TheDude
/
openproject
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
OpenProject is the leading open source project management software.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
59547 Commits
139 Branches
203 Tags
1.2 GiB
Tag: Branch: Tree: 239f30b1be
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '239f30b1be'
${ noResults }
openproject/app/controllers/my_controller.rb

176 lines
5.0 KiB
Raw Normal View History Unescape

Set source encoding to UTF-8
13 years ago
#-- encoding: UTF-8
Fix/replace deprecations (#5533) * replace alias_method_chain * remove deprecation silencing * bump controller-testing * introduce permitted params for settings * replace various deprecations in controllers * remove deprecation silencing for legacy_specs * remove `puts` from spec * replace deprecated access to errors * remove unnecessary AR::Parameters usage in spec * specify error to expect * replace deprecations * replace deprecated action calls in legacy function specs * replace deprecations in functional controller tests * replace deprecations in controllers/controller_specs * remove params parser which does not seem to be in effect It is registered for the content type :exclude which makes no sense as it should deal with :json. The desired behaviour of the api dealing with parsing errors is working with or without the code. * replace deprecations in unit specs * replace alias_method_chain [ci skip]
7 years ago
[#197] Upgrade the copyright in the code files
14 years ago
#-- copyright
Update copyright notice
5 years ago
# OpenProject is an open source project management software.
update copyright to 2021 (#8925) Updates the copyright to 2021 for all files that have a copyright. Files in our source code without the copyright header still do not receive one automatically. Additionally, backlisted files are also excluded. Previously the copyright of chiliproject which references redmine stated a copyright of redmine up to and including 2017 which is not true for the code we have in here. Because of that I changed that to 2013
4 years ago
# Copyright (C) 2012-2021 the OpenProject GmbH
[#436] Remove trailing whitespace
14 years ago
#
[#197] Upgrade the copyright in the code files
14 years ago
# This program is free software; you can redistribute it and/or
provide every possible file with a short copyright notice This was done using the rake task: rake copyright:update
12 years ago
# modify it under the terms of the GNU General Public License version 3.
[#436] Remove trailing whitespace
14 years ago
#
new copyright header #1903
11 years ago
# OpenProject is a fork of ChiliProject, which is a fork of Redmine. The copyright follows:
update copyright to 2021 (#8925) Updates the copyright to 2021 for all files that have a copyright. Files in our source code without the copyright header still do not receive one automatically. Additionally, backlisted files are also excluded. Previously the copyright of chiliproject which references redmine stated a copyright of redmine up to and including 2017 which is not true for the code we have in here. Because of that I changed that to 2013
4 years ago
# Copyright (C) 2006-2013 Jean-Philippe Lang
new copyright header #1903
11 years ago
# Copyright (C) 2010-2013 the ChiliProject Team
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
#
Bump copyright to 2018 (#6171) [ci skip]
7 years ago
# See docs/COPYRIGHT.rdoc for more details.
[#197] Upgrade the copyright in the code files
14 years ago
#++
- new controller "myController" - account/my_page moved to my/page - account/my_account mmoved to my/account - "my page" is now customizable (table user_preferences added) git-svn-id: http://redmine.rubyforge.org/svn/trunk@62 e93f8b46-1217-0410-a6f0-8f06a7374b81
18 years ago
class MyController < ApplicationController
rename and inflect according to zeitwerk
5 years ago
include PasswordConfirmation
include Accounts::UserPasswordChange
include module required for content_tag rendering
5 years ago
include ActionView::Helpers::TagHelper
deprecation fix: explicitly define a layout when overwriting
12 years ago
layout 'my'
AngularJS in 'mail-notifications.html.erb' replaced by Angular component (#6338) * AngularJS in 'mail-notifications.html.erb' replaced by new Angular component 'show-section-dropdown.component.ts'
7 years ago
helper_method :gon
Rename before_filter to before_action
8 years ago
before_action :require_login
Invalidate session,s extract passwords flow into services
6 years ago
before_action :set_current_user
before_action :check_password_confirmation, only: %i[update_account]
- new controller "myController" - account/my_page moved to my/page - account/my_account mmoved to my/account - "my page" is now customizable (table user_preferences added) git-svn-id: http://redmine.rubyforge.org/svn/trunk@62 e93f8b46-1217-0410-a6f0-8f06a7374b81
18 years ago
Re-implement my/page block drag and drop in dragula and jQuery We part ways with Protoype's Sortable module, link_to_remote, and some javascript in favor of a tigher implementation using dragula, jQuery, and some js.erb responses. Sorting logic was also simplified; we now merely send the state of the source and the target of the drag&drop to the server where it persists. We no longer make a special case for each of the containers.
