i can't authenticate the Transaction_Id where this is the primary key of my transaction table, while i can do it with the email. what would seem to be the problem? help. thanks.
here's my model/transaction:
def self.authenticate(email, transaction_id)
user = Transaction.find_by_email(email)
if user && user.Transaction_Id
return user
else
return false
end
end
here's my controller/modifications:
def attempt_login
user = Transaction.authenticate(params[:email], params[:Transaction_Id])
if user
session[:user_id] = user.id
session[:email] = user.email
flash[:notice] = "You are now logged in!"
redirect_to :action => "modify"
else
flash[:notice] = "Invalid username/password combination."
redirect_to :action => "login"
end
end
and here's my view/login:
<div class="login">
<%= form_tag :action => "attempt_login" do %>
<%= label_tag :email, "Email Address:" %>
<%= text_field_tag :email %>
<%= label_tag :Transaction_Id, "Transaction Id:" %>
<%= text_field_tag :Transaction_Id %>
<%= submit_tag "Log In"%>
<% end %>
</div>
You check only if there is a transaction_id present in your found user object, but you do not compare this id to the given id, so try:
def self.authenticate(email, transaction_id)
user = Transaction.find_by_email(email)
if user && user.Transaction_Id == transaction_id
return user
else
return false
end
end
or (don't know if it works)
def self.authenticate(email, transaction_id)
user = Transaction.find_by_email_and_transaction_id(email, transaction_id)
if user
return user
else
return false
end
end
in short:
# will return user if found; else nil
def self.authenticate(email, transaction_id)
Transaction.find_by_email_and_transaction_id(email, transaction_id)
end
Related
I want to be able as an Admin to add Authorization Role to other users..when I click the Add Role button it says that it added the role to that user..but when I check in the Rails Console the role of that user is still nil.
def index
#user = User.new
#users = User.all
end
def update
#users = User.all
#user = User.find_by_username(params[:user][:username])
if #user && params[:user][:role] == "editor"
#user.role = "editor"
#user.save
flash.notice = "Added role 'editor' to #{#user.username}."
redirect_to "/adminsettings"
elsif #user && params[:user][:role] == "admin"
#user.role = "editor"
#user.save
flash.notice = "Added role 'editor' to #{#user.username}."
redirect_to "/adminsettings"
elsif #user && params[:user][:role] != "editor"
flash.notice = "Please chose 'editor' if you want to add this role to this user."
redirect_to "/adminsettings"
else
redirect_to "/adminsettings"
flash.notice = "Please choose one of the users below."
end
end
View
<%= form_for #user ,:url => {:controller => "admin_settings", :action => "update"}, method: :patch do |user| %>
<%= user.text_field :username, :placeholder => "Username" %><br />
<%= user.text_field :role, :placeholder => "Role" %><br />
<%= user.submit "Add Role" %>
<% end %>
<% #users.each do |user| %>
<strong><%= user.username %></strong><br />
<% end %>
Routes
get '/adminsettings', to: 'admin_settings#index'
patch '/adminsettings', to: 'admin_settings#update'
Try changing your use of calling params to this...
def update
#users = User.all
#user = User.find_by_username(params[:username])
if #user && params[:role] == "editor"
#user.role = "editor"
#user.save
flash.notice = "Added role 'editor' to #{#user.username}."
redirect_to "/adminsettings"
elsif #user && params[:role] == "admin"
#user.role = "editor"
#user.save
flash.notice = "Added role 'editor' to #{#user.username}."
redirect_to "/adminsettings"
elsif #user && params[:role] != "editor"
flash.notice = "Please chose 'editor' if you want to add this role to this user."
redirect_to "/adminsettings"
else
redirect_to "/adminsettings"
flash.notice = "Please choose one of the users below."
end
end
I finally figured out how to implement PayPal Recurring Billing using this tutorial. http://railscasts.com/episodes/289-paypal-recurring-billing
Everything works, But how does one cancel the subscription....
