Done with user edit/update, index and destroy actions

Gemfile

@@ -6,12 +6,13 @@ gem 'rails', '3.0.0'
 # gem 'rails', :git => 'git://github.com/rails/rails.git'
 
 gem 'sqlite3-ruby', :require => 'sqlite3'
-
 gem 'gravatar_image_tag', '0.1.0'
+gem 'will_paginate', '3.0.pre2'
 
 group :development do
 	gem 'rspec-rails', '2.0.1'
 	gem 'annotate-models', '1.0.4'
+	gem 'faker', '0.3.1'
 end
 
 group :test do

Gemfile.lock

@@ -39,6 +39,7 @@ GEM
     factory_girl_rails (1.0)
       factory_girl (~> 1.3)
       rails (>= 3.0.0.beta4)
+    faker (0.3.1)
     gravatar_image_tag (0.1.0)
     i18n (0.4.2)
     mail (2.2.15)
@@ -91,16 +92,19 @@ GEM
       nokogiri (>= 1.2.0)
       rack (>= 1.0)
       rack-test (>= 0.5.3)
+    will_paginate (3.0.pre2)
 
 PLATFORMS
   ruby
 
 DEPENDENCIES
   annotate-models (= 1.0.4)
   factory_girl_rails (= 1.0)
+  faker (= 0.3.1)
   gravatar_image_tag (= 0.1.0)
   rails (= 3.0.0)
   rspec (= 2.0.1)
   rspec-rails (= 2.0.1)
   sqlite3-ruby
   webrat (= 0.7.1)
+  will_paginate (= 3.0.pre2)

app/controllers/sessions_controller.rb

@@ -12,7 +12,7 @@ def create
       render 'new'
 	else
 	  sign_in user
-	  redirect_to user
+	  redirect_back_or user
 	end
   end
 

app/controllers/users_controller.rb

@@ -1,9 +1,18 @@
 class UsersController < ApplicationController
+  before_filter :authenticate, :only => [:index, :edit, :update, :destroy]
+  before_filter :correct_user, :only => [:edit, :update]
+  before_filter :admin_user, :only => :destroy
+
   def new
 	@user = User.new
   	@title = "Sign up"
   end
 
+  def index
+	@title = "All users"
+	@users = User.paginate(:page => params[:page])
+  end
+
   def show
   	@user = User.find(params[:id])
 	@title = @user.name
@@ -19,5 +28,43 @@ def create
 	  @title = "Sign up"
 	  render 'new'
 	end
-  end	
+  end
+
+  def edit
+	#@user = User.find(params[:id])
+	@title = "Edit user"
+  end
+
+  def update
+	#@user = User.find(params[:id])
+	if @user.update_attributes(params[:user])
+	  flash[:success] = "Profile updated."
+	  redirect_to @user
+	else
+	  @title = "Edit user"
+	  render 'edit'
+	end
+  end
+
+  def destroy
+	User.find(params[:id]).destroy
+	flash[:success] = "User destroyed."
+	redirect_to users_path
+  end
+
+  private
+
+    def authenticate
+	  deny_access unless signed_in?
+	end
+
+	def correct_user
+	  @user = User.find(params[:id])
+	  redirect_to(root_path) unless current_user?(@user)
+	end
+
+	def admin_user
+	  redirect_to(root_path) unless current_user.admin?
+	end
+
 end

app/helpers/sessions_helper.rb

@@ -22,6 +22,20 @@ def sign_out
 	current_user = nil
   end
 
+  def current_user?(user)
+	user == current_user
+  end
+
+  def deny_access
+    store_location
+	redirect_to signin_path, :notice => "Please sign in to access this page."
+  end
+
+  def redirect_back_or(default)
+	redirect_to(session[:return_to] || default)
+	clear_return_to
+  end
+
   private
 
 	def user_from_remember_token
@@ -31,4 +45,12 @@ def user_from_remember_token
 	def remember_token
 	  cookies.signed[:remember_token] || [nil, nil]
 	end
+
+	def store_location
+	  session[:return_to] = request.fullpath
+	end
+
+	def clear_return_to
+	  session[:return_to] = nil
+	end
  end

app/views/layouts/_header.html.erb

@@ -4,7 +4,9 @@
 		<ul>
 			<li><%= link_to "Home", root_path %></li>
 			<% if signed_in? %>
+			<li><%= link_to "Users", users_path %></li>
 			<li><%= link_to "Profile", current_user %></li>
+			<li><%= link_to "Settings", edit_user_path(current_user) %></li>
 			<% end %>
 			<li><%= link_to "Help", help_path %></li>
 			<% if signed_in? %>

