2012-08-31 03:01:52 +00:00
|
|
|
class UsersController < ApplicationController
|
2012-11-12 12:59:43 +00:00
|
|
|
before_filter :signed_in_user,
|
2012-09-03 22:03:16 +00:00
|
|
|
only: [:index, :edit, :update, :destroy]
|
2012-08-31 03:01:52 +00:00
|
|
|
before_filter :correct_user, only: [:edit, :update]
|
|
|
|
|
before_filter :admin_user, only: :destroy
|
|
|
|
|
|
2013-02-08 03:11:47 +00:00
|
|
|
rescue_from 'JamRuby::PermissionError' do |exception|
|
|
|
|
|
@exception = exception
|
|
|
|
|
render :file => 'public/403.html', :status => 403, :layout => false
|
|
|
|
|
end
|
2012-11-12 12:59:43 +00:00
|
|
|
|
2012-08-31 03:01:52 +00:00
|
|
|
def index
|
|
|
|
|
@users = User.paginate(page: params[:page])
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def show
|
|
|
|
|
@user = User.find(params[:id])
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def new
|
2013-03-15 04:23:37 +00:00
|
|
|
@invited_user = load_invited_user(params)
|
|
|
|
|
|
|
|
|
|
if !@invited_user.nil? && @invited_user.accepted
|
|
|
|
|
# short-circuit out if this invitation is already accepted
|
|
|
|
|
render "already_signed_up"
|
|
|
|
|
return
|
|
|
|
|
end
|
|
|
|
|
@signup_postback = load_postback(@invited_user)
|
|
|
|
|
load_location(request.remote_ip)
|
|
|
|
|
|
2012-08-31 03:01:52 +00:00
|
|
|
@user = User.new
|
2013-03-15 04:23:37 +00:00
|
|
|
|
|
|
|
|
# preseed the form with the invited email as a convenience to the user
|
|
|
|
|
unless @invited_user.nil?
|
|
|
|
|
@user.email = @invited_user.email
|
|
|
|
|
end
|
2012-08-31 03:01:52 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def create
|
2013-03-15 04:23:37 +00:00
|
|
|
|
|
|
|
|
@invited_user = load_invited_user(params)
|
|
|
|
|
@signup_postback = load_postback(@invited_user)
|
|
|
|
|
|
2012-11-12 12:59:43 +00:00
|
|
|
@user = User.new
|
|
|
|
|
|
|
|
|
|
# check recaptcha; if any errors seen, contribute it to the model
|
|
|
|
|
unless verify_recaptcha(:model => @user, :message => "recaptcha")
|
2012-08-31 03:01:52 +00:00
|
|
|
render 'new'
|
2012-11-14 05:57:10 +00:00
|
|
|
return
|
|
|
|
|
end
|
2013-03-15 04:23:37 +00:00
|
|
|
|
|
|
|
|
instruments = fixup_instruments(params[:jam_ruby_user][:instruments])
|
|
|
|
|
|
|
|
|
|
birth_date = fixup_birthday(params[:jam_ruby_user]["birth_date(2i)"], params[:jam_ruby_user]["birth_date(3i)"], params[:jam_ruby_user]["birth_date(1i)"])
|
|
|
|
|
location = { :country => params[:jam_ruby_user][:country], :state => params[:jam_ruby_user][:state], :city => params[:jam_ruby_user][:city]}
|
|
|
|
|
terms_of_service = params[:jam_ruby_user][:terms_of_service].nil? ? false : true
|
|
|
|
|
subscribe_email = params[:jam_ruby_user][:subscribe_email].nil? ? false : true
|
|
|
|
|
|
|
|
|
|
|
2012-12-02 06:46:30 +00:00
|
|
|
@user = UserManager.new.signup(request.remote_ip,
|
|
|
|
|
params[:jam_ruby_user][:first_name],
|
2012-11-18 03:56:23 +00:00
|
|
|
params[:jam_ruby_user][:last_name],
|
2012-11-12 12:59:43 +00:00
|
|
|
params[:jam_ruby_user][:email],
|
|
|
|
|
params[:jam_ruby_user][:password],
|
|
|
|
|
params[:jam_ruby_user][:password_confirmation],
|
2013-03-15 04:23:37 +00:00
|
|
|
terms_of_service,
|
|
|
|
|
subscribe_email,
|
|
|
|
|
instruments,
|
|
|
|
|
birth_date,
|
|
|
|
|
location,
|
|
|
|
|
nil, # we don't accept photo url on the signup form yet
|
|
|
|
|
@invited_user,
|
2012-12-02 06:46:30 +00:00
|
|
|
ApplicationHelper.base_uri(request) + "/confirm")
|
2012-11-12 12:59:43 +00:00
|
|
|
|
2012-11-14 05:57:10 +00:00
|
|
|
# check for errors
|
|
|
|
|
if @user.errors.any?
