diff --git a/db/migrate/20260420181729_add_closed_at_to_user.rb b/db/migrate/20260420181729_add_closed_at_to_user.rb deleted file mode 100644 index 1487103..0000000 --- a/db/migrate/20260420181729_add_closed_at_to_user.rb +++ /dev/null @@ -1,5 +0,0 @@ -class AddClosedAtToUser < ActiveRecord::Migration[7.2] - def change - add_column :users, :closed_at, :datetime - end -end diff --git a/db/migrate/20260420210736_add_opened_at_to_vote.rb b/db/migrate/20260420210736_add_opened_at_to_vote.rb deleted file mode 100644 index 2629227..0000000 --- a/db/migrate/20260420210736_add_opened_at_to_vote.rb +++ /dev/null @@ -1,5 +0,0 @@ -class AddOpenedAtToVote < ActiveRecord::Migration[7.2] - def change - add_column :votes, :opened_at, :datetime - end -end diff --git a/db/schema.rb b/db/schema.rb index c5aee86..5675bc4 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -10,7 +10,7 @@ # # It's strongly recommended that you check this file into your version control system. -ActiveRecord::Schema[7.2].define(version: 2026_04_20_210736) do +ActiveRecord::Schema[7.2].define(version: 2026_03_23_215246) do create_table "candidates", force: :cascade do |t| t.integer "vote_id" t.string "name" @@ -46,7 +46,6 @@ ActiveRecord::Schema[7.2].define(version: 2026_04_20_210736) do t.datetime "updated_at", null: false t.string "reset" t.boolean "admin" - t.datetime "closed_at" end create_table "votes", force: :cascade do |t| @@ -58,7 +57,6 @@ ActiveRecord::Schema[7.2].define(version: 2026_04_20_210736) do t.datetime "updated_at", null: false t.string "state" t.integer "reminders" - t.datetime "opened_at" end add_foreign_key "ratings", "votes" diff --git a/vedia.rb b/vedia.rb index 48bc673..080d054 100644 --- a/vedia.rb +++ b/vedia.rb @@ -120,7 +120,7 @@ end post '/login' do user = User.find_by(email: params[:email].downcase.strip) - if user && active(user) && verify_password(params[:password], user.password) + if user && verify_password(params[:password], user.password) if not user.reset.nil? user.reset = nil user.save @@ -134,7 +134,7 @@ post '/login' do redirect '/' end else - @error = true + @error = _("Incorrect email or password.") erb :login end end @@ -154,7 +154,7 @@ post '/reset' do erb :reset else @user = User.find_by(email: params[:email]) - if @user && active(@user) + if @user @reset = SecureRandom.uuid @user.reset = hash_password(@reset) @user.save @@ -174,7 +174,7 @@ get '/reset/:uuid' do User.where.not(reset: nil).each do |user| @user = user if verify_password(params[:uuid], user.reset) end - if @user && active(@user) + if @user erb :reset_change else erb :reset_invalid @@ -186,7 +186,7 @@ post '/reset/:uuid' do User.where.not(reset: nil).each do |user| @user = user if verify_password(params[:uuid], user.reset) end - if @user && active(@user) + if @user @errors = [] if params[:password].empty? @errors << OpenStruct.new(:attribute => :password, :type => :blank) @@ -218,37 +218,19 @@ post '/logout' do redirect '/login' end -get '/users/:id' do - require_admin_or_self - erb :users_show -end - -get '/users/:id/close' do - require_admin_or_self - require_active - erb :users_close -end - -post '/users/:id/close' do - require_admin_or_self - require_active - @user.closed_at = Time.now.utc - @user.save - if is_admin - redirect "/users/#{@user.id}" - else - @closed = true - session.clear - erb :login - end -end - get '/admin' do require_admin + @users = User.all @votes = Vote.all erb :admin end +get '/admin/users/:id' do + require_admin + @user = User.find(params[:id]) + erb :admin_users +end + get '/admin/users/:id/organizers/:vote/delete' do require_admin rating = Organizer.where(user: params[:id]).where(vote: params[:vote]).each do |organizer| @@ -575,7 +557,7 @@ post '/votes/:id/organizers' do @errors << OpenStruct.new(:attribute => :email, :type => :invalid) else user = User.find_by(email: params[:email]) - if not user or not active(user) + if not user @errors << OpenStruct.new(:attribute => :email, :type => :unknown) @params = params elsif @vote.users.exists?(user.id) @@ -603,7 +585,7 @@ def close_expired_votes puts "#{Time.now.utc} Closing vote \"#{vote.title}\" because it expired on #{vote.expire_on}..." vote.state = 'closed' vote.save - users_for_vote(vote).each do |user| + all_users_sorted.each do |user| puts "#{Time.now.utc} Sending results by email to #{user.email}..." mail = Mail.new mail.from = settings.admin_email @@ -621,7 +603,7 @@ def send_reminders settings.reminders.slice(vote.reminders..settings.reminders.length-1).each do |reminder| minutes_to_expiry = ( vote.expire_on - Time.now.utc ) / 60 if minutes_to_expiry < reminder[:timeout] / 60 - active_users.each do |user| + all_users_sorted.each do |user| if not vote.ratings.collect { |rating| rating.user }.include?(user) puts "#{Time.now.utc} Sending reminder #{reminder[:template]} for '#{vote.title}' to #{user.email}..." mail = Mail.new @@ -647,13 +629,7 @@ end helpers do def current_user if session[:user_id] - user = User.find(session[:user_id]) - if active(user) - return user - else - session.clear - return nil - end + User.find(session[:user_id]) elsif settings.spoof_admin session.clear session[:timezone] = 'UTC' @@ -676,21 +652,6 @@ helpers do redirect '/' unless is_admin end - def require_admin_or_self - require_login - find_user - redirect '/' unless is_admin or current_user == @user - end - - def active(user) - user.closed_at.nil? - end - - def require_active - find_user - redirect '/' unless active(@user) - end - def find_vote @vote = Vote.find_by(secure_id: params[:id]) end @@ -699,43 +660,10 @@ helpers do @candidate = Candidate.find(params[:cid]) end - def find_user - @user = User.find(params[:id]) - end - - def all_users + def all_users_sorted User.all.each.sort_by { |user| user.email } end - def active_users(timestamp = Time.now.utc) - users = [] - User.all.each do |user| - if user.created_at < timestamp and ( active(user) or user.closed_at > timestamp ) - users << user - end - end - users.sort_by { |user| user.email } - end - - def users_created_between(min, max) - users = [] - User.all.each do |user| - if user.created_at > min and user.created_at < max - users << user - end - end - users.sort_by { |user| user.email } - end - - def users_for_vote(vote) - # Users who were active when the vote was open (or created if not open yet) - # Users who were created between the vote was open and the vote was closed (or now if the vote is not closed yet) - min = vote.opened_at ? vote.opened_at : vote.created_at - max = vote.expire_on ? vote.expire_on : Time.now.utc - users = active_users(min) + users_created_between(min, max) - users.sort_by { |user| user.email } - end - def require_candidate_in_vote redirect '/votes/' + @vote.secure_id unless @candidate.vote == @vote end diff --git a/views/admin.erb b/views/admin.erb index 24f100c..9857d75 100644 --- a/views/admin.erb +++ b/views/admin.erb @@ -2,44 +2,27 @@

