Added user roles and authentication, sign in/out

2025-10-31 00:45:35 -04:00 · 2012-12-29 16:22:24 -05:00 · 2012-12-29 16:22:24 -05:00 · db9982dcd2
commit db9982dcd2
parent bb27c7a585
23 changed files with 232 additions and 89 deletions
--- a/app/assets/javascripts/custom_netzke_helpers.js
+++ b/app/assets/javascripts/custom_netzke_helpers.js
@ -0,0 +1,5 @@
+//when signed out, or session expires forward to sign in page
+Ext.Ajax.on('requestexception', function(conn, response, options) {
+  if (response.status === 401) { window.location = '/users/sign_in'; }
+}, this);
+
--- a/app/components/app_tab_panel.rb
+++ b/app/components/app_tab_panel.rb
@ -1,15 +1,46 @@
 class AppTabPanel < Netzke::Basepack::TabPanel
- component :bikes_border
- component :brands_and_models_border
- component :users_and_profiles_border
- component :logs
- component :bike_log_form
+
+  action :sign_out do |c|
+    c.icon = :door_out
+    c.text = "Sign out #{controller.current_user.email}" if controller.current_user
+  end

  def configure(c)
-    c.active_tab = 3
+
+    #all users
+    @@app_tab_panel_items = [ :bikes_border, :brands_and_models_border]
+
+    #for users
+    if controller.current_user.user?
+      @@app_tab_panel_items.concat [:user_profile_border]
+    end
+    #for admins
+    if controller.current_user.admin?
+      @@app_tab_panel_items.concat [:users_and_profiles_border, :logs]
+    end
+
+    @@app_tab_panel_items.each do |item|
+      self.class.component item
+    end
+
+    c.active_tab = 0
    c.prevent_header = true
-    c.items = [ :bikes_border, :brands_and_models_border, :users_and_profiles_border, :logs, :bike_log_form]
+    c.tbar = [:sign_out]
+    c.items = @@app_tab_panel_items
    super
  end
+
+  js_configure do |c|
+    c.on_sign_out = <<-JS
+      //this will give a 401 error, but made 401 exceptions forward to 'users/sign_in'
+      function(){
+        Ext.Ajax.request({
+           url: '/users/sign_out',
+           method: 'DELETE'
+        });        
+      }
+    JS
+  end
+
 end

--- a/app/components/bike_brands.rb
+++ b/app/components/bike_brands.rb
@ -2,25 +2,19 @@ class BikeBrands < Netzke::Basepack::Grid
  def configure(c)
    super
    c.model = "BikeBrand"
+    c.title = "Brands"

-    
-=begin
-    c.columns = [
-      :done,
-      :name,
-      {name: :notes, flex: 1},
-      :priority,
-      {name: :due, header: "Due on"}
-    ]
-=end
-    #c.enable_context_menu = false
-    #c.context_menu = false
-    #c.enable_edit_in_form = false
-    #c.scope = {done: [nil, false]}
+    if controller.current_user.user?
+      c.prohibit_update = true
+      c.prohibit_create = true
+      c.prohibit_delete = true
+    end
  end

  #override with nil to remove actions
  def default_bbar
-    [ :apply, :add_in_form, :search ]
+    bbar = [ :search ]
+    bbar.concat [ :apply, :add_in_form ] if not controller.current_user.user?
+    bbar
  end
 end
--- a/app/components/bike_logs.rb
+++ b/app/components/bike_logs.rb
@ -23,6 +23,12 @@ class BikeLogs < Netzke::Basepack::Grid
      { :name => :created_at, :read_only => true},
      { :name => :updated_at, :read_only => true}
    ]
+    
+    if controller.current_user.user?
+      c.prohibit_update = true
+      c.prohibit_create = true
+      c.prohibit_delete = true
+    end