9 years ago
menu_item :account, only: [:account]
menu_item :settings, only: [:settings]
menu_item :password, only: [:password]
menu_item :access_token, only: [:access_token]
[26688] In-app notifications (#9399) * Add bell icon to icon font * Add in app notification in top menu * Add fullscreen modal * Add notification modal and items * Style items * Toggle details of item * Mark all read * Add no results box * wip specification for event api * Add events table, query and index * Send out events from WP notification mailer job There we have the recipients present * Add cleanup job for older events with a setting * Hide bell notification when not logged * Add specs for events API index/show * Fix setting yml key * remove pry in event creation * Fix before hook in events API to after_validation * Fix polymorphic association raising exception for aggregated journals * Fix typo in read_ian * Fix yml entry for mentioned * Add read/unread post actions to event API and add specs * Wire up API to frontend * Fix order on events * Switch to unread in notification * Add event query * rename WPEventService * route wp mail sending over events * rename spec methods * author becomes watcher * correct message call signature * rename events to notifications * renname parameter to reflect notification nature * create author watcher for existing work packages * Merge unreadCount from store * Take a stab at polymorphic representers * Fix link generation in polymorphic resources For journals, no title is being generated however * Fix frontend model for context * Use timer for polling * add notification_setting data layer * Fix show resource spec * Fix duplicate class in notification bell item * Add minimal feature spec for notification * API for notification settings * Persist notifications * adapt work package notification creation to notification settings * extract notified_on_all * consolidate wp#recipients * concentrate wp notification in journal service * simplify methods * Remove unused patch endpoint * Add specs for rendering and parsing notification settings * Contract spec * Update service spec * adapt specs * Angular notifications frontend commit e29dced64699eb5f2443b9307c78343c9a58d1ee Author: Wieland Lindenthal <w.lindenthal@forkmerge.com> Date: Mon Jun 21 17:34:50 2021 +0200 Create Akita store and query for notification settings commit 1a45c26c1a0c147d15393e49d2625aca4851a64d Author: Wieland Lindenthal <w.lindenthal@forkmerge.com> Date: Mon Jun 21 11:09:25 2021 +0200 Remove tabs from notificaition settings page commit 0ea21e90c13a197f8bf2cfba1b60ddcff4e5e827 Author: Oliver Günther <mail@oliverguenther.de> Date: Sun Jun 20 21:55:48 2021 +0200 WIP in app settings * migrate notification data * add project visible filter to project query * Add inline-create and table display grouped by project * Add notifications under admin/users * Remove notifications partial * Rename notififcations store to user preferences store * Add setting for self_notified and hook that up to the backend * Add aria-label to table checkboxes * Restyle table and toolbar * replace remains of mail_notifications attribute * initialize notification settings for new user * adapt my_preferences references * reenable no self notified for documents * adapt specs * Avoid has_many :notifcation_settings Rails magically autosaves the user's preferences when the user gets saved, which somehow also tries to save the notfifications even when unchanged. This breaks some specs such as the avatar upload spec. As we can't update the assocation through rails anyway, just delegate to the user for reading instead. * Restore update method of notification settings * Restore update spec * fix spec syntax * lint scss * linting * Fix content_tag for bell icon * Add feature specs for notification settings * Disable ContentTag cop * use visible filter to get projects for notification The visible filter will reduce the project list down to the set of projects visible to the user provided as a parameter. This includes public projects. * test for actual mail sending * adapt me resource path this.apiV3Service.users.me changed its type in 0d6c0b6bc7620de94e00e72b36d6cbc1ec4c8db4 * Implement changed migration * Linting * Add actor to notification representer * Fix factory creating a duplicate WP journal * Add work packages loading and journal details to notification entry component * IAN basic facets, keep and expanded states. * Fix notification bell spec * Render body separately and add auto updating relative time * Add fixedTime title * Add actor to notification entry * Fix clicking links on work package and project * Tiny styling changes on entry row * Disable count in notification if larger than 99 (wont fit) * Introduce virtual scrolling to entry table * allow delaying & prevent mail sending if ain read Introduces a setting to delay mail sending after a journal aggregation time has expired. That way, users can confirm a notification in app. If they do before the delay expires, no mail is sent out additionally for that user. * consolidate notifications (in&out) into shared admin menu Co-authored-by: ulferts <jens.ulferts@googlemail.com> Co-authored-by: Wieland Lindenthal <w.lindenthal@forkmerge.com>
