Mercurial > hg > soundsoftware-site
comparison app/controllers/account_controller.rb @ 1464:261b3d9a4903 redmine-2.4
Update to Redmine 2.4 branch rev 12663
| author | Chris Cannam |
|---|---|
| date | Tue, 14 Jan 2014 14:37:42 +0000 |
| parents | 433d4f72a19b |
| children | 51364c0cd58f e248c7af89ec |
comparison
equal
deleted
inserted
replaced
| 1296:038ba2d95de8 | 1464:261b3d9a4903 |
|---|---|
| 1 # Redmine - project management software | 1 # Redmine - project management software |
| 2 # Copyright (C) 2006-2012 Jean-Philippe Lang | 2 # Copyright (C) 2006-2013 Jean-Philippe Lang |
| 3 # | 3 # |
| 4 # This program is free software; you can redistribute it and/or | 4 # This program is free software; you can redistribute it and/or |
| 5 # modify it under the terms of the GNU General Public License | 5 # modify it under the terms of the GNU General Public License |
| 6 # as published by the Free Software Foundation; either version 2 | 6 # as published by the Free Software Foundation; either version 2 |
| 7 # of the License, or (at your option) any later version. | 7 # of the License, or (at your option) any later version. |
| 18 class AccountController < ApplicationController | 18 class AccountController < ApplicationController |
| 19 helper :custom_fields | 19 helper :custom_fields |
| 20 include CustomFieldsHelper | 20 include CustomFieldsHelper |
| 21 | 21 |
| 22 # prevents login action to be filtered by check_if_login_required application scope filter | 22 # prevents login action to be filtered by check_if_login_required application scope filter |
| 23 skip_before_filter :check_if_login_required | 23 skip_before_filter :check_if_login_required, :check_password_change |
| 24 | |
| 25 # Overrides ApplicationController#verify_authenticity_token to disable | |
| 26 # token verification on openid callbacks | |
| 27 def verify_authenticity_token | |
| 28 unless using_open_id? | |
| 29 super | |
| 30 end | |
| 31 end | |
| 24 | 32 |
| 25 # Login request and validation | 33 # Login request and validation |
| 26 def login | 34 def login |
| 27 if request.get? | 35 if request.get? |
| 28 logout_user | 36 if User.current.logged? |
| 37 redirect_to home_url | |
| 38 end | |
| 29 else | 39 else |
| 30 authenticate_user | 40 authenticate_user |
| 31 end | 41 end |
| 32 rescue AuthSourceException => e | 42 rescue AuthSourceException => e |
| 33 logger.error "An error occured when authenticating #{params[:username]}: #{e.message}" | 43 logger.error "An error occured when authenticating #{params[:username]}: #{e.message}" |
| 34 render_error :message => e.message | 44 render_error :message => e.message |
| 35 end | 45 end |
| 36 | 46 |
| 37 # Log out current user and redirect to welcome page | 47 # Log out current user and redirect to welcome page |
| 38 def logout | 48 def logout |
| 39 logout_user | 49 if User.current.anonymous? |
| 40 redirect_to home_url | 50 redirect_to home_url |
| 51 elsif request.post? | |
| 52 logout_user | |
| 53 redirect_to home_url | |
| 54 end | |
| 55 # display the logout form | |
| 41 end | 56 end |
| 42 | 57 |
| 43 # Lets user choose a new password | 58 # Lets user choose a new password |
| 44 def lost_password | 59 def lost_password |
| 45 redirect_to(home_url) && return unless Setting.lost_password? | 60 (redirect_to(home_url); return) unless Setting.lost_password? |
| 46 if params[:token] | 61 if params[:token] |
| 47 @token = Token.find_by_action_and_value("recovery", params[:token].to_s) | 62 @token = Token.find_token("recovery", params[:token].to_s) |
| 48 if @token.nil? || @token.expired? | 63 if @token.nil? || @token.expired? |
| 49 redirect_to home_url | 64 redirect_to home_url |
| 50 return | 65 return |
| 51 end | 66 end |
| 52 @user = @token.user | 67 @user = @token.user |
| 66 render :template => "account/password_recovery" | 81 render :template => "account/password_recovery" |
| 67 return | 82 return |
| 68 else | 83 else |
| 69 if request.post? | 84 if request.post? |
| 70 user = User.find_by_mail(params[:mail].to_s) | 85 user = User.find_by_mail(params[:mail].to_s) |
| 71 # user not found or not active | 86 # user not found |
| 72 unless user && user.active? | 87 unless user |
| 73 flash.now[:error] = l(:notice_account_unknown_email) | 88 flash.now[:error] = l(:notice_account_unknown_email) |
