Replaced IndexController by Home- and FoodcoopController. Some reorganizing in groups/memberships-logic (moved memberships out of admin-namespace).

2009-01-15 12:14:01 +01:00 · 2009-01-15 12:14:01 +01:00 · 6ce6c2c75a
commit 6ce6c2c75a
parent fadc951208
70 changed files with 553 additions and 934 deletions
--- a/app/controllers/application.rb
+++ b/app/controllers/application.rb
@ -113,6 +113,20 @@ class ApplicationController < ActionController::Base
      authenticate('orders')
    end

+    # checks if the current_user is member of given group.
+    # if fails the user will redirected to startpage
+    def authenticate_membership_or_admin
+      @group = Group.find(params[:id])
+      unless @group.member?(@current_user) or @current_user.role_admin?
+        flash[:error] = ERROR_NO_GROUP_MEMBER
+        if request.xml_http_request?
+          render(:update) {|page| page.redirect_to root_path }
+        else
+          redirect_to root_path
+        end
+      end
+    end
+
    # Stores this controller instance as a thread local varibale to be accessible from outside ActionController/ActionView.
    def store_controller
      Thread.current[:application_controller] = self
--- a/app/controllers/finance/transactions_controller.rb
+++ b/app/controllers/finance/transactions_controller.rb
@ -23,15 +23,12 @@ class Finance::TransactionsController < ApplicationController
    conditions = "name LIKE '%#{params[:query]}%'" unless params[:query].nil?

    @total = Ordergroup.count(:conditions => conditions)
-    @groups = Ordergroup.paginate :conditions => conditions, :page => params[:page], :per_page => @per_page, :order => sort
+    @groups = Ordergroup.paginate :conditions => conditions, :page => params[:page],
+      :per_page => @per_page, :order => sort

    respond_to do |format|
      format.html
-      format.js do
-        render :update do |page|
-          page.replace_html 'table', :partial => "ordergroups"
-        end
-      end
+      format.js { render :partial => "ordergroups" }
    end
  end

@ -54,17 +51,15 @@ class Finance::TransactionsController < ApplicationController
    conditions = ["note LIKE ?", "%#{params[:query]}%"] unless params[:query].nil?

    @total = @group.financial_transactions.count(:conditions => conditions)
-    @financial_transactions = @group.financial_transactions.paginate(:page => params[:page],
-                                                                    :per_page => 10,
-                                                                    :conditions => conditions,
-                                                                    :order => sort)
+    @financial_transactions = @group.financial_transactions.paginate(
+      :page => params[:page],
+      :per_page => 10,
+      :conditions => conditions,
+      :order => sort)
+
    respond_to do |format|
      format.html
-      format.js do
-        render :update do |page|
-          page.replace_html 'table', :partial => "list"
-        end
-      end
+      format.js { render :partial => "list" }
    end
  end

