Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Remove Admin::UsersController

Moved banner functionality to Admin::BannersController
  • Loading branch information...
commit 3d496cebc254e483ffb3494e31128f57377d0e8a 1 parent 1093674
Ryan Bigg radar authored
12 core/app/controllers/spree/admin/banners_controller.rb
View
@@ -0,0 +1,12 @@
+module Spree
+ module Admin
+ class BannersController < Spree::Admin::BaseController
+ def dismiss
+ if request.xhr? and params[:id]
+ spree_current_user.dismiss_banner(params[:id])
+ render :nothing => true
+ end
+ end
+ end
+ end
+end
68 core/app/controllers/spree/admin/users_controller.rb
View
@@ -1,68 +0,0 @@
-module Spree
- module Admin
- class UsersController < ResourceController
-
- # http://spreecommerce.com/blog/2010/11/02/json-hijacking-vulnerability/
- before_filter :check_json_authenticity, :only => :index
-
- def index
- respond_with(@collection) do |format|
- format.html
- format.json { render :json => json_data }
- end
- end
-
- def dismiss_banner
- if request.xhr? and params[:banner_id]
- spree_current_user.dismiss_banner(params[:banner_id])
- render :nothing => true
- end
- end
-
- protected
-
- def collection
- return @collection if @collection.present?
- unless request.xhr?
- @search = Spree::User.registered.ransack(params[:q])
- @collection = @search.result.page(params[:page]).per(Spree::Config[:admin_products_per_page])
- else
- #disabling proper nested include here due to rails 3.1 bug
- #@collection = User.includes(:bill_address => [:state, :country], :ship_address => [:state, :country]).
- @collection = Spree::User.includes(:bill_address, :ship_address).
- where("spree_users.email #{LIKE} :search
- OR (spree_addresses.firstname #{LIKE} :search AND spree_addresses.id = spree_users.bill_address_id)
- OR (spree_addresses.lastname #{LIKE} :search AND spree_addresses.id = spree_users.bill_address_id)
- OR (spree_addresses.firstname #{LIKE} :search AND spree_addresses.id = spree_users.ship_address_id)
- OR (spree_addresses.lastname #{LIKE} :search AND spree_addresses.id = spree_users.ship_address_id)",
- { :search => "#{params[:q].strip}%" }).
- limit(params[:limit] || 100)
- end
- end
-
- private
-
- # handling raise from Admin::ResourceController#destroy
- def user_destroy_with_orders_error
- invoke_callbacks(:destroy, :fails)
- render :status => :forbidden, :text => t(:error_user_destroy_with_orders)
- end
-
- # Allow different formats of json data to suit different ajax calls
- def json_data
- json_format = params[:json_format] or 'default'
- case json_format
- when 'basic'
- collection.map { |u| { 'id' => u.id, 'name' => u.email } }.to_json
- else
- address_fields = [:firstname, :lastname, :address1, :address2, :city, :zipcode, :phone, :state_name, :state_id, :country_id]
- includes = { :only => address_fields , :include => { :state => { :only => :name }, :country => { :only => :name } } }
-
- collection.to_json(:only => [:id, :email], :include =>
- { :bill_address => includes, :ship_address => includes })
- end
- end
-
- end
- end
-end
2  core/app/models/spree/user.rb
View
@@ -1,8 +1,6 @@
# Default implementation of User. This class is intended to be modified by extensions (ex. spree_auth_devise)
module Spree
class User < ActiveRecord::Base
- include Core::UserBanners
-
attr_accessible :email, :password, :password_confirmation
has_many :orders
19 core/app/views/spree/admin/users/_form.html.erb
View
@@ -1,19 +0,0 @@
-<div data-hook="admin_user_form_fields">
- <%= f.field_container :email do %>
- <%= f.label :email, t(:email) %><br />
- <%= f.email_field :email %>
- <%= error_message_on :user, :email %>
- <% end %>
-
- <%= f.field_container :password do %>
- <%= f.label :password, t(:password) %><br />
- <%= f.password_field :password %>
- <%= f.error_message_on :password %>
- <% end %>
-
- <%= f.field_container :password do %>
- <%= f.label :password_confirmation, t(:confirm_password) %><br />
- <%= f.password_field :password_confirmation %>
- <%= f.error_message_on :password_confirmation %>
- <% end %>
-</div>
14 core/app/views/spree/admin/users/edit.html.erb
View
@@ -1,14 +0,0 @@
-<div data-hook="admin_user_edit_form_header">
- <%= render :partial => 'spree/shared/error_messages', :locals => { :target => @user } %>
- <h1><%= t(:editing_user) %></h1>
-</div>
-
-<div data-hook="admin_user_edit_form">
- <%= form_for [:admin, @user] do |f| %>
- <%= render :partial => 'form', :locals => { :f => f } %>
-
- <div data-hook="admin_user_edit_form_button">
- <%= render :partial => 'spree/admin/shared/edit_resource_links' %>
- </div>
- <% end %>
-</div>
48 core/app/views/spree/admin/users/index.html.erb
View
@@ -1,48 +0,0 @@
-<div class="toolbar" data-hook="toolbar">
- <ul class="actions">
- <li>
