From: Tom Hughes Date: Fri, 7 May 2010 09:00:24 +0000 (+0100) Subject: Redirect suspended users to an information page X-Git-Tag: live~6858^2~5 X-Git-Url: https://git.openstreetmap.org./rails.git/commitdiff_plain/9230721a1f3091ec47d5751c6b5aaead599df49f Redirect suspended users to an information page If the current session is for a logged in user and that user has been suspended then log them out and redirect them to a page explaining that their account has been suspended. --- diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index eebc9eb28..a53fb5374 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -8,7 +8,14 @@ class ApplicationController < ActionController::Base def authorize_web if session[:user] - @user = User.find(session[:user], :conditions => {:status => ["active", "confirmed"]}) + @user = User.find(session[:user], :conditions => {:status => ["active", "confirmed", "suspended"]}) + + if @user.status == "suspended" + session[:user] = nil + session_expires_automatically + + redirect_to :controller => "user", :action => "suspended" + end elsif session[:token] @user = User.authenticate(:token => session[:token]) session[:user] = @user.id diff --git a/app/views/user/suspended.html.erb b/app/views/user/suspended.html.erb new file mode 100644 index 000000000..27b8dc3f5 --- /dev/null +++ b/app/views/user/suspended.html.erb @@ -0,0 +1,5 @@ +<% @title = t "user.suspended.title" %> + +

<%= t "user.suspended.heading" %>

+ +<%= t "user.suspended.body", :webmaster => "webmaster@openstreetmap.org" %> diff --git a/config/locales/en.yml b/config/locales/en.yml index 9775416e4..fbf8e7a04 100644 --- a/config/locales/en.yml +++ b/config/locales/en.yml @@ -1655,6 +1655,19 @@ en: confirm: Confirm Selected Users hide: Hide Selected Users empty: No matching users found + suspended: + title: Account Suspended + heading: Account Suspended + body: | +

+ Sorry, your account has been automatically suspended due to + suspicious activity. +

+

+ This decision will be reviewed by an administrator shortly, or + you may contact the webmaster if + you wish to discuss this. +

user_role: filter: not_an_administrator: "Only administrators can perform user role management, and you are not an administrator." diff --git a/config/routes.rb b/config/routes.rb index b15d77e31..7e27ee19e 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -104,6 +104,7 @@ ActionController::Routing::Routes.draw do |map| map.connect '/user/go_public', :controller => 'user', :action => 'go_public' map.connect '/user/reset-password', :controller => 'user', :action => 'reset_password' map.connect '/user/forgot-password', :controller => 'user', :action => 'lost_password' + map.connect '/user/suspended', :controller => 'user', :action => 'suspended' map.connect '/index.html', :controller => 'site', :action => 'index' map.connect '/edit.html', :controller => 'site', :action => 'edit'