]> git.openstreetmap.org Git - rails.git/blob - app/controllers/confirmations_controller.rb
Merge branch 'anonymous-notes-counter'
[rails.git] / app / controllers / confirmations_controller.rb
1 class ConfirmationsController < ApplicationController
2   include SessionMethods
3   include UserMethods
4
5   layout "site"
6
7   before_action :authorize_web
8   before_action :set_locale
9   before_action :check_database_readable
10
11   authorize_resource :class => false
12
13   before_action :check_database_writable, :only => [:confirm, :confirm_email]
14   before_action :require_cookies, :only => [:confirm]
15
16   def confirm
17     if request.post?
18       user = User.find_by_token_for(:new_user, params[:confirm_string])
19
20       if !user
21         flash[:error] = t(".unknown token")
22         redirect_to :action => "confirm"
23       elsif user.active?
24         flash[:error] = t(".already active")
25         redirect_to login_path
26       elsif !user.visible?
27         render_unknown_user user.display_name
28       else
29         user.activate
30         user.email_valid = true
31         flash[:notice] = gravatar_status_message(user) if gravatar_enable(user)
32         user.save!
33         cookies.delete :_osm_anonymous_notes_count
34         referer = safe_referer(params[:referer]) if params[:referer]
35
36         pending_user = session.delete(:pending_user)
37
38         if user.id == pending_user
39           session[:user] = user.id
40           session[:fingerprint] = user.fingerprint
41
42           redirect_to referer || welcome_path
43         else
44           flash[:notice] = t(".success")
45           redirect_to login_path(:referer => referer)
46         end
47       end
48     else
49       user = User.visible.find_by(:display_name => params[:display_name])
50
51       redirect_to root_path if user.nil? || user.active?
52     end
53   end
54
55   def confirm_resend
56     user = User.visible.find_by(:display_name => params[:display_name])
57
58     if user.nil? || user.id != session[:pending_user]
59       flash[:error] = t ".failure", :name => params[:display_name]
60     else
61       UserMailer.signup_confirm(user, user.generate_token_for(:new_user)).deliver_later
62       flash[:notice] = { :partial => "confirmations/resend_success_flash", :locals => { :email => user.email, :sender => Settings.email_from } }
63     end
64
65     redirect_to login_path
66   end
67
68   def confirm_email
69     if request.post?
70       self.current_user = User.find_by_token_for(:new_email, params[:confirm_string])
71
72       if current_user&.new_email?
73         current_user.email = current_user.new_email
74         current_user.new_email = nil
75         current_user.email_valid = true
76         gravatar_enabled = gravatar_enable(current_user)
77         if current_user.save
78           flash[:notice] = if gravatar_enabled
79                              "#{t('.success')} #{gravatar_status_message(current_user)}"
80                            else
81                              t(".success")
82                            end
83         else
84           flash[:errors] = current_user.errors
85         end
86         session[:user] = current_user.id
87         session[:fingerprint] = current_user.fingerprint
88       elsif current_user
89         flash[:error] = t ".failure"
90       else
91         flash[:error] = t ".unknown_token"
92       end
93
94       redirect_to edit_account_path
95     end
96   end
97
98   private
99
100   ##
101   # check if this user has a gravatar and set the user pref is true
102   def gravatar_enable(user)
103     # code from example https://en.gravatar.com/site/implement/images/ruby/
104     return false if user.avatar.attached?
105
106     begin
107       hash = Digest::MD5.hexdigest(user.email.downcase)
108       url = "https://www.gravatar.com/avatar/#{hash}?d=404" # without d=404 we will always get an image back
109       response = OSM.http_client.get(URI.parse(url))
110       available = response.success?
111     rescue StandardError
112       available = false
113     end
114
115     oldsetting = user.image_use_gravatar
116     user.image_use_gravatar = available
117     oldsetting != user.image_use_gravatar
118   end
119
120   ##
121   # display a message about th current status of the gravatar setting
122   def gravatar_status_message(user)
123     if user.image_use_gravatar
124       t "profiles.edit.gravatar.enabled"
125     else
126       t "profiles.edit.gravatar.disabled"
127     end
128   end
129 end