SMusatov
/
zammad
mirror of https://github.com/zammad/zammad.git


			
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317
							class UsersController < ApplicationController
  before_filter :authentication_check, :except => [:create, :password_reset_send, :password_reset_verify]

=begin

 
Format:

JSON


Example:

{

  "id":2,

  "organization_id":null,

  "login":"m@edenhofer.de",

  "firstname":"Marti",

  "lastname":"Ede",

  "email":"m@edenhofer.de",

  "image":"http://www.gravatar.com/avatar/1c38b099f2344976005de69965733465?s=48",

  "web":"http://127.0.0.1",

  "password":"123",

  "phone":"112",

  "fax":"211",

  "mobile":"",

  "street":"",

  "zip":"",

  "city":"",

  "country":null,

  "verified":false,

  "active":true,

  "note":"some note",

  "source":null,

  "role_ids":[1,2],

  "group_ids":[1,2,3,4],

}


=end

=begin


Resource: 

GET /api/users.json


Response:

[

  {

    "id": 1,

    "login": "some_login1",

    ...

  },

  {

    "id": 2,

    "login": "some_login2",

    ...

  }

]


Test:

curl http://localhost/api/users.json -v -u #{login}:#{password}

  
=end

  def index
    users = User.all
    users_all = []
    users.each {|user|
      users_all.push User.user_data_full( user.id )
    }
    render :json => users_all
  end

=begin


Resource: 

GET /api/users/1.json


Response:

{

  "id": 1,

  "login": "some_login1",

  ...

},


Test:

curl http://localhost/api/users/#{id}.json -v -u #{login}:#{password}


=end

  def show
    user = User.user_data_full( params[:id] )
    render :json => user
  end

=begin


Resource:

POST /api/users.json


Payload:

{

  "login": "some_login",

  "firstname": "some firstname",

  "lastname": "some lastname",

  "email": "some@example.com"

}


Response:

{

  "id": 1,

  "login": "some_login",

  ...

},


Test:

curl http://localhost/api/users.json -v -u #{login}:#{password} -H "Content-Type: application/json" -X POST -d '{"login": "some_login","firstname": "some firstname","lastname": "some lastname","email": "some@example.com"}'


=end

  def create
    user = User.new( User.param_cleanup(params) )
    user.updated_by_id = (current_user && current_user.id) || 1
    user.created_by_id = (current_user && current_user.id) || 1
    
    begin

      # if it's a signup, add user to customer role
      if user.created_by_id == 1

        # check if it's first user
        count     = User.all.count()
        group_ids = []
        role_ids  = []

        # add first user as admin/agent and to all groups
        if count <= 2
          Role.where( :name => [ 'Admin', 'Agent'] ).each { |role|
            role_ids.push role.id
          }
          Group.all().each { |group|
            group_ids.push group.id
          }

        # everybody else will go as customer per default
        else
          role_ids.push Role.where( :name => 'Customer' ).first.id
        end
        user.role_ids  = role_ids
        user.group_ids = group_ids

      # else do assignment as defined
      else
        if params[:role_ids]
          user.role_ids = params[:role_ids]
        end
        if params[:group_ids]
          user.group_ids = params[:group_ids]
        end
      end

      user.save

      # send inviteation if needed
      if params[:invite]

#          logger.debug('IIIIIIIIIIIIIIIIIIIIIIIIIIIIII')
#          exit '123'
      end
      user_new = User.user_data_full( user.id )
      render :json => user_new, :status => :created
    rescue Exception => e
      render :json => { :error => e.message }, :status => :unprocessable_entity
    end
  end

=begin


Resource:

PUT /api/users/#{id}.json


Payload:

{

  "login": "some_login",

  "firstname": "some firstname",

  "lastname": "some lastname",

  "email": "some@example.com"

}


Response:

{

  "id": 2,

  "login": "some_login",

  ...

},


Test:

curl http://localhost/api/users/2.json -v -u #{login}:#{password} -H "Content-Type: application/json" -X PUT -d '{"login": "some_login","firstname": "some firstname","lastname": "some lastname","email": "some@example.com"}'


=end

  def update
    user = User.find(params[:id])

    begin
      user.update_attributes( User.param_cleanup(params) )
      if params[:role_ids]
        user.role_ids = params[:role_ids]
      end
      if params[:group_ids]
        user.group_ids = params[:group_ids]
      end
      if params[:organization_ids]
        user.organization_ids = params[:organization_ids]
      end
      user_new = User.user_data_full( params[:id] )
      render :json => user_new, :status => :ok
    rescue Exception => e
      render :json => { :error => e.message }, :status => :unprocessable_entity
    end
  end

  # DELETE /api/users/1
  def destroy
    model_destory_render(User, params)
  end

  # GET /api/users/search
  def search

    # get params
    query = params[:term]
    limit = params[:limit] || 18

    # do query
    user_all = User.find(
      :all,
      :limit      => limit,
      :conditions => ['firstname LIKE ? or lastname LIKE ? or email LIKE ?', "%#{query}%", "%#{query}%", "%#{query}%"],
      :order      => 'firstname'
    )

    # build result list
    users = []
    user_all.each do |user|
      realname = user.firstname.to_s + ' ' + user.lastname.to_s
      if user.email && user.email.to_s != ''
        realname = realname + ' <' +  user.email.to_s + '>'
      end
      a = { :id => user.id, :label => realname, :value => realname }
      users.push a
    end

    # return result
    render :json => users
  end

=begin


Resource:

POST /api/users/password_reset


Payload:

{

  "username": "some user name"

}


Response:

{

  :message => 'ok'

}


Test:

curl http://localhost/api/users/password_reset.json -v -u #{login}:#{password} -H "Content-Type: application/json" -X POST -d '{"username": "some_username"}'


=end

  def password_reset_send
    success = User.password_reset_send( params[:username] )
    if success
      render :json => { :message => 'ok' }, :status => :ok
    else
      render :json => { :message => 'failed' }, :status => :unprocessable_entity
    end
  end

=begin


Resource:

POST /api/users/password_reset_verify


Payload:

{

  "token": "SoMeToKeN",

  "password" "new_password"

}


Response:

{

  :message => 'ok'

}


Test:

curl http://localhost/api/users/password_reset_verify.json -v -u #{login}:#{password} -H "Content-Type: application/json" -X POST -d '{"token": "SoMeToKeN", "password" "new_password"}'


=end

  def password_reset_verify
    if params[:password]
      success = User.password_reset_via_token( params[:token], params[:password] )
    else
      success = User.password_reset_check( params[:token] )
    end
    if success
      render :json => { :message => 'ok' }, :status => :ok
    else
      render :json => { :message => 'failed' }, :status => :unprocessable_entity
    end
  end

end