3 years ago
menu_item :notifications, only: [:notifications]
Moves @layout 'base'@ to ApplicationController. git-svn-id: http://redmine.rubyforge.org/svn/trunk@1727 e93f8b46-1217-0410-a6f0-8f06a7374b81
16 years ago
Invalidate session,s extract passwords flow into services
6 years ago
def account; end
def update_account
[35507] Allow global permission to add and edit users (#8937) * Add global permission for add_user * Rename fieldset for global roles to "Global" * Add permission to admin actions * Add index action to add_user permission * Redirect to first admin item if only one * Hide status action for non admins * Break down user form into partials for easier rendering * Disable some user form tabs for non-admins * Make users API and services conformant with endpoints * Fix references to DeleteService#deletion_allowed? * Authorize add_user on show as well * Only show invite user toolbar item with permission * Fix Delete Service spec * Fix the way user prefs are handled in service * Ensure session_id is treated as string This causes a cast error otherwise as it passes rack session locally * Fix service call on onboarding controller * Fix service call on users controller * Add delete spec for global user * Hide login attribute again when adding a new user * Render auth source correctly in simple form * Fix creating invited users through service The invitation requires the mail attribute to be present. Previously, there was a manual error added to the mail. As the errors are now determined by the contract + model, we now end up with all missing properties as errors. * Properly constraint attributes for non-admins * Add specs for global user * Start working on how to update password from UsersController that code is a mess... * Change permitted_params spec to include non-admin params * Fix create user service spec * Remove mail_notification param from users controller It's not part of the contract/params passed to user * Remove todos * Extend docs * Correct the way backlogs patches into the user settings * Remove superfluous UpdateUserService * Rewrite duplicated update service examples into common shared example * Remove duplicate password writable check * Base Users::DeleteContract on base delete contract * Move checks for active users into the UserAllowedService * Restore password writable check as it is not an attribute * Fix menus for global user * Allow global users to add custom fields * Allow global user add permission to reinvite user * Fix changed var name in update service spec * Ensure also invited or registered users can be authroized This ensure that e.g., invited users can also be set as watchers * fix typo Co-authored-by: ulferts <jens.ulferts@googlemail.com>
4 years ago
write_settings
Invalidate session,s extract passwords flow into services
6 years ago
# If mail changed, expire all other sessions
if @user.previous_changes['mail'] && ::Sessions::DropOtherSessionsService.call(@user, session)
flash[:info] = "#{flash[:notice]} #{t(:notice_account_other_session_expired)}"
flash[:notice] = nil
end
- new controller "myController" - account/my_page moved to my/page - account/my_account mmoved to my/account - "my page" is now customizable (table user_preferences added) git-svn-id: http://redmine.rubyforge.org/svn/trunk@62 e93f8b46-1217-0410-a6f0-8f06a7374b81
18 years ago
end
Invalidate session,s extract passwords flow into services
6 years ago
def settings; end
def update_settings
[35507] Allow global permission to add and edit users (#8937) * Add global permission for add_user * Rename fieldset for global roles to "Global" * Add permission to admin actions * Add index action to add_user permission * Redirect to first admin item if only one * Hide status action for non admins * Break down user form into partials for easier rendering * Disable some user form tabs for non-admins * Make users API and services conformant with endpoints * Fix references to DeleteService#deletion_allowed? * Authorize add_user on show as well * Only show invite user toolbar item with permission * Fix Delete Service spec * Fix the way user prefs are handled in service * Ensure session_id is treated as string This causes a cast error otherwise as it passes rack session locally * Fix service call on onboarding controller * Fix service call on users controller * Add delete spec for global user * Hide login attribute again when adding