allowed role and badge filtering, made User.search take Role and Badge as params

2017-06-02 18:19:06 +02:00
parent a1ade53445
commit 7d3ad5cde6
3 changed files with 17 additions and 14 deletions
--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@@ -7,11 +7,10 @@ class UsersController < ApplicationController
  before_filter :set_user, except: [:index, :new, :create, :lost_password, :reset_password, :suggestions]

  def index
-    role = Role.find_by(name: params[:role]) unless role.try(:downcase) == "staff"
+    role = Role.find_by(name: params[:role])
    badge = Badge.find_by(name: params[:badge])

-    @users = User.search(params[:search], role, badge)
-    @users = @users.order("roles.value desc", "confirmed desc", :name) unless params[:badge]
+    @users = User.search(params[:search], role, badge, params[:staff])
    @count = @users.size
    @users = @users.page(params[:page]).per(100)
  end
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -151,6 +151,10 @@ class User < ActiveRecord::Base
    self.role ||= Role.get(:normal)
  end

+  def set_badge
+    self.badge ||= Badge.get(:none)
+  end
+
  def set_uuid
    if !self.uuid.present?
      # idk
@@ -175,9 +179,9 @@ class User < ActiveRecord::Base
    self.email_token ||= SecureRandom.hex(16)
  end
  
-  def self.search (search, role, badge)
+  def self.search (search, role, badge, staff)
    if role
-      if role.try(:downcase) == "staff"
+      if staff
        users = User.joins(:role).where("roles.value >= ?", Role.get(:mod).to_i)
      else
        users = User.joins(:role).where(role: role)
@@ -189,6 +193,8 @@ class User < ActiveRecord::Base
      users = User.joins(:role).all.where.not(id: User.first.id)
    end
    search_san = User.send(:sanitize_sql_like, search.to_s)
-    users.where("users.name like ? OR ign like ?", "%#{search_san}%", "%#{search_san}%")
+    users = users.where("users.name like ? OR ign like ?", "%#{search_san}%", "%#{search_san}%")
+    users = users.order("roles.value desc", "confirmed desc", :name) unless badge
+    users
  end
 end
--- a/app/views/users/index.html.erb
+++ b/app/views/users/index.html.erb
@@ -1,11 +1,9 @@
-<div class="searchfield">
-  <%= form_tag({controller: "users", action: "index"}, method: :get, enforce_utf8: false) do %>
-    <%= text_field_tag "search", params[:search], placeholder: "Search for a user", style: "width:300px" %>
-    <%= submit_tag "Go", class: "searchfield btn", style: "width:40px", name: nil %>
-    <%= hidden_field_tag "role", params[:role] if params[:role] %>
-    <%= hidden_field_tag "badge", params[:badge] if params[:badge]%>
-  <% end %>
-</div>
+<%= form_tag(users_path, method: :get) do %>
+  <%= text_field_tag "search", params[:search], placeholder: "Search for a user", class: "searchfield field" %>
+  <%= submit_tag "Go", class: "searchfield btn", name: nil %>
+  <%= hidden_field_tag "role", params[:role] if params[:role] %>
+  <%= hidden_field_tag "badge", params[:badge] if params[:badge]%>
+<% end %>
 <h1>
  <%
    if params[:role] && !params[:badge]