From: Tom Hughes Date: Mon, 3 Aug 2009 23:50:47 +0000 (+0000) Subject: Merge 16743:16811 from trunk. X-Git-Tag: live~7459^2~10 X-Git-Url: https://git.openstreetmap.org./rails.git/commitdiff_plain/cbbfdf394880d29c9a6cc2259fcfd474088fa9bb?hp=-c Merge 16743:16811 from trunk. --- cbbfdf394880d29c9a6cc2259fcfd474088fa9bb diff --combined app/controllers/user_controller.rb index 1e70fe08f,c3ab012e3..6f57f4f4a --- a/app/controllers/user_controller.rb +++ b/app/controllers/user_controller.rb @@@ -8,8 -8,6 +8,8 @@@ class UserController < ApplicationContr before_filter :check_database_readable, :except => [:api_details, :api_gpx_files] before_filter :check_database_writable, :only => [:login, :new, :set_home, :account, :go_public, :make_friend, :remove_friend, :upload_image, :delete_image] before_filter :check_api_readable, :only => [:api_details, :api_gpx_files] + before_filter :require_allow_read_prefs, :only => [:api_details] + before_filter :require_allow_read_gpx, :only => [:api_gpx_files] filter_parameter_logging :password, :pass_crypt, :pass_crypt_confirmation @@@ -39,7 -37,6 +39,7 @@@ def account @title = t 'user.account.title' + @tokens = @user.oauth_tokens.find :all, :conditions => 'oauth_tokens.invalidated_at is null and oauth_tokens.authorized_at is not null' if params[:user] and params[:user][:display_name] and params[:user][:description] if params[:user][:email] != @user.email @@@ -98,9 -95,9 +98,9 @@@ if user token = user.tokens.create Notifier.deliver_lost_password(user, token) -- flash[:notice] = t 'user.lost_password.notice email on way' ++ @notice = t 'user.lost_password.notice email on way' else -- flash[:notice] = t 'user.lost_password.notice email cannot find' ++ @notice = t 'user.lost_password.notice email cannot find' end end end @@@ -108,25 -105,25 +108,28 @@@ def reset_password @title = t 'user.reset_password.title' -- if params['token'] ++ if params[:token] token = UserToken.find_by_token(params[:token]) ++ if token -- pass = OSM::make_token(8) -- user = token.user -- user.pass_crypt = pass -- user.pass_crypt_confirmation = pass -- user.active = true -- user.email_valid = true -- user.save! -- token.destroy -- Notifier.deliver_reset_password(user, pass) -- flash[:notice] = t 'user.reset_password.flash changed check mail' ++ if params[:user] ++ @user = token.user ++ @user.pass_crypt = params[:user][:pass_crypt] ++ @user.pass_crypt_confirmation = params[:user][:pass_crypt_confirmation] ++ @user.active = true ++ @user.email_valid = true ++ ++ if @user.save ++ token.destroy ++ flash[:notice] = t 'user.reset_password.flash changed' ++ redirect_to :action => 'login' ++ end ++ end else flash[:notice] = t 'user.reset_password.flash token bad' ++ redirect_to :action => 'lost_password' end end -- -- redirect_to :action => 'login' end def new diff --combined app/models/notifier.rb index ba4530e99,ba4530e99..35b521e1f --- a/app/models/notifier.rb +++ b/app/models/notifier.rb @@@ -22,13 -22,13 +22,7 @@@ class Notifier < ActionMailer::Bas subject I18n.t('notifier.lost_password.subject') body :url => url_for(:host => SERVER_URL, :controller => "user", :action => "reset_password", -- :email => user.email, :token => token.token) -- end -- -- def reset_password(user, pass) -- common_headers user -- subject I18n.t('notifier.reset_password.subject') -- body :pass => pass ++ :token => token.token) end def gpx_success(trace, possible_points) diff --combined app/models/user.rb index 5b6a97f39,9a1106972..1e5944797 --- a/app/models/user.rb +++ b/app/models/user.rb @@@ -4,16 -4,13 +4,16 @@@ class User < ActiveRecord::Bas has_many :traces, :conditions => { :visible => true } has_many :diary_entries, :order => 'created_at DESC' has_many :messages, :foreign_key => :to_user_id, :conditions => { :to_user_visible => true }, :order => 'sent_on DESC' - has_many :new_messages, :class_name => "Message", :foreign_key => :to_user_id, :conditions => { :message_read => false }, :order => 'sent_on DESC' + has_many :new_messages, :class_name => "Message", :foreign_key => :to_user_id, :conditions => { :to_user_visible => true, :message_read => false }, :order => 'sent_on DESC' has_many :sent_messages, :class_name => "Message", :foreign_key => :from_user_id, :conditions => { :from_user_visible => true }, :order => 'sent_on DESC' has_many :friends, :include => :befriendee, :conditions => ["users.visible = ?", true] has_many :tokens, :class_name => "UserToken" has_many :preferences, :class_name => "UserPreference" has_many :changesets + has_many :client_applications + has_many :oauth_tokens, :class_name => "OauthToken", :order => "authorized_at desc", :include => [:client_application] + validates_presence_of :email, :display_name validates_confirmation_of :email#, :message => ' addresses must match' validates_confirmation_of :pass_crypt#, :message => ' must match the confirmation password' diff --combined app/views/notifier/reset_password.text.html.erb index 39ea35b5e,39ea35b5e..000000000 deleted file mode 100644,100644 --- a/app/views/notifier/reset_password.text.html.erb +++ /dev/null @@@ -1,3 -1,3 +1,0 @@@ --

