trabajo-afectivo/app/controllers/users_controller.rb

356 lines
7.6 KiB
Ruby
Raw Normal View History

2012-04-10 14:06:46 +00:00
class UsersController < ApplicationController
2012-04-23 06:55:16 +00:00
before_filter :authentication_check, :except => [:create, :password_reset_send, :password_reset_verify]
2012-04-10 14:06:46 +00:00
=begin
Format:
JSON
Example:
{
"id":2,
"organization_id":null,
"login":"m@edenhofer.de",
"firstname":"Marti",
"lastname":"Ede",
"email":"m@edenhofer.de",
"image":"http://www.gravatar.com/avatar/1c38b099f2344976005de69965733465?s=48",
"web":"http://127.0.0.1",
"password":"123",
"phone":"112",
"fax":"211",
"mobile":"",
"street":"",
"zip":"",
"city":"",
"country":null,
"verified":false,
"active":true,
"note":"some note",
"source":null,
"role_ids":[1,2],
"group_ids":[1,2,3,4],
}
=end
=begin
Resource:
GET /api/users.json
Response:
[
{
"id": 1,
"login": "some_login1",
...
},
{
"id": 2,
"login": "some_login2",
...
}
]
Test:
curl http://localhost/api/users.json -v -u #{login}:#{password}
=end
2012-04-10 14:06:46 +00:00
def index
users = User.all
users_all = []
users.each {|user|
users_all.push User.user_data_full( user.id )
2012-04-10 14:06:46 +00:00
}
render :json => users_all
2012-04-10 14:06:46 +00:00
end
=begin
Resource:
GET /api/users/1.json
Response:
{
"id": 1,
"login": "some_login1",
...
},
Test:
curl http://localhost/api/users/#{id}.json -v -u #{login}:#{password}
=end
2012-04-10 14:06:46 +00:00
def show
user = User.user_data_full( params[:id] )
render :json => user
2012-04-10 14:06:46 +00:00
end
=begin
Resource:
POST /api/users.json
Payload:
{
"login": "some_login",
"firstname": "some firstname",
"lastname": "some lastname",
"email": "some@example.com"
}
Response:
{
"id": 1,
"login": "some_login",
...
},
Test:
curl http://localhost/api/users.json -v -u #{login}:#{password} -H "Content-Type: application/json" -X POST -d '{"login": "some_login","firstname": "some firstname","lastname": "some lastname","email": "some@example.com"}'
=end
2012-04-10 14:06:46 +00:00
def create
user = User.new( User.param_cleanup(params) )
2012-11-06 21:43:13 +00:00
user.updated_by_id = (current_user && current_user.id) || 1
user.created_by_id = (current_user && current_user.id) || 1
begin
2012-04-10 14:06:46 +00:00
# if it's a signup, add user to customer role
if user.created_by_id == 1
2012-08-10 07:43:36 +00:00
# check if it's first user
count = User.all.count()
group_ids = []
role_ids = []
# add first user as admin/agent and to all groups
if count <= 2
Role.where( :name => [ 'Admin', 'Agent'] ).each { |role|
role_ids.push role.id
}
Group.all().each { |group|
group_ids.push group.id
}
2012-08-10 07:43:36 +00:00
# everybody else will go as customer per default
2012-04-10 14:06:46 +00:00
else
role_ids.push Role.where( :name => 'Customer' ).first.id
end
user.role_ids = role_ids
user.group_ids = group_ids
# else do assignment as defined
else
if params[:role_ids]
user.role_ids = params[:role_ids]
2012-04-10 14:06:46 +00:00
end
if params[:group_ids]
user.group_ids = params[:group_ids]
end
end
2012-08-10 07:43:36 +00:00
2012-11-06 21:43:13 +00:00
user.save
2013-01-03 10:47:39 +00:00
# send inviteation if needed / only if session exists
if params[:invite] && current_user
2012-08-10 07:43:36 +00:00
2013-01-03 09:39:33 +00:00
# generate token
token = Token.create( :action => 'PasswordReset', :user_id => user.id )
# send mail
data = {}
data[:subject] = 'Invitation to #{config.product_name} at #{config.fqdn}'
data[:body] = 'Hi {user.firstname},
2013-01-03 10:47:39 +00:00
I (#{current_user.firstname} #{current_user.lastname}) invite you to #{config.product_name} - a customer support / ticket system platform.
