Esempio n. 1
0
func (c User) PostCreate(user *models.User, password models.Password) revel.Result {
	if user.CanBeCreatedBy(c.MongoSession, c.ActiveUser) {
		if exists := models.GetUserByEmail(c.MongoSession, user.Email); exists.Email == user.Email {
			msg := fmt.Sprint("Account with ", user.Email, " already exists.")
			c.Validation.Required(user.Email != exists.Email).
				Message(msg)
		} else {
			user.Id = bson.NewObjectId()
		}

		user.Validate(c.Validation)
		user.ValidatePassword(c.Validation, password)

		if c.Validation.HasErrors() {
			c.Validation.Keep()
			c.FlashParams()
			c.Flash.Error("Please correct the errors below.")
			return c.Redirect(User.GetCreate)
		}

		user.Save(c.MongoSession, password)

		c.Session["user"] = user.Email
		c.Flash.Success("Welcome, " + user.String())
		return c.Redirect(Application.Index)
	} else {
		return c.Forbidden("You are not allowed to create user accounts.")
	}
}
Esempio n. 2
0
func (c User) PostUpdate(id bson.ObjectId, user *models.User, password models.Password) revel.Result {
	if user.CanBeUpdatedBy(c.MongoSession, c.ActiveUser) {
		// Don't trust user submitted id... load from session.
		user.Id = c.ActiveUser.Id
		user.Validate(c.Validation)

		// Only validate the password if either is non-empty
		if password.Pass != "" || password.PassConfirm != "" {
			user.ValidatePassword(c.Validation, password)
		}

		if c.Validation.HasErrors() {
			c.Validation.Keep()
			c.FlashParams()
			c.Flash.Error("Please correct the errors below.")
			return c.Redirect(User.Index)
		}

		user.Save(c.MongoSession, password)

		// Refresh the session in case the email address was changed.
		c.Session["user"] = user.Email

		c.Flash.Success("Successfully updated account")
		return c.Redirect(Application.Index)
	}
	return c.Forbidden("You can only edit your own account. ")
}