Permalink
Browse files

Last bits of user management for now

  • Loading branch information...
1 parent 05f357a commit fad4c9d6f4bd992274264900f47e4f5b9114484d @mikel committed May 18, 2009
@@ -7,4 +7,43 @@ def index
@users = User.find(:all)
end
+ def new
+ @user = User.new
+ end
+
+ def create
+ @user = User.new
+ @user.attributes = params[:user]
+ if @user.save
+ flash[:notice] = "User #{@user.login} successfully created"
+ redirect_to users_path
+ else
+ render :action => :new
+ end
+ end
+
+ def edit
+ @user = User.find(params[:id])
+ end
+
+ def update
+ @user = User.find(params[:id])
+ @user.attributes = params[:user]
+ if @user.save
+ flash[:notice] = "Update Successful"
+ redirect_to users_path
+ end
+ end
+
+ def destroy
+ @user = User.find(params[:id])
+ unless @user.last_admin?
+ @user.delete
+ flash[:notice] = "Deleted user #{@user.login} successfully"
+ else
+ flash[:error] = "Can not delete the last administrator"
+ end
+ redirect_to users_path
+ end
+
end
View
@@ -7,12 +7,47 @@ class User < ActiveRecord::Base
# Makes this user a member of the administrator group
def add_role!(role_name)
role = Role.find_by_name!(role_name.to_s)
- self.roles << role
+ self.roles << role unless self.roles.include?(role)
+ end
+
+ def remove_role!(role_name)
+ role = Role.find_by_name!(role_name.to_s)
+ self.roles.delete(role) if self.roles.include?(role)
end
# Returns true if this user is an administrator
def member_of?(role_name)
!!self.roles.find_by_name(role_name.to_s)
end
+ def admin=(bool)
+ if boolianize(bool)
+ add_role!(:admin)
+ else
+ remove_role!(:admin)
+ end
+ end
+
+ def admin
+ member_of?(:admin)
+ end
+
+ def last_admin?
+ !User.find(:first, :conditions => ["users.id != ? AND roles.name = 'admin'", self.id],
+ :joins => [:roles, :memberships])
+ end
+
+ private
+
+ def boolianize(bool)
+ case bool
+ when "1"
+ true
+ when "0"
+ false
+ else
+ bool
+ end
+ end
+
end
@@ -0,0 +1,21 @@
+<%= form.label :login %><br />
+<%= form.text_field :login %><br />
+<br />
+<%= form.label :email %><br />
+<%= form.text_field :email %><br />
+<br />
+<%= form.label :password, form.object.new_record? ? nil : "Change password" %><br />
+<%= form.password_field :password %><br />
+<br />
+<%= form.label :password_confirmation %><br />
+<%= form.password_field :password_confirmation %><br />
+<br />
+<%= form.label :given_name %><br />
+<%= form.text_field :given_name %><br />
+<br />
+<%= form.label :family_name %><br />
+<%= form.text_field :family_name %><br />
+<br />
+<%= form.label :admin %><br />
+<%= form.check_box :admin %><br />
+<br />
@@ -0,0 +1,5 @@
+<% form_for @user do |f| %>
+ <%= f.error_messages %>
+ <%= render :partial => "form", :object => f %>
+ <%= f.submit "Update" %>
+<% end %>
@@ -1,3 +1,16 @@
+<%- if flash -%>
+ <p><%= flash[:notice] -%>
+ <%= flash[:error] -%></p>
+<%- end -%>
<%- @users.each do |user| -%>
+<%= user.given_name %>
+<%= user.family_name %>
+<%= user.email %>
<%= user.login %>
-<%- end -%>
+ <%= link_to "Edit", edit_user_path(user) %>
+ <%= link_to "Delete", user_path(user), :method => :delete, :confirm => "Are you sure?", :id => "delete_#{user.id}" %>
+<%- end -%>
+
+<p>
+ <%= link_to "New User", new_user_path %>
+</p>
@@ -0,0 +1,5 @@
+<% form_for @user do |f| %>
+ <%= f.error_messages %>
+ <%= render :partial => "form", :object => f %>
+ <%= f.submit "Create" %>
+<% end %>
@@ -2,16 +2,17 @@ class CreateUsers < ActiveRecord::Migration
def self.up
create_table :users do |t|
- # Basic fields needed for AuthLogic
t.string :login, :null => false
t.string :email, :null => false
+ t.string :given_name, :null => false
+ t.string :family_name, :null => false
+
+ # Authentication Fields for AuthLogic
t.string :crypted_password, :null => false
t.string :password_salt, :null => false
t.string :persistence_token, :null => false
t.string :single_access_token, :null => false
t.string :perishable_token, :null => false
-
- # Optional Authlogic fields, but useful for us.