| 89 return | |
| 90 end | |
| 91 unless user.active? | |
| 92 handle_inactive_user(user, lost_password_path) | |
| 74 return | 93 return |
| 75 end | 94 end |
| 76 # user cannot change its password | 95 # user cannot change its password |
| 77 unless user.change_password_allowed? | 96 unless user.change_password_allowed? |
| 78 flash.now[:error] = l(:notice_can_t_change_password) | 97 flash.now[:error] = l(:notice_can_t_change_password) |
| 90 end | 109 end |
| 91 end | 110 end |
| 92 | 111 |
| 93 # User self-registration | 112 # User self-registration |
| 94 def register | 113 def register |
| 95 redirect_to(home_url) && return unless Setting.self_registration? || session[:auth_source_registration] | 114 (redirect_to(home_url); return) unless Setting.self_registration? || session[:auth_source_registration] |
| 96 if request.get? | 115 if request.get? |
| 97 session[:auth_source_registration] = nil | 116 session[:auth_source_registration] = nil |
| 98 @user = User.new(:language => Setting.default_language) | 117 @user = User.new(:language => current_language.to_s) |
| 99 else | 118 else |
| 100 user_params = params[:user] || {} | 119 user_params = params[:user] || {} |
| 101 @user = User.new | 120 @user = User.new |
| 102 @user.safe_attributes = user_params | 121 @user.safe_attributes = user_params |
| 103 @user.admin = false | 122 @user.admin = false |
| 108 @user.auth_source_id = session[:auth_source_registration][:auth_source_id] | 127 @user.auth_source_id = session[:auth_source_registration][:auth_source_id] |
| 109 if @user.save | 128 if @user.save |
| 110 session[:auth_source_registration] = nil | 129 session[:auth_source_registration] = nil |
| 111 self.logged_user = @user | 130 self.logged_user = @user |
| 112 flash[:notice] = l(:notice_account_activated) | 131 flash[:notice] = l(:notice_account_activated) |
| 113 redirect_to :controller => 'my', :action => 'account' | 132 redirect_to my_account_path |
| 114 end | 133 end |
| 115 else | 134 else |
| 116 @user.login = params[:user][:login] | 135 @user.login = params[:user][:login] |
| 117 unless user_params[:identity_url].present? && user_params[:password].blank? && user_params[:password_confirmation].blank? | 136 unless user_params[:identity_url].present? && user_params[:password].blank? && user_params[:password_confirmation].blank? |
| 118 @user.password, @user.password_confirmation = user_params[:password], user_params[:password_confirmation] | 137 @user.password, @user.password_confirmation = user_params[:password], user_params[:password_confirmation] |
| 130 end | 149 end |
| 131 end | 150 end |
| 132 | 151 |
| 133 # Token based account activation | 152 # Token based account activation |
| 134 def activate | 153 def activate |
| 135 redirect_to(home_url) && return unless Setting.self_registration? && params[:token] | 154 (redirect_to(home_url); return) unless Setting.self_registration? && params[:token].present? |
| 136 token = Token.find_by_action_and_value('register', params[:token]) | 155 token = Token.find_token('register', params[:token].to_s) |
| 137 redirect_to(home_url) && return unless token and !token.expired? | 156 (redirect_to(home_url); return) unless token and !token.expired? |
| 138 user = token.user | 157 user = token.user |
| 139 redirect_to(home_url) && return unless user.registered? | 158 (redirect_to(home_url); return) unless user.registered? |
| 140 user.activate | 159 user.activate |
| 141 if user.save | 160 if user.save |
| 142 token.destroy | 161 token.destroy |
| 143 flash[:notice] = l(:notice_account_activated) | 162 flash[:notice] = l(:notice_account_activated) |
| 144 end | 163 end |
| 145 redirect_to signin_path | 164 redirect_to signin_path |
| 146 end | 165 end |
| 147 | 166 |
| 167 # Sends a new account activation email | |
| 168 def activation_email | |
| 169 if session[:registered_user_id] && Setting.self_registration == '1' | |
| 170 user_id = session.delete(:registered_user_id).to_i | |
| 171 user = User.find_by_id(user_id) | |
| 172 if user && user.registered? | |
| 173 register_by_email_activation(user) | |
| 174 return | |
| 175 end | |
| 176 end | |
| 177 redirect_to(home_url) | |
| 178 end | |
| 179 | |
| 148 private | 180 private |
| 149 | 181 |
| 150 def authenticate_user | 182 def authenticate_user |
