From d1ef1e7db9b5394f46e567017643a9c9a994913c Mon Sep 17 00:00:00 2001 From: Will Bradley Date: Sun, 14 Oct 2012 06:23:35 -0700 Subject: [PATCH] Recreated user forms, updated abilities, linked cards and users --- app/controllers/users_controller.rb | 76 ++++++++++++++++++++++++++ app/models/ability.rb | 1 + app/views/cards/index.html.erb | 10 ++-- app/views/cards/show.html.erb | 4 +- app/views/cards/upload.html.erb | 4 +- app/views/layouts/application.html.erb | 5 +- app/views/users/_form.html.erb | 51 +++++++++++++++++ app/views/users/edit.html.erb | 6 ++ app/views/users/index.html.erb | 34 ++++++++++++ app/views/users/new.html.erb | 5 ++ app/views/users/show.html.erb | 18 ++++++ config/routes.rb | 1 + 12 files changed, 204 insertions(+), 11 deletions(-) create mode 100644 app/controllers/users_controller.rb create mode 100644 app/views/users/_form.html.erb create mode 100644 app/views/users/edit.html.erb create mode 100644 app/views/users/index.html.erb create mode 100644 app/views/users/new.html.erb create mode 100644 app/views/users/show.html.erb diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb new file mode 100644 index 0000000..0027ffe --- /dev/null +++ b/app/controllers/users_controller.rb @@ -0,0 +1,76 @@ +class UsersController < ApplicationController + load_and_authorize_resource + before_filter :authenticate_user! + + # GET /users + # GET /users.json + def index + @users = @users.sort_by(&:name) + + respond_to do |format| + format.html # index.html.erb + format.json { render :json => @users } + end + end + + # GET /users/1 + # GET /users/1.json + def show + respond_to do |format| + format.html # show.html.erb + format.json { render :json => @user } + end + end + + # GET /users/new + # GET /users/new.json + def new + respond_to do |format| + format.html # new.html.erb + format.json { render :json => @user } + end + end + + # GET /users/1/edit + def edit + end + + # POST /users + # POST /users.json + def create + respond_to do |format| + if @user.save + format.html { redirect_to users_url, :notice => 'User was successfully created.' } + format.json { render :json => @user, :status => :created, :location => @user } + else + format.html { render :action => "new" } + format.json { render :json => @user.errors, :status => :unprocessable_entity } + end + end + end + + # PUT /users/1 + # PUT /users/1.json + def update + respond_to do |format| + if @user.update_attributes(params[:user]) + format.html { redirect_to users_url, :notice => 'User was successfully updated.' } + format.json { head :no_content } + else + format.html { render :action => "edit" } + format.json { render :json => @user.errors, :status => :unprocessable_entity } + end + end + end + + # DELETE /users/1 + # DELETE /users/1.json + def destroy + @user.destroy + + respond_to do |format| + format.html { redirect_to users_url, :notice => 'User successfully deleted.' } + format.json { head :no_content } + end + end +end diff --git a/app/models/ability.rb b/app/models/ability.rb index 3a28440..8523ae9 100644 --- a/app/models/ability.rb +++ b/app/models/ability.rb @@ -7,6 +7,7 @@ class Ability can :manage, :all else can :read, User, :id => user.id + can :read, Card, :user_id => user.id end end # Define abilities for the passed in user here. For example: diff --git a/app/views/cards/index.html.erb b/app/views/cards/index.html.erb index 6791c16..5cebebe 100644 --- a/app/views/cards/index.html.erb +++ b/app/views/cards/index.html.erb @@ -1,7 +1,7 @@

Listing cards

-<%= link_to 'New Card', new_card_path %> -<%= link_to 'Upload all cards', upload_all_path %> +<%= link_to 'New Card', new_card_path if can? :create, Card %> +<%= link_to 'Upload all cards', upload_all_path if can? :upload_all, Card %> @@ -22,9 +22,9 @@ - - - + + + <% end %> <% end %> diff --git a/app/views/cards/show.html.erb b/app/views/cards/show.html.erb index 381a4bd..e7785fa 100644 --- a/app/views/cards/show.html.erb +++ b/app/views/cards/show.html.erb @@ -1,6 +1,6 @@

- Name: + Card Note: <%= @card.name %>

@@ -19,6 +19,6 @@ <%= @card.card_permissions %>

-<%= link_to 'Upload to Door', upload_path(@card) %> +<%= link_to 'Upload to Door', upload_path(@card) if can? :upload, @card %> <%= link_to 'Edit', edit_card_path(@card) %> | <%= link_to 'Back', cards_path %> diff --git a/app/views/cards/upload.html.erb b/app/views/cards/upload.html.erb index 01f574c..5e23624 100644 --- a/app/views/cards/upload.html.erb +++ b/app/views/cards/upload.html.erb @@ -2,12 +2,12 @@ <% if @upload_result %>

Upload result: - <%= @card.name %> uploaded successfully. + <%= @card.card_number %> uploaded successfully.

