users_controller.rb 6.4 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315
  1. class UsersController < ApplicationController
  2. before_filter :authentication_check, :except => [:create, :password_reset_send, :password_reset_verify]
  3. =begin
  4. Format:
  5. JSON
  6. Example:
  7. {
  8. "id":2,
  9. "organization_id":null,
  10. "login":"m@edenhofer.de",
  11. "firstname":"Marti",
  12. "lastname":"Ede",
  13. "email":"m@edenhofer.de",
  14. "image":"http://www.gravatar.com/avatar/1c38b099f2344976005de69965733465?s=48",
  15. "web":"http://127.0.0.1",
  16. "password":"123",
  17. "phone":"112",
  18. "fax":"211",
  19. "mobile":"",
  20. "street":"",
  21. "zip":"",
  22. "city":"",
  23. "country":null,
  24. "verified":false,
  25. "active":true,
  26. "note":"some note",
  27. "source":null,
  28. "role_ids":[1,2],
  29. "group_ids":[1,2,3,4],
  30. }
  31. =end
  32. =begin
  33. Resource:
  34. GET /api/users.json
  35. Response:
  36. [
  37. {
  38. "id": 1,
  39. "login": "some_login1",
  40. ...
  41. },
  42. {
  43. "id": 2,
  44. "login": "some_login2",
  45. ...
  46. }
  47. ]
  48. Test:
  49. curl http://localhost/api/users.json -v -u #{login}:#{password}
  50. =end
  51. def index
  52. users = User.all
  53. users_all = []
  54. users.each {|user|
  55. users_all.push User.user_data_full( user.id )
  56. }
  57. render :json => users_all
  58. end
  59. =begin
  60. Resource:
  61. GET /api/users/1.json
  62. Response:
  63. {
  64. "id": 1,
  65. "login": "some_login1",
  66. ...
  67. },
  68. Test:
  69. curl http://localhost/api/users/#{id}.json -v -u #{login}:#{password}
  70. =end
  71. def show
  72. user = User.user_data_full( params[:id] )
  73. render :json => user
  74. end
  75. =begin
  76. Resource:
  77. POST /api/users.json
  78. Payload:
  79. {
  80. "login": "some_login",
  81. "firstname": "some firstname",
  82. "lastname": "some lastname",
  83. "email": "some@example.com"
  84. }
  85. Response:
  86. {
  87. "id": 1,
  88. "login": "some_login",
  89. ...
  90. },
  91. Test:
  92. curl http://localhost/api/users.json -v -u #{login}:#{password} -H "Content-Type: application/json" -X POST -d '{"login": "some_login","firstname": "some firstname","lastname": "some lastname","email": "some@example.com"}'
  93. =end
  94. def create
  95. user = User.new( User.param_cleanup(params) )
  96. user.created_by_id = (current_user && current_user.id) || 1
  97. begin
  98. user.save
  99. # if it's a signup, add user to customer role
  100. if user.created_by_id == 1
  101. # check if it's first user
  102. count = User.all.count()
  103. group_ids = []
  104. role_ids = []
  105. # add first user as admin/agent and to all groups
  106. if count <= 2
  107. Role.where( :name => [ 'Admin', 'Agent'] ).each { |role|
  108. role_ids.push role.id
  109. }
  110. Group.all().each { |group|
  111. group_ids.push group.id
  112. }
  113. # everybody else will go as customer per default
  114. else
  115. role_ids.push Role.where( :name => 'Customer' ).first.id
  116. end
  117. user.role_ids = role_ids
  118. user.group_ids = group_ids
  119. # else do assignment as defined
  120. else
  121. if params[:role_ids]
  122. user.role_ids = params[:role_ids]
  123. end
  124. if params[:group_ids]
  125. user.group_ids = params[:group_ids]
  126. end
  127. end
  128. # send inviteation if needed
  129. if params[:invite]
  130. # logger.debug('IIIIIIIIIIIIIIIIIIIIIIIIIIIIII')
  131. # exit '123'
  132. end
  133. user_new = User.user_data_full( user.id )
  134. render :json => user_new, :status => :created
  135. rescue Exception => e
  136. render :json => { :error => e.message }, :status => :unprocessable_entity
  137. end
  138. end
  139. =begin
  140. Resource:
  141. PUT /api/users/#{id}.json
  142. Payload:
  143. {
  144. "login": "some_login",
  145. "firstname": "some firstname",
  146. "lastname": "some lastname",
  147. "email": "some@example.com"
  148. }
  149. Response:
  150. {
  151. "id": 2,
  152. "login": "some_login",
  153. ...
