diff --git a/Gemfile b/Gemfile
index ae1bc05..5642d98 100644
--- a/Gemfile
+++ b/Gemfile
@@ -3,14 +3,12 @@ source 'http://rubygems.org'
gem 'rails', '3.0.9'
gem 'sqlite3', '1.3.3'
gem 'gravatar_image_tag', '1.0.0.pre2'
-
-group :development do
- gem 'rspec-rails', '2.6.1'
-end
+gem 'will_paginate', '3.0.pre2'
group :development do
gem 'rspec-rails', '2.6.1'
gem 'annotate', '2.4.0'
+ gem 'faker', '0.3.1'
end
group :test do
diff --git a/Gemfile.lock b/Gemfile.lock
index a339742..f545d2b 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -38,6 +38,7 @@ GEM
factory_girl_rails (1.0)
factory_girl (~> 1.3)
rails (>= 3.0.0.beta4)
+ faker (0.3.1)
gravatar_image_tag (1.0.0.pre2)
i18n (0.5.0)
mail (2.2.19)
@@ -93,6 +94,7 @@ GEM
nokogiri (>= 1.2.0)
rack (>= 1.0)
rack-test (>= 0.5.3)
+ will_paginate (3.0.pre2)
PLATFORMS
ruby
@@ -100,9 +102,11 @@ PLATFORMS
DEPENDENCIES
annotate (= 2.4.0)
factory_girl_rails (= 1.0)
+ faker (= 0.3.1)
gravatar_image_tag (= 1.0.0.pre2)
rails (= 3.0.9)
rspec-rails (= 2.6.1)
spork (= 0.9.0.rc8)
sqlite3 (= 1.3.3)
webrat (= 0.7.1)
+ will_paginate (= 3.0.pre2)
diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb
index 58a0ecb..339cbcf 100644
--- a/app/controllers/sessions_controller.rb
+++ b/app/controllers/sessions_controller.rb
@@ -12,7 +12,7 @@ def create
render 'new'
else
sign_in user
- redirect_to user
+ redirect_back_or user
end
end
diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb
index 9ca1870..afae8f2 100644
--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@@ -1,4 +1,8 @@
class UsersController < ApplicationController
+ before_filter :authenticate, :only => [:index, :edit, :update]
+ before_filter :correct_user, :only => [:edit, :update]
+ before_filter :admin_user, :only => :destroy
+
def new
@user = User.new
@title = "Sign up"
@@ -19,4 +23,42 @@ def create
render 'new'
end
end
+
+ def edit
+ @title = "Edit user"
+ end
+
+ def update
+ if @user.update_attributes(params[:user])
+ flash[:success] = "Profile updated."
+ redirect_to @user
+ else
+ @title = "Edit user"
+ render 'edit'
+ end
+ end
+
+ def index
+ @title = "All users"
+ @users = User.paginate(:page => params[:page])
+ end
+
+ def destroy
+ User.find(params[:id]).destroy
+ flash[:success] = "User destroyed."
+ redirect_to users_path
+ end
+
+ private
+
+ def authenticate
+ deny_access unless signed_in?
+ end
+ def correct_user
+ @user = User.find(params[:id])
+ redirect_to(root_path) unless current_user?(@user)
+ end
+ def admin_user
+ redirect_to(root_path) unless current_user.admin?
+ end
end
diff --git a/app/helpers/sessions_helper.rb b/app/helpers/sessions_helper.rb
index 1c11511..b4c963e 100644
--- a/app/helpers/sessions_helper.rb
+++ b/app/helpers/sessions_helper.rb
@@ -1,6 +1,6 @@
module SessionsHelper
def sign_in(user)
- cookies.permanent.signed[remember_token] = [user.id, user.salt]
+ cookies.permanent.signed[:remember_token] = [user.id, user.salt]
self.current_user = user
end
@@ -21,6 +21,20 @@ def sign_out
self.current_user = nil
end
+ def current_user?(user)
+ user == current_user
+ end
+
+ def deny_access
+ store_location
+ redirect_to signin_path, :notice => "Please sign in to access this page."