<%= t 'notifier.reset_password_html.greeting' %>

-- --

<%= t 'notifier.reset_password_html.reset', :new_password => @pass %>

diff --combined app/views/notifier/reset_password.text.plain.erb index aab4d137b,aab4d137b..000000000 deleted file mode 100644,100644 --- a/app/views/notifier/reset_password.text.plain.erb +++ /dev/null @@@ -1,3 -1,3 +1,0 @@@ --<%= t 'notifier.reset_password_plain.greeting' %> -- --<%= t 'notifier.reset_password_plain.reset', :new_password => @pass %> diff --combined app/views/user/reset_password.html.erb index 000000000,000000000..458a6084c new file mode 100644 --- /dev/null +++ b/app/views/user/reset_password.html.erb @@@ -1,0 -1,0 +1,14 @@@ ++

<%= t 'user.reset_password.heading' %>

++ ++<%= error_messages_for :user %> ++ ++<% form_tag do %> ++<%= hidden_field_tag(:token, params[:token]) %> ++ ++ ++ ++ ++ ++ ++
<%= t 'user.reset_password.password' %><%= password_field(:user, :pass_crypt,{:size => 30, :maxlength => 255, :tabindex => 4}) %>
<%= t 'user.reset_password.confirm password' %><%= password_field(:user, :pass_crypt_confirmation,{:size => 30, :maxlength => 255, :tabindex => 5}) %>
 
