##// END OF EJS Templates
jro_apps » redmine
RSS
Log the user in after registration if account activation is not needed....
Jean-Philippe Lang -
r1507:19cb6f96f4bf
parent child
Show More
Side by Side Unified
Context file:
r1507:19cb6f96f4bf Loading diff...:
Show file before | Show file after | Hide comments
@@ -1,177 +1,178
1 # redMine - project management software
1 # redMine - project management software
2 # Copyright (C) 2006-2007 Jean-Philippe Lang
2 # Copyright (C) 2006-2007 Jean-Philippe Lang
3 #
3 #
4 # This program is free software; you can redistribute it and/or
4 # This program is free software; you can redistribute it and/or
5 # modify it under the terms of the GNU General Public License
5 # modify it under the terms of the GNU General Public License
6 # as published by the Free Software Foundation; either version 2
6 # as published by the Free Software Foundation; either version 2
7 # of the License, or (at your option) any later version.
7 # of the License, or (at your option) any later version.
8 #
8 #
9 # This program is distributed in the hope that it will be useful,
9 # This program is distributed in the hope that it will be useful,
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 # GNU General Public License for more details.
12 # GNU General Public License for more details.
13 #
13 #
14 # You should have received a copy of the GNU General Public License
14 # You should have received a copy of the GNU General Public License
15 # along with this program; if not, write to the Free Software
15 # along with this program; if not, write to the Free Software
16 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
16 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
17
17
18 class AccountController < ApplicationController
18 class AccountController < ApplicationController
19 layout 'base'
19 layout 'base'
20 helper :custom_fields
20 helper :custom_fields
21 include CustomFieldsHelper
21 include CustomFieldsHelper
22
22
23 # prevents login action to be filtered by check_if_login_required application scope filter
23 # prevents login action to be filtered by check_if_login_required application scope filter
24 skip_before_filter :check_if_login_required, :only => [:login, :lost_password, :register, :activate]
24 skip_before_filter :check_if_login_required, :only => [:login, :lost_password, :register, :activate]
25
25
26 # Show user's account
26 # Show user's account
27 def show
27 def show
28 @user = User.find_active(params[:id])
28 @user = User.find_active(params[:id])
29 @custom_values = @user.custom_values.find(:all, :include => :custom_field)
29 @custom_values = @user.custom_values.find(:all, :include => :custom_field)
30
30
31 # show only public projects and private projects that the logged in user is also a member of
31 # show only public projects and private projects that the logged in user is also a member of
32 @memberships = @user.memberships.select do |membership|
32 @memberships = @user.memberships.select do |membership|
33 membership.project.is_public? || (User.current.member_of?(membership.project))
33 membership.project.is_public? || (User.current.member_of?(membership.project))
34 end
34 end
35 rescue ActiveRecord::RecordNotFound
35 rescue ActiveRecord::RecordNotFound
36 render_404
36 render_404
37 end
37 end
38
38
39 # Login request and validation
39 # Login request and validation
40 def login
40 def login
41 if request.get?
41 if request.get?
42 # Logout user
42 # Logout user
43 self.logged_user = nil
43 self.logged_user = nil
44 else
44 else
45 # Authenticate user
45 # Authenticate user
46 user = User.try_to_login(params[:username], params[:password])
46 user = User.try_to_login(params[:username], params[:password])
47 if user
47 if user
48 self.logged_user = user
48 self.logged_user = user
49 # generate a key and set cookie if autologin
49 # generate a key and set cookie if autologin
50 if params[:autologin] && Setting.autologin?
50 if params[:autologin] && Setting.autologin?
