before_filter :check_database_readable, :except => [:api_details, :api_gpx_files]
before_filter :check_database_writable, :only => [:login, :new, :set_home, :account, :go_public, :make_friend, :remove_friend, :upload_image, :delete_image]
before_filter :check_api_readable, :only => [:api_details, :api_gpx_files]
+ before_filter :require_allow_read_prefs, :only => [:api_details]
+ before_filter :require_allow_read_gpx, :only => [:api_gpx_files]
filter_parameter_logging :password, :pass_crypt, :pass_crypt_confirmation
def account
@title = t 'user.account.title'
+ @tokens = @user.oauth_tokens.find :all, :conditions => 'oauth_tokens.invalidated_at is null and oauth_tokens.authorized_at is not null'
if params[:user] and params[:user][:display_name] and params[:user][:description]
if params[:user][:email] != @user.email
if user
token = user.tokens.create
Notifier.deliver_lost_password(user, token)
-- flash[:notice] = t 'user.lost_password.notice email on way'
++ @notice = t 'user.lost_password.notice email on way'
else
-- flash[:notice] = t 'user.lost_password.notice email cannot find'
++ @notice = t 'user.lost_password.notice email cannot find'
end
end
end
def reset_password
@title = t 'user.reset_password.title'
-- if params['token']
++ if params[:token]
token = UserToken.find_by_token(params[:token])
++
if token
-- pass = OSM::make_token(8)
-- user = token.user
-- user.pass_crypt = pass
-- user.pass_crypt_confirmation = pass
-- user.active = true
-- user.email_valid = true
-- user.save!
-- token.destroy
-- Notifier.deliver_reset_password(user, pass)
-- flash[:notice] = t 'user.reset_password.flash changed check mail'
++ if params[:user]
++ @user = token.user
++ @user.pass_crypt = params[:user][:pass_crypt]
++ @user.pass_crypt_confirmation = params[:user][:pass_crypt_confirmation]
++ @user.active = true
++ @user.email_valid = true
++
++ if @user.save
++ token.destroy
++ flash[:notice] = t 'user.reset_password.flash changed'
++ redirect_to :action => 'login'
++ end
++ end
else
flash[:notice] = t 'user.reset_password.flash token bad'
++ redirect_to :action => 'lost_password'
end
end
--
-- redirect_to :action => 'login'
end
def new
subject I18n.t('notifier.lost_password.subject')
body :url => url_for(:host => SERVER_URL,
:controller => "user", :action => "reset_password",
-- :email => user.email, :token => token.token)
-- end
--
-- def reset_password(user, pass)
-- common_headers user
-- subject I18n.t('notifier.reset_password.subject')
-- body :pass => pass
++ :token => token.token)
end
def gpx_success(trace, possible_points)
has_many :traces, :conditions => { :visible => true }
has_many :diary_entries, :order => 'created_at DESC'
has_many :messages, :foreign_key => :to_user_id, :conditions => { :to_user_visible => true }, :order => 'sent_on DESC'
- has_many :new_messages, :class_name => "Message", :foreign_key => :to_user_id, :conditions => { :message_read => false }, :order => 'sent_on DESC'
+ has_many :new_messages, :class_name => "Message", :foreign_key => :to_user_id, :conditions => { :to_user_visible => true, :message_read => false }, :order => 'sent_on DESC'
has_many :sent_messages, :class_name => "Message", :foreign_key => :from_user_id, :conditions => { :from_user_visible => true }, :order => 'sent_on DESC'
has_many :friends, :include => :befriendee, :conditions => ["users.visible = ?", true]
has_many :tokens, :class_name => "UserToken"
has_many :preferences, :class_name => "UserPreference"
has_many :changesets
+ has_many :client_applications
+ has_many :oauth_tokens, :class_name => "OauthToken", :order => "authorized_at desc", :include => [:client_application]
+
validates_presence_of :email, :display_name
validates_confirmation_of :email#, :message => ' addresses must match'
validates_confirmation_of :pass_crypt#, :message => ' must match the confirmation password'
+++ /dev/null
--<p><%= t 'notifier.reset_password_html.greeting' %></p>
--
--<p><%= t 'notifier.reset_password_html.reset', :new_password => @pass %></p>
+++ /dev/null
--<%= t 'notifier.reset_password_plain.greeting' %>
--
--<%= t 'notifier.reset_password_plain.reset', :new_password => @pass %>