| 151 if Setting.openid? && using_open_id? | 183 if Setting.openid? && using_open_id? |
| 152 open_id_authenticate(params[:openid_url]) | 184 open_id_authenticate(params[:openid_url]) |
| 154 password_authentication | 186 password_authentication |
| 155 end | 187 end |
| 156 end | 188 end |
| 157 | 189 |
| 158 def password_authentication | 190 def password_authentication |
| 159 user = User.try_to_login(params[:username], params[:password]) | 191 user = User.try_to_login(params[:username], params[:password], false) |
| 160 | 192 |
| 161 if user.nil? | 193 if user.nil? |
| 162 invalid_credentials | 194 invalid_credentials |
| 163 elsif user.new_record? | 195 elsif user.new_record? |
| 164 onthefly_creation_failed(user, {:login => user.login, :auth_source_id => user.auth_source_id }) | 196 onthefly_creation_failed(user, {:login => user.login, :auth_source_id => user.auth_source_id }) |
| 165 else | 197 else |
| 166 # Valid user | 198 # Valid user |
| 167 successful_authentication(user) | 199 if user.active? |
| 200 successful_authentication(user) | |
| 201 else | |
| 202 handle_inactive_user(user) | |
| 203 end | |
| 168 end | 204 end |
| 169 end | 205 end |
| 170 | 206 |
| 171 def open_id_authenticate(openid_url) | 207 def open_id_authenticate(openid_url) |
| 172 authenticate_with_open_id(openid_url, :required => [:nickname, :fullname, :email], :return_to => signin_url, :method => :post) do |result, identity_url, registration| | 208 back_url = signin_url(:autologin => params[:autologin]) |
| 209 authenticate_with_open_id( | |
| 210 openid_url, :required => [:nickname, :fullname, :email], | |
| 211 :return_to => back_url, :method => :post | |
| 212 ) do |result, identity_url, registration| | |
| 173 if result.successful? | 213 if result.successful? |
| 174 user = User.find_or_initialize_by_identity_url(identity_url) | 214 user = User.find_or_initialize_by_identity_url(identity_url) |
| 175 if user.new_record? | 215 if user.new_record? |
| 176 # Self-registration off | 216 # Self-registration off |
| 177 redirect_to(home_url) && return unless Setting.self_registration? | 217 (redirect_to(home_url); return) unless Setting.self_registration? |
| 178 | |
| 179 # Create on the fly | 218 # Create on the fly |
| 180 user.login = registration['nickname'] unless registration['nickname'].nil? | 219 user.login = registration['nickname'] unless registration['nickname'].nil? |
| 181 user.mail = registration['email'] unless registration['email'].nil? | 220 user.mail = registration['email'] unless registration['email'].nil? |
| 182 user.firstname, user.lastname = registration['fullname'].split(' ') unless registration['fullname'].nil? | 221 user.firstname, user.lastname = registration['fullname'].split(' ') unless registration['fullname'].nil? |
| 183 user.random_password | 222 user.random_password |
| 184 user.register | 223 user.register |
| 185 | |
| 186 case Setting.self_registration | 224 case Setting.self_registration |
| 187 when '1' | 225 when '1' |
| 188 register_by_email_activation(user) do | 226 register_by_email_activation(user) do |
| 189 onthefly_creation_failed(user) | 227 onthefly_creation_failed(user) |
| 190 end | 228 end |
| 200 else | 238 else |
| 201 # Existing record | 239 # Existing record |
| 202 if user.active? | 240 if user.active? |
| 203 successful_authentication(user) | 241 successful_authentication(user) |
| 204 else | 242 else |
| 205 account_pending | 243 handle_inactive_user(user) |
| 206 end | 244 end |
| 207 end | 245 end |
| 208 end | 246 end |
| 209 end | 247 end |
| 210 end | 248 end |
| 216 # generate a key and set cookie if autologin | 254 # generate a key and set cookie if autologin |
| 217 if params[:autologin] && Setting.autologin? | 255 if params[:autologin] && Setting.autologin? |
| 218 set_autologin_cookie(user) | 256 set_autologin_cookie(user) |
| 219 end | 257 end |
| 220 call_hook(:controller_account_success_authentication_after, {:user => user }) | 258 call_hook(:controller_account_success_authentication_after, {:user => user }) |
| 221 redirect_back_or_default :controller => 'my', :action => 'page' | 259 redirect_back_or_default my_page_path |
| 222 end | 260 end |
| 223 | 261 |
| 224 def set_autologin_cookie(user) | 262 def set_autologin_cookie(user) |
