diff --git a/app/assets/javascripts/user_avatar.js.coffee b/app/assets/javascripts/user_avatar.js.coffee
new file mode 100644
index 0000000..24f83d1
--- /dev/null
+++ b/app/assets/javascripts/user_avatar.js.coffee
@@ -0,0 +1,3 @@
+# Place all the behaviors and hooks related to the matching controller here.
+# All this logic will automatically be available in application.js.
+# You can use CoffeeScript in this file: http://coffeescript.org/
diff --git a/app/assets/stylesheets/user_avatar.css.scss b/app/assets/stylesheets/user_avatar.css.scss
new file mode 100644
index 0000000..d7e24de
--- /dev/null
+++ b/app/assets/stylesheets/user_avatar.css.scss
@@ -0,0 +1,3 @@
+// Place all the styles related to the user_avatar controller here.
+// They will automatically be included in application.css.
+// You can use Sass (SCSS) here: http://sass-lang.com/
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 8e4e7be..492f9c1 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -2,7 +2,6 @@ class ApplicationController < ActionController::Base
# Prevent CSRF attacks by raising an exception.
# For APIs, you may want to use :null_session instead.
protect_from_forgery with: :exception
- before_action :configure_permitted_parameters, if: :devise_controller?
rescue_from CanCan::AccessDenied do |exception|
redirect_to root_path, flash: { error: exception.message }
@@ -15,17 +14,4 @@ class ApplicationController < ActionController::Base
def after_sign_up_path_for(resource)
root_path
end
-
- protected
-
- def configure_permitted_parameters
- devise_parameter_sanitizer.for(:sign_up) { |u| u.permit(
- :nickname, :password, :password_confirmation,
- :avatar
- ) }
-
- devise_parameter_sanitizer.for(:account_update) { |u| u.permit(
- :password, :password_confirmation, :current_password, :avatar
- ) }
- end
end
diff --git a/app/controllers/callbacks_controller.rb b/app/controllers/callbacks_controller.rb
index bbab5e8..e0beaa2 100644
--- a/app/controllers/callbacks_controller.rb
+++ b/app/controllers/callbacks_controller.rb
@@ -1,7 +1,18 @@
class CallbacksController < Devise::OmniauthCallbacksController
def zeuswpi
@user = User.from_omniauth(request.env["omniauth.auth"])
- @user.save
- sign_in_and_redirect @user
+ @user.save!(validate: false)
+ if @user.valid?
+ flash[:success] = "You are now logged in."
+ sign_in_and_redirect @user
+ else
+ flash[:error] = "Please complete your profile first."
+ session[:id] = @user.id
+ redirect_to new_user_avatar_path
+ end
+ end
+
+ def after_omniauth_failure_path_for(scope)
+ root_path
end
end
diff --git a/app/controllers/orders_controller.rb b/app/controllers/orders_controller.rb
index ed72a23..66a1223 100644
--- a/app/controllers/orders_controller.rb
+++ b/app/controllers/orders_controller.rb
@@ -37,7 +37,7 @@ class OrdersController < ApplicationController
end
def overview
- @users = User.members.order(:nickname)
+ @users = User.members.order(:uid)
end
def quickpay
diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb
new file mode 100644
index 0000000..c5399c7
--- /dev/null
+++ b/app/controllers/sessions_controller.rb
@@ -0,0 +1,9 @@
+class SessionsController < Devise::SessionsController
+ def new
+ if session[:id]
+ redirect_to new_user_avatar_path
+ return
+ end
+ super
+ end
+end
diff --git a/app/controllers/user_avatar_controller.rb b/app/controllers/user_avatar_controller.rb
new file mode 100644
index 0000000..cb1c9c5
--- /dev/null
+++ b/app/controllers/user_avatar_controller.rb
@@ -0,0 +1,35 @@
+class UserAvatarController < ApplicationController
+ before_action :authenticate_session_user!