--- /dev/null
--- /dev/null
++<h1><%= t 'user.reset_password.heading' %></h1>
++
++<%= error_messages_for :user %>
++
++<% form_tag do %>
++<%= hidden_field_tag(:token, params[:token]) %>
++<table id="loginForm">
++ <tr><td class="fieldName"><%= t 'user.reset_password.password' %></td><td><%= password_field(:user, :pass_crypt,{:size => 30, :maxlength => 255, :tabindex => 4}) %></td></tr>
++ <tr><td class="fieldName"><%= t 'user.reset_password.confirm password' %></td><td><%= password_field(:user, :pass_crypt_confirmation,{:size => 30, :maxlength => 255, :tabindex => 5}) %></td></tr>
++
++ <tr><td colspan=2> <!--vertical spacer--></td></tr>
++ <tr><td></td><td align=right><input type="submit" value="<%= t'user.reset_password.reset' %>" tabindex="6"></td></tr>
++</table>
++<% end %>
showing_page: "Seite"
of: "von"
changeset:
+ id: "#{{id}}"
still_editing: "(in Bearbeitung)"
anonymous: "Anonym"
no_comment: "(kein Kommentar)"
area: "Bereich"
list:
title: "Changesets"
+ title_user: "Changesets von {{user}}"
+ title_bbox: "Changesets in {{bbox}}"
+ title_user_bbox: "Changesets von {{user}} in {{bbox}}"
+
+ heading: "Changesets"
+ heading_user: "Changesets"
+ heading_bbox: "Changesets"
+ heading_user_bbox: "Changesets"
+
description: "Letzte Änderungen"
description_user: "Letzte Änderungen von {{user}}"
description_bbox: "Letzte Änderungen in {{bbox}}"
scheduled_for_deletion: "Für Löschung vorgesehener Track"
make_public:
made_public: "veröffentlichter Track"
+ oauth:
+ client_application:
+ request_access: "Die Anwendung {{app_name}} möchte auf Deinen OpenStreetMap-Account zugreifen. Bitte entscheide, ob Du der Anwendung die folgenden Rechte gewähren möchtest. Du kannst alle oder einige der folgenden Rechte gewähren:"
+ allow_to: "Erlaube der Anwendung:"
+ allow_read_prefs: "Deine Benutzereinstellungen zu lesen"
+ allow_write_prefs: "Deine Benutzereinstellungen zu verändern"
+ allow_write_diary: "Blog-Einträge und Kommentare zu schreiben und Freunde einzutragen"
+ allow_write_api: "Die OSM-Datenbank zu ändern"
+ allow_read_gpx: "Deine privaten GPS-Tracks auszulesen"
+ allow_write_gpx: "GPS-Tracks hochzuladen"
+ token:
+ none: "Du hast bislang keinen Anwendungen Zugriff auf Deinen Account gewährt. Du musst jetzt nichts unternehmen, denn die Anwendungen werden Dich dazu auffordern, wenn es nötig ist. Zu einem späteren Zeitpunkt kannst Du in diesem Menü sehen, welche Anwendungen Zugriff erhalten haben, und kannst diese Erlaubnis hier auch widerrufen."
+ application: "Anwendung"
+ issued: "Zugriff gewährt"
+ revoke: "widerrufen"
user:
login:
title: "Anmelden"
title_user_bbox: "Changesets by {{user}} within {{bbox}}"
heading: "Changesets"
- heading_user: "Changesets by {{user}}"
- heading_bbox: "Changesets within {{bbox}}"
- heading_user_bbox: "Changesets by {{user}} within {{bbox}}"
+ heading_user: "Changesets"
+ heading_bbox: "Changesets"
+ heading_user_bbox: "Changesets"
description: "Recent changes"
description_user: "Changesets by {{user}}"
greeting: "Hi,"
hopefully_you: "Someone (possibly you) has asked for the password to be reset on this email address's openstreetmap.org account."
click_the_link: "If this is you, please click the link below to reset your password."
-- reset_password:
-- subject: "[OpenStreetMap] Password reset"
-- reset_password_plain:
-- greeting: "Hi,"
-- reset: "Your password has been reset to {{new_password}}"
-- reset_password_html:
-- greeting: "Hi,"
-- reset: "Your password has been reset to {{new_password}}"
message:
inbox:
title: "Inbox"
scheduled_for_deletion: "Track scheduled for deletion"
make_public:
made_public: "Track made public"
+ oauth:
+ client_application:
+ request_access: "The application {{app_name}} is requesting access to your account. Please check whether you would like the application to have the following capabilities. You may choose as many or as few as you like."
+ allow_to: "Allow the client application to:"
+ allow_read_prefs: "read your user preferences."
+ allow_write_prefs: "modify your user preferences."
+ allow_write_diary: "create diary entries, comments and make friends."
+ allow_write_api: "modify the map."
