Sutty/trabajo-afectivo
5
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
trabajo-afectivo/app/controllers/users_controller.rb

637 lines
14 KiB
Ruby
Raw Normal View History

Updated header.
2014-02-03 19:24:49 +00:00
# Copyright (C) 2012-2014 Zammad Foundation, http://zammad-foundation.org/
Code reformattingand code layout beautying.
2013-06-12 15:59:58 +00:00
Init version.
2012-04-10 14:06:46 +00:00
class UsersController < ApplicationController
Init version pf password reset.
2012-04-23 06:55:16 +00:00
before_filter :authentication_check, :except => [:create, :password_reset_send, :password_reset_verify]
Init version.
2012-04-10 14:06:46 +00:00
Rewrite for form generation. Added REST docu. Moved api to /api/*.
2012-09-20 12:08:02 +00:00
=begin
Code reformattingand code layout beautying.
2013-06-12 15:59:58 +00:00
Rewrite for form generation. Added REST docu. Moved api to /api/*.
2012-09-20 12:08:02 +00:00
Format:
JSON
Example:
{
"id":2,
"organization_id":null,
"login":"m@edenhofer.de",
"firstname":"Marti",
"lastname":"Ede",
"email":"m@edenhofer.de",
Moved to new twitter lib.
2013-11-19 10:04:46 +00:00
"image_source":"http://www.gravatar.com/avatar/1c38b099f2344976005de69965733465?s=48",
Rewrite for form generation. Added REST docu. Moved api to /api/*.
2012-09-20 12:08:02 +00:00
"web":"http://127.0.0.1",
"password":"123",
"phone":"112",
"fax":"211",
"mobile":"",
"street":"",
"zip":"",
"city":"",
"country":null,
"verified":false,
"active":true,
"note":"some note",
"source":null,
"role_ids":[1,2],
"group_ids":[1,2,3,4],
}
=end
=begin
Code reformattingand code layout beautying.
2013-06-12 15:59:58 +00:00
Resource:
Added config option for REST api base path on server and on site client. Currently on both "/api/v1" is used.
2013-08-06 22:10:28 +00:00
GET /api/v1/users.json
Rewrite for form generation. Added REST docu. Moved api to /api/*.
2012-09-20 12:08:02 +00:00
Response:
[
{
"id": 1,
"login": "some_login1",
...
},
{
"id": 2,
"login": "some_login2",
...
}
]
Test:
Added config option for REST api base path on server and on site client. Currently on both "/api/v1" is used.
2013-08-06 22:10:28 +00:00
curl http://localhost/api/v1/users.json -v -u #{login}:#{password}
Code reformattingand code layout beautying.
2013-06-12 15:59:58 +00:00
Rewrite for form generation. Added REST docu. Moved api to /api/*.
2012-09-20 12:08:02 +00:00
=end
Init version.
2012-04-10 14:06:46 +00:00
def index
Improved rest permission checks.
2013-07-19 14:21:44 +00:00
# only allow customer to fetch him self
if is_role('Customer') && !is_role('Admin') && !is_role('Agent')
users = User.where( :id => current_user.id )
else
users = User.all
end
Rewrite for form generation. Added REST docu. Moved api to /api/*.
2012-09-20 12:08:02 +00:00
users_all = []
users.each {|user|
Moved to Model.lookup() for asset generation to speed up.
2014-08-13 11:32:43 +00:00
users_all.push User.lookup( :id => user.id ).attributes_with_associations
Init version.
2012-04-10 14:06:46 +00:00
}
Improved rest permission checks.
2013-07-19 14:21:44 +00:00
render :json => users_all, :status => :ok
Init version.
2012-04-10 14:06:46 +00:00
end
Rewrite for form generation. Added REST docu. Moved api to /api/*.
2012-09-20 12:08:02 +00:00
=begin
Code reformattingand code layout beautying.
2013-06-12 15:59:58 +00:00
Resource:
Added config option for REST api base path on server and on site client. Currently on both "/api/v1" is used.