+
+ def new
+ end
+
+ def create
+ if @user.update_attributes(user_params)
+ flash[:success] = "Your profile is complete. You are now logged in."
+ sign_in_and_redirect @user
+ else
+ render 'new'
+ end
+ end
+
+ def destroy
+ reset_session
+ redirect_to root_path
+ end
+
+ private
+
+ def authenticate_session_user!
+ redirect_to root_path unless session[:id]
+ @user = User.find_by session[:id]
+ unless @user
+ reset_session
+ redirect_to root_path
+ end
+ end
+
+ def user_params
+ params.require(:user).permit(:avatar)
+ end
+end
diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb
index 786d3f3..6695eed 100644
--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@@ -20,6 +20,19 @@ class UsersController < ApplicationController
.group(:category)
end
+ def edit
+ @user = User.find(params[:id])
+ end
+
+ def update
+ @user = User.find(params[:id])
+ if @user.update_attributes(user_params)
+ redirect_to @user, success: "Successfully updated!"
+ else
+ render 'edit'
+ end
+ end
+
def index
@users = User.members
end
@@ -63,4 +76,8 @@ class UsersController < ApplicationController
@user = User.find(params[:user_id])
redirect_to root_path, error: "You are not authorized to access this page." unless @user == current_user || current_user.admin?
end
+
+ def user_params
+ params.require(:user).permit(:avatar)
+ end
end
diff --git a/app/helpers/user_avatar_helper.rb b/app/helpers/user_avatar_helper.rb
new file mode 100644
index 0000000..52a0ddd
--- /dev/null
+++ b/app/helpers/user_avatar_helper.rb
@@ -0,0 +1,2 @@
+module UserAvatarHelper
+end
diff --git a/app/models/user.rb b/app/models/user.rb
index 6a4a158..0b0fc17 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -4,10 +4,8 @@
#
# id :integer not null, primary key
# debt_cents :integer default("0"), not null
-# nickname :string
# created_at :datetime
# updated_at :datetime
-# encrypted_password :string default(""), not null
# remember_created_at :datetime
# sign_in_count :integer default("0"), not null
# current_sign_in_at :datetime
@@ -24,10 +22,11 @@
# koelkast :boolean default("f")
# provider :string
# uid :string
+# encrypted_password :string
#
class User < ActiveRecord::Base
- devise :database_authenticatable, :registerable, :rememberable, :trackable, :validatable, :omniauthable, :omniauth_providers => [:zeuswpi]
+ devise :database_authenticatable, :trackable, :omniauthable, :omniauth_providers => [:zeuswpi]
has_paper_trail only: [:debt_cents, :admin, :orders_count, :koelkast]
@@ -37,7 +36,6 @@ class User < ActiveRecord::Base
has_many :products, through: :orders
belongs_to :dagschotel, class_name: 'Product'
- validates :nickname, presence: true, uniqueness: true
validates_attachment :avatar,
presence: true,
content_type: { content_type: ["image/jpeg", "image/gif", "image/png"] }
@@ -45,10 +43,20 @@ class User < ActiveRecord::Base
scope :members, -> { where koelkast: false }
def self.from_omniauth(auth)
- where(provider: auth.provider, uid: auth.uid).first_or_create do |user|
+ newuser = where(provider: auth.provider, uid: auth.uid).first_or_create do |user|
user.provider = auth.provider
user.uid = auth.uid
end
+ newuser.password = Devise.friendly_token[0,20]
+ newuser
+ end
+
+ def nickname
+ self.uid
+ end
+
+ def nickname=(name)
+ self.uid = name
end
def debt
@@ -65,14 +73,4 @@ class User < ActiveRecord::Base
def to_param
"#{id} #{nickname}".parameterize
end
-
- # This is needed so Devise doesn't try to validate :email
-
- def email_required?
- false
- end
-
- def email_changed?
