0
@@ -1,8 +1,11 @@
0
 class UsersController < ApplicationController
0
-  # Protect these actions behind an admin login
0
-  # before_filter :admin_required, :only => [:suspend, :unsuspend, :destroy, :purge]
0
-  before_filter :find_user, :only => [:show, :suspend, :unsuspend, :destroy, :purge]
0
+  before_filter :admin_required, :only => [:suspend, :unsuspend, :destroy, :purge]
0
+  before_filter :find_user, :only => [:update, :show, :suspend, :unsuspend, :destroy, :purge]
0
+  before_filter :login_required, :only => [:edit, :update]
0
   
0
+  def index
0
+    @users = current_site.users.paginate :all, :page => current_page
0
+  end
0
 
0
   # render new.rhtml
0
   def new
0
@@ -20,6 +23,27 @@ class UsersController < ApplicationController
0
     render :action => 'new'
0
   end
0
 
0
+  def edit
0
+    if params[:id]
0
+      redirect_to settings_path and return
0
+    end
0
+    @user = current_user
0
+  end
0
+
0
+  def update
0
+    @user = current_user
0
+    respond_to do |format|
0
+      if @user.update_attributes(params[:user])
0
+        flash[:notice] = 'Forum was successfully updated.'
0
+        format.html { redirect_to(settings_path) }
0
+        format.xml  { head :ok }
0
+      else
0
+        format.html { render :action => "edit" }
0
+        format.xml  { render :xml => @user.errors, :status => :unprocessable_entity }
0
+      end
0
+    end
0
+  end
0
+
0
   def activate
0
     self.current_user = params[:activation_code].blank? ? :false : current_site.all_users.find_in_state(:first, :pending, :conditions => {:activation_code => params[:activation_code]})
0
     if logged_in?
0
@@ -48,14 +72,13 @@ class UsersController < ApplicationController
0
     @user.destroy
0
     redirect_to users_path
0
   end
0
-  
0
-  def index
0
-    @users = current_site.users.paginate :all, :page => current_page
0
-  end
0
 
0
 protected
0
   def find_user
0
     @user = current_site.users.find_by_permalink(params[:id])
0
   end
0
-
0
+  
0
+  def authorized?
0
+    params[:id].blank? || @user == current_user
0
+  end
0
 end

0
@@ -24,9 +24,9 @@ class Forum < ActiveRecord::Base
0
   has_many :moderatorships, :dependent => :delete_all
0
   has_many :moderators, :through => :moderatorships, :source => :user
0
 
0
-  # retrieves forums ordered by position
0
-  def self.find_ordered(options = {})
0
-    find :all, options.update(:order => 'position')
0
+  # oh has_finder i eagerly await thee
0
+  def self.ordered
0
+    find :all, :order => 'position'
0
   end
0
   
0
   def to_param

0
@@ -32,7 +32,7 @@ class Site < ActiveRecord::Base
0
   
0
   # <3 rspec
0
   def ordered_forums(*args)
0
-    forums.find_ordered(*args)
0
+    forums.ordered(*args)
0
   end
0
   
0
   def default?

0
@@ -10,7 +10,7 @@ class User < ActiveRecord::Base
0
   has_many :topics, :order => "#{Topic.table_name}.created_at desc"
0
   
0
   has_many :moderatorships, :dependent => :delete_all
0
-  has_many :moderated_forums, :through => :moderatorships, :source => :forum
0
+  has_many :forums, :through => :moderatorships, :source => :forum
0
   
0
   has_many :monitorships, :dependent => :delete_all
0
   has_many :monitored_topics, :through => :monitorships, :source => :topic, :conditions => {"#{Monitorship.table_name}.active" => true}
0
@@ -27,6 +27,10 @@ class User < ActiveRecord::Base
0
     prefetch_from(records).index_by(&:id)
0
   end
0
 
0
+  def available_forums
0
+    @available_forums ||= site.ordered_forums - forums
0
+  end
0
+
0
   def moderator_of?(forum)
0
     Moderatorship.exists?(:user_id => id, :forum_id => forum.id)
0
   end

0
@@ -28,7 +28,7 @@
0
 
0
     <% if current_site && logged_in? -%>
0
     <li class="login"><%=  link_to current_user.login, user_path(current_user) %></li>
0
-    <li class="logout"><%= link_to 'Settings'[:settings_title], "TODO:settings_path" %></li>
0
+    <li class="logout"><%= link_to 'Settings'[:settings_title], settings_path %></li>
0
     <li class="logout"><%= link_to 'Logout'[:logout_title], logout_path(:to => CGI.escape(request.request_uri)) %></li>
0
     <% else -%>
0
     <li><%= link_to 'Signup'[:signup_action], signup_path(:to => CGI.escape(request.request_uri)) %></li>