a new user * Render auth source correctly in simple form * Fix creating invited users through service The invitation requires the mail attribute to be present. Previously, there was a manual error added to the mail. As the errors are now determined by the contract + model, we now end up with all missing properties as errors. * Properly constraint attributes for non-admins * Add specs for global user * Start working on how to update password from UsersController that code is a mess... * Change permitted_params spec to include non-admin params * Fix create user service spec * Remove mail_notification param from users controller It's not part of the contract/params passed to user * Remove todos * Extend docs * Correct the way backlogs patches into the user settings * Remove superfluous UpdateUserService * Rewrite duplicated update service examples into common shared example * Remove duplicate password writable check * Base Users::DeleteContract on base delete contract * Move checks for active users into the UserAllowedService * Restore password writable check as it is not an attribute * Fix menus for global user * Allow global users to add custom fields * Allow global user add permission to reinvite user * Fix changed var name in update service spec * Ensure also invited or registered users can be authroized This ensure that e.g., invited users can also be set as watchers * fix typo Co-authored-by: ulferts <jens.ulferts@googlemail.com>
4 years ago
write_settings
Add and fill Settings menu item
9 years ago
end
More flexible mail notifications settings at user level. A user has now 3 options: * notification on any event on all his projects * notification on any event on selected projects only (if the user belongs to more than 1 project) * notification only for things that he watches or he is involded in (eg. issues that he watches or he is author or assignee) git-svn-id: http://redmine.rubyforge.org/svn/trunk@855 e93f8b46-1217-0410-a6f0-8f06a7374b81
17 years ago
# Manage user's password
def password
Don't force password change after using lost password Fixes: * don't redirect after login * show login name on my/password page
12 years ago
@username = @user.login
Add option to force a user to change password on next login * Add force_password_reset field to user * Add force_password_reset field to user edit form Also, reindent the form HTML. * Rename force_password_reset to force_password_change * Force password change: Show form on login, allow change * Remove unused step definitions for setting RAILS_ENV * Fix forced password change, add cuke * Don't reveal whether user exists when not authenticated * Also add spec for testing reaction when user is not allowed to change the password. * Improve force password change code after review * Fix MyController password test and change to spec * Fix AccountController force password change spec
12 years ago
redirect_if_password_change_not_allowed_for(@user)
end
# When making changes here, also check AccountController.change_password
def change_password
Invalidate session,s extract passwords flow into services
6 years ago
change_password_flow(user: @user, params: params, update_legacy: false) do
redirect_to action: 'password'
- new controller "myController" - account/my_page moved to my/page - account/my_account mmoved to my/account - "my page" is now customizable (table user_preferences added) git-svn-id: http://redmine.rubyforge.org/svn/trunk@62 e93f8b46-1217-0410-a6f0-8f06a7374b81
18 years ago
end
Added the ability to reset its own RSS access key on "My account". git-svn-id: http://redmine.rubyforge.org/svn/trunk@677 e93f8b46-1217-0410-a6f0-8f06a7374b81
17 years ago
end
[#436] Remove trailing whitespace
14 years ago
Move access token configuration from sidebar to separate menu
9 years ago
# Administer access tokens
Invalidate session,s extract passwords flow into services
6 years ago
def access_token; end
Move access token configuration from sidebar to separate menu
9 years ago
Move email notification settings into separate menu
9 years ago
# Configure user's mail notifications
[26688] In-app notifications (#9399) * Add bell icon to icon font * Add in app notification in top menu * Add fullscreen modal * Add notification modal and items * Style items * Toggle details of item * Mark all read * Add no results box * wip specification for event api * Add events table, query and index * Send out events from WP notification mailer job There we have the recipients present * Add cleanup job for older events with a setting * Hide bell notification when not logged * Add specs for events API index/show * Fix setting yml key * remove pry in event creation * Fix before hook in events API to after_validation * Fix polymorphic association raising exception for aggregated journals * Fix typo in read_ian * Fix yml entry for mentioned * Add read/unread post actions to event API and add specs * Wire up API to frontend * Fix order on events * Switch to unread in notification * Add event query * rename WPEventService * route wp mail sending over events * rename spec methods * author becomes watcher * correct message call signature * rename events to notifications * renname parameter to reflect notification nature * create author watcher for existing work packages * Merge unreadCount from store * Take a stab at polymorphic representers * Fix link generation in polymorphic resources For journals, no title is being generated however * Fix frontend model for context * Use timer for polling * add notification_setting data layer * Fix show resource spec * Fix duplicate class in notification bell item * Add minimal feature spec for notification * API for notification settings * Persist notifications * adapt work package notification creation to notification settings * extract notified_on_all * consolidate wp#recipients * concentrate wp notification in journal service * simplify methods * Remove unused patch endpoint * Add specs for rendering and parsing notification settings * Contract spec * Update service spec * adapt specs * Angular notifications frontend commit e29dced64699eb5f2443b9307c78343c9a58d1ee Author: Wieland Lindenthal <w.lindenthal@forkmerge.com> Date: Mon Jun 21 17:34:50 2021 +0200 Create Akita store and query for notification settings commit 1a45c26c1a0c147d15393e49d2625aca4851a64d Author: Wieland Lindenthal <w.lindenthal@forkmerge.com> Date: Mon Jun 21 11:09:25 2021 +0200 Remove tabs from notificaition settings page commit 0ea21e90c13a197f8bf2cfba1b60ddcff4e5e827 Author: Oliver Günther <mail@oliverguenther.de> Date: Sun Jun 20 21:55:48 2021 +0200 WIP in app settings * migrate notification data * add project visible filter to project query * Add inline-create and table display grouped by project * Add notifications under admin/users * Remove notifications partial * Rename notififcations store to user preferences store * Add setting for self_notified and hook that up to the backend * Add aria-label to table checkboxes * Restyle table and toolbar * replace remains of mail_notifications attribute * initialize notification settings for new user * adapt my_preferences references * reenable no self notified for documents * adapt specs * Avoid has_many :notifcation_settings Rails magically autosaves the user's preferences when the user gets saved, which somehow also tries to save the notfifications even when unchanged. This breaks some specs such as the avatar upload spec. As we can't update the assocation through rails anyway, just delegate to the user for reading instead. * Restore update method of notification settings * Restore update spec * fix spec syntax * lint scss * linting * Fix content_tag for bell icon * Add feature specs for notification settings * Disable ContentTag cop * use visible filter to get projects for notification The visible filter will reduce the project list down to the set of projects visible to the user provided as a parameter. This includes public projects. * test for actual mail sending * adapt me resource path this.apiV3Service.users.me changed its type in 0d6c0b6bc7620de94e00e72b36d6cbc1ec4c8db4 * Implement changed migration * Linting * Add actor to notification representer * Fix factory creating a duplicate WP journal * Add work packages loading and journal details to notification entry component * IAN basic facets, keep and expanded states. * Fix notification bell spec * Render body separately and add auto updating relative time * Add fixedTime title * Add actor to notification entry * Fix clicking links on work package and project * Tiny styling changes on entry row * Disable count in notification if larger than 99 (wont fit) * Introduce virtual scrolling to entry table * allow delaying & prevent mail sending if ain read Introduces a setting to delay mail sending after a journal aggregation time has expired. That way, users can confirm a notification in app. If they do before the delay expires, no mail is sent out additionally for that user. * consolidate notifications (in&out) into shared admin menu Co-authored-by: ulferts <jens.ulferts@googlemail.com> Co-authored-by: Wieland Lindenthal <w.lindenthal@forkmerge.com>
3 years ago
def notifications
render html: '',
layout: 'angular',
locals: { menu_name: :my_menu }
Move email notification settings into separate menu
9 years ago
end
Added the ability to reset its own RSS access key on "My account". git-svn-id: http://redmine.rubyforge.org/svn/trunk@677 e93f8b46-1217-0410-a6f0-8f06a7374b81
17 years ago
# Create a new feeds key
Clean up user experiance for generating tokens for the first time
9 years ago
def generate_rss_key
if request.post?
