X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/05e212027339733cf39aa9b7536c3f5f69ba0962..8a7040e:/app/controllers/user_controller.rb?ds=sidebyside diff --git a/app/controllers/user_controller.rb b/app/controllers/user_controller.rb index 1e70fe08f..93cc3a6a5 100644 --- a/app/controllers/user_controller.rb +++ b/app/controllers/user_controller.rb @@ -1,5 +1,5 @@ class UserController < ApplicationController - layout 'site' + layout 'site', :except => :api_details before_filter :authorize, :only => [:api_details, :api_gpx_files] before_filter :authorize_web, :except => [:api_details, :api_gpx_files] @@ -29,7 +29,7 @@ class UserController < ApplicationController if @user.save flash[:notice] = t 'user.new.flash create success message' - Notifier.deliver_signup_confirm(@user, @user.tokens.create) + Notifier.deliver_signup_confirm(@user, @user.tokens.create(:referer => params[:referer])) redirect_to :action => 'login' else render :action => 'new' @@ -98,9 +98,9 @@ class UserController < ApplicationController if user token = user.tokens.create Notifier.deliver_lost_password(user, token) - flash[:notice] = t 'user.lost_password.notice email on way' + @notice = t 'user.lost_password.notice email on way' else - flash[:notice] = t 'user.lost_password.notice email cannot find' + @notice = t 'user.lost_password.notice email cannot find' end end end @@ -108,25 +108,29 @@ class UserController < ApplicationController def reset_password @title = t 'user.reset_password.title' - if params['token'] + if params[:token] token = UserToken.find_by_token(params[:token]) + if token - pass = OSM::make_token(8) - user = token.user - user.pass_crypt = pass - user.pass_crypt_confirmation = pass - user.active = true - user.email_valid = true - user.save! - token.destroy - Notifier.deliver_reset_password(user, pass) - flash[:notice] = t 'user.reset_password.flash changed check mail' + @user = token.user + + if params[:user] + @user.pass_crypt = params[:user][:pass_crypt] + @user.pass_crypt_confirmation = params[:user][:pass_crypt_confirmation] + @user.active = true + @user.email_valid = true + + if @user.save + token.destroy + flash[:notice] = t 'user.reset_password.flash changed' + redirect_to :action => 'login' + end + end else flash[:notice] = t 'user.reset_password.flash token bad' + redirect_to :action => 'lost_password' end end - - redirect_to :action => 'login' end def new @@ -138,36 +142,36 @@ class UserController < ApplicationController end def login - if session[:user] - # The user is logged in already, if the referer param exists, redirect them to that - if params[:referer] - redirect_to params[:referer] - else - redirect_to :controller => 'site', :action => 'index' - end - return - end - - @title = t 'user.login.title' - - if params[:user] + if params[:user] and session[:user].nil? email_or_display_name = params[:user][:email] pass = params[:user][:password] user = User.authenticate(:username => email_or_display_name, :password => pass) if user session[:user] = user.id - if params[:referer] - redirect_to params[:referer] - else - redirect_to :controller => 'site', :action => 'index' - end - return elsif User.authenticate(:username => email_or_display_name, :password => pass, :inactive => true) @notice = t 'user.login.account not active' else @notice = t 'user.login.auth failure' end end + + if session[:user] + # The user is logged in, if the referer param exists, redirect them to that + # unless they've also got a block on them, in which case redirect them to + # the block so they can clear it. + user = User.find(session[:user]) + block = user.blocked_on_view + if block + redirect_to block, :referrer => params[:referrer] + elsif params[:referer] + redirect_to params[:referer] + else + redirect_to :controller => 'site', :action => 'index' + end + return + end + + @title = t 'user.login.title' end def logout @@ -194,10 +198,15 @@ class UserController < ApplicationController @user.active = true @user.email_valid = true @user.save! + referer = token.referer token.destroy flash[:notice] = t 'user.confirm.success' session[:user] = @user.id - redirect_to :action => 'account', :display_name => @user.display_name + unless referer.nil? + redirect_to referer + else + redirect_to :action => 'account', :display_name => @user.display_name + end else @notice = t 'user.confirm.failure' end @@ -236,10 +245,6 @@ class UserController < ApplicationController redirect_to :controller => 'user', :action => 'view', :display_name => @user.display_name end - def api_details - render :text => @user.to_xml.to_s, :content_type => "text/xml" - end - def api_gpx_files doc = OSM::API.new.get_xml_doc @user.traces.each do |trace|