0
@@ -21,7 +21,7 @@
0
 </p>
0
 <% end -%>
0
 
0
-<% if admin? && !@topic.new_record? && forums = Forum.find_ordered -%>
0
+<% if admin? && !@topic.new_record? && forums = current_site.ordered_forums -%>
0
   <% if forums.size > 1 -%>
0
 <p id="topic_forum_id">
0
   <label for="topic_forum_id"><%= 'Forum'[:forum_title] %></label><br />

0
@@ -2,7 +2,7 @@
0
 
0
 <% content_for :right do -%>
0
 <% if admin? %>
0
-<% form_for :user, :url => admin_user_path(@user), :html => {:class => "xdialog"} do |f| -%>
0
+<% form_for @user.moderatorships.build, :html => {:class => "xdialog"} do |f| -%>
0
   <h6><%= 'Admin &amp; Moderation'[:admin_and_moderation] %></h6>
0
 
0
   <% unless @user.forums.empty? -%>
0
@@ -12,24 +12,25 @@
0
   <ul class="flat">
0
   <% @user.forums.find(:all, :select => "#{Forum.table_name}.*, #{Moderatorship.table_name}.id as moderatorship_id").each do |forum| -%>
0
     <li>
0
-      <%#= link_to forum.name, forum_path(forum), :class => "hidden" %>
0
-      <%#= link_to 'remove', moderator_path(@user, forum.moderatorship_id), :method => :delete %>
0
-      <%= link_to forum.name, user_moderator_path(@user, forum.moderatorship_id), :method => :delete, :confirm => "#{'Remove user as moderator for'[:remove_user_as_moderator]} #{forum.name}?" %>
0
+      <%= link_to forum.name, moderatorship_path(forum.moderatorship_id), :method => :delete, :confirm => "#{'Remove user as moderator for'[:remove_user_as_moderator]} #{forum.name}?" %>
0
     </li>
0
   <% end -%>
0
   </ul>
0
   <% end -%>
0
 
0
+	<% unless @user.available_forums.empty? -%>
0
   <p>
0
   <label><%= 'Add as moderator'[] %></label><br />
0
-	<select name="moderator">
0
-    <option value="-"></option>
0
-    <%= options_from_collection_for_select(Forum.find(:all, :order => 'position') - @user.forums, "id", "name") %>
0
-  </select></p>
0
+	<%= f.select :forum_id, @user.available_forums.collect { |forum| [forum.name, forum.id] }, :include_blank => " - " %>
0
+	</p>
0
+	<% end -%>
0
 
0
-  <p><label><%= f.check_box :admin %> <%= 'User is an administrator'[] %></label></p>
0
+  <p><label><%= check_box_tag :admin, @user.admin? %> <%= 'User is an administrator'[] %></label></p>
0
 
0
-  <p><%= submit_tag 'Save'[:save_title] %></p>
0
+  <p>
0
+		<%= f.submit 'Save'[:save_title] %>
0
+		<%= f.hidden_field :user_id %>
0
+	</p>
0
 <% end -%>
0
 <% end -%>
0
 <% end -%>
0
@@ -44,14 +45,14 @@
0
     <%= '{count} topics'[(count=@user.topics.size)==1 ? :topic_count : :topics_count, number_with_delimiter(count)] %>, 
0
     <%= '{count} posts'[(count=@user.posts.size)==1 ? :post_count : :posts_count, number_with_delimiter(count)] %>
0
     (<%= 'view'[] %> <%= link_to 'all'[:view_all], user_posts_path(@user) %> | 
0
-    <%= link_to 'monitored'[], monitored_posts_path(@user) %> <%= 'posts'[] %>)<br />
0
+    <%= link_to 'monitored'[], "monitored_posts_path(@user)" %> <%= 'posts'[] %>)<br />
0
   </span>
0
 </p>
0
 
0
 <%= @user.bio_html %>
0
 
0
 <% unless @user.website.blank? -%>
0
-<p><strong><%= 'Website:'[:website_title] %></strong> <%= white_list link_to(@user.website.gsub("http://",""), "http://" + @user.website.gsub("http://","")) %>
0
+<p><strong><%= 'Website:'[:website_title] %></strong> <%= sanitize link_to(@user.website.gsub("http://",""), "http://" + @user.website.gsub("http://","")) %>
0
 <% end -%>
0
 <p><%= 'User since'[] %> <%= @user.created_at.to_date.to_s :long %></p>
0
 

