jro_apps/redmine Files · app/controllers/account_controller.rb

Do not show user profile if no visible project or activity (#4129, #3720)....

Do not show user profile if no visible project or activity (#4129, #3720). git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@2986 e93f8b46-1217-0410-a6f0-8f06a7374b81

Jean-Philippe Lang - - Load All Authors

File last commit:

r2872:ac56d1d5e543


                r2872:ac56d1d5e543

Download file

             account_controller.rb
        
                    283 lines
            
             | 9.6 KiB
            
                | text/x-ruby
            
             |
                RubyLexer
            
             / app / controllers / account_controller.rb
          
                    History
                
                 |
                  Source
                 | Raw
                 |Copy content
                 |Copy permalink

        Jean-Philippe Lang
    
Display latest user's activity on account/show view....

              r2064
            
      # Redmine - project management software

      # Copyright (C) 2006-2008  Jean-Philippe Lang

        Jean-Philippe Lang
    
added svn:eol-style native property on /app files...

              r330
            
      #

      # This program is free software; you can redistribute it and/or

      # modify it under the terms of the GNU General Public License

      # as published by the Free Software Foundation; either version 2

      # of the License, or (at your option) any later version.

      # 

      # This program is distributed in the hope that it will be useful,

      # but WITHOUT ANY WARRANTY; without even the implied warranty of

      # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

      # GNU General Public License for more details.

      # 

      # You should have received a copy of the GNU General Public License

      # along with this program; if not, write to the Free Software

      # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.

      class AccountController < ApplicationController

        helper :custom_fields

        include CustomFieldsHelper   

        # prevents login action to be filtered by check_if_login_required application scope filter

        Jean-Philippe Lang
    
There's now 3 account activation strategies (available in application settings):...

              r902
            
        skip_before_filter :check_if_login_required, :only => [:login, :lost_password, :register, :activate]

        Jean-Philippe Lang
    
added svn:eol-style native property on /app files...

              r330
            
        # Show user's account

        def show

        Jean-Philippe Lang
    
Replaces User.find_active with a named scope....

              r2077
            
          @user = User.active.find(params[:id])

        Jean-Philippe Lang
    
Fixes custom fields display order at several places (#1768)....

              r1730
            
          @custom_values = @user.custom_values

        Jean-Philippe Lang
    
Fixed confidentiality issue on account/show....

              r564
            
          # show only public projects and private projects that the logged in user is also a member of

          @memberships = @user.memberships.select do |membership|

        Jean-Philippe Lang
    
Fixed: private projects name are displayed on account/show even if the current user doesn't have access to these private projects....

              r1023
            
            membership.project.is_public? || (User.current.member_of?(membership.project))

        Jean-Philippe Lang
    
Fixed confidentiality issue on account/show....

              r564
            
          end

        Jean-Philippe Lang
    
Display latest user's activity on account/show view....

              r2064
            
          events = Redmine::Activity::Fetcher.new(User.current, :author => @user).events(nil, nil, :limit => 10)

          @events_by_day = events.group_by(&:event_date)

        Jean-Philippe Lang
    
Do not show user profile if no visible project or activity (#4129, #3720)....

              r2872
            
          if @user != User.current && !User.current.admin? && @memberships.empty? && events.empty?

            render_404 and return

          end

        Jean-Philippe Lang
    
added svn:eol-style native property on /app files...

              r330
            
        rescue ActiveRecord::RecordNotFound

          render_404

        end

        # Login request and validation

        def login

          if request.get?

            # Logout user

        Jean-Philippe Lang
    
Merged 0.6 branch into trunk....

              r663
            
            self.logged_user = nil

        Jean-Philippe Lang
    
added svn:eol-style native property on /app files...

              r330
            
          else

            # Authenticate user

        Jean-Philippe Lang
    
Removes the fat ruby-openid gem. Simply use 'gem install ruby-openid' to enable openid support....

              r2397
            
            if Setting.openid? && using_open_id?

