mirrors
/
redmine
mirror of https://github.com/redmine/redmine.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 201 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
9381 Commits
33 Branches
Tree: f99535bba2
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'f99535bba2'
${ noResults }
redmine/app/controllers/users_controller.rb

users_controller.rb 6.9KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212 
  1. # Redmine - project management software

  2. # Copyright (C) 2006-2013  Jean-Philippe Lang

  3. #

  4. # This program is free software; you can redistribute it and/or

  5. # modify it under the terms of the GNU General Public License

  6. # as published by the Free Software Foundation; either version 2

  7. # of the License, or (at your option) any later version.

  8. #

  9. # This program is distributed in the hope that it will be useful,

  10. # but WITHOUT ANY WARRANTY; without even the implied warranty of

  11. # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

  12. # GNU General Public License for more details.

  13. #

  14. # You should have received a copy of the GNU General Public License

  15. # along with this program; if not, write to the Free Software

  16. # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.

  17. 

  18. class UsersController < ApplicationController

  19.   layout 'admin'

  20. 

  21.   before_filter :require_admin, :except => :show

  22.   before_filter :find_user, :only => [:show, :edit, :update, :destroy, :edit_membership, :destroy_membership]

  23.   accept_api_auth :index, :show, :create, :update, :destroy

  24. 

  25.   helper :sort

  26.   include SortHelper

  27.   helper :custom_fields

  28.   include CustomFieldsHelper

  29. 

  30.   def index

  31.     sort_init 'login', 'asc'

  32.     sort_update %w(login firstname lastname mail admin created_on last_login_on)

  33. 

  34.     case params[:format]

  35.     when 'xml', 'json'

  36.       @offset, @limit = api_offset_and_limit

  37.     else

  38.       @limit = per_page_option

  39.     end

  40. 

  41.     @status = params[:status] || 1

  42. 

  43.     scope = User.logged.status(@status)

  44.     scope = scope.like(params[:name]) if params[:name].present?

  45.     scope = scope.in_group(params[:group_id]) if params[:group_id].present?

  46. 

  47.     @user_count = scope.count

  48.     @user_pages = Paginator.new @user_count, @limit, params['page']

  49.     @offset ||= @user_pages.offset

  50.     @users =  scope.order(sort_clause).limit(@limit).offset(@offset).all

  51. 

  52.     respond_to do |format|

  53.       format.html {

  54.         @groups = Group.all.sort

  55.         render :layout => !request.xhr?

  56.       }

  57.       format.api

  58.     end	

  59.   end

  60. 

  61.   def show

  62.     # show projects based on current user visibility

  63.     @memberships = @user.memberships.all(:conditions => Project.visible_condition(User.current))

  64. 

  65.     events = Redmine::Activity::Fetcher.new(User.current, :author => @user).events(nil, nil, :limit => 10)

  66.     @events_by_day = events.group_by(&:event_date)

  67. 

  68.     unless User.current.admin?

  69.       if !@user.active? || (@user != User.current  && @memberships.empty? && events.empty?)

  70.         render_404

  71.         return

  72.       end

  73.     end

  74. 

  75.     respond_to do |format|

  76.       format.html { render :layout => 'base' }

  77.       format.api

  78.     end

  79.   end

  80. 

  81.   def new

  82.     @user = User.new(:language => Setting.default_language, :mail_notification => Setting.default_notification_option)

  83.     @auth_sources = AuthSource.all

  84.   end

  85. 

  86.   def create

  87.     @user = User.new(:language => Setting.default_language, :mail_notification => Setting.default_notification_option)

  88.     @user.safe_attributes = params[:user]

  89.     @user.admin = params[:user][:admin] || false

  90.     @user.login = params[:user][:login]

  91.     @user.password, @user.password_confirmation = params[:user][:password], params[:user][:password_confirmation] unless @user.auth_source_id

  92. 

  93.     if @user.save

  94.       @user.pref.attributes = params[:pref]

  95.       @user.pref[:no_self_notified] = (params[:no_self_notified] == '1')

  96.       @user.pref.save

  97.       @user.notified_project_ids = (@user.mail_notification == 'selected' ? params[:notified_project_ids] : [])

  98. 