|
|
|
|
|
# render any @user.errors on error
|
2013-03-15 04:23:37 +00:00
|
|
|
load_location(request.remote_ip, location)
|
2012-12-22 00:56:49 +00:00
|
|
|
render 'new'
|
2012-11-14 05:57:10 +00:00
|
|
|
else
|
2013-03-15 04:23:37 +00:00
|
|
|
if @user.email_confirmed
|
|
|
|
|
# If the user came here as a result of an invite, then they are trusted,
|
|
|
|
|
# and we know that their email must be valid because that's how they got the invite
|
|
|
|
|
# and log them in immediately
|
|
|
|
|
sign_in @user
|
|
|
|
|
redirect_to :client
|
|
|
|
|
else
|
|
|
|
|
# If this is a normal signup, then the user needs to verify email
|
|
|
|
|
# if success, redirect to 'email_sent' page
|
|
|
|
|
flash[:success] = "Please check your email and confirm your signup"
|
|
|
|
|
redirect_to :email_sent
|
|
|
|
|
end
|
2012-08-31 03:01:52 +00:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
2012-11-12 12:59:43 +00:00
|
|
|
def email_sent
|
|
|
|
|
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def signup_confirm
|
2013-03-08 06:45:06 +00:00
|
|
|
signup_token = params[:signup_token]
|
|
|
|
|
|
|
|
|
|
@user = UserManager.new.signup_confirm(signup_token, request.remote_ip)
|
2012-11-12 12:59:43 +00:00
|
|
|
|
2013-03-01 13:36:25 +00:00
|
|
|
if !@user.nil? && !@user.errors.any?
|
2012-11-12 12:59:43 +00:00
|
|
|
sign_in @user
|
|
|
|
|
redirect_to :client
|
2013-03-01 13:36:25 +00:00
|
|
|
elsif !@user.nil?
|
2013-03-08 06:45:06 +00:00
|
|
|
# new user with validation errors;
|
2013-03-01 13:36:25 +00:00
|
|
|
logger.debug("#{@user} has errors. can not sign in until remedied. #{@user.errors.inspect}")
|
2012-11-12 12:59:43 +00:00
|
|
|
|
2013-03-08 06:45:06 +00:00
|
|
|
end
|
|
|
|
|
# let page have signup_token in javascript
|
|
|
|
|
gon.signup_token = signup_token
|
2013-03-01 13:36:25 +00:00
|
|
|
|
2012-11-12 12:59:43 +00:00
|
|
|
# let errors fall through to signup_confirm.html.erb
|
|
|
|
|
end
|
|
|
|
|
|
2012-08-31 03:01:52 +00:00
|
|
|
def edit
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def update
|
2012-09-01 20:24:51 +00:00
|
|
|
if @user.update_attributes(params[:jam_ruby_user])
|
2012-08-31 03:01:52 +00:00
|
|
|
flash[:success] = "Profile updated"
|
|
|
|
|
sign_in @user
|
|
|
|
|
redirect_to @user
|
|
|
|
|
else
|
|
|
|
|
render 'edit'
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def destroy
|
|
|
|
|
User.find(params[:id]).destroy
|
|
|
|
|
flash[:success] = "User destroyed."