        Eric Davis
    
Added the ability to login via OpenID....

              r2381
            
              open_id_authenticate(params[:openid_url])

        Eric Davis
    
Added a system setting for allowing OpenID logins and registrations...

              r2388
            
            else

              password_authentication

        Jean-Philippe Lang
    
added svn:eol-style native property on /app files...

              r330
            
            end

          end

        end

        # Log out current user and redirect to welcome page

        def logout

        Jean-Philippe Lang
    
Added autologin feature (disabled by default)....

              r511
            
          cookies.delete :autologin

        Jean-Philippe Lang
    
Merged 0.6 branch into trunk....

              r663
            
          Token.delete_all(["user_id = ? AND action = ?", User.current.id, 'autologin']) if User.current.logged?

          self.logged_user = nil

        Jean-Philippe Lang
    
Added a named route for the home page....

              r749
            
          redirect_to home_url

        Jean-Philippe Lang
    
added svn:eol-style native property on /app files...

              r330
            
        end

        # Enable user to choose a new password

        def lost_password

        Jean-Philippe Lang
    
Added a named route for the home page....

              r749
            
          redirect_to(home_url) && return unless Setting.lost_password?

        Jean-Philippe Lang
    
added svn:eol-style native property on /app files...

              r330
            
          if params[:token]

            @token = Token.find_by_action_and_value("recovery", params[:token])

        Jean-Philippe Lang
    
Added a named route for the home page....

              r749
            
            redirect_to(home_url) && return unless @token and !@token.expired?

        Jean-Philippe Lang
    
added svn:eol-style native property on /app files...

              r330
            
            @user = @token.user

            if request.post?

              @user.password, @user.password_confirmation = params[:new_password], params[:new_password_confirmation]

              if @user.save

                @token.destroy

                flash[:notice] = l(:notice_account_password_updated)

                redirect_to :action => 'login'

                return

              end 

            end

            render :template => "account/password_recovery"

            return

          else

            if request.post?

              user = User.find_by_mail(params[:mail])

              # user not found in db

        Jean-Philippe Lang
    
Applied the flash notices patch by Matt Jones (slightly edited)....

              r597
            
              flash.now[:error] = l(:notice_account_unknown_email) and return unless user

        Jean-Philippe Lang
    
added svn:eol-style native property on /app files...

              r330
            
              # user uses an external authentification

        Jean-Philippe Lang
    
Applied the flash notices patch by Matt Jones (slightly edited)....

              r597
            
              flash.now[:error] = l(:notice_can_t_change_password) and return if user.auth_source_id

        Jean-Philippe Lang
    
added svn:eol-style native property on /app files...

              r330
            
              # create a new token for password recovery

              token = Token.new(:user => user, :action => "recovery")

              if token.save

                Mailer.deliver_lost_password(token)

                flash[:notice] = l(:notice_account_lost_email_sent)

                redirect_to :action => 'login'

                return

              end

            end

          end

        end

        # User self-registration

        def register

        Jean-Philippe Lang
    
Improved on-the-fly account creation. If some attributes are missing (eg. not present in the LDAP) or are invalid, the registration form is displayed so that the user is able to fill or fix these attributes....

              r1661
            
          redirect_to(home_url) && return unless Setting.self_registration? || session[:auth_source_registration]

        Jean-Philippe Lang
    
There's now 3 account activation strategies (available in application settings):...

              r902
            
          if request.get?

        Jean-Philippe Lang
    
Improved on-the-fly account creation. If some attributes are missing (eg. not present in the LDAP) or are invalid, the registration form is displayed so that the user is able to fill or fix these attributes....

              r1661
            
            session[:auth_source_registration] = nil

        Jean-Philippe Lang
    
There's now 3 account activation strategies (available in application settings):...

              r902
            
            @user = User.new(:language => Setting.default_language)

        Jean-Philippe Lang
    
added svn:eol-style native property on /app files...

              r330
            
          else

        Jean-Philippe Lang
    
There's now 3 account activation strategies (available in application settings):...

              r902
            
            @user = User.new(params[:user])

            @user.admin = false

            @user.status = User::STATUS_REGISTERED

        Jean-Philippe Lang
    
Improved on-the-fly account creation. If some attributes are missing (eg. not present in the LDAP) or are invalid, the registration form is displayed so that the user is able to fill or fix these attributes....

              r1661
            
            if session[:auth_source_registration]

        Jean-Philippe Lang
    
There's now 3 account activation strategies (available in application settings):...

              r902
            
              @user.status = User::STATUS_ACTIVE

        Jean-Philippe Lang
    
Improved on-the-fly account creation. If some attributes are missing (eg. not present in the LDAP) or are invalid, the registration form is displayed so that the user is able to fill or fix these attributes....

              r1661
            
              @user.login = session[:auth_source_registration][:login]