Below is all of the code I've written, and I've also added some comments/questions
ERROR
app/controllers/subscriptions_controller.rb:27:in `show'
Couldn't find Subscription with id=cancel_account
Please help new to rails. :)
CONTROLLER
class SubscriptionsController < ApplicationController
def new
plan = Plan.find(params[:plan_id])
#subscription = plan.subscriptions.build
#subscription.user_id = current_user.id
if params[:PayerID]
#subscription.paypal_customer_token = params[:PayerID]
#subscription.paypal_payment_token = params[:token]
#subscription.email = #subscription.paypal.checkout_details.email
end
end
def create
#subscription = Subscription.new(params[:subscription])
if #subscription.save_with_payment
redirect_to #subscription, :notice => "Thank you for subscribing!"
else
render :new
end
end
def destroy
#subscription = current_user.subscription
#previous_plan = #subscription.plan
if #subscription.cancel_recurring
flash[:success] = 'Subscription Canceled.'
end
redirect_to some_path
end
def paypal_checkout
plan = Plan.find(params[:plan_id])
subscription = plan.subscriptions.build
redirect_to subscription.paypal.checkout_url(
return_url: new_subscription_url(:plan_id => plan.id),
cancel_url: root_url
)
end
end
MODELS
class Subscription < ActiveRecord::Base
attr_accessible :paypal_customer_token, :paypal_recurring_profile_token,
:plan_id, :user_id, :email, :paypal_payment_token
attr_accessor :paypal_payment_token
belongs_to :plan
belongs_to :user
validates_presence_of :plan_id
validates_presence_of :email
validates_presence_of :user_id
def save_with_payment
if valid?
if paypal_payment_token.present?
save_with_paypal_payment
end
end
def paypal
PaypalPayment.new(self)
end
def save_with_paypal_payment
response = paypal.make_recurring
self.paypal_recurring_profile_token = response.profile_id
save!
end
def payment_provided?
paypal_payment_token.present?
end
end
class PaypalPayment
def initialize(subscription)
#subscription = subscription
end
def checkout_details
process :checkout_details
end
def checkout_url(options)
process(:checkout, options).checkout_url
end
def make_recurring
process :request_payment
process :create_recurring_profile, period: :monthly, frequency: 1,
start_at: Time.zone.now + 1.month
end
def cancel_recurring
response = ppr.cancel_subscription(at_date_end: true) #Needs a end period field in
self.current_date_end_at = Time.at(response.current_date_end)
self.plan_id = plan.id
self.status = "canceled"
return self.save
end
private
def process(action, options = {})
options = options.reverse_merge(
token: #subscription.paypal_payment_token,
payer_id: #subscription.paypal_customer_token,
description: #subscription.plan.name,
amount: #subscription.plan.price.to_i,
currency: "USD"
)
response = PayPal::Recurring.new(options).send(action)
raise response.errors.inspect if response.errors.present?
response
end
end
VIEWS
<%= form_for #subscription do |f| %>
<%= f.hidden_field :plan_id %>
<%= f.hidden_field :user_id %>
<%= f.hidden_field :paypal_customer_token %>
<%= f.hidden_field :paypal_payment_token %>
<% unless #subscription.payment_provided? %>
<div class="field">
<%= radio_button_tag :pay_with, :paypal %>
<%= label_tag :pay_with_paypal do %>
<%= image_tag "paypal.png" %>
<% end %>
</div>
<% end %>
*** WHAT WOULD BE THE LINK TO CANCEL THE SUBSCRIPTION ***
<%= link_to image_tag("https://www.paypal.com/en_US/i/btn/btn_xpressCheckout.gif"),
paypal_checkout_path(plan_id: #subscription.plan_id) %>
<%= link_to "Cancel Subscription", cancel_account_subscriptions_path(plan_id:
#subscription.plan_id) %>
<div id="billing_fields">
<div class="field">
<%= f.label :email %>
<%= f.text_field :email %>
</div>
<% if #subscription.payment_provided? %>
Payment has been provided. Click "Subscribe" to complete the subscription.
<% end %>
<div class="actions">
<%= f.submit "Subscribe" %>
</div>
</div>
<% end %>
ROUTES
App::Application.routes.draw do
resources :subscriptions do
collection do
delete :cancel_account
end
end
get 'paypal/checkout', to: 'subscriptions#paypal_checkout'
end
To destroy a users paypal subscription you should create a destroy action in your subscription model.
