+ @friend = User.find_by_display_name(params[:display_name])
+
+ if @friend
+ if request.post?
+ if @user.is_friends_with?(@friend)
+ Friend.delete_all "user_id = #{@user.id} AND friend_user_id = #{@friend.id}"
+ flash[:notice] = t "user.remove_friend.success", :name => @friend.display_name
+ else
+ flash[:error] = t "user.remove_friend.not_a_friend", :name => @friend.display_name
+ end
+
+ if params[:referer]
+ redirect_to params[:referer]
+ else
+ redirect_to :controller => "user", :action => "view"
+ end
+ end
+ else
+ render_unknown_user params[:display_name]
+ end
+ end
+
+ ##
+ # sets a user's status
+ def set_status
+ @this_user.status = params[:status]
+ @this_user.save
+ redirect_to :controller => "user", :action => "view", :display_name => params[:display_name]
+ end
+
+ ##
+ # delete a user, marking them as deleted and removing personal data
+ def delete
+ @this_user.delete
+ redirect_to :controller => "user", :action => "view", :display_name => params[:display_name]
+ end
+
+ ##
+ # display a list of users matching specified criteria
+ def list
+ if request.post?
+ ids = params[:user].keys.collect(&:to_i)
+
+ User.where(:id => ids).update_all(:status => "confirmed") if params[:confirm]
+ User.where(:id => ids).update_all(:status => "deleted") if params[:hide]
+
+ redirect_to url_for(:status => params[:status], :ip => params[:ip], :page => params[:page])
+ else
+ conditions = {}
+ conditions[:status] = params[:status] if params[:status]
+ conditions[:creation_ip] = params[:ip] if params[:ip]
+
+ @user_pages, @users = paginate(:users,
+ :conditions => conditions,
+ :order => :id,
+ :per_page => 50)
+ end
+ end
+
+ ##
+ # omniauth success callback
+ def auth_success
+ auth_info = env["omniauth.auth"]
+
+ provider = auth_info[:provider]
+ uid = auth_info[:uid]
+ name = auth_info[:info][:name]
+ email = auth_info[:info][:email]
+
+ case provider
+ when "openid"
+ email_verified = uid.match(%r{https://www.google.com/accounts/o8/id?(.*)}) ||
+ uid.match(%r{https://me.yahoo.com/(.*)})
+ when "google", "facebook"
+ email_verified = true
+ else
+ email_verified = false
+ end
+
+ user = User.find_by_auth_provider_and_auth_uid(provider, uid)
+
+ if user.nil? && provider == "google"
+ openid_url = auth_info[:extra][:id_info]["openid_id"]
+ user = User.find_by_auth_provider_and_auth_uid("openid", openid_url) if openid_url
+ user.update(:auth_provider => provider, :auth_uid => uid) if user
+ end
+
+ if user
+ case user.status
+ when "pending" then
+ unconfirmed_login(user)
+ when "active", "confirmed" then
+ successful_login(user, env["omniauth.params"]["referer"])
+ when "suspended" then
+ failed_login t("user.login.account is suspended", :webmaster => "mailto:webmaster@openstreetmap.org")