51 token = Token.create(:user => user, :action => 'autologin')
51 token = Token.create(:user => user, :action => 'autologin')
52 cookies[:autologin] = { :value => token.value, :expires => 1.year.from_now }
52 cookies[:autologin] = { :value => token.value, :expires => 1.year.from_now }
53 end
53 end
54 redirect_back_or_default :controller => 'my', :action => 'page'
54 redirect_back_or_default :controller => 'my', :action => 'page'
55 else
55 else
56 flash.now[:error] = l(:notice_account_invalid_creditentials)
56 flash.now[:error] = l(:notice_account_invalid_creditentials)
57 end
57 end
58 end
58 end
59 rescue User::OnTheFlyCreationFailure
59 rescue User::OnTheFlyCreationFailure
60 flash.now[:error] = 'Redmine could not retrieve the required information from the LDAP to create your account. Please, contact your Redmine administrator.'
60 flash.now[:error] = 'Redmine could not retrieve the required information from the LDAP to create your account. Please, contact your Redmine administrator.'
61 end
61 end
62
62
63 # Log out current user and redirect to welcome page
63 # Log out current user and redirect to welcome page
64 def logout
64 def logout
65 cookies.delete :autologin
65 cookies.delete :autologin
66 Token.delete_all(["user_id = ? AND action = ?", User.current.id, 'autologin']) if User.current.logged?
66 Token.delete_all(["user_id = ? AND action = ?", User.current.id, 'autologin']) if User.current.logged?
67 self.logged_user = nil
67 self.logged_user = nil
68 redirect_to home_url
68 redirect_to home_url
69 end
69 end
70
70
71 # Enable user to choose a new password
71 # Enable user to choose a new password
72 def lost_password
72 def lost_password
73 redirect_to(home_url) && return unless Setting.lost_password?
73 redirect_to(home_url) && return unless Setting.lost_password?
74 if params[:token]
74 if params[:token]
75 @token = Token.find_by_action_and_value("recovery", params[:token])
75 @token = Token.find_by_action_and_value("recovery", params[:token])
76 redirect_to(home_url) && return unless @token and !@token.expired?
76 redirect_to(home_url) && return unless @token and !@token.expired?
77 @user = @token.user
77 @user = @token.user
78 if request.post?
78 if request.post?
79 @user.password, @user.password_confirmation = params[:new_password], params[:new_password_confirmation]
79 @user.password, @user.password_confirmation = params[:new_password], params[:new_password_confirmation]
80 if @user.save
80 if @user.save
81 @token.destroy
81 @token.destroy
82 flash[:notice] = l(:notice_account_password_updated)
82 flash[:notice] = l(:notice_account_password_updated)
83 redirect_to :action => 'login'
83 redirect_to :action => 'login'
84 return
84 return
85 end
85 end
86 end
86 end
87 render :template => "account/password_recovery"
87 render :template => "account/password_recovery"
88 return
88 return
89 else
89 else
90 if request.post?
90 if request.post?
91 user = User.find_by_mail(params[:mail])
91 user = User.find_by_mail(params[:mail])
92 # user not found in db
92 # user not found in db
93 flash.now[:error] = l(:notice_account_unknown_email) and return unless user
93 flash.now[:error] = l(:notice_account_unknown_email) and return unless user
94 # user uses an external authentification
94 # user uses an external authentification
95 flash.now[:error] = l(:notice_can_t_change_password) and return if user.auth_source_id
95 flash.now[:error] = l(:notice_can_t_change_password) and return if user.auth_source_id
96 # create a new token for password recovery
96 # create a new token for password recovery
97 token = Token.new(:user => user, :action => "recovery")
97 token = Token.new(:user => user, :action => "recovery")
98 if token.save
98 if token.save
99 Mailer.deliver_lost_password(token)
99 Mailer.deliver_lost_password(token)
100 flash[:notice] = l(:notice_account_lost_email_sent)
100 flash[:notice] = l(:notice_account_lost_email_sent)
101 redirect_to :action => 'login'
101 redirect_to :action => 'login'
102 return
102 return
103 end
103 end
104 end
104 end
105 end
105 end
106 end
106 end
107
107
108 # User self-registration
108 # User self-registration
109 def register
109 def register
110 redirect_to(home_url) && return unless Setting.self_registration?
110 redirect_to(home_url) && return unless Setting.self_registration?