Subscription_controller.rb
def destroy
#subscription = current_user.subscription
#previous_plan = #subscription.plan
if #subscription.cancel_recurring
flash[:success] = 'Subscription Canceled.'
end
redirect_to some_path
end
In your model get the current user and cancel their subscription. If the user is subscribed monthly but canceled within 2days out of the 30 days, their account subscription should be valid until the at_end_date period(just a heads up).
def cancel_recurring
response = ppr.cancel_subscription(at_date_end: true) #Needs a end period field in
self.current_date_end_at = Time.at(response.current_date_end)
self.plan_id = plan.id
self.status = "canceled"
return self.save
end
Routes.rb
resources :subscriptions do
collection do
delete :cancel_account
end
end
In your view you would iterate through the plans like so
<% #plans.each do |plan| %>
<%= link_to "Cancel Account", cancel_account_subscriptions_path(#subscription, plan_id: plan.id), method: :delete %>
<% end %>
I have created a inbox messaging system and it works perfect. However I don't know how to implement a previous and next feature for the messages (so users can go to the next or previous message while viewing one). These are normal functions for viewing messages on the internet. Previous should mean previous by message creation time. Any help would be appreciated.
messages_controller:
before_filter :set_user
def index
if params[:mailbox] == "sent"
#messages = #user.sent_messages
elsif params[:mailbox] == "inbox"
#messages = #user.received_messages
#elsif params[:mailbox] == "archieved"
# #messages = #user.archived_messages
end
if params[:mailbox] == "unread"
#messages = #user.unread_messages
end
end
def new
#message = Message.new
if params[:reply_to]
#reply_to = User.find_by_user_id(params[:reply_to])
unless #reply_to.nil?
#message.recipient_id = #reply_to.user_id
end
end
end
def create
#message = Message.new(params[:message])
#message.sender_id = #user.id
if #message.save
flash[:notice] = "Message has been sent"
redirect_to user_messages_path(current_user, :mailbox=>:inbox)
else
render :action => :new
end
end
def show
#message = Message.find(params[:id])
#message.readingmessage if #message.recipient == current_user
end
def destroy
#message = Message.find(params[:id])
#message.destroy
flash[:notice] = "Successfully deleted message."
redirect_to user_messages_path(#user, #messages)
end
def delete_multiple
if params[:delete]
params[:delete].each { |id|
#message = Message.find(id)
#message.mark_message_deleted(#message.id,#user.id) unless #message.nil?
}
flash[:notice] = "Messages deleted"
end
redirect_to user_messages_path(#user, #messages)
end
private
def set_user
#user = current_user
end
end
message model:
attr_accessible :subject, :body, :sender_id, :recipient_id, :read_at,:sender_deleted,:recipient_deleted
validates_presence_of :subject, :message => "Please enter message title"
belongs_to :sender,
:class_name => 'User',
:foreign_key => 'sender_id'
belongs_to :recipient,
:class_name => 'User',
:foreign_key => 'recipient_id'
# marks a message as deleted by either the sender or the recipient, which ever the user that was passed is.
# When both sender and recipient marks it deleted, it is destroyed.
def mark_message_deleted(id,user_id)
self.sender_deleted = true if self.sender_id == user_id
self.recipient_deleted = true if self.recipient_id == user_id
(self.sender_deleted && self.recipient_deleted) ? self.destroy : self.save!
end
# Read message and if it is read by recipient then mark it is read
def readingmessage
self.read_at ||= Time.now
save
end
# Based on if a message has been read by it's recipient returns true or false.
def read?
self.read_at.nil? ? false : true
end
def self.received_by(user)
where(:recipient_id => user.id)
end
def self.not_recipient_deleted
where("recipient_deleted = ?", false)
end
def self.sent_by(user)
Message.where(:sender_id => user.id)
end
end
show.html (message view):
<strong>From:</strong>
<%= #message.sender %>
</p>
<p>
<strong>Received:</strong>
<%= #message.created_at.to_s(:long) %>
</p>
<p>
<strong>To:</strong>
<%= #message.recipient %>
</p>
<p>
<strong>Message</strong><br />
<%=h #message.body %>
</p>
<p>
<% if #message.recipient == #user %>
<%= link_to "Reply", new_user_message_path(#user, :reply_to => #message.sender) %>
|
<% end %>
<%= link_to "Inbox", user_messages_path(current_user, :mailbox=>:inbox)%>
|
<%= link_to "Delete", [current_user, #message], :confirm => 'Are you sure you want to delete this message?', :method => :delete %>
</p>
In the Message model:
def previous(same_recipient = true)
collection = Message.where('id <> ? AND updated_at > ?', self.id, self.updated_at).order('updated_at ASC')
collection.where(recipient_id: self.recipient_id) if same_recipient
collection.first
end
def next(same_recipient = true)
collection = Message.where('id <> ? AND updated_at < ?', self.id, self.updated_at).order('updated_at DESC')
collection.where(recipient_id: self.recipient_id) if same_recipient
collection.first
end
This is what we use in our Calendar system, very usefull to go Previous / Next with the Apppointments.
