layout "site"
skip_before_action :verify_authenticity_token, :only => [:auth_success]
- before_action :disable_terms_redirect, :only => [:terms, :save]
before_action :authorize_web
before_action :set_locale
before_action :check_database_readable
before_action :check_database_writable, :only => [:new, :go_public]
before_action :require_cookies, :only => [:new]
- before_action :lookup_user_by_name, :only => [:set_status, :destroy]
allow_thirdparty_images :only => :show
allow_social_login :only => :new
end
end
- ##
- # destroy a user, marking them as deleted and removing personal data
- def destroy
- @user.soft_destroy!
- redirect_to user_path(:display_name => params[:display_name])
- end
-
- def terms
- @legale = params[:legale] || OSM.ip_to_country(request.remote_ip) || Settings.default_legale
- @text = OSM.legal_text_for_country(@legale)
-
- if request.xhr?
- render :partial => "terms"
- else
- @title = t ".title"
-
- if current_user&.terms_agreed?
- # Already agreed to terms, so just show settings
- redirect_to edit_account_path
- elsif current_user.nil?
- redirect_to login_path(:referer => request.fullpath)
- end
- end
- end
-
- def save
- @title = t "users.new.title"
-
- if params[:decline] || !(params[:read_tou] && params[:read_ct])
- if current_user
- current_user.terms_seen = true
-
- flash[:notice] = { :partial => "users/terms_declined_flash" } if current_user.save
-
- referer = safe_referer(params[:referer]) if params[:referer]
-
- redirect_to referer || edit_account_path
- elsif params[:decline]
- redirect_to t("users.terms.declined"), :allow_other_host => true
- else
- redirect_to :action => :terms
- end
- elsif current_user
- unless current_user.terms_agreed?
- current_user.consider_pd = params[:user][:consider_pd]
- current_user.tou_agreed = Time.now.utc
- current_user.terms_agreed = Time.now.utc
- current_user.terms_seen = true
-
- flash[:notice] = t "users.new.terms accepted" if current_user.save
- end
-
- referer = safe_referer(params[:referer]) if params[:referer]
-
- redirect_to referer || edit_account_path
- end
- end
-
def go_public
current_user.data_public = true
current_user.save
redirect_to edit_account_path
end
- ##
- # sets a user's status
- def set_status
- @user.activate! if params[:event] == "activate"
- @user.confirm! if params[:event] == "confirm"
- @user.unconfirm! if params[:event] == "unconfirm"
- @user.hide! if params[:event] == "hide"
- @user.unhide! if params[:event] == "unhide"
- @user.unsuspend! if params[:event] == "unsuspend"
- redirect_to user_path(:display_name => params[:display_name])
- end
-
##
# omniauth success callback
def auth_success
end
end
- ##
- # ensure that there is a "user" instance variable
- def lookup_user_by_name
- @user = User.find_by(:display_name => params[:display_name])
- rescue ActiveRecord::RecordNotFound
- redirect_to :action => "view", :display_name => params[:display_name] unless @user
- end
-
##
# return permitted user parameters
def user_params
projects / rails.git / blobdiff