t.integer :login_count, :null => false, :default => 0
t.integer :failed_login_count, :null => false, :default => 0
t.datetime :last_request_at
@@ -22,6 +23,15 @@ def self.up
t.timestamps
end
+
+ User.reset_column_information
+ User.create!(:login => 'admin',
+ :password => 'mailer',
+ :password_confirmation => 'mailer',
+ :given_name => 'Default',
+ :family_name => 'Admin',
+ :email => 'admin@nowaythisisadomainname.org.au')
+
end
def self.down
@@ -5,6 +5,9 @@ def self.up
t.timestamps
end
+
+ Role.create!(:name => 'admin')
+ User.find(:first).add_role!('admin')
end
def self.down
View
@@ -27,6 +27,8 @@
create_table "users", :force => true do |t|
t.string "login", :null => false
t.string "email", :null => false
+ t.string "given_name", :null => false
+ t.string "family_name", :null => false
t.string "crypted_password", :null => false
t.string "password_salt", :null => false
t.string "persistence_token", :null => false
@@ -10,23 +10,23 @@ Feature: Manage sessions
Scenario: Non existent user
Given I am on the new user sessions page
- When I fill in "login" with "Bob"
+ When I fill in "login" with "bsmith"
And I fill in "password" with "PassWord"
And I press "Login"
Then I should see "Login does not exist"
Scenario: Incorrect password
- Given there is a user with username "Bob" and password "PassWord"
+ Given there is a user with username "bsmith" and password "PassWord"
And I am on the new user sessions page
- When I fill in "login" with "Bob"
+ When I fill in "login" with "bsmith"
And I fill in "password" with "guess"
And I press "Login"
Then I should see "Password is not valid"
Scenario: Successful login
- Given there is a user with username "Bob" and password "PassWord"
+ Given there is a user with username "bsmith" and password "PassWord"
And I am on the new user sessions page
- When I fill in "login" with "Bob"
+ When I fill in "login" with "bsmith"
And I fill in "password" with "PassWord"
And I press "Login"
Then I should see "Login successful!"
@@ -12,17 +12,100 @@ Feature: Managing users
Scenario: Only the admin user defined
Given I am logged in as an admin
When I go to the users page
- Then I should see "Bob"
+ Then I should see "bsmith"
Scenario: One user plus the admin user in the system
Given I am logged in as an admin
And a user with username "Charles" and password "PassWord"
When I go to the users page
Then I should see "Charles"
- And I should see "Bob"
+ And I should see "bsmith"
+
+ Scenario: Going to the new user page
+ Given I am logged in as an admin
+ When I go to the users page
+ And I follow "New User"
+ Then I should be on the new user page
+
+ Scenario: Making a new user
+ Given I am logged in as an admin
+ When I go to the new user page
+ And I fill in "login" with "mlindsaar"
+ And I fill in "given name" with "Mikel"
+ And I fill in "family name" with "Lindsaar"
+ And I fill in "email" with "mikel@me.com"
+ And I fill in "password" with "1234abcd"
+ And I fill in "password confirmation" with "1234abcd"
+ And I press "Create"
+ Then I should be on the users page
+ And I should see "User mlindsaar successfully created"
+ And I should see "Mikel"
+ And I should see "Lindsaar"
+
+ Scenario: Making an invalid user
+ Given I am logged in as an admin
+ When I go to the new user page
+ And I fill in "login" with "mlindsaar"
+ And I fill in "given name" with "Mikel"
+ And I fill in "family name" with "Lindsaar"
+ And I fill in "password" with "1234abcd"
+ And I fill in "password confirmation" with "1234abcd"