  end

@ -37,6 +43,8 @@ class BikeLogs < Netzke::Basepack::Grid

  #override with nil to remove actions
  def default_bbar
-    [ :apply, :add_in_form, :search ]
+    bbar = [ :search ]
+    bbar.concat [ :apply, :add_in_form ] if not controller.current_user.user?
+    bbar
  end
 end
--- a/app/components/bike_models.rb
+++ b/app/components/bike_models.rb
@ -3,21 +3,28 @@ class BikeModels < Netzke::Basepack::Grid
    super

    c.model = "BikeModel"
+    c.title = "Models"
    c.data_store = {auto_load: false}
    c.scope = lambda { |rel| puts session.inspect; rel.where(:bike_brand_id => session[:selected_bike_brand_id]);}
-    #c.strong_default_attrs = lambda { |rel| puts rel.inspect;}
-    
+    c.strong_default_attrs = {
+      :bike_brand_id => session[:selected_bike_brand_id]
+    }
+
    c.columns = [
-      :model
+      { :name => :model }
    ]
-    #c.enable_context_menu = false
-    #c.context_menu = false
-    #c.enable_edit_in_form = false
-    #c.scope = {done: [nil, false]}
+
+    if controller.current_user.user?
+      c.prohibit_update = true
+      c.prohibit_create = true
+      c.prohibit_delete = true
+    end
  end

  #override with nil to remove actions
  def default_bbar
-    [ :apply, :add_in_form, :search ]
+    bbar = [ :search ]
+    bbar.concat [ :apply, :add_in_form ] if not controller.current_user.user?
+    bbar
  end
 end
--- a/app/components/bikes.rb
+++ b/app/components/bikes.rb
@ -40,10 +40,11 @@ class Bikes < Netzke::Basepack::Grid
            // setting the 'rowclick' event
            var view = this.getView();
            view.on('itemclick', function(view, record){
-            console.log(view);
-            console.log(record);
+              console.log(view);
+              console.log(record);
              // The beauty of using Ext.Direct: calling 3 endpoints in a row, which results in a single call to the server!
              this.selectBikeBrand({bike_brand_id: record.get('bike_brand__brand')});
+              console.log(record.get('bike_brand__brand'));
            }, this);
          }
        JS
@ -53,7 +54,7 @@ class Bikes < Netzke::Basepack::Grid
    # store selected boss id in the session for this component's instance
    session[:selected_bike_brand_id] = params[:bike_brand_id]
    puts "BikeID-----------------------------"
-    #puts params[:bike_brand_id]
+    puts params[:bike_brand_id]
    puts session.inspect
  end
 end
--- a/app/components/brands_and_models_border.rb
+++ b/app/components/brands_and_models_border.rb
@ -7,7 +7,6 @@ class BrandsAndModelsBorder < Netzke::Base
    super
    c.title = "Brands/Models"
    c.items = [
-#      { netzke_component: :bike_brands, region: :center, split: true }
     { netzke_component: :bike_brands, region: :center, split: true },
     { netzke_component: :bike_models, region: :east, width: 500, split: true}
    ]
@ -17,7 +16,7 @@ class BrandsAndModelsBorder < Netzke::Base
    c.layout = :border
    c.border = false

-# Overriding initComponent
+    # Overriding initComponent
    c.init_component = <<-JS
      function(){
        // calling superclass's initComponent
@ -40,18 +39,6 @@ class BrandsAndModelsBorder < Netzke::Base
    puts "BikeBrandID-----------------------------"
    #puts params[:bike_brand_id]
    puts session.inspect
-
-=begin
-    brand = BikeBrand.find_by_id(params[:bike_brand_id])
-    bike_models_grid = component_instance(:bike_models)
-    bike_models_data = bike_models_grid.get_data
-
-    {
-      :bike_models=> {:load_store_data => bike_models_data, :set_title => "Models for #{brand.brand}"},
-    }
-=end 
  end
-
-
  
 end
--- a/app/components/user_logs.rb
+++ b/app/components/user_logs.rb
@ -3,15 +3,31 @@ class UserLogs < Netzke::Basepack::Grid
  def configure(c)
    super