<%= _("Users") %>

- - - - - - - - - - - - <% all_users.each do |user| %> - - - - - - - - - <% end %> -
<%= _("Email") %><%= _("Created") %><%= _("Closed") %><%= _("Admin") %><%= _("Votes") %><%= _("Ratings") %>
<%= user.email %><%= format_date(user.created_at) %><%= active(user) ? nil : format_date(user.closed_at) %><%= user.admin %><%= user.votes.length %><%= user.ratings.length %>
+

<%= _("Votes") %>

- - - + + <% @votes.reverse.each do |vote| %> - - <% users_for_vote(@vote).each do |user| %> + <% all_users_sorted.each do |user| %> <% @vote.candidates.each do |candidate| %> diff --git a/views/votes_show_open.erb b/views/votes_show_open.erb index 1eae220..ea19fb5 100644 --- a/views/votes_show_open.erb +++ b/views/votes_show_open.erb @@ -66,7 +66,7 @@

<%= _("Participants") + " (#{@vote.ratings.collect { |rating| rating.user }.uniq.count})" %>

<%= _("Created") %><%= _("Expired") %><%= _("State") %>
<%= format_date(vote.created_at) %><%= format_date(vote.expire_on) if vote.expire_on %> <% case vote.state when 'draft' %> diff --git a/views/users_show.erb b/views/admin_users.erb similarity index 73% rename from views/users_show.erb rename to views/admin_users.erb index 61122b5..8868df4 100644 --- a/views/users_show.erb +++ b/views/admin_users.erb @@ -1,18 +1,12 @@ -

<%= @user.email %>

+

<%= _("Admin") %>

+ +

<%= @user.email %>

<%= _("Created: %{date}") % { date: format_date(@user.created_at) } %>

<%= _("Updated: %{date}") % { date: format_date(@user.updated_at) } %>

-

<%= _("Admin: %{admin}") % { admin: @user.admin ? _("Yes") : _("No") } %>

- -<% if @user.closed_at %> -

<%= _("Closed: %{date}") % { date: format_date(@user.closed_at) } %>

-<% else %> -
- -
-<% end %> +

<%= _("Admin: %{admin}") % { admin: @user.admin ? _("Yes") : _("No") } %>

<%= _("Organized votes") %>

diff --git a/views/layout.erb b/views/layout.erb index 26de47b..e9e1e9f 100644 --- a/views/layout.erb +++ b/views/layout.erb @@ -40,7 +40,7 @@
<% if current_user %> - <%= current_user.email %> + <%= current_user.email %> <% else %>   <% end %> diff --git a/views/login.erb b/views/login.erb index e16bb4c..e7fed26 100644 --- a/views/login.erb +++ b/views/login.erb @@ -1,12 +1,8 @@

<%= _("Login") %>

-<% if @closed %> -

<%= _("Your account was closed successfully.") %>

-<% end %> - <% if @error %>
-

<%= _("Incorrect email or password.") %>

+

<%= @error %>

<%= _("Reset password") %>

<% end %> diff --git a/views/users_close.erb b/views/users_close.erb deleted file mode 100644 index 4945b09..0000000 --- a/views/users_close.erb +++ /dev/null @@ -1,11 +0,0 @@ -

<%= _("Closing account %{email}") % { email: @user.email } %>

- -

<%= _("Do you really want to close the account for %{email}?") % { email: @user.email } %>

- -

<%= _("Past votes and ratings created by this account will remain available, but the account will no longer be able to log in, create new votes, or participate in open votes.") %>

- -

<%= _("This action cannot be undone.") %>

- -
- -
diff --git a/views/votes_show_closed.erb b/views/votes_show_closed.erb index a0f220d..b904577 100644 --- a/views/votes_show_closed.erb +++ b/views/votes_show_closed.erb @@ -175,7 +175,7 @@ <% end %>
<%= user.email %>