2013-08-06 22:10:28 +00:00
GET /api/v1/users/1.json
Rewrite for form generation. Added REST docu. Moved api to /api/*.
2012-09-20 12:08:02 +00:00
Response:
{
"id": 1,
"login": "some_login1",
...
},
Test:
Added config option for REST api base path on server and on site client. Currently on both "/api/v1" is used.
2013-08-06 22:10:28 +00:00
curl http://localhost/api/v1/users/#{id}.json -v -u #{login}:#{password}
Rewrite for form generation. Added REST docu. Moved api to /api/*.
2012-09-20 12:08:02 +00:00
=end
Init version.
2012-04-10 14:06:46 +00:00
def show
Improved rest permission checks.
2013-07-19 14:21:44 +00:00
# access deny
if is_role('Customer') && !is_role('Admin') && !is_role('Agent')
if params[:id].to_i != current_user.id
response_access_deny
return
end
end
Moved to .full in backend, frontend and REST for models.
2014-08-13 00:12:38 +00:00
if params[:full]
full = User.full( params[:id] )
render :json => full
return
end
user = User.find( params[:id] )
Rewrite for form generation. Added REST docu. Moved api to /api/*.
2012-09-20 12:08:02 +00:00
render :json => user
Init version.
2012-04-10 14:06:46 +00:00
end
Rewrite for form generation. Added REST docu. Moved api to /api/*.
2012-09-20 12:08:02 +00:00
=begin
Resource:
Added config option for REST api base path on server and on site client. Currently on both "/api/v1" is used.
2013-08-06 22:10:28 +00:00
POST /api/v1/users.json
Rewrite for form generation. Added REST docu. Moved api to /api/*.
2012-09-20 12:08:02 +00:00
Payload:
{
"login": "some_login",
"firstname": "some firstname",
"lastname": "some lastname",
"email": "some@example.com"
}
Response:
{
"id": 1,
"login": "some_login",
...
},
Test:
Added config option for REST api base path on server and on site client. Currently on both "/api/v1" is used.
2013-08-06 22:10:28 +00:00
curl http://localhost/api/v1/users.json -v -u #{login}:#{password} -H "Content-Type: application/json" -X POST -d '{"login": "some_login","firstname": "some firstname","lastname": "some lastname","email": "some@example.com"}'
Rewrite for form generation. Added REST docu. Moved api to /api/*.
2012-09-20 12:08:02 +00:00
=end
Init version.
2012-04-10 14:06:46 +00:00
def create
Rewrite for form generation. Added REST docu. Moved api to /api/*.
2012-09-20 12:08:02 +00:00
user = User.new( User.param_cleanup(params) )
Use settings params to check if password reset and new user creation is enbled.
2013-01-08 00:43:07 +00:00
Rewrite for form generation. Added REST docu. Moved api to /api/*.
2012-09-20 12:08:02 +00:00
begin
Added new browser tests.
2013-04-21 23:03:19 +00:00
# check if it's first user
count = User.all.count()
Init version.
2012-04-10 14:06:46 +00:00
Code cleanup, we only use json as backend.
2012-04-12 11:27:01 +00:00
# if it's a signup, add user to customer role
Added new browser tests.
2013-04-21 23:03:19 +00:00
if !current_user
user.updated_by_id = 1
user.created_by_id = 1
Fixed syntax error.
2012-08-10 07:43:36 +00:00
Use settings params to check if password reset and new user creation is enbled.
2013-01-08 00:43:07 +00:00
# check if feature is enabled
if !Setting.get('user_create_account')
render :json => { :error => 'Feature not enabled!' }, :status => :unprocessable_entity
return
end
Added new browser tests.
2013-04-21 23:03:19 +00:00
# add first user as admin/agent and to all groups
Added first user also to all groups (master agent).
2012-04-13 13:51:10 +00:00
group_ids = []
role_ids = []
Code cleanup, we only use json as backend.
