trabajo-afectivo/app/controllers/users_controller.rb

class UsersController < ApplicationController
  before_filter :authentication_check, :except => [:create, :password_reset_send, :password_reset_verify]

=begin
 
Format:
JSON

Example:
{
  "id":2,
  "organization_id":null,
  "login":"m@edenhofer.de",
  "firstname":"Marti",
  "lastname":"Ede",
  "email":"m@edenhofer.de",
  "image":"http://www.gravatar.com/avatar/1c38b099f2344976005de69965733465?s=48",
  "web":"http://127.0.0.1",
  "password":"123",
  "phone":"112",
  "fax":"211",
  "mobile":"",
  "street":"",
  "zip":"",
  "city":"",
  "country":null,
  "verified":false,
  "active":true,
  "note":"some note",
  "source":null,
  "role_ids":[1,2],
  "group_ids":[1,2,3,4],
}

=end

=begin

Resource: 
GET /api/users.json

Response:
[
  {
    "id": 1,
    "login": "some_login1",
    ...
  },
  {
    "id": 2,
    "login": "some_login2",
    ...
  }
]

Test:
curl http://localhost/api/users.json -v -u #{login}:#{password}
  
=end

  def index
    users = User.all
    users_all = []
    users.each {|user|
      users_all.push User.user_data_full( user.id )
    }
    render :json => users_all
  end

=begin

Resource: 
GET /api/users/1.json

Response:
{
  "id": 1,
  "login": "some_login1",
  ...
},

Test:
curl http://localhost/api/users/#{id}.json -v -u #{login}:#{password}

=end

  def show
    user = User.user_data_full( params[:id] )
    render :json => user
  end

=begin

Resource:
POST /api/users.json

Payload:
{
  "login": "some_login",
  "firstname": "some firstname",
  "lastname": "some lastname",
  "email": "some@example.com"
}

Response:
{
  "id": 1,
  "login": "some_login",
  ...
},

Test:
curl http://localhost/api/users.json -v -u #{login}:#{password} -H "Content-Type: application/json" -X POST -d '{"login": "some_login","firstname": "some firstname","lastname": "some lastname","email": "some@example.com"}'

=end

  def create
    user = User.new( User.param_cleanup(params) )
    user.updated_by_id = (current_user && current_user.id) || 1
    user.created_by_id = (current_user && current_user.id) || 1
    
    begin

      # if it's a signup, add user to customer role
      if user.created_by_id == 1

        # check if it's first user
        count     = User.all.count()
        group_ids = []
        role_ids  = []

        # add first user as admin/agent and to all groups
        if count <= 2
          Role.where( :name => [ 'Admin', 'Agent'] ).each { |role|
            role_ids.push role.id
          }
          Group.all().each { |group|
            group_ids.push group.id
          }

        # everybody else will go as customer per default
        else
          role_ids.push Role.where( :name => 'Customer' ).first.id
        end
        user.role_ids  = role_ids
        user.group_ids = group_ids

      # else do assignment as defined
      else
        if params[:role_ids]
          user.role_ids = params[:role_ids]
        end
        if params[:group_ids]
          user.group_ids = params[:group_ids]
        end
      end

      user.save

      # send inviteation if needed
      if params[:invite]

#          logger.debug('IIIIIIIIIIIIIIIIIIIIIIIIIIIIII')
#          exit '123'
      end
      user_new = User.user_data_full( user.id )
      render :json => user_new, :status => :created
    rescue Exception => e
      render :json => { :error => e.message }, :status => :unprocessable_entity
    end
  end

=begin

Resource:
PUT /api/users/#{id}.json

Payload:
{
  "login": "some_login",
  "firstname": "some firstname",
  "lastname": "some lastname",
  "email": "some@example.com"
}

Response:
{
  "id": 2,
  "login": "some_login",
  ...
},

Test:
curl http://localhost/api/users/2.json -v -u #{login}:#{password} -H "Content-Type: application/json" -X PUT -d '{"login": "some_login","firstname": "some firstname","lastname": "some lastname","email": "some@example.com"}'