-    c.model = "ActsAsLoggable::Log"
-    c.title = "User History"
-    c.data_store = {auto_load: false}
-    c.scope = lambda { |rel| puts session.inspect; rel.where(:loggable_type => 'User',:loggable_id => session[:selected_user_id]);}
-    c.strong_default_attrs = {
+    #all users
+    user_log_strong_default_attrs = {
      :loggable_type => 'User',
-      :loggable_id => session[:selected_user_id],
      :log_action_type => 'ActsAsLoggable::UserAction'
    }
+
+    #just users
+    if controller.current_user.user?
+      user_log_scope = lambda { |rel| rel.where(:loggable_type => 'User',:loggable_id => controller.current_user.id)}
+      user_log_strong_default_attrs.merge!( { :loggable_id => controller.current_user.id } )
+      user_log_data_store = {auto_load: true }
+    #admins and staff
+    else
+      user_log_scope = lambda { |rel| puts session.inspect; rel.where(:loggable_type => 'User',:loggable_id => session[:selected_user_id]);}
+      user_log_strong_default_attrs.merge!( { :loggable_id => session[:selected_user_id] } )
+      user_log_data_store = {auto_load: true }
+    end
+
+    c.model = "ActsAsLoggable::Log"
+    c.title = "User History"
+    c.data_store = user_log_data_store
+    c.scope = user_log_scope
+    puts "user_log_strong_default_attrs"
+    puts user_log_strong_default_attrs.inspect
+    c.strong_default_attrs = user_log_strong_default_attrs
    c.columns = [
      { :name => :start_date, :format => "g:ia - D, M j - Y", :width => 165, :default_value => Time.now.to_formatted_s(:db) },
      { :name => :end_date, :hidden => true, :default_value => Time.now.to_formatted_s(:db) },
--- a/app/components/user_profile_border.rb
+++ b/app/components/user_profile_border.rb
@ -0,0 +1,21 @@
+class UserProfileBorder < Netzke::Base
+  # Remember regions collapse state and size
+  include Netzke::Basepack::ItemPersistence
+  component :user_logs
+  component :user_profiles
+
+  def configure(c)
+    super
+    c.title = "Profile"
+    c.items = [
+     { netzke_component: :user_logs, region: :center, split: true},
+     { netzke_component: :user_profiles, region: :south, height: 150, split: true }
+    ]
+  end
+
+  js_configure do |c|
+    c.layout = :border
+    c.border = false
+  end
+
+end
--- a/app/components/user_profiles.rb
+++ b/app/components/user_profiles.rb
@ -1,10 +1,19 @@
 class UserProfiles < Netzke::Basepack::Grid
  def configure(c)
    super
+
+    if controller.current_user.user?
+      user_profiles_scope = lambda { |rel| rel.where(:user_id => controller.current_user.id);}
+      user_profiles_data_store = { auto_load: true }
+    else
+      user_profiles_scope = lambda { |rel| puts session.inspect; rel.where(:user_id => session[:selected_user_id]);}
+      user_profiles_data_store = { auto_load: false}
+    end
+
    c.model = "UserProfile"
-    c.title = "User Profiles"
-    c.data_store = {auto_load: false}
-    c.scope = lambda { |rel| puts session.inspect; rel.where(:user_id => session[:selected_user_id]);}
+    c.title = "Profile"
+    c.data_store = user_profiles_data_store
+    c.scope = user_profiles_scope
    c.columns = [
      { :name => :bike__serial_number},
      :addrStreet1,
--- a/app/components/users.rb
+++ b/app/components/users.rb
@ -7,7 +7,8 @@ class Users < Netzke::Basepack::Grid
      :first_name,
      :last_name,
      :nickname,
-      :email
+      :email,
+      :user_role__role
    ]
  end