2012-04-12 11:27:01 +00:00
if count <= 2
Added first user also to all groups (master agent).
2012-04-13 13:51:10 +00:00
Role.where( :name => [ 'Admin', 'Agent'] ).each { |role|
role_ids.push role.id
}
Group.all().each { |group|
group_ids.push group.id
}
Fixed syntax error.
2012-08-10 07:43:36 +00:00
Code reformattingand code layout beautying.
2013-06-12 15:59:58 +00:00
# everybody else will go as customer per default
Init version.
2012-04-10 14:06:46 +00:00
else
Code cleanup, we only use json as backend.
2012-04-12 11:27:01 +00:00
role_ids.push Role.where( :name => 'Customer' ).first.id
end
Rewrite for form generation. Added REST docu. Moved api to /api/*.
2012-09-20 12:08:02 +00:00
user.role_ids = role_ids
user.group_ids = group_ids
Code cleanup, we only use json as backend.
2012-04-12 11:27:01 +00:00
Code reformattingand code layout beautying.
2013-06-12 15:59:58 +00:00
# else do assignment as defined
Code cleanup, we only use json as backend.
2012-04-12 11:27:01 +00:00
else
if params[:role_ids]
Rewrite for form generation. Added REST docu. Moved api to /api/*.
2012-09-20 12:08:02 +00:00
user.role_ids = params[:role_ids]
Init version.
2012-04-10 14:06:46 +00:00
end
Code cleanup, we only use json as backend.
2012-04-12 11:27:01 +00:00
if params[:group_ids]
Rewrite for form generation. Added REST docu. Moved api to /api/*.
2012-09-20 12:08:02 +00:00
user.group_ids = params[:group_ids]
Code cleanup, we only use json as backend.
2012-04-12 11:27:01 +00:00
end
end
Fixed syntax error.
2012-08-10 07:43:36 +00:00
Added duplicate email check.
2013-01-20 01:27:47 +00:00
# check if user already exists
if user.email
exists = User.where( :email => user.email ).first
if exists
render :json => { :error => 'User already exists!' }, :status => :unprocessable_entity
return
end
end
Some datables cleanups.
2012-11-06 21:43:13 +00:00
user.save
Improved default route for ui controller.
2013-03-19 00:46:49 +00:00
# if first user set init done
if count <= 2
Setting.create_or_update(
:title => 'System Init Done',
:name => 'system_init_done',
:area => 'Core',
:description => 'Defines if application is in init mode.',
:options => {},
:state => true,
:frontend => true
)
end
Fixed user invitation.
2013-01-03 10:47:39 +00:00
# send inviteation if needed / only if session exists
if params[:invite] && current_user
Fixed syntax error.
2012-08-10 07:43:36 +00:00
Added user invitation email support.
2013-01-03 09:39:33 +00:00
# generate token
token = Token.create( :action => 'PasswordReset', :user_id => user.id )
# send mail
data = {}
data[:subject] = 'Invitation to #{config.product_name} at #{config.fqdn}'
Fixed typo in text.
2013-01-03 10:53:11 +00:00
data[:body] = 'Hi #{user.firstname},
Added user invitation email support.
2013-01-03 09:39:33 +00:00
Init version of new installer.
2014-10-22 21:00:11 +00:00
I (#{current_user.firstname} #{current_user.lastname}) invite you to #{config.product_name} - the customer support / ticket system platform.
Code reformattingand code layout beautying.
2013-06-12 15:59:58 +00:00
Click on the following link and set your password:
Added user invitation email support.
2013-01-03 09:39:33 +00:00
Code reformattingand code layout beautying.
2013-06-12 15:59:58 +00:00
#{config.http_type}://#{config.fqdn}/#password_reset_verify/#{token.name}
Added user invitation email support.
2013-01-03 09:39:33 +00:00
Code reformattingand code layout beautying.