              @user.auth_source_id = session[:auth_source_registration][:auth_source_id]

        Jean-Philippe Lang
    
There's now 3 account activation strategies (available in application settings):...

              r902
            
              if @user.save

        Jean-Philippe Lang
    
Improved on-the-fly account creation. If some attributes are missing (eg. not present in the LDAP) or are invalid, the registration form is displayed so that the user is able to fill or fix these attributes....

              r1661
            
                session[:auth_source_registration] = nil

        Jean-Philippe Lang
    
Log the user in after registration if account activation is not needed....

              r1507
            
                self.logged_user = @user

        Jean-Philippe Lang
    
There's now 3 account activation strategies (available in application settings):...

              r902
            
                flash[:notice] = l(:notice_account_activated)

        Jean-Philippe Lang
    
Log the user in after registration if account activation is not needed....

              r1507
            
                redirect_to :controller => 'my', :action => 'account'

        Jean-Philippe Lang
    
There's now 3 account activation strategies (available in application settings):...

              r902
            
              end

            else

        Jean-Philippe Lang
    
Improved on-the-fly account creation. If some attributes are missing (eg. not present in the LDAP) or are invalid, the registration form is displayed so that the user is able to fill or fix these attributes....

              r1661
            
              @user.login = params[:user][:login]

              @user.password, @user.password_confirmation = params[:password], params[:password_confirmation]

        Eric Davis
    
Refactored common methods out of register and open_id_authenticate...

              r2386
            
        Jean-Philippe Lang
    
Improved on-the-fly account creation. If some attributes are missing (eg. not present in the LDAP) or are invalid, the registration form is displayed so that the user is able to fill or fix these attributes....

              r1661
            
              case Setting.self_registration

              when '1'

        Eric Davis
    
Refactored common methods out of register and open_id_authenticate...

              r2386
            
                register_by_email_activation(@user)

        Jean-Philippe Lang
    
Improved on-the-fly account creation. If some attributes are missing (eg. not present in the LDAP) or are invalid, the registration form is displayed so that the user is able to fill or fix these attributes....

              r1661
            
              when '3'

        Eric Davis
    
Refactored common methods out of register and open_id_authenticate...

              r2386
            
                register_automatically(@user)

        Jean-Philippe Lang
    
Improved on-the-fly account creation. If some attributes are missing (eg. not present in the LDAP) or are invalid, the registration form is displayed so that the user is able to fill or fix these attributes....

              r1661
            
              else

        Eric Davis
    
Refactored common methods out of register and open_id_authenticate...

              r2386
            
                register_manually_by_administrator(@user)

        Jean-Philippe Lang
    
added svn:eol-style native property on /app files...

              r330
            
              end

            end

          end

        end

        Jean-Philippe Lang
    
Merged 0.6 branch into trunk....

              r663
            
        Jean-Philippe Lang
    
There's now 3 account activation strategies (available in application settings):...

              r902
            
        # Token based account activation

        def activate

          redirect_to(home_url) && return unless Setting.self_registration? && params[:token]

          token = Token.find_by_action_and_value('register', params[:token])

          redirect_to(home_url) && return unless token and !token.expired?

          user = token.user

          redirect_to(home_url) && return unless user.status == User::STATUS_REGISTERED

          user.status = User::STATUS_ACTIVE

          if user.save

            token.destroy

            flash[:notice] = l(:notice_account_activated)

          end

          redirect_to :action => 'login'

        end

        Jean-Philippe Lang
    
Fixed: When logging in via an autologin cookie the user's last_login_on should be updated (#2820)....

              r2460
            
        private

        Eric Davis
    
Added the ability to login via OpenID....

              r2381
            
        def password_authentication

          user = User.try_to_login(params[:username], params[:password])

          if user.nil?

            # Invalid credentials

            flash.now[:error] = l(:notice_account_invalid_creditentials)

          elsif user.new_record?

            # Onthefly creation failed, display the registration form to fill/fix attributes

            @user = user

            session[:auth_source_registration] = {:login => user.login, :auth_source_id => user.auth_source_id }

            render :action => 'register'

          else

            # Valid user

            successful_authentication(user)

          end

        end

        def open_id_authenticate(openid_url)

          authenticate_with_open_id(openid_url, :required => [:nickname, :fullname, :email], :return_to => signin_url) do |result, identity_url, registration|

            if result.successful?

              user = User.find_or_initialize_by_identity_url(identity_url)

              if user.new_record?

