-
Notifications
You must be signed in to change notification settings - Fork 1.3k
/
users_controller.rb
148 lines (127 loc) · 4.08 KB
/
users_controller.rb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
# frozen_string_literal: true
# Copyright (c) 2008-2013 Michael Dvorkin and contributors.
#
# Fat Free CRM is freely distributable under the terms of MIT license.
# See MIT-LICENSE file or http://www.opensource.org/licenses/mit-license.php
#------------------------------------------------------------------------------
class UsersController < ApplicationController
before_action :set_current_tab, only: %i[show opportunities_overview] # Don't hightlight any tabs.
check_authorization
load_and_authorize_resource # handles all security
respond_to :html, only: %i[show new]
# GET /users/1
# GET /users/1.js
#----------------------------------------------------------------------------
def show
@user = current_user if params[:id].nil?
respond_with(@user)
end
# GET /users/1/edit.js
#----------------------------------------------------------------------------
def edit
respond_with(@user)
end
# PUT /users/1
# PUT /users/1.js
#----------------------------------------------------------------------------
def update
@user.update(user_params)
flash[:notice] = t(:msg_user_updated)
respond_with(@user)
end
# GET /users/1/avatar
# GET /users/1/avatar.js
#----------------------------------------------------------------------------
def avatar
respond_with(@user)
end
# PUT /users/1/upload_avatar
# PUT /users/1/upload_avatar.js
#----------------------------------------------------------------------------
def upload_avatar
if params[:gravatar]
@user.avatar = nil
@user.save
render
else
if params[:avatar]
@avatar = Avatar.create(avatar_params)
if @avatar.valid?
@user.avatar = @avatar
else
@user.avatar.errors.clear
@user.avatar.errors.add(:image, t(:msg_bad_image_file))
end
end
responds_to_parent do
# Without return RSpec2 screams bloody murder about rendering twice:
# within the block and after yield in responds_to_parent.
render && (return if Rails.env.test?)
end
end
end
# GET /users/1/password
# GET /users/1/password.js
#----------------------------------------------------------------------------
def password
respond_with(@user)
end
# PUT /users/1/change_password
# PUT /users/1/change_password.js
#----------------------------------------------------------------------------
def change_password
if @user.valid_password?(params[:current_password])
if params[:user][:password].blank?
flash[:notice] = t(:msg_password_not_changed)
else
@user.password = params[:user][:password]
@user.password_confirmation = params[:user][:password_confirmation]
@user.save
flash[:notice] = t(:msg_password_changed)
end
else
@user.errors.add(:current_password, t(:msg_invalid_password))
end
respond_with(@user)
end
# GET /users/1/redraw
#----------------------------------------------------------------------------
def redraw
current_user.preference[:locale] = params[:locale]
render js: %(window.location.href = "#{user_path(current_user)}";)
end
# GET /users/opportunities_overview
#----------------------------------------------------------------------------
def opportunities_overview
@users_with_opportunities = User.have_assigned_opportunities.order(:first_name)
@unassigned_opportunities = Opportunity.my(current_user).unassigned.pipeline.order(:stage).includes(:account, :user, :tags)
end
protected
def user_params
return {} unless params[:user]
params[:user][:email].try(:strip!)
params[:user][:alt_email].try(:strip!)
params[:user].permit(
:username,
:email,
:first_name,
:last_name,
:title,
:company,
:alt_email,
:phone,
:mobile,
:aim,
:yahoo,
:google,
:skype
)
end
def avatar_params
return {} unless params[:avatar]
params[:avatar]
.permit(:image)
.merge(entity: @user, user_id: @user.id)
end
ActiveSupport.run_load_hooks(:fat_free_crm_users_controller, self)
end