Redirect suspended users to an information page

If the current session is for a logged in user and that user has
been suspended then log them out and redirect them to a page
explaining that their account has been suspended.

diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index eebc9eb2826f8c86a72932997b2dce9773f4072e..a53fb5374b06d02415ff8c0285590388e344398a 100644 (file)
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -8,7 +8,14 @@ class ApplicationController < ActionController::Base
 
   def authorize_web
     if session[:user]
 
   def authorize_web
     if session[:user]

-      @user = User.find(session[:user], :conditions => {:status => ["active", "confirmed"]})
+      @user = User.find(session[:user], :conditions => {:status => ["active", "confirmed", "suspended"]})
+
+      if @user.status == "suspended"
+        session[:user] = nil
+        session_expires_automatically
+
+        redirect_to :controller => "user", :action => "suspended"
+      end

     elsif session[:token]
       @user = User.authenticate(:token => session[:token])
       session[:user] = @user.id
     elsif session[:token]
       @user = User.authenticate(:token => session[:token])
       session[:user] = @user.id

diff --git a/app/views/user/suspended.html.erb b/app/views/user/suspended.html.erb
new file mode 100644 (file)
index 0000000..27b8dc3
--- /dev/null
+++ b/app/views/user/suspended.html.erb
@@ -0,0 +1,5 @@
+<% @title = t "user.suspended.title" %>
+
+<h1><%= t "user.suspended.heading" %></h1>
+
+<%= t "user.suspended.body", :webmaster => "webmaster@openstreetmap.org" %>

diff --git a/config/locales/en.yml b/config/locales/en.yml
index 9775416e42f204d03eeeb0416079529ab1123319..fbf8e7a0462ab620397b0f0f7133c744718234a4 100644 (file)
--- a/config/locales/en.yml
+++ b/config/locales/en.yml
@@ -1655,6 +1655,19 @@ en:
       confirm: Confirm Selected Users
       hide: Hide Selected Users
       empty: No matching users found
       confirm: Confirm Selected Users
       hide: Hide Selected Users
       empty: No matching users found

+    suspended:
+      title: Account Suspended
+      heading: Account Suspended
+      body: |
+        <p>
+          Sorry, your account has been automatically suspended due to
+          suspicious activity.
+        </p>
+        <p>
+          This decision will be reviewed by an administrator shortly, or
+          you may contact the <a href="mailto:{{webmaster}}">webmaster</a> if
+          you wish to discuss this.
+        </p>

   user_role:
     filter:
       not_an_administrator: "Only administrators can perform user role management, and you are not an administrator."
   user_role:
     filter:
       not_an_administrator: "Only administrators can perform user role management, and you are not an administrator."

diff --git a/config/routes.rb b/config/routes.rb
index b15d77e31c20f803e2025334c2517a4cd1baf86d..7e27ee19ef70714f526111597df042e94c2f4bb7 100644 (file)
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -104,6 +104,7 @@ ActionController::Routing::Routes.draw do |map|
   map.connect '/user/go_public', :controller => 'user', :action => 'go_public'
   map.connect '/user/reset-password', :controller => 'user', :action => 'reset_password'
   map.connect '/user/forgot-password', :controller => 'user', :action => 'lost_password'
   map.connect '/user/go_public', :controller => 'user', :action => 'go_public'
   map.connect '/user/reset-password', :controller => 'user', :action => 'reset_password'
   map.connect '/user/forgot-password', :controller => 'user', :action => 'lost_password'

+  map.connect '/user/suspended', :controller => 'user', :action => 'suspended'

 
   map.connect '/index.html', :controller => 'site', :action => 'index'
   map.connect '/edit.html', :controller => 'site', :action => 'edit'
 
   map.connect '/index.html', :controller => 'site', :action => 'index'
   map.connect '/edit.html', :controller => 'site', :action => 'edit'