++<% end %> diff --combined config/locales/de.yml index d2effb80b,84fde2c02..514c8a4ad --- a/config/locales/de.yml +++ b/config/locales/de.yml @@@ -239,6 -239,7 +239,7 @@@ de showing_page: "Seite" of: "von" changeset: + id: "#{{id}}" still_editing: "(in Bearbeitung)" anonymous: "Anonym" no_comment: "(kein Kommentar)" @@@ -254,6 -255,15 +255,15 @@@ area: "Bereich" list: title: "Changesets" + title_user: "Changesets von {{user}}" + title_bbox: "Changesets in {{bbox}}" + title_user_bbox: "Changesets von {{user}} in {{bbox}}" + + heading: "Changesets" + heading_user: "Changesets" + heading_bbox: "Changesets" + heading_user_bbox: "Changesets" + description: "Letzte Änderungen" description_user: "Letzte Änderungen von {{user}}" description_bbox: "Letzte Änderungen in {{bbox}}" @@@ -773,21 -783,6 +783,21 @@@ scheduled_for_deletion: "Für Löschung vorgesehener Track" make_public: made_public: "veröffentlichter Track" + oauth: + client_application: + request_access: "Die Anwendung {{app_name}} möchte auf Deinen OpenStreetMap-Account zugreifen. Bitte entscheide, ob Du der Anwendung die folgenden Rechte gewähren möchtest. Du kannst alle oder einige der folgenden Rechte gewähren:" + allow_to: "Erlaube der Anwendung:" + allow_read_prefs: "Deine Benutzereinstellungen zu lesen" + allow_write_prefs: "Deine Benutzereinstellungen zu verändern" + allow_write_diary: "Blog-Einträge und Kommentare zu schreiben und Freunde einzutragen" + allow_write_api: "Die OSM-Datenbank zu ändern" + allow_read_gpx: "Deine privaten GPS-Tracks auszulesen" + allow_write_gpx: "GPS-Tracks hochzuladen" + token: + none: "Du hast bislang keinen Anwendungen Zugriff auf Deinen Account gewährt. Du musst jetzt nichts unternehmen, denn die Anwendungen werden Dich dazu auffordern, wenn es nötig ist. Zu einem späteren Zeitpunkt kannst Du in diesem Menü sehen, welche Anwendungen Zugriff erhalten haben, und kannst diese Erlaubnis hier auch widerrufen." + application: "Anwendung" + issued: "Zugriff gewährt" + revoke: "widerrufen" user: login: title: "Anmelden" diff --combined config/locales/en.yml index 8c685df65,3b049b12a..97fe3ab01 --- a/config/locales/en.yml +++ b/config/locales/en.yml @@@ -260,9 -260,9 +260,9 @@@ en title_user_bbox: "Changesets by {{user}} within {{bbox}}" heading: "Changesets" - heading_user: "Changesets by {{user}}" - heading_bbox: "Changesets within {{bbox}}" - heading_user_bbox: "Changesets by {{user}} within {{bbox}}" + heading_user: "Changesets" + heading_bbox: "Changesets" + heading_user_bbox: "Changesets" description: "Recent changes" description_user: "Changesets by {{user}}" @@@ -533,14 -533,14 +533,6 @@@ greeting: "Hi," hopefully_you: "Someone (possibly you) has asked for the password to be reset on this email address's openstreetmap.org account." click_the_link: "If this is you, please click the link below to reset your password." -- reset_password: -- subject: "[OpenStreetMap] Password reset" -- reset_password_plain: -- greeting: "Hi," -- reset: "Your password has been reset to {{new_password}}" -- reset_password_html: -- greeting: "Hi," -- reset: "Your password has been reset to {{new_password}}" message: inbox: title: "Inbox" @@@ -783,62 -783,6 +775,62 @@@ scheduled_for_deletion: "Track scheduled for deletion" make_public: made_public: "Track made public" + oauth: + client_application: + request_access: "The application {{app_name}} is requesting access to your account. Please check whether you would like the application to have the following capabilities. You may choose as many or as few as you like." + allow_to: "Allow the client application to:" + allow_read_prefs: "read your user preferences." + allow_write_prefs: "modify your user preferences." + allow_write_diary: "create diary entries, comments and make friends." + allow_write_api: "modify the map." + allow_read_gpx: "read your private GPS traces." + allow_write_gpx: "upload GPS traces." + new: + title: "Register a new application" + submit: "Register" + edit: + title: "Edit your application" + submit: "Edit" + show: + title: "OAuth details for {{app_name}}" + key: "Consumer Key:" + secret: "Consumer Secret:" + url: "Request Token URL:" + access_url: "Access Token URL:" + authorize_url: "Authorise URL:" + support_notice: "We support hmac-sha1 (recommended) as well as plain text in ssl mode." + edit: "Edit Details" + requests: "Requesting the following permissions from the user:" + allow_read_prefs: "read their user preferences." + allow_write_prefs: "modify their user preferences." + allow_write_diary: "create diary entries, comments and make friends." + allow_write_api: "modify the map." + allow_read_gpx: "read their private GPS traces." + allow_write_gpx: "upload GPS traces." + index: + title: "My OAuth Details" + my_tokens: "My Authorised Applications" + list_tokens: "The following tokens have been issued to applications in your name:" + application: "Application Name" + issued_at: "Issued At" + revoke: "Revoke!" + my_apps: "My Client Applications" + no_apps: "Do you have an application you would like to register for use with us using the {{oauth}} standard? You must register your web application before it can make OAuth requests to this service." + registered_apps: "You have the following client applications registered:" + register_new: "Register your application" + form: + name: "Name" + required: "Required" + url: "Main Application URL" + callback_url: "Callback URL" + support_url: "Support URL" + requests: "Request the following permissions from the user:" + allow_read_prefs: "read their user preferences." + allow_write_prefs: "modify their user preferences." + allow_write_diary: "create diary entries, comments and make friends." + allow_write_api: "modify the map." + allow_read_gpx: "read their private GPS traces." + allow_write_gpx: "upload GPS traces." user: login: title: "Login" @@@ -852,15 -796,15 +844,19 @@@ account not active: "Sorry, your account is not active yet.
