parent
1acc369774
commit
29bd105072
10 changed files with 115 additions and 15 deletions
83
vedia.rb
83
vedia.rb
|
|
@ -120,7 +120,7 @@ end
|
|||
|
||||
post '/login' do
|
||||
user = User.find_by(email: params[:email].downcase.strip)
|
||||
if user && verify_password(params[:password], user.password)
|
||||
if user && active(user) && verify_password(params[:password], user.password)
|
||||
if not user.reset.nil?
|
||||
user.reset = nil
|
||||
user.save
|
||||
|
|
@ -154,7 +154,7 @@ post '/reset' do
|
|||
erb :reset
|
||||
else
|
||||
@user = User.find_by(email: params[:email])
|
||||
if @user
|
||||
if @user && active(@user)
|
||||
@reset = SecureRandom.uuid
|
||||
@user.reset = hash_password(@reset)
|
||||
@user.save
|
||||
|
|
@ -174,7 +174,7 @@ get '/reset/:uuid' do
|
|||
User.where.not(reset: nil).each do |user|
|
||||
@user = user if verify_password(params[:uuid], user.reset)
|
||||
end
|
||||
if @user
|
||||
if @user && active(@user)
|
||||
erb :reset_change
|
||||
else
|
||||
erb :reset_invalid
|
||||
|
|
@ -186,7 +186,7 @@ post '/reset/:uuid' do
|
|||
User.where.not(reset: nil).each do |user|
|
||||
@user = user if verify_password(params[:uuid], user.reset)
|
||||
end
|
||||
if @user
|
||||
if @user && active(@user)
|
||||
@errors = []
|
||||
if params[:password].empty?
|
||||
@errors << OpenStruct.new(:attribute => :password, :type => :blank)
|
||||
|
|
@ -223,9 +223,28 @@ get '/users/:id' do
|
|||
erb :users_show
|
||||
end
|
||||
|
||||
get '/users/:id/close' do
|
||||
require_admin_or_self
|
||||
require_active
|
||||
erb :users_close
|
||||
end
|
||||
|
||||
post '/users/:id/close' do
|
||||
require_admin_or_self
|
||||
require_active
|
||||
@user.closed_at = Time.now.utc
|
||||
@user.save
|
||||
if is_admin
|
||||
redirect "/users/#{@user.id}"
|
||||
else
|
||||
@closed = true
|
||||
session.clear
|
||||
erb :login
|
||||
end
|
||||
end
|
||||
|
||||
get '/admin' do
|
||||
require_admin
|
||||
@users = User.all
|
||||
@votes = Vote.all
|
||||
erb :admin
|
||||
end
|
||||
|
|
@ -556,7 +575,7 @@ post '/votes/:id/organizers' do
|
|||
@errors << OpenStruct.new(:attribute => :email, :type => :invalid)
|
||||
else
|
||||
user = User.find_by(email: params[:email])
|
||||
if not user
|
||||
if not user or not active(user)
|
||||
@errors << OpenStruct.new(:attribute => :email, :type => :unknown)
|
||||
@params = params
|
||||
elsif @vote.users.exists?(user.id)
|
||||
|
|
@ -584,7 +603,7 @@ def close_expired_votes
|
|||
puts "#{Time.now.utc} Closing vote \"#{vote.title}\" because it expired on #{vote.expire_on}..."
|
||||
vote.state = 'closed'
|
||||
vote.save
|
||||
all_users_sorted.each do |user|
|
||||
users_for_vote(vote).each do |user|
|
||||
puts "#{Time.now.utc} Sending results by email to #{user.email}..."
|
||||
mail = Mail.new
|
||||
mail.from = settings.admin_email
|
||||
|
|
@ -602,7 +621,7 @@ def send_reminders
|
|||
settings.reminders.slice(vote.reminders..settings.reminders.length-1).each do |reminder|
|
||||
minutes_to_expiry = ( vote.expire_on - Time.now.utc ) / 60
|
||||
if minutes_to_expiry < reminder[:timeout] / 60
|
||||
all_users_sorted.each do |user|
|
||||
active_users.each do |user|
|
||||
if not vote.ratings.collect { |rating| rating.user }.include?(user)
|
||||
puts "#{Time.now.utc} Sending reminder #{reminder[:template]} for '#{vote.title}' to #{user.email}..."
|
||||
mail = Mail.new
|
||||
|
|
@ -628,7 +647,13 @@ end
|
|||
helpers do
|
||||
def current_user
|
||||
if session[:user_id]
|
||||
User.find(session[:user_id])
|
||||
user = User.find(session[:user_id])
|
||||
if active(user)
|
||||
return user
|
||||
else
|
||||
session.clear
|
||||
return nil
|
||||
end
|
||||
elsif settings.spoof_admin
|
||||
session.clear
|
||||
session[:timezone] = 'UTC'
|
||||
|
|
@ -657,6 +682,15 @@ helpers do
|
|||
redirect '/' unless is_admin or current_user == @user
|
||||
end
|
||||
|
||||
def active(user)
|
||||
user.closed_at.nil?
|
||||
end
|
||||
|
||||
def require_active
|
||||
find_user
|
||||
redirect '/' unless active(@user)
|
||||
end
|
||||
|
||||
def find_vote
|
||||
@vote = Vote.find_by(secure_id: params[:id])
|
||||
end
|
||||
|
|
@ -669,10 +703,39 @@ helpers do
|
|||
@user = User.find(params[:id])
|
||||
end
|
||||
|
||||
def all_users_sorted
|
||||
def all_users
|
||||
User.all.each.sort_by { |user| user.email }
|
||||
end
|
||||
|
||||
def active_users(timestamp = Time.now.utc)
|
||||
users = []
|
||||
User.all.each do |user|
|
||||
if user.created_at < timestamp and ( active(user) or user.closed_at > timestamp )
|
||||
users << user
|
||||
end
|
||||
end
|
||||
users.sort_by { |user| user.email }
|
||||
end
|
||||
|
||||
def users_created_between(min, max)
|
||||
users = []
|
||||
User.all.each do |user|
|
||||
if user.created_at > min and user.created_at < max
|
||||
users << user
|
||||
end
|
||||
end
|
||||
users.sort_by { |user| user.email }
|
||||
end
|
||||
|
||||
def users_for_vote(vote)
|
||||
# Users who were active when the vote was open (or created if not open yet)
|
||||
# Users who were created between the vote was open and the vote was closed (or now if the vote is not closed yet)
|
||||
min = vote.opened_at ? vote.opened_at : vote.created_at
|
||||
max = vote.expire_on ? vote.expire_on : Time.now.utc
|
||||
users = active_users(min) + users_created_between(min, max)
|
||||
users.sort_by { |user| user.email }
|
||||
end
|
||||
|
||||
def require_candidate_in_vote
|
||||
redirect '/votes/' + @vote.secure_id unless @candidate.vote == @vote
|
||||
end
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue