From cfbdfa9068ba545efdce5f221e5171b721000eb5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Dav=C3=AD=C3=B0=20L=C3=BA=C3=B0v=C3=ADksson?=
Date: Fri, 10 Apr 2009 03:10:49 +0000
Subject: [PATCH] Added Admin functionallity
---
app/controllers/admin_controller.rb | 27 ++++++++++++++++++
app/controllers/application.rb | 12 +++++++-
app/controllers/users_controller.rb | 9 +++++-
app/helpers/admin_helper.rb | 2 ++
app/models/user.rb | 6 ++--
app/views/admin/index.html.erb | 9 ++++++
app/views/admin/login.html.erb | 22 +++++++++++++++
app/views/layouts/admin.html.erb | 15 ++++++++++
app/views/users/edit.html.erb | 8 +++---
app/views/users/index.html.erb | 4 +++
app/views/users/show.html.erb | 1 -
config/environment.rb | 2 +-
db/migrate/20090409004707_create_sessions.rb | 16 +++++++++++
db/schema.rb | 12 +++++++-
public/stylesheets/scaffold.css | 11 ++++++++
test/functional/admin_controller_test.rb | 8 ++++++
test/functional/users_controller_test.rb | 19 +++++++++----
test/unit/user_test.rb | 29 +++++++++++++++++---
18 files changed, 190 insertions(+), 22 deletions(-)
create mode 100644 app/controllers/admin_controller.rb
create mode 100644 app/helpers/admin_helper.rb
create mode 100644 app/views/admin/index.html.erb
create mode 100644 app/views/admin/login.html.erb
create mode 100644 app/views/layouts/admin.html.erb
create mode 100644 db/migrate/20090409004707_create_sessions.rb
create mode 100644 test/functional/admin_controller_test.rb
diff --git a/app/controllers/admin_controller.rb b/app/controllers/admin_controller.rb
new file mode 100644
index 0000000..dce6806
--- /dev/null
+++ b/app/controllers/admin_controller.rb
@@ -0,0 +1,27 @@
+class AdminController < ApplicationController
+ def login
+ session[:user_id] = nil
+ if request.post?
+ user = User.authenticate(params[:name], params[:password])
+ if user
+ session[:user_id] = user.id
+ uri = session[:original_uri]
+ session[:original_uri] = nil
+ redirect_to(:action => "index")
+ else
+ flash.now[:notice] = "Invalid user/password combination"
+ end
+ end
+ end
+
+ def logout
+ session[:user_id] = nil
+ flash[:notice] = "Logged out"
+ redirect_to(:action => "login")
+ end
+
+ def index
+ @user = User.find(session[:user_id])
+ @time = Time.now
+ end
+end
diff --git a/app/controllers/application.rb b/app/controllers/application.rb
index 172af02..7332081 100755
--- a/app/controllers/application.rb
+++ b/app/controllers/application.rb
@@ -2,14 +2,24 @@
# Likewise, all the methods added will be available for all controllers.
class ApplicationController < ActionController::Base
+ before_filter :authorize, :except => :login
helper :all # include all helpers, all the time
# See ActionController::RequestForgeryProtection for details
# Uncomment the :secret if you're not using the cookie session store
- protect_from_forgery # :secret => 'b87f90d2c51e7f2d846cd1fe2becec2e'
+ protect_from_forgery :secret => 'b87f90d2c51e7f2d846cd1fe2becec2e'
# See ActionController::Base for details
# Uncomment this to filter the contents of submitted sensitive data parameters
# from your application log (in this case, all fields with names like "password").
# filter_parameter_logging :password
+
+protected
+ def authorize
+ unless User.find_by_id(session[:user_id])
+ session[:orginal_uri] = request.request_uri
+ flash[:notice] = "Please log in"
+ redirect_to :controller => 'admin', :action => 'login'
+ end
+ end
end
diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb
index 3ca4e42..90f6b59 100644
--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@@ -12,6 +12,7 @@ def index
# GET /users/1
# GET /users/1.xml
+
def show
@user = User.find(params[:id])
@@ -23,6 +24,7 @@ def show
# GET /users/new
# GET /users/new.xml
+
def new
@user = User.new
@@ -33,12 +35,15 @@ def new
end
# GET /users/1/edit
+
def edit
@user = User.find(params[:id])
+
end
# POST /users
# POST /users.xml
+
def create
@user = User.new(params[:user])
@@ -56,6 +61,7 @@ def create
# PUT /users/1
# PUT /users/1.xml
+
def update
@user = User.find(params[:id])
@@ -73,9 +79,10 @@ def update
# DELETE /users/1
# DELETE /users/1.xml
+
def destroy
@user = User.find(params[:id])
- @user.destroy
+ @user.destroy
respond_to do |format|
format.html { redirect_to(users_url) }
diff --git a/app/helpers/admin_helper.rb b/app/helpers/admin_helper.rb
new file mode 100644
index 0000000..d5c6d35
--- /dev/null
+++ b/app/helpers/admin_helper.rb
@@ -0,0 +1,2 @@
+module AdminHelper
+end
diff --git a/app/models/user.rb b/app/models/user.rb
index 1ce036f..aa9cc12 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -6,7 +6,7 @@ class User < ActiveRecord::Base
validates_uniqueness_of :name
attr_accessor :password_confirmation
validates_confirmation_of :password
- validate :password_non_blank
+ validate :password_non_blank
validates_format_of :email, :with => /\A([^@\s]+)@((?:[-a-z0-9]+\.)+[a-z]{2,})\Z/i
def self.authenticate(name, password)
@@ -33,8 +33,8 @@ def password=(pwd)
def password_non_blank
- errors.add(:password, "missing") if hashed_password.blank?
- errors.add(:password_confirmation, "missing") if password_confirmation.blank?
+ errors.add(:password, "missing") if hashed_password.blank?
+ errors.add(:password_confirmation, "missing") if password_confirmation.blank?
end
private
diff --git a/app/views/admin/index.html.erb b/app/views/admin/index.html.erb
new file mode 100644
index 0000000..8a13245
--- /dev/null
+++ b/app/views/admin/index.html.erb
@@ -0,0 +1,9 @@
+Velkominn <%= @user.name %>
+
+<%= @time %>
+
+
+
+<%= link_to 'Users', :controller => 'users' %>
+
+<%= link_to 'logout', :action => 'logout' %>
\ No newline at end of file
diff --git a/app/views/admin/login.html.erb b/app/views/admin/login.html.erb
new file mode 100644
index 0000000..43e8eea
--- /dev/null
+++ b/app/views/admin/login.html.erb
@@ -0,0 +1,22 @@
+
+
diff --git a/app/views/layouts/admin.html.erb b/app/views/layouts/admin.html.erb
new file mode 100644
index 0000000..2bdb95f
--- /dev/null
+++ b/app/views/layouts/admin.html.erb
@@ -0,0 +1,15 @@
+
+
+
+
+
+ Admin: <%= controller.action_name %>
+ <%= stylesheet_link_tag 'scaffold' %>
+
+
+
+<%= yield %>
+
+
+
\ No newline at end of file
diff --git a/app/views/users/edit.html.erb b/app/views/users/edit.html.erb
index 8565f61..cf8cce9 100644
--- a/app/views/users/edit.html.erb
+++ b/app/views/users/edit.html.erb
@@ -12,12 +12,12 @@
<%= f.text_field :email %>
- <%= f.label :hashed_password %>
- <%= f.text_field :hashed_password %>
+ <%= f.label :password %>
+ <%= f.text_field :password %>
- <%= f.label :salt %>
- <%= f.text_field :salt %>
+ <%= f.label :user_password_confirmation %>
+ <%= f.text_field :password_confirmation %>
<%= f.submit "Update" %>
diff --git a/app/views/users/index.html.erb b/app/views/users/index.html.erb
index b5e0cf2..0fe2a28 100644
--- a/app/views/users/index.html.erb
+++ b/app/views/users/index.html.erb
@@ -20,3 +20,7 @@
<%= link_to 'New user', new_user_path %>
+
+<%= link_to 'Admin', :controller => 'admin' %>
+
+<%= link_to 'Logout', :controller => 'admin', :action => 'logout' %>
diff --git a/app/views/users/show.html.erb b/app/views/users/show.html.erb
index 0c4aa5d..f795374 100644
--- a/app/views/users/show.html.erb
+++ b/app/views/users/show.html.erb
@@ -18,6 +18,5 @@
<%=h @user.salt %>
-
<%= link_to 'Edit', edit_user_path(@user) %> |
<%= link_to 'Back', users_path %>
diff --git a/config/environment.rb b/config/environment.rb
index 571f897..0b303fc 100755
--- a/config/environment.rb
+++ b/config/environment.rb
@@ -62,7 +62,7 @@
# Use the database for sessions instead of the cookie-based default,
# which shouldn't be used to store highly confidential information
# (create the session table with "rake db:sessions:create")
- # config.action_controller.session_store = :active_record_store
+ config.action_controller.session_store = :active_record_store
# Use SQL instead of Active Record's schema dumper when creating the test database.
# This is necessary if your schema can't be completely dumped by the schema dumper,
diff --git a/db/migrate/20090409004707_create_sessions.rb b/db/migrate/20090409004707_create_sessions.rb
new file mode 100644
index 0000000..4ccc353
--- /dev/null
+++ b/db/migrate/20090409004707_create_sessions.rb
@@ -0,0 +1,16 @@
+class CreateSessions < ActiveRecord::Migration
+ def self.up
+ create_table :sessions do |t|
+ t.string :session_id, :null => false
+ t.text :data
+ t.timestamps
+ end
+
+ add_index :sessions, :session_id
+ add_index :sessions, :updated_at
+ end
+
+ def self.down
+ drop_table :sessions
+ end
+end
diff --git a/db/schema.rb b/db/schema.rb
index 4bd4720..b3f22e2 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -9,7 +9,17 @@