--- a/app/controllers/foodcoop_controller.rb
+++ b/app/controllers/foodcoop_controller.rb
@ -0,0 +1,67 @@
+class FoodcoopController < ApplicationController
+
+  before_filter :authenticate_membership_or_admin, 
+    :only => [:edit_group, :update_group, :memberships, :invite, :send_invitation]
+
+  # gives a view to list all members of the foodcoop
+  def members
+
+    # sort by ordergroups
+    if params[:sort_by_ordergroups]
+      @users = []
+      Ordergroup.find(:all, :order => "name").each do |group|
+        group.users.each do |user|
+          @users << user
+        end
+      end
+      @total = @users.size
+    else
+    # sort by nick, thats default
+      if (params[:per_page] && params[:per_page].to_i > 0 && params[:per_page].to_i <= 100)
+        @per_page = params[:per_page].to_i
+      else
+        @per_page = 20
+      end
+
+      # if somebody uses the search field:
+      conditions = "first_name LIKE '%#{params[:query]}%' OR last_name LIKE '%#{params[:query]}%'" unless params[:query].blank?
+
+      @total = User.count(:conditions => conditions)
+      @users = User.paginate(:page => params[:page], :per_page => @per_page, :conditions => conditions, :order => "nick", :include => "groups")
+
+      respond_to do |format|
+        format.html # index.html.erb
+        format.js { render :partial => "users" }
+      end
+    end
+  end
+
+  # gives an overview for the workgroups and its members
+  def workgroups
+    @groups = Workgroup.find :all, :order => "name"
+  end
+
+  def group
+  end
+
+  def edit_group
+  end
+
+  def memberships
+  end
+
+  # Invites a new user to join foodsoft in this group.
+  def invite
+    @invite = Invite.new
+  end
+  # Sends an email
+  def send_invitation
+    @invite = Invite.new(:user => @current_user, :group => @group, :email => params[:invite][:email])
+    if @invite.save
+      flash[:notice] = format('Es wurde eine Einladung an %s geschickt.', @invite.email)
+      redirect_to(:action => 'index')
+    else
+      render :action => 'invite'
+    end
+  end
+end
--- a/app/controllers/home_controller.rb
+++ b/app/controllers/home_controller.rb
@ -0,0 +1,86 @@
+class HomeController < ApplicationController
+  
+  def index
+    @currentOrders = Order.find_current
+    @orderGroup = @current_user.find_ordergroup
+    if @orderGroup
+      @financial_transactions = @orderGroup.financial_transactions.find(:all, :order => 'created_on desc', :limit => 3)
+    end
+    # unread messages
+    @messages = Message.find_all_by_recipient_id_and_read(@current_user.id, false, :order => 'messages.created_on desc', :include => :sender)
+    # unaccepted tasks
+    @unaccepted_tasks = @current_user.unaccepted_tasks
+    # task in next week
+    @next_tasks = @current_user.next_tasks
+
+    # count tasks with no responsible person
+    # tasks for groups the current user is not a member are ignored
+    tasks = Task.find(:all, :conditions => ["assigned = ? and done = ?", false, false])
+    @unassigned_tasks_number = 0
+    for task in tasks
+      (@unassigned_tasks_number += 1) unless task.workgroup && !current_user.is_member_of(task.workgroup)
+    end
+  end
+
+  def profile
+    @user = @current_user
+  end
+
+  def update_profile
+    @user = @current_user
+    if @user.update_attributes(params[:user])
+      flash[:notice] = 'Änderungen wurden gespeichert.'
+      redirect_to :action => 'profile'
+    else
+      render :action => 'profile'
+    end
+  end
+
+  def ordergroup
+    @user = @current_user
+    @ordergroup = @user.find_ordergroup
+    @ordergroup_column_names = ["Description", "Actual Size", "Balance", "Updated"]
+    @ordergroup_columns = ["description", "actual_size", "account_balance", "account_updated"]
+
+    #listing the financial transactions with ajax...
+
+    if params['sort']
+      sort = case params['sort']
+               when "date"  then "created_on"
+               when "note"   then "note"
+               when "amount" then "amount"
+               when "date_reverse"  then "created_on DESC"
+               when "note_reverse" then "note DESC"
+               when "amount_reverse" then "amount DESC"
+               end
+      else
+        sort = "created_on DESC"
+      end
+
+    # or if somebody uses the search field:
+    conditions = ["note LIKE ?", "%#{params[:query]}%"] unless params[:query].nil?
+
+    @total = @ordergroup.financial_transactions.count(:conditions => conditions)
+    @financial_transactions = @ordergroup.financial_transactions.paginate(:page => params[:page],
+                                                                    :per_page => 10,
+                                                                    :conditions => conditions,
+                                                                    :order => sort)
+    respond_to do |format|
+      format.html # myOrdergroup.haml
+      format.js { render :partial => "finance/transactions/list" }
+    end
+  end
+
+    # cancel personal memberships direct from the myProfile-page
+  def cancel_membership