111 if request.get?
111 if request.get?
112 @user = User.new(:language => Setting.default_language)
112 @user = User.new(:language => Setting.default_language)
113 @custom_values = UserCustomField.find(:all).collect { |x| CustomValue.new(:custom_field => x, :customized => @user) }
113 @custom_values = UserCustomField.find(:all).collect { |x| CustomValue.new(:custom_field => x, :customized => @user) }
114 else
114 else
115 @user = User.new(params[:user])
115 @user = User.new(params[:user])
116 @user.admin = false
116 @user.admin = false
117 @user.login = params[:user][:login]
117 @user.login = params[:user][:login]
118 @user.status = User::STATUS_REGISTERED
118 @user.status = User::STATUS_REGISTERED
119 @user.password, @user.password_confirmation = params[:password], params[:password_confirmation]
119 @user.password, @user.password_confirmation = params[:password], params[:password_confirmation]
120 @custom_values = UserCustomField.find(:all).collect { |x| CustomValue.new(:custom_field => x,
120 @custom_values = UserCustomField.find(:all).collect { |x| CustomValue.new(:custom_field => x,
121 :customized => @user,
121 :customized => @user,
122 :value => (params["custom_fields"] ? params["custom_fields"][x.id.to_s] : nil)) }
122 :value => (params["custom_fields"] ? params["custom_fields"][x.id.to_s] : nil)) }
123 @user.custom_values = @custom_values
123 @user.custom_values = @custom_values
124 case Setting.self_registration
124 case Setting.self_registration
125 when '1'
125 when '1'
126 # Email activation
126 # Email activation
127 token = Token.new(:user => @user, :action => "register")
127 token = Token.new(:user => @user, :action => "register")
128 if @user.save and token.save
128 if @user.save and token.save
129 Mailer.deliver_register(token)
129 Mailer.deliver_register(token)
130 flash[:notice] = l(:notice_account_register_done)
130 flash[:notice] = l(:notice_account_register_done)
131 redirect_to :action => 'login'
131 redirect_to :action => 'login'
132 end
132 end
133 when '3'
133 when '3'
134 # Automatic activation
134 # Automatic activation
135 @user.status = User::STATUS_ACTIVE
135 @user.status = User::STATUS_ACTIVE
136 if @user.save
136 if @user.save
137 self.logged_user = @user
137 flash[:notice] = l(:notice_account_activated)
138 flash[:notice] = l(:notice_account_activated)
138 redirect_to :action => 'login'
139 redirect_to :controller => 'my', :action => 'account'
139 end
140 end
140 else
141 else
141 # Manual activation by the administrator
142 # Manual activation by the administrator
142 if @user.save
143 if @user.save
143 # Sends an email to the administrators
144 # Sends an email to the administrators
144 Mailer.deliver_account_activation_request(@user)
145 Mailer.deliver_account_activation_request(@user)
145 flash[:notice] = l(:notice_account_pending)
146 flash[:notice] = l(:notice_account_pending)
146 redirect_to :action => 'login'
147 redirect_to :action => 'login'
147 end
148 end
148 end
149 end
149 end
150 end
150 end
151 end
151
152
152 # Token based account activation
153 # Token based account activation
153 def activate
154 def activate
154 redirect_to(home_url) && return unless Setting.self_registration? && params[:token]
155 redirect_to(home_url) && return unless Setting.self_registration? && params[:token]
155 token = Token.find_by_action_and_value('register', params[:token])
156 token = Token.find_by_action_and_value('register', params[:token])
156 redirect_to(home_url) && return unless token and !token.expired?
157 redirect_to(home_url) && return unless token and !token.expired?
