added user func test

2011-02-02 15:53:28 -05:00
parent 494abe30bb
commit 502aeb6a16
5 changed files with 91 additions and 22 deletions
--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@@ -1,40 +1,44 @@
 class UsersController < ApplicationController
  respond_to :html, :xml, :json
-  before_filter :member_only, :only => [:edit, :show, :update, :destroy]
+  before_filter :member_only, :only => [:edit, :update]
+  rescue_from User::PrivilegeError, :with => "static/access_denied"

  def new
    @user = User.new
+    respond_with(@user)
  end
  
  def edit
    @user = User.find(params[:id])
-    unless CurrentUser.user.is_admin?
-      @user = CurrentUser.user
-    end
+    check_privilege(@user)
+    respond_with(@user)
  end
  
  def index
+    @search = User.search(params[:search])
+    @users = @search.paginate(:page => params[:page])
+    respond_with(@users)
  end
  
  def show
    @user = User.find(params[:id])
+    respond_with(@user)
  end
  
  def create
-    @user = User.new(params[:user].merge(:ip_addr => request.remote_ip))
-    if @user.save
-      flash[:notice] = "You have succesfully created a new account"
-      session[:user_id] = @user.id
-      redirect_to user_path(@user)
-    else
-      flash[:notice] = "There were errors"
-      render :action => "new"
-    end
+    @user = User.create(params[:user])
+    respond_with(@user)
  end
  
  def update
+    @user = User.find(params[:id])
+    check_privilege(@user)
+    @user.update_attributes(params[:user])
+    respond_with(@user)
  end
-  
-  def destroy
+
+private
+  def check_privilege(user)
+    raise User::PrivilegeError unless (user.id == CurrentUser.id || CurrentUser.is_admin?)
  end
 end
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -4,7 +4,7 @@ class User < ActiveRecord::Base
  class Error < Exception ; end
  class PrivilegeError < Exception ; end
  
-  attr_accessor :password, :old_password, :ip_addr
+  attr_accessor :password, :old_password
  attr_accessible :password, :old_password, :password_confirmation, :password_hash, :email, :last_logged_in_at, :last_forum_read_at, :has_mail, :receive_email_notifications, :comment_threshold, :always_resize_images, :favorite_tags, :blacklisted_tags, :name, :ip_addr
  validates_length_of :name, :within => 2..20, :on => :create
  validates_format_of :name, :with => /\A[^\s;,]+\Z/, :on => :create, :message => "cannot have whitespace, commas, or semicolons"
@@ -14,7 +14,6 @@ class User < ActiveRecord::Base
  validates_inclusion_of :default_image_size, :in => %w(medium large original)
  validates_confirmation_of :password
  validates_presence_of :email, :if => lambda {|rec| rec.new_record? && Danbooru.config.enable_email_verification?}
-  validates_presence_of :ip_addr, :on => :create
  validate :validate_ip_addr_is_not_banned, :on => :create
  before_save :encrypt_password
  after_save :update_cache
@@ -31,7 +30,7 @@ class User < ActiveRecord::Base
  
  module BanMethods
    def validate_ip_addr_is_not_banned
-      if IpBan.is_banned?(ip_addr)
+      if IpBan.is_banned?(CurrentUser.ip_addr)
        self.errors[:base] << "IP address is banned"
        return false
      end
--- a/app/views/users/index.html.erb
+++ b/app/views/users/index.html.erb