| Class | ProfilesController |
| In: |
app/controllers/profiles_controller.rb
|
| Parent: | ApplicationController |
This controller is called "Profiles" instead of "Users" even though we are manipulating a User object.
The rational is we need a controller that the user can interact with where all actions refer to the current user. This is different from an applications own needs to have a controller to manage multiple users (say for an admin interface or social networking app).
Therefore we have used the term Profile because it seems more descriptive and doesn‘t conflict with a UsersController that the app might have itself.
Process user registration form or restore existing user (either way we are creating a user that didn‘t exist from the applications point of view).
If verified_at is defined on the model but nil after save then a account verification message is sent to verify the email given. Also the field "email" must exist on the model for the email verification feature to work.
If you want a "Welcome" letter but don‘t want to enforce an email verification procedure then consider installing a after_filter that looks something like this:
after_filter :welcome_new_user
private
def welcome_new_user
Notifications.deliver_welcome_letter(@user) unless @user.new_record?
end
If you want to include their password for reference this is your one chance since after this method their password will be just a hash. To implement just change the above line to:
@user.password = params[:user][:password] Notifications.deliver_welcome_letter(@user) unless @user.new_record?
With the above code the user object will have an un-encrypted password at "@user.password" that you can use.
We are restoring a user if the following is true:
# File app/controllers/profiles_controller.rb, line 56
56: def create
57: # For compatiblity with acts_as_paraniod.
58: find_meth = if User.respond_to? :find_with_deleted
59: :find_with_deleted
60: else
61: :find
62: end
63:
64: @user = User.send find_meth, :first, :conditions =>
65: {username_field.to_sym => params[:user][username_field.to_sym]}
66:
67: restoring = !@user.nil? && @user.respond_to?(:deleted_at) &&
68: !@user.deleted_at.nil?
69: restoring = false unless !params[:token].blank? &&
70: @user.authenticate(params[:token].split(';').last)
71:
72: # If restoring then they can onyl be restored. All other params
73: # are ignored.
74: if restoring
75: @user.deleted_at = nil
76: else
77: @user = User.new params[:user]
78: end
79:
80: if @user.save
81:
82: flash[:notice] = if restoring
83: "#{@user} successfully restored"
84: else
85: "#{@user} successfully registered"
86: end
87:
88: if @user.respond_to?(:verified_at) && @user.respond_to?(:email)
89: @user.reload
90: if @user.verified_at.nil?
91: ProfileNotifications.deliver_signup_verification @user,
92: email_token(@user, 'verification', :action => 'update',
93: :verified => true)
94: # The verification_sent tell them the same thing
95: flash[:notice] = nil
96:
97: render :action => 'verification_sent' and return
98: end
99: end
100:
101: session[:uid] = @user.id
102: redirect_to home_url
103: else
104: render :template => (params[:_registration_form] || 'profiles/new')
105: end
106: end
Let a user remove theirselves. If the model looks like it supports account re-activiation (has a email address field and deleted_at field) then it will simply be marked deleted and not actually removed.
# File app/controllers/profiles_controller.rb, line 140
140: def destroy
141:
142: token = email_token current_user, 'reactivation', :action => 'create',
143: :user => {username_field.to_sym => current_user.send(username_field.to_sym)}
144: ProfileNotifications.deliver_reactivate_account current_user, token if
145: current_user.respond_to?(:email) && current_user.respond_to?(:deleted_at)
146:
147: flash[:notice] = "Successfully deleted user #{current_user}"
148: if current_user.respond_to? :deleted_at
149: current_user.deleted_at = Time.now
150: current_user.save!
151: else
152: current_user.destroy
153: end
154:
155: redirect_to logout_url
156: end
User registration form. If you want to provide default values in your application override this method. Obviously override the template to add more fields the the registration form.
# File app/controllers/profiles_controller.rb, line 19
19: def new
20: @user = User.new
21: end
Update current user with new info. Primarily used for account verification. If the "edit" method exists then this action is assuming the application has implemented a feature to allow users to update their account info. It will therefore use that when redirecting or rendering for errors. If not then it will simply redirect the user/home when successful or raise an exception when not successful.
# File app/controllers/profiles_controller.rb, line 115
115: def update
116: @user = current_user
117: @user.verified_at = Time.now if
118: @user.respond_to?(:verified_at) && !params[:verified].blank?
119: if @user.update_attributes params[:user]
120: flash[:notice] = if params[:verified]
121: "Verified E-mail address for #{@user}"
122: else
123: "Successfully updated #{@user}"
124: end
125: redirect_to respond_to?(:edit) ?
126: (params[:_update_success_path] || {:action => 'edit'}) : home_url
127: else
128: if respond_to? :edit
129: render :action => 'edit'
130: else
131: raise ActiveRecord::ActiveRecordError.new("Failed to save #{@user}")
132: end
133: end
134: end