2014-03-23 00:22:25 +00:00
|
|
|
class UsersController < ApplicationController
|
2014-03-31 21:33:16 +00:00
|
|
|
before_filter :get_user, only: [:show, :history, :popup, :agenda, :edit, :update, :destroy]
|
2014-03-23 00:22:25 +00:00
|
|
|
respond_to :html, :js
|
|
|
|
|
|
|
|
def index
|
2017-10-16 17:34:28 +00:00
|
|
|
search = params[:search]
|
|
|
|
if search && search.match(/^ip:(\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})$/) && cuser && cuser.admin?
|
|
|
|
@users = User.where(lastip: $1).paginate(per_page: 40, page: params[:page])
|
2017-07-02 16:34:19 +00:00
|
|
|
else
|
2017-10-16 17:34:28 +00:00
|
|
|
if params[:filter] == 'lately'
|
|
|
|
@users = User.search(params[:search]).lately.paginate(per_page: 40, page: params[:page])
|
|
|
|
else
|
|
|
|
@users = User.search(params[:search]).paginate(per_page: 40, page: params[:page])
|
|
|
|
end
|
2017-07-02 16:34:19 +00:00
|
|
|
end
|
2014-03-23 00:22:25 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
def show
|
|
|
|
@page = "general"
|
|
|
|
respond_to do |format|
|
|
|
|
format.js do
|
|
|
|
pages = ["general", "favorites", "computer", "articles", "movies", "teams", "matches", "predictions", "comments"]
|
|
|
|
if pages.include?(params[:page])
|
|
|
|
@page = params[:page]
|
|
|
|
end
|
|
|
|
end
|
|
|
|
format.html {}
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def agenda
|
|
|
|
@teamer = Teamer.new
|
|
|
|
@teamer.user = @user
|
|
|
|
end
|
|
|
|
|
|
|
|
def history
|
|
|
|
raise AccessError unless cuser and cuser.admin?
|
|
|
|
end
|
|
|
|
|
|
|
|
def popup
|
2014-03-31 21:33:16 +00:00
|
|
|
render layout: false
|
2014-03-23 00:22:25 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
def new
|
|
|
|
@user = User.new
|
|
|
|
@user.profile = Profile.new
|
|
|
|
@user.lastip = request.env['REMOTE_ADDR']
|
|
|
|
@user.can_create? cuser
|
|
|
|
end
|
|
|
|
|
|
|
|
def edit
|
|
|
|
raise AccessError unless @user.can_update? cuser
|
|
|
|
end
|
|
|
|
|
|
|
|
def create
|
|
|
|
@user = User.new params[:user]
|
|
|
|
@user.lastvisit = Date.today
|
|
|
|
@user.lastip = request.env['REMOTE_ADDR']
|
|
|
|
|
|
|
|
raise AccessError unless @user.can_create? cuser
|
|
|
|
|
|
|
|
if @user.valid? and @user.save
|
|
|
|
@user.profile = Profile.new
|
|
|
|
@user.profile.user = @user
|
2014-05-13 23:54:51 +00:00
|
|
|
@user.profile.save!
|
2014-03-31 21:33:16 +00:00
|
|
|
redirect_to action: :show, id: @user.id
|
2014-03-23 00:22:25 +00:00
|
|
|
save_session @user
|
|
|
|
else
|
2014-03-31 21:33:16 +00:00
|
|
|
render :new
|
2014-03-23 00:22:25 +00:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def update
|
|
|
|
raise AccessError unless @user.can_update? cuser
|
2015-06-27 12:23:37 +00:00
|
|
|
params[:user].delete(:username) unless @user.can_change_name? cuser
|
2014-03-23 00:22:25 +00:00
|
|
|
if @user.update_attributes params[:user]
|
|
|
|
flash[:notice] = t(:users_update)
|
|
|
|
redirect_to_back
|
|
|
|
else
|
2014-03-31 21:33:16 +00:00
|
|
|
render :edit
|
2014-03-23 00:22:25 +00:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def destroy
|
|
|
|
raise AccessError unless @user.can_destroy? cuser
|
|
|
|
@user.destroy
|
|
|
|
redirect_to users_url
|
|
|
|
end
|
|
|
|
|
|
|
|
def login
|
|
|
|
return unless request.post?
|
|
|
|
|
2014-04-04 19:38:44 +00:00
|
|
|
if u = User.authenticate(params[:login][:username].downcase, params[:login][:password])
|
2014-03-23 00:22:25 +00:00
|
|
|
raise Error, t(:accounts_locked) if u.banned? Ban::TYPE_SITE
|
|
|
|
|
|
|
|
flash[:notice] = t(:login_successful)
|
|
|
|
save_session u
|
|
|
|
|
|
|
|
if session[:return_to]
|
|
|
|
return_to
|
|
|
|
else
|
|
|
|
redirect_to_back
|
|
|
|
end
|
|
|
|
else
|
|
|
|
flash[:error] = t(:login_unsuccessful)
|
|
|
|
redirect_to_back
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def logout
|
|
|
|
if request.post?
|
|
|
|
session[:user] = nil
|
|
|
|
flash[:notice] = t(:login_out)
|
|
|
|
redirect_to :root
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def forgot
|
|
|
|
if request.post?
|
|
|
|
if u = User.first(:conditions => {:username => params[:username], :email => params[:email]}) and u.send_new_password
|
|
|
|
flash[:notice] = t(:passwords_sent)
|
|
|
|
else
|
|
|
|
flash[:error] = t(:incorrect_information)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
private
|
|
|
|
|
|
|
|
def get_user
|
|
|
|
@user = User.find(params[:id])
|
|
|
|
end
|
|
|
|
|
|
|
|
def save_session user
|
|
|
|
session[:user] = user.id
|
|
|
|
user.lastip = request.ip
|
|
|
|
user.lastvisit = DateTime.now
|
|
|
|
user.save()
|
|
|
|
end
|
|
|
|
end
|