X-Git-Url: https://git.openstreetmap.org/rails.git/blobdiff_plain/8b12abd5bb1b96567ab882a3aca0780d0e4af67a..83821816359187fa2b877a29b7ab7d9f974c17b5:/app/controllers/application_controller.rb

diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index a22bc13ed..6c19b3a52 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -15,6 +15,16 @@ class ApplicationController < ActionController::Base
         session_expires_automatically
 
         redirect_to :controller => "user", :action => "suspended"
+
+        # don't allow access to any auth-requiring part of the site unless
+        # the new CTs have been seen (and accept/decline chosen).
+      elsif !@user.terms_seen and flash[:skip_terms].nil?
+        flash[:notice] = t 'user.terms.you need to accept or decline'
+        if params[:referer]
+          redirect_to :controller => "user", :action => "terms", :referer => params[:referer]
+        else
+          redirect_to :controller => "user", :action => "terms", :referer => request.request_uri
+        end
       end
     elsif session[:token]
       @user = User.authenticate(:token => session[:token])
@@ -99,17 +109,20 @@ class ApplicationController < ActionController::Base
       end
     end
 
-    # check if the user has been banned
-    unless @user.nil? or @user.active_blocks.empty?
-      # NOTE: need slightly more helpful message than this.
-      render :text => t('application.setup_user_auth.blocked'), :status => :forbidden
-    end
-    # if the user hasn't seen the contributor terms then don't
-    # allow editing - they have to go to the web site and see
-    # (but can decline) the CTs to continue.
-    if REQUIRE_TERMS_SEEN
-      unless @user.nil? or @user.terms_seen
-        render :text => t('application.setup_user_auth.need_to_see_terms'), :status => :forbidden
+    # have we identified the user?
+    if @user
+      # check if the user has been banned
+      if not  @user.active_blocks.empty?
+        # NOTE: need slightly more helpful message than this.
+        report_error t('application.setup_user_auth.blocked'), :forbidden
+      end
+
+      # if the user hasn't seen the contributor terms then don't
+      # allow editing - they have to go to the web site and see
+      # (but can decline) the CTs to continue.
+      if REQUIRE_TERMS_SEEN and not @user.terms_seen and flash[:skip_terms].nil?
+        set_locale
+        report_error t('application.setup_user_auth.need_to_see_terms'), :forbidden
       end
     end
   end
@@ -197,6 +210,24 @@ class ApplicationController < ActionController::Base
       end
     end
 
+    if request.compatible_language_from(I18n.available_locales).nil?
+      request.user_preferred_languages = request.user_preferred_languages.collect do |pl|
+        pls = [ pl ]
+
+        while pl.match(/^(.*)-[^-]+$/)
+          pls.push($1) if I18n.available_locales.include?($1.to_sym)
+          pl = $1
+        end
+
+        pls
+      end.flatten
+
+      if @user and not request.compatible_language_from(I18n.available_locales).nil?
+        @user.languages = request.user_preferred_languages
+        @user.save        
+      end
+    end
+
     I18n.locale = request.compatible_language_from(I18n.available_locales)
 
     response.headers['Content-Language'] = I18n.locale.to_s