- <p><%= button_link_to t(:new_user), new_object_url, :icon => 'add', :id => 'admin_new_user_link' %></p>
- </li>
- </ul>
- <br class="clear" />
-</div>
-
-<h1><%= t(:listing_users) %></h1>
-
-<table class="index" id="listing_users" data-hook>
- <thead>
- <tr data-hook="admin_users_index_headers">
- <th><%= sort_link @search,:email, t(:user), {}, {:title => 'users_email_title'} %></th>
- <th data-hook="admin_users_index_header_actions"></th>
- </tr>
- </thead>
- <tbody>
- <% @users.each do |user|%>
- <tr id="<%= spree_dom_id user %>" data-hook="admin_users_index_rows">
- <td width="350px" class='user_email'><%=link_to user.email, object_url(user) %></td>
- <td data-hook="admin_users_index_row_actions">
- <%= link_to_edit user, :class => 'edit' %> &nbsp;
- <%= link_to_delete user %>
- </td>
- </tr>
- <% end %>
- </tbody>
-</table>
-
-<%= paginate @users %>
-
-
-<% content_for :sidebar do %>
- <div class="box" data-hook="admin_users_index_search">
- <h3><%= t(:search) %></h3>
- <%= search_form_for [:admin, @search] do |f| %>
- <p>
- <%= t(:email) %><br />
- <%= f.text_field :email_cont, :size =>18 %>
- </p>
- <div data-hook="admin_users_index_search_buttons">
- <p><%= button t(:search) %></p>
- </div>
- <% end %>
- </div>
-<% end %>
14 core/app/views/spree/admin/users/new.html.erb
View
@@ -1,14 +0,0 @@
-<div data-hook="admin_user_new_form_header">
- <%= render :partial => 'spree/shared/error_messages', :locals => { :target => @user } %>
- <h1><%= t(:new_user) %></h1>
-</div>
-
-<div data-hook="admin_user_new_form">
- <%= form_for [:admin, @user] do |f| %>
- <%= render :partial => 'form', :locals => { :f => f } %>
-
- <div data-hook="admin_user_new_form_buttons">
- <%= render :partial => 'spree/admin/shared/new_resource_links' %>
- </div>
- <% end %>
-</div>
21 core/app/views/spree/admin/users/show.html.erb
View
@@ -1,21 +0,0 @@
-<h1><%= t(:user_account) %></h1>
-
-<table>
- <tr data-hook="email">
- <th><%= t(:email) %></th>
- <td>
- <%= @user.email %>
- </td>
- </tr>
- <tr data-hook="roles">
- <th><%= t(:roles) %></th>
- <td>
- <%= list_roles(@user) %>
- </td>
- </tr>
-</table>
-
-<p>
- <%= link_to_edit @user, :class => 'edit_user' %> <%= t(:or) %>
- <%= link_to t(:back), collection_url %>
-</p>
3  core/config/initializers/user_class_extensions.rb
View
@@ -1,7 +1,8 @@
Spree::Core::Engine.config.to_prepare do
if Spree.user_class
Spree.user_class.class_eval do
- has_and_belongs_to_many :roles, :join_table => 'spree_roles_users'
+ include Spree::Core::UserBanners
+ has_and_belongs_to_many :roles, :join_table => 'spree_roles_users', :foreign_key => "user_id"
# has_spree_role? simply needs to return true or false whether a user has a role or not.
def has_spree_role?(role_in_question)
5 core/config/routes.rb
View
@@ -47,13 +47,14 @@
# #this route maybe removed in the near future (no longer used by core)
# map.resources :taxons
#
+ #
namespace :admin do
resources :adjustments
resources :zones
- resources :users do
+ resources :banners do
member do
- post :dismiss_banner
+ post :dismiss
end
end
resources :countries do
41 core/spec/controllers/spree/admin/users_controller_spec.rb
View
@@ -1,41 +0,0 @@
-require 'spec_helper'
-
-describe Spree::Admin::UsersController do
- stub_authorization!
-
- context "#index" do
- it "should not allow JSON request without a valid token" do
- controller.should_receive(:protect_against_forgery?).at_least(:once).and_return(true)
- expect {
- get :index, {:format => :json}
- }.to raise_error ActionController::InvalidAuthenticityToken
- end
-
- it "should allow JSON request with missing token if forgery protection is disabled" do
- controller.should_receive(:protect_against_forgery?).at_least(:once).and_return(false)
- get :index, {:format => :json}
- response.should be_success
- end
-
- it "should allow JSON request with invalid token if forgery protection is disabled" do
- controller.should_receive(:protect_against_forgery?).at_least(:once).and_return(false)
- get :index, {:authenticity_token => "XYZZY", :format => :json}
- response.should be_success
- end
-
- it "should allow JSON request with a valid token" do
- controller.should_receive(:protect_against_forgery?).at_least(:once).and_return(true)
- controller.stub :form_authenticity_token => "123456"
- get :index, {:authenticity_token => "123456", :format => :json}
- response.should be_success
- end
-
- it "should allow JSON request when token has URL(+,&,=) characters" do
- controller.should_receive(:protect_against_forgery?).at_least(:once).and_return(true)
- controller.stub :form_authenticity_token => "1+2=3&4'5/6?"
- get :index, {:authenticity_token => "1+2%3D3%264%275/6%3F", :format => :json}
- response.should be_success
- end
-
- end
-end
Please sign in to comment.
Something went wrong with that request. Please try again.