This rely on the updated_at column, which is kind of bad (if I update an old message it will confuse the next/previous). Maybe you want to use the created_at column, or your own. With this you could do in your view:
# [...]
<p>
<strong>Message</strong><br />
<%=h #message.body %>
</p>
<p>
<%= link_to 'Next', user_message_path(current_user, #message.next) %>
<%= link_to 'Previous', user_message_path(current_user, #message.previous) %>
</p>
In your controller for the viewing of the message, get 3 messages from the DB, and display the middle entry as the current message. Set the ID's to the previous and next message as variables.
Then in your view make two buttons: previous and next where their link urls are the path to the IDs you saved.
I have a controller in a rails app whereby a user can create a holiday request, it seems that when I fill out the necessary information it is not doing the POST request and submitting my form. My output in the RailsPanel follows: Rails Panel. From this its as if it is doing the GET request when surely on it should do a GET then a POST. I believe I have messed up somewhere around my create method. Any feedback would be great thank you!
controller
class HolidaysController < ApplicationController
before_filter :authenticate_user!
before_filter :admin_user, :only => [:index, :update, :edit, :absence]
before_filter :correct_user, :only => [:delete]
def new
#holiday = Holiday.new
#user = current_user
end
def show
#holiday = Holiday.find(params[:id])
c_u = current_user
end
def create
#user = current_user
#holiday = current.holidays.build(params[:holiday])
#holiday.approver_id = approval_method(current_user, #holiday)
if #holiday.save
redirect_to root_path
flash[:success]= "holiday application sent!"
else
render :new
end
end
def myholidays
#holidays = current_user.holidays.all
end
def index
#holidays = Holiday.all
end
def absence
#show the holidays where the approver id matches the current user id
#and state = "requested"'
#user = current_user
if current_user.role? :administrator
# a admin can view all current holiday requests
#holidays = Holiday.all( :conditions => 'state = "requested"')
else
#otherwise an admin sees the holiday requests that they are approvers for
#holidays = Holiday.all(:conditions => ["approver_id = #{current_user.id}", "state = requested"])
end
end
def edit
today = Date.today
#holidays = Holiday.all
#month = (params[:month] || (Time.zone || Time).now.month).to_i
#year = (params[:year] || (Time.zone || Time).now.year).to_i
#shown_month = Date.civil(#year, #month)
#L51 - Parses the given representation of date and time with the given template
#and returns a hash of parsed elements.
#holiday = Holiday.find(params[:id])
end
def update
admin = User.find(current_user.role? :administrator)
holiday = Holiday.find(params[:id])
user = User.find(id = holiday.user_id)
if holiday.update_attributes(params[:holiday])
if holiday.state == "approved"
user.absentdays = user.absentdays - (holiday.days_used).to_i
user.save
end
redirect_to absence_path, :notice => "Request updated"
else
render 'edit'
end
end
def destroy
Holiday.find(params[:id]).destroy
redirect_to root_url, :notice => "Request deleted"
end
private
def current_user?(user)
user == current_user
end
def admin_user
redirect_to dashboard_path, :notice => "You must be an admin to do this!" unless current_user.role? :administrator
end
def signed_in_user
redirect_to login_path, notice: "Please sign in." unless signed_in?
