X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/035254c5fbcf7c4a892532baefc79f5e9e4e7aa7..95c3d640a44857b0b92ec3be6dad606e40057c5c:/app/controllers/user_controller.rb diff --git a/app/controllers/user_controller.rb b/app/controllers/user_controller.rb index 36516f60f..93cc3a6a5 100644 --- a/app/controllers/user_controller.rb +++ b/app/controllers/user_controller.rb @@ -1,18 +1,20 @@ class UserController < ApplicationController - layout 'site' + layout 'site', :except => :api_details before_filter :authorize, :only => [:api_details, :api_gpx_files] - before_filter :set_locale, :except => [:api_details, :api_gpx_files] before_filter :authorize_web, :except => [:api_details, :api_gpx_files] + before_filter :set_locale, :except => [:api_details, :api_gpx_files] before_filter :require_user, :only => [:set_home, :account, :go_public, :make_friend, :remove_friend, :upload_image, :delete_image] before_filter :check_database_readable, :except => [:api_details, :api_gpx_files] before_filter :check_database_writable, :only => [:login, :new, :set_home, :account, :go_public, :make_friend, :remove_friend, :upload_image, :delete_image] before_filter :check_api_readable, :only => [:api_details, :api_gpx_files] + before_filter :require_allow_read_prefs, :only => [:api_details] + before_filter :require_allow_read_gpx, :only => [:api_gpx_files] filter_parameter_logging :password, :pass_crypt, :pass_crypt_confirmation def save - @title = 'create account' + @title = t 'user.new.title' if Acl.find_by_address(request.remote_ip, :conditions => {:k => "no_account_creation"}) render :action => 'new' @@ -23,10 +25,11 @@ class UserController < ApplicationController @user.data_public = true @user.description = "" if @user.description.nil? @user.creation_ip = request.remote_ip + @user.languages = request.user_preferred_languages if @user.save - flash[:notice] = "User was successfully created. Check your email for a confirmation note, and you\'ll be mapping in no time :-)

Please note that you won't be able to login until you've received and confirmed your email address.

If you use an antispam system which sends confirmation requests then please make sure you whitelist webmaster@openstreetmap.org as we are unable to reply to any confirmation requests." - Notifier.deliver_signup_confirm(@user, @user.tokens.create) + flash[:notice] = t 'user.new.flash create success message' + Notifier.deliver_signup_confirm(@user, @user.tokens.create(:referer => params[:referer])) redirect_to :action => 'login' else render :action => 'new' @@ -35,7 +38,9 @@ class UserController < ApplicationController end def account - @title = 'edit account' + @title = t 'user.account.title' + @tokens = @user.oauth_tokens.find :all, :conditions => 'oauth_tokens.invalidated_at is null and oauth_tokens.authorized_at is not null' + if params[:user] and params[:user][:display_name] and params[:user][:description] if params[:user][:email] != @user.email @user.new_email = params[:user][:email] @@ -49,15 +54,18 @@ class UserController < ApplicationController end @user.description = params[:user][:description] + @user.languages = params[:user][:languages].split(",") @user.home_lat = params[:user][:home_lat] @user.home_lon = params[:user][:home_lon] if @user.save + set_locale + if params[:user][:email] == @user.new_email - @notice = "User information updated successfully. Check your email for a note to confirm your new email address." + flash[:notice] = t 'user.account.flash update success confirm needed' Notifier.deliver_email_confirm(@user, @user.tokens.create) else - @notice = "User information updated successfully." + flash[:notice] = t 'user.account.flash update success' end end end @@ -68,7 +76,7 @@ class UserController < ApplicationController @user.home_lat = params[:user][:home_lat].to_f @user.home_lon = params[:user][:home_lon].to_f if @user.save - flash[:notice] = "Home location saved successfully." + flash[:notice] = t 'user.set_home.flash success' redirect_to :controller => 'user', :action => 'account' end end @@ -77,84 +85,93 @@ class UserController < ApplicationController def go_public @user.data_public = true @user.save - flash[:notice] = 'All your edits are now public.' + flash[:notice] = t 'user.go_public.flash success' redirect_to :controller => 'user', :action => 'account', :display_name => @user.display_name end def lost_password - @title = 'lost password' + @title = t 'user.lost_password.title' + if params[:user] and params[:user][:email] user = User.find_by_email(params[:user][:email], :conditions => {:visible => true}) if user token = user.tokens.create Notifier.deliver_lost_password(user, token) - @notice = "Sorry you lost it :-( but an email is on its way so you can reset it soon." + @notice = t 'user.lost_password.notice email on way' else - @notice = "Couldn't find that email address, sorry." + @notice = t 'user.lost_password.notice email cannot find' end end end def reset_password - @title = 'reset password' - if params['token'] + @title = t 'user.reset_password.title' + + if params[:token] token = UserToken.find_by_token(params[:token]) + if token - pass = OSM::make_token(8) - user = token.user - user.pass_crypt = pass - user.pass_crypt_confirmation = pass - user.active = true - user.email_valid = true - user.save! - token.destroy - Notifier.deliver_reset_password(user, pass) - flash[:notice] = "Your password has