##// END OF EJS Templates
jro_apps » redmine
RSS
Fix in AttachmentsController#show....
Fix in AttachmentsController#show. git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@2282 e93f8b46-1217-0410-a6f0-8f06a7374b81
Jean-Philippe Lang - - Load All Authors

File last commit:

r2077:e7b6a56a972e
r2280:dacddd989720
Show More
account_controller.rb
194 lines | 7.1 KiB | text/x-ruby | RubyLexer
/ app / controllers / account_controller.rb
History | Source | Raw |Copy content |Copy permalink
Jean-Philippe Lang
Display latest user's activity on account/show view....
 r2064 # Redmine - project management software
# Copyright (C) 2006-2008 Jean-Philippe Lang
Jean-Philippe Lang
added svn:eol-style native property on /app files...
 r330 #
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
class AccountController < ApplicationController
helper :custom_fields
include CustomFieldsHelper
# prevents login action to be filtered by check_if_login_required application scope filter
Jean-Philippe Lang
There's now 3 account activation strategies (available in application settings):...
 r902 skip_before_filter :check_if_login_required, :only => [:login, :lost_password, :register, :activate]
Jean-Philippe Lang
added svn:eol-style native property on /app files...
 r330
# Show user's account
def show
Jean-Philippe Lang
Replaces User.find_active with a named scope....
 r2077 @user = User.active.find(params[:id])
Jean-Philippe Lang
Fixes custom fields display order at several places (#1768)....
 r1730 @custom_values = @user.custom_values
Jean-Philippe Lang
Fixed confidentiality issue on account/show....
 r564
# show only public projects and private projects that the logged in user is also a member of
@memberships = @user.memberships.select do |membership|
Jean-Philippe Lang
Fixed: private projects name are displayed on account/show even if the current user doesn't have access to these private projects....
 r1023 membership.project.is_public? || (User.current.member_of?(membership.project))
Jean-Philippe Lang
Fixed confidentiality issue on account/show....
 r564 end
Jean-Philippe Lang
Display latest user's activity on account/show view....
 r2064
events = Redmine::Activity::Fetcher.new(User.current, :author => @user).events(nil, nil, :limit => 10)
@events_by_day = events.group_by(&:event_date)
Jean-Philippe Lang
added svn:eol-style native property on /app files...
 r330 rescue ActiveRecord::RecordNotFound
render_404
end
# Login request and validation
def login
if request.get?
# Logout user
Jean-Philippe Lang
Merged 0.6 branch into trunk....
 r663 self.logged_user = nil
Jean-Philippe Lang
added svn:eol-style native property on /app files...
 r330 else
# Authenticate user
Jean-Philippe Lang
Login field name changed to username (#755)....
 r1167 user = User.try_to_login(params[:username], params[:password])
Jean-Philippe Lang
Improved on-the-fly account creation. If some attributes are missing (eg. not present in the LDAP) or are invalid, the registration form is displayed so that the user is able to fill or fix these attributes....
 r1661 if user.nil?
# Invalid credentials
flash.now[:error] = l(:notice_account_invalid_creditentials)
elsif user.new_record?
# Onthefly creation failed, display the registration form to fill/fix attributes
@user = user
session[:auth_source_registration] = {:login => user.login, :auth_source_id => user.auth_source_id }
render :action => 'register'
else
# Valid user
Jean-Philippe Lang
Merged 0.6 branch into trunk....
 r663 self.logged_user = user
Jean-Philippe Lang
Added autologin feature (disabled by default)....
 r511 # generate a key and set cookie if autologin
if params[:autologin] && Setting.autologin?
token = Token.create(:user => user, :action => 'autologin')
cookies[:autologin] = { :value => token.value, :expires => 1.year.from_now }
end
Jean-Philippe Lang
added svn:eol-style native property on /app files...
 r330 redirect_back_or_default :controller => 'my', :action => 'page'
end
end
end
# Log out current user and redirect to welcome page
def logout
Jean-Philippe Lang
Added autologin feature (disabled by default)....
 r511 cookies.delete :autologin
Jean-Philippe Lang
Merged 0.6 branch into trunk....
 r663 Token.delete_all(["user_id = ? AND action = ?", User.current.id, 'autologin']) if User.current.logged?
self.logged_user = nil
Jean-Philippe Lang
Added a named route for the home page....
 r749 redirect_to home_url
Jean-Philippe Lang
added svn:eol-style native property on /app files...
 r330 end
# Enable user to choose a new password
def lost_password
Jean-Philippe Lang
Added a named route for the home page....
 r749 redirect_to(home_url) && return unless Setting.lost_password?
Jean-Philippe Lang
added svn:eol-style native property on /app files...
 r330 if params[:token]
@token = Token.find_by_action_and_value("recovery", params[:token])
Jean-Philippe Lang
Added a named route for the home page....
 r749 redirect_to(home_url) && return unless @token and !@token.expired?
Jean-Philippe Lang
added svn:eol-style native property on /app files...
 r330 @user = @token.user
if request.post?
