From 6b9ca27c67d043a8737da652bf7915645628db4c Mon Sep 17 00:00:00 2001
From: Paul Duncan <pabs@pablotron.org>
Date: Fri, 1 Apr 2016 15:58:08 -0400
Subject: add_user test

---
 data/stuff/test/auth.js           | 25 ++++++++++++
 src/guff/api/methods.cr           | 37 +++++++++++++++++
 src/guff/api/test.cr              |  9 ++++-
 src/guff/models.cr                |  1 +
 src/guff/models/user.cr           | 56 ++++++++++++++++++++------
 src/guff/views/ecrs/test/auth.ecr | 84 +++++++++++++++++++++++++++++++++++++++
 src/guff/views/html/test/auth.cr  | 24 +++++++++++
 7 files changed, 222 insertions(+), 14 deletions(-)

diff --git a/data/stuff/test/auth.js b/data/stuff/test/auth.js
index 103be82..1bba095 100644
--- a/data/stuff/test/auth.js
+++ b/data/stuff/test/auth.js
@@ -88,6 +88,31 @@ jQuery(function($) {
     return false;
   });
 
+  $('#create-user').click(function() {
+    var me = $(this);
+
+    // toggle loading
+    me.toggleClass('disabled').find('.loading').toggleClass('hidden');
+
+    send('test/add_user', {
+      name:     $('#user-name').val(),
+      active:   't',
+      email:    $('#user-email').val(),
+      password: $('#user-password').val(),
+      role:     $('#user-role').val(),
+    }).always(function() {
+      // toggle loading
+      me.toggleClass('disabled').find('.loading').toggleClass('hidden');
+    }).fail(function(r) {
+      alert('Error ' + r.responseText);
+    }).done(function(r) {
+      console.log(r);
+    });
+
+    // stop event
+    return false;
+  });
+
   $('#reload').click(reload);
 
   // load users
diff --git a/src/guff/api/methods.cr b/src/guff/api/methods.cr
index 8df48d5..970e41f 100644
--- a/src/guff/api/methods.cr
+++ b/src/guff/api/methods.cr
@@ -366,6 +366,42 @@ module Guff
               },
             },
           },
+
+          "add_user": {
+            text: "Add new user",
+
+            args: {
+              "name": {
+                text:     "Name of user",
+                type:     :text,
+                required: true,
+              },
+
+              "active": {
+                text:     "Is this user active?",
+                type:     :bool,
+                required: false,
+              },
+
+              "role": {
+                text:     "Role of user",
+                type:     :text,
+                required: false,
+              },
+
+              "email": {
+                text:     "Email address of user",
+                type:     :text,
+                required: false,
+              },
+
+              "password": {
+                text:     "Password of user",
+                type:     :text,
+                required: false,
+              },
+            },
+          },
         }
       }
 
@@ -375,6 +411,7 @@ module Guff
         int:      /^\d+$/,
         int_list: /^\d+(?:,\d+)*$/,
         state:    /^(?:draft|posted|deleted)$/,
+        bool:     /^t|f$/,
 
         # FIXME: lock these down more
         json:     /.*/,
diff --git a/src/guff/api/test.cr b/src/guff/api/test.cr
index 3a53bd1..059f670 100644
--- a/src/guff/api/test.cr
+++ b/src/guff/api/test.cr
@@ -79,7 +79,12 @@ module Guff::API::TestAPI
     context : HTTP::Server::Context,
     args    : Hash(String, String)
   )
-    user_id = @models.user.add_user(args["name"])
+    user_id = @models.user.add_user(args["name"].not_nil!,
+      active:   args["active"]? ? args["active"] == "t" : nil,
+      role:     args["role"]?,
+      email:    args["name"]?,
+      password: args["password"]?,
+    )
     { "ok": true, "user_id": user_id }
   end
 
@@ -87,7 +92,7 @@ module Guff::API::TestAPI
     context : HTTP::Server::Context,
     args    : Hash(String, String)
   )
-    @models.user.update_user(args["user_id"].to_i,
+    @models.user.update_user(args["user_id"].to_i64,
       name:     args["name"]? ? args["name"] : nil,
       active:   args["active"]? ? args["active"] == "t" : nil,
       role:     args["role"]? ? args["role"] : nil
diff --git a/src/guff/models.cr b/src/guff/models.cr
index 4da8c2d..4b6a46f 100644
--- a/src/guff/models.cr
+++ b/src/guff/models.cr
@@ -35,6 +35,7 @@ module Guff
       site:     SiteModel,
       session:  SessionModel,
       user:     UserModel,
+      role:     RoleModel,
     })
   end
 end
diff --git a/src/guff/models/user.cr b/src/guff/models/user.cr
index 1862e29..98ae10b 100644
--- a/src/guff/models/user.cr
+++ b/src/guff/models/user.cr
@@ -1,3 +1,5 @@
+require "crypto/bcrypt"
+
 class Guff::UserModel < Guff::Model
   SQL = TemplateCache.new({
     add_user: "
@@ -34,17 +36,47 @@ class Guff::UserModel < Guff::Model
     r
   end
 