+    membership = Membership.find(params[:membership_id])
+    if membership.user == current_user
+      membership.destroy
+      flash[:notice] = "Du bist jetzt kein Mitglied der Gruppe #{@group.name} mehr."
+    else
+      flash[:error] = "Ein Problem ist aufgetreten."
+    end
+    redirect_to my_profile_path
+  end
+
+end
--- a/app/controllers/index_controller.rb
+++ b/app/controllers/index_controller.rb
@ -1,261 +0,0 @@
-class IndexController < ApplicationController
-  # Messages
-  MSG_USER_UPDATED = 'Benutzeränderungen wurden gespeichert'
-  ERROR_NO_GROUP_MEMBER = 'Du bist kein Gruppenmitglied.'
-  MSG_GROUP_UPDATED = 'Gruppe wurde erfolgreich bearbeitet'
-  ERR_LAST_MEMBER = "Eine Benutzerin muss der Bestellgruppe erhalten bleiben"
-  MSG_MEMBERSHIP_ENDS = 'Du bist nun nicht mehr Mitglied der Gruppe '
-  ERR_CANNOT_INVITE = 'Du kannst niemanden in diese Gruppe einladen.'
-  MSG_INVITE_SUCCESS = 'Es wurde eine Einladung an %s geschickt.'
-  
-  def index
-    @currentOrders = Order.find_current  
-    @orderGroup = @current_user.find_ordergroup
-    if @orderGroup
-      @financial_transactions = @orderGroup.financial_transactions.find(:all, :order => 'created_on desc', :limit => 3)
-    end
-    # unread messages
-    @messages = Message.find_all_by_recipient_id_and_read(@current_user.id, false, :order => 'messages.created_on desc', :include => :sender)
-    # unaccepted tasks
-    @unaccepted_tasks = @current_user.unaccepted_tasks
-    # task in next week
-    @next_tasks = @current_user.next_tasks
-    
-    # count tasks with no responsible person
-    # tasks for groups the current user is not a member are ignored
-    tasks = Task.find(:all, :conditions => ["assigned = ? and done = ?", false, false])
-    @unassigned_tasks_number = 0
-    for task in tasks
-      (@unassigned_tasks_number += 1) unless task.group && !current_user.is_member_of(task.group)
-    end    
-  end
-  
-  def myProfile
-    @user = @current_user
-    @user_columns = ["first_name", "last_name", "email", "phone", "address"]
-  end
-  
-  def editProfile
-    @user = @current_user
-  end
-  
-  def updateProfile
-    @user = @current_user
-    @user.set_password({:required => false}, params[:user][:password], params[:user][:password_confirmation])
-    @user.attributes = params[:user]
-    for setting in User::setting_keys.keys 
-      @user.settings[setting] = (params[:user][:settings] && params[:user][:settings][setting] == '1' ? '1' : nil)
-    end
-    if @user.errors.empty? && @user.save
-      flash[:notice] = MSG_USER_UPDATED
-      redirect_to :action => 'myProfile'
-    else
-      render :action => 'editProfile'
-    end
-  end
-  
-  def myOrdergroup
-    @user = @current_user
-    @ordergroup = @user.find_ordergroup
-    @ordergroup_column_names = ["Description", "Actual Size", "Balance", "Updated"]
-    @ordergroup_columns = ["description", "actual_size", "account_balance", "account_updated"]
-                                                          
-    #listing the financial transactions with ajax...
-
-    if params['sort']
-      sort = case params['sort']
-               when "date"  then "created_on"
-               when "note"   then "note"
-               when "amount" then "amount"
-               when "date_reverse"  then "created_on DESC"
-               when "note_reverse" then "note DESC"
-               when "amount_reverse" then "amount DESC"
-               end
-      else
-        sort = "created_on DESC"
-      end
-    
-    # or if somebody uses the search field:
-    conditions = ["note LIKE ?", "%#{params[:query]}%"] unless params[:query].nil?
-
-    @total = @ordergroup.financial_transactions.count(:conditions => conditions)
-    @financial_transactions = @ordergroup.financial_transactions.paginate(:page => params[:page],
-                                                                    :per_page => 10,
-                                                                    :conditions => conditions,
-                                                                    :order => sort)
-    respond_to do |format|
-      format.html # myOrdergroup.haml
-      format.js do
-        render :update do |page|
-          page.replace_html 'table', :partial => "financial_transactions/list"
-        end
-      end
-    end                                                    
-  end
-  
-  def showGroup
-    @user = @current_user
-    @group = Group.find(params[:id])
-  end
-  
-  def showUser
-    @user = User.find(params[:id])
-  end
-  
-  def editGroup
-    @group = Group.find(params[:id])
-    authenticate_membership(@group)
-#    unless @group.member?(@current_user)
-#      flash[:error] = ERROR_NO_GROUP_MEMBER
-#      redirect_to :action => 'index'
-#    end
-  end
-  
-  # update the Group
-  # only access to description for Ordergroups
-  def updateGroup
-    @group = Group.find(params[:id])
-    authenticate_membership(@group)
-    if @group.is_a?(Ordergroup)
-      @group.update_attribute(:description, params[:group][:description])