2013-06-12 15:59:58 +00:00
Enjoy,
Added user invitation email support.
2013-01-03 09:39:33 +00:00
Code reformattingand code layout beautying.
2013-06-12 15:59:58 +00:00
#{current_user.firstname} #{current_user.lastname}
Added user invitation email support.
2013-01-03 09:39:33 +00:00
Code reformattingand code layout beautying.
2013-06-12 15:59:58 +00:00
Your #{config.product_name} Team
'
Added user invitation email support.
2013-01-03 09:39:33 +00:00
# prepare subject & body
[:subject, :body].each { |key|
data[key.to_sym] = NotificationFactory.build(
Added unit tests for notification template generation (e. g. for emails). Added translation tags i18n('some text') ot i18n(ticket.ticket_state.name) will be translated to frontend locale of recipient. Fixed #26.
2013-01-04 14:28:55 +00:00
:locale => user.locale,
Added user invitation email support.
2013-01-03 09:39:33 +00:00
:string => data[key.to_sym],
:objects => {
:token => token,
:user => user,
:current_user => current_user,
}
)
}
Code reformattingand code layout beautying.
2013-06-12 15:59:58 +00:00
Added user invitation email support.
2013-01-03 09:39:33 +00:00
# send notification
NotificationFactory.send(
:recipient => user,
:subject => data[:subject],
:body => data[:body]
)
Init version.
2012-04-10 14:06:46 +00:00
end
Added user invitation email support.
2013-01-03 09:39:33 +00:00
Moved to .full in backend, frontend and REST for models.
2014-08-13 00:12:38 +00:00
user_new = User.find( user.id )
Moved to reworked template processing. Added organization to user model.
2012-10-16 09:46:22 +00:00
render :json => user_new, :status => :created
Rewrite for form generation. Added REST docu. Moved api to /api/*.
2012-09-20 12:08:02 +00:00
rescue Exception => e
render :json => { :error => e.message }, :status => :unprocessable_entity
Init version.
2012-04-10 14:06:46 +00:00
end
end
Rewrite for form generation. Added REST docu. Moved api to /api/*.
2012-09-20 12:08:02 +00:00
=begin
Resource:
Added config option for REST api base path on server and on site client. Currently on both "/api/v1" is used.
2013-08-06 22:10:28 +00:00
PUT /api/v1/users/#{id}.json
Rewrite for form generation. Added REST docu. Moved api to /api/*.
2012-09-20 12:08:02 +00:00
Payload:
{
"login": "some_login",
"firstname": "some firstname",
"lastname": "some lastname",
"email": "some@example.com"
}
Response:
{
"id": 2,
"login": "some_login",
...
},
Test:
Added config option for REST api base path on server and on site client. Currently on both "/api/v1" is used.
2013-08-06 22:10:28 +00:00
curl http://localhost/api/v1/users/2.json -v -u #{login}:#{password} -H "Content-Type: application/json" -X PUT -d '{"login": "some_login","firstname": "some firstname","lastname": "some lastname","email": "some@example.com"}'
Rewrite for form generation. Added REST docu. Moved api to /api/*.
2012-09-20 12:08:02 +00:00
=end
Init version.
2012-04-10 14:06:46 +00:00
def update
Added new browser tests.
2013-04-21 23:03:19 +00:00
# allow user to update him self
if is_role('Customer') && !is_role('Admin') && !is_role('Agent')
Improved rest permission checks.
2013-07-19 14:21:44 +00:00
if params[:id] != current_user.id
response_access_deny
return
end
Added new browser tests.
2013-04-21 23:03:19 +00:00
end
user = User.find( params[:id] )
Init version.
2012-04-10 14:06:46 +00:00
Rewrite for form generation. Added REST docu. Moved api to /api/*.
2012-09-20 12:08:02 +00:00
begin
Code reformattingand code layout beautying.
2013-06-12 15:59:58 +00:00
Rewrite for form generation. Added REST docu. Moved api to /api/*.
