From ae8c0b3baff821423ef4830abab075ffb8f4ead9 Mon Sep 17 00:00:00 2001
From: Tom Hughes <tom@compton.nu>
Date: Tue, 4 May 2010 14:44:28 +0100
Subject: [PATCH] Add a user list view for administrators

---
 app/controllers/user_controller.rb | 35 +++++++++++++++++++++++---
 app/views/user/_user.html.erb      | 20 +++++++++++++++
 app/views/user/list.html.erb       | 40 ++++++++++++++++++++++++++++++
 config/locales/en.yml              | 10 ++++++++
 config/routes.rb                   |  5 +++-
 public/stylesheets/common.css      | 21 ++++++++++++++++
 6 files changed, 127 insertions(+), 4 deletions(-)
 create mode 100644 app/views/user/_user.html.erb
 create mode 100644 app/views/user/list.html.erb

diff --git a/app/controllers/user_controller.rb b/app/controllers/user_controller.rb
index af0ccba05..e5db74f38 100644
--- a/app/controllers/user_controller.rb
+++ b/app/controllers/user_controller.rb
@@ -11,7 +11,7 @@ class UserController < ApplicationController
   before_filter :require_allow_read_prefs, :only => [:api_details]
   before_filter :require_allow_read_gpx, :only => [:api_gpx_files]
   before_filter :require_cookies, :only => [:login, :confirm]
-  before_filter :require_administrator, :only => [:set_status, :delete]
+  before_filter :require_administrator, :only => [:set_status, :delete, :list]
   before_filter :lookup_this_user, :only => [:set_status, :delete]
 
   filter_parameter_logging :password, :pass_crypt, :pass_crypt_confirmation
@@ -328,14 +328,43 @@ class UserController < ApplicationController
     @this_user.delete
     redirect_to :controller => 'user', :action => 'view', :display_name => params[:display_name]
   end
+
+  ##
+  # display a list of users matching specified criteria
+  def list
+    if request.post?
+      ids = params[:user].keys.collect { |id| id.to_i }
+
+      User.update_all("status = 'confirmed'", :id => ids) if params[:confirm]
+      User.update_all("status = 'deleted'", :id => ids) if params[:hide]
+    end
+
+    conditions = Hash.new
+    conditions[:status] = params[:status] if params[:status]
+    conditions[:creation_ip] = params[:ip] if params[:ip]
+
+    @user_pages, @users = paginate(:users,
+                                   :conditions => conditions,
+                                   :order => :id,
+                                   :per_page => 50)
+  end
+
 private
+
   ##
   # require that the user is a administrator, or fill out a helpful error message
   # and return them to the user page.
   def require_administrator
-    unless @user.administrator?
+    if @user and not @user.administrator?
       flash[:error] = t('user.filter.not_an_administrator')
-      redirect_to :controller => 'user', :action => 'view', :display_name => params[:display_name]
+
+      if params[:display_name]
+        redirect_to :controller => 'user', :action => 'view', :display_name => params[:display_name]
+      else
+        redirect_to :controller => 'user', :action => 'login', :referer => request.request_uri
+      end
+    elsif not @user
+      redirect_to :controller => 'user', :action => 'login', :referer => request.request_uri
     end
   end
 