157 user = token.user
158 user = token.user
158 redirect_to(home_url) && return unless user.status == User::STATUS_REGISTERED
159 redirect_to(home_url) && return unless user.status == User::STATUS_REGISTERED
159 user.status = User::STATUS_ACTIVE
160 user.status = User::STATUS_ACTIVE
160 if user.save
161 if user.save
161 token.destroy
162 token.destroy
162 flash[:notice] = l(:notice_account_activated)
163 flash[:notice] = l(:notice_account_activated)
163 end
164 end
164 redirect_to :action => 'login'
165 redirect_to :action => 'login'
165 end
166 end
166
167
167 private
168 private
168 def logged_user=(user)
169 def logged_user=(user)
169 if user && user.is_a?(User)
170 if user && user.is_a?(User)
170 User.current = user
171 User.current = user
171 session[:user_id] = user.id
172 session[:user_id] = user.id
172 else
173 else
173 User.current = User.anonymous
174 User.current = User.anonymous
174 session[:user_id] = nil
175 session[:user_id] = nil
175 end
176 end
176 end
177 end
177 end
178 end
Show file before | Show file after | Hide comments
@@ -1,101 +1,105
1 # redMine - project management software
1 # redMine - project management software
2 # Copyright (C) 2006-2007 Jean-Philippe Lang
2 # Copyright (C) 2006-2007 Jean-Philippe Lang
3 #
3 #
4 # This program is free software; you can redistribute it and/or
4 # This program is free software; you can redistribute it and/or
5 # modify it under the terms of the GNU General Public License
5 # modify it under the terms of the GNU General Public License
6 # as published by the Free Software Foundation; either version 2
6 # as published by the Free Software Foundation; either version 2
7 # of the License, or (at your option) any later version.
7 # of the License, or (at your option) any later version.
8 #
8 #
9 # This program is distributed in the hope that it will be useful,
9 # This program is distributed in the hope that it will be useful,
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 # GNU General Public License for more details.
12 # GNU General Public License for more details.
13 #
13 #
14 # You should have received a copy of the GNU General Public License
14 # You should have received a copy of the GNU General Public License
15 # along with this program; if not, write to the Free Software
15 # along with this program; if not, write to the Free Software
16 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
16 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
17
17
18 require "#{File.dirname(__FILE__)}/../test_helper"
18 require "#{File.dirname(__FILE__)}/../test_helper"
19
19
20 class AccountTest < ActionController::IntegrationTest
20 class AccountTest < ActionController::IntegrationTest
21 fixtures :users
21 fixtures :users
22
22
23 # Replace this with your real tests.
23 # Replace this with your real tests.
24 def test_login
24 def test_login
25 get "my/page"
25 get "my/page"
26 assert_redirected_to "account/login"
26 assert_redirected_to "account/login"
27 log_user('jsmith', 'jsmith')
27 log_user('jsmith', 'jsmith')
28
28
29 get "my/account"
29 get "my/account"
30 assert_response :success
30 assert_response :success
31 assert_template "my/account"
31 assert_template "my/account"
32 end
32 end
33
33
34 def test_lost_password
34 def test_lost_password
35 Token.delete_all
35 Token.delete_all
36
36
37 get "account/lost_password"
37 get "account/lost_password"
38 assert_response :success
38 assert_response :success
39 assert_template "account/lost_password"
39 assert_template "account/lost_password"
40
40
41 post "account/lost_password", :mail => 'jsmith@somenet.foo'
41 post "account/lost_password", :mail => 'jsmith@somenet.foo'
42 assert_redirected_to "account/login"
42 assert_redirected_to "account/login"
43
43
44 token = Token.find(:first)
44 token = Token.find(:first)
45 assert_equal 'recovery', token.action
45 assert_equal 'recovery', token.action
46 assert_equal 'jsmith@somenet.foo', token.user.mail
46 assert_equal 'jsmith@somenet.foo', token.user.mail
47 assert !token.expired?
47 assert !token.expired?