rename and inflect according to zeitwerk
5 years ago
token = Token::RSS.create!(user: current_user)
Use flash info
6 years ago
flash[:info] = [
Fix non-html value for rss tokens
5 years ago
t('my.access_token.notice_reset_token', type: 'RSS').html_safe,
content_tag(:strong, token.plain_value),
Implement HashedToken (ExtendedToken from MOTP) in Core
7 years ago
t('my.access_token.token_value_warning')
]
Clean up user experiance for generating tokens for the first time
9 years ago
end
Implement HashedToken (ExtendedToken from MOTP) in Core
7 years ago
rescue StandardError => e
Rails.logger.error "Failed to reset user ##{current_user.id} RSS key: #{e}"
flash[:error] = t('my.access_token.failed_to_reset_token', error: e.message)
ensure
Clean up user experiance for generating tokens for the first time
9 years ago
redirect_to action: 'access_token'
end
Added an API token for each User to use when making API requests. (#3920) The API key will be displayed on My Account page with a link to reset or generate a new one. All existing users will have a token generated by the migration. git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@3217 e93f8b46-1217-0410-a6f0-8f06a7374b81
15 years ago
# Create a new API key
Clean up user experiance for generating tokens for the first time
9 years ago
def generate_api_key
if request.post?
rename and inflect according to zeitwerk
5 years ago
token = Token::API.create!(user: current_user)
Use flash info
6 years ago
flash[:info] = [
Fix non-html value for rss tokens
5 years ago
t('my.access_token.notice_reset_token', type: 'API').html_safe,
content_tag(:strong, token.plain_value),
Implement HashedToken (ExtendedToken from MOTP) in Core
7 years ago
t('my.access_token.token_value_warning')
]
Clean up user experiance for generating tokens for the first time
9 years ago
end
Implement HashedToken (ExtendedToken from MOTP) in Core
7 years ago
rescue StandardError => e
Rails.logger.error "Failed to reset user ##{current_user.id} API key: #{e}"
flash[:error] = t('my.access_token.failed_to_reset_token', error: e.message)
ensure
Clean up user experiance for generating tokens for the first time
9 years ago
redirect_to action: 'access_token'
end
[breadcrumb] overwrite default breadcrumb text in my controller
13 years ago
def default_breadcrumb
Fix/replace custom i18n function (#8681) * replace custom i18n function calls * remove custom i18n method
4 years ago
I18n.t(:label_my_account)
[breadcrumb] overwrite default breadcrumb text in my controller
13 years ago
end
Add option to force a user to change password on next login * Add force_password_reset field to user * Add force_password_reset field to user edit form Also, reindent the form HTML. * Rename force_password_reset to force_password_change * Force password change: Show form on login, allow change * Remove unused step definitions for setting RAILS_ENV * Fix forced password change, add cuke * Don't reveal whether user exists when not authenticated * Also add spec for testing reaction when user is not allowed to change the password. * Improve force password change code after review * Fix MyController password test and change to spec * Fix AccountController force password change spec
12 years ago
Hide breadcrub per default and show in admin, my, wikHide breadcrub per default and show in admin, my, wiki
8 years ago
def show_local_breadcrumb
Hide breadcrumb on myPage (#6055) [ci skip]
7 years ago
false
Hide breadcrub per default and show in admin, my, wikHide breadcrub per default and show in admin, my, wiki
8 years ago
end
Add option to force a user to change password on next login * Add force_password_reset field to user * Add force_password_reset field to user edit form Also, reindent the form HTML. * Rename force_password_reset to force_password_change * Force password change: Show form on login, allow change * Remove unused step definitions for setting RAILS_ENV * Fix forced password change, add cuke * Don't reveal whether user exists when not authenticated * Also add spec for testing reaction when user is not allowed to change the password. * Improve force password change code after review * Fix MyController password test and change to spec * Fix AccountController force password change spec
12 years ago
