Had to modify door log model and add config.yml to avoid storing password in git

.gitignore

@@ -16,3 +16,6 @@
 
 # Ignore compiled assets
 /public/assets
+
+# Ignore config file
+/config/config.yml

app/controllers/users_controller.rb

@@ -69,7 +69,7 @@ class UsersController < ApplicationController
 
     respond_to do |format|
       if @user.save
-        format.html { redirect_to @user, :notice => 'User was successfully created.' }
+        format.html { redirect_to users_url, :notice => 'User was successfully created.' }
         format.json { render :json => @user, :status => :created, :location => @user }
       else
         format.html { render :action => "new" }
@@ -85,7 +85,7 @@ class UsersController < ApplicationController
 
     respond_to do |format|
       if @user.update_attributes(params[:user])
-        format.html { redirect_to @user, :notice => 'User was successfully updated.' }
+        format.html { redirect_to users_url, :notice => 'User was successfully updated.' }
         format.json { head :no_content }
       else
         format.html { render :action => "edit" }
@@ -101,7 +101,7 @@ class UsersController < ApplicationController
     @user.destroy
 
     respond_to do |format|
-      format.html { redirect_to users_url }
+      format.html { redirect_to users_url, :notice => 'User successfully deleted.' }
       format.json { head :no_content }
     end
   end

app/models/door_log.rb

@@ -3,14 +3,18 @@ class DoorLog < ActiveRecord::Base
   require 'open-uri'
 
   def self.download_from_door
-    # do shit here
-    source = open("http://192.168.1.177?e=1234").read
+    # load config values
+    door_access_url = APP_CONFIG['door_access_url']
+    door_access_password = APP_CONFIG['door_access_password']
+
+    # connect to door access system
+    source = open("#{door_access_url}?e=#{door_access_password}").read
     results = source.scan(/authok/)
     if(results.size > 0) then
       @end_results = Array.new
 
       #only continue if we've got an OK login
-      source = open("http://192.168.1.177?z").read
+      source = open("#{door_access_url}?z").read
       results = source.scan(/(.*): (.*)\r\n/)
 
       results.each do |r|
@@ -20,9 +24,9 @@ class DoorLog < ActiveRecord::Base
       end
 
       #clear log
-      open("http://192.168.1.177?y")
+      open("#{door_access_url}?y")
       #logout
-      open("http://192.168.1.177?e=0000")
+      open("#{door_access_url}?e=0000")
 
       if(results.size > 0) then
         #only return true if we got some kind of decent response

app/models/user.rb

@@ -2,7 +2,7 @@ class User < ActiveRecord::Base
   # Include default devise modules. Others available are:
   # :token_authenticatable, :confirmable,
   # :lockable, :timeoutable and :omniauthable
-  devise :database_authenticatable, :registerable,
+  devise :database_authenticatable, # :registerable,
          :recoverable, :rememberable, :trackable, :validatable
 
   # Setup accessible (or protected) attributes for your model

app/views/layouts/application.html.erb

@@ -10,10 +10,8 @@
   <div id="header">
     <%= link_to 'Users', users_path if user_signed_in? %>
     <%= link_to 'Logs', door_logs_path if user_signed_in? %>
-    <%= link_to 'Profile', edit_user_registration_path if user_signed_in? %>
     <%= link_to 'Sign out', destroy_user_session_path, :method => :delete if user_signed_in? %>
     <%= link_to 'Sign in', new_user_session_path unless user_signed_in? %>
-    <%= link_to 'Sign up', new_user_registration_path unless user_signed_in? %>
   </div>
   <p class="notice"><%= notice %></p>
   <p class="alert"><%= alert %></p>

app/views/users/_form.html.erb

@@ -15,6 +15,20 @@
     <%= f.label :name %><br />
     <%= f.text_field :name %>
   </div>
+  <div class="field">
+    <%= f.label :email %><br />
+    <%= f.email_field :email %>
+  </div>
+  <% if @user.id.blank? %>
+  <div class="field">
+    <%= f.label :password %> <i>(leave blank if you don't want to change it)</i><br />
+    <%= f.password_field :password, :autocomplete => "off" %>
+  </div>
+  <div class="field">
+    <%= f.label :password_confirmation %><br />
+    <%= f.password_field :password_confirmation %>
+  </div>
+<% end %>
   <div class="field">
     <%= f.label :card_id, "Card DB ID" %><br />
     <%= f.number_field :card_id, :in => 10...201 %>

app/views/users/index.html.erb

@@ -22,7 +22,7 @@
     <td><%= user.card_permissions %></td>
     <td><%= link_to 'Upload', upload_path(user) %></td>
     <td><%= link_to 'Edit', edit_user_path(user) %></td>
-    <td><%= link_to 'Destroy', user, :confirm => 'Are you sure?', :method => :delete %></td>
+    <td><%= link_to 'Destroy', user, :confirm => 'Are you sure? WARNING: THIS DOES NOT REMOVE THE USER FROM THE DOOR SYSTEM! DISABLE THEM FIRST.', :method => :delete %></td>
   </tr>
   <% end %>
 <% end %>

config/config.yml.example

@@ -0,0 +1,11 @@
+development:
+  door_access_url: "http://192.168.1.100"
+  door_access_password: "1234"
+
+test:
+  door_access_url: "http://192.168.1.100"
+  door_access_password: "1234"
+
+production:
+  door_access_url: "http://192.168.1.100"
+  door_access_password: "1234"

config/initializers/load_config.rb

@@ -0,0 +1 @@
+APP_CONFIG = YAML.load_file("#{Rails.root}/config/config.yml")[Rails.env]