48
48
49 get "account/lost_password", :token => token.value
49 get "account/lost_password", :token => token.value
50 assert_response :success
50 assert_response :success
51 assert_template "account/password_recovery"
51 assert_template "account/password_recovery"
52
52
53 post "account/lost_password", :token => token.value, :new_password => 'newpass', :new_password_confirmation => 'newpass'
53 post "account/lost_password", :token => token.value, :new_password => 'newpass', :new_password_confirmation => 'newpass'
54 assert_redirected_to "account/login"
54 assert_redirected_to "account/login"
55 assert_equal 'Password was successfully updated.', flash[:notice]
55 assert_equal 'Password was successfully updated.', flash[:notice]
56
56
57 log_user('jsmith', 'newpass')
57 log_user('jsmith', 'newpass')
58 assert_equal 0, Token.count
58 assert_equal 0, Token.count
59 end
59 end
60
60
61 def test_register_with_automatic_activation
61 def test_register_with_automatic_activation
62 Setting.self_registration = '3'
62 Setting.self_registration = '3'
63
63
64 get 'account/register'
64 get 'account/register'
65 assert_response :success
65 assert_response :success
66 assert_template 'account/register'
66 assert_template 'account/register'
67
67
68 post 'account/register', :user => {:login => "newuser", :language => "en", :firstname => "New", :lastname => "User", :mail => "newuser@foo.bar"},
68 post 'account/register', :user => {:login => "newuser", :language => "en", :firstname => "New", :lastname => "User", :mail => "newuser@foo.bar"},
69 :password => "newpass", :password_confirmation => "newpass"
69 :password => "newpass", :password_confirmation => "newpass"
70 assert_redirected_to 'account/login'
70 assert_redirected_to 'my/account'
71 log_user('newuser', 'newpass')
71 follow_redirect!
72 assert_response :success
73 assert_template 'my/account'
74
75 assert User.find_by_login('newuser').active?
72 end
76 end
73
77
74 def test_register_with_manual_activation
78 def test_register_with_manual_activation
75 Setting.self_registration = '2'
79 Setting.self_registration = '2'
76
80
77 post 'account/register', :user => {:login => "newuser", :language => "en", :firstname => "New", :lastname => "User", :mail => "newuser@foo.bar"},
81 post 'account/register', :user => {:login => "newuser", :language => "en", :firstname => "New", :lastname => "User", :mail => "newuser@foo.bar"},
78 :password => "newpass", :password_confirmation => "newpass"
82 :password => "newpass", :password_confirmation => "newpass"
79 assert_redirected_to 'account/login'
83 assert_redirected_to 'account/login'
80 assert !User.find_by_login('newuser').active?
84 assert !User.find_by_login('newuser').active?
81 end
85 end
82
86
83 def test_register_with_email_activation
87 def test_register_with_email_activation
84 Setting.self_registration = '1'
88 Setting.self_registration = '1'
85 Token.delete_all
89 Token.delete_all
86
90
87 post 'account/register', :user => {:login => "newuser", :language => "en", :firstname => "New", :lastname => "User", :mail => "newuser@foo.bar"},
91 post 'account/register', :user => {:login => "newuser", :language => "en", :firstname => "New", :lastname => "User", :mail => "newuser@foo.bar"},
88 :password => "newpass", :password_confirmation => "newpass"
92 :password => "newpass", :password_confirmation => "newpass"
89 assert_redirected_to 'account/login'
93 assert_redirected_to 'account/login'
90 assert !User.find_by_login('newuser').active?
94 assert !User.find_by_login('newuser').active?
91
95
92 token = Token.find(:first)
96 token = Token.find(:first)
93 assert_equal 'register', token.action
97 assert_equal 'register', token.action
94 assert_equal 'newuser@foo.bar', token.user.mail
98 assert_equal 'newuser@foo.bar', token.user.mail
95 assert !token.expired?
99 assert !token.expired?
96
100
97 get 'account/activate', :token => token.value
101 get 'account/activate', :token => token.value
98 assert_redirected_to 'account/login'
102 assert_redirected_to 'account/login'
99 log_user('newuser', 'newpass')
103 log_user('newuser', 'newpass')
100 end
104 end
101 end
105 end
General Comments 0
You need to be logged in to leave comments. Login now