X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/56db9ca2b7e2475cd8025630049fb4a4b824f2d9..f0feca800d91ac1d23eb63ca17a45d8fd4d41920:/app/models/user.rb

diff --git a/app/models/user.rb b/app/models/user.rb
index 33f01c06b..20f1ba432 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -4,9 +4,9 @@ class User < ActiveRecord::Base
   has_many :traces, :conditions => { :visible => true }
   has_many :diary_entries, :order => 'created_at DESC'
   has_many :diary_comments, :order => 'created_at DESC'
-  has_many :messages, :foreign_key => :to_user_id, :conditions => { :to_user_visible => true }, :order => 'sent_on DESC'
+  has_many :messages, :foreign_key => :to_user_id, :conditions => { :to_user_visible => true }, :order => 'sent_on DESC', :include => [:sender, :recipient]
   has_many :new_messages, :class_name => "Message", :foreign_key => :to_user_id, :conditions => { :to_user_visible => true, :message_read => false }, :order => 'sent_on DESC'
-  has_many :sent_messages, :class_name => "Message", :foreign_key => :from_user_id, :conditions => { :from_user_visible => true }, :order => 'sent_on DESC'
+  has_many :sent_messages, :class_name => "Message", :foreign_key => :from_user_id, :conditions => { :from_user_visible => true }, :order => 'sent_on DESC', :include => [:sender, :recipient]
   has_many :friends, :include => :befriendee, :conditions => "users.status IN ('active', 'confirmed')"
   has_many :friend_users, :through => :friends, :source => :befriendee
   has_many :tokens, :class_name => "UserToken"
@@ -38,20 +38,17 @@ class User < ActiveRecord::Base
   validates_length_of :display_name, :within => 3..255, :allow_nil => true
   validates_email_format_of :email, :if => Proc.new { |u| u.email_changed? }
   validates_email_format_of :new_email, :allow_blank => true, :if => Proc.new { |u| u.new_email_changed? }
-  validates_format_of :display_name, :with => /^[^\/;.,?%#]*$/, :if => Proc.new { |u| u.display_name_changed? }
-  validates_format_of :display_name, :with => /^\S/, :message => "has leading whitespace", :if => Proc.new { |u| u.display_name_changed? }
-  validates_format_of :display_name, :with => /\S$/, :message => "has trailing whitespace", :if => Proc.new { |u| u.display_name_changed? }
+  validates_format_of :display_name, :with => /\A[^\/;.,?%#]*\z/, :if => Proc.new { |u| u.display_name_changed? }
+  validates_format_of :display_name, :with => /\A\S/, :message => "has leading whitespace", :if => Proc.new { |u| u.display_name_changed? }
+  validates_format_of :display_name, :with => /\S\z/, :message => "has trailing whitespace", :if => Proc.new { |u| u.display_name_changed? }
   validates_numericality_of :home_lat, :allow_nil => true
   validates_numericality_of :home_lon, :allow_nil => true
   validates_numericality_of :home_zoom, :only_integer => true, :allow_nil => true
   validates_inclusion_of :preferred_editor, :in => Editors::ALL_EDITORS, :allow_nil => true
 
-  attr_accessible :display_name, :email, :email_confirmation, :openid_url,
-                  :pass_crypt, :pass_crypt_confirmation, :consider_pd,
-                  :image_use_gravatar
-
   after_initialize :set_defaults
   before_save :encrypt_password
+  after_save :spam_check
 
   has_attached_file :image,
     :default_url => "/assets/:class/:attachment/:style.png",
@@ -69,7 +66,14 @@ class User < ActiveRecord::Base
         end
       end
 
-      user = nil if user and user.pass_crypt != OSM::encrypt_password(options[:password], user.pass_salt)
+      if user and PasswordHash.check(user.pass_crypt, user.pass_salt, options[:password])
+        if PasswordHash.upgrade?(user.pass_crypt, user.pass_salt)
+          user.pass_crypt, user.pass_salt = PasswordHash.create(options[:password])
+          user.save
+        end
+      else
+        user = nil
+      end
     elsif options[:token]
       token = UserToken.find_by_token(options[:token])
       user = token.user if token
@@ -144,14 +148,7 @@ class User < ActiveRecord::Base
   end
 
   def is_friends_with?(new_friend)
-    res = false
-    @new_friend = new_friend
-    self.friends.each do |friend|
-      if friend.friend_user_id == @new_friend.id
-        return true
-      end
-    end
-    return false
+    self.friends.where(:friend_user_id => new_friend.id).exists?
   end
 
   ##
@@ -223,6 +220,14 @@ class User < ActiveRecord::Base
     return score.to_i
   end
 
+  ##
+  # perform a spam check on a user
+  def spam_check
+    if status == "active" and spam_score > SPAM_THRESHOLD
+      update_column(:status, "suspended")
+    end
+  end
+
   ##
   # return an oauth access token for a specified application
   def access_token(application_key)
@@ -237,9 +242,10 @@ private
   end
 
   def encrypt_password
+logger.info "XXX"
     if pass_crypt_confirmation
-      self.pass_salt = OSM::make_token(8)
-      self.pass_crypt = OSM::encrypt_password(pass_crypt, pass_salt)
+logger.info "YYY"
+      self.pass_crypt, self.pass_salt = PasswordHash.create(pass_crypt)
       self.pass_crypt_confirmation = nil
     end
   end