+ And I press "Create"
+ Then I should not see "Errors"
Scenario: Editing a user in the system
Given I am logged in as an admin
When I go to the users page
And I follow "edit"
- Then I should be on the edit user page for "Bob"
+ Then I should be on the edit user page for "bsmith"
+ And the "login" field should contain "bsmith"
+ And the "given name" field should contain "Bob"
+ And the "family name" field should contain "Smith"
+
+ Scenario: Changing a user in the system
+ Given I am logged in as an admin
+ When I go to the edit user page for "bsmith"
+ And I fill in "login" with "sammy_jones"
+ And I fill in "email" with "sammy@you.com"
+ And I fill in "given name" with "Sammy"
+ And I fill in "family name" with "Jones"
+ And I press "Update"
+ Then I should be on the users page
+ And I should see "Update Successful"
+ And I should see "sammy_jones"
+ And I should see "Sammy"
+ And I should see "Jones"
+
+ Scenario: Deleting a user
+ Given I am logged in as an admin
+ And a user with username "Charles" and password "PassWord"
+ When I go to the users page
+ And I click the delete link for "Charles"
+ Then I should be on the users page
+ And I should see "Deleted user Charles successfully"
+ And I should not see "Charles@someplace.com"
+
+ Scenario: Making a user an admin
+ Given I am logged in as an admin
+ And a user with username "Charles" and password "PassWord"
+ When I go to the edit user page for "Charles"
+ And I check "Admin"
+ And I press "Update"
+ Then there should be 2 administrators in the system
+
+ Scenario: Removing admin rights from a user
+ Given I am logged in as an admin
+ And a user with username "Charles" and password "PassWord"
+ And "Charles" is an "admin"
+ When I go to the edit user page for "Charles"
+ And I uncheck "Admin"
+ And I press "Update"
+ Then there should be 1 administrator in the system
+
+ Scenario: Trying to delete the last administrator
+ Given I am logged in as an admin
+ When I go to the users page
+ And I click the delete link for "bsmith"
+ Then I should be on the users page
+ And I should see "Can not delete the last administrator"
+
@@ -14,3 +14,7 @@
click_button("Login")
end
+Given /^"([^\"]*)" is a.? "([^\"]*)"$/ do |user, role|
+ User.find_by_login(user).add_role!(role)
+end
+
@@ -1,8 +1,12 @@
-Then /^I should see 1 user account$/ do
- pending
-end
-
Given /^a user with username "([^\"]*)" and password "([^\"]*)"$/ do |login, password|
Factory(:user, :login => login, :password => password)
end
+When /^I click the delete link for "([^\"]*)"$/ do |login|
+ user = User.find_by_login(login)
+ click_link("delete_#{user.id}")
+end
+
+Then /^there should be (\d+) administrator.? in the system$/ do |number|
+ Role.find_by_name('admin').users.count.should == number.to_i
+end
@@ -20,13 +20,16 @@ def path_to(page_name)
when /the new user sessions page/
new_user_session_path
+ when /the users page/
+ users_path
+
+ when /the new user page/
+ new_user_path
+
when /the edit user page for "(\w+)"/
user = User.find_by_login($1)
edit_user_path(user.id)
- when /the users page/
- users_path
-
# Add more page name => path mappings here
else
@@ -1,5 +1,7 @@
Factory.define :user do |u|
- u.login "Bob"
+ u.login "bsmith"
+ u.given_name "Bob"
+ u.family_name "Smith"
u.password "PassWord"
u.password_confirmation { |a| a.password }
u.email { |a| "#{a.login}@someplace.com" }
Oops, something went wrong.

0 comments on commit fad4c9d

Please sign in to comment.