- false
- end
end
diff --git a/app/views/devise/registrations/edit.html.erb b/app/views/devise/registrations/edit.html.erb
deleted file mode 100644
index 164865d..0000000
--- a/app/views/devise/registrations/edit.html.erb
+++ /dev/null
@@ -1,15 +0,0 @@
-
Edit <%= resource_name.to_s.humanize %>
-<%= render 'flash' %>
-
-<%= f_form_for(resource, :as => resource_name, :url => registration_path(resource_name), :html => { :method => :put }) do |f| %>
- <%= f.error_messages %>
-
- <%= f.password_field :password %>
- <%= f.password_field :password_confirmation %>
-
- <%= f.password_field :current_password %>
-
- <%= f.file_field :avatar %>
-
- <%= f.submit "Update" %>
-<% end %>
diff --git a/app/views/devise/registrations/new.html.erb b/app/views/devise/registrations/new.html.erb
deleted file mode 100644
index 37eb96b..0000000
--- a/app/views/devise/registrations/new.html.erb
+++ /dev/null
@@ -1,16 +0,0 @@
-Sign up
-
-<%= f_form_for(resource, as: resource_name, url: registration_path(resource_name)) do |f| %>
- <%= f.error_messages %>
-
- <%= f.text_field :nickname %>
-
- <%= f.password_field :password %>
- <%= f.password_field :password_confirmation %>
-
- <%= f.file_field :avatar %>
-
- <%= f.submit "Sign up" %>
-<% end %>
-
-<%= render "devise/shared/links" %>
diff --git a/app/views/devise/sessions/new.html.erb b/app/views/devise/sessions/new.html.erb
index 222f8a5..f36a0ac 100644
--- a/app/views/devise/sessions/new.html.erb
+++ b/app/views/devise/sessions/new.html.erb
@@ -1,17 +1,8 @@
-Sign in
-<%= render partial: 'flash' %>
+Login
+<%= render 'flash' %>
+If this is the first time you log in, an account will be created for you.
-
- <%= f_form_for(resource, :as => resource_name, :url => session_path(resource_name)) do |f| %>
- <%= f.text_field :nickname %>
- <%= f.password_field :password %>
-
- <% if devise_mapping.rememberable? %>
- <%= f.check_box :remember_me %>
- <% end %>
-
- <%= f.submit "Sign in" %>
- <% end %>
+
+
+ <%= render 'devise/shared/links' %>
-
-<%= render "devise/shared/links" %>
diff --git a/app/views/devise/shared/_links.html.erb b/app/views/devise/shared/_links.html.erb
index cd795ad..e4a4e2d 100644
--- a/app/views/devise/shared/_links.html.erb
+++ b/app/views/devise/shared/_links.html.erb
@@ -2,10 +2,6 @@
<%= link_to "Log in", new_session_path(resource_name) %>
<% end -%>
-<%- if devise_mapping.registerable? && controller_name != 'registrations' %>
- <%= link_to "Sign up", new_registration_path(resource_name) %>
-<% end -%>
-
<%- if devise_mapping.recoverable? && controller_name != 'passwords' && controller_name != 'registrations' %>
<%= link_to "Forgot your password?", new_password_path(resource_name) %>
<% end -%>
@@ -20,6 +16,6 @@
<%- if devise_mapping.omniauthable? %>
<%- resource_class.omniauth_providers.each do |provider| %>
