X-Git-Url: https://git.openstreetmap.org/rails.git/blobdiff_plain/8eef66cee2837ce5df84906dbcbf4c5a8df3bea2..151626d019fde352cd771aafd4847d4ef63e36e9:/app/controllers/user_controller.rb

diff --git a/app/controllers/user_controller.rb b/app/controllers/user_controller.rb
index 1d86c0524..c0f440b10 100644
--- a/app/controllers/user_controller.rb
+++ b/app/controllers/user_controller.rb
@@ -7,8 +7,8 @@ class UserController < ApplicationController
   before_filter :authorize_web, :except => [:api_details, :api_gpx_files]
   before_filter :set_locale, :except => [:api_details, :api_gpx_files]
   before_filter :require_user, :only => [:account, :go_public, :make_friend, :remove_friend]
-  before_filter :check_database_readable, :except => [:api_details, :api_gpx_files]
-  before_filter :check_database_writable, :only => [:login, :new, :account, :go_public, :make_friend, :remove_friend]
+  before_filter :check_database_readable, :except => [:login, :api_details, :api_gpx_files]
+  before_filter :check_database_writable, :only => [:new, :account, :confirm, :confirm_email, :go_public, :make_friend, :remove_friend]
   before_filter :check_api_readable, :only => [:api_details, :api_gpx_files]
   before_filter :require_allow_read_prefs, :only => [:api_details]
   before_filter :require_allow_read_gpx, :only => [:api_gpx_files]
@@ -38,7 +38,7 @@ class UserController < ApplicationController
       else
         render :action => 'terms'
       end
-    elsif params[:user] and Acl.match(request.remote_ip, params[:user][:email].split("@").last).where(:k => "no_account_creation").exists?
+    elsif params[:user] and Acl.no_account_creation(request.remote_ip, params[:user][:email].split("@").last)
       render :action => 'blocked'
     else
       session[:referer] = params[:referer]
@@ -112,7 +112,7 @@ class UserController < ApplicationController
       else
         redirect_to :action => :account, :display_name => @user.display_name
       end
-    elsif Acl.match(request.remote_ip, params[:user][:email].split("@").last).where(:k => "no_account_creation").exists?
+    elsif Acl.no_account_creation(request.remote_ip, params[:user][:email].split("@").last)
       render :action => 'blocked'
     else
       @user = User.new(params[:user])
@@ -151,7 +151,11 @@ class UserController < ApplicationController
         @user.pass_crypt_confirmation = params[:user][:pass_crypt_confirmation]
       end
 
-      @user.description = params[:user][:description]
+      if params[:user][:description] != @user.description
+        @user.description = params[:user][:description]
+        @user.description_format = "markdown"
+      end
+
       @user.languages = params[:user][:languages].split(",")
 
       case params[:image_action]
@@ -271,7 +275,7 @@ class UserController < ApplicationController
                        :openid_url => params[:openid])
 
       flash.now[:notice] = t 'user.new.openid association'
-    elsif Acl.match(request.remote_ip).where(:k => "no_account_creation").exists?
+    elsif Acl.no_account_creation(request.remote_ip)
       render :action => 'blocked'
     end
   end
@@ -419,9 +423,7 @@ class UserController < ApplicationController
        (@this_user.visible? or (@user and @user.administrator?))
       @title = @this_user.display_name
     else
-      @title = t 'user.no_such_user.title'
-      @not_found_user = params[:display_name]
-      render :action => 'no_such_user', :status => :not_found
+      render_unknown_user params[:display_name]
     end
   end
 
@@ -473,7 +475,8 @@ class UserController < ApplicationController
   ##
   # sets a user's status
   def set_status
-    @this_user.update_attributes(:status => params[:status])
+    @this_user.status = params[:status]
+    @this_user.save
     redirect_to :controller => 'user', :action => 'view', :display_name => params[:display_name]
   end
 
@@ -624,7 +627,7 @@ private
     cookies.permanent["_osm_username"] = user.display_name
 
     session[:user] = user.id
-    session_expires_after 1.month if session[:remember_me]
+    session_expires_after 28.days if session[:remember_me]
 
     target = session[:referer] || url_for(:controller => :site, :action => :index)
 
@@ -663,6 +666,8 @@ private
     if user.save
       set_locale
 
+      cookies.permanent["_osm_username"] = user.display_name
+
       if user.new_email.blank?
         flash.now[:notice] = t 'user.account.flash update success'
       else
@@ -715,7 +720,7 @@ private
   # Choose the layout to use. See
   # https://rails.lighthouseapp.com/projects/8994/tickets/5371-layout-with-onlyexcept-options-makes-other-actions-render-without-layouts
   def choose_layout
-    oauth_url = url_for(:controller => :oauth, :action => :oauthorize, :only_path => true)
+    oauth_url = url_for(:controller => :oauth, :action => :authorize, :only_path => true)
 
     if [ 'api_details' ].include? action_name
       nil