before_filter :require_allow_read_prefs, :only => [:api_details]
before_filter :require_allow_read_gpx, :only => [:api_gpx_files]
before_filter :require_cookies, :only => [:login, :confirm]
- before_filter :require_administrator, :only => [:activate, :deactivate, :confirm, :hide, :unhide, :delete]
- before_filter :lookup_this_user, :only => [:activate, :deactivate, :confirm, :hide, :unhide, :delete]
+ before_filter :require_administrator, :only => [:set_status, :delete, :list]
+ before_filter :lookup_this_user, :only => [:set_status, :delete]
filter_parameter_logging :password, :pass_crypt, :pass_crypt_confirmation
- cache_sweeper :user_sweeper, :only => [:account, :hide, :unhide, :delete]
+ cache_sweeper :user_sweeper, :only => [:account, :set_status, :delete]
def save
@title = t 'user.new.title'
else
redirect_to :controller => 'site', :action => 'index'
end
- elsif User.authenticate(:username => email_or_display_name, :password => pass, :inactive => true)
+ elsif User.authenticate(:username => email_or_display_name, :password => pass, :pending => true)
flash.now[:error] = t 'user.login.account not active'
+ elsif User.authenticate(:username => email_or_display_name, :password => pass, :suspended => true)
+ flash.now[:error] = t 'user.login.account suspended'
else
flash.now[:error] = t 'user.login.auth failure'
end
end
##
- # activate a user, allowing them to log in
- def activate
- @this_user.update_attributes(:status => "active")
+ # sets a user's status
+ def set_status
+ @this_user.update_attributes(:status => params[:status])
redirect_to :controller => 'user', :action => 'view', :display_name => params[:display_name]
end
##
- # deactivate a user, preventing them from logging in
- def deactivate
- @this_user.update_attributes(:status => "pending")
+ # delete a user, marking them as deleted and removing personal data
+ def delete
+ @this_user.delete
redirect_to :controller => 'user', :action => 'view', :display_name => params[:display_name]
end
##
- # confirm a user, overriding any suspension triggered by spam scoring
- def confirm
- @this_user.update_attributes(:status => "confirmed")
- redirect_to :controller => 'user', :action => 'view', :display_name => params[:display_name]
- end
+ # display a list of users matching specified criteria
+ def list
+ if request.post?
+ ids = params[:user].keys.collect { |id| id.to_i }
- ##
- # hide a user, marking them as logically deleted
- def hide
- @this_user.update_attributes(:status => "deleted")
- redirect_to :controller => 'user', :action => 'view', :display_name => params[:display_name]
- end
+ User.update_all("status = 'confirmed'", :id => ids) if params[:confirm]
+ User.update_all("status = 'deleted'", :id => ids) if params[:hide]
+ end
- ##
- # unhide a user, clearing the logically deleted flag
- def unhide
- @this_user.update_attributes(:status => "active")
- redirect_to :controller => 'user', :action => 'view', :display_name => params[:display_name]
- end
+ conditions = Hash.new
+ conditions[:status] = params[:status] if params[:status]
+ conditions[:creation_ip] = params[:ip] if params[:ip]
- ##
- # delete a user, marking them as deleted and removing personal data
- def delete
- @this_user.delete
- redirect_to :controller => 'user', :action => 'view', :display_name => params[:display_name]
+ @user_pages, @users = paginate(:users,
+ :conditions => conditions,
+ :order => :id,
+ :per_page => 50)
end
+
private
+
##
# require that the user is a administrator, or fill out a helpful error message
# and return them to the user page.
def require_administrator
- unless @user.administrator?
+ if @user and not @user.administrator?
flash[:error] = t('user.filter.not_an_administrator')
- redirect_to :controller => 'user', :action => 'view', :display_name => params[:display_name]
+
+ if params[:display_name]
+ redirect_to :controller => 'user', :action => 'view', :display_name => params[:display_name]
+ else
+ redirect_to :controller => 'user', :action => 'login', :referer => request.request_uri
+ end
+ elsif not @user
+ redirect_to :controller => 'user', :action => 'login', :referer => request.request_uri
end
end
projects / rails.git / blobdiff