- <%= link_to "Sign in with #{provider.to_s.titleize}", omniauth_authorize_path(resource_name, provider) %>
+ <%= link_to "Sign in with #{provider.to_s.titleize}", omniauth_authorize_path(resource_name, provider), class: "btn btn-large btn-primary" %>
<% end -%>
<% end -%>
diff --git a/app/views/layouts/_header.html.erb b/app/views/layouts/_header.html.erb
index c7bcd90..9f8abfa 100644
--- a/app/views/layouts/_header.html.erb
+++ b/app/views/layouts/_header.html.erb
@@ -17,9 +17,10 @@
<% if user_signed_in? %>
<%= button_to "Logout", destroy_user_session_path, class: "btn btn-default form-control", method: :delete %>
+ <% elsif session[:id] %>
+ <%= button_to "Logout", user_avatar_path(session[:id]), class: "btn btn-default form-control", method: :delete %>
<% else %>
<%= link_to "Login", new_user_session_path, class: "btn btn-success form-control" %>
- <%= link_to "Register", new_user_registration_path, class: "btn btn-default form-control" %>
<% end %>
@@ -50,7 +51,7 @@
Logged in as <%= current_user.nickname %>
<% end %>
@@ -62,7 +63,6 @@
<%= button_to "Logout", destroy_user_session_path, class: "btn btn-default form-control", method: :delete %>
<% else %>
<%= link_to "Login", new_user_session_path, class: "btn btn-success form-control" %>
- <%= link_to "Register", new_user_registration_path, class: "btn btn-default form-control" %>
<% end %>
diff --git a/app/views/user_avatar/new.html.erb b/app/views/user_avatar/new.html.erb
new file mode 100644
index 0000000..38c9c39
--- /dev/null
+++ b/app/views/user_avatar/new.html.erb
@@ -0,0 +1,13 @@
+Add avatar to <%= @user.uid %>
+<%= render 'flash' %>
+
+<%= f_form_for @user, url: '/user_avatar', method: :post do |f| %>
+ <%= f.error_messages %>
+
+
+ <%= f.hidden_field :generate_form, value: '1' %>
+
+ <%= f.file_field :avatar %>
+
+ <%= f.submit "Update" %>
+<% end %>
diff --git a/app/views/users/edit.html.erb b/app/views/users/edit.html.erb
new file mode 100644
index 0000000..63d128c
--- /dev/null
+++ b/app/views/users/edit.html.erb
@@ -0,0 +1,10 @@
+Edit <%= @user.nickname %>
+<%= render 'flash' %>
+
+<%= f_form_for @user do |f| %>
+ <%= f.error_messages %>
+
+ <%= f.file_field :avatar %>
+
+ <%= f.submit "Update" %>
+<% end %>
diff --git a/app/views/users/show.html.erb b/app/views/users/show.html.erb
index c8862a7..b869e1f 100644
--- a/app/views/users/show.html.erb
+++ b/app/views/users/show.html.erb
@@ -4,7 +4,7 @@
<% if current_user == @user %>
<%= link_to "[Edit dagschotel]" , user_edit_dagschotel_path(@user) %>
- <%= link_to "[Edit profile]" , edit_user_registration_path %>
+ <%= link_to "[Edit profile]" , edit_user_path(@user) %>
<% end %>
<%= @user.nickname %>
diff --git a/config/initializers/bypass_ssl_verification_for_open_uri.rb b/config/initializers/bypass_ssl_verification_for_open_uri.rb
