##// END OF EJS Templates
jro_apps » redmine
RSS
Merged IssuesController change_status and add_note actions....
Merged IssuesController change_status and add_note actions. The 'Change status' specific form removed and now accessible from issue/show view with no additional request (click on 'Update' to show the form). The 'Change issue status' permission is removed. To change the status, the user just needs to have either 'Edit' or 'Add note' permissions and some workflow transitions allowed. git-svn-id: http://redmine.rubyforge.org/svn/trunk@1043 e93f8b46-1217-0410-a6f0-8f06a7374b81
Jean-Philippe Lang - - Load All Authors

File last commit:

r1023:860ff9345fdd
r1030:976a31e941e6
Show More
account_controller.rb
175 lines | 6.5 KiB | text/x-ruby | RubyLexer
/ app / controllers / account_controller.rb
History | Source | Raw |Copy content |Copy permalink
Jean-Philippe Lang
added svn:eol-style native property on /app files...
 r330 # redMine - project management software
# Copyright (C) 2006-2007 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
class AccountController < ApplicationController
layout 'base'
helper :custom_fields
include CustomFieldsHelper
# prevents login action to be filtered by check_if_login_required application scope filter
Jean-Philippe Lang
There's now 3 account activation strategies (available in application settings):...
 r902 skip_before_filter :check_if_login_required, :only => [:login, :lost_password, :register, :activate]
Jean-Philippe Lang
added svn:eol-style native property on /app files...
 r330
# Show user's account
def show
Jean-Philippe Lang
Fixed: non-active users can be viewed with account/show...
 r619 @user = User.find_active(params[:id])
Jean-Philippe Lang
added svn:eol-style native property on /app files...
 r330 @custom_values = @user.custom_values.find(:all, :include => :custom_field)
Jean-Philippe Lang
Fixed confidentiality issue on account/show....
 r564
# show only public projects and private projects that the logged in user is also a member of
@memberships = @user.memberships.select do |membership|
Jean-Philippe Lang
Fixed: private projects name are displayed on account/show even if the current user doesn't have access to these private projects....
 r1023 membership.project.is_public? || (User.current.member_of?(membership.project))
Jean-Philippe Lang
Fixed confidentiality issue on account/show....
 r564 end
Jean-Philippe Lang
added svn:eol-style native property on /app files...
 r330 rescue ActiveRecord::RecordNotFound
render_404
end
# Login request and validation
def login
if request.get?
# Logout user
Jean-Philippe Lang
Merged 0.6 branch into trunk....
 r663 self.logged_user = nil
Jean-Philippe Lang
added svn:eol-style native property on /app files...
 r330 else
# Authenticate user
user = User.try_to_login(params[:login], params[:password])
if user
Jean-Philippe Lang
Merged 0.6 branch into trunk....
 r663 self.logged_user = user
Jean-Philippe Lang
Added autologin feature (disabled by default)....
 r511 # generate a key and set cookie if autologin
if params[:autologin] && Setting.autologin?
token = Token.create(:user => user, :action => 'autologin')
cookies[:autologin] = { :value => token.value, :expires => 1.year.from_now }
end
Jean-Philippe Lang
added svn:eol-style native property on /app files...
 r330 redirect_back_or_default :controller => 'my', :action => 'page'
else
Jean-Philippe Lang
Applied the flash notices patch by Matt Jones (slightly edited)....
 r597 flash.now[:error] = l(:notice_account_invalid_creditentials)
Jean-Philippe Lang
added svn:eol-style native property on /app files...
 r330 end
end
end
# Log out current user and redirect to welcome page
def logout
Jean-Philippe Lang
Added autologin feature (disabled by default)....
 r511 cookies.delete :autologin
Jean-Philippe Lang
Merged 0.6 branch into trunk....
 r663 Token.delete_all(["user_id = ? AND action = ?", User.current.id, 'autologin']) if User.current.logged?
self.logged_user = nil
Jean-Philippe Lang
Added a named route for the home page....
 r749 redirect_to home_url
Jean-Philippe Lang
added svn:eol-style native property on /app files...
 r330 end
# Enable user to choose a new password
def lost_password
Jean-Philippe Lang
Added a named route for the home page....
 r749 redirect_to(home_url) && return unless Setting.lost_password?
Jean-Philippe Lang
added svn:eol-style native property on /app files...
 r330 if params[:token]
@token = Token.find_by_action_and_value("recovery", params[:token])
Jean-Philippe Lang
Added a named route for the home page....
 r749 redirect_to(home_url) && return unless @token and !@token.expired?
