126 lines
3.1 KiB
Ruby
126 lines
3.1 KiB
Ruby
class Dunlop::UsersController < Dunlop::ApplicationController
|
|
skip_authorize_resource if respond_to?(:skip_authorize_resource)
|
|
skip_authorization_check if respond_to?(:skip_authorization_check)
|
|
respond_to :html
|
|
before_action :find_record, only: %i[show edit update destroy]
|
|
before_action :set_current_user_as_user, only: %i[profile edit_profile update_profile]
|
|
before_action :log_current_user, on: [:create, :update, :destroy, :become_user]
|
|
|
|
def profile
|
|
end
|
|
|
|
def edit_profile
|
|
end
|
|
|
|
def update_profile
|
|
user_params = params.require(:user).permit(:password, :confirmation_password)
|
|
if @user.update_attributes(user_params)
|
|
sign_in @user, bypass_sign_in: true
|
|
redirect_to dunlop.profile_users_path
|
|
else
|
|
render action: :edit_profile
|
|
end
|
|
end
|
|
|
|
def index
|
|
authorize! :index, User
|
|
@users = User.active.page(params[:page])
|
|
end
|
|
|
|
def new
|
|
@user = User.new
|
|
authorize! :create, @user
|
|
end
|
|
|
|
def create
|
|
@user = User.new user_params
|
|
authorize! :create, @user
|
|
if @user.save
|
|
redirect_to dunlop.users_path
|
|
else
|
|
render action: :edit
|
|
end
|
|
end
|
|
|
|
def show
|
|
authorize! :show, @user
|
|
end
|
|
|
|
def edit
|
|
authorize! :update, @user
|
|
end
|
|
|
|
def update
|
|
authorize! :update, @user
|
|
if user_params[:password].blank?
|
|
@user.update_without_password(user_params)
|
|
else
|
|
@user.update_attributes(user_params)
|
|
end
|
|
|
|
if @user.errors.present?
|
|
render action: :edit
|
|
else
|
|
redirect_to dunlop.users_path
|
|
end
|
|
end
|
|
|
|
def become_user
|
|
@user = User.find(params[:id])
|
|
authorize! :become_user, @user
|
|
raise CanCan::AccessDenied if @user.admin? and not current_user.admin? # Do not allow non admin users with user management authorization to become an admin user
|
|
sign_in @user, bypass_sign_in: true
|
|
respond_with(@user, location: user_path)
|
|
end
|
|
|
|
def destroy
|
|
authorize! :destroy, @user
|
|
@user.destroy
|
|
redirect_to dunlop.users_path
|
|
end
|
|
|
|
def permissions_table
|
|
authorize! :permissions_table, User
|
|
@table = Hash.new{|h,k| h[k] = Hash.new{|h2, k2| h2[k2] = []} }
|
|
@users = User.active
|
|
@users.each do |user|
|
|
user.role_names.each do |role|
|
|
if match = role.match(/(^[a-z0-9]+)-class-(.*)/)
|
|
role_class = match[2].safe_constantize
|
|
if role_class.respond_to?(:model_name)
|
|
role = role_class.model_name.human
|
|
else
|
|
role = role_class.try(:name)
|
|
end
|
|
@table[role][user] << match[1]
|
|
else
|
|
@table[role][user] << "check"
|
|
end
|
|
end
|
|
end
|
|
end
|
|
|
|
private
|
|
|
|
def find_record
|
|
@user = User.find(params[:id])
|
|
end
|
|
|
|
def set_current_user_as_user
|
|
@user = current_user
|
|
end
|
|
|
|
def user_params
|
|
permitted_params = [:ruisnaam, :email, :password, :password_confirmation, {role_names: []}]
|
|
if current_user.admin?
|
|
permitted_params.push(:admin, role_names_admin: [])
|
|
end
|
|
params.require(:user).permit(*permitted_params)
|
|
end
|
|
|
|
def log_current_user
|
|
logger.info "#{current_user.try(:email)} having id #{current_user.try(:id)} did user change"
|
|
end
|
|
end
|
|
|