aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--app/controllers/admin_controller.rb4
-rw-r--r--app/controllers/application.rb90
-rw-r--r--app/controllers/user_controller.rb71
-rw-r--r--app/models/public_body.rb6
-rw-r--r--spec/controllers/admin_controller_spec.rb10
5 files changed, 98 insertions, 83 deletions
diff --git a/app/controllers/admin_controller.rb b/app/controllers/admin_controller.rb
index 7bb60b036..76fb8de07 100644
--- a/app/controllers/admin_controller.rb
+++ b/app/controllers/admin_controller.rb
@@ -1,10 +1,10 @@
-# app/controllers/admin_public_body_controller.rb:
+# app/controllers/admin_controller.rb:
# Controller for admin interface.
#
# Copyright (c) 2007 UK Citizens Online Democracy. All rights reserved.
# Email: francis@mysociety.org; WWW: http://www.mysociety.org/
#
-# $Id: admin_controller.rb,v 1.1 2007-09-03 09:39:20 francis Exp $
+# $Id: admin_controller.rb,v 1.2 2007-10-31 17:25:29 francis Exp $
class AdminController < ApplicationController
layout "admin"
diff --git a/app/controllers/application.rb b/app/controllers/application.rb
index 1fde074a9..d0d0fef7e 100644
--- a/app/controllers/application.rb
+++ b/app/controllers/application.rb
@@ -6,7 +6,7 @@
# Copyright (c) 2007 UK Citizens Online Democracy. All rights reserved.
# Email: francis@mysociety.org; WWW: http://www.mysociety.org/
#
-# $Id: application.rb,v 1.19 2007-10-31 12:39:58 francis Exp $
+# $Id: application.rb,v 1.20 2007-10-31 17:25:29 francis Exp $
class ApplicationController < ActionController::Base
@@ -16,74 +16,6 @@ class ApplicationController < ActionController::Base
# Pick a unique cookie name to distinguish our session data from others'
session :session_key => '_foi_session_id'
- # Login form
- def signin
- # The explict signin link uses this to store where it is to go back to
- if params[:r]
- session[:intended_uri] = params[:r]
- session[:intended_params] = nil
- end
-
- if not params[:user]
- # First time page is shown
- render :template => 'user_accounts/signin' and return
- else
- @user = User.authenticate(params[:user][:email], params[:user][:password])
- if @user
- # Successful login
- session[:user] = @user.id
- post_redirect session[:intended_uri], session[:intended_params] and return
- else
- if User.find(:first, :conditions => [ "email = ?", params[:user][:email] ])
- # Failed to authenticate
- flash[:error] = "Password not correct, please try again"
- @user = User.new(params[:user])
- render :template => 'user_accounts/signin' and return
- else
- # "I am new to FOIFA"
- session[:email] = params[:user][:email]
- session[:password] = params[:user][:password]
- session[:first_time] = true
- redirect_to :action => 'signup' and return
- end
- end
- end
- end
-
- # Create new account form
- def signup
- # Default to value saved from signin form
- params[:user] ||= { :email => session[:email] }
- params[:user] ||= { :password => session[:password] }
-
- # Make the user and try to save it
- @user = User.new(params[:user])
- if not @user.save
- # First time get to form (e.g. from signin) , don't show errors
- if session[:first_time]
- @first_time = true
- @user.errors.clear
- session[:first_time] = false
- end
- # Show the form
- render :template => 'user_accounts/signup'
- else
- # New user made, redirect back to where we were
- session[:user] = @user.id
- post_redirect session[:intended_uri], session[:intended_params] and return
- end
- end
-
- # Logout form
- def signout
- session[:user] = nil
- if params[:r]
- redirect_to params[:r]
- else
- redirect_to :action => "index"
- end
- end
-
private
# Check the user is logged in
@@ -102,7 +34,9 @@ class ApplicationController < ActionController::Base
return User.find(session[:user])
end
- # Post redirect
+ # Do a POST redirect. This is a nasty hack - we store the posted values to
+ # the controller, and when the GET redirect with "?post_redirect=1"
+ # happens, load them in.
def post_redirect(uri, params)
session[:post_redirect_params] = params
# XXX what is built in Ruby URI munging function?
@@ -114,6 +48,14 @@ class ApplicationController < ActionController::Base
redirect_to uri
end
+ # If we are in a faked redirect to POST request, then set post params.