--- a/app/components/users_and_profiles_border.rb
+++ b/app/components/users_and_profiles_border.rb
@ -10,7 +10,7 @@ class UsersAndProfilesBorder < Netzke::Base
    c.title = "Users/Profiles"
    c.items = [
     { netzke_component: :users, region: :center, width: 300, split: true },
-    { netzke_component: :user_profiles, region: :south, height: 150, split: true},
+     { netzke_component: :user_profiles, region: :south, height: 150, split: true},
     { netzke_component: :user_logs, region: :east, split: true}
    ]
  end
@ -19,7 +19,7 @@ class UsersAndProfilesBorder < Netzke::Base
    c.layout = :border
    c.border = false

-# Overriding initComponent
+    # Overriding initComponent
    c.init_component = <<-JS
      function(){
        // calling superclass's initComponent
@ -41,7 +41,7 @@ class UsersAndProfilesBorder < Netzke::Base
    # store selected boss id in the session for this component's instance
    session[:selected_user_id] = params[:user_id]
    puts "UserID-----------------------------"
-    #puts params[:bike_brand_id]
+    puts params[:user_id]
    puts session.inspect
  end
  
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@ -1,3 +1,5 @@
 class ApplicationController < ActionController::Base
+  before_filter :authenticate_user!
  protect_from_forgery
+  
 end
--- a/app/models/user.rb
+++ b/app/models/user.rb
@ -7,9 +7,10 @@ class User < ActiveRecord::Base

  # Setup accessible (or protected) attributes for your model
  attr_accessible :email, :password, :password_confirmation, :remember_me,
-    :first_name, :last_name, :nickname
+    :first_name, :last_name, :nickname, :role_id

  has_many :user_profiles
+  belongs_to :user_role

  validates :first_name, :presence => true
  validates :last_name, :presence => true
@ -19,4 +20,16 @@ class User < ActiveRecord::Base
  def to_s
    "#{first_name} #{last_name}"
  end
+
+  def user?
+    user_role.to_s == "user"
+  end
+
+  def staff?
+    user_role.to_s == "staff"
+  end
+
+  def admin?
+    user_role.to_s == "admin"
+  end
 end
--- a/app/models/user_role.rb
+++ b/app/models/user_role.rb
@ -0,0 +1,11 @@
+class UserRole < ActiveRecord::Base
+  attr_accessible :role
+
+  has_many :users
+
+  self.per_page = 15
+
+  def to_s
+    self.role
+  end
+end
--- a/config/routes.rb
+++ b/config/routes.rb
@ -8,7 +8,7 @@ Velocipede::Application.routes.draw do
  # first created -> highest priority.

  match 'site/index' => 'site#index'
-
+=end
  resources :bike_brands, :except => [:edit, :delete]
  resources :bike_models, :except => [:edit, :delete]
  resources :bike_statuses
@ -38,6 +38,5 @@ Velocipede::Application.routes.draw do

  #match ':loggable_type/:loggable_id/logs' => 'acts_as_loggable/logs#index', :as => 'loggable_logs'

-=end
  root :to => 'site#index'
 end
--- a/db/migrate/20120227024410_devise_create_users.rb
+++ b/db/migrate/20120227024410_devise_create_users.rb
@ -19,6 +19,8 @@ class DeviseCreateUsers < ActiveRecord::Migration
      t.string   :current_sign_in_ip
      t.string   :last_sign_in_ip

+      t.integer  :user_role_id
+
      ## Encryptable
      # t.string :password_salt

--- a/db/migrate/20121229160809_create_user_roles.rb
+++ b/db/migrate/20121229160809_create_user_roles.rb
@ -0,0 +1,8 @@
+class CreateUserRoles < ActiveRecord::Migration
+  def change
+    create_table(:user_roles) do |t|
+      t.string :role
+      t.timestamps
+    end
+  end
+end
--- a/db/schema.rb
+++ b/db/schema.rb
@ -11,7 +11,7 @@
 #
 # It's strongly recommended to check this file into your version control system.

-ActiveRecord::Schema.define(:version => 20121205043759) do
+ActiveRecord::Schema.define(:version => 20121229160809) do

  create_table "bike_actions", :force => true do |t|
    t.string   "action",     :limit => 128, :null => false
@ -67,13 +67,14 @@ ActiveRecord::Schema.define(:version => 20121205043759) do
    t.string   "loggable_type"
    t.integer  "logger_id"
    t.string   "logger_type"
-    t.string   "context",       :limit => 128
-    t.datetime "start_date",                                   :null => false
-    t.datetime "end_date",                                     :null => false
-    t.text     "description",                  :default => ""
-    t.integer  "action_id",                    :default => 0
-    t.datetime "created_at",                                   :null => false
-    t.datetime "updated_at",                                   :null => false
+    t.string   "context",         :limit => 128
+    t.datetime "start_date",                                     :null => false
+    t.datetime "end_date",                                       :null => false
+    t.text     "description",                    :default => ""
+    t.integer  "log_action_id"
+    t.string   "log_action_type"
+    t.datetime "created_at",                                     :null => false
+    t.datetime "updated_at",                                     :null => false
  end

  add_index "logs", ["loggable_id", "loggable_type", "context"], :name => "index_logs_on_loggable_id_and_loggable_type_and_context"
@ -112,6 +113,12 @@ ActiveRecord::Schema.define(:version => 20121205043759) do
    t.datetime "updated_at",  :null => false
  end

+  create_table "user_roles", :force => true do |t|
+    t.string   "role"
+    t.datetime "created_at", :null => false
+    t.datetime "updated_at", :null => false
+  end
+
  create_table "users", :force => true do |t|
    t.string   "email",                  :default => "", :null => false
    t.string   "encrypted_password",     :default => "", :null => false
@ -123,6 +130,7 @@ ActiveRecord::Schema.define(:version => 20121205043759) do
    t.datetime "last_sign_in_at"
    t.string   "current_sign_in_ip"
    t.string   "last_sign_in_ip"
+    t.integer  "user_role_id"
    t.datetime "created_at",                             :null => false
    t.datetime "updated_at",                             :null => false
    t.integer  "failed_attempts",        :default => 0
--- a/db/seed/fixtures/user_roles.yml
+++ b/db/seed/fixtures/user_roles.yml
@ -0,0 +1,9 @@
+user:
+  id: 1
+  role: user
+staff:
+  id: 2
+  role: staff
+admin:
+  id: 3
+  role: admin
--- a/db/seeds.rb
+++ b/db/seeds.rb
@ -20,9 +20,13 @@ end

 if Rails.env.development?

-  #create default dev user
-  FactoryGirl.create(:user) if User.all.empty?
-  FactoryGirl.create(:user_profile) if UserProfile.all.empty?
+  #create default admin user
+  if User.all.empty?
+    FactoryGirl.create(:user)
+    FactoryGirl.create(:staff)
+    FactoryGirl.create(:admin)
+    FactoryGirl.create(:user_profile)
+  end

  #create fake bikes
  if Bike.all.empty?
--- a/spec/factories.rb
+++ b/spec/factories.rb
@ -1,14 +0,0 @@
-FactoryGirl.define do
-  factory :user do
-    sequence(:email) { |n| "user_#{n}@example.com" }
-    password 'password'
-    password_confirmation { password }
-    first_name 'Michael'
-    last_name 'Scott'
-  end
-
-# factory :team do
-#   sequence(:name) { |n| "mash it #{n} times" }
-#   association :captain, :factory => :user
-# end
-end
--- a/spec/factories/users.rb
+++ b/spec/factories/users.rb
@ -0,0 +1,21 @@
+FactoryGirl.define do
+  factory :user do
+    sequence(:email) { |n| "user_#{n}@example.com" }
+    password 'password'
+    password_confirmation { password }
+    first_name 'Michael'
+    last_name 'Scott'
+    user_role_id 1
+
+    factory :staff do
+      first_name 'Staff'
+      user_role_id 2
+    end
+
+    factory :admin do
+      first_name 'Admin'
+      user_role_id 3
+    end
+
+  end
+end