        Eric Davis
    
Prevent registration via OpenID if self registration is off. #699...

              r2387
            
                # Self-registration off

                redirect_to(home_url) && return unless Setting.self_registration?

        Eric Davis
    
Added the ability to login via OpenID....

              r2381
            
                # Create on the fly

        Eric Davis
    
Added tests for the other OpenID authentication cases.  #699...

              r2384
            
                user.login = registration['nickname'] unless registration['nickname'].nil?

                user.mail = registration['email'] unless registration['email'].nil?

                user.firstname, user.lastname = registration['fullname'].split(' ') unless registration['fullname'].nil?

        Eric Davis
    
Hooked up on the fly OpenID user creation....

              r2382
            
                user.random_password

        Eric Davis
    
Added user setup needed based on the system's registration settings...

              r2385
            
                user.status = User::STATUS_REGISTERED

                case Setting.self_registration

                when '1'

        Eric Davis
    
Refactored common methods out of register and open_id_authenticate...

              r2386
            
                  register_by_email_activation(user) do

        Eric Davis
    
Fixed the bug in the OpenID registration where the form wouldn't take a login...

              r2421
            
                    onthefly_creation_failed(user)

        Eric Davis
    
Added user setup needed based on the system's registration settings...

              r2385
            
                  end

                when '3'

        Eric Davis
    
Refactored common methods out of register and open_id_authenticate...

              r2386
            
                  register_automatically(user) do

        Eric Davis
    
Fixed the bug in the OpenID registration where the form wouldn't take a login...

              r2421
            
                    onthefly_creation_failed(user)

        Eric Davis
    
Added user setup needed based on the system's registration settings...

              r2385
            
                  end

        Eric Davis
    
Hooked up on the fly OpenID user creation....

              r2382
            
                else

        Eric Davis
    
Refactored common methods out of register and open_id_authenticate...

              r2386
            
                  register_manually_by_administrator(user) do

        Eric Davis
    
Fixed the bug in the OpenID registration where the form wouldn't take a login...

              r2421
            
                    onthefly_creation_failed(user)

        Eric Davis
    
Added user setup needed based on the system's registration settings...

              r2385
            
                  end

                end          

        Eric Davis
    
Added the ability to login via OpenID....

              r2381
            
              else

        Eric Davis
    
Hooked up on the fly OpenID user creation....

              r2382
            
                # Existing record

        Eric Davis
    
Fixed a bug in the OpenID login when a user signed up with OpenID but hasn't...

              r2420
            
                if user.active?

                  successful_authentication(user)

                else

                  account_pending

                end

        Eric Davis
    
Added the ability to login via OpenID....

              r2381
            
              end

            end

          end

        end

        def successful_authentication(user)

          # Valid user

          self.logged_user = user

          # generate a key and set cookie if autologin

          if params[:autologin] && Setting.autologin?

            token = Token.create(:user => user, :action => 'autologin')

            cookies[:autologin] = { :value => token.value, :expires => 1.year.from_now }

          end

        Eric Davis
    
Added a plugin hook for :controller_account_success_authentication_after...

              r2533
            
          call_hook(:controller_account_success_authentication_after, {:user => user })

        Eric Davis
    
Added the ability to login via OpenID....

              r2381
            
          redirect_back_or_default :controller => 'my', :action => 'page'

        end

        Eric Davis
    
Added user setup needed based on the system's registration settings...

              r2385
            
        # Onthefly creation failed, display the registration form to fill/fix attributes

        def onthefly_creation_failed(user, auth_source_options = { })

          @user = user

          session[:auth_source_registration] = auth_source_options unless auth_source_options.empty?

          render :action => 'register'

        end

        Eric Davis
    
Refactored common methods out of register and open_id_authenticate...

              r2386
            
        # Register a user for email activation.

        #

        # Pass a block for behavior when a user fails to save

        def register_by_email_activation(user, &block)

          token = Token.new(:user => user, :action => "register")

          if user.save and token.save

            Mailer.deliver_register(token)

            flash[:notice] = l(:notice_account_register_done)

            redirect_to :action => 'login'

          else

            yield if block_given?

          end

        end

        # Automatically register a user

        #

        # Pass a block for behavior when a user fails to save

        def register_automatically(user, &block)

          # Automatic activation

          user.status = User::STATUS_ACTIVE

        Jean-Philippe Lang
    
Fixes that user's last_login_on was not set when using registration with automatic activation....