2012-09-20 12:08:02 +00:00
user.update_attributes( User.param_cleanup(params) )
Added new browser tests.
2013-04-21 23:03:19 +00:00
# only allow Admin's and Agent's
if is_role('Admin') && is_role('Agent') && params[:role_ids]
Rewrite for form generation. Added REST docu. Moved api to /api/*.
2012-09-20 12:08:02 +00:00
user.role_ids = params[:role_ids]
Code cleanup, we only use json as backend.
2012-04-12 11:27:01 +00:00
end
Added new browser tests.
2013-04-21 23:03:19 +00:00
# only allow Admin's
if is_role('Admin') && params[:group_ids]
Rewrite for form generation. Added REST docu. Moved api to /api/*.
2012-09-20 12:08:02 +00:00
user.group_ids = params[:group_ids]
Init version.
2012-04-10 14:06:46 +00:00
end
Added new browser tests.
2013-04-21 23:03:19 +00:00
# only allow Admin's and Agent's
if is_role('Admin') && is_role('Agent') && params[:organization_ids]
Rewrite for form generation. Added REST docu. Moved api to /api/*.
2012-09-20 12:08:02 +00:00
user.organization_ids = params[:organization_ids]
Do not give any password to frontend. Only keep them in rest storage. Use old password if no new one is given.
2012-04-20 15:39:50 +00:00
end
Added new browser tests.
2013-04-21 23:03:19 +00:00
# get new data
Moved to .full in backend, frontend and REST for models.
2014-08-13 00:12:38 +00:00
user_new = User.find( params[:id] )
Moved to reworked template processing. Added organization to user model.
2012-10-16 09:46:22 +00:00
render :json => user_new, :status => :ok
Rewrite for form generation. Added REST docu. Moved api to /api/*.
2012-09-20 12:08:02 +00:00
rescue Exception => e
render :json => { :error => e.message }, :status => :unprocessable_entity
Init version.
2012-04-10 14:06:46 +00:00
end
end
Added config option for REST api base path on server and on site client. Currently on both "/api/v1" is used.
2013-08-06 22:10:28 +00:00
# DELETE /api/v1/users/1
Init version.
2012-04-10 14:06:46 +00:00
def destroy
Moved to new memory management, http://blog.alexmaccaw.com/jswebapps-memory-management
2013-07-23 16:45:28 +00:00
return if deny_if_not_role('Admin')
Rewrite for form generation. Added REST docu. Moved api to /api/*.
2012-09-20 12:08:02 +00:00
model_destory_render(User, params)
end
Init version.
2012-04-10 14:06:46 +00:00
Added config option for REST api base path on server and on site client. Currently on both "/api/v1" is used.
2013-08-06 22:10:28 +00:00
# GET /api/v1/users/search
Rewrite for form generation. Added REST docu. Moved api to /api/*.
2012-09-20 12:08:02 +00:00
def search
Init version of ticket search.
2012-11-14 01:05:53 +00:00
Improved rest permission checks.
2013-07-19 14:21:44 +00:00
if is_role('Customer') && !is_role('Admin') && !is_role('Agent')
response_access_deny
return
end
Added user search.
2014-09-24 23:12:23 +00:00
query_params = {
Init version of new search.
2013-05-21 22:30:09 +00:00
:query => params[:term],
:limit => params[:limit],
:current_user => current_user,
Added user search.
2014-09-24 23:12:23 +00:00
}
if params[:role_ids] && !params[:role_ids].empty?
query_params[:role_ids] = params[:role_ids]
end
# do query
user_all = User.search(query_params)
Init version of ticket search.
2012-11-14 01:05:53 +00:00
Rewrite for form generation. Added REST docu. Moved api to /api/*.
2012-09-20 12:08:02 +00:00
# build result list
Added user search.