app/views/layouts/application.html.erb

@@ -4,6 +4,7 @@
     <title><%= title %></title>
     <%= csrf_meta_tag %>
     <%= render 'layouts/stylesheets' %>
+	<%= javascript_include_tag :defaults %>
   </head>
   <body>
   	<div class="container">

app/views/shared/_error_messages.html.erb

@@ -1,7 +1,8 @@
 <% if @user.errors.any? %>
   <div id="error_explanation">
 	<h2><%= pluralize(@user.errors.count, "error") %>
-		prohibited this user from being saved:</h2>
+		prohibited this <%= object.class.to_s.underscore.humanize.downcase %>
+		from being saved:</h2>
 	<p>There were problems with the following fields:</p>
 	<ul>
 	<% @user.errors.full_messages.each do |msg| %>

app/views/users/_user.html.erb

@@ -0,0 +1,8 @@
+<li>
+  <%= gravatar_for user, :size => 30 %>
+  <%= link_to user.name, user %>
+  <% if current_user.admin? %>
+| <%= link_to "delete", user, :method => :delete, :confirm => "You sure?",
+								:title => "Delete #{user.name}" %>
+<% end %>
+</li>

app/views/users/edit.html.erb

@@ -0,0 +1,28 @@
+<h1>Edit user</h1>
+
+<%= form_for(@user) do |f| %>
+  <%= render 'shared/error_messages', :object => f.object %>
+  <div class="field">
+	<%= f.label :name %><br />
+	<%= f.text_field :name %>
+  </div>
+  <div class="field">
+	<%= f.label :email %><br />
+	<%= f.text_field :email %>
+  </div>
+  <div class="field">
+	<%= f.label :password %><br />
+	<%= f.password_field :password %>
+  </div>
+  <div class="field">
+	<%= f.label :password_confirmation, "Confirmation" %><br />
+	<%= f.password_field :password_confirmation %>
+  </div>
+  <div class="actions">
+	<%= f.submit "Update" %>
+  </div>
+<% end %>
+<div>
+  <%= gravatar_for @user %>
+  <a href="http://gravatar.com/emails">change</a>
+</div>

app/views/users/index.html.erb

@@ -0,0 +1,9 @@
+<h1>All users</h1>
+
+<%= will_paginate %>
+
+  <ul class="users">
+	<%= render @users %>
+  </ul>
+
+<%= will_paginate %>

app/views/users/new.html.erb

@@ -1,7 +1,7 @@
 <h1>Sign up</h1>
 
 <%= form_for(@user) do |f| %>
-  <%= render 'shared/error_messages' %>
+  <%= render 'shared/error_messages', :object => f.object %>
   <div class="field">
 	<%= f.label :name %><br />
 	<%= f.text_field :name %>

db/migrate/20110508235604_add_admin_to_users.rb

@@ -0,0 +1,9 @@
+class AddAdminToUsers < ActiveRecord::Migration
+  def self.up
+    add_column :users, :admin, :boolean, :default => false
+  end
+
+  def self.down
+    remove_column :users, :admin
+  end
+end

db/schema.rb

@@ -10,7 +10,7 @@
 #
 # It's strongly recommended to check this file into your version control system.
 
-ActiveRecord::Schema.define(:version => 20110422040429) do
+ActiveRecord::Schema.define(:version => 20110508235604) do
 
   create_table "users", :force => true do |t|
     t.string   "name"
@@ -19,6 +19,7 @@
     t.datetime "updated_at"
     t.string   "encrypted_password"
     t.string   "salt"
+    t.boolean  "admin",              :default => false
   end
 
   add_index "users", ["email"], :name => "index_users_on_email", :unique => true

lib/tasks/sample_data.rake

@@ -0,0 +1,22 @@
+require 'faker'
+
+namespace :db do
+  desc "Fill database with sample data"
+  task :populate => :environment do
+	Rake::Task['db:reset'].invoke
+	admin = User.create!(:name => "Example User",
+				:email => "example@railstutorial.org",
+				:password => "foobar",
+				:password_confirmation => "foobar")
+	admin.toggle!(:admin)
+	99.times do |n|
+	  name = Faker::Name.name
+	  email = "example-#{n+1}@railstutorial.org"
+	  password = "password"
+	  User.create!(:name => name,
+					:email => email,
+					:password => password,
+					:password_confirmation => password)
+	end
+  end
+end

public/stylesheets/custom.css

@@ -146,6 +146,16 @@ div.field, div.actions {
 	margin-bottom: 10px;
 }
 
+/* User index page */
+
+ul.users {
+	margin-top: 1em;
+}
+
+.users li {
+	list-style: none;
+}
+
 /* Error Messages */