| 225 token = Token.create(:user => user, :action => 'autologin') | 263 token = Token.create(:user => user, :action => 'autologin') |
| 226 cookie_name = Redmine::Configuration['autologin_cookie_name'] || 'autologin' | |
| 227 cookie_options = { | 264 cookie_options = { |
| 228 :value => token.value, | 265 :value => token.value, |
| 229 :expires => 1.year.from_now, | 266 :expires => 1.year.from_now, |
| 230 :path => (Redmine::Configuration['autologin_cookie_path'] || '/'), | 267 :path => (Redmine::Configuration['autologin_cookie_path'] || '/'), |
| 231 :secure => (Redmine::Configuration['autologin_cookie_secure'] ? true : false), | 268 :secure => (Redmine::Configuration['autologin_cookie_secure'] ? true : false), |
| 232 :httponly => true | 269 :httponly => true |
| 233 } | 270 } |
| 234 cookies[cookie_name] = cookie_options | 271 cookies[autologin_cookie_name] = cookie_options |
| 235 end | 272 end |
| 236 | 273 |
| 237 # Onthefly creation failed, display the registration form to fill/fix attributes | 274 # Onthefly creation failed, display the registration form to fill/fix attributes |
| 238 def onthefly_creation_failed(user, auth_source_options = { }) | 275 def onthefly_creation_failed(user, auth_source_options = { }) |
| 239 @user = user | 276 @user = user |
| 251 # Pass a block for behavior when a user fails to save | 288 # Pass a block for behavior when a user fails to save |
| 252 def register_by_email_activation(user, &block) | 289 def register_by_email_activation(user, &block) |
| 253 token = Token.new(:user => user, :action => "register") | 290 token = Token.new(:user => user, :action => "register") |
| 254 if user.save and token.save | 291 if user.save and token.save |
| 255 Mailer.register(token).deliver | 292 Mailer.register(token).deliver |
| 256 flash[:notice] = l(:notice_account_register_done) | 293 flash[:notice] = l(:notice_account_register_done, :email => user.mail) |
| 257 redirect_to signin_path | 294 redirect_to signin_path |
| 258 else | 295 else |
| 259 yield if block_given? | 296 yield if block_given? |
| 260 end | 297 end |
| 261 end | 298 end |
| 268 user.activate | 305 user.activate |
| 269 user.last_login_on = Time.now | 306 user.last_login_on = Time.now |
| 270 if user.save | 307 if user.save |
| 271 self.logged_user = user | 308 self.logged_user = user |
| 272 flash[:notice] = l(:notice_account_activated) | 309 flash[:notice] = l(:notice_account_activated) |
| 273 redirect_to :controller => 'my', :action => 'account' | 310 redirect_to my_account_path |
| 274 else | 311 else |
| 275 yield if block_given? | 312 yield if block_given? |
| 276 end | 313 end |
| 277 end | 314 end |
| 278 | 315 |
| 281 # Pass a block for behavior when a user fails to save | 318 # Pass a block for behavior when a user fails to save |
| 282 def register_manually_by_administrator(user, &block) | 319 def register_manually_by_administrator(user, &block) |
| 283 if user.save | 320 if user.save |
| 284 # Sends an email to the administrators | 321 # Sends an email to the administrators |
| 285 Mailer.account_activation_request(user).deliver | 322 Mailer.account_activation_request(user).deliver |
| 286 account_pending | 323 account_pending(user) |
| 287 else | 324 else |
| 288 yield if block_given? | 325 yield if block_given? |
| 289 end | 326 end |
| 290 end | 327 end |
| 291 | 328 |
| 292 def account_pending | 329 def handle_inactive_user(user, redirect_path=signin_path) |
| 293 flash[:notice] = l(:notice_account_pending) | 330 if user.registered? |
| 294 redirect_to signin_path | 331 account_pending(user, redirect_path) |
| 332 else | |
| 333 account_locked(user, redirect_path) | |
| 334 end | |
| 335 end | |
| 336 | |
| 337 def account_pending(user, redirect_path=signin_path) | |
| 338 if Setting.self_registration == '1' | |
| 339 flash[:error] = l(:notice_account_not_activated_yet, :url => activation_email_path) | |
| 340 session[:registered_user_id] = user.id | |
| 341 else | |
| 342 flash[:error] = l(:notice_account_pending) | |
| 343 end | |
| 344 redirect_to redirect_path | |
| 345 end | |
| 346 | |
| 347 def account_locked(user, redirect_path=signin_path) | |
| 348 flash[:error] = l(:notice_account_locked) | |
| 349 redirect_to redirect_path | |
| 295 end | 350 end |
| 296 end | 351 end |