Class: AccountController

Inherits:
ApplicationController show all
Includes:
CustomFieldsHelper
Defined in:
app/controllers/account_controller.rb

Overview

Redmine - project management software Copyright (C) 2006-2008 Jean-Philippe Lang

This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.

Instance Method Summary (collapse)

Methods included from CustomFieldsHelper

#custom_field_formats_for_select, #custom_field_label_tag, #custom_field_tag, #custom_field_tag_with_label, #custom_fields_tabs, #format_value, #show_value

Methods inherited from ApplicationController

accept_key_auth, #accept_key_auth_actions, #attach_files, #authorize, #check_if_login_required, #check_project_privacy, #current_role, #deny_access, #filename_for_content_disposition, #find_current_user, #logged_user=, #parse_qvalues, #per_page_option, #redirect_back_or_default, #render_403, #render_404, #render_error, #render_feed, #require_admin, #require_login, #set_localization, #user_setup

Methods included from Redmine::MenuManager::MenuController

#current_menu_item, included, #menu_items, #redirect_to_project_menu_item

Methods included from Redmine::I18n

#current_language, #day_name, #find_language, #format_date, #format_time, included, #l, #l_hours, #l_or_humanize, #ll, #month_name, #set_language_if_valid, #valid_languages

Instance Method Details

- (Object) activate

Token based account activation



139
140
141
142
143
144
145
146
147
148
149
150
151
 
# File 'app/controllers/account_controller.rb', line 139

def activate
  redirect_to(home_url) && return unless Setting.self_registration? && params[:token]
  token = Token.find_by_action_and_value('register', params[:token])
  redirect_to(home_url) && return unless token and !token.expired?
  user = token.user
  redirect_to(home_url) && return unless user.status == User::STATUS_REGISTERED
  user.status = User::STATUS_ACTIVE
  if user.save
    token.destroy
    flash[:notice] = l(:notice_account_activated)
  end
  redirect_to :action => 'login'
end

- (Object) login

Login request and validation



43
44
45
46
47
48
49
50
51
52
53
54
55
 
# File 'app/controllers/account_controller.rb', line 43

def 
  if request.get?
    # Logout user
    self.logged_user = nil
  else
    # Authenticate user
    if Setting.openid? && using_open_id?
      open_id_authenticate(params[:openid_url])
    else
      password_authentication
    end
  end
end

- (Object) logout

Log out current user and redirect to welcome page



58
59
60
61
62
63
 
# File 'app/controllers/account_controller.rb', line 58

def logout
  cookies.delete :autologin
  Token.delete_all(["user_id = ? AND action = ?", User.current.id, 'autologin']) if User.current.logged?
  self.logged_user = nil
  redirect_to home_url
end

- (Object) lost_password

Enable user to choose a new password



66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
 
# File 'app/controllers/account_controller.rb', line 66

def lost_password
  redirect_to(home_url) && return unless Setting.lost_password?
  if params[:token]
    @token = Token.find_by_action_and_value("recovery", params[:token])
    redirect_to(home_url) && return unless @token and !@token.expired?
    @user = @token.user
    if request.post?
      @user.password, @user.password_confirmation = params[:new_password], params[:new_password_confirmation]
      if @user.save
        @token.destroy
        flash[:notice] = l(:notice_account_password_updated)
        redirect_to :action => 'login'
        return
      end 
    end
    render :template => "account/password_recovery"
    return
  else
    if request.post?
      user = User.find_by_mail(params[:mail])
      # user not found in db
      flash.now[:error] = l(:notice_account_unknown_email) and return unless user
      # user uses an external authentification
      flash.now[:error] = l(:notice_can_t_change_password) and return if user.auth_source_id
      # create a new token for password recovery
      token = Token.new(:user => user, :action => "recovery")
      if token.save
        Mailer.deliver_lost_password(token)
        flash[:notice] = l(:notice_account_lost_email_sent)
        redirect_to :action => 'login'
        return
      end
    end
  end
end

- (Object) register

User self-registration



103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
 
# File 'app/controllers/account_controller.rb', line 103

def register
  redirect_to(home_url) && return unless Setting.self_registration? || session[:auth_source_registration]
  if request.get?
    session[:auth_source_registration] = nil
    @user = User.new(:language => Setting.default_language)
  else
    @user = User.new(params[:user])
    @user.admin = false
    @user.status = User::STATUS_REGISTERED
    if session[:auth_source_registration]
      @user.status = User::STATUS_ACTIVE
      @user. = session[:auth_source_registration][:login]
      @user.auth_source_id = session[:auth_source_registration][:auth_source_id]
      if @user.save
        session[:auth_source_registration] = nil
        self.logged_user = @user
        flash[:notice] = l(:notice_account_activated)
        redirect_to :controller => 'my', :action => 'account'
      end
    else
      @user. = params[:user][:login]
      @user.password, @user.password_confirmation = params[:password], params[:password_confirmation]

      case Setting.self_registration
      when '1'
        register_by_email_activation(@user)
      when '3'
        register_automatically(@user)
      else
        register_manually_by_administrator(@user)
      end
    end
  end
end

- (Object) show

Show user's account



26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
 
# File 'app/controllers/account_controller.rb', line 26

def show
  @user = User.active.find(params[:id])
  @custom_values = @user.custom_values
  
  # show only public projects and private projects that the logged in user is also a member of
  @memberships = @user.memberships.select do |membership|
    membership.project.is_public? || (User.current.member_of?(membership.project))
  end
  
  events = Redmine::Activity::Fetcher.new(User.current, :author => @user).events(nil, nil, :limit => 10)
  @events_by_day = events.group_by(&:event_date)
  
rescue ActiveRecord::RecordNotFound
  render_404
end