              r2526
            
          user.last_login_on = Time.now

        Eric Davis
    
Refactored common methods out of register and open_id_authenticate...

              r2386
            
          if user.save

            self.logged_user = user

            flash[:notice] = l(:notice_account_activated)

            redirect_to :controller => 'my', :action => 'account'

          else

            yield if block_given?

          end

        end

        # Manual activation by the administrator

        #

        # Pass a block for behavior when a user fails to save

        def register_manually_by_administrator(user, &block)

          if user.save

            # Sends an email to the administrators

            Mailer.deliver_account_activation_request(user)

        Eric Davis
    
Fixed a bug in the OpenID login when a user signed up with OpenID but hasn't...

              r2420
            
            account_pending

        Eric Davis
    
Refactored common methods out of register and open_id_authenticate...

              r2386
            
          else

            yield if block_given?

          end

        end

        Eric Davis
    
Fixed a bug in the OpenID login when a user signed up with OpenID but hasn't...

              r2420
            
        def account_pending

          flash[:notice] = l(:notice_account_pending)

          redirect_to :action => 'login'

        end

        Jean-Philippe Lang
    
Initial commit...

              r2
            
      end

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages

Jean-Philippe Lang Display latest user's activity on account/show view....	r2064	# Redmine - project management software
		# Copyright (C) 2006-2008 Jean-Philippe Lang
Jean-Philippe Lang added svn:eol-style native property on /app files...	r330	#
		# This program is free software; you can redistribute it and/or
		# modify it under the terms of the GNU General Public License
		# as published by the Free Software Foundation; either version 2
		# of the License, or (at your option) any later version.
		#
		# This program is distributed in the hope that it will be useful,
		# but WITHOUT ANY WARRANTY; without even the implied warranty of
		# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
		# GNU General Public License for more details.
		#
		# You should have received a copy of the GNU General Public License
		# along with this program; if not, write to the Free Software
		# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.

		class AccountController < ApplicationController
		helper :custom_fields
		include CustomFieldsHelper

		# prevents login action to be filtered by check_if_login_required application scope filter
Jean-Philippe Lang There's now 3 account activation strategies (available in application settings):...	r902	skip_before_filter :check_if_login_required, :only => [:login, :lost_password, :register, :activate]
Jean-Philippe Lang added svn:eol-style native property on /app files...	r330
		# Show user's account
		def show
Jean-Philippe Lang Replaces User.find_active with a named scope....	r2077	@user = User.active.find(params[:id])
Jean-Philippe Lang Fixes custom fields display order at several places (#1768)....	r1730	@custom_values = @user.custom_values
Jean-Philippe Lang Fixed confidentiality issue on account/show....	r564
		# show only public projects and private projects that the logged in user is also a member of
		@memberships = @user.memberships.select do \|membership\|
Jean-Philippe Lang Fixed: private projects name are displayed on account/show even if the current user doesn't have access to these private projects....	r1023	membership.project.is_public? \|\| (User.current.member_of?(membership.project))
Jean-Philippe Lang Fixed confidentiality issue on account/show....	r564	end
Jean-Philippe Lang Display latest user's activity on account/show view....	r2064
		events = Redmine::Activity::Fetcher.new(User.current, :author => @user).events(nil, nil, :limit => 10)
		@events_by_day = events.group_by(&:event_date)

Jean-Philippe Lang Do not show user profile if no visible project or activity (#4129, #3720)....	r2872	if @user != User.current && !User.current.admin? && @memberships.empty? && events.empty?
		render_404 and return
		end

Jean-Philippe Lang added svn:eol-style native property on /app files...	r330	rescue ActiveRecord::RecordNotFound
		render_404
		end

		# Login request and validation
		def login
		if request.get?
		# Logout user
Jean-Philippe Lang Merged 0.6 branch into trunk....	r663	self.logged_user = nil
Jean-Philippe Lang added svn:eol-style native property on /app files...	r330	else
		# Authenticate user
Jean-Philippe Lang Removes the fat ruby-openid gem. Simply use 'gem install ruby-openid' to enable openid support....	r2397	if Setting.openid? && using_open_id?
Eric Davis Added the ability to login via OpenID....	r2381	open_id_authenticate(params[:openid_url])
Eric Davis Added a system setting for allowing OpenID logins and registrations...	r2388	else
		password_authentication
Jean-Philippe Lang added svn:eol-style native property on /app files...	r330	end
		end
		end