end
def correct_user
#user = current_user
redirect_to dashboard, notice: "You are not the correct user." unless current_user?(#user) or current_user.role? :administrator
end
def approval_method(current_user, holiday_to_approve)
found = false
days = holiday_to_approve.days_used
user = current_user
approver = user.role? :administrator
until found == true
#Admins should be automatically approved and have no approvers
if approver == nil
holiday_to_approve.state = "approved"
#if user absent days is equal to absent days - day and convert to integer
user.absentdays = user.absentdays - (days).to_i
user.save
found = true
else
redirect_to dashboard_path, :notice => "Request complete"
end
break if found == true
end
end
end
holidays/show.html.erb
<form class="form">
<p>You have<b><%= #user.absentdays %> days of holiday left.</b></p>
<%= form_for #holiday do |f| %>
<% if #holiday.errors.any? %>
<div>
<h2>Form is invalid</h2>
<ul>
<% for message in #holiday.error.full_messages %>
<li><%= message %></li>
<% end %>
</ul>
</div>
<% end %>
Select the dates required for absence<br>
Start: <%= datepicker_input "holiday", "start_at", :minDate => 0, :dateFormat => "yy-mm-dd" %><br>
End: <%= datepicker_input "holiday", "end_at", :minDate => 0, :dateFormat => "yy-mm-dd" %>
<br><br>
Please select the type of absence you require<br>
<%= f.collection_select :type_id, Type.all, :id, :name, :prompt => "Select absence type" %>
<br><br>
<%= f.text_field :description %>
<br><br>
<%= f.submit "Submit Request", :class => "submit" %>
<% end %>
</form>
new.html.erb
<% provide(:title, 'apply for absence') %>
<p>You have <b><%= #user.absentdays %></b> days of holiday time left.</p>
<%= form_for #holiday do |f| %>
<% if #holiday.errors.any? %>
<div class="error_messages">
<h2>Form is invalid</h2>
<ul>
<% for message in #holiday.errors.full_messages %>
<li><%= message %></li>
<% end %>
</ul>
<% end %>
Select the dates required for absence<br>
start: <%= datepicker_input "holiday","start_at", :minDate => 0, :dateFormat => "yy-mm-dd" %><br>
end: <%= datepicker_input "holiday","end_at", :minDate => 0, :dateFormat => "yy-mm-dd" %>
<br><br>
Please select the type of absence you require<br>
<%= f.collection_select :type_id, Type.all, :id, :name, :prompt => "Select absence type" %>
<br><br>
Please provide a short description of the nature of your absence (if applicable)<br>
<%= f.text_field :description %>
<br><br>
<%= f.submit "submit" %>
<% end %>
</div>
The reason is, you are having a form in your holidays/show.html.erb but not in your holidays/new.html.erb.
According to rails convention, if form is submitted in new.html.erb, then by default the POST method is called of that particular controller.
But since your file is show.html.erb, you have to explicitly define your POST method in the form_for.
form_for #holiday , :url => { :action => :create }, :html => { :method => "post"} do |f|
HI ,
i have some doubts on sign up feature in rails application (2.3.10)
in my views/users/new.html.erb
<div id="signup_form" style="display:none;" class="login-drpdwn ">
<% form_for :user, :url => users_path do |f| -%>
<%= error_messages_for 'user' %><br/>
<div>
<p> Enter your name </p>
<%= f.text_field :name, :class => "text_box" %>
<p> Enter your login name </p>
<%= f.text_field :login, :class => "text_box" %>
<p> Email ID</p>
<%= f.text_field :email, :class => "text_box" %>
<p> Password</p>
<%= f.password_field :password, :class => "text_box" %>
<p> Confirm your password</p>
<%= f.password_field :password_confirmation, :class => "text_box" %>
<div class="textalign_right">
<input type="submit" value="Submit" class="submit_button rounded_corner"/>
</div>
</div>
<% end %>
</div>
In my Users controller
before_filter :login_required, :except => [:new, :create, :forgot, :reset, :process_forgot_password, :activate]
def new
#user = User.new
end
def create
#user = User.new(params[:user])
if #user.save
redirect_to "/blogs/home",:notice => "signed up"
else
redirect_to "new"
end
end
In my User model
before_save :encrypt_password
attr_protected :id, :password_salt
attr_accessor :password, :password_confirmation
def self.authenticate(email, password)
user = find_by_email(email)
if user && user.password_hash == BCrypt::Engine.hash_secret(password, user.password_salt)
user
else
nil
end
end
def encrypt_password
if password.present?
self.password_salt = BCrypt::Engine.generate_salt
self.password_hash = BCrypt::Engine.hash_secret(password, password_salt)
end
end
In my sessions controller - create method
def create
#current_user = User.find_by_login(params[:login].downcase)
if #current_user.blank? || params[:password] != #current_user.password_hash
#current_user = nil
render :action => "new"
else
session[:user_id] = #current_user.id
session[:close_time] = 1800.seconds.from_now
if #current_user.last_login.nil?
#login = LastLogin.new
#login.user_id = #current_user.id
#login.login_at = Time.now
#login.save
else
#login = #current_user.last_login
#login.last_at = #login.login_at
#login.login_at = Time.now
#login.login_count += 1
#login.save
end
if session[:return_to]
redirect_to session[:return_to], :protocol => USE_PROTOCOL
session[:return_to] = nil
else
end
end
end
when i submit the sign up page the user is getting created but not the session
so its not directing to the blogs /home page as it has before_filter :login_required there in blogs controller..
how to resolve this
My code is not having include Authenticated system line
session[:id] = #current_user.id