new file mode 100644
index 0000000..edc39d1
--- /dev/null
+++ b/config/initializers/bypass_ssl_verification_for_open_uri.rb
@@ -0,0 +1 @@
+OpenSSL::SSL::VERIFY_PEER = OpenSSL::SSL::VERIFY_NONE
diff --git a/config/initializers/zeuswpi.rb b/config/initializers/zeuswpi.rb
index 8b16a5b..c1df05a 100644
--- a/config/initializers/zeuswpi.rb
+++ b/config/initializers/zeuswpi.rb
@@ -12,7 +12,7 @@ module OmniAuth
# This is where you pass the options you would pass when
# initializing your consumer from the OAuth gem.
option :client_options, {
- site: "http://kelder.zeus.ugent.be",
+ site: "https://kelder.zeus.ugent.be",
authorize_url: "/oauth/oauth2/authorize/",
token_url: "/oauth/oauth2/token/",
}
diff --git a/config/routes.rb b/config/routes.rb
index 7e68b34..d49034a 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -1,9 +1,12 @@
Rails.application.routes.draw do
- devise_for :users, controllers: { omniauth_callbacks: "callbacks" }
+ devise_for :users, controllers: {
+ omniauth_callbacks: "callbacks",
+ sessions: "sessions"
+ }
devise_scope :user do
unauthenticated :user do
- root to: 'devise/sessions#new'
+ root to: 'sessions#new'
end
authenticated :user, ->(u) { u.koelkast? } do
@@ -22,6 +25,8 @@ Rails.application.routes.draw do
get 'dagschotel/:product_id' => 'users#update_dagschotel', as: 'dagschotel'
end
+ resources :user_avatar
+
resources :products do
collection do
get 'stock' => 'products#stock', as: 'stock'
diff --git a/config/secrets.yml b/config/secrets.yml
index 226185a..f939db0 100644
--- a/config/secrets.yml
+++ b/config/secrets.yml
@@ -12,8 +12,8 @@
development:
secret_key_base: 5d40610321e19e4f71ee2ba8af4f426fe15096c405da3800c6b33bed6779f2d11f55a0edc455974b19a01fd71f6cd508dba980305dbc55ff82521a2d12f891d8
- omniauth_client_id: "client_id"
- omniauth_client_secret: "client_secret"
+ omniauth_client_id: tomtest
+ omniauth_client_secret: blargh
test:
secret_key_base: 961437e28e7d6055ffaad9cf1f8d614354f57f10cb2d7601c9d6ede72a03b9c9535ad9e63507e3eb31252c4895970a63117493408f2e9a46c7a0c4a5a7836b81
@@ -24,4 +24,3 @@ production:
secret_key_base: <%= ENV["SECRET_KEY_BASE"] %>
omniauth_client_id: ""
omniauth_client_secret: ""
-
diff --git a/db/migrate/20150320001338_remove_fields_from_users.rb b/db/migrate/20150320001338_remove_fields_from_users.rb
new file mode 100644
index 0000000..bd57eaa
--- /dev/null
+++ b/db/migrate/20150320001338_remove_fields_from_users.rb
@@ -0,0 +1,5 @@
+class RemoveFieldsFromUsers < ActiveRecord::Migration
+ def change
+ remove_column :users, :nickname, :string
+ end
+end
diff --git a/db/schema.rb b/db/schema.rb
index 9dde761..8c26e86 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -11,7 +11,7 @@
#
# It's strongly recommended that you check this file into your version control system.
-ActiveRecord::Schema.define(version: 20150319154236) do
+ActiveRecord::Schema.define(version: 20150320001338) do
create_table "order_items", force: :cascade do |t|
t.integer "order_id"
@@ -45,10 +45,8 @@ ActiveRecord::Schema.define(version: 20150319154236) do
create_table "users", force: :cascade do |t|
t.integer "debt_cents", default: 0, null: false
- t.string "nickname"
t.datetime "created_at"
t.datetime "updated_at"
- t.string "encrypted_password", default: "", null: false
t.datetime "remember_created_at"
t.integer "sign_in_count", default: 0, null: false
t.datetime "current_sign_in_at"
@@ -65,6 +63,7 @@ ActiveRecord::Schema.define(version: 20150319154236) do
t.boolean "koelkast", default: false
t.string "provider"