@user.password, @user.password_confirmation = params[:new_password], params[:new_password_confirmation]
if @user.save
@token.destroy
flash[:notice] = l(:notice_account_password_updated)
redirect_to :action => 'login'
return
end
end
render :template => "account/password_recovery"
return
else
if request.post?
user = User.find_by_mail(params[:mail])
# user not found in db
Jean-Philippe Lang
Applied the flash notices patch by Matt Jones (slightly edited)....
 r597 flash.now[:error] = l(:notice_account_unknown_email) and return unless user
Jean-Philippe Lang
added svn:eol-style native property on /app files...
 r330 # user uses an external authentification
Jean-Philippe Lang
Applied the flash notices patch by Matt Jones (slightly edited)....
 r597 flash.now[:error] = l(:notice_can_t_change_password) and return if user.auth_source_id
Jean-Philippe Lang
added svn:eol-style native property on /app files...
 r330 # create a new token for password recovery
token = Token.new(:user => user, :action => "recovery")
if token.save
Mailer.deliver_lost_password(token)
flash[:notice] = l(:notice_account_lost_email_sent)
redirect_to :action => 'login'
return
end
end
end
end
# User self-registration
def register
Jean-Philippe Lang
Improved on-the-fly account creation. If some attributes are missing (eg. not present in the LDAP) or are invalid, the registration form is displayed so that the user is able to fill or fix these attributes....
 r1661 redirect_to(home_url) && return unless Setting.self_registration? || session[:auth_source_registration]
Jean-Philippe Lang
There's now 3 account activation strategies (available in application settings):...
 r902 if request.get?
Jean-Philippe Lang
Improved on-the-fly account creation. If some attributes are missing (eg. not present in the LDAP) or are invalid, the registration form is displayed so that the user is able to fill or fix these attributes....
 r1661 session[:auth_source_registration] = nil
Jean-Philippe Lang
There's now 3 account activation strategies (available in application settings):...
 r902 @user = User.new(:language => Setting.default_language)
Jean-Philippe Lang
added svn:eol-style native property on /app files...
 r330 else
Jean-Philippe Lang
There's now 3 account activation strategies (available in application settings):...
 r902 @user = User.new(params[:user])
@user.admin = false
@user.status = User::STATUS_REGISTERED
Jean-Philippe Lang
Improved on-the-fly account creation. If some attributes are missing (eg. not present in the LDAP) or are invalid, the registration form is displayed so that the user is able to fill or fix these attributes....
 r1661 if session[:auth_source_registration]
Jean-Philippe Lang
There's now 3 account activation strategies (available in application settings):...
 r902 @user.status = User::STATUS_ACTIVE
Jean-Philippe Lang
Improved on-the-fly account creation. If some attributes are missing (eg. not present in the LDAP) or are invalid, the registration form is displayed so that the user is able to fill or fix these attributes....
 r1661 @user.login = session[:auth_source_registration][:login]
@user.auth_source_id = session[:auth_source_registration][:auth_source_id]
Jean-Philippe Lang
There's now 3 account activation strategies (available in application settings):...
 r902 if @user.save
Jean-Philippe Lang
Improved on-the-fly account creation. If some attributes are missing (eg. not present in the LDAP) or are invalid, the registration form is displayed so that the user is able to fill or fix these attributes....
 r1661 session[:auth_source_registration] = nil
Jean-Philippe Lang
Log the user in after registration if account activation is not needed....
 r1507 self.logged_user = @user
Jean-Philippe Lang
There's now 3 account activation strategies (available in application settings):...
 r902 flash[:notice] = l(:notice_account_activated)
Jean-Philippe Lang
Log the user in after registration if account activation is not needed....
 r1507 redirect_to :controller => 'my', :action => 'account'
Jean-Philippe Lang
There's now 3 account activation strategies (available in application settings):...
 r902 end
else
Jean-Philippe Lang
Improved on-the-fly account creation. If some attributes are missing (eg. not present in the LDAP) or are invalid, the registration form is displayed so that the user is able to fill or fix these attributes....
 r1661 @user.login = params[:user][:login]
@user.password, @user.password_confirmation = params[:password], params[:password_confirmation]
case Setting.self_registration
when '1'
# Email activation
token = Token.new(:user => @user, :action => "register")
if @user.save and token.save
Mailer.deliver_register(token)
flash[:notice] = l(:notice_account_register_done)
redirect_to :action => 'login'
end
when '3'
# Automatic activation
@user.status = User::STATUS_ACTIVE
if @user.save
self.logged_user = @user
flash[:notice] = l(:notice_account_activated)
redirect_to :controller => 'my', :action => 'account'
end
else
# Manual activation by the administrator
if @user.save
# Sends an email to the administrators
Mailer.deliver_account_activation_request(@user)
flash[:notice] = l(:notice_account_pending)
redirect_to :action => 'login'
end
Jean-Philippe Lang
added svn:eol-style native property on /app files...
 r330 end
end
end
end
Jean-Philippe Lang
Merged 0.6 branch into trunk....
 r663
Jean-Philippe Lang
There's now 3 account activation strategies (available in application settings):...
 r902 # Token based account activation
def activate
redirect_to(home_url) && return unless Setting.self_registration? && params[:token]
token = Token.find_by_action_and_value('register', params[:token])
redirect_to(home_url) && return unless token and !token.expired?
user = token.user
redirect_to(home_url) && return unless user.status == User::STATUS_REGISTERED
user.status = User::STATUS_ACTIVE
if user.save
token.destroy
flash[:notice] = l(:notice_account_activated)
end
redirect_to :action => 'login'
end
Jean-Philippe Lang
Merged 0.6 branch into trunk....
 r663 private
def logged_user=(user)
if user && user.is_a?(User)
User.current = user
session[:user_id] = user.id
else
User.current = User.anonymous
session[:user_id] = nil
end
end
Jean-Philippe Lang
Initial commit...
 r2 end