=end

  def update
    user = User.find(params[:id])

    begin
      user.update_attributes( User.param_cleanup(params) )
      if params[:role_ids]
        user.role_ids = params[:role_ids]
      end
      if params[:group_ids]
        user.group_ids = params[:group_ids]
      end
      if params[:organization_ids]
        user.organization_ids = params[:organization_ids]
      end
      user_new = User.user_data_full( params[:id] )
      render :json => user_new, :status => :ok
    rescue Exception => e
      render :json => { :error => e.message }, :status => :unprocessable_entity
    end
  end

  # DELETE /users/1
  def destroy
    model_destory_render(User, params)
  end

  # GET /user/search
  def search
    
    # get params
    query = params[:term]
    limit = params[:limit] || 18

    # do query
    user_all = User.find(
      :all,
      :limit      => limit,
      :conditions => ['firstname LIKE ? or lastname LIKE ? or email LIKE ?', "%#{query}%", "%#{query}%", "%#{query}%"],
      :order      => 'firstname'
    )
    
    # build result list
    users = []
    user_all.each do |user|
      realname = user.firstname.to_s + ' ' + user.lastname.to_s
      if user.email && user.email.to_s != ''
        realname = realname + ' <' +  user.email.to_s + '>'
      end
      a = { :id => user.id, :label => realname, :value => realname }
      users.push a
    end

    # return result
    render :json => users
  end

=begin

Resource:
POST /api/users/password_reset

Payload:
{
  "username": "some user name"
}

Response:
{
  :message => 'ok'
}

Test:
curl http://localhost/api/users/password_reset.json -v -u #{login}:#{password} -H "Content-Type: application/json" -X POST -d '{"username": "some_username"}'

=end

  def password_reset_send
    success = User.password_reset_send( params[:username] )
    if success
      render :json => { :message => 'ok' }, :status => :ok
    else
      render :json => { :message => 'failed' }, :status => :unprocessable_entity
    end
  end

=begin

Resource:
POST /api/users/password_reset_verify

Payload:
{
  "token": "SoMeToKeN",
  "password" "new_password"
}

Response:
{
  :message => 'ok'
}

Test:
curl http://localhost/api/users/password_reset_verify.json -v -u #{login}:#{password} -H "Content-Type: application/json" -X POST -d '{"token": "SoMeToKeN", "password" "new_password"}'

=end

  def password_reset_verify
    if params[:password]
      success = User.password_reset_via_token( params[:token], params[:password] )
    else
      success = User.password_reset_check( params[:token] )
    end
    if success
      render :json => { :message => 'ok' }, :status => :ok
    else
      render :json => { :message => 'failed' }, :status => :unprocessable_entity
    end
  end

end
Init version. 2012-04-10 14:06:46 +00:00			`class UsersController < ApplicationController`
Init version pf password reset. 2012-04-23 06:55:16 +00:00			`before_filter :authentication_check, :except => [:create, :password_reset_send, :password_reset_verify]`
Init version. 2012-04-10 14:06:46 +00:00
Rewrite for form generation. Added REST docu. Moved api to /api/*. 2012-09-20 12:08:02 +00:00			`=begin`

			`Format:`
			`JSON`

			`Example:`
			`{`
			`"id":2,`
			`"organization_id":null,`
			`"login":"m@edenhofer.de",`
			`"firstname":"Marti",`
			`"lastname":"Ede",`
			`"email":"m@edenhofer.de",`
			`"image":"http://www.gravatar.com/avatar/1c38b099f2344976005de69965733465?s=48",`
			`"web":"http://127.0.0.1",`
			`"password":"123",`
			`"phone":"112",`
			`"fax":"211",`
			`"mobile":"",`
			`"street":"",`
			`"zip":"",`
			`"city":"",`
			`"country":null,`
			`"verified":false,`
			`"active":true,`
			`"note":"some note",`
			`"source":null,`
			`"role_ids":[1,2],`
			`"group_ids":[1,2,3,4],`
			`}`

			`=end`

			`=begin`

			`Resource:`
			`GET /api/users.json`

			`Response:`
			`[`
			`{`
			`"id": 1,`
			`"login": "some_login1",`
			`...`
			`},`
			`{`
			`"id": 2,`
			`"login": "some_login2",`
			`...`
			`}`
			`]`