t.string "uid"
+ t.string "encrypted_password"
end
add_index "users", ["koelkast"], name: "index_users_on_koelkast"
diff --git a/db/seeds.rb b/db/seeds.rb
index a79bce8..80b8d7e 100644
--- a/db/seeds.rb
+++ b/db/seeds.rb
@@ -37,37 +37,38 @@ end
users = [
{
- nickname: 'admin',
+ uid: 'admin',
avatar: File.new('public/seeds/users/admin.jpg', 'r'),
admin: true
},
{
- nickname: 'koelkast',
+ uid: 'koelkast',
avatar: File.new('public/seeds/users/admin.jpg', 'r'),
koelkast: true
},
{
- nickname: 'benji',
+ uid: 'benji',
avatar: File.new('public/seeds/users/benji.jpg', 'r'),
- dagschotel: Product.first
+ dagschotel: Product.first,
+ provider: 'zeuswpi'
},
{
- nickname: 'don',
+ uid: 'don',
avatar: File.new('public/seeds/users/don.jpg', 'r')
},
{
- nickname: 'silox',
+ uid: 'silox',
avatar: File.new('public/seeds/users/silox.jpg', 'r')
}
]
users.each do |attr|
User.create(
- nickname: attr[:nickname],
+ uid: attr[:uid],
+ provider: attr[:provider],
avatar: attr[:avatar],
dagschotel: attr[:dagschotel],
password: DEFAULT_PASSWORD,
- password_confirmation: DEFAULT_PASSWORD,
admin: attr[:admin] || false,
koelkast: attr[:koelkast] || false
)
@@ -75,9 +76,8 @@ end
50.times do |i|
User.create(
- nickname: "testUser#{i}",
+ uid: "testUser#{i}",
avatar: users[0][:avatar],
password: DEFAULT_PASSWORD,
- password_confirmation: DEFAULT_PASSWORD
)
end
diff --git a/test/controllers/user_avatar_controller_test.rb b/test/controllers/user_avatar_controller_test.rb
new file mode 100644
index 0000000..8647cce
--- /dev/null
+++ b/test/controllers/user_avatar_controller_test.rb
@@ -0,0 +1,7 @@
+require 'test_helper'
+
+class UserAvatarControllerTest < ActionController::TestCase
+ # test "the truth" do
+ # assert true
+ # end
+end
diff --git a/test/fixtures/users.yml b/test/fixtures/users.yml
index d603a3d..52b2bd9 100644
--- a/test/fixtures/users.yml
+++ b/test/fixtures/users.yml
@@ -4,10 +4,8 @@
#
# id :integer not null, primary key
# debt_cents :integer default("0"), not null
-# nickname :string
# created_at :datetime
# updated_at :datetime
-# encrypted_password :string default(""), not null
# remember_created_at :datetime
# sign_in_count :integer default("0"), not null
# current_sign_in_at :datetime
@@ -24,21 +22,22 @@
# koelkast :boolean default("f")
# provider :string
# uid :string
+# encrypted_password :string
#
# Read about fixtures at http://api.rubyonrails.org/classes/ActiveRecord/FixtureSet.html
benji:
- nickname: benji
+ uid: benji
dagschotel_id: 1
iasoon:
- nickname: iasoon
+ uid: iasoon
admin:
- nickname: admin
+ uid: admin
admin: 1
koelkast:
- nickname: koelkast
+ uid: koelkast
koelkast: 1
diff --git a/test/models/user_test.rb b/test/models/user_test.rb
index ac84d67..7860d28 100644
--- a/test/models/user_test.rb
+++ b/test/models/user_test.rb
@@ -4,10 +4,8 @@
#
# id :integer not null, primary key
# debt_cents :integer default("0"), not null
-# nickname :string
# created_at :datetime
# updated_at :datetime
-# encrypted_password :string default(""), not null
# remember_created_at :datetime
# sign_in_count :integer default("0"), not null
# current_sign_in_at :datetime
@@ -24,6 +22,7 @@
# koelkast :boolean default("f")
# provider :string
# uid :string
+# encrypted_password :string
#
require 'test_helper'
@@ -46,9 +45,4 @@ class UserTest < ActiveSupport::TestCase
test "to_param" do
assert_equal @user.to_param, "#{@user.id}-benji"
end
-
- test "devise validatable methods" do
- assert_not @user.email_required?
- assert_not @user.email_changed?
- end
end