e0cf2..0fe2a28 100644 --- a/app/views/users/index.html.erb +++ b/app/views/users/index.html.erb @@ -20,3 +20,7 @@
<%= link_to 'New user', new_user_path %> + +<%= link_to 'Admin', :controller => 'admin' %> + +<%= link_to 'Logout', :controller => 'admin', :action => 'logout' %> diff --git a/app/views/users/show.html.erb b/app/views/users/show.html.erb index 0c4aa5d..f795374 100644 --- a/app/views/users/show.html.erb +++ b/app/views/users/show.html.erb @@ -18,6 +18,5 @@ <%=h @user.salt %>

- <%= link_to 'Edit', edit_user_path(@user) %> | <%= link_to 'Back', users_path %> diff --git a/config/environment.rb b/config/environment.rb index 571f897..0b303fc 100755 --- a/config/environment.rb +++ b/config/environment.rb @@ -62,7 +62,7 @@ # Use the database for sessions instead of the cookie-based default, # which shouldn't be used to store highly confidential information # (create the session table with "rake db:sessions:create") - # config.action_controller.session_store = :active_record_store + config.action_controller.session_store = :active_record_store # Use SQL instead of Active Record's schema dumper when creating the test database. # This is necessary if your schema can't be completely dumped by the schema dumper, diff --git a/db/migrate/20090409004707_create_sessions.rb b/db/migrate/20090409004707_create_sessions.rb new file mode 100644 index 0000000..4ccc353 --- /dev/null +++ b/db/migrate/20090409004707_create_sessions.rb @@ -0,0 +1,16 @@ +class CreateSessions < ActiveRecord::Migration + def self.up + create_table :sessions do |t| + t.string :session_id, :null => false + t.text :data + t.timestamps + end + + add_index :sessions, :session_id + add_index :sessions, :updated_at + end + + def self.down + drop_table :sessions + end +end diff --git a/db/schema.rb b/db/schema.rb index 4bd4720..b3f22e2 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -9,7 +9,17 @@ # # It's strongly recommended to check this file into your version control system. -ActiveRecord::Schema.define(:version => 20090312174058) do +ActiveRecord::Schema.define(:version => 20090409004707) do + + create_table "sessions", :force => true do |t| + t.string "session_id", :null => false + t.text "data" + t.datetime "created_at" + t.datetime "updated_at" + end + + add_index "sessions", ["session_id"], :name => "index_sessions_on_session_id" + add_index "sessions", ["updated_at"], :name => "index_sessions_on_updated_at" create_table "users", :force => true do |t| t.string "name", :limit => 128, :null => false diff --git a/public/stylesheets/scaffold.css b/public/stylesheets/scaffold.css index 093c209..b2c238a 100644 --- a/public/stylesheets/scaffold.css +++ b/public/stylesheets/scaffold.css @@ -52,3 +52,14 @@ a:hover { color: #fff; background-color:#000; } list-style: square; } +/* START:notice */ +#notice { + border: 2px solid red; + padding: 1em; + margin-bottom: 2em; + background-color: #f0f0f0; + font: bold smaller sans-serif; +} +/* END:notice */ + + diff --git a/test/functional/admin_controller_test.rb b/test/functional/admin_controller_test.rb new file mode 100644 index 0000000..9bbf29b --- /dev/null +++ b/test/functional/admin_controller_test.rb @@ -0,0 +1,8 @@ +require 'test_helper' + +class AdminControllerTest < ActionController::TestCase + # Replace this with your real tests. + test "the truth" do + assert true + end +end diff --git a/test/functional/users_controller_test.rb b/test/functional/users_controller_test.rb index 116ce4f..2920326 100644 --- a/test/functional/users_controller_test.rb +++ b/test/functional/users_controller_test.rb @@ -3,48 +3,55 @@ class UsersControllerTest < ActionController::TestCase fixtures :users - test "should get index" do + test "index with out user" do get :index + assert_redirected_to :action => "login" + assert_equal "Please log in", flash[:notice] + end + + test "should get index" do + get :index, {}, { :user_id => users(:valid_user).id } assert_response :success assert_not_nil assigns(:users) end test "should get new" do - get :new + get :new, {}, { :user_id => users(:valid_user).id } assert_response :success end test "should create user" do + get :index, {}, { :user_id => users(:valid_user).id } assert_difference('User.count') do post :create, :user => { :name => 'siggi', :email => 'siggi@example.com', :password => 'abc123', :password_confirmation => 'abc123'} end - - #assert_redirected_to users_path(assigns(:user)) assert_response :found end test "should show user" do + get :index, {}, { :user_id => users(:valid_user).id } get :show, :id => users(:one).id assert_response :success end test "should get edit" do + get :index, {}, { :user_id => users(:valid_user).id } get :edit, :id => users(:one).id assert_response :success end test "should update user" do + get :index, {}, { :user_id => users(:valid_user).id } put :update, :id => users(:one).id, :user => { } - #assert_redirected_to user_path(assigns(:user)) assert_response :success end test "should destroy user" do + get :index, {}, { :user_id => users(:valid_user).id } assert_difference('User.count', -1) do delete :destroy, :id => users(:one).id end - assert_redirected_to users_path end end diff --git a/test/unit/user_test.rb b/test/unit/user_test.rb index 816ba36..04ab2ee 100644 --- a/test/unit/user_test.rb +++ b/test/unit/user_test.rb @@ -3,11 +3,11 @@ class UserTest < ActiveSupport::TestCase fixtures :users - # Replace this with your real tests. - test "create valid user" do - user = User.new(:name => 'siggi', :email => 'siggi@example.com', - :password => 'abc123', :password_confirmation => 'abc123') + user = User.new(:name => 'siggi', + :email => 'siggi@example.com', + :password => 'abc123', + :password_confirmation => 'abc123') assert user.save end @@ -19,4 +19,25 @@ class UserTest < ActiveSupport::TestCase assert user.errors.invalid?(:password) assert user.errors.invalid?(:password_confirmation) end + + test "valid email" do + valid = %w{ dabbi@dabbi.is } + invalid = %w{ dabbi dabbi@dabbi @dabbi.is dabbi@ @.is} + + valid.each do |email| + user = User.new(:name => 'siggi', + :password => 'abc123', + :password_confirmation => 'abc123', + :email => email) + assert user.valid?, user.errors.full_messages + end + + invalid.each do |email| + user = User.new(:name => 'siggi', + :password => 'abc123', + :password_confirmation => 'abc123', + :email => email) + assert !user.valid?, "saving #{email}" + end + end end