-    else
-      @group.update_attributes(params[:group])
-    end
-    if @group.errors.empty?
-      flash[:notice] = MSG_GROUP_UPDATED
-      redirect_to :action => 'showGroup', :id => @group
-    else
-      render :action => 'editGroup'
-    end
-  end
-  
-  def members
-    @group = Group.find(params[:id])
-    authenticate_membership(@group)
-  end
-  
-  # adds a new member to the group
-  def addMember
-    @group = Group.find(params[:id])
-    authenticate_membership(@group)
-    user = User.find(params[:user])
-    Membership.create(:group => @group, :user => user)
-    redirect_to :action => 'memberships_reload', :id => @group
-  end
-  
-  # the membership will find an end....
-  def dropMember
-    begin
-      group = Group.find(params[:group])
-      authenticate_membership(group)
-      membership = Membership.find(params[:membership])
-      if group.is_a?(Ordergroup) && group.memberships.size == 1
-        # Deny dropping member if the group is an Ordergroup and there is only one member left.
-        flash[:error] = ERR_LAST_MEMBER
-      else
-        membership.destroy
-      end
-      redirect_to :action => 'memberships_reload', :id => group
-    rescue => error
-      flash[:error] = error.to_s
-      redirect_to :action => 'memberships_reload', :id => group
-    end
-  end
-  
-  # the two boxes 'members' and 'non members' will be reload through ajax
-  def memberships_reload
-    @group = Group.find(params[:id])
-    unless @group.member?(@current_user)
-      flash[:error] = ERROR_NO_GROUP_MEMBER
-      render(:update) {|page| page.redirect_to :action => "myProfile"}
-    else
-      render :update do |page|
-      page.replace_html 'members', :partial => 'groups/members',  :object => @group
-      page.replace_html 'non_members', :partial => 'groups/non_members', :object => @group
-      end
-    end
-  end
-  
-  # checks if the current_user is member of given group.
-  # if fails the user will redirected to startpage
-  # method used while group/memberships beeing edit
-  def authenticate_membership(group)
-    unless group.member?(@current_user)
-      flash[:error] = ERROR_NO_GROUP_MEMBER
-      if request.xml_http_request?
-        render(:update) {|page| page.redirect_to :action => "index"}
-      else
-        redirect_to :action => 'index'
-      end
-    end
-  end
-  
-  # gives a view to list all members of the foodcoop
-  def foodcoop_members
-    
-    # sort by ordergroups
-    if params[:sort_by_ordergroups]
-      @users = []
-      Ordergroup.find(:all, :order => "name").each do |group|
-        group.users.each do |user|
-          @users << user
-        end
-      end
-      @total = @users.size
-    else
-    # sort by nick, thats default
-      if (params[:per_page] && params[:per_page].to_i > 0 && params[:per_page].to_i <= 100)
-        @per_page = params[:per_page].to_i
-      else
-        @per_page = 20
-      end
-      
-      # if somebody uses the search field:
-      conditions = "first_name LIKE '%#{params[:query]}%' OR last_name LIKE '%#{params[:query]}%'" unless params[:query].blank?
-  
-      @total = User.count(:conditions => conditions)
-      @users = User.paginate(:page => params[:page], :per_page => @per_page, :conditions => conditions, :order => "nick", :include => "groups")
-      
-      respond_to do |format|
-        format.html # index.html.erb
-        format.js do
-          render :update do |page|
-            page.replace_html 'user_table', :partial => "list_members"
-          end
-        end
-      end                                  
-    end
-  end
-  
-  # gives an overview for the workgroups and its members
-  def workgroups
-    @groups = Group.find :all, :conditions => "type != 'Ordergroup'", :order => "name"
-  end
-  
-  # Invites a new user to join foodsoft in this group.
-  def invite
-    @group = Group.find(params[:id])
-    if (!@group || (!@current_user.is_member_of(@group) && !@current_user.role_admin?))
-      flash[:error] = ERR_CANNOT_INVITE 
-      redirect_to(:action => "index")
-    elsif (request.post?)
-      @invite = Invite.new(:user => @current_user, :group => @group, :email => params[:invite][:email])
-      if @invite.save
-        flash[:notice] = format(MSG_INVITE_SUCCESS, @invite.email)
-        redirect_to(:action => 'index')
-      end
-    end
-  end
-  
-  # cancel personal memberships direct from the myProfile-page
-  def cancel_membership
-    membership = Membership.find(params[:id])
-    if membership.user == current_user
-      membership.destroy
-      flash[:notice] = _("The membership was cancelled.")
-    else
-      flash[:error] = _("You are not allowed to cancel this membership")
-    end
-    redirect_to my_profile_path
-  end
-end
--- a/app/controllers/admin/memberships_controller.rb
+++ b/app/controllers/admin/memberships_controller.rb
@ -1,4 +1,5 @@
-class Admin::MembershipsController < ApplicationController
+class MembershipsController < ApplicationController
+    before_filter :authenticate_membership_or_admin