private
Fix syntax (w/Rubocop) in (Rails) controllers Signed-off-by: Alex Coles <alex@alexbcoles.com>
10 years ago
Add option to force a user to change password on next login * Add force_password_reset field to user * Add force_password_reset field to user edit form Also, reindent the form HTML. * Rename force_password_reset to force_password_change * Force password change: Show form on login, allow change * Remove unused step definitions for setting RAILS_ENV * Fix forced password change, add cuke * Don't reveal whether user exists when not authenticated * Also add spec for testing reaction when user is not allowed to change the password. * Improve force password change code after review * Fix MyController password test and change to spec * Fix AccountController force password change spec
12 years ago
def redirect_if_password_change_not_allowed_for(user)
unless user.change_password_allowed?
Fix/replace custom i18n function (#8681) * replace custom i18n function calls * remove custom i18n method
4 years ago
flash[:error] = I18n.t(:notice_can_t_change_password)
Use 1.9+ Hash syntax in (Rails) controllers Signed-off-by: Alex Coles <alex@alexbcoles.com>
10 years ago
redirect_to action: 'account'
Add option to force a user to change password on next login * Add force_password_reset field to user * Add force_password_reset field to user edit form Also, reindent the form HTML. * Rename force_password_reset to force_password_change * Force password change: Show form on login, allow change * Remove unused step definitions for setting RAILS_ENV * Fix forced password change, add cuke * Don't reveal whether user exists when not authenticated * Also add spec for testing reaction when user is not allowed to change the password. * Improve force password change code after review * Fix MyController password test and change to spec * Fix AccountController force password change spec
12 years ago
return true
end
false
end
Fixed blocks vanishing after adding blocks to the default layout
11 years ago
[35507] Allow global permission to add and edit users (#8937) * Add global permission for add_user * Rename fieldset for global roles to "Global" * Add permission to admin actions * Add index action to add_user permission * Redirect to first admin item if only one * Hide status action for non admins * Break down user form into partials for easier rendering * Disable some user form tabs for non-admins * Make users API and services conformant with endpoints * Fix references to DeleteService#deletion_allowed? * Authorize add_user on show as well * Only show invite user toolbar item with permission * Fix Delete Service spec * Fix the way user prefs are handled in service * Ensure session_id is treated as string This causes a cast error otherwise as it passes rack session locally * Fix service call on onboarding controller * Fix service call on users controller * Add delete spec for global user * Hide login attribute again when adding a new user * Render auth source correctly in simple form * Fix creating invited users through service The invitation requires the mail attribute to be present. Previously, there was a manual error added to the mail. As the errors are now determined by the contract + model, we now end up with all missing properties as errors. * Properly constraint attributes for non-admins * Add specs for global user * Start working on how to update password from UsersController that code is a mess... * Change permitted_params spec to include non-admin params * Fix create user service spec * Remove mail_notification param from users controller It's not part of the contract/params passed to user * Remove todos * Extend docs * Correct the way backlogs patches into the user settings * Remove superfluous UpdateUserService * Rewrite duplicated update service examples into common shared example * Remove duplicate password writable check * Base Users::DeleteContract on base delete contract * Move checks for active users into the UserAllowedService * Restore password writable check as it is not an attribute * Fix menus for global user * Allow global users to add custom fields * Allow global user add permission to reinvite user * Fix changed var name in update service spec * Ensure also invited or registered users can be authroized This ensure that e.g., invited users can also be set as watchers * fix typo Co-authored-by: ulferts <jens.ulferts@googlemail.com>