		# Log out current user and redirect to welcome page
		def logout
Jean-Philippe Lang Added autologin feature (disabled by default)....	r511	cookies.delete :autologin
Jean-Philippe Lang Merged 0.6 branch into trunk....	r663	Token.delete_all(["user_id = ? AND action = ?", User.current.id, 'autologin']) if User.current.logged?
		self.logged_user = nil
Jean-Philippe Lang Added a named route for the home page....	r749	redirect_to home_url
Jean-Philippe Lang added svn:eol-style native property on /app files...	r330	end

		# Enable user to choose a new password
		def lost_password
Jean-Philippe Lang Added a named route for the home page....	r749	redirect_to(home_url) && return unless Setting.lost_password?
Jean-Philippe Lang added svn:eol-style native property on /app files...	r330	if params[:token]
		@token = Token.find_by_action_and_value("recovery", params[:token])
Jean-Philippe Lang Added a named route for the home page....	r749	redirect_to(home_url) && return unless @token and !@token.expired?
Jean-Philippe Lang added svn:eol-style native property on /app files...	r330	@user = @token.user
		if request.post?
		@user.password, @user.password_confirmation = params[:new_password], params[:new_password_confirmation]
		if @user.save
		@token.destroy
		flash[:notice] = l(:notice_account_password_updated)
		redirect_to :action => 'login'
		return
		end
		end
		render :template => "account/password_recovery"
		return
		else
		if request.post?
		user = User.find_by_mail(params[:mail])
		# user not found in db
Jean-Philippe Lang Applied the flash notices patch by Matt Jones (slightly edited)....	r597	flash.now[:error] = l(:notice_account_unknown_email) and return unless user
Jean-Philippe Lang added svn:eol-style native property on /app files...	r330	# user uses an external authentification
Jean-Philippe Lang Applied the flash notices patch by Matt Jones (slightly edited)....	r597	flash.now[:error] = l(:notice_can_t_change_password) and return if user.auth_source_id
Jean-Philippe Lang added svn:eol-style native property on /app files...	r330	# create a new token for password recovery
		token = Token.new(:user => user, :action => "recovery")
		if token.save
		Mailer.deliver_lost_password(token)
		flash[:notice] = l(:notice_account_lost_email_sent)
		redirect_to :action => 'login'
		return
		end
		end
		end
		end

