db/migrate/20080622053008_change_state_default_to_be_active.rb @@ -3,4 +3,5 @@ h1. Todo * Style up UI * * Highlight if is my own status * Look into auto_tags -* Statuses.xml \ No newline at end of file +* Statuses.xml +* Remove login from users \ No newline at end of file TODO.textile @@ -1,9 +1,6 @@ -class UsersController < ApplicationController - # Be sure to include AuthenticationSystem in Application Controller instead - include AuthenticatedSystem - +class UsersController < ApplicationController # Protect these actions behind an admin login - # before_filter :admin_required, :only => [:suspend, :unsuspend, :destroy, :purge] + before_filter :admin_required, :only => [:suspend, :unsuspend, :destroy, :purge] before_filter :find_user, :only => [:suspend, :unsuspend, :destroy, :purge] @@ -15,8 +12,7 @@ class UsersController < ApplicationController def create logout_keeping_session! @user = User.new(params[:user]) - if @user && @user.valid? - @user.register! + if @user.valid? && @user.save! redirect_back_or_default('/') flash[:notice] = "Thanks for signing up! We're sending you an email with your activation code." else app/controllers/users_controller.rb @@ -44,17 +44,13 @@ class User < ActiveRecord::Base validates_presence_of :email validates_length_of :email, :within => 6..100 #r@a.wk validates_uniqueness_of :email, :case_sensitive => false - validates_format_of :email, :with => RE_EMAIL_OK, :message => MSG_EMAIL_BAD - - + validates_format_of :email, :with => RE_EMAIL_OK, :message => MSG_EMAIL_BAD # HACK HACK HACK -- how to do attr_accessible from here? # prevents a user from submitting a crafted form that bypasses activation # anything else you want your user to change should be added here. attr_accessible :login, :email, :name, :password, :password_confirmation - - # Authenticates a user by their login name and unencrypted password. Returns the user or nil. # # uff. this is really an authorization, not authentication routine. app/models/user.rb @@ -1,23 +1,14 @@ class UserMailer < ActionMailer::Base def signup_notification(user) setup_email(user) - @subject += 'Please activate your new account' - - @body[:url] = "http://YOURSITE/activate/#{user.activation_code}" - - end - - def activation(user) - setup_email(user) - @subject += 'Your account has been activated!' - @body[:url] = "http://YOURSITE/" + @subject += 'Thanks for signing up' end protected def setup_email(user) @recipients = "#{user.email}" @from = "ADMINEMAIL" - @subject = "[YOURSITE] " + @subject = "[HOLLER] " @sent_on = Time.now @body[:user] = user end app/models/user_mailer.rb @@ -2,7 +2,3 @@ Your account has been created. Username: <%=h @user.login %> Password: <%=h @user.password %> - -Visit this url to activate your account: - - <%=h @url %> app/views/user_mailer/signup_notification.html.erb @@ -11,17 +11,13 @@ describe UsersController do end - it 'signs up user in pending state' do + it 'signs up user in active state' do create_user assigns(:user).reload - assigns(:user).should be_pending + + assigns(:user).should be_active end - it 'signs up user with activation code' do - create_user - assigns(:user).reload - assigns(:user).activation_code.should_not be_nil - end it 'requires login on signup' do lambda do create_user(:login => nil) spec/controllers/users_controller_spec.rb @@ -17,16 +17,10 @@ describe User do @creating_user.should change(User, :count).by(1) end - it 'initializes #activation_code' do + it 'starts in active state' do @creating_user.call @user.reload - @user.activation_code.should_not be_nil - end - - it 'starts in pending state' do - @creating_user.call - @user.reload - @user.should be_pending + @user.should be_active end end @@ -226,12 +220,9 @@ describe User do users(:quentin).remember_token_expires_at.between?(before, after).should be_true end - it 'registers passive user' do - user = create_user(:password => nil, :password_confirmation => nil) - user.should be_passive - user.update_attributes(:password => 'new password', :password_confirmation => 'new password') - user.register! - user.should be_pending + it 'registers active user' do + user = create_user + user.should be_active end it 'suspends user' do @@ -255,7 +246,7 @@ describe User do protected def create_user(options = {}) record = User.new({ :login => 'quire', :email => 'quire@example.com', :password => 'quire69', :password_confirmation => 'quire69' }.merge(options)) - record.register! if record.valid? + record.save record end end spec/models/user_spec.rb @@ -9,17 +9,13 @@ module Authorization recipient.class_eval do include StatefulRolesInstanceMethods - acts_as_state_machine :initial => :pending + acts_as_state_machine :initial => :active state :passive state :pending, :enter => :make_activation_code state :active, :enter => :do_activate state :suspended state :deleted, :enter => :do_delete - event :register do - transitions :from => :passive, :to => :pending, :guard => Proc.new {|u| !(u.crypted_password.blank? && u.password.blank?) } - end - event :activate do transitions :from => :pending, :to => :active end vendor/plugins/restfulauthentication/lib/authorization/stateful_roles.rb c1664d1b1335dcde59443cf9962705bdb3ad280b Zach Inglis zach@lt3media.com http://github.com/zachinglis/holler/commit/8f243076cdd84144bf4b3eacf7b765ef0c65ae65 8f243076cdd84144bf4b3eacf7b765ef0c65ae65 2008-06-21T22:45:31-07:00 2008-06-21T22:45:31-07:00 Fixing up restful authentication the way i like it 8ea06a52b9eb99a25b6f6f052e7753528241a917 Zach Inglis zach@lt3media.com