team-alpha/railsgoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

removes user_id column from User model to use idiomatic Rails automatic IDs

Browse Source
This commit is contained in:
Joseph Mastey
2017-10-07 09:34:26 -06:00
parent c4f0b91534
commit b6c2259b88
29 changed files with 421 additions and 430 deletions
Download Patch File Download Diff File Expand all files Collapse all files
app/controllers/admin_controller.rb
+3 -3
View File
@@ -46,9 +46,9 @@ class AdminController < ApplicationController
end
def delete_user
user = User.find_by_user_id(params[:admin_id])
if user && !(current_user.user_id == user.user_id)
# Call destroy here so that all association records w/ user_id are destroyed as well
user = User.find_by(id: params[:admin_id])
if user && !(current_user.id == user.id)
# Call destroy here so that all association records w/ id are destroyed as well
# Example user.retirement records would be destroyed
user.destroy
message = true
app/controllers/application_controller.rb
+2 -2
View File
@@ -17,8 +17,8 @@ class ApplicationController < ActionController::Base
def current_user
@current_user ||= (
User.find_by_auth_token(cookies[:auth_token].to_s) ||
User.find_by_user_id(session[:user_id].to_s)
User.find_by(auth_token: cookies[:auth_token].to_s) ||
User.find_by(id: session[:user_id].to_s)
)
end
app/controllers/messages_controller.rb
+2 -2
View File
@@ -16,7 +16,7 @@ class MessagesController < ApplicationController
if message.destroy
flash[:success] = "Your message has been deleted."
redirect_to user_messages_path(user_id: current_user.user_id)
redirect_to user_messages_path(user_id: current_user.id)
else
flash[:error] = "Could not delete message."
end
@@ -25,7 +25,7 @@ class MessagesController < ApplicationController
def create
if Message.create(message_params)
respond_to do |format|
format.html { redirect_to user_messages_path(user_id: current_user.user_id) }
format.html { redirect_to user_messages_path(user_id: current_user.id) }
format.json { render json: {msg: "success"} }
end
else
app/controllers/password_resets_controller.rb
+2 -2
View File
@@ -50,10 +50,10 @@ class PasswordResetsController < ApplicationController
end
def is_valid?(token)
if token =~ /(?<user_id>\d+)-(?<email_hash>[A-Z0-9]{32})/i
if token =~ /(?<user>\d+)-(?<email_hash>[A-Z0-9]{32})/i
# Fetch the user by their id, and hash their email address
@user = User.find_by_id($~[:user_id])
@user = User.find_by(id: $~[:user])
email = Digest::MD5.hexdigest(@user.email)
# Compare and validate our hashes
app/controllers/pay_controller.rb
+5 -4
View File
@@ -7,11 +7,12 @@ class PayController < ApplicationController
def update_dd_info
msg = false
pay = Pay.new(
bank_account_num: params[:bank_account_num],
bank_routing_num: params[:bank_routing_num],
percent_of_deposit: params[:dd_percent]
bank_account_num: params[:bank_account_num],
bank_routing_num: params[:bank_routing_num],
percent_of_deposit: params[:dd_percent],
user_id: current_user.id
)
pay.user_id = current_user.user_id
msg = true if pay.save!
respond_to do |format|
format.json {render json: {msg: msg } }
app/controllers/schedule_controller.rb
+1 -1
View File
@@ -7,7 +7,7 @@ class ScheduleController < ApplicationController
if params[:schedule][:event_type] == "pto"
sched = Schedule.new(schedule_params)
sched.date_begin, sched.date_end = format_schedule_date(params[:date_range1])
sched.user_id = current_user.user_id
sched.user_id = current_user.id
a = sched.date_end
if sched.save
message = true
app/controllers/sessions_controller.rb
+2 -2
View File
@@ -19,9 +19,9 @@ class SessionsController < ApplicationController
if user
if params[:remember_me]
cookies.permanent[:auth_token] = user.auth_token if User.where(user_id: user.user_id).exists?
cookies.permanent[:auth_token] = user.auth_token
else
session[:user_id] = user.user_id if User.where(user_id: user.user_id).exists?
session[:user_id] = user.id
end
redirect_to path
else
app/controllers/users_controller.rb
+5 -6
View File
@@ -10,7 +10,7 @@ class UsersController < ApplicationController
def create
user = User.new(user_params)
if user.save
session[:user_id] = user.user_id
session[:user_id] = user.id
redirect_to home_dashboard_index_path
else
@user = user
@@ -26,22 +26,21 @@ class UsersController < ApplicationController
def update
message = false
user = User.where("user_id = '#{params[:user][:user_id]}'")[0]
user = User.where("id = '#{params[:user][:id]}'")[0]
if user
user.skip_user_id_assign = true
user.update_attributes(user_params_without_password)
if params[:user][:password].present? && (params[:user][:password] == params[:user][:password_confirmation])
user.password = params[:user][:password]
end
message = true if user.save!
respond_to do |format|
format.html { redirect_to user_account_settings_path(user_id: current_user.user_id) }
format.json { render json: {msg: message ? "success" : "false "} }
format.html { redirect_to user_account_settings_path(user_id: current_user.id) }
format.json { render :json => {:msg => message ? "success" : "false "} }
end
else
flash[:error] = "Could not update user!"