4 years ago
def write_settings
user_params = permitted_params.my_account_settings
Handle correct redirecting and minor styling issues
7 years ago
result = Users::UpdateService
[35507] Allow global permission to add and edit users (#8937) * Add global permission for add_user * Rename fieldset for global roles to "Global" * Add permission to admin actions * Add index action to add_user permission * Redirect to first admin item if only one * Hide status action for non admins * Break down user form into partials for easier rendering * Disable some user form tabs for non-admins * Make users API and services conformant with endpoints * Fix references to DeleteService#deletion_allowed? * Authorize add_user on show as well * Only show invite user toolbar item with permission * Fix Delete Service spec * Fix the way user prefs are handled in service * Ensure session_id is treated as string This causes a cast error otherwise as it passes rack session locally * Fix service call on onboarding controller * Fix service call on users controller * Add delete spec for global user * Hide login attribute again when adding a new user * Render auth source correctly in simple form * Fix creating invited users through service The invitation requires the mail attribute to be present. Previously, there was a manual error added to the mail. As the errors are now determined by the contract + model, we now end up with all missing properties as errors. * Properly constraint attributes for non-admins * Add specs for global user * Start working on how to update password from UsersController that code is a mess... * Change permitted_params spec to include non-admin params * Fix create user service spec * Remove mail_notification param from users controller It's not part of the contract/params passed to user * Remove todos * Extend docs * Correct the way backlogs patches into the user settings * Remove superfluous UpdateUserService * Rewrite duplicated update service examples into common shared example * Remove duplicate password writable check * Base Users::DeleteContract on base delete contract * Move checks for active users into the UserAllowedService * Restore password writable check as it is not an attribute * Fix menus for global user * Allow global users to add custom fields * Allow global user add permission to reinvite user * Fix changed var name in update service spec * Ensure also invited or registered users can be authroized This ensure that e.g., invited users can also be set as watchers * fix typo Co-authored-by: ulferts <jens.ulferts@googlemail.com>
4 years ago
.new(user: current_user, model: current_user)
.call(user_params.to_h)
Handle correct redirecting and minor styling issues
7 years ago
Show error message when account cannot be updated
5 years ago
if result&.success
Invalidate session,s extract passwords flow into services
6 years ago
flash[:notice] = t(:notice_account_updated)
Show error message when account cannot be updated
5 years ago
else
errors = result ? result.errors.full_messages.join("\n") : ''
flash[:error] = [t(:notice_account_update_failed)]
flash[:error] << errors
Handle correct redirecting and minor styling issues
7 years ago
end
Show error message when account cannot be updated
5 years ago
redirect_back(fallback_location: my_account_path)
Handle correct redirecting and minor styling issues
7 years ago
end
Move test for token presence into controller method
9 years ago
helper_method :has_tokens?
def has_tokens?
Setting.feeds_enabled? || Setting.rest_api_enabled?
end
Invalidate session,s extract passwords flow into services
6 years ago
def set_current_user
@user = current_user
end
Fixed blocks vanishing after adding blocks to the default layout
11 years ago
def get_current_layout
@user.pref[:my_page_layout] || DEFAULT_LAYOUT.dup
end
- new controller "myController" - account/my_page moved to my/page - account/my_account mmoved to my/account - "my page" is now customizable (table user_preferences added) git-svn-id: http://redmine.rubyforge.org/svn/trunk@62 e93f8b46-1217-0410-a6f0-8f06a7374b81
18 years ago
end