			`Test:`
			`curl http://localhost/api/users.json -v -u #{login}:#{password}`

			`=end`

Init version. 2012-04-10 14:06:46 +00:00			`def index`
Rewrite for form generation. Added REST docu. Moved api to /api/*. 2012-09-20 12:08:02 +00:00			`users = User.all`
			`users_all = []`
			`users.each {\|user\|`
			`users_all.push User.user_data_full( user.id )`
Init version. 2012-04-10 14:06:46 +00:00			`}`
Rewrite for form generation. Added REST docu. Moved api to /api/*. 2012-09-20 12:08:02 +00:00			`render :json => users_all`
Init version. 2012-04-10 14:06:46 +00:00			`end`

Rewrite for form generation. Added REST docu. Moved api to /api/*. 2012-09-20 12:08:02 +00:00			`=begin`

			`Resource:`
			`GET /api/users/1.json`

			`Response:`
			`{`
			`"id": 1,`
			`"login": "some_login1",`
			`...`
			`},`

			`Test:`
			`curl http://localhost/api/users/#{id}.json -v -u #{login}:#{password}`

			`=end`

Init version. 2012-04-10 14:06:46 +00:00			`def show`
Rewrite for form generation. Added REST docu. Moved api to /api/*. 2012-09-20 12:08:02 +00:00			`user = User.user_data_full( params[:id] )`
			`render :json => user`
Init version. 2012-04-10 14:06:46 +00:00			`end`

Rewrite for form generation. Added REST docu. Moved api to /api/*. 2012-09-20 12:08:02 +00:00			`=begin`

			`Resource:`
			`POST /api/users.json`

			`Payload:`
			`{`
			`"login": "some_login",`
			`"firstname": "some firstname",`
			`"lastname": "some lastname",`
			`"email": "some@example.com"`
			`}`

			`Response:`
			`{`
			`"id": 1,`
			`"login": "some_login",`
			`...`
			`},`

			`Test:`
			`curl http://localhost/api/users.json -v -u #{login}:#{password} -H "Content-Type: application/json" -X POST -d '{"login": "some_login","firstname": "some firstname","lastname": "some lastname","email": "some@example.com"}'`

			`=end`

Init version. 2012-04-10 14:06:46 +00:00			`def create`
Rewrite for form generation. Added REST docu. Moved api to /api/*. 2012-09-20 12:08:02 +00:00			`user = User.new( User.param_cleanup(params) )`
Some datables cleanups. 2012-11-06 21:43:13 +00:00			`user.updated_by_id = (current_user && current_user.id) \|\| 1`
Rewrite for form generation. Added REST docu. Moved api to /api/*. 2012-09-20 12:08:02 +00:00			`user.created_by_id = (current_user && current_user.id) \|\| 1`

			`begin`
Init version. 2012-04-10 14:06:46 +00:00
Code cleanup, we only use json as backend. 2012-04-12 11:27:01 +00:00			`# if it's a signup, add user to customer role`
Rewrite for form generation. Added REST docu. Moved api to /api/*. 2012-09-20 12:08:02 +00:00			`if user.created_by_id == 1`
Fixed syntax error. 2012-08-10 07:43:36 +00:00
Code cleanup, we only use json as backend. 2012-04-12 11:27:01 +00:00			`# check if it's first user`
Added first user also to all groups (master agent). 2012-04-13 13:51:10 +00:00			`count = User.all.count()`
			`group_ids = []`
			`role_ids = []`