  def add_member
    @group = Group.find(params[:group_id])
@ -27,8 +28,8 @@ class Admin::MembershipsController < ApplicationController
  def reload
    @group = Group.find(params[:group_id])
    render :update do |page|
-      page.replace_html 'members', :partial => 'members',  :object => @group
-      page.replace_html 'non_members', :partial => 'non_members', :object => @group
+      page.replace_html 'members', :partial => 'shared/memberships/current_members',  :object => @group
+      page.replace_html 'non_members', :partial => 'shared/memberships/non_members', :object => @group
    end
  end

--- a/app/controllers/tasks_controller.rb
+++ b/app/controllers/tasks_controller.rb
@ -2,7 +2,7 @@ class TasksController < ApplicationController
  #auto_complete_for :user, :nick
  
  def index
-    @non_group_tasks = Task.find :all, :conditions => "group_id IS NULL AND done = 0", :order => "due_date ASC"
+    @non_group_tasks = Task.non_group
    @groups = Group.find :all, :conditions => "type != 'Ordergroup'"
  end
  
@ -28,8 +28,8 @@ class TasksController < ApplicationController
    if @task.errors.empty?
      @task.save
      flash[:notice] = "Aufgabe wurde erstellt"
-      if @task.group
-        redirect_to :action => "workgroup", :id => @task.group
+      if @task.workgroup
+        redirect_to :action => "workgroup", :id => @task.workgroup
      else
        redirect_to :action => "index"
      end          
@ -52,8 +52,8 @@ class TasksController < ApplicationController
    if @task.errors.empty?
      @task.save
      flash[:notice] = "Aufgabe wurde aktualisiert"
-      if @task.group
-        redirect_to :action => "workgroup", :id => @task.group
+      if @task.workgroup
+        redirect_to :action => "workgroup", :id => @task.workgroup
      else
        redirect_to :action => "index"
      end