		# User self-registration
		def register
Jean-Philippe Lang Improved on-the-fly account creation. If some attributes are missing (eg. not present in the LDAP) or are invalid, the registration form is displayed so that the user is able to fill or fix these attributes....	r1661	redirect_to(home_url) && return unless Setting.self_registration? \|\| session[:auth_source_registration]
Jean-Philippe Lang There's now 3 account activation strategies (available in application settings):...	r902	if request.get?
Jean-Philippe Lang Improved on-the-fly account creation. If some attributes are missing (eg. not present in the LDAP) or are invalid, the registration form is displayed so that the user is able to fill or fix these attributes....	r1661	session[:auth_source_registration] = nil
Jean-Philippe Lang There's now 3 account activation strategies (available in application settings):...	r902	@user = User.new(:language => Setting.default_language)
Jean-Philippe Lang added svn:eol-style native property on /app files...	r330	else
Jean-Philippe Lang There's now 3 account activation strategies (available in application settings):...	r902	@user = User.new(params[:user])
		@user.admin = false
		@user.status = User::STATUS_REGISTERED
Jean-Philippe Lang Improved on-the-fly account creation. If some attributes are missing (eg. not present in the LDAP) or are invalid, the registration form is displayed so that the user is able to fill or fix these attributes....	r1661	if session[:auth_source_registration]
Jean-Philippe Lang There's now 3 account activation strategies (available in application settings):...	r902	@user.status = User::STATUS_ACTIVE
Jean-Philippe Lang Improved on-the-fly account creation. If some attributes are missing (eg. not present in the LDAP) or are invalid, the registration form is displayed so that the user is able to fill or fix these attributes....	r1661	@user.login = session[:auth_source_registration][:login]
		@user.auth_source_id = session[:auth_source_registration][:auth_source_id]
Jean-Philippe Lang There's now 3 account activation strategies (available in application settings):...	r902	if @user.save
Jean-Philippe Lang Improved on-the-fly account creation. If some attributes are missing (eg. not present in the LDAP) or are invalid, the registration form is displayed so that the user is able to fill or fix these attributes....	r1661	session[:auth_source_registration] = nil
Jean-Philippe Lang Log the user in after registration if account activation is not needed....	r1507	self.logged_user = @user
Jean-Philippe Lang There's now 3 account activation strategies (available in application settings):...	r902	flash[:notice] = l(:notice_account_activated)
Jean-Philippe Lang Log the user in after registration if account activation is not needed....	r1507	redirect_to :controller => 'my', :action => 'account'
Jean-Philippe Lang There's now 3 account activation strategies (available in application settings):...	r902	end
		else
Jean-Philippe Lang Improved on-the-fly account creation. If some attributes are missing (eg. not present in the LDAP) or are invalid, the registration form is displayed so that the user is able to fill or fix these attributes....	r1661	@user.login = params[:user][:login]
		@user.password, @user.password_confirmation = params[:password], params[:password_confirmation]
Eric Davis Refactored common methods out of register and open_id_authenticate...	r2386
Jean-Philippe Lang Improved on-the-fly account creation. If some attributes are missing (eg. not present in the LDAP) or are invalid, the registration form is displayed so that the user is able to fill or fix these attributes....	r1661	case Setting.self_registration
		when '1'
Eric Davis Refactored common methods out of register and open_id_authenticate...	r2386	register_by_email_activation(@user)
Jean-Philippe Lang Improved on-the-fly account creation. If some attributes are missing (eg. not present in the LDAP) or are invalid, the registration form is displayed so that the user is able to fill or fix these attributes....	r1661	when '3'
Eric Davis Refactored common methods out of register and open_id_authenticate...	r2386	register_automatically(@user)
Jean-Philippe Lang Improved on-the-fly account creation. If some attributes are missing (eg. not present in the LDAP) or are invalid, the registration form is displayed so that the user is able to fill or fix these attributes....	r1661	else
Eric Davis Refactored common methods out of register and open_id_authenticate...	r2386	register_manually_by_administrator(@user)
Jean-Philippe Lang added svn:eol-style native property on /app files...	r330	end
		end
		end
		end
Jean-Philippe Lang Merged 0.6 branch into trunk....	r663
Jean-Philippe Lang There's now 3 account activation strategies (available in application settings):...	r902	# Token based account activation
		def activate
		redirect_to(home_url) && return unless Setting.self_registration? && params[:token]
		token = Token.find_by_action_and_value('register', params[:token])
		redirect_to(home_url) && return unless token and !token.expired?
		user = token.user
		redirect_to(home_url) && return unless user.status == User::STATUS_REGISTERED
		user.status = User::STATUS_ACTIVE
		if user.save
		token.destroy
		flash[:notice] = l(:notice_account_activated)
		end
		redirect_to :action => 'login'
		end

Jean-Philippe Lang Fixed: When logging in via an autologin cookie the user's last_login_on should be updated (#2820)....	r2460	private

Eric Davis Added the ability to login via OpenID....	r2381	def password_authentication
		user = User.try_to_login(params[:username], params[:password])
		if user.nil?
		# Invalid credentials
		flash.now[:error] = l(:notice_account_invalid_creditentials)
		elsif user.new_record?
		# Onthefly creation failed, display the registration form to fill/fix attributes
		@user = user
		session[:auth_source_registration] = {:login => user.login, :auth_source_id => user.auth_source_id }
		render :action => 'register'
		else
		# Valid user
		successful_authentication(user)
		end
		end


		def open_id_authenticate(openid_url)
		authenticate_with_open_id(openid_url, :required => [:nickname, :fullname, :email], :return_to => signin_url) do \|result, identity_url, registration\|
		if result.successful?
		user = User.find_or_initialize_by_identity_url(identity_url)
		if user.new_record?
Eric Davis Prevent registration via OpenID if self registration is off. #699...	r2387	# Self-registration off
		redirect_to(home_url) && return unless Setting.self_registration?