+ before_filter :check_in_post_redirect
+ def check_in_post_redirect
+ if params[:post_redirect] and session[:post_redirect_params]
+ params.update(session[:post_redirect_params])
+ end
+ end
+
# Default layout shows user in corner, so needs access to it
before_filter :authentication_check
def authentication_check
@@ -122,14 +64,6 @@ class ApplicationController < ActionController::Base
end
end
- # If we are in a redirect to POST request, then set params
- before_filter :check_in_post_redirect
- def check_in_post_redirect
- if params[:post_redirect] and session[:post_redirect_params]
- params.update(session[:post_redirect_params])
- end
- end
-
# For administration interface, return display name of authenticated user
def admin_http_auth_user
if not request.env["REMOTE_USER"]
diff --git a/app/controllers/user_controller.rb b/app/controllers/user_controller.rb
index 959630166..084bbbc81 100644
--- a/app/controllers/user_controller.rb
+++ b/app/controllers/user_controller.rb
@@ -4,7 +4,7 @@
# Copyright (c) 2007 UK Citizens Online Democracy. All rights reserved.
# Email: francis@mysociety.org; WWW: http://www.mysociety.org/
#
-# $Id: user_controller.rb,v 1.6 2007-10-31 12:39:58 francis Exp $
+# $Id: user_controller.rb,v 1.7 2007-10-31 17:25:29 francis Exp $
class UserController < ApplicationController
# XXX See controllers/application.rb simplify_url_part for reverse of expression in SQL below
@@ -12,6 +12,75 @@ class UserController < ApplicationController
@display_users = User.find(:all, :conditions => [ "regexp_replace(replace(lower(name), ' ', '-'), '[^a-z0-9_-]', '', 'g') = ?", params[:simple_name] ], :order => "created_at desc")
end
+ # Login form
+ def signin
+ # The explict signin link uses this to store where it is to go back to
+ if params[:r]
+ session[:intended_uri] = params[:r]
+ session[:intended_params] = nil
+ end
+
+ if not params[:user]
+ # First time page is shown
+ render :template => 'user_accounts/signin' and return
+ else
+ @user = User.authenticate(params[:user][:email], params[:user][:password])
+ if @user
+ # Successful login
+ session[:user] = @user.id
+ post_redirect session[:intended_uri], session[:intended_params] and return
+ else
+ if User.find(:first, :conditions => [ "email = ?", params[:user][:email] ])
+ # Failed to authenticate
+ flash[:error] = "Password not correct, please try again"
+ @user = User.new(params[:user])
+ render :template => 'user_accounts/signin' and return
+ else
+ # "I am new to FOIFA"
+ session[:email] = params[:user][:email]
+ session[:password] = params[:user][:password]
+ session[:first_time] = true
+ redirect_to :action => 'signup' and return
+ end
+ end
+ end
+ end
+
+ # Create new account form
+ def signup
+ # Default to value saved from signin form
+ params[:user] ||= { :email => session[:email] }
+ params[:user] ||= { :password => session[:password] }
+
+ # Make the user and try to save it
+ @user = User.new(params[:user])
+ if not @user.save
+ # First time get to form (e.g. from signin) , don't show errors
+ if session[:first_time]
+ @first_time = true
+ @user.errors.clear
+ session[:first_time] = false
+ end
+ # Show the form
+ render :template => 'user_accounts/signup'
+ else
+ # New user made, redirect back to where we were
+ session[:user] = @user.id
+ post_redirect session[:intended_uri], session[:intended_params] and return
+ end
+ end
+
+ # Logout form
+ def signout
+ session[:user] = nil
+ if params[:r]
+ redirect_to params[:r]
+ else
+ redirect_to :action => "index"
+ end
+ end
+
+
private
end
diff --git a/app/models/public_body.rb b/app/models/public_body.rb
index 5f3c4ceb3..6a5134396 100644
--- a/app/models/public_body.rb
+++ b/app/models/public_body.rb
@@ -1,12 +1,14 @@
-# models/info_request.rb:
+# models/public_body.rb:
# A public body, from which information can be requested.
#
# Copyright (c) 2007 UK Citizens Online Democracy. All rights reserved.
# Email: francis@mysociety.org; WWW: http://www.mysociety.org/
#
-# $Id: public_body.rb,v 1.8 2007-10-30 14:23:21 francis Exp $
+# $Id: public_body.rb,v 1.9 2007-10-31 17:25:29 francis Exp $
class PublicBody < ActiveRecord::Base
+ validates_presence_of :name
+ validates_presence_of :short_name
validates_presence_of :request_email
has_many :info_requests
diff --git a/spec/controllers/admin_controller_spec.rb b/spec/controllers/admin_controller_spec.rb
new file mode 100644
index 000000000..5a52d1641
--- /dev/null
+++ b/spec/controllers/admin_controller_spec.rb
@@ -0,0 +1,10 @@
+require File.dirname(__FILE__) + '/../spec_helper'
+
+describe AdminController, "when viewing front page of admin interface" do
+
+ it "should render the front page" do
+ get :index
+ response.should render_template('index')
+ end
+
+end