			`# add first user as admin/agent and to all groups`
Code cleanup, we only use json as backend. 2012-04-12 11:27:01 +00:00			`if count <= 2`
Added first user also to all groups (master agent). 2012-04-13 13:51:10 +00:00			`Role.where( :name => [ 'Admin', 'Agent'] ).each { \|role\|`
			`role_ids.push role.id`
			`}`
			`Group.all().each { \|group\|`
			`group_ids.push group.id`
			`}`
Fixed syntax error. 2012-08-10 07:43:36 +00:00
Added first user also to all groups (master agent). 2012-04-13 13:51:10 +00:00			`# everybody else will go as customer per default`
Init version. 2012-04-10 14:06:46 +00:00			`else`
Code cleanup, we only use json as backend. 2012-04-12 11:27:01 +00:00			`role_ids.push Role.where( :name => 'Customer' ).first.id`
			`end`
Rewrite for form generation. Added REST docu. Moved api to /api/*. 2012-09-20 12:08:02 +00:00			`user.role_ids = role_ids`
			`user.group_ids = group_ids`
Code cleanup, we only use json as backend. 2012-04-12 11:27:01 +00:00
			`# else do assignment as defined`
			`else`
			`if params[:role_ids]`
Rewrite for form generation. Added REST docu. Moved api to /api/*. 2012-09-20 12:08:02 +00:00			`user.role_ids = params[:role_ids]`
Init version. 2012-04-10 14:06:46 +00:00			`end`
Code cleanup, we only use json as backend. 2012-04-12 11:27:01 +00:00			`if params[:group_ids]`
Rewrite for form generation. Added REST docu. Moved api to /api/*. 2012-09-20 12:08:02 +00:00			`user.group_ids = params[:group_ids]`
Code cleanup, we only use json as backend. 2012-04-12 11:27:01 +00:00			`end`
			`end`
Fixed syntax error. 2012-08-10 07:43:36 +00:00
Some datables cleanups. 2012-11-06 21:43:13 +00:00			`user.save`

Code cleanup, we only use json as backend. 2012-04-12 11:27:01 +00:00			`# send inviteation if needed`
			`if params[:invite]`
Fixed syntax error. 2012-08-10 07:43:36 +00:00
Init version. 2012-04-10 14:06:46 +00:00			`# logger.debug('IIIIIIIIIIIIIIIIIIIIIIIIIIIIII')`
			`# exit '123'`
			`end`
Moved to reworked template processing. Added organization to user model. 2012-10-16 09:46:22 +00:00			`user_new = User.user_data_full( user.id )`
			`render :json => user_new, :status => :created`
Rewrite for form generation. Added REST docu. Moved api to /api/*. 2012-09-20 12:08:02 +00:00			`rescue Exception => e`
			`render :json => { :error => e.message }, :status => :unprocessable_entity`
Init version. 2012-04-10 14:06:46 +00:00			`end`
			`end`

Rewrite for form generation. Added REST docu. Moved api to /api/*. 2012-09-20 12:08:02 +00:00			`=begin`

			`Resource:`
			`PUT /api/users/#{id}.json`

			`Payload:`
			`{`
			`"login": "some_login",`
			`"firstname": "some firstname",`
			`"lastname": "some lastname",`
			`"email": "some@example.com"`
			`}`

			`Response:`
			`{`
			`"id": 2,`
			`"login": "some_login",`
			`...`
			`},`

			`Test:`
			`curl http://localhost/api/users/2.json -v -u #{login}:#{password} -H "Content-Type: application/json" -X PUT -d '{"login": "some_login","firstname": "some firstname","lastname": "some lastname","email": "some@example.com"}'`

			`=end`

Init version. 2012-04-10 14:06:46 +00:00			`def update`
Rewrite for form generation. Added REST docu. Moved api to /api/*. 2012-09-20 12:08:02 +00:00			`user = User.find(params[:id])`
Init version. 2012-04-10 14:06:46 +00:00
Rewrite for form generation. Added REST docu. Moved api to /api/*. 2012-09-20 12:08:02 +00:00			`begin`
			`user.update_attributes( User.param_cleanup(params) )`
Code cleanup, we only use json as backend. 2012-04-12 11:27:01 +00:00			`if params[:role_ids]`
Rewrite for form generation. Added REST docu. Moved api to /api/*. 2012-09-20 12:08:02 +00:00			`user.role_ids = params[:role_ids]`
Code cleanup, we only use json as backend. 2012-04-12 11:27:01 +00:00			`end`
			`if params[:group_ids]`
Rewrite for form generation. Added REST docu. Moved api to /api/*. 2012-09-20 12:08:02 +00:00			`user.group_ids = params[:group_ids]`
Init version. 2012-04-10 14:06:46 +00:00			`end`
Do not give any password to frontend. Only keep them in rest storage. Use old password if no new one is given. 2012-04-20 15:39:50 +00:00			`if params[:organization_ids]`
Rewrite for form generation. Added REST docu. Moved api to /api/*. 2012-09-20 12:08:02 +00:00			`user.organization_ids = params[:organization_ids]`
Do not give any password to frontend. Only keep them in rest storage. Use old password if no new one is given. 2012-04-20 15:39:50 +00:00			`end`
Moved to reworked template processing. Added organization to user model. 2012-10-16 09:46:22 +00:00			`user_new = User.user_data_full( params[:id] )`
			`render :json => user_new, :status => :ok`
Rewrite for form generation. Added REST docu. Moved api to /api/*. 2012-09-20 12:08:02 +00:00			`rescue Exception => e`
			`render :json => { :error => e.message }, :status => :unprocessable_entity`
Init version. 2012-04-10 14:06:46 +00:00			`end`
			`end`