  99.       Mailer.account_information(@user, params[:user][:password]).deliver if params[:send_information]

  100. 

  101.       respond_to do |format|

  102.         format.html {

  103.           flash[:notice] = l(:notice_user_successful_create, :id => view_context.link_to(@user.login, user_path(@user)))

  104.           if params[:continue]

  105.             redirect_to new_user_path

  106.           else

  107.             redirect_to edit_user_path(@user)

  108.           end

  109.         }

  110.         format.api  { render :action => 'show', :status => :created, :location => user_url(@user) }

  111.       end

  112.     else

  113.       @auth_sources = AuthSource.all

  114.       # Clear password input

  115.       @user.password = @user.password_confirmation = nil

  116. 

  117.       respond_to do |format|

  118.         format.html { render :action => 'new' }

  119.         format.api  { render_validation_errors(@user) }

  120.       end

  121.     end

  122.   end

  123. 

  124.   def edit

  125.     @auth_sources = AuthSource.all

  126.     @membership ||= Member.new

  127.   end

  128. 

  129.   def update

  130.     @user.admin = params[:user][:admin] if params[:user][:admin]

  131.     @user.login = params[:user][:login] if params[:user][:login]

  132.     if params[:user][:password].present? && (@user.auth_source_id.nil? || params[:user][:auth_source_id].blank?)

  133.       @user.password, @user.password_confirmation = params[:user][:password], params[:user][:password_confirmation]

  134.     end

  135.     @user.safe_attributes = params[:user]

  136.     # Was the account actived ? (do it before User#save clears the change)

  137.     was_activated = (@user.status_change == [User::STATUS_REGISTERED, User::STATUS_ACTIVE])

  138.     # TODO: Similar to My#account

  139.     @user.pref.attributes = params[:pref]

  140.     @user.pref[:no_self_notified] = (params[:no_self_notified] == '1')

  141. 

  142.     if @user.save

  143.       @user.pref.save

  144.       @user.notified_project_ids = (@user.mail_notification == 'selected' ? params[:notified_project_ids] : [])

  145. 

  146.       if was_activated

  147.         Mailer.account_activated(@user).deliver

  148.       elsif @user.active? && params[:send_information] && !params[:user][:password].blank? && @user.auth_source_id.nil?

  149.         Mailer.account_information(@user, params[:user][:password]).deliver

  150.       end

  151. 

  152.       respond_to do |format|

  153.         format.html {

  154.           flash[:notice] = l(:notice_successful_update)

  155.           redirect_to_referer_or edit_user_path(@user)

  156.         }

  157.         format.api  { render_api_ok }

  158.       end

  159.     else

  160.       @auth_sources = AuthSource.all

  161.       @membership ||= Member.new

  162.       # Clear password input

  163.       @user.password = @user.password_confirmation = nil

  164. 

  165.       respond_to do |format|

  166.         format.html { render :action => :edit }

  167.         format.api  { render_validation_errors(@user) }

  168.       end

  169.     end

  170.   end

  171. 

  172.   def destroy

  173.     @user.destroy

  174.     respond_to do |format|

  175.       format.html { redirect_back_or_default(users_path) }

  176.       format.api  { render_api_ok }

  177.     end

  178.   end

  179. 

  180.   def edit_membership

  181.     @membership = Member.edit_membership(params[:membership_id], params[:membership], @user)

  182.     @membership.save

  183.     respond_to do |format|

  184.       format.html { redirect_to edit_user_path(@user, :tab => 'memberships') }

  185.       format.js

  186.     end

  187.   end

  188. 

  189.   def destroy_membership

  190.     @membership = Member.find(params[:membership_id])

  191.     if @membership.deletable?

  192.       @membership.destroy

  193.     end

  194.     respond_to do |format|

  195.       format.html { redirect_to edit_user_path(@user, :tab => 'memberships') }

  196.       format.js

  197.     end

  198.   end

  199. 

  200.   private

  201. 

  202.   def find_user

  203.     if params[:id] == 'current'

  204.       require_login || return

  205.       @user = User.current

  206.     else

  207.       @user = User.find(params[:id])

  208.     end

  209.   rescue ActiveRecord::RecordNotFound

  210.     render_404

  211.   end

  212. end