2014-09-24 23:12:23 +00:00
if !params[:full]
users = []
user_all.each { |user|
realname = user.firstname.to_s + ' ' + user.lastname.to_s
if user.email && user.email.to_s != ''
realname = realname + ' <' + user.email.to_s + '>'
end
a = { :id => user.id, :label => realname, :value => realname }
users.push a
}
# return result
render :json => users
return
Rewrite for form generation. Added REST docu. Moved api to /api/*.
2012-09-20 12:08:02 +00:00
end
Added user search.
2014-09-24 23:12:23 +00:00
user_ids = []
assets = {}
user_all.each { |user|
assets = user.assets(assets)
user_ids.push user.id
}
Rewrite for form generation. Added REST docu. Moved api to /api/*.
2012-09-20 12:08:02 +00:00
# return result
Added user search.
2014-09-24 23:12:23 +00:00
render :json => {
:assets => assets,
fixed: removed duplicate shown users in user list (user management) because seach is by role / group and the same users are returned multiple times.
2014-10-09 19:54:02 +00:00
:user_ids => user_ids.uniq,
Added user search.
2014-09-24 23:12:23 +00:00
}
Init version.
2012-04-10 14:06:46 +00:00
end
Init version pf password reset.
2012-04-23 06:55:16 +00:00
Init version of user zoom.
2013-10-21 19:00:58 +00:00
# GET /api/v1/users/history/1
def history
# permissin check
if !is_role('Admin') && !is_role('Agent')
response_access_deny
return
end
# get user data
user = User.find( params[:id] )
# get history of user
history = user.history_get(true)
# return result
render :json => history
end
Rewrite for form generation. Added REST docu. Moved api to /api/*.
2012-09-20 12:08:02 +00:00
=begin
Resource:
Added config option for REST api base path on server and on site client. Currently on both "/api/v1" is used.
2013-08-06 22:10:28 +00:00
POST /api/v1/users/password_reset
Rewrite for form generation. Added REST docu. Moved api to /api/*.
2012-09-20 12:08:02 +00:00
Payload:
{
"username": "some user name"
}
Response:
{
:message => 'ok'
}
Test:
Added config option for REST api base path on server and on site client. Currently on both "/api/v1" is used.
2013-08-06 22:10:28 +00:00
curl http://localhost/api/v1/users/password_reset.json -v -u #{login}:#{password} -H "Content-Type: application/json" -X POST -d '{"username": "some_username"}'
Rewrite for form generation. Added REST docu. Moved api to /api/*.
2012-09-20 12:08:02 +00:00
=end
Init version pf password reset.
2012-04-23 06:55:16 +00:00
def password_reset_send
Use settings params to check if password reset and new user creation is enbled.
2013-01-08 00:43:07 +00:00
# check if feature is enabled
if !Setting.get('user_lost_password')
render :json => { :error => 'Feature not enabled!' }, :status => :unprocessable_entity
return
end
Init version pf password reset.
2012-04-23 06:55:16 +00:00
success = User.password_reset_send( params[:username] )
if success
render :json => { :message => 'ok' }, :status => :ok
else
render :json => { :message => 'failed' }, :status => :unprocessable_entity
end
end
Rewrite for form generation. Added REST docu. Moved api to /api/*.
2012-09-20 12:08:02 +00:00
=begin
Resource:
Added config option for REST api base path on server and on site client. Currently on both "/api/v1" is used.
2013-08-06 22:10:28 +00:00
POST /api/v1/users/password_reset_verify
Rewrite for form generation. Added REST docu. Moved api to /api/*.
2012-09-20 12:08:02 +00:00
Payload:
{
"token": "SoMeToKeN",
"password" "new_password"
}
Response:
{
:message => 'ok'
}
Test:
Added config option for REST api base path on server and on site client. Currently on both "/api/v1" is used.
2013-08-06 22:10:28 +00:00
curl http://localhost/api/v1/users/password_reset_verify.json -v -u #{login}:#{password} -H "Content-Type: application/json" -X POST -d '{"token": "SoMeToKeN", "password" "new_password"}'
Rewrite for form generation. Added REST docu. Moved api to /api/*.