2013-01-03 09:39:33 +00:00
Click on the following link and set your password:
#{config.http_type}://#{config.fqdn}/#password_reset_verify/#{token.name}
Enjoy,
#{current_user.firstname} #{current_user.lastname}
Your #{config.product_name} Team
'
# prepare subject & body
[:subject, :body].each { |key|
data[key.to_sym] = NotificationFactory.build(
:string => data[key.to_sym],
:objects => {
:token => token,
:user => user,
:current_user => current_user,
}
)
}
# send notification
NotificationFactory.send(
:recipient => user,
:subject => data[:subject],
:body => data[:body]
)
2012-04-10 14:06:46 +00:00
end
2013-01-03 09:39:33 +00:00
user_new = User.user_data_full( user.id )
render :json => user_new, :status => :created
rescue Exception => e
render :json => { :error => e.message }, :status => :unprocessable_entity
2012-04-10 14:06:46 +00:00
end
end
=begin
Resource:
PUT /api/users/#{id}.json
Payload:
{
"login": "some_login",
"firstname": "some firstname",
"lastname": "some lastname",
"email": "some@example.com"
}
Response:
{
"id": 2,
"login": "some_login",
...
},
Test:
curl http://localhost/api/users/2.json -v -u #{login}:#{password} -H "Content-Type: application/json" -X PUT -d '{"login": "some_login","firstname": "some firstname","lastname": "some lastname","email": "some@example.com"}'
=end
2012-04-10 14:06:46 +00:00
def update
user = User.find(params[:id])
2012-04-10 14:06:46 +00:00
begin
user.update_attributes( User.param_cleanup(params) )
if params[:role_ids]
user.role_ids = params[:role_ids]
end
if params[:group_ids]
user.group_ids = params[:group_ids]
2012-04-10 14:06:46 +00:00
end
if params[:organization_ids]
user.organization_ids = params[:organization_ids]
end
user_new = User.user_data_full( params[:id] )
render :json => user_new, :status => :ok
rescue Exception => e
render :json => { :error => e.message }, :status => :unprocessable_entity
2012-04-10 14:06:46 +00:00
end
end
2012-11-14 01:05:53 +00:00
# DELETE /api/users/1
2012-04-10 14:06:46 +00:00
def destroy
model_destory_render(User, params)
end
2012-04-10 14:06:46 +00:00
2012-11-14 01:05:53 +00:00
# GET /api/users/search
def search
2012-11-14 01:05:53 +00:00
# get params
query = params[:term]
limit = params[:limit] || 18
# do query
user_all = User.find(
:all,
:limit => limit,
:conditions => ['firstname LIKE ? or lastname LIKE ? or email LIKE ?', "%#{query}%", "%#{query}%", "%#{query}%"],
:order => 'firstname'
)
2012-11-14 01:05:53 +00:00
# build result list
users = []
user_all.each do |user|
realname = user.firstname.to_s + ' ' + user.lastname.to_s
if user.email && user.email.to_s != ''
realname = realname + ' <' + user.email.to_s + '>'
end
a = { :id => user.id, :label => realname, :value => realname }
users.push a
end
# return result
render :json => users
2012-04-10 14:06:46 +00:00
end
2012-04-23 06:55:16 +00:00
=begin
Resource:
POST /api/users/password_reset
Payload:
{
"username": "some user name"
}
Response:
{
:message => 'ok'
}
Test:
curl http://localhost/api/users/password_reset.json -v -u #{login}:#{password} -H "Content-Type: application/json" -X POST -d '{"username": "some_username"}'
=end
2012-04-23 06:55:16 +00:00
def password_reset_send
success = User.password_reset_send( params[:username] )
if success
render :json => { :message => 'ok' }, :status => :ok
else
render :json => { :message => 'failed' }, :status => :unprocessable_entity
end
end
=begin
Resource:
POST /api/users/password_reset_verify
Payload:
{
"token": "SoMeToKeN",
"password" "new_password"
}
Response:
{
:message => 'ok'
}
Test:
curl http://localhost/api/users/password_reset_verify.json -v -u #{login}:#{password} -H "Content-Type: application/json" -X POST -d '{"token": "SoMeToKeN", "password" "new_password"}'
=end
2012-04-23 06:55:16 +00:00
def password_reset_verify
2012-04-23 16:59:35 +00:00
if params[:password]
success = User.password_reset_via_token( params[:token], params[:password] )
else
success = User.password_reset_check( params[:token] )
end
2012-04-23 06:55:16 +00:00
if success
render :json => { :message => 'ok' }, :status => :ok
else
render :json => { :message => 'failed' }, :status => :unprocessable_entity
end
end
2012-04-10 14:06:46 +00:00
end