ensl.org/app/controllers/users_controller.rb

class UsersController < ApplicationController
  before_filter :get_user, only: [:show, :history, :popup, :agenda, :edit, :update, :destroy]
  respond_to :html, :js

  def index
    if params[:filter] == 'lately'
      @users = User.search(params[:search]).lately.paginate(per_page: 40, page: params[:page])
    else
      @users = User.search(params[:search]).paginate(per_page: 40, page: params[:page])
    end
  end

  def show
    @page = "general"
    respond_to do |format|
      format.js do
        pages = ["general", "favorites", "computer", "articles", "movies", "teams", "matches", "predictions", "comments"]
        if pages.include?(params[:page])
          @page = params[:page]
        end
      end
      format.html {}
    end
  end

  def agenda
    @teamer = Teamer.new
    @teamer.user = @user
  end

  def history
    raise AccessError unless cuser and cuser.admin?
  end

  def popup
    render layout: false
  end

  def new
    @user = User.new
    @user.profile = Profile.new
    @user.lastip = request.env['REMOTE_ADDR']
    @user.can_create? cuser
  end

  def edit
    raise AccessError unless @user.can_update? cuser
  end

  def create
    @user = User.new params[:user]
    @user.lastvisit = Date.today
    @user.lastip = request.env['REMOTE_ADDR']

    raise AccessError unless @user.can_create? cuser

    if @user.valid? and @user.save
      @user.profile = Profile.new
      @user.profile.user = @user
      @user.profile.save!
      redirect_to action: :show, id: @user.id
      save_session @user
    else
      render :new
    end
  end

  def update
    raise AccessError unless @user.can_update? cuser
    params[:user].delete(:username) unless @user.can_change_name? cuser
    if @user.update_attributes params[:user]
      flash[:notice] = t(:users_update)
      redirect_to_back
    else
      render :edit
    end
  end

  def destroy
    raise AccessError unless @user.can_destroy? cuser
    @user.destroy
    redirect_to users_url
  end

  def login
    return unless request.post?

    if u = User.authenticate(params[:login][:username].downcase, params[:login][:password])
      raise Error, t(:accounts_locked) if u.banned? Ban::TYPE_SITE

      flash[:notice] = t(:login_successful)
      save_session u

      if session[:return_to]
        return_to
      else
        redirect_to_back
      end
    else
      flash[:error] = t(:login_unsuccessful)
      redirect_to_back
    end
  end

  def logout
    if request.post?
      session[:user] = nil
      flash[:notice] = t(:login_out)
      redirect_to :root
    end
  end

  def forgot
    if request.post?
      if u = User.first(:conditions => {:username => params[:username], :email => params[:email]}) and u.send_new_password
        flash[:notice] = t(:passwords_sent)
      else
        flash[:error] = t(:incorrect_information)
      end
    end
  end

  private

  def get_user
    @user = User.find(params[:id])
  end

  def save_session user
    session[:user] = user.id
    user.lastip = request.ip
    user.lastvisit = DateTime.now
    user.save()
  end
end
Purged git history and removed sensitive information. 2014-03-23 00:22:25 +00:00			`class UsersController < ApplicationController`
Fixed formatting and ruby hash syntax 2014-03-31 21:33:16 +00:00			`before_filter :get_user, only: [:show, :history, :popup, :agenda, :edit, :update, :destroy]`
Purged git history and removed sensitive information. 2014-03-23 00:22:25 +00:00			`respond_to :html, :js`

			`def index`
added filter to show only users logged in lately 2017-07-02 16:34:19 +00:00			`if params[:filter] == 'lately'`
			`@users = User.search(params[:search]).lately.paginate(per_page: 40, page: params[:page])`
			`else`
			`@users = User.search(params[:search]).paginate(per_page: 40, page: params[:page])`
			`end`
Purged git history and removed sensitive information. 2014-03-23 00:22:25 +00:00			`end`

			`def show`
			`@page = "general"`
			`respond_to do \|format\|`
			`format.js do`
			`pages = ["general", "favorites", "computer", "articles", "movies", "teams", "matches", "predictions", "comments"]`
			`if pages.include?(params[:page])`
			`@page = params[:page]`
			`end`
			`end`
			`format.html {}`
			`end`
			`end`