redirect_to user_account_settings_path(user_id: current_user.user_id)
redirect_to user_account_settings_path(user_id: current_user.id)
end
end
app/controllers/work_info_controller.rb
+1 -1
View File
@@ -1,7 +1,7 @@
# frozen_string_literal: true
class WorkInfoController < ApplicationController
def index
@user = User.find_by_user_id(params[:user_id])
@user = User.find_by(id: params[:user_id])
if !(@user) || @user.admin
flash[:error] = "Sorry, no user with that user id exists"
redirect_to home_dashboard_index_path
app/models/message.rb
+1 -1
View File
@@ -4,7 +4,7 @@ class Message < ApplicationRecord
validates_presence_of :creator_id, :receiver_id, :message
def creator_name
if creator = User.where(user_id: self.creator_id).first
if creator = User.where(id: self.creator_id).first
creator.full_name
else
"Name unavailable"
app/models/user.rb
+17 -31
View File
@@ -10,17 +10,17 @@ class User < ApplicationRecord
validates_presence_of :email
validates_uniqueness_of :email
validates_format_of :email, with: /.+@.+\..+/i
attr_accessor :skip_user_id_assign
before_save :assign_user_id, on: :create
validates_format_of :email, :with => /.+@.+\..+/i
has_one :retirement, dependent: :destroy
has_one :paid_time_off, dependent: :destroy
has_one :work_info, dependent: :destroy
has_many :performance, dependent: :destroy
has_many :pay, dependent: :destroy
has_many :messages, foreign_key: :receiver_id, dependent: :destroy
before_save :hash_password
has_one :retirement, foreign_key: :user_id, primary_key: :user_id, dependent: :destroy
has_one :paid_time_off, foreign_key: :user_id, primary_key: :user_id, dependent: :destroy
has_one :work_info, foreign_key: :user_id, primary_key: :user_id, dependent: :destroy
has_many :performance, foreign_key: :user_id, primary_key: :user_id, dependent: :destroy
has_many :messages, foreign_key: :receiver_id, primary_key: :user_id, dependent: :destroy
has_many :pay, foreign_key: :user_id, primary_key: :user_id, dependent: :destroy
before_create { generate_token(:auth_token) }
after_create { generate_token(:auth_token) }
before_create :build_benefits_data
def build_benefits_data
@@ -36,11 +36,6 @@ class User < ApplicationRecord
"#{self.first_name} #{self.last_name}"
end
# # Instead of the entire user object being returned, we can use this to filter.
# def as_json
# super(only: [:user_id, :email, :first_name, :last_name])
# end
private
def self.authenticate(email, password)
@@ -55,26 +50,17 @@ class User < ApplicationRecord
return auth
end
def assign_user_id
unless @skip_user_id_assign.present? || self.user_id.present?
user = User.order("user_id").last
uid = if user && user.user_id && !(User.exists?(user_id: "#{user.user_id.to_i + 1}"))
user.user_id.to_i + 1
else
1
end
self.user_id = uid.to_s if uid
end
end
def hash_password
if password.present? && password_changed?
self.password = Digest::MD5.hexdigest(password)
if will_save_change_to_password?
self.password = Digest::MD5.hexdigest(self.password)
end
end
def generate_token(column)
self[column] = Encryption.encrypt_sensitive_value(self.user_id)
generate_token(column) if User.exists?(column => self[column])
begin
self[column] = Encryption.encrypt_sensitive_value(self.id)
end while User.exists?(column => self[column])
self.save!
