user blocking
This commit is contained in:
Karol Selak
parent
ccb6e23960
commit
2804c55fd9
9 changed files with 44 additions and 11 deletions
|
|
@ -4,9 +4,19 @@ class SessionsController < ApplicationController
|
|||
|
||||
def create
|
||||
@user = User.find_by(email: params[:email])
|
||||
if @user && @user.authenticate(params[:password])
|
||||
session[:user_id] = @user.id
|
||||
unless @user
|
||||
redirect_to '/welcome', notice: 'Wrong email address'
|
||||
return
|
||||
end
|
||||
unless @user.authenticate(params[:password])
|
||||
redirect_to '/welcome', notice: 'Wrong password'
|
||||
return
|
||||
end
|
||||
if @user.blocked?
|
||||
redirect_to '/welcome', notice: 'You are blocked, please contact support'
|
||||
return
|
||||
end
|
||||
session[:user_id] = @user.id
|
||||
redirect_to '/welcome'
|
||||
end
|
||||
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
class UsersController < ApplicationController
|
||||
before_action :ensure_admin, only: [:destroy]
|
||||
before_action :ensure_admin, only: [:destroy, :block]
|
||||
|
||||
def index
|
||||
@users = User.all
|
||||
|
|
@ -56,4 +56,9 @@ class UsersController < ApplicationController
|
|||
User.destroy(params[:id])
|
||||
redirect_to '/users'
|
||||
end
|
||||
|
||||
def block
|
||||
User.find(params[:id]).update(status: :blocked)
|
||||
redirect_to '/users'
|
||||
end
|
||||
end
|
||||
|
|
|
|||
|
|
@ -2,9 +2,11 @@ class User < ApplicationRecord
|
|||
has_secure_password
|
||||
has_secure_password :recovery_password, validations: false
|
||||
enum role: [:customer, :admin], _default: :customer
|
||||
enum status: [:ready, :blocked], _default: :ready
|
||||
|
||||
validates :email, presence: true, uniqueness: true, format: { with: URI::MailTo::EMAIL_REGEXP }
|
||||
validates :role, presence: true
|
||||
validates :status, presence: true
|
||||
validates :password, {
|
||||
presence: true,
|
||||
length: { minimum: 8 },
|
||||
|
|
|
|||
|
|
@ -4,12 +4,18 @@
|
|||
<div class='col s3'>
|
||||
<%= user.email %>
|
||||
</div>
|
||||
<div class='col s3'>
|
||||
<div class='col s2'>
|
||||
<%= user.role %>
|
||||
</div>
|
||||
<div class='col s3'>
|
||||
<div class='col s2'>
|
||||
<%= user.status %>
|
||||
</div>
|
||||
<div class='col s2'>
|
||||
<%= link_to 'Delete', user, method: :delete, class: "btn" %>
|
||||
</div>
|
||||
<div class='col s2'>
|
||||
<%= link_to 'Block', "/user/#{user.id}/block", method: :post, class: "btn" %>
|
||||
</div>
|
||||
</div>
|
||||
<% end %>
|
||||
</div>
|
||||
|
|
|
|||
|
|
@ -8,6 +8,7 @@ Rails.application.routes.draw do
|
|||
post 'password_recovery_request', to: 'users#password_recovery_request'
|
||||
get 'recover_password/:id/:recovery_password', to: 'users#recover_password_form'
|
||||
post 'recover_password', to: 'users#recover_password'
|
||||
post 'user/:id/block', to: 'users#block'
|
||||
resources :books
|
||||
resources :authors
|
||||
end
|
||||
|
|
|
|||
5
db/migrate/20210321213901_add_status_to_users.rb
Normal file
5
db/migrate/20210321213901_add_status_to_users.rb
Normal file
|
|
@ -0,0 +1,5 @@
|
|||
class AddStatusToUsers < ActiveRecord::Migration[6.1]
|
||||
def change
|
||||
add_column :users, :status, :integer
|
||||
end
|
||||
end
|
||||
3
db/schema.rb
generated
3
db/schema.rb
generated
|
|
@ -10,7 +10,7 @@
|
|||
#
|
||||
# It's strongly recommended that you check this file into your version control system.
|
||||
|
||||
ActiveRecord::Schema.define(version: 2021_03_21_135711) do
|
||||
ActiveRecord::Schema.define(version: 2021_03_21_213901) do
|
||||
|
||||
create_table "authors", force: :cascade do |t|
|
||||
t.string "first_name"
|
||||
|
|
@ -45,6 +45,7 @@ ActiveRecord::Schema.define(version: 2021_03_21_135711) do
|
|||
t.datetime "updated_at", precision: 6, null: false
|
||||
t.string "recovery_password_digest"
|
||||
t.integer "role"
|
||||
t.integer "status"
|
||||
end
|
||||
|
||||
end
|
||||
|
|
|
|||
|
|
@ -40,16 +40,19 @@ User.create([
|
|||
{
|
||||
email: 'abc@o2.pl',
|
||||
password: 'aaaaaaaa',
|
||||
role: :admin
|
||||
role: :admin,
|
||||
status: :ready
|
||||
},
|
||||
{
|
||||
email: 'abcd@o2.pl',
|
||||
password: 'aaaaaaaa',
|
||||
role: :customer
|
||||
role: :customer,
|
||||
status: :ready
|
||||
},
|
||||
{
|
||||
email: 'abcde@o2.pl',
|
||||
password: 'aaaaaaaa',
|
||||
role: :customer
|
||||
role: :customer,
|
||||
status: :ready
|
||||
},
|
||||
])
|
||||
|
|
@ -5,7 +5,7 @@ RSpec.describe UsersController do
|
|||
User.destroy_all
|
||||
end
|
||||
let(:user1) do
|
||||
User.create(email: 'test1@example.com', password: 'abcde', recovery_password: 'recovery password')
|
||||
User.create(email: 'test1@example.com', password: 'abcdefgh', recovery_password: 'recovery password')
|
||||
end
|
||||
describe 'get new' do
|
||||
subject { get :new }
|
||||
|
|
@ -15,7 +15,7 @@ RSpec.describe UsersController do
|
|||
end
|
||||
describe 'get create' do
|
||||
subject do
|
||||
get :create, params: {user: {email: 'test2@example.com', password: 'abcde'}}
|
||||
get :create, params: {user: {email: 'test2@example.com', password: 'abcdefgh'}}
|
||||
end
|
||||
it 'creates a user' do
|
||||
subject
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue