done with user edit/update, index and destroy actions

Gemfile

@@ -3,14 +3,16 @@ source 'http://rubygems.org'
 gem 'rails', '3.0.1'
 gem 'sqlite3-ruby', :require => 'sqlite3'
 gem 'gravatar_image_tag', '1.0.0.pre2'
+gem 'will_paginate', '3.0.pre2'
 
 group :development do
   gem 'rspec-rails', '2.5.0'
   gem 'annotate-models', '1.0.4'
+  gem 'faker', '0.3.1'
 end
 
 group :test do
   gem 'rspec', '2.5.0'
   gem 'webrat', '0.7.1'
-	gem 'factory_girl_rails', '1.0'
+  gem 'factory_girl_rails', '1.0'
 end

Gemfile.lock

@@ -39,6 +39,7 @@ GEM
     factory_girl_rails (1.0)
       factory_girl (~> 1.3)
       rails (>= 3.0.0.beta4)
+    faker (0.3.1)
     gravatar_image_tag (1.0.0.pre2)
     i18n (0.4.2)
     mail (2.2.19)
@@ -92,16 +93,19 @@ GEM
       nokogiri (>= 1.2.0)
       rack (>= 1.0)
       rack-test (>= 0.5.3)
+    will_paginate (3.0.pre2)
 
 PLATFORMS
   ruby
 
 DEPENDENCIES
   annotate-models (= 1.0.4)
   factory_girl_rails (= 1.0)
+  faker (= 0.3.1)
   gravatar_image_tag (= 1.0.0.pre2)
   rails (= 3.0.1)
   rspec (= 2.5.0)
   rspec-rails (= 2.5.0)
   sqlite3-ruby
   webrat (= 0.7.1)
+  will_paginate (= 3.0.pre2)

I_AM_HERE.txt

@@ -1 +1 @@
-9.4.1 Destroying sessions
+10.1.2 Enabling edits

app/controllers/sessions_controller.rb

@@ -13,7 +13,7 @@ def create
   		render 'new'
   	else
   		sign_in user
-  		redirect_to user
+  		redirect_back_or user
   	end
   end
 

app/controllers/users_controller.rb

@@ -1,5 +1,14 @@
 class UsersController < ApplicationController
 
+  before_filter :authenticate, :only => [:index, :edit, :update]
+  before_filter :correct_user, :only => [:edit, :update]
+  before_filter :admin_user,  :only => :destroy
+
+  def index
+    @title = "All users"
+    @users = User.paginate(:page => params[:page])
+  end
+
   def new
     @user = User.new
     @title = "Sign up"
@@ -9,7 +18,18 @@ def show
     @user = User.find(params[:id])
     @title = @user.name
   end
+
+  def edit
+    @title = "Edit user"
+  end
 
+  def destroy
+    User.find(params[:id]).destroy
+    flash[:success] = "User destroyed."
+    redirect_to users_path
+  end
+
+
   def create
     @user = User.new(params[:user])
     if @user.save
@@ -21,4 +41,31 @@ def create
       render 'new'
     end
   end
+
+  def update
+    @user = User.find(params[:id])
+    if @user.update_attributes(params[:user])
+      flash[:success] = "Profile updated."
+      redirect_to @user
+    else
+      @title = "Edit user"
+      render 'edit'
+    end
+  end
+
+  private
+
+  def admin_user
+    redirect_to(root_path) unless current_user.admin?
+  end
+
+  def authenticate
+    deny_access unless signed_in?
+  end
+
+  def correct_user
+    @user = User.find(params[:id])
+    redirect_to(root_path) unless current_user?(@user)
+  end
+
 end

app/helpers/sessions_helper.rb

@@ -5,6 +5,16 @@ def sign_in(user)
 		self.current_user = user
 	end
 
+	def deny_access
+		store_location
+		redirect_to signin_path, :notice => "Please sign in to access this page."
+	end
+
+	def redirect_back_or(default)
+		redirect_to(session[:return_to] || default)
+		clear_return_to
+	end
+
 	def current_user=(user)
 		@current_user ||= user_from_remember_token
 	end
@@ -17,19 +27,31 @@ def signed_in?
 		!current_user.nil?
 	end
 
+	def current_user?(user)
+		user == current_user
+	end
+
 	def sign_out
 		cookies.delete(:remember_token)
 		self.current_user = nil
 	end
 
 	private
 
-		def user_from_remember_token
-			User.authenticate_with_salt(*remember_token)
-		end
+	def store_location
+		session[:return_to] = request.fullpath
+	end
+
+	def clear_return_to
+		session[:return_to] = nil
+	end
 
-		def remember_token
-			cookies.signed[:remember_token] || [nil, nil]
-		end
+	def user_from_remember_token
+		User.authenticate_with_salt(*remember_token)
+	end
+
+	def remember_token
+		cookies.signed[:remember_token] || [nil, nil]
+	end
 
 end

app/views/layouts/_header.html.erb

@@ -3,17 +3,19 @@
   <nav class="round">
     <ul>
       <li><%= link_to "Home", 'root_path' %></li>
-      
+
       <% if signed_in? %>
-      <li><%= link_to "Profile", @current_user %></li>
+      <li><%= link_to "Users", users_path %></li>
+      <li><%= link_to "Profile", current_user %></li>
+      <li><%= link_to "Settings", edit_user_path(current_user) %></li>
       <% end %>
 