<% else %>

Upload result: - Error uploading <%= @card.name %>. + Error uploading <%= @card.card_number %>.

<% end %> diff --git a/app/views/layouts/application.html.erb b/app/views/layouts/application.html.erb index 284eb5f..4065eb7 100644 --- a/app/views/layouts/application.html.erb +++ b/app/views/layouts/application.html.erb @@ -8,8 +8,9 @@ diff --git a/app/views/users/_form.html.erb b/app/views/users/_form.html.erb new file mode 100644 index 0000000..78fa292 --- /dev/null +++ b/app/views/users/_form.html.erb @@ -0,0 +1,51 @@ +<%= form_for(@user) do |f| %> + <% if @user.errors.any? %> +
+

<%= pluralize(@user.errors.count, "error") %> prohibited this user from being saved:

+ + +
+ <% end %> + +
+ <%= f.label :name %>
+ <%= f.text_field :name %> +
+
+ <%= f.label :email %>
+ <%= f.email_field :email %> +
+ <% if @user.id.blank? || !params[:password].nil? %> +
+ <%= f.label :password %>
+ <%= f.password_field :password, :autocomplete => "off" %> +
+
+ <%= f.label :password_confirmation %>
+ <%= f.password_field :password_confirmation %> +
+<% else %> +
+ Change Password +
+<% end %> +
+ <%= f.label :admin, "Admin?" %>
+ <%= f.check_box :admin %> +
+
+

Cards

+ +
+
+ <%= f.submit %> +
+<% end %> diff --git a/app/views/users/edit.html.erb b/app/views/users/edit.html.erb new file mode 100644 index 0000000..99bd4cc --- /dev/null +++ b/app/views/users/edit.html.erb @@ -0,0 +1,6 @@ +

Editing user

+ +<%= render 'form' %> + +<%= link_to 'Show', @user %> | +<%= link_to 'Back', users_path %> diff --git a/app/views/users/index.html.erb b/app/views/users/index.html.erb new file mode 100644 index 0000000..b21e02d --- /dev/null +++ b/app/views/users/index.html.erb @@ -0,0 +1,34 @@ +

Listing users

+ +<% if can? :create, User %> + <%= link_to 'New User', new_user_path %> +<% end %> +
User<%= card.id %> <%= card.card_number %> <%= if card.card_permissions == 1 then "Access" end %><%= link_to 'Upload', upload_path(card) %><%= link_to 'Edit', edit_card_path(card) %><%= link_to 'Destroy', card, :confirm => 'Are you sure? WARNING: THIS DOES NOT REMOVE THE CARD FROM THE DOOR SYSTEM! DISABLE AND UPLOAD IT FIRST.', :method => :delete %><%= link_to 'Upload', upload_path(card) if can? :upload, card %><%= link_to 'Edit', edit_card_path(card) if can? :update, card %><%= link_to 'Destroy', card, :confirm => 'Are you sure? WARNING: THIS DOES NOT REMOVE THE CARD FROM THE DOOR SYSTEM! DISABLE AND UPLOAD IT FIRST.', :method => :delete if can? :destroy, card %>
+ + + + + + + + + +<% if !@users.blank? %> + <% @users.each do |user| %> + + + + + + + + + <% end %> +<% end %> +
NameEmailCardsAdmin?
<%= user.name %><%= user.email %> + <% user.cards.each do |c| %> + <%= link_to c.card_number, card_url(c) %><%= "," unless c == user.cards.last %> + <% end %> + <%= if user.admin? then "Admin" end %><%= link_to 'Edit', edit_user_path(user) if can? :update, user %><%= link_to 'Destroy', user, :confirm => 'Are you sure? WARNING: THIS DOES NOT REMOVE THE USER FROM THE DOOR SYSTEM! DISABLE THEM FIRST.', :method => :delete if can? :destroy, user %>
+ +
diff --git a/app/views/users/new.html.erb b/app/views/users/new.html.erb new file mode 100644 index 0000000..efc0404 --- /dev/null +++ b/app/views/users/new.html.erb @@ -0,0 +1,5 @@ +

New user

+ +<%= render 'form' %> + +<%= link_to 'Back', users_path %> diff --git a/app/views/users/show.html.erb b/app/views/users/show.html.erb new file mode 100644 index 0000000..f8609c0 --- /dev/null +++ b/app/views/users/show.html.erb @@ -0,0 +1,18 @@ + +

+ Name: + <%= @user.name %> +

+ +

+ Email: + <%= @user.email %> +

+ +

+ Admin? + <%= @user.admin %> +

+ +<%= link_to 'Edit', edit_user_path(@user) %> | +<%= link_to 'Back', users_path %> diff --git a/config/routes.rb b/config/routes.rb index 56ed9fa..0e16b61 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -1,6 +1,7 @@ Dooraccess::Application.routes.draw do devise_for :users + resources :users match 'cards/upload_all' => 'cards#upload_all', :as => :upload_all resources :cards