|
|
|
|
|
redirect_to users_url
|
|
|
|
|
end
|
|
|
|
|
|
2012-12-28 07:31:12 +00:00
|
|
|
def request_reset_password
|
|
|
|
|
render 'request_reset_password'
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def reset_password
|
|
|
|
|
begin
|
|
|
|
|
@user = User.reset_password(params[:jam_ruby_user][:email])
|
|
|
|
|
render 'sent_reset_password'
|
|
|
|
|
rescue JamRuby::JamArgumentError
|
|
|
|
|
@reset_password_error = "Email address not found"
|
|
|
|
|
render 'request_reset_password'
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def reset_password_token
|
|
|
|
|
render 'reset_password_token'
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def reset_password_complete
|
|
|
|
|
begin
|
|
|
|
|
User.set_password_from_token(params[:jam_ruby_user][:email], params[:jam_ruby_user][:token],
|
|
|
|
|
params[:jam_ruby_user][:password], params[:jam_ruby_user][:password_confirmation])
|
|
|
|
|
rescue
|
|
|
|
|
params[:email] = params[:jam_ruby_user][:email]
|
|
|
|
|
params[:token] = params[:jam_ruby_user][:token]
|
|
|
|
|
render 'reset_password_token'
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
2012-08-31 03:01:52 +00:00
|
|
|
private
|
|
|
|
|
|
2012-12-22 00:56:49 +00:00
|
|
|
def correct_user
|
|
|
|
|
@user = User.find(params[:id])
|
|
|
|
|
redirect_to(root_url) unless current_user?(@user)
|
|
|
|
|
end
|
2012-08-31 03:01:52 +00:00
|
|
|
|
2012-12-22 00:56:49 +00:00
|
|
|
def admin_user
|
|
|
|
|
redirect_to(root_url) unless current_user.admin?
|
|
|
|
|
end
|
2012-12-28 07:31:12 +00:00
|
|
|
|
2013-03-15 04:23:37 +00:00
|
|
|
# the User Model expects instruments in a different format than the form submits it
|
|
|
|
|
# so we have to fix it up.
|
|
|
|
|
def fixup_instruments(original_instruments)
|
|
|
|
|
# if an instrument is selected by the user in the form, it'll show up in this array
|
|
|
|
|
instruments = []
|
|
|
|
|
|
|
|
|
|
# ok, sweep through all the fields submitted, looking for selected instruments.
|
|
|
|
|
# also, make up priority because we don't ask for it (but users can fix it later on their profile)
|
|
|
|
|
priority = 0
|
|
|
|
|
original_instruments.each do |key, value|
|
|
|
|
|
logger.debug("key #{key} value:#{value}")
|
|
|
|
|
if !value["selected"].nil?
|
|
|
|
|
instruments << { :instrument_id => key, :proficiency_level => value["proficiency"].to_i, :priority => priority }
|
|
|
|
|
priority = priority + 1
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
return instruments
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
# the User Model expects instruments in a different format than the form submits it
|
|
|
|
|
# so we have to fix it up.
|
|
|
|
|
def fixup_birthday(month, day, year)
|
|
|
|
|
if month.blank? || day.blank? || year.blank?
|
|
|
|
|
# invalid birthdate, so return nil
|
|
|
|
|
return nil
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
return Date.new(year.to_i, month.to_i, day.to_i)
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def load_invited_user(params)
|
|
|
|
|
# check if this an anonymous request, or result of invitation code
|
|
|
|
|
invitation_code = params[:invitation_code]
|
|
|
|
|
|
|
|
|
|
invited_user = nil
|
|
|
|
|
unless invitation_code.nil?
|
|
|
|
|
# we only want to find invitations that have not been accepted
|
|
|
|
|
invited_user = InvitedUser.find_by_invitation_code(invitation_code)
|
|
|
|
|
end
|
|
|
|
|
return invited_user
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def load_location(remote_ip, location = nil)
|
|
|
|
|
@location = location
|
|
|
|
|
|
|
|
|
|
if @location.nil?
|
|
|
|
|
@location = MaxMindManager.lookup(remote_ip)
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
@location[:country] = "United States" if @location[:country].nil?
|
|
|
|
|
|
|
|
|
|
# right now we only accept US signups for beta
|
|
|
|
|
@countries = MaxMindManager.countries()
|
|
|
|
|
# populate regions based on current country
|
|
|
|
|
@regions = MaxMindManager.regions(@location[:country])
|
|
|
|
|
@cities = @location[:state].nil? ? [] : MaxMindManager.cities(@location[:country], @location[:state])
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def load_postback(invited_user)
|
|
|
|
|
if invited_user.nil?
|
2013-03-15 06:04:59 +00:00
|
|
|
signup_path
|
2013-03-15 04:23:37 +00:00
|
|
|
else
|
2013-03-15 06:04:59 +00:00
|
|
|
signup_path + "?invitation_code=" + invited_user.invitation_code
|
2013-03-15 04:23:37 +00:00
|
|
|
end
|
|
|
|
|
end
|
2012-08-31 13:18:37 +00:00
|
|
|
end
|