Jean-Philippe Lang
added svn:eol-style native property on /app files...
 r330 @user = @token.user
if request.post?
@user.password, @user.password_confirmation = params[:new_password], params[:new_password_confirmation]
if @user.save
@token.destroy
flash[:notice] = l(:notice_account_password_updated)
redirect_to :action => 'login'
return
end
end
render :template => "account/password_recovery"
return
else
if request.post?
user = User.find_by_mail(params[:mail])
# user not found in db
Jean-Philippe Lang
Applied the flash notices patch by Matt Jones (slightly edited)....
 r597 flash.now[:error] = l(:notice_account_unknown_email) and return unless user
Jean-Philippe Lang
added svn:eol-style native property on /app files...
 r330 # user uses an external authentification
Jean-Philippe Lang
Applied the flash notices patch by Matt Jones (slightly edited)....
 r597 flash.now[:error] = l(:notice_can_t_change_password) and return if user.auth_source_id
Jean-Philippe Lang
added svn:eol-style native property on /app files...
 r330 # create a new token for password recovery
token = Token.new(:user => user, :action => "recovery")
if token.save
Mailer.deliver_lost_password(token)
flash[:notice] = l(:notice_account_lost_email_sent)
redirect_to :action => 'login'
return
end
end
end
end
# User self-registration
def register
Jean-Philippe Lang
Added a named route for the home page....
 r749 redirect_to(home_url) && return unless Setting.self_registration?
Jean-Philippe Lang
There's now 3 account activation strategies (available in application settings):...
 r902 if request.get?
@user = User.new(:language => Setting.default_language)
@custom_values = UserCustomField.find(:all).collect { |x| CustomValue.new(:custom_field => x, :customized => @user) }
Jean-Philippe Lang
added svn:eol-style native property on /app files...
 r330 else
Jean-Philippe Lang
There's now 3 account activation strategies (available in application settings):...
 r902 @user = User.new(params[:user])
@user.admin = false
@user.login = params[:user][:login]
@user.status = User::STATUS_REGISTERED
@user.password, @user.password_confirmation = params[:password], params[:password_confirmation]
Jean-Philippe Lang
Fixed: error on account/register when validation fails....
 r912 @custom_values = UserCustomField.find(:all).collect { |x| CustomValue.new(:custom_field => x,
:customized => @user,
:value => (params["custom_fields"] ? params["custom_fields"][x.id.to_s] : nil)) }
@user.custom_values = @custom_values
Jean-Philippe Lang
There's now 3 account activation strategies (available in application settings):...
 r902 case Setting.self_registration
when '1'
# Email activation
Jean-Philippe Lang
added svn:eol-style native property on /app files...
 r330 token = Token.new(:user => @user, :action => "register")
if @user.save and token.save
Mailer.deliver_register(token)
flash[:notice] = l(:notice_account_register_done)
Jean-Philippe Lang
There's now 3 account activation strategies (available in application settings):...
 r902 redirect_to :action => 'login'
end
when '3'
# Automatic activation
@user.status = User::STATUS_ACTIVE
if @user.save
flash[:notice] = l(:notice_account_activated)
redirect_to :action => 'login'
end
else
# Manual activation by the administrator
if @user.save
# Sends an email to the administrators
Mailer.deliver_account_activation_request(@user)
flash[:notice] = l(:notice_account_pending)
redirect_to :action => 'login'
Jean-Philippe Lang
added svn:eol-style native property on /app files...
 r330 end
end
end
end
Jean-Philippe Lang
Merged 0.6 branch into trunk....
 r663
Jean-Philippe Lang
There's now 3 account activation strategies (available in application settings):...
 r902 # Token based account activation
def activate
redirect_to(home_url) && return unless Setting.self_registration? && params[:token]
token = Token.find_by_action_and_value('register', params[:token])
redirect_to(home_url) && return unless token and !token.expired?
user = token.user
redirect_to(home_url) && return unless user.status == User::STATUS_REGISTERED
user.status = User::STATUS_ACTIVE
if user.save
token.destroy
flash[:notice] = l(:notice_account_activated)
end
redirect_to :action => 'login'
end
Jean-Philippe Lang
Merged 0.6 branch into trunk....
 r663 private
def logged_user=(user)
if user && user.is_a?(User)
User.current = user
session[:user_id] = user.id
else
User.current = User.anonymous
session[:user_id] = nil
end
end
Jean-Philippe Lang
Initial commit...
 r2 end