been changed and is on its way to your mailbox :-)" + @user = token.user + + if params[:user] + @user.pass_crypt = params[:user][:pass_crypt] + @user.pass_crypt_confirmation = params[:user][:pass_crypt_confirmation] + @user.active = true + @user.email_valid = true + + if @user.save + token.destroy + flash[:notice] = t 'user.reset_password.flash changed' + redirect_to :action => 'login' + end + end else - flash[:notice] = "Didn't find that token, check the URL maybe?" + flash[:notice] = t 'user.reset_password.flash token bad' + redirect_to :action => 'lost_password' end end - - redirect_to :action => 'login' end def new - @title = 'create account' + @title = t 'user.new.title' + # The user is logged in already, so don't show them the signup page, instead # send them to the home page redirect_to :controller => 'site', :action => 'index' if session[:user] end def login - if session[:user] - # The user is logged in already, if the referer param exists, redirect them to that - if params[:referer] - redirect_to params[:referer] - else - redirect_to :controller => 'site', :action => 'index' - end - return - end - @title = 'login' - if params[:user] + if params[:user] and session[:user].nil? email_or_display_name = params[:user][:email] pass = params[:user][:password] user = User.authenticate(:username => email_or_display_name, :password => pass) if user session[:user] = user.id - if params[:referer] - redirect_to params[:referer] - else - redirect_to :controller => 'site', :action => 'index' - end - return elsif User.authenticate(:username => email_or_display_name, :password => pass, :inactive => true) - @notice = "Sorry, your account is not active yet.
Please click on the link in the account confirmation email to activate your account." + @notice = t 'user.login.account not active' + else + @notice = t 'user.login.auth failure' + end + end + + if session[:user] + # The user is logged in, if the referer param exists, redirect them to that + # unless they've also got a block on them, in which case redirect them to + # the block so they can clear it. + user = User.find(session[:user]) + block = user.blocked_on_view + if block + redirect_to block, :referrer => params[:referrer] + elsif params[:referer] + redirect_to params[:referer] else - @notice = "Sorry, couldn't log in with those details." + redirect_to :controller => 'site', :action => 'index' end + return end + + @title = t 'user.login.title' end def logout @@ -181,12 +198,17 @@ class UserController < ApplicationController @user.active = true @user.email_valid = true @user.save! + referer = token.referer token.destroy - flash[:notice] = 'Confirmed your account, thanks for signing up!' + flash[:notice] = t 'user.confirm.success' session[:user] = @user.id - redirect_to :action => 'account', :display_name => @user.display_name + unless referer.nil? + redirect_to referer + else + redirect_to :action => 'account', :display_name => @user.display_name + end else - @notice = 'Something went wrong confirming that user.' + @notice = t 'user.confirm.failure' end end end @@ -202,11 +224,11 @@ class UserController < ApplicationController @user.email_valid = true @user.save! token.destroy - flash[:notice] = 'Confirmed your email address, thanks for signing up!' + flash[:notice] = t 'user.confirm_email.success' session[:user] = @user.id redirect_to :action => 'account', :display_name => @user.display_name else - @notice = 'Something went wrong confirming that email address.' + @notice = t 'user.confirm_email.failure' end end end @@ -223,10 +245,6 @@ class UserController < ApplicationController redirect_to :controller => 'user', :action => 'view', :display_name => @user.display_name end - def api_details - render :text => @user.to_xml.to_s, :content_type => "text/xml" - end - def api_gpx_files doc = OSM::API.new.get_xml_doc @user.traces.each do |trace| @@ -241,6 +259,7 @@ class UserController < ApplicationController if @this_user @title = @this_user.display_name else + @title = t 'user.no_such_user.title' @not_found_user = params[:display_name] render :action => 'no_such_user', :status => :not_found end @@ -255,13 +274,13 @@ class UserController < ApplicationController friend.friend_user_id = new_friend.id unless @user.is_friends_with?(new_friend) if friend.save - flash[:notice] = "#{name} is now your friend." + flash[:notice] = t 'user.make_friend.success', :name => name Notifier.deliver_friend_notification(friend) else - friend.add_error("Sorry, failed to add #{name} as a friend.") + friend.add_error(t('user.make_friend.failed', :name => name)) end else - flash[:notice] = "You are already friends with #{name}." + flash[:notice] = t 'user.make_friend.already_a_friend', :name => name end redirect_to :controller => 'user', :action => 'view' @@ -274,9 +293,9 @@ class UserController < ApplicationController friend = User.find_by_display_name(name, :conditions => {:visible => true}) if @user.is_friends_with?(friend) Friend.delete_all "user_id = #{@user.id} AND friend_user_id = #{friend.id}" - flash[:notice] = "#{friend.display_name} was removed from your friends." + flash[:notice] = t 'user.remove_friend.success', :name => friend.display_name else - flash[:notice] = "#{friend.display_name} is not one of your friends." + flash[:notice] = t 'user.remove_friend.not_a_friend', :name => friend.display_name end redirect_to :controller => 'user', :action => 'view'