diff --git a/app/controllers/user_controller.rb b/app/controllers/user_controller.rb index 0a83c5d..c4ecdf1 100644 --- a/app/controllers/user_controller.rb +++ b/app/controllers/user_controller.rb @@ -1,16 +1,20 @@ class UserController < ApplicationController - skip_before_action :login_required, :only => [:new, :create] + skip_before_action :login_required, :only => [:new, :create, :join] skip_before_action :verified_email_required, :only => [:edit, :update, :verify] def new + @user_invite = UserInvite.active.find_by!(:uuid => params[:invite_token]) @user = User.new + @user.email_address = @user_invite.email_address render :layout => 'sub' end def create + @user_invite = UserInvite.active.find_by!(:uuid => params[:invite_token]) @user = User.new(params.require(:user).permit(:first_name, :last_name, :email_address, :password, :password_confirmation)) if @user.save + @user_invite.accept(@user) AppMailer.new_user(@user).deliver self.current_user = @user redirect_to verify_path(:return_to => params[:return_to]) @@ -21,14 +25,18 @@ class UserController < ApplicationController def join if @invite = UserInvite.where(:uuid => params[:token]).where("expires_at > ?", Time.now).first - if request.post? - @invite.accept(current_user) - redirect_to_with_json root_path(:nrd => 1), :notice => "Invitation has been accepted successfully. You now have access to this organization." - elsif request.delete? - @invite.reject - redirect_to_with_json root_path(:nrd => 1), :notice => "Invitation has been rejected successfully." + if logged_in? + if request.post? + @invite.accept(current_user) + redirect_to_with_json root_path(:nrd => 1), :notice => "Invitation has been accepted successfully. You now have access to this organization." + elsif request.delete? + @invite.reject + redirect_to_with_json root_path(:nrd => 1), :notice => "Invitation has been rejected successfully." + else + @organizations = @invite.organizations.order(:name).to_a + end else - @organizations = @invite.organizations.order(:name).to_a + redirect_to new_signup_path(params[:token]) end else redirect_to_with_json root_path(:nrd => 1), :alert => "The invite URL you have has expired. Please ask the person who invited you to re-send your invitation." diff --git a/app/models/user_invite.rb b/app/models/user_invite.rb index e42d21c..019c4f8 100644 --- a/app/models/user_invite.rb +++ b/app/models/user_invite.rb @@ -25,6 +25,8 @@ class UserInvite < ApplicationRecord default_value :expires_at, -> { 7.days.from_now } + scope :active, -> { where("expires_at > ?", Time.now) } + def md5_for_gravatar @md5_for_gravatar ||= Digest::MD5.hexdigest(email_address.to_s.downcase) end diff --git a/app/views/sessions/new.html.haml b/app/views/sessions/new.html.haml index 9fdf12f..bab5452 100644 --- a/app/views/sessions/new.html.haml +++ b/app/views/sessions/new.html.haml @@ -7,13 +7,12 @@ = form_tag login_path, :class => 'loginForm' do = hidden_field_tag 'return_to', params[:return_to] - if params[:return_to] && params[:return_to] =~ /\/join\// - %p.loginForm__invite.warningBox.u-margin To accept your invitation you need to login to your account or create a new one. Choose from the options below to continue. + %p.loginForm__invite.warningBox.u-margin Login to your existing account to accept your invitation. %p.loginForm__input= text_field_tag 'email_address', '', :type => 'email', :autocomplete => 'off', :spellcheck => 'false', :class => 'input input--text input--onWhite', :placeholder => "Your e-mail address", :autofocus => true, :tabindex => 1 %p.loginForm__input= password_field_tag 'password', '', :class => 'input input--text input--onWhite', :placeholder => "Your password", :tabindex => 2 .loginForm__submit %ul.loginForm__links %li= link_to "Forgotten your password?", login_reset_path(:return_to => params[:return_to]) - %li= link_to "Create a new user", signup_path(:return_to => params[:return_to]) %p= submit_tag "Login", :class => 'button button--positive', :tabindex => 3 diff --git a/app/views/user/new.html.haml b/app/views/user/new.html.haml index 8f0bc6a..9365bd4 100644 --- a/app/views/user/new.html.haml +++ b/app/views/user/new.html.haml @@ -1,17 +1,19 @@ - @wide = true - page_title << "Signup" .subPageBox__title - Create your own Postal account + Join the #{@user_invite.organizations.first.name} organization = display_flash .subPageBox__content %p.subPageBox__text - To create an account, just enter your details below and you'll be on your way. - Be sure to enter a valid e-mail address because we'll send you a verification - e-mail as part of the signup process. + If you don't already have an account on this system, you can create one below. Otherwise, you should + #{link_to "login to your existing account", login_path(:return_to => join_path(@user_invite.uuid)), :class => 'u-link'} + and add this organization to that. + .signupForm = form_for @user, :url => signup_path do |f| = hidden_field_tag 'return_to', params[:return_to] + = hidden_field_tag 'invite_token', params[:invite_token] = f.error_messages .fieldSet.fieldSet--compact.u-margin .fieldSet__fieldPair diff --git a/config/routes.rb b/config/routes.rb index 6fd666b..566dd3a 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -80,9 +80,9 @@ Rails.application.routes.draw do post 'persist' => 'sessions#persist' match 'verify' => 'user#verify', :via => [:get, :post] - get 'signup' => 'user#new' + get 'signup/:invite_token' => 'user#new', :as => 'new_signup' post 'signup' => 'user#create' - match 'join/:token' => 'user#join', :via => [:get, :post, :delete] + match 'join/:token' => 'user#join', :via => [:get, :post, :delete], :as => 'join' get 'login' => 'sessions#new' post 'login' => 'sessions#create' get 'login/token' => 'sessions#create_with_token'