end
end
app/views/admin/get_user.html.erb
+1 -1
View File
@@ -62,7 +62,7 @@ $('#submit_button').click(function() {
$("#editAcct").modal('hide');
$.ajax({
url: "/admin/" + <%= @user.user_id %> + "/update_user.json",
url: "/admin/" + <%= @user.id %> + "/update_user.json",
data: valuesToSubmit,
type: "POST",
success: function(response) {
app/views/layouts/shared/_header.html.erb
+1 -1
View File
@@ -14,7 +14,7 @@
<span class="caret"></span>
<ul class="dropdown-menu pull-right">
<li>
<%= link_to "Account settings", user_account_settings_path(:user_id => current_user.user_id) %>
<%= link_to "Account settings", user_account_settings_path(user_id: current_user.id) %>
</li>
<li>
<%= link_to "Logout", logout_path %>
app/views/layouts/shared/_sidebar.html.erb
+8 -8
View File
@@ -32,7 +32,7 @@
</li>
<% end %>
<li id="benefit_forms">
<%= link_to user_benefit_forms_path(:user_id => current_user.user_id) do %>
<%= link_to user_benefit_forms_path(user_id: current_user.id) do %>
<div class="icon">
<span class="fs1" aria-hidden="true" data-icon="&#xe05c;"></span>
</div>
@@ -40,7 +40,7 @@
<% end %>
</li>
<li id="retirement">
<%= link_to user_retirement_index_path(:user_id => current_user.user_id) do %>
<%= link_to user_retirement_index_path(user_id: current_user.id) do %>
<div class="icon">
<span class="fs1" aria-hidden="true" data-icon="&#xe096;"></span>
</div>
@@ -48,7 +48,7 @@
<% end %>
</li>
<li id="pto">
<%= link_to user_paid_time_off_index_path(:user_id => current_user.user_id) do %>
<%= link_to user_paid_time_off_index_path(user_id: current_user.id) do %>
<div class="icon">
<span class="fs1" aria-hidden="true" data-icon="&#xe0d2;"></span>
</div>
@@ -56,7 +56,7 @@
<% end %>
</li>
<li id="employee_info">
<%= link_to user_work_info_index_path(:user_id => current_user.user_id) do %>
<%= link_to user_work_info_index_path(user_id: current_user.id) do %>
<div class="icon">
<span class="fs1" aria-hidden="true" data-icon="&#xe0a9;"></span>
</div>
@@ -64,7 +64,7 @@
<% end %>
</li>
<li id="performance">
<%= link_to user_performance_index_path(:user_id => current_user.user_id) do %>
<%= link_to user_performance_index_path(user_id: current_user.id) do %>
<div class="icon">
<span class="fs1" aria-hidden="true" data-icon="&#xe14a;"></span>
</div>
@@ -72,7 +72,7 @@
<% end %>
</li>
<li id="messages">
<%= link_to user_messages_path(:user_id => current_user.user_id) do %>
<%= link_to user_messages_path(user_id: current_user.id) do %>
<div class="icon">
<span class="fs1" aria-hidden="true" data-icon="&#xe040;"></span>
</div>
@@ -80,7 +80,7 @@
<% end %>
</li>
<li id="pay">
<%= link_to user_pay_index_path(:user_id => current_user.user_id) do %>
<%= link_to user_pay_index_path(user_id: current_user.id) do %>
<div class="icon">
<span class="fs1" aria-hidden="true" data-icon="&#xe038;"></span>
</div>
@@ -139,4 +139,4 @@
});
</script>
<% end %>
<% end %>
app/views/messages/index.html.erb
+2 -2
View File
@@ -111,7 +111,7 @@ $("#submit_button").click(function(event) {
var valuesToSubmit = $("#send_message").serialize();
event.preventDefault();
$.ajax({
url: <%= "/users/#{current_user.user_id}/messages.json".inspect.html_safe %>,
url: <%= "/users/#{current_user.id}/messages.json".inspect.html_safe %>,
data: valuesToSubmit,
type: "POST",
success: function(response) {
@@ -135,4 +135,4 @@ $(document).ready(function () {
makeActive()
});
</script>
</script>
app/views/pay/index.html.erb
+3 -3
View File
@@ -186,7 +186,7 @@ function parseDirectDepostInfo(response){
function populateTable() {
$('#data_table').dataTable().fnClearTable();
$.ajax({
url: <%= sanitize(user_pay_path(:format => "json", :user_id => current_user.user_id, :id => current_user.user_id).inspect) %>,
url: <%= sanitize(user_pay_path(:format => "json", user_id: current_user.id, id: current_user.id).inspect) %>,
type: "GET",
success: function(response) {
parseDirectDepostInfo(response);
@@ -237,7 +237,7 @@ $("#decrypt_btn").click(function(event){
var valuesToSubmit = $("#decrypt_form").serialize();
event.preventDefault();
$.ajax({
url: <%= sanitize(decrypted_bank_acct_num_user_pay_index_path(:format => "json", :user_id => current_user.user_id).inspect) %>,
url: <%= sanitize(decrypted_bank_acct_num_user_pay_index_path(:format => "json", user_id: current_user.id).inspect) %>,
data: valuesToSubmit,
type: "POST",
success: function(response) {
@@ -298,4 +298,4 @@ $(document).ready(
populateTable()
)
</script>
</script>
app/views/sessions/new.html.erb
+1 -1
View File
@@ -30,7 +30,7 @@
</div>
<div class="content">
<%= hidden_field_tag :url, @url%>
<%= hidden_field_tag :url, @url %>
<%= text_field_tag :email, params[:email], {:class => "input input-block-level", :placeholder=>"Email"} %>
<%= password_field_tag :password, nil, {:class => "input input-block-level", :placeholder=>"Password"}%>
</div>
app/views/users/account_settings.html.erb
+2 -2
View File
@@ -37,7 +37,7 @@
</div>
<div class="widget-body">
<%= form_for @user, :html => {:id => "account_edit"} do |f|%>
<%= f.hidden_field :user_id%>
<%= f.hidden_field :id %>
<div class="control-group">
<%= f.label :email, nil, {:class => "control-label"}%>
<%= f.text_field :email, {:class => "span12"}%>
@@ -84,7 +84,7 @@ $("#submit_button").click(function(event) {
var valuesToSubmit = $("#account_edit").serialize();
event.preventDefault();
$.ajax({
url: <%= "/users/#{current_user.user_id}.json".inspect.html_safe %>,
url: <%= "/users/#{current_user.id}.json".inspect.html_safe %>,
data: valuesToSubmit,
type: "POST",
success: function(response) {