]> git.openstreetmap.org Git - rails.git/blobdiff - app/controllers/users_controller.rb
Merge pull request #4197 from AntonKhorev/user-resources
[rails.git] / app / controllers / users_controller.rb
index 1e927aa01d71b2d80c0ff94ce2d9832d2d3239eb..9d4b3d258cce6c098d288a39c7ae13d2743eaab0 100644 (file)
@@ -53,7 +53,7 @@ class UsersController < ApplicationController
   end
 
   def new
-    @title = t "users.new.title"
+    @title = t ".title"
     @referer = if params[:referer]
                  safe_referer(params[:referer])
                else
@@ -127,7 +127,7 @@ class UsersController < ApplicationController
     if request.xhr?
       render :partial => "terms"
     else
-      @title = t "users.terms.title"
+      @title = t ".title"
 
       if current_user&.terms_agreed?
         # Already agreed to terms, so just show settings
@@ -151,7 +151,7 @@ class UsersController < ApplicationController
 
         redirect_to referer || edit_account_path
       elsif params[:decline]
-        redirect_to t("users.terms.declined")
+        redirect_to t("users.terms.declined"), :allow_other_host => true
       else
         redirect_to :action => :terms
       end
@@ -186,6 +186,9 @@ class UsersController < ApplicationController
         end
 
         if current_user.save
+          SIGNUP_IP_LIMITER&.update(request.remote_ip)
+          SIGNUP_EMAIL_LIMITER&.update(canonical_email(current_user.email))
+
           flash[:matomo_goal] = Settings.matomo["goals"]["signup"] if defined?(Settings.matomo)
 
           referer = welcome_path
@@ -220,7 +223,7 @@ class UsersController < ApplicationController
   def go_public
     current_user.data_public = true
     current_user.save
-    flash[:notice] = t "users.go_public.flash success"
+    flash[:notice] = t ".flash success"
     redirect_to edit_account_path
   end
 
@@ -250,7 +253,7 @@ class UsersController < ApplicationController
                      when "openid"
                        uid.match(%r{https://www.google.com/accounts/o8/id?(.*)}) ||
                        uid.match(%r{https://me.yahoo.com/(.*)})
-                     when "google", "facebook"
+                     when "google", "facebook", "microsoft"
                        true
                      else
                        false
@@ -304,7 +307,7 @@ class UsersController < ApplicationController
   ##
   # omniauth failure callback
   def auth_failure
-    flash[:error] = t(params[:message], :scope => "users.auth_failure", :default => t("users.auth_failure.unknown_error"))
+    flash[:error] = t(params[:message], :scope => "users.auth_failure", :default => t(".unknown_error"))
 
     origin = safe_referer(params[:origin]) if params[:origin]
 
@@ -344,7 +347,13 @@ class UsersController < ApplicationController
                    domain_mx_servers(domain)
                  end
 
-    if blocked = Acl.no_account_creation(request.remote_ip, :domain => domain, :mx => mx_servers)
+    blocked = Acl.no_account_creation(request.remote_ip, :domain => domain, :mx => mx_servers)
+
+    blocked ||= SIGNUP_IP_LIMITER && !SIGNUP_IP_LIMITER.allow?(request.remote_ip)
+
+    blocked ||= email && SIGNUP_EMAIL_LIMITER && !SIGNUP_EMAIL_LIMITER.allow?(canonical_email(email))
+
+    if blocked
       logger.info "Blocked signup from #{request.remote_ip} for #{email}"
 
       render :action => "blocked"
@@ -353,11 +362,25 @@ class UsersController < ApplicationController
     !blocked
   end
 
+  def canonical_email(email)
+    local_part, domain = if email.nil?
+                           nil
+                         else
+                           email.split("@")
+                         end
+
+    local_part.sub!(/\+.*$/, "")
+
+    local_part.delete!(".") if %w[gmail.com googlemail.com].include?(domain)
+
+    "#{local_part}@#{domain}"
+  end
+
   ##
   # get list of MX servers for a domains
   def domain_mx_servers(domain)
     Resolv::DNS.open do |dns|
-      dns.getresources(domain, Resolv::DNS::Resource::IN::MX).collect(&:exchange).collect(&:to_s)
+      dns.getresources(domain, Resolv::DNS::Resource::IN::MX).collect { |mx| mx.exchange.to_s }
     end
   end
 end