2012-09-20 12:08:02 +00:00
=end
Init version pf password reset.
2012-04-23 06:55:16 +00:00
def password_reset_verify
Improved password reset feature.
2012-04-23 16:59:35 +00:00
if params[:password]
Added auto login after password reset.
2013-01-03 12:00:55 +00:00
user = User.password_reset_via_token( params[:token], params[:password] )
Improved password reset feature.
2012-04-23 16:59:35 +00:00
else
Added auto login after password reset.
2013-01-03 12:00:55 +00:00
user = User.password_reset_check( params[:token] )
Improved password reset feature.
2012-04-23 16:59:35 +00:00
end
Added auto login after password reset.
2013-01-03 12:00:55 +00:00
if user
render :json => { :message => 'ok', :user_login => user.login }, :status => :ok
Init version pf password reset.
2012-04-23 06:55:16 +00:00
else
render :json => { :message => 'failed' }, :status => :unprocessable_entity
end
end
Added password change to profile page.
2013-02-10 21:38:35 +00:00
=begin
Resource:
Added config option for REST api base path on server and on site client. Currently on both "/api/v1" is used.
2013-08-06 22:10:28 +00:00
POST /api/v1/users/password_change
Added password change to profile page.
2013-02-10 21:38:35 +00:00
Payload:
{
"password_old": "some_password_old",
Added preferences language feature.
2013-02-12 00:56:23 +00:00
"password_new": "some_password_new"
Added password change to profile page.
2013-02-10 21:38:35 +00:00
}
Response:
{
:message => 'ok'
}
Test:
Added config option for REST api base path on server and on site client. Currently on both "/api/v1" is used.
2013-08-06 22:10:28 +00:00
curl http://localhost/api/v1/users/password_change.json -v -u #{login}:#{password} -H "Content-Type: application/json" -X POST -d '{"password_old": "password_old", "password_new": "password_new"}'
Added password change to profile page.
2013-02-10 21:38:35 +00:00
=end
def password_change
# check old password
if !params[:password_old]
render :json => { :message => 'Old password needed!' }, :status => :unprocessable_entity
Code reformattingand code layout beautying.
2013-06-12 15:59:58 +00:00
return
Added password change to profile page.
2013-02-10 21:38:35 +00:00
end
user = User.authenticate( current_user.login, params[:password_old] )
if !user
render :json => { :message => 'Old password is wrong!' }, :status => :unprocessable_entity
Code reformattingand code layout beautying.
2013-06-12 15:59:58 +00:00
return
Added password change to profile page.
2013-02-10 21:38:35 +00:00
end
# set new password
if !params[:password_new]
render :json => { :message => 'New password needed!' }, :status => :unprocessable_entity
Code reformattingand code layout beautying.
2013-06-12 15:59:58 +00:00
return
Added password change to profile page.
2013-02-10 21:38:35 +00:00
end
user.update_attributes( :password => params[:password_new] )
render :json => { :message => 'ok', :user_login => user.login }, :status => :ok
end
Added preferences language feature.
2013-02-12 00:56:23 +00:00
=begin
Resource:
Added config option for REST api base path on server and on site client. Currently on both "/api/v1" is used.
2013-08-06 22:10:28 +00:00
PUT /api/v1/users/preferences.json
Added preferences language feature.
2013-02-12 00:56:23 +00:00
Payload:
{
"language": "de",
"notification": true
}
Response:
{
:message => 'ok'
}
Test:
Added config option for REST api base path on server and on site client. Currently on both "/api/v1" is used.
2013-08-06 22:10:28 +00:00
curl http://localhost/api/v1/users/preferences.json -v -u #{login}:#{password} -H "Content-Type: application/json" -X PUT -d '{"language": "de", "notifications": true}'
Added preferences language feature.
2013-02-12 00:56:23 +00:00
=end
def preferences
if !current_user
render :json => { :message => 'No current user!' }, :status => :unprocessable_entity
Code reformattingand code layout beautying.
