Associate current session with the user model

Braulio Bhavamitra
1 parent 3326fe90
Showing 4 changed files with 16 additions and 3 deletions Show diff stats
app/controllers/public/account_controller.rb
app/models/user.rb
lib/authenticated_system.rb
test/functional/account_controller_test.rb
@@ -16,7 +16,7 @@ class AccountController &lt; ApplicationController
   def activate
     @user = User.find_by_activation_code(params[:activation_code]) if params[:activation_code]
     if @user
-      unless @user.environment.enabled?('admin_must_approve_new_users') 
+      unless @user.environment.enabled?('admin_must_approve_new_users')
         if @user.activate
           @message = _("Your account has been activated, now you can log in!")
           check_redirection
@@ -30,7 +30,7 @@ class AccountController &lt; ApplicationController
           @user.activation_code = nil
           @user.save!
           redirect_to :controller => :home
-        end      
+        end
       end
     else
       session[:notice] = _("It looks like you're trying to activate an account. Perhaps have already activated this account?")
@@ -94,6 +94,7 @@ class AccountController &lt; ApplicationController
     @invitation_code = params[:invitation_code]
     begin
       @user = User.new(params[:user])
+      @user.session = session
       @user.terms_of_use = environment.terms_of_use
       @user.environment = environment
       @terms_of_use = environment.terms_of_use
@@ -97,6 +97,8 @@ class User &lt; ActiveRecord::Base
   belongs_to :environment
  
   has_many :sessions, dependent: :destroy
+  # holds the current session, see lib/authenticated_system.rb
+  attr_accessor :session
  
   attr_protected :activated_at
  
@@ -24,7 +24,11 @@ module AuthenticatedSystem
     # Accesses the current user from the session.
     def current_user
       @current_user ||= begin
-        User.current = (session[:user] && User.find_by_id(session[:user])) || nil
+        id = session[:user]
+        user = User.where(id: id).first if id
+        user.session = session if user
+        User.current = user
+        user
       end
     end
  
@@ -34,6 +38,7 @@ module AuthenticatedSystem
         session.delete(:user)
       else
         session[:user] = new_user.id
+        new_user.session = session
         new_user.register_login
       end
       @current_user = User.current = new_user
@@ -623,6 +623,11 @@ class AccountControllerTest &lt; ActionController::TestCase
     end
   end
  
+  should 'fill session for new users' do
+    post :signup, :user => { :login => 'testuser', :password => '123456', :password_confirmation => '123456', :email => 'testuser@example.com' }, :profile_data => { :organization => 'example.com' }
+    assert_equal assigns(:user).session, session
+  end
+
   should 'signup filling in mandatory person fields' do
     Person.any_instance.stubs(:required_fields).returns(['organization'])
     assert_difference 'User.count' do
...	...	@@ -16,7 +16,7 @@ class AccountController < ApplicationController
16	16	def activate
17	17	@user = User.find_by_activation_code(params[:activation_code]) if params[:activation_code]
18	18	if @user
19		- unless @user.environment.enabled?('admin_must_approve_new_users')
	19	+ unless @user.environment.enabled?('admin_must_approve_new_users')
20	20	if @user.activate
21	21	@message = _("Your account has been activated, now you can log in!")
22	22	check_redirection
...	...	@@ -30,7 +30,7 @@ class AccountController < ApplicationController
30	30	@user.activation_code = nil
31	31	@user.save!
32	32	redirect_to :controller => :home
33		- end
	33	+ end
34	34	end
35	35	else
36	36	session[:notice] = _("It looks like you're trying to activate an account. Perhaps have already activated this account?")
...	...	@@ -94,6 +94,7 @@ class AccountController < ApplicationController
94	94	@invitation_code = params[:invitation_code]
95	95	begin
96	96	@user = User.new(params[:user])
	97	+ @user.session = session
97	98	@user.terms_of_use = environment.terms_of_use
98	99	@user.environment = environment
99	100	@terms_of_use = environment.terms_of_use
...	...
...	...	@@ -97,6 +97,8 @@ class User < ActiveRecord::Base
97	97	belongs_to :environment
98	98
99	99	has_many :sessions, dependent: :destroy
	100	+ # holds the current session, see lib/authenticated_system.rb
	101	+ attr_accessor :session
100	102
101	103	attr_protected :activated_at
102	104
...	...
...	...	@@ -24,7 +24,11 @@ module AuthenticatedSystem
24	24	# Accesses the current user from the session.
25	25	def current_user
26	26	@current_user \|\|= begin
27		- User.current = (session[:user] && User.find_by_id(session[:user])) \|\| nil
	27	+ id = session[:user]
	28	+ user = User.where(id: id).first if id
	29	+ user.session = session if user
	30	+ User.current = user
	31	+ user
28	32	end
29	33	end
30	34
...	...	@@ -34,6 +38,7 @@ module AuthenticatedSystem
34	38	session.delete(:user)
35	39	else
36	40	session[:user] = new_user.id
	41	+ new_user.session = session
37	42	new_user.register_login
38	43	end
39	44	@current_user = User.current = new_user
...	...
...	...	@@ -623,6 +623,11 @@ class AccountControllerTest < ActionController::TestCase
623	623	end
624	624	end
625	625
	626	+ should 'fill session for new users' do
	627	+ post :signup, :user => { :login => 'testuser', :password => '123456', :password_confirmation => '123456', :email => 'testuser@example.com' }, :profile_data => { :organization => 'example.com' }
	628	+ assert_equal assigns(:user).session, session
	629	+ end
	630	+
626	631	should 'signup filling in mandatory person fields' do
627	632	Person.any_instance.stubs(:required_fields).returns(['organization'])
628	633	assert_difference 'User.count' do
...	...