#
# It's strongly recommended to check this file into your version control system.
-ActiveRecord::Schema.define(:version => 20090312174058) do
+ActiveRecord::Schema.define(:version => 20090409004707) do
+
+ create_table "sessions", :force => true do |t|
+ t.string "session_id", :null => false
+ t.text "data"
+ t.datetime "created_at"
+ t.datetime "updated_at"
+ end
+
+ add_index "sessions", ["session_id"], :name => "index_sessions_on_session_id"
+ add_index "sessions", ["updated_at"], :name => "index_sessions_on_updated_at"
create_table "users", :force => true do |t|
t.string "name", :limit => 128, :null => false
diff --git a/public/stylesheets/scaffold.css b/public/stylesheets/scaffold.css
index 093c209..b2c238a 100644
--- a/public/stylesheets/scaffold.css
+++ b/public/stylesheets/scaffold.css
@@ -52,3 +52,14 @@ a:hover { color: #fff; background-color:#000; }
list-style: square;
}
+/* START:notice */
+#notice {
+ border: 2px solid red;
+ padding: 1em;
+ margin-bottom: 2em;
+ background-color: #f0f0f0;
+ font: bold smaller sans-serif;
+}
+/* END:notice */
+
+
diff --git a/test/functional/admin_controller_test.rb b/test/functional/admin_controller_test.rb
new file mode 100644
index 0000000..9bbf29b
--- /dev/null
+++ b/test/functional/admin_controller_test.rb
@@ -0,0 +1,8 @@
+require 'test_helper'
+
+class AdminControllerTest < ActionController::TestCase
+ # Replace this with your real tests.
+ test "the truth" do
+ assert true
+ end
+end
diff --git a/test/functional/users_controller_test.rb b/test/functional/users_controller_test.rb
index 116ce4f..2920326 100644
--- a/test/functional/users_controller_test.rb
+++ b/test/functional/users_controller_test.rb
@@ -3,48 +3,55 @@
class UsersControllerTest < ActionController::TestCase
fixtures :users
- test "should get index" do
+ test "index with out user" do
get :index
+ assert_redirected_to :action => "login"
+ assert_equal "Please log in", flash[:notice]
+ end
+
+ test "should get index" do
+ get :index, {}, { :user_id => users(:valid_user).id }
assert_response :success
assert_not_nil assigns(:users)
end
test "should get new" do
- get :new
+ get :new, {}, { :user_id => users(:valid_user).id }
assert_response :success
end
test "should create user" do
+ get :index, {}, { :user_id => users(:valid_user).id }
assert_difference('User.count') do
post :create, :user => { :name => 'siggi', :email => 'siggi@example.com',
:password => 'abc123', :password_confirmation => 'abc123'}
end
-
- #assert_redirected_to users_path(assigns(:user))
assert_response :found
end
test "should show user" do
+ get :index, {}, { :user_id => users(:valid_user).id }
get :show, :id => users(:one).id
assert_response :success
end
test "should get edit" do
+ get :index, {}, { :user_id => users(:valid_user).id }
get :edit, :id => users(:one).id
assert_response :success
end
test "should update user" do
+ get :index, {}, { :user_id => users(:valid_user).id }
put :update, :id => users(:one).id, :user => { }
- #assert_redirected_to user_path(assigns(:user))
assert_response :success
end
test "should destroy user" do
+ get :index, {}, { :user_id => users(:valid_user).id }
assert_difference('User.count', -1) do
delete :destroy, :id => users(:one).id
end
-
assert_redirected_to users_path
end
end
diff --git a/test/unit/user_test.rb b/test/unit/user_test.rb
index 816ba36..04ab2ee 100644
--- a/test/unit/user_test.rb
+++ b/test/unit/user_test.rb
@@ -3,11 +3,11 @@
class UserTest < ActiveSupport::TestCase
fixtures :users
- # Replace this with your real tests.
-
test "create valid user" do
- user = User.new(:name => 'siggi', :email => 'siggi@example.com',
- :password => 'abc123', :password_confirmation => 'abc123')
+ user = User.new(:name => 'siggi',
+ :email => 'siggi@example.com',
+ :password => 'abc123',
+ :password_confirmation => 'abc123')
assert user.save
end
@@ -19,4 +19,25 @@ class UserTest < ActiveSupport::TestCase
assert user.errors.invalid?(:password)
assert user.errors.invalid?(:password_confirmation)
end
+
+ test "valid email" do
+ valid = %w{ dabbi@dabbi.is }
+ invalid = %w{ dabbi dabbi@dabbi @dabbi.is dabbi@ @.is}
+
+ valid.each do |email|
+ user = User.new(:name => 'siggi',
+ :password => 'abc123',
+ :password_confirmation => 'abc123',
+ :email => email)
+ assert user.valid?, user.errors.full_messages
+ end
+
+ invalid.each do |email|
+ user = User.new(:name => 'siggi',
+ :password => 'abc123',
+ :password_confirmation => 'abc123',
+ :email => email)
+ assert !user.valid?, "saving #{email}"
+ end
+ end
end