Class: AccountController

Inherits:
ApplicationController show all
Includes:
CustomFieldsHelper
Defined in:
app/controllers/account_controller.rb

Overview

– copyright ChiliProject is a project management system.

Copyright (C) 2010-2013 the ChiliProject Team

This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.

See doc/COPYRIGHT.rdoc for more details. ++

Instance Method Summary collapse

Methods included from CustomFieldsHelper

#custom_field_formats_for_select, #custom_field_label_tag, #custom_field_tag, #custom_field_tag_for_bulk_edit, #custom_field_tag_with_label, #custom_fields_tabs, #format_value, #render_api_custom_values, #show_value

Methods included from Redmine::MenuManager::MenuController

#current_menu_item, included, #menu_items, #redirect_to_project_menu_item

Methods included from Redmine::Search::Controller

#default_search_scope, #default_search_scopes, included

Methods included from Redmine::I18n

#current_language, #day_name, #find_language, #format_date, #format_time, included, #l, #l_hours, #l_or_humanize, #ll, #month_name, #set_language_if_valid, #valid_languages

Instance Method Details

#activateObject

Token based account activation


110
111
112
113
114
115
116
117
118
119
120
121
122
# File 'app/controllers/account_controller.rb', line 110

def activate
  redirect_to(home_url) && return unless Setting.self_registration? && params[:token]
  token = Token.find_by_action_and_value('register', params[:token].to_s)
  redirect_to(home_url) && return unless token and !token.expired?
  user = token.user
  redirect_to(home_url) && return unless user.registered?
  user.activate
  if user.save
    token.destroy
    flash[:notice] = l(:notice_account_activated)
  end
  redirect_to :action => 'login'
end

#loginObject

Login request and validation


22
23
24
25
26
27
28
# File 'app/controllers/account_controller.rb', line 22

def 
  if User.current.logged?
    redirect_to home_url
  elsif request.post?
    authenticate_user
  end
end

#logoutObject

Log out current user and redirect to welcome page


31
32
33
34
# File 'app/controllers/account_controller.rb', line 31

def logout
  logout_user
  redirect_to home_url
end

#lost_passwordObject

Enable user to choose a new password


37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
# File 'app/controllers/account_controller.rb', line 37

def lost_password
  redirect_to(home_url) && return unless Setting.lost_password?
  if params[:token]
    @token = Token.find_by_action_and_value("recovery", params[:token].to_s)
    redirect_to(home_url) && return unless @token and !@token.expired?
    @user = @token.user
    if request.post?
      @user.password, @user.password_confirmation = params[:new_password], params[:new_password_confirmation]
      if @user.save
        @token.destroy
        flash[:notice] = l(:notice_account_password_updated)
        redirect_to :action => 'login'
        return
      end
    end
    render :template => "account/password_recovery"
    return
  else
    if request.post?
      user = User.find_by_mail(params[:mail].to_s)
      # user not found in db
      (flash.now[:error] = l(:notice_account_unknown_email); return) unless user
      # user uses an external authentification
      (flash.now[:error] = l(:notice_can_t_change_password); return) if user.auth_source_id
      # create a new token for password recovery
      token = Token.new(:user => user, :action => "recovery")
      if token.save
        Mailer.deliver_lost_password(token)
        flash[:notice] = l(:notice_account_lost_email_sent)
        redirect_to :action => 'login', :back_url => home_url
        return
      end
    end
  end
end

#registerObject

User self-registration


74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
# File 'app/controllers/account_controller.rb', line 74

def register
  redirect_to(home_url) && return unless Setting.self_registration? || session[:auth_source_registration]
  if request.get?
    session[:auth_source_registration] = nil
    @user = User.new(:language => Setting.default_language)
  else
    @user = User.new(params[:user])
    @user.admin = false
    @user.register
    if session[:auth_source_registration]
      @user.activate
      @user. = session[:auth_source_registration][:login]
      @user.auth_source_id = session[:auth_source_registration][:auth_source_id]
      if @user.save
        session[:auth_source_registration] = nil
        self.logged_user = @user
        flash[:notice] = l(:notice_account_activated)
        redirect_to :controller => 'my', :action => 'account'
      end
    else
      @user. = params[:user][:login]
      @user.password, @user.password_confirmation = params[:password], params[:password_confirmation]

      case Setting.self_registration
      when '1'
        register_by_email_activation(@user)
      when '3'
        register_automatically(@user)
      else
        register_manually_by_administrator(@user)
      end
    end
  end
end