Avoid integer overflow when computing shortcodes

[rails.git] / app / models / user.rb

diff --git a/app/models/user.rb b/app/models/user.rb
index 23e95bc8803e3a1469ce58cefdd57a1990746069..1db8adab7fcea045f4b1a05516859a57aa579043 100644 (file)
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -28,9 +28,12 @@ class User < ActiveRecord::Base
   validates_email_format_of :email
   validates_email_format_of :new_email, :allow_blank => true
   validates_format_of :display_name, :with => /^[^\/;.,?]*$/
+  validates_format_of :display_name, :with => /^\S/, :message => "has leading whitespace"
+  validates_format_of :display_name, :with => /\S$/, :message => "has trailing whitespace"
   validates_numericality_of :home_lat, :allow_nil => true
   validates_numericality_of :home_lon, :allow_nil => true
   validates_numericality_of :home_zoom, :only_integer => true, :allow_nil => true
+  validates_inclusion_of :preferred_editor, :in => Editors::ALL_EDITORS, :allow_nil => true
 
   before_save :encrypt_password
 
@@ -56,8 +59,11 @@ class User < ActiveRecord::Base
       user = token.user if token
     end
 
-    if user
-      user = nil unless user.visible? and (user.active? or options[:inactive])
+    if user and
+      ( user.status == "deleted" or
+        ( user.status == "pending" and not options[:pending] ) or
+        ( user.status == "suspended" and not options[:suspended] ) )
+      user = nil
     end
 
     token.update_attribute(:expiry, 1.week.from_now) if token and user
@@ -197,4 +203,10 @@ class User < ActiveRecord::Base
 
     return score.to_i
   end
+
+  ##
+  # return an oauth access token for a specified application
+  def access_token(application_key)
+    return ClientApplication.find_by_key(application_key).access_token_for_user(self)
+  end
 end