X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/2ccbc55236d81d790643265f082475b691a5e6b4..97769170fde23c0bd113cff47cbd2977c727d180:/app/controllers/user_controller.rb?ds=sidebyside diff --git a/app/controllers/user_controller.rb b/app/controllers/user_controller.rb index c658b2014..eb1471b00 100644 --- a/app/controllers/user_controller.rb +++ b/app/controllers/user_controller.rb @@ -4,26 +4,32 @@ class UserController < ApplicationController before_filter :authorize, :only => [:api_details, :api_gpx_files] before_filter :authorize_web, :except => [:api_details, :api_gpx_files] before_filter :require_user, :only => [:set_home, :account, :go_public, :make_friend, :remove_friend, :upload_image, :delete_image] - before_filter :check_database_availability, :except => [:api_details, :api_gpx_files] - before_filter :check_read_availability, :only => [:api_details, :api_gpx_files] + before_filter :check_database_readable, :except => [:api_details, :api_gpx_files] + before_filter :check_database_writable, :only => [:login, :new, :set_home, :account, :go_public, :make_friend, :remove_friend, :upload_image, :delete_image] + before_filter :check_api_readable, :only => [:api_details, :api_gpx_files] filter_parameter_logging :password, :pass_crypt, :pass_crypt_confirmation def save @title = 'create account' - @user = User.new(params[:user]) - @user.visible = true - @user.data_public = true - @user.description = "" if @user.description.nil? - @user.creation_ip = request.remote_ip - - if @user.save - flash[:notice] = "User was successfully created. Check your email for a confirmation note, and you\'ll be mapping in no time :-)
Please note that you won't be able to login until you've received and confirmed your email address." - Notifier.deliver_signup_confirm(@user, @user.tokens.create) - redirect_to :action => 'login' - else + if Acl.find_by_address(request.remote_ip, :conditions => {:k => "no_account_creation"}) render :action => 'new' + else + @user = User.new(params[:user]) + + @user.visible = true + @user.data_public = true + @user.description = "" if @user.description.nil? + @user.creation_ip = request.remote_ip + + if @user.save + flash[:notice] = "User was successfully created. Check your email for a confirmation note, and you\'ll be mapping in no time :-)

Please note that you won't be able to login until you've received and confirmed your email address.

If you use an antispam system which sends confirmation requests then please make sure you whitelist webmaster@openstreetmap.org as we are unable to reply to any confirmation requests." + Notifier.deliver_signup_confirm(@user, @user.tokens.create) + redirect_to :action => 'login' + else + render :action => 'new' + end end end @@ -77,7 +83,7 @@ class UserController < ApplicationController def lost_password @title = 'lost password' if params[:user] and params[:user][:email] - user = User.find_by_email(params[:user][:email], :conditions => "visible = 1") + user = User.find_by_email(params[:user][:email], :conditions => {:visible => true}) if user token = user.tokens.create @@ -114,9 +120,21 @@ class UserController < ApplicationController def new @title = 'create account' + # The user is logged in already, so don't show them the signup page, instead + # send them to the home page + redirect_to :controller => 'site', :action => 'index' if session[:user] end def login + if session[:user] + # The user is logged in already, if the referer param exists, redirect them to that + if params[:referer] + redirect_to params[:referer] + else + redirect_to :controller => 'site', :action => 'index' + end + return + end @title = 'login' if params[:user] email_or_display_name = params[:user][:email] @@ -217,7 +235,7 @@ class UserController < ApplicationController end def view - @this_user = User.find_by_display_name(params[:display_name], :conditions => "visible = 1") + @this_user = User.find_by_display_name(params[:display_name], :conditions => {:visible => true}) if @this_user @title = @this_user.display_name @@ -230,7 +248,7 @@ class UserController < ApplicationController def make_friend if params[:display_name] name = params[:display_name] - new_friend = User.find_by_display_name(name, :conditions => "visible = 1") + new_friend = User.find_by_display_name(name, :conditions => {:visible => true}) friend = Friend.new friend.user_id = @user.id friend.friend_user_id = new_friend.id @@ -252,7 +270,7 @@ class UserController < ApplicationController def remove_friend if params[:display_name] name = params[:display_name] - friend = User.find_by_display_name(name, :conditions => "visible = 1") + friend = User.find_by_display_name(name, :conditions => {:visible => true}) if @user.is_friends_with?(friend) Friend.delete_all "user_id = #{@user.id} AND friend_user_id = #{friend.id}" flash[:notice] = "#{friend.display_name} was removed from your friends."