Eric Davis Added the ability to login via OpenID....	r2381	# Create on the fly
Eric Davis Added tests for the other OpenID authentication cases. #699...	r2384	user.login = registration['nickname'] unless registration['nickname'].nil?
		user.mail = registration['email'] unless registration['email'].nil?
		user.firstname, user.lastname = registration['fullname'].split(' ') unless registration['fullname'].nil?
Eric Davis Hooked up on the fly OpenID user creation....	r2382	user.random_password
Eric Davis Added user setup needed based on the system's registration settings...	r2385	user.status = User::STATUS_REGISTERED

		case Setting.self_registration
		when '1'
Eric Davis Refactored common methods out of register and open_id_authenticate...	r2386	register_by_email_activation(user) do
Eric Davis Fixed the bug in the OpenID registration where the form wouldn't take a login...	r2421	onthefly_creation_failed(user)
Eric Davis Added user setup needed based on the system's registration settings...	r2385	end
		when '3'
Eric Davis Refactored common methods out of register and open_id_authenticate...	r2386	register_automatically(user) do
Eric Davis Fixed the bug in the OpenID registration where the form wouldn't take a login...	r2421	onthefly_creation_failed(user)
Eric Davis Added user setup needed based on the system's registration settings...	r2385	end
Eric Davis Hooked up on the fly OpenID user creation....	r2382	else
Eric Davis Refactored common methods out of register and open_id_authenticate...	r2386	register_manually_by_administrator(user) do
Eric Davis Fixed the bug in the OpenID registration where the form wouldn't take a login...	r2421	onthefly_creation_failed(user)
Eric Davis Added user setup needed based on the system's registration settings...	r2385	end
		end
Eric Davis Added the ability to login via OpenID....	r2381	else
Eric Davis Hooked up on the fly OpenID user creation....	r2382	# Existing record
Eric Davis Fixed a bug in the OpenID login when a user signed up with OpenID but hasn't...	r2420	if user.active?
		successful_authentication(user)
		else
		account_pending
		end
Eric Davis Added the ability to login via OpenID....	r2381	end
		end
		end
		end

		def successful_authentication(user)
		# Valid user
		self.logged_user = user
		# generate a key and set cookie if autologin
		if params[:autologin] && Setting.autologin?
		token = Token.create(:user => user, :action => 'autologin')
		cookies[:autologin] = { :value => token.value, :expires => 1.year.from_now }
		end
Eric Davis Added a plugin hook for :controller_account_success_authentication_after...	r2533	call_hook(:controller_account_success_authentication_after, {:user => user })
Eric Davis Added the ability to login via OpenID....	r2381	redirect_back_or_default :controller => 'my', :action => 'page'
		end

Eric Davis Added user setup needed based on the system's registration settings...	r2385	# Onthefly creation failed, display the registration form to fill/fix attributes
		def onthefly_creation_failed(user, auth_source_options = { })
		@user = user
		session[:auth_source_registration] = auth_source_options unless auth_source_options.empty?
		render :action => 'register'
		end

Eric Davis Refactored common methods out of register and open_id_authenticate...	r2386	# Register a user for email activation.
		#
		# Pass a block for behavior when a user fails to save
		def register_by_email_activation(user, &block)
		token = Token.new(:user => user, :action => "register")
		if user.save and token.save
		Mailer.deliver_register(token)
		flash[:notice] = l(:notice_account_register_done)
		redirect_to :action => 'login'
		else
		yield if block_given?
		end
		end

		# Automatically register a user
		#
		# Pass a block for behavior when a user fails to save
		def register_automatically(user, &block)
		# Automatic activation
		user.status = User::STATUS_ACTIVE
Jean-Philippe Lang Fixes that user's last_login_on was not set when using registration with automatic activation....	r2526	user.last_login_on = Time.now
Eric Davis Refactored common methods out of register and open_id_authenticate...	r2386	if user.save
		self.logged_user = user
		flash[:notice] = l(:notice_account_activated)
		redirect_to :controller => 'my', :action => 'account'
		else
		yield if block_given?
		end
		end

		# Manual activation by the administrator
		#
		# Pass a block for behavior when a user fails to save
		def register_manually_by_administrator(user, &block)
		if user.save
		# Sends an email to the administrators
		Mailer.deliver_account_activation_request(user)
Eric Davis Fixed a bug in the OpenID login when a user signed up with OpenID but hasn't...	r2420	account_pending
Eric Davis Refactored common methods out of register and open_id_authenticate...	r2386	else
		yield if block_given?
		end
		end
Eric Davis Fixed a bug in the OpenID login when a user signed up with OpenID but hasn't...	r2420
		def account_pending
		flash[:notice] = l(:notice_account_pending)
		redirect_to :action => 'login'
		end
Jean-Philippe Lang Initial commit...	r2	end