       <li><%= link_to "Help", 'help_path' %></li>
 
       <% if signed_in? %>
       <li><%= link_to "Sign out", signout_path, :method => :delete %></li>
       <% else %>
-      <li><%= link_to "Sign in", '#' %></li>
+      <li><%= link_to "Sign in", signin_path %></li>
       <% end %>
     </ul>
   </nav>

app/views/layouts/application.html.erb

@@ -4,6 +4,7 @@
     <title><%= title %></title>
     <%= csrf_meta_tag %>
     <%= render 'layouts/stylesheets' %>
+    <%= javascript_include_tag :defaults %>
   </head>
   <body>
     <div class="container">

app/views/pages/home.html.erb

@@ -5,4 +5,4 @@
       sample application.
     </p>
 
-    <%= link_to "Sign up now!", 'signup_path', :class => "signup_button round" %>
+    <%= link_to "Sign up now!", 'signup', :class => "signup_button round" %>

app/views/shared/_error_messages.html.erb

@@ -1,10 +1,11 @@
-<% if @user.errors.any? %>
+<% if object.errors.any? %>
   <div id="error_explanation">
-    <h2><%= pluralize(@user.errors.count, "error") %> 
-        prohibited this user from being saved:</h2>
+    <h2><%= pluralize(object.errors.count, "error") %> 
+        prohibited this <%= object.class.to_s.underscore.humanize.downcase %> 
+        from being saved:</h2>
     <p>There were problems with the following fields:</p>
     <ul>
-    <% @user.errors.full_messages.each do |msg| %>
+    <% object.errors.full_messages.each do |msg| %>
       <li><%= msg %></li>
     <% end %>
     </ul>

app/views/users/_users.html.erb

@@ -0,0 +1,7 @@
+<li>
+  <%= gravatar_for user, :size => 30 %>
+  <%= link_to user.name, user %>
+  <% if current_user.admin? %>
+  	<%= link_to "delete", user, :method => :delete, :confirm => "You sure?", :title => "Delete #{user.name}" %>
+  	<% end %>
+</li>

app/views/users/edit.html.erb

@@ -0,0 +1,29 @@
+<h1>Edit user</h1>
+
+<%= form_for(@user) do |f| %>
+  <%= render 'shared/error_messages', :object => f.object %>
+  <div class="field">
+    <%= f.label :name %><br />
+    <%= f.text_field :name %>
+  </div>
+  <div class="field">
+    <%= f.label :email %><br />
+    <%= f.text_field :email %>
+  </div>
+  <div class="field">
+    <%= f.label :password %><br />
+    <%= f.password_field :password %>
+  </div>
+  <div class="field">
+    <%= f.label :password_confirmation, "Confirmation" %><br />
+    <%= f.password_field :password_confirmation %>
+  </div>
+  <div class="actions">
+    <%= f.submit "Update" %>
+  </div>
+<% end %>
+
+<div>
+  <%= gravatar_for @user %>
+  <a href="http://gravatar.com/emails">change</a>
+</div>

app/views/users/index.html.erb

@@ -0,0 +1,9 @@
+<h1>All users</h1>
+
+<%= will_paginate %>
+
+<ul class="users">
+  <%= render @users %>
+</ul>
+
+<%= will_paginate %>

app/views/users/new.html.erb

@@ -1,7 +1,7 @@
 <h1>Sign up</h1>
 
 <%= form_for(@user) do |f| %>
-<%= render 'shared/error_messages' %>
+<%= render 'shared/error_messages', :object => f.object %>
   <div class="field">
     <%= f.label :name %><br />
     <%= f.text_field :name %>

config/routes.rb

@@ -12,6 +12,7 @@
   match '/about',   :to => 'pages#about'
   match '/help',    :to => 'pages#help'
   match '/signup',  :to => 'users#new'
+  match '/users',   :to => 'users#index'
 
   root :to => 'pages#home'
 

db/migrate/20110905190221_add_admin_to_users.rb

@@ -0,0 +1,9 @@
+class AddAdminToUsers < ActiveRecord::Migration
+  def self.up
+    add_column :users, :admin, :boolean, :default => false
+  end
+
+  def self.down
+    remove_column :users, :admin
+  end
+end

db/schema.rb

@@ -10,7 +10,7 @@
 #
 # It's strongly recommended to check this file into your version control system.
 
-ActiveRecord::Schema.define(:version => 20110615211627) do
+ActiveRecord::Schema.define(:version => 20110905190221) do
 
   create_table "users", :force => true do |t|
     t.string   "name"
@@ -19,6 +19,7 @@
     t.datetime "updated_at"
     t.string   "encrypted_password"
     t.string   "salt"
+    t.boolean  "admin",              :default => false
   end
 
   add_index "users", ["email"], :name => "index_users_on_email", :unique => true

lib/tasks/sample_data.rake

@@ -0,0 +1,21 @@
+namespace :db do
+  desc "Fill database with sample data"
+  task :populate => :environment do
+    Rake::Task['db:reset'].invoke
+    admin = User.create!(:name => "Example User",
+                         :email => "[email protected]",
+                         :password => "foobar",
+                         :password_confirmation => "foobar")
+    admin.toggle!(:admin)
+
+    99.times do |n|
+      name  = Faker::Name.name
+      email = "example-#{n+1}@railstutorial.org"
+      password  = "password"
+      User.create!(:name => name,
+                   :email => email,
+                   :password => password,
+                   :password_confirmation => password)
+    end
+  end
+end

public/stylesheets/custom.css

@@ -153,6 +153,14 @@ div.field, div.actions {
   color: #fff;
 }
 
+ul.users {
+  margin-top: 1em;
+}
+
+.users li {
+  list-style: none;
+}
+
 #error_explanation {
   width: 400px;
   border: 2px solid red;