Please click on the link in the account confirmation email to activate your account." auth failure: "Sorry, couldn't log in with those details." lost_password: -- title: "lost password" ++ title: "Lost password" heading: "Forgotten Password?" email address: "Email Address:" new password button: "Send me a new password" notice email on way: "Sorry you lost it :-( but an email is on its way so you can reset it soon." notice email cannot find: "Couldn't find that email address, sorry." reset_password: -- title: "reset password" -- flash changed check mail: "Your password has been changed and is on its way to your mailbox :-)" ++ title: "Reset password" ++ heading: "Reset Password" ++ password: "Password: " ++ confirm password: "Confirm Password: " ++ reset: "Reset Password" ++ flash changed: "Your password has been changed." flash token bad: "Didn't find that token, check the URL maybe?" new: title: "Create account" @@@ -911,7 -855,6 +907,7 @@@ nearby users: "Nearby users: " no nearby users: "There are no users who admit to mapping nearby yet." change your settings: change your settings + my_oauth_details: "View my OAuth details" friend_map: your location: Your location nearby mapper: "Nearby mapper: " diff --combined db/migrate/038_add_message_sender_index.rb index 000000000,000000000..2b9b134cd new file mode 100644 --- /dev/null +++ b/db/migrate/038_add_message_sender_index.rb @@@ -1,0 -1,0 +1,9 @@@ ++class AddMessageSenderIndex < ActiveRecord::Migration ++ def self.up ++ add_index :messages, [:from_user_id], :name=> "messages_from_user_id_idx" ++ end ++ ++ def self.down ++ drop_index :messages, :name=> "messages_from_user_id_idx" ++ end ++end diff --combined db/migrate/039_create_oauth_tables.rb index 95d690512,000000000..95d690512 mode 100644,000000..100644 --- a/db/migrate/039_create_oauth_tables.rb +++ b/db/migrate/039_create_oauth_tables.rb @@@ -1,44 -1,0 +1,44 @@@ +class CreateOauthTables < ActiveRecord::Migration + def self.up + create_table :client_applications do |t| + t.string :name + t.string :url + t.string :support_url + t.string :callback_url + t.string :key, :limit => 50 + t.string :secret, :limit => 50 + t.integer :user_id + + t.timestamps + end + add_index :client_applications, :key, :unique => true + + create_table :oauth_tokens do |t| + t.integer :user_id + t.string :type, :limit => 20 + t.integer :client_application_id + t.string :token, :limit => 50 + t.string :secret, :limit => 50 + t.timestamp :authorized_at, :invalidated_at + t.timestamps + end + + add_index :oauth_tokens, :token, :unique => true + + create_table :oauth_nonces do |t| + t.string :nonce + t.integer :timestamp + + t.timestamps + end + add_index :oauth_nonces, [:nonce, :timestamp], :unique => true + + end + + def self.down + drop_table :client_applications + drop_table :oauth_tokens + drop_table :oauth_nonces + end + +end diff --combined db/migrate/040_add_fine_o_auth_permissions.rb index ad4c7a8a4,000000000..ad4c7a8a4 mode 100644,000000..100644 --- a/db/migrate/040_add_fine_o_auth_permissions.rb +++ b/db/migrate/040_add_fine_o_auth_permissions.rb @@@ -1,23 -1,0 +1,23 @@@ +class AddFineOAuthPermissions < ActiveRecord::Migration + PERMISSIONS = [:allow_read_prefs, :allow_write_prefs, :allow_write_diary, + :allow_write_api, :allow_read_gpx, :allow_write_gpx ] + + def self.up + PERMISSIONS.each do |perm| + # add fine-grained permissions columns for OAuth tokens, allowing people to + # give permissions to parts of the site only. + add_column :oauth_tokens, perm, :boolean, :null => false, :default => false + + # add fine-grained permissions columns for client applications, allowing the + # client applications to request particular privileges. + add_column :client_applications, perm, :boolean, :null => false, :default => false + end + end + + def self.down + PERMISSIONS.each do |perm| + remove_column :oauth_tokens, perm + remove_column :client_applications, perm + end + end +end diff --combined db/migrate/041_add_foreign_keys_to_oauth_tables.rb index 09de54349,000000000..09de54349 mode 100644,000000..100644 --- a/db/migrate/041_add_foreign_keys_to_oauth_tables.rb +++ b/db/migrate/041_add_foreign_keys_to_oauth_tables.rb @@@ -1,15 -1,0 +1,15 @@@ +require 'lib/migrate' + +class AddForeignKeysToOauthTables < ActiveRecord::Migration + def self.up + add_foreign_key :oauth_tokens, [:user_id], :users, [:id] + add_foreign_key :oauth_tokens, [:client_application_id], :client_applications, [:id] + add_foreign_key :client_applications, [:user_id], :users, [:id] + end + + def self.down + remove_foreign_key :oauth_tokens, [:user_id], :users + remove_foreign_key :oauth_tokens, [:client_application_id], :client_applications + remove_foreign_key :client_applications, [:user_id], :users + end +end