2013-06-12 15:59:58 +00:00
return
Added preferences language feature.
2013-02-12 00:56:23 +00:00
end
if params[:user]
params[:user].each {|key, value|
current_user.preferences[key.to_sym] = value
}
end
current_user.save
render :json => { :message => 'ok' }, :status => :ok
end
Added support for link/unlick external auth sources.
2013-02-12 22:37:04 +00:00
=begin
Resource:
Added config option for REST api base path on server and on site client. Currently on both "/api/v1" is used.
2013-08-06 22:10:28 +00:00
DELETE /api/v1/users/account.json
Added support for link/unlick external auth sources.
2013-02-12 22:37:04 +00:00
Payload:
{
"provider": "twitter",
"uid": 581482342942
}
Response:
{
:message => 'ok'
}
Test:
Added config option for REST api base path on server and on site client. Currently on both "/api/v1" is used.
2013-08-06 22:10:28 +00:00
curl http://localhost/api/v1/users/account.json -v -u #{login}:#{password} -H "Content-Type: application/json" -X PUT -d '{"provider": "twitter", "uid": 581482342942}'
Added support for link/unlick external auth sources.
2013-02-12 22:37:04 +00:00
=end
def account_remove
if !current_user
render :json => { :message => 'No current user!' }, :status => :unprocessable_entity
Code reformattingand code layout beautying.
2013-06-12 15:59:58 +00:00
return
Added support for link/unlick external auth sources.
2013-02-12 22:37:04 +00:00
end
# provider + uid to remove
if !params[:provider]
render :json => { :message => 'provider needed!' }, :status => :unprocessable_entity
Code reformattingand code layout beautying.
2013-06-12 15:59:58 +00:00
return
Added support for link/unlick external auth sources.
2013-02-12 22:37:04 +00:00
end
if !params[:uid]
render :json => { :message => 'uid needed!' }, :status => :unprocessable_entity
Code reformattingand code layout beautying.
2013-06-12 15:59:58 +00:00
return
Added support for link/unlick external auth sources.
2013-02-12 22:37:04 +00:00
end
# remove from database
record = Authorization.where(
:user_id => current_user.id,
:provider => params[:provider],
:uid => params[:uid],
)
if !record.first
render :json => { :message => 'No record found!' }, :status => :unprocessable_entity
Code reformattingand code layout beautying.
2013-06-12 15:59:58 +00:00
return
Added support for link/unlick external auth sources.
2013-02-12 22:37:04 +00:00
end
record.destroy_all
render :json => { :message => 'ok' }, :status => :ok
end
Improved fetching of records (race conditions).
2013-11-02 21:32:00 +00:00
=begin
Resource:
GET /api/v1/users/image/8d6cca1c6bdc226cf2ba131e264ca2c7
Response:
<IMAGE>
Test:
curl http://localhost/api/v1/users/image/8d6cca1c6bdc226cf2ba131e264ca2c7 -v -u #{login}:#{password}
=end
def image
# cache image
response.headers['Expires'] = 1.year.from_now.httpdate
response.headers["Cache-Control"] = "cache, store, max-age=31536000, must-revalidate"
response.headers["Pragma"] = "cache"
user = User.where( :image => params[:hash] ).first
if user
Added unit tests to test user avatars.
2014-07-27 11:40:42 +00:00
image = user.get_image
send_data(
image[:content],
:filename => image[:filename],
:type => image[:content_type],
:disposition => 'inline'
)
return
Improved fetching of records (race conditions).
2013-11-02 21:32:00 +00:00
end
Added unit tests to test user avatars.
2014-07-27 11:40:42 +00:00
render :json => {}, :status => 404
Improved fetching of records (race conditions).
2013-11-02 21:32:00 +00:00
end
Init version.
2012-04-10 14:06:46 +00:00
end
Reference in a new issue Copy permalink