			`def agenda`
			`@teamer = Teamer.new`
			`@teamer.user = @user`
			`end`

			`def history`
			`raise AccessError unless cuser and cuser.admin?`
			`end`

			`def popup`
Fixed formatting and ruby hash syntax 2014-03-31 21:33:16 +00:00			`render layout: false`
Purged git history and removed sensitive information. 2014-03-23 00:22:25 +00:00			`end`

			`def new`
			`@user = User.new`
			`@user.profile = Profile.new`
			`@user.lastip = request.env['REMOTE_ADDR']`
			`@user.can_create? cuser`
			`end`

			`def edit`
			`raise AccessError unless @user.can_update? cuser`
			`end`

			`def create`
			`@user = User.new params[:user]`
			`@user.lastvisit = Date.today`
			`@user.lastip = request.env['REMOTE_ADDR']`

			`raise AccessError unless @user.can_create? cuser`

			`if @user.valid? and @user.save`
			`@user.profile = Profile.new`
			`@user.profile.user = @user`
Can now join teams from the teams pages individually. If you already have a request active, it will remove that request and replace it with a new one (with a confirmation). I left the Agenda way of joining/cancelling join of teams. 2014-05-13 23:54:51 +00:00			`@user.profile.save!`
Fixed formatting and ruby hash syntax 2014-03-31 21:33:16 +00:00			`redirect_to action: :show, id: @user.id`
Purged git history and removed sensitive information. 2014-03-23 00:22:25 +00:00			`save_session @user`
			`else`
Fixed formatting and ruby hash syntax 2014-03-31 21:33:16 +00:00			`render :new`
Purged git history and removed sensitive information. 2014-03-23 00:22:25 +00:00			`end`
			`end`

			`def update`
			`raise AccessError unless @user.can_update? cuser`
Only admins can change usernames. 2015-06-27 12:23:37 +00:00			`params[:user].delete(:username) unless @user.can_change_name? cuser`
Purged git history and removed sensitive information. 2014-03-23 00:22:25 +00:00			`if @user.update_attributes params[:user]`
			`flash[:notice] = t(:users_update)`
			`redirect_to_back`
			`else`
Fixed formatting and ruby hash syntax 2014-03-31 21:33:16 +00:00			`render :edit`
Purged git history and removed sensitive information. 2014-03-23 00:22:25 +00:00			`end`
			`end`

			`def destroy`
			`raise AccessError unless @user.can_destroy? cuser`
			`@user.destroy`
			`redirect_to users_url`
			`end`

			`def login`
			`return unless request.post?`

Added ability to login with a username that is case insensitive Added some missing translations Small CSS tweaks 2014-04-04 19:38:44 +00:00			`if u = User.authenticate(params[:login][:username].downcase, params[:login][:password])`
Purged git history and removed sensitive information. 2014-03-23 00:22:25 +00:00			`raise Error, t(:accounts_locked) if u.banned? Ban::TYPE_SITE`

			`flash[:notice] = t(:login_successful)`
			`save_session u`

			`if session[:return_to]`
			`return_to`
			`else`
			`redirect_to_back`
			`end`
			`else`
			`flash[:error] = t(:login_unsuccessful)`
			`redirect_to_back`
			`end`
			`end`

			`def logout`
			`if request.post?`
			`session[:user] = nil`
			`flash[:notice] = t(:login_out)`
			`redirect_to :root`
			`end`
			`end`

			`def forgot`
			`if request.post?`
			`if u = User.first(:conditions => {:username => params[:username], :email => params[:email]}) and u.send_new_password`
			`flash[:notice] = t(:passwords_sent)`
			`else`
			`flash[:error] = t(:incorrect_information)`
			`end`
			`end`
			`end`

			`private`

			`def get_user`
			`@user = User.find(params[:id])`
			`end`

			`def save_session user`
			`session[:user] = user.id`
			`user.lastip = request.ip`
			`user.lastvisit = DateTime.now`
			`user.save()`
			`end`
			`end`