  154. },
  155. Test:
  156. curl http://localhost/api/users/2.json -v -u #{login}:#{password} -H "Content-Type: application/json" -X PUT -d '{"login": "some_login","firstname": "some firstname","lastname": "some lastname","email": "some@example.com"}'
  157. =end
  158. def update
  159. user = User.find(params[:id])
  160. begin
  161. user.update_attributes( User.param_cleanup(params) )
  162. if params[:role_ids]
  163. user.role_ids = params[:role_ids]
  164. end
  165. if params[:group_ids]
  166. user.group_ids = params[:group_ids]
  167. end
  168. if params[:organization_ids]
  169. user.organization_ids = params[:organization_ids]
  170. end
  171. user_new = User.user_data_full( params[:id] )
  172. render :json => user_new, :status => :ok
  173. rescue Exception => e
  174. render :json => { :error => e.message }, :status => :unprocessable_entity
  175. end
  176. end
  177. # DELETE /users/1
  178. def destroy
  179. model_destory_render(User, params)
  180. end
  181. # GET /user/search
  182. def search
  183. # get params
  184. query = params[:term]
  185. limit = params[:limit] || 18
  186. # do query
  187. user_all = User.find(
  188. :all,
  189. :limit => limit,
  190. :conditions => ['firstname LIKE ? or lastname LIKE ? or email LIKE ?', "%#{query}%", "%#{query}%", "%#{query}%"],
  191. :order => 'firstname'
  192. )
  193. # build result list
  194. users = []
  195. user_all.each do |user|
  196. realname = user.firstname.to_s + ' ' + user.lastname.to_s
  197. if user.email && user.email.to_s != ''
  198. realname = realname + ' <' + user.email.to_s + '>'
  199. end
  200. a = { :id => user.id, :label => realname, :value => realname }
  201. users.push a
  202. end
  203. # return result
  204. render :json => users
  205. end
  206. =begin
  207. Resource:
  208. POST /api/users/password_reset
  209. Payload:
  210. {
  211. "username": "some user name"
  212. }
  213. Response:
  214. {
  215. :message => 'ok'
  216. }
  217. Test:
  218. curl http://localhost/api/users/password_reset.json -v -u #{login}:#{password} -H "Content-Type: application/json" -X POST -d '{"username": "some_username"}'
  219. =end
  220. def password_reset_send
  221. success = User.password_reset_send( params[:username] )
  222. if success
  223. render :json => { :message => 'ok' }, :status => :ok
  224. else
  225. render :json => { :message => 'failed' }, :status => :unprocessable_entity
  226. end
  227. end
  228. =begin
  229. Resource:
  230. POST /api/users/password_reset_verify
  231. Payload:
  232. {
  233. "token": "SoMeToKeN",
  234. "password" "new_password"
  235. }
  236. Response:
  237. {
  238. :message => 'ok'
  239. }
  240. Test:
  241. curl http://localhost/api/users/password_reset_verify.json -v -u #{login}:#{password} -H "Content-Type: application/json" -X POST -d '{"token": "SoMeToKeN", "password" "new_password"}'
  242. =end
  243. def password_reset_verify
  244. if params[:password]
  245. success = User.password_reset_via_token( params[:token], params[:password] )
  246. else
  247. success = User.password_reset_check( params[:token] )
  248. end
  249. if success
  250. render :json => { :message => 'ok' }, :status => :ok
  251. else
  252. render :json => { :message => 'failed' }, :status => :unprocessable_entity
  253. end
  254. end
  255. end