X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/8b12abd5bb1b96567ab882a3aca0780d0e4af67a..85e99d3127e5febcf4698c9d2576f653775af787:/app/controllers/user_controller.rb diff --git a/app/controllers/user_controller.rb b/app/controllers/user_controller.rb index 631c91035..283e11936 100644 --- a/app/controllers/user_controller.rb +++ b/app/controllers/user_controller.rb @@ -1,6 +1,7 @@ class UserController < ApplicationController - layout 'site', :except => :api_details + layout :choose_layout + before_filter :disable_terms_redirect, :only => [:terms, :save, :logout, :api_details] before_filter :authorize, :only => [:api_details, :api_gpx_files] before_filter :authorize_web, :except => [:api_details, :api_gpx_files] before_filter :set_locale, :except => [:api_details, :api_gpx_files] @@ -53,9 +54,21 @@ class UserController < ApplicationController if Acl.find_by_address(request.remote_ip, :conditions => {:k => "no_account_creation"}) render :action => 'new' elsif params[:decline] - @user.terms_seen = true - @user.save - redirect_to t('user.terms.declined') + if @user + @user.terms_seen = true + + if @user.save + flash[:notice] = t 'user.new.terms declined', :url => t('user.new.terms declined url') + end + + if params[:referer] + redirect_to params[:referer] + else + redirect_to :action => :account, :display_name => @user.display_name + end + else + redirect_to t('user.terms.declined') + end elsif @user if !@user.terms_agreed? @user.consider_pd = params[:user][:consider_pd] @@ -66,7 +79,11 @@ class UserController < ApplicationController end end - redirect_to :action => :account, :display_name => @user.display_name + if params[:referer] + redirect_to params[:referer] + else + redirect_to :action => :account, :display_name => @user.display_name + end else @user = User.new(params[:user]) @@ -82,9 +99,9 @@ class UserController < ApplicationController flash[:notice] = t 'user.new.flash create success message', :email => @user.email Notifier.deliver_signup_confirm(@user, @user.tokens.create(:referer => params[:referer])) session[:token] = @user.tokens.create.token - redirect_to :action => 'login' + redirect_to :action => 'login', :referer => params[:referer] else - render :action => 'new' + render :action => 'new', :referer => params[:referer] end end end @@ -218,19 +235,20 @@ class UserController < ApplicationController session[:user] = user.id session_expires_after 1.month if params[:remember_me] - # if the user hasn't seen the contributor terms then redirect them - # to that page. + target = params[:referer] || url_for(:controller => :site, :action => :index) + + # The user is logged in, so decide where to send them: + # + # - If they haven't seen the contributor terms, send them there. + # - If they have a block on them, show them that. + # - If they were referred to the login, send them back there. + # - Otherwise, send them to the home page. if REQUIRE_TERMS_SEEN and not user.terms_seen - redirect_to :controller => 'user', :action => 'terms', :referer => params[:referer] - # The user is logged in, if the referer param exists, redirect - # them to that unless they've also got a block on them, in - # which case redirect them to the block so they can clear it. + redirect_to :controller => :user, :action => :terms, :referer => target elsif user.blocked_on_view - redirect_to user.blocked_on_view, :referer => params[:referer] - elsif params[:referer] - redirect_to params[:referer] + redirect_to user.blocked_on_view, :referer => target else - redirect_to :controller => 'site', :action => 'index' + redirect_to target end elsif user = User.authenticate(:username => email_or_display_name, :password => pass, :pending => true) flash.now[:error] = t 'user.login.account not active', :reconfirm => url_for(:action => 'confirm_resend', :display_name => user.display_name) @@ -254,9 +272,9 @@ class UserController < ApplicationController if token token.destroy end - session[:token] = nil + session.delete(:token) end - session[:user] = nil + session.delete(:user) session_expires_automatically if params[:referer] redirect_to params[:referer] @@ -482,4 +500,28 @@ private rescue ActiveRecord::RecordNotFound redirect_to :controller => 'user', :action => 'view', :display_name => params[:display_name] unless @this_user end + + ## + # Choose the layout to use. See + # https://rails.lighthouseapp.com/projects/8994/tickets/5371-layout-with-onlyexcept-options-makes-other-actions-render-without-layouts + def choose_layout + oauth_url = url_for(:controller => :oauth, :action => :oauthorize, :only_path => true) + + if [ 'api_details' ].include? action_name + nil + elsif params[:referer] and URI.parse(params[:referer]).path == oauth_url + 'slim' + else + 'site' + end + end + + ## + # + def disable_terms_redirect + # this is necessary otherwise going to the user terms page, when + # having not agreed already would cause an infinite redirect loop. + # it's .now so that this doesn't propagate to other pages. + flash.now[:skip_terms] = true + end end