aboutsummaryrefslogtreecommitdiff
path: root/src/guff/models
diff options
context:
space:
mode:
authorPaul Duncan <pabs@pablotron.org>2016-04-02 01:09:45 -0400
committerPaul Duncan <pabs@pablotron.org>2016-04-02 01:09:45 -0400
commit23ba337de24e88c6aaf6ceb37507997f5c5f4920 (patch)
treef5a6fc8d925dafd62ee45973b4e357234ea9ec9a /src/guff/models
parent7788012457346ae59fa58ed35fc08aa2b9e6b9ef (diff)
downloadold-guff-23ba337de24e88c6aaf6ceb37507997f5c5f4920.tar.bz2
old-guff-23ba337de24e88c6aaf6ceb37507997f5c5f4920.zip
fully working edit dialog
Diffstat (limited to 'src/guff/models')
-rw-r--r--src/guff/models/user.cr111
1 files changed, 78 insertions, 33 deletions
diff --git a/src/guff/models/user.cr b/src/guff/models/user.cr
index bdbb0de..d440c5c 100644
--- a/src/guff/models/user.cr
+++ b/src/guff/models/user.cr
@@ -23,7 +23,7 @@ class Guff::UserModel < Guff::Model
INSERT INTO users(user_name) VALUES (:user_name)
",
- update_user: "
+ edit_user: "
UPDATE users
SET %{sets}
WHERE user_id = :user_id
@@ -38,6 +38,12 @@ class Guff::UserModel < Guff::Model
(:user_id, :email, :pass_hash)
",
+ edit_login: "
+ UPDATE user_logins
+ SET %{sets}
+ WHERE user_id = :user_id
+ ",
+
login: "
SELECT a.user_id,
a.pass_hash
@@ -92,7 +98,7 @@ class Guff::UserModel < Guff::Model
# set active and/or role
if active || role
- update_user(user_id,
+ edit_user(user_id,
active: active,
role: role,
)
@@ -111,38 +117,46 @@ class Guff::UserModel < Guff::Model
user_id
end
- def update_user(
- user_id : Int64,
- name : String? = nil,
- active : Bool? = nil,
- role : String? = nil,
+ def edit_user(
+ user_id : Int64,
+ name : String? = nil,
+ active : Bool? = nil,
+ role : String? = nil,
+ email : String? = nil,
+ password : String? = nil,
)
- sets = [] of String
- args = { "user_id": user_id.to_s }
+ transaction do
+ sets = [] of String
+ args = { "user_id": user_id.to_s }
- if name != nil
- args["name"] = name.not_nil!
- sets << "user_name = :name"
- end
+ if name != nil
+ args["name"] = name.not_nil!
+ sets << "user_name = :name"
+ end
- if active != nil
- args["is_active"] = active.not_nil! ? "1" : "0"
- sets << "is_active = :is_active"
- end
+ if active != nil
+ args["is_active"] = active.not_nil! ? "1" : "0"
+ sets << "is_active = :is_active"
+ end
- if role != nil
- args["role"] = role.not_nil!
- sets << "
- role_id = (SELECT role_id
- FROM roles
- WHERE role_name = :role)
- "
- end
+ if role != nil
+ args["role"] = role.not_nil!
+ sets << "
+ role_id = (SELECT role_id
+ FROM roles
+ WHERE role_name = :role)
+ "
+ end
- # exec query
- query(:update_user, args, {
- "sets": sets.join(", "),
- }) if sets.size > 0
+ # exec query
+ query(:edit_user, args, {
+ "sets": sets.join(", "),
+ }) if sets.size > 0
+
+ if email != nil || password != nil
+ edit_login(user_id, email, password)
+ end
+ end
end
def delete_login(user_id : Int64)
@@ -156,11 +170,8 @@ class Guff::UserModel < Guff::Model
email : String,
password : String,
)
- # TODO: check password strength
- raise "password too short" if password.size < 4
-
# hash password
- pass_hash = Crypto::Bcrypt::Password.create(password, cost: 10).to_s
+ pass_hash = hash_password(password)
transaction do
# clear old credentials
@@ -175,6 +186,32 @@ class Guff::UserModel < Guff::Model
end
end
+ private def edit_login(
+ user_id : Int64,
+ email : String? = nil,
+ password : String? = nil,
+ )
+ transaction do
+ sets = [] of String
+ args = { "user_id": user_id.to_s }
+
+ if email != nil
+ args["email"] = email.not_nil!
+ sets << "email = :email"
+ end
+
+ if password != nil
+ args["pass_hash"] = hash_password(password.not_nil!)
+ sets << "pass_hash = :pass_hash"
+ end
+
+ # exec query
+ query(:edit_login, args, {
+ "sets": sets.join(", "),
+ }) if sets.size > 0
+ end
+ end
+
def login(
email : String,
password : String
@@ -198,4 +235,12 @@ class Guff::UserModel < Guff::Model
# return user id
row["user_id"] as Int64
end
+
+ private def hash_password(password : String)
+ # TODO: check password strength
+ raise "password too short" if password.size < 4
+
+ # hash password
+ Crypto::Bcrypt::Password.create(password, cost: 10).to_s
+ end
end