+ end
+
+ def redirect_back_or(default)
+ redirect_to(session[:return_to] || default)
+ clear_return_to
+ end
+
private
def user_from_remember_token
User.authenticate_with_salt(*remember_token)
@@ -29,4 +43,12 @@ def user_from_remember_token
def remember_token
cookies.signed[:remember_token] || [nil, nil]
end
+
+ def store_location
+ session[:return_to] = request.fullpath
+ end
+
+ def clear_return_to
+ session[:return_to] = nil
+ end
end
diff --git a/app/views/layouts/_header.html.erb b/app/views/layouts/_header.html.erb
index e2b51b1..f7348e1 100644
--- a/app/views/layouts/_header.html.erb
+++ b/app/views/layouts/_header.html.erb
@@ -5,6 +5,8 @@
<%= link_to "Home", root_path %>
<% if signed_in? %>
<%= link_to "Profile", current_user %>
+ <%= link_to "Settings", edit_user_path(current_user) %>
+ <%= link_to "Users", users_path %>
<% end %>
<%= link_to "Help", help_path %>
<% if signed_in? %>
diff --git a/app/views/layouts/application.html.erb b/app/views/layouts/application.html.erb
index 763c1c7..c0238e6 100644
--- a/app/views/layouts/application.html.erb
+++ b/app/views/layouts/application.html.erb
@@ -4,6 +4,7 @@
<%= title %>
<%= csrf_meta_tag %>
<%= render 'layouts/stylesheets' %>
+ <%= javascript_include_tag :defaults %>
diff --git a/app/views/sessions/new.html.erb b/app/views/sessions/new.html.erb
index 3ed8943..f125a90 100644
--- a/app/views/sessions/new.html.erb
+++ b/app/views/sessions/new.html.erb
@@ -12,6 +12,6 @@
<%= f.submit "Sign in" %>
- <% end %>
+<% end %>
New user? <%= link_to "Sign up now!", signup_path %>
diff --git a/app/views/shared/_error_messages.html.erb b/app/views/shared/_error_messages.html.erb
index 5e49540..16eebe5 100644
--- a/app/views/shared/_error_messages.html.erb
+++ b/app/views/shared/_error_messages.html.erb
@@ -1,7 +1,8 @@
<% if @user.errors.any? %>
<%= pluralize(@user.errors.count, "error") %>
- prohibited this user from being saved:
+ prohibited this <%= object.class.to_s.underscore.humanize.downcase %>
+ from being saved:
There were problems with the following fields:
<% @user.errors.full_messages.each do |msg| %>
diff --git a/app/views/users/_user.html.erb b/app/views/users/_user.html.erb
new file mode 100644
index 0000000..08e9c09
--- /dev/null
+++ b/app/views/users/_user.html.erb
@@ -0,0 +1,8 @@
+-
+ <%= gravatar_for user, :size => 30 %>
+ <%= link_to user.name, user %>
+ <% if current_user.admin? %>
+ | <%= link_to "delete", user, :method => :delete, :confirm => "You sure?",
+ :title => "Delete #{user.name}" %>
+ <% end %>
+
diff --git a/app/views/users/edit.html.erb b/app/views/users/edit.html.erb
new file mode 100644
index 0000000..b4e6860
--- /dev/null
+++ b/app/views/users/edit.html.erb
@@ -0,0 +1,29 @@
+Edit user
+
+<%= form_for(@user) do |f| %>
+ <%= render 'shared/error_messages', :object => f.object %>
+
+ <%= f.label :name %>
+ <%= f.text_field :name %>
+
+
+ <%= f.label :email %>
+ <%= f.text_field :email %>
+
+
+ <%= f.label :password %>
+ <%= f.password_field :password %>
+
+
+ <%= f.label :password_confirmation, "Confirmation" %>
+ <%= f.password_field :password_confirmation %>
+
+
+ <%= f.submit "Update" %>
+
+<% end %>
+
+
+ <%= gravatar_for @user %>
+
change
+
diff --git a/app/views/users/index.html.erb b/app/views/users/index.html.erb
new file mode 100644
index 0000000..e355b9e
--- /dev/null
+++ b/app/views/users/index.html.erb
@@ -0,0 +1,10 @@
+All users
+
+<%= will_paginate %>
+
+
+
+<%= will_paginate %>
+
diff --git a/app/views/users/new.html.erb b/app/views/users/new.html.erb
index 026dab1..6ff43e7 100644
--- a/app/views/users/new.html.erb
+++ b/app/views/users/new.html.erb
@@ -1,7 +1,7 @@
Sign up
<%= form_for(@user) do |f| %>
- <%= render 'shared/error_messages' %>
+ <%= render 'shared/error_messages', :object => f.object %>
<%= f.label :name %>
<%= f.text_field :name %>
diff --git a/db/migrate/20111011160313_add_admin_to_users.rb b/db/migrate/20111011160313_add_admin_to_users.rb
new file mode 100644
index 0000000..ad38d91
--- /dev/null
+++ b/db/migrate/20111011160313_add_admin_to_users.rb
@@ -0,0 +1,9 @@
+class AddAdminToUsers < ActiveRecord::Migration
+ def self.up
+ add_column :users, :admin, :boolean, :default => false
+ end
+
+ def self.down
+ remove_column :users, :admin
+ end
+end
diff --git a/db/schema.rb b/db/schema.rb
index 28edc98..6f4d2a0 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -10,7 +10,7 @@
#
# It's strongly recommended to check this file into your version control system.
-ActiveRecord::Schema.define(:version => 20111005205657) do
+ActiveRecord::Schema.define(:version => 20111011160313) do
create_table "users", :force => true do |t|
t.string "name"
@@ -19,6 +19,7 @@
t.datetime "updated_at"
t.string "encrypted_password"
t.string "salt"
+ t.boolean "admin", :default => false
end
add_index "users", ["email"], :name => "index_users_on_email", :unique => true
diff --git a/lib/tasks/sample_data.rake b/lib/tasks/sample_data.rake
new file mode 100644
index 0000000..cf1fbb4
--- /dev/null
+++ b/lib/tasks/sample_data.rake
@@ -0,0 +1,21 @@
+namespace :db do
+ desc "Fill database with sample data"
+ task :populate => :environment do
+ Rake::Task['db:reset'].invoke
+ admin = User.create!(:name => "pankonjab",
+ :email => "pankonjab@example.com",
+ :password => "kljuse",
+ :password_confirmation => "kljuse")
+ admin.toggle!(:admin)
+ 99.times do |n|
+ name = Faker::Name.name
+ email = "example-#{n+1}@railstutorial.org"
+ password = "password"
+ User.create!(:name => name,
+ :email => email,
+ :password => password,
+ :password_confirmation => password)
+ end
+ end
+end
+
diff --git a/public/stylesheets/custom.css b/public/stylesheets/custom.css
index ae3086c..b8a8d69 100644
--- a/public/stylesheets/custom.css
+++ b/public/stylesheets/custom.css
@@ -179,3 +179,11 @@ div.field, div.actions {
list-style: square;
}
+ul.users {
+ margin-top: lem
+}
+
+.users li {
+ list-style: none;
+}
+