diff --git a/app/views/user/_user.html.erb b/app/views/user/_user.html.erb
new file mode 100644
index 000000000..66f6cd3bc
--- /dev/null
+++ b/app/views/user/_user.html.erb
@@ -0,0 +1,20 @@
+<% cl = cycle('table0', 'table1') %>
+
+<tr class="<%= cl %>">
+  <td>
+    <%= user_thumbnail(user) %>
+  </td>
+  <td>
+    <p>
+      <%= t 'user.list.summary',
+          :name => h(user.display_name),
+          :ip_address => link_to(user.creation_ip, :ip => user.creation_ip),
+          :date => l(user.creation_time, :format => :friendly)
+      %>
+    </p>
+    <%= htmlize(user.description) %>
+  </td>
+  <td>
+    <%= check_box_tag "user_#{user.id}", "", false, :name => "user[#{user.id}]" %>
+  </td>
+</tr>
diff --git a/app/views/user/list.html.erb b/app/views/user/list.html.erb
new file mode 100644
index 000000000..6f010e267
--- /dev/null
+++ b/app/views/user/list.html.erb
@@ -0,0 +1,40 @@
+<% @title = t('user.list.title') %>
+
+<h1><%= t('user.list.heading') %></h1>
+
+<% unless @users.empty? %>
+  <% form_tag :status => params[:status], :ip => params[:ip] do %>
+    <table id="user_list">
+      <tr>
+        <td colspan="2">
+          <%= t 'user.list.showing',
+              :page => @user_pages.current_page.number,
+              :first_item => @user_pages.current_page.first_item,
+              :last_item => @user_pages.current_page.last_item,
+              :count => @user_pages.current_page.last_item - @user_pages.current_page.first_item + 1
+          %>
+          <% if @user_pages.page_count > 1 %>
+          | <%= pagination_links_each(@user_pages, {}) { |n| link_to n, :page => n } %>
+          <% end %>
+        </td>
+        <td>
+          <%=
+            check_box_tag("user_all", "1", false, :onchange => update_page do |page|
+              @users.each do |user|
+                page << "$('user_#{user.id}').checked = $('user_all').checked;"
+              end
+            end)
+          %>
+        </td>
+      </tr>
+      <%= render :partial => 'user', :collection => @users %>
+    </table>
+
+    <div id="user_list_actions">
+      <%= submit_tag t('user.list.confirm'), :name => "confirm" %>
+      <%= submit_tag t('user.list.hide'), :name => "hide" %>
+    </div>
+  <% end %>
+<% else %>
+  <p><%= t "user.list.empty" %></p>
+<% end %>
diff --git a/config/locales/en.yml b/config/locales/en.yml
index 21e5795cb..e521299e7 100644
--- a/config/locales/en.yml
+++ b/config/locales/en.yml
@@ -1644,6 +1644,16 @@ en:
       not_a_friend: "{{name}} is not one of your friends."
     filter:
       not_an_administrator: "You need to be an administrator to perform that action."
+    list:
+      title: Users
+      heading: Users
+      showing:
+        one: Showing page {{page}} ({{first_item}} of {{count}})
+        other: Showing page {{page}} ({{first_item}}-{{last_item}} of {{count}})
+      summary: "{{name}} created from {{ip_address}} on {{date}}"
+      confirm: Confirm Selected Users
+      hide: Hide Selected Users
+      empty: No matching users found
   user_role:
     filter:
       not_an_administrator: "Only administrators can perform user role management, and you are not an administrator."
diff --git a/config/routes.rb b/config/routes.rb
index 82f4e3a9f..b15d77e31 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -166,7 +166,10 @@ ActionController::Routing::Routes.draw do |map|
   map.connect '/diary/:language', :controller => 'diary_entry', :action => 'list'
   map.connect '/diary/:language/rss', :controller => 'diary_entry', :action => 'rss'
 
-  
+  # user lists
+  map.connect '/users', :controller => 'user', :action => 'list'
+  map.connect '/users/:status', :controller => 'user', :action => 'list'
+
   # test pages
   map.connect '/test/populate/:table/:from/:count', :controller => 'test', :action => 'populate'
   map.connect '/test/populate/:table/:count', :controller => 'test', :action => 'populate', :from => 1
diff --git a/public/stylesheets/common.css b/public/stylesheets/common.css
index b6ee99712..73f0fb788 100644
--- a/public/stylesheets/common.css
+++ b/public/stylesheets/common.css
@@ -562,6 +562,27 @@ hr {
   color: gray;
 }
 
+/* Rules for the user list */
+
+#user_list {
+  width: 100%;
+  font-size: small;
+}
+
+#user_list tr {
+  vertical-align: center;
+}
+
+#user_list p {
+  margin-top: 0px;
+  margin-bottom: 0px;
+}
+
+#user_list_actions {
+  float: right;
+  margin-top: 10px;
+}
+
 /* Rules for the account settings page */
 
 #accountForm td {
-- 
2.43.2