From 10b71ba2f66c5bd9c71ab7385da3584ae741ee6e Mon Sep 17 00:00:00 2001 From: Tom Hughes Date: Thu, 19 Feb 2009 13:47:43 +0000 Subject: [PATCH] Add an ACL system to allow key/value pairs to be attached to blocks of IP addresses, and implement an ACL restriction that allows account creation to be blocked. --- app/controllers/user_controller.rb | 27 ++++++++++++++++----------- app/models/acl.rb | 13 +++++++++++++ app/views/user/new.rhtml | 29 ++++++++++++++++++++++++++--- db/migrate/018_create_acls.rb | 22 ++++++++++++++++++++++ test/fixtures/acls.yml | 13 +++++++++++++ test/unit/acl_test.rb | 8 ++++++++ 6 files changed, 98 insertions(+), 14 deletions(-) create mode 100644 app/models/acl.rb create mode 100644 db/migrate/018_create_acls.rb create mode 100644 test/fixtures/acls.yml create mode 100644 test/unit/acl_test.rb diff --git a/app/controllers/user_controller.rb b/app/controllers/user_controller.rb index c658b2014..6a60917f2 100644 --- a/app/controllers/user_controller.rb +++ b/app/controllers/user_controller.rb @@ -11,19 +11,24 @@ class UserController < ApplicationController def save @title = 'create account' - @user = User.new(params[:user]) - @user.visible = true - @user.data_public = true - @user.description = "" if @user.description.nil? - @user.creation_ip = request.remote_ip - - if @user.save - flash[:notice] = "User was successfully created. Check your email for a confirmation note, and you\'ll be mapping in no time :-)
Please note that you won't be able to login until you've received and confirmed your email address." - Notifier.deliver_signup_confirm(@user, @user.tokens.create) - redirect_to :action => 'login' - else + if Acl.find_by_address(request.remote_ip, :conditions => {:k => "no_account_creation"}) render :action => 'new' + else + @user = User.new(params[:user]) + + @user.visible = true + @user.data_public = true + @user.description = "" if @user.description.nil? + @user.creation_ip = request.remote_ip + + if @user.save + flash[:notice] = "User was successfully created. Check your email for a confirmation note, and you\'ll be mapping in no time :-)
Please note that you won't be able to login until you've received and confirmed your email address." + Notifier.deliver_signup_confirm(@user, @user.tokens.create) + redirect_to :action => 'login' + else + render :action => 'new' + end end end diff --git a/app/models/acl.rb b/app/models/acl.rb new file mode 100644 index 000000000..5fb99b9e5 --- /dev/null +++ b/app/models/acl.rb @@ -0,0 +1,13 @@ +class Acl < ActiveRecord::Base + def self.find_by_address(address, options) + self.with_scope(:find => {:conditions => ["inet_aton(?) & netmask = address", address]}) do + return self.find(:first, options) + end + end + + def self.find_all_by_address(address, options) + self.with_scope(:find => {:conditions => ["inet_aton(?) & netmask = address", address]}) do + return self.find(:all, options) + end + end +end diff --git a/app/views/user/new.rhtml b/app/views/user/new.rhtml index 5d4687edd..d0b5a9667 100644 --- a/app/views/user/new.rhtml +++ b/app/views/user/new.rhtml @@ -1,7 +1,28 @@ -

Create a user account


-Fill in the form and we'll send you a quick email to activate your account.

+

Create a user account

-By creating an account, you agree that all work uploaded to openstreetmap.org and all data created by use of any tools which connect to openstreetmap.org is to be (non-exclusively) licensed under this Creative Commons license (by-sa).

+<% if Acl.find_by_address(request.remote_ip, :conditions => {:k => "no_account_creation"}) %> + +

Unfortunately we are not currently able to create an account for + you automatically. +

+ +

Please contact the webmaster + to arrange for an account to be created - we will try and deal with + the request as quickly as possible. +

+ +<% else %> + +

Fill in the form and we'll send you a quick email to activate your + account. +

+ +

By creating an account, you agree that all work uploaded to + openstreetmap.org and all data created by use of any tools which + connect to openstreetmap.org is to be (non-exclusively) licensed under + this Creative + Commons license (by-sa). +

<%= error_messages_for 'user' %> @@ -18,3 +39,5 @@ By creating an account, you agree that all work uploaded to openstreetmap.org an <% end %> + +<% end %> diff --git a/db/migrate/018_create_acls.rb b/db/migrate/018_create_acls.rb new file mode 100644 index 000000000..3606bd670 --- /dev/null +++ b/db/migrate/018_create_acls.rb @@ -0,0 +1,22 @@ +class CreateAcls < ActiveRecord::Migration + def self.up + create_table "acls", myisam_table do |t| + t.column "id", :integer, :null => false + t.column "address", :integer, :null => false + t.column "netmask", :integer, :null => false + t.column "k", :string, :null => false + t.column "v", :string + end + + add_primary_key "acls", ["id"] + add_index "acls", ["k"], :name => "acls_k_idx" + + change_column "acls", "id", :integer, :null => false, :options => "AUTO_INCREMENT" + change_column "acls", "address", :integer, :null => false, :unsigned => true + change_column "acls", "netmask", :integer, :null => false, :unsigned => true + end + + def self.down + drop_table "acls" + end +end diff --git a/test/fixtures/acls.yml b/test/fixtures/acls.yml new file mode 100644 index 000000000..399e08808 --- /dev/null +++ b/test/fixtures/acls.yml @@ -0,0 +1,13 @@ +# Read about fixtures at http://ar.rubyonrails.org/classes/Fixtures.html + +one: + address: 1 + netmask: 1 + k: MyText + v: MyText + +two: + address: 1 + netmask: 1 + k: MyText + v: MyText diff --git a/test/unit/acl_test.rb b/test/unit/acl_test.rb new file mode 100644 index 000000000..991e6eb84 --- /dev/null +++ b/test/unit/acl_test.rb @@ -0,0 +1,8 @@ +require File.dirname(__FILE__) + '/../test_helper' + +class AclTest < ActiveSupport::TestCase + # Replace this with your real tests. + def test_truth + assert true + end +end -- 2.39.5