			`# DELETE /users/1`
			`def destroy`
Rewrite for form generation. Added REST docu. Moved api to /api/*. 2012-09-20 12:08:02 +00:00			`model_destory_render(User, params)`
			`end`
Init version. 2012-04-10 14:06:46 +00:00
Rewrite for form generation. Added REST docu. Moved api to /api/*. 2012-09-20 12:08:02 +00:00			`# GET /user/search`
			`def search`

			`# get params`
			`query = params[:term]`
			`limit = params[:limit] \|\| 18`

			`# do query`
			`user_all = User.find(`
			`:all,`
			`:limit => limit,`
			`:conditions => ['firstname LIKE ? or lastname LIKE ? or email LIKE ?', "%#{query}%", "%#{query}%", "%#{query}%"],`
			`:order => 'firstname'`
			`)`

			`# build result list`
			`users = []`
			`user_all.each do \|user\|`
			`realname = user.firstname.to_s + ' ' + user.lastname.to_s`
			`if user.email && user.email.to_s != ''`
			`realname = realname + ' <' + user.email.to_s + '>'`
			`end`
			`a = { :id => user.id, :label => realname, :value => realname }`
			`users.push a`
			`end`

			`# return result`
			`render :json => users`
Init version. 2012-04-10 14:06:46 +00:00			`end`
Init version pf password reset. 2012-04-23 06:55:16 +00:00
Rewrite for form generation. Added REST docu. Moved api to /api/*. 2012-09-20 12:08:02 +00:00			`=begin`

			`Resource:`
			`POST /api/users/password_reset`

			`Payload:`
			`{`
			`"username": "some user name"`
			`}`

			`Response:`
			`{`
			`:message => 'ok'`
			`}`

			`Test:`
			`curl http://localhost/api/users/password_reset.json -v -u #{login}:#{password} -H "Content-Type: application/json" -X POST -d '{"username": "some_username"}'`

			`=end`

Init version pf password reset. 2012-04-23 06:55:16 +00:00			`def password_reset_send`
			`success = User.password_reset_send( params[:username] )`
			`if success`
			`render :json => { :message => 'ok' }, :status => :ok`
			`else`
			`render :json => { :message => 'failed' }, :status => :unprocessable_entity`
			`end`
			`end`

Rewrite for form generation. Added REST docu. Moved api to /api/*. 2012-09-20 12:08:02 +00:00			`=begin`

			`Resource:`
			`POST /api/users/password_reset_verify`

			`Payload:`
			`{`
			`"token": "SoMeToKeN",`
			`"password" "new_password"`
			`}`

			`Response:`
			`{`
			`:message => 'ok'`
			`}`

			`Test:`
			`curl http://localhost/api/users/password_reset_verify.json -v -u #{login}:#{password} -H "Content-Type: application/json" -X POST -d '{"token": "SoMeToKeN", "password" "new_password"}'`

			`=end`

Init version pf password reset. 2012-04-23 06:55:16 +00:00			`def password_reset_verify`
Improved password reset feature. 2012-04-23 16:59:35 +00:00			`if params[:password]`
			`success = User.password_reset_via_token( params[:token], params[:password] )`
			`else`
			`success = User.password_reset_check( params[:token] )`
			`end`
Init version pf password reset. 2012-04-23 06:55:16 +00:00			`if success`
			`render :json => { :message => 'ok' }, :status => :ok`
			`else`
			`render :json => { :message => 'failed' }, :status => :unprocessable_entity`
			`end`
			`end`

Init version. 2012-04-10 14:06:46 +00:00			`end`