Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

first commit

  • Loading branch information...
commit 53afd090e4484b6079d85db9787e1acde470de8d 0 parents
Jerry Richardson authored
27 app/controllers/application.rb
@@ -0,0 +1,27 @@
+# Filters added to this controller apply to all controllers in the application.
+# Likewise, all the methods added will be available for all controllers.
+
+class ApplicationController < ActionController::Base
+ include Clearance::App::Controllers::ApplicationController
+
+ # See ActionController::RequestForgeryProtection for details
+ # Uncomment the :secret if you're not using the cookie session store
+ protect_from_forgery # :secret => '0fd8ce30a8d1c316a42cebde71000433'
+
+ # See ActionController::Base for details
+ # Uncomment this to filter the contents of submitted sensitive data parameters
+ # from your application log (in this case, all fields with names like "password").
+ filter_parameter_logging :password
+
+ def signed_in_as_admin?
+ signed_in? && current_user.admin?
+ end
+
+ def users_only
+ deny_access("Please Login or Create an Account to Access that Feature.") unless signed_in?
+ end
+
+ def admin_only
+ deny_access("Please Login as an administrator to Access that Feature.") unless signed_in_as_admin?
+ end
+end
49 app/controllers/users_controller.rb
@@ -0,0 +1,49 @@
+class UsersController < ApplicationController
+ include Clearance::App::Controllers::UsersController
+
+ before_filter :admin_only, :only => [ :index ]
+ before_filter :get_user, :only => [ :edit, :update ]
+
+ def index
+ @users = User.find :all
+ end
+
+ def show
+ @user = User.find(params[:id])
+ end
+
+ def edit
+ end
+
+ def update
+ if current_user.admin? && params[:user][:admin] && params[:user][:admin] == "1"
+ @user.admin = true
+ @user.save
+ elsif current_user.admin?
+ @user.admin = false
+ @user.save
+ end
+
+ respond_to do |format|
+ if @user.update_attributes(params[:user])
+ flash[:notice] = 'User Record was successfully updated.'
+ format.html { redirect_to(edit_user_url(@user)) }
+ format.xml { head :ok }
+ else
+ format.html { render :action => "edit" }
+ format.xml { render :xml => @user.errors, :status => :unprocessable_entity }
+ end
+ end
+ end
+
+ protected
+
+ def get_user
+ if signed_in_as_admin?
+ @user = User.find(params[:id])
+ elsif signed_in?
+ @user = current_user
+ end
+ end
+
+end
9 app/helpers/application_helper.rb
@@ -0,0 +1,9 @@
+# Methods added to this helper will be available to all templates in the application.
+module ApplicationHelper
+
+ def show_admin_content?
+ signed_in_as_admin?
+ end
+
+
+end
23 app/models/user.rb
@@ -0,0 +1,23 @@
+class User < ActiveRecord::Base
+ include Clearance::App::Models::User
+ has_attached_file :avatar, :styles => { :medium => "256x256", :thumb => "64x64", :mini => "32x32" }, :default_url => "/images/transparent.gif"
+ attr_accessible :first_name, :last_name, :bio, :avatar, :location
+ named_scope :stars, :conditions => { :star => true }
+ has_many :posts
+
+ # after_create :add_jabber_user
+ #
+ #
+ # def add_jabber_user
+ # end
+
+ def full_name
+ "#{first_name} #{last_name}"
+ end
+
+ def admin?
+ self.admin
+ end
+
+end
+
22 app/views/users/_form.html.erb
@@ -0,0 +1,22 @@
+<%= form.error_messages %>
+<div id="user_form">
+<div class="text_field">
+ <%= form.label :email %>
+ <%= form.text_field :email %>
+</div>
+<div class="password_field">
+ <%= form.label :password %>
+ <%= form.password_field :password %>
+</div>
+<div class="password_field">
+ <%= form.label :password_confirmation, "Verify password" %>
+ <%= form.password_field :password_confirmation %>
+</div>
+
+<% if show_admin_content? %>
+ <div class="checkbox_field">
+ <%= form.check_box :admin %>
+ <%= form.label :admin, "Admin" %>
+ </div>
+<% end %>
+</div>
22 db/migrate/20090121191039_create_or_update_users_with_clearance_columns.rb
@@ -0,0 +1,22 @@
+class CreateOrUpdateUsersWithClearanceColumns < ActiveRecord::Migration
+ def self.up
+ create_table(:users) do |t|
+ t.string :email
+ t.string :encrypted_password, :limit => 128
+ t.string :salt, :limit => 128
+ t.string :token, :limit => 128
+ t.datetime :token_expires_at
+ t.boolean :email_confirmed, :default => false, :null => false
+ t.boolean :admin
+ end
+
+ add_index :users, [:id, :token]
+ add_index :users, :email
+ add_index :users, :token
+ add_index :users, :admin
+ end
+
+ def self.down
+ drop_table :users
+ end
+end
24 test/factories/clearance.rb
@@ -0,0 +1,24 @@
+Factory.sequence :email do |n|
+ "user#{n}@example.com"
+end
+
+Factory.define :user do |user|
+ user.email { Factory.next :email }
+ user.password { "password" }
+ user.password_confirmation { "password" }
+end
+
+Factory.define :email_confirmed_user, :class => 'user' do |user|
+ user.email { Factory.next :email }
+ user.password { "password" }
+ user.password_confirmation { "password" }
+ user.email_confirmed { true }
+end
+
+Factory.define :admin_user, :class => 'user' do |user|
+ user.email { Factory.next :email }
+ user.password { "password" }
+ user.password_confirmation { "password" }
+ user.email_confirmed { true }
+ user.admin { true }
+end
25 test/functional/users_controller_test.rb
@@ -0,0 +1,25 @@
+require File.dirname(__FILE__) + '/../test_helper'
+
+class UsersControllerTest < ActionController::TestCase
+ include Clearance::Test::Functional::UsersControllerTest
+
+ signed_in_admin_context do
+
+ context "on :get to :index" do
+ setup { get :index }
+ should_respond_with :success
+ should_render_template :index
+ should_not_set_the_flash
+ end
+
+ end
+
+ public_context do
+
+ context "on :get to :index" do
+ setup { get :index }
+ should_deny_access(:flash => /Please Login as an administrator/i)
+ end
+
+ end
+end
23 test/shoulda_macros/clearance.rb
@@ -0,0 +1,23 @@
+module Clearance
+ module Shoulda
+
+ # CONTEXTS
+ def signed_in_admin_context(&blk)
+ context "A signed in Admin" do
+ setup do
+ @user = Factory(:admin_user)
+ @user.confirm_email!
+ sign_in_as @user
+ end
+ merge_block(&blk)
+ end
+ end
+
+ end
+end
+
+
+class Test::Unit::TestCase
+ include Clearance::Shoulda::Helpers
+end
+Test::Unit::TestCase.extend(Clearance::Shoulda)
Please sign in to comment.
Something went wrong with that request. Please try again.