-  def add_user(name : String)
-    query(:add_user, {
-      "user_name": name
-    }, nil)
+  def add_user(
+    name      : String,
+    active    : Bool?   = nil,
+    role      : String? = nil,
+    email     : String? = nil,
+    password  : String? = nil,
+  )
+    user_id = -1_i64
+
+    transaction do
+      # add user
+      query(:add_user, {
+        "user_name": name
+      }, nil)
+
+      # get user_id
+      user_id = last_insert_row_id as Int64
+
+      # set active and/or role
+      if active || role
+        update_user(user_id,
+          active: active,
+          role:   role,
+        )
+      end
+
+      # add login
+      if email || password
+        add_login(user_id,
+          email.not_nil!,
+          password.not_nil!
+        )
+      end
+    end
 
-    # return user id
-    last_insert_row_id
+    # return id
+    user_id
   end
 
   def update_user(
-    user_id : Int32,
+    user_id : Int64,
     name    : String? = nil,
     active  : Bool?   = nil,
     role    : String? = nil,
@@ -63,7 +95,7 @@ class Guff::UserModel < Guff::Model
     end
 
     if role != nil
-      args["role_name"] = role.not_nil!
+      args["role"] = role.not_nil!
       sets << "
         role_id = (SELECT role_id
                      FROM roles
@@ -77,22 +109,22 @@ class Guff::UserModel < Guff::Model
     }) if sets.size > 0
   end
 
-  def delete_login(user_id : Int32)
+  def delete_login(user_id : Int64)
     query(:delete_login, {
       "user_id": user_id.to_s
     }, nil)
   end
 
   def add_login(
-    user_id   : Int32,
+    user_id   : Int64,
     email     : String,
     password  : String,
   )
     # TODO: check password strength
-    raise "password too short" if password.length < 4
+    raise "password too short" if password.size < 4
 
     # hash password
-    pass_hash = Crypto::Bcrypt::Password.create(password, cost: 10)
+    pass_hash = Crypto::Bcrypt::Password.create(password, cost: 10).to_s
 
     transaction do
       # clear old credentials
diff --git a/src/guff/views/ecrs/test/auth.ecr b/src/guff/views/ecrs/test/auth.ecr
index c28f178..89d3283 100644
--- a/src/guff/views/ecrs/test/auth.ecr
+++ b/src/guff/views/ecrs/test/auth.ecr
@@ -46,5 +46,89 @@
         </span><!-- list-group-item -->
       </div><!-- list-group -->
     </div><!-- panel -->
+
+    <div class='panel panel-default'>
+      <div class='panel-heading'>
+        <b>
+          <i class='fa fa-user'></i>
+          Create User
+        </b>
+      </div><!-- panel-heading -->
+
+      <div class='panel-body'>
+        <div class='form-group'>
+          <label for='user-name'>
+            Name
+          </label>
+
+          <input
+            type='text'
+            id='user-name'
+            class='form-control'
+            title='Enter name of user.'
+            placeholder='John Doe'
+          />
+        </div><!-- form-group -->
+
+        <div class='form-group'>
+          <label for='user-email'>
+            Email Address
+          </label>
+
+          <input
+            type='text'
+            id='user-email'
+            class='form-control'
+            title='Enter user email.'
+            placeholder='johndoe@example.com'
+          />
+        </div><!-- form-group -->
+
+        <div class='form-group'>
+          <label for='user-password'>
+            Password
+          </label>
+
+          <input
+            type='password'
+            id='user-password'
+            class='form-control'
+            title='Enter password.'
+          />
+        </div><!-- form-group -->
+
+        <div class='form-group'>
+          <label for='user-role'>
+            Role
+          </label>
+
+          <select
+            id='user-role'
+            class='form-control'
+            title='Choose role of user.'
+          ><%=
+            get_roles
+          %></select>
+        </div><!-- form-group -->
+
+        <div class='form-group'>
+          <button
+            id='create-user'
+            class='btn btn-primary'
+            title='Create user.'
+          >
+            <span class='hidden loading'>
+              <i class='fa fa-spinner fa-spin'></i>
+              Please Wait...
+            </span>
+
+            <span class='loading'>
+              <i class='fa fa-plus-square'></i>
+              Create User
+            </span>
+          </button>
+        </div><!-- form-group -->
+      </div><!-- panel-body -->
+    </div><!-- panel -->
   </div><!-- col-md-8 -->
 </div><!-- container -->
diff --git a/src/guff/views/html/test/auth.cr b/src/guff/views/html/test/auth.cr
index 9f5d1ad..1baa7de 100644
--- a/src/guff/views/html/test/auth.cr
+++ b/src/guff/views/html/test/auth.cr
@@ -5,6 +5,18 @@ class Guff::TestAuthHTMLView
   TITLE = "Guff Auth Test"
   FEATURES = %w{bootstrap font-awesome guff/util}
 
+  TEMPLATES = TemplateCache.new({
+    role: "
+      <option
+        value='%{name}'
+        title='%{text}'
+        %{selected}
+      >
+        %{name}
+      </option>
+    "
+  })
+
   def self.run(models, context : HTTP::Server::Context)
     new(models).run(context)
   end
@@ -24,5 +36,17 @@ class Guff::TestAuthHTMLView
     HTML.escape(s || "")
   end
 
+  def get_roles
+    @models.role.get_roles.map { |row|
+      name = row["role_name"] as String
+
+      TEMPLATES[:role].run({
+        "name":     h(name),
+        "text":     h(row["role_desc"] as String),
+        "selected": (name == "guest") ? "selected='selected'" : ""
+      })
+    }.join
+  end
+
   ECR.def_to_s("./src/guff/views/ecrs/test/auth.ecr")
 end
-- 
cgit v1.2.3