0
@@ -20,6 +20,7 @@ ActionController::Routing::Routes.draw do |map|
0
   map.signup   '/signup',                    :controller => 'users',    :action => 'new'
0
   map.login    '/login',                     :controller => 'sessions', :action => 'new'
0
   map.logout   '/logout',                    :controller => 'sessions', :action => 'destroy'
0
+  map.settings '/settings',                  :controller => 'users',    :action => 'edit'
0
   map.resource  :session
0
   map.root :controller => 'forums', :action => 'index'
0
 end

0
@@ -78,4 +78,62 @@ describe UsersController do
0
     post :create, :user => { :login => 'quire', :email => 'quire@example.com',
0
       :password => 'quire', :password_confirmation => 'quire' }.merge(options)
0
   end
0
+end
0
+
0
+describe UsersController, "PUT #update" do
0
+  before do
0
+    login_as :default
0
+    current_site :default
0
+    @attributes = {'login' => "Default"}
0
+    @controller.stub!(:current_site).and_return(@site)
0
+    @controller.stub!(:login_required).and_return(true)
0
+  end
0
+  
0
+  describe UsersController, "(successful save)" do
0
+    define_models :stubbed
0
+    act! { put :update, :id => 1, :user => @attributes }
0
+
0
+    before do
0
+      @user.stub!(:save).and_return(true)
0
+    end
0
+    
0
+    it_assigns :user, :flash => { :notice => :not_nil }
0
+    it_redirects_to { settings_path }
0
+  end
0
+  
0
+  describe UsersController, "(successful save, xml)" do
0
+    define_models :stubbed
0
+    act! { put :update, :id => 1, :user => @attributes, :format => 'xml' }
0
+
0
+    before do
0
+      @user.stub!(:save).and_return(true)
0
+    end
0
+    
0
+    it_assigns :user
0
+    it_renders :blank
0
+  end
0
+
0
+  describe UsersController, "(unsuccessful save)" do
0
+    define_models :stubbed
0
+    act! { put :update, :id => 1, :user => @attributes }
0
+
0
+    before do
0
+      @user.stub!(:save).and_return(false)
0
+    end
0
+    
0
+    it_assigns :user
0
+    it_renders :template, :edit
0
+  end
0
+  
0
+  describe UsersController, "(unsuccessful save, xml)" do
0
+    define_models :stubbed
0
+    act! { put :update, :id => 1, :user => @attributes, :format => 'xml' }
0
+
0
+    before do
0
+      @user.stub!(:save).and_return(false)
0
+    end
0
+    
0
+    it_assigns :user
0
+    it_renders :xml, "user.errors", :status => :unprocessable_entity
0
+  end
0
 end
0
\ No newline at end of file

0
@@ -31,6 +31,6 @@ describe Forum do
0
   end
0
   
0
   it "finds ordered forums" do
0
-    Forum.find_ordered.should == [forums(:other), forums(:default)]
0
+    Forum.ordered.should == [forums(:other), forums(:default)]
0
   end
0
 end
0
\ No newline at end of file

0
@@ -75,11 +75,11 @@ describe Forum, "#moderators" do
0
   end
0
 end
0
 
0
-describe User, "#moderated_forums" do
0
+describe User, "#forums" do
0
   define_models :moderators
0
 
0
   it "finds forums for users" do
0
-    users(:default).moderated_forums.sort_by(&:name).should == [forums(:default), forums(:other)]
0
-    users(:other).moderated_forums.should == [forums(:default)]
0
+    users(:default).forums.sort_by(&:name).should == [forums(:default), forums(:other)]
0
+    users(:other).forums.should == [forums(:default)]
0
   end
0
 end
0
\ No newline at end of file

0
@@ -15,9 +15,13 @@ Spec::Runner.configure do |config|
0
   config.use_instantiated_fixtures  = false
0
   config.fixture_path = RAILS_ROOT + '/spec/fixtures/'
0
 
0
+  def current_site(site)
0
+    @site = sites(site)
0
+  end
0
+
0
   # Sets the current user in the session from the user fixtures.
0
   def login_as(user)
0
-    @request.session[:user] = user ? users(user).id : nil
0
+    controller.stub!(:current_user).and_return(@user = user ? users(user) : nil)
0
   end
0
 
0
   def authorize_as(user)