+ allow_read_gpx: "read your private GPS traces."
+ allow_write_gpx: "upload GPS traces."
+ new:
+ title: "Register a new application"
+ submit: "Register"
+ edit:
+ title: "Edit your application"
+ submit: "Edit"
+ show:
+ title: "OAuth details for {{app_name}}"
+ key: "Consumer Key:"
+ secret: "Consumer Secret:"
+ url: "Request Token URL:"
+ access_url: "Access Token URL:"
+ authorize_url: "Authorise URL:"
+ support_notice: "We support hmac-sha1 (recommended) as well as plain text in ssl mode."
+ edit: "Edit Details"
+ requests: "Requesting the following permissions from the user:"
+ allow_read_prefs: "read their user preferences."
+ allow_write_prefs: "modify their user preferences."
+ allow_write_diary: "create diary entries, comments and make friends."
+ allow_write_api: "modify the map."
+ allow_read_gpx: "read their private GPS traces."
+ allow_write_gpx: "upload GPS traces."
+ index:
+ title: "My OAuth Details"
+ my_tokens: "My Authorised Applications"
+ list_tokens: "The following tokens have been issued to applications in your name:"
+ application: "Application Name"
+ issued_at: "Issued At"
+ revoke: "Revoke!"
+ my_apps: "My Client Applications"
+ no_apps: "Do you have an application you would like to register for use with us using the {{oauth}} standard? You must register your web application before it can make OAuth requests to this service."
+ registered_apps: "You have the following client applications registered:"
+ register_new: "Register your application"
+ form:
+ name: "Name"
+ required: "Required"
+ url: "Main Application URL"
+ callback_url: "Callback URL"
+ support_url: "Support URL"
+ requests: "Request the following permissions from the user:"
+ allow_read_prefs: "read their user preferences."
+ allow_write_prefs: "modify their user preferences."
+ allow_write_diary: "create diary entries, comments and make friends."
+ allow_write_api: "modify the map."
+ allow_read_gpx: "read their private GPS traces."
+ allow_write_gpx: "upload GPS traces."
user:
login:
title: "Login"
account not active: "Sorry, your account is not active yet.<br>Please click on the link in the account confirmation email to activate your account."
auth failure: "Sorry, couldn't log in with those details."
lost_password:
-- title: "lost password"
++ title: "Lost password"
heading: "Forgotten Password?"
email address: "Email Address:"
new password button: "Send me a new password"
notice email on way: "Sorry you lost it :-( but an email is on its way so you can reset it soon."
notice email cannot find: "Couldn't find that email address, sorry."
reset_password:
-- title: "reset password"
-- flash changed check mail: "Your password has been changed and is on its way to your mailbox :-)"
++ title: "Reset password"
++ heading: "Reset Password"
++ password: "Password: "
++ confirm password: "Confirm Password: "
++ reset: "Reset Password"
++ flash changed: "Your password has been changed."
flash token bad: "Didn't find that token, check the URL maybe?"
new:
title: "Create account"
nearby users: "Nearby users: "
no nearby users: "There are no users who admit to mapping nearby yet."
change your settings: change your settings
+ my_oauth_details: "View my OAuth details"
friend_map:
your location: Your location
nearby mapper: "Nearby mapper: "
--- /dev/null
--- /dev/null
++class AddMessageSenderIndex < ActiveRecord::Migration
++ def self.up
++ add_index :messages, [:from_user_id], :name=> "messages_from_user_id_idx"
++ end
++
++ def self.down
++ drop_index :messages, :name=> "messages_from_user_id_idx"
++ end
++end
--- /dev/null
+class CreateOauthTables < ActiveRecord::Migration
+ def self.up
+ create_table :client_applications do |t|
+ t.string :name
+ t.string :url
+ t.string :support_url
+ t.string :callback_url
+ t.string :key, :limit => 50
+ t.string :secret, :limit => 50
+ t.integer :user_id
+
+ t.timestamps
+ end
+ add_index :client_applications, :key, :unique => true
+
+ create_table :oauth_tokens do |t|
+ t.integer :user_id
+ t.string :type, :limit => 20
+ t.integer :client_application_id
+ t.string :token, :limit => 50
+ t.string :secret, :limit => 50
+ t.timestamp :authorized_at, :invalidated_at
+ t.timestamps
+ end
+
+ add_index :oauth_tokens, :token, :unique => true
+
+ create_table :oauth_nonces do |t|
+ t.string :nonce
+ t.integer :timestamp
+
+ t.timestamps
+ end
+ add_index :oauth_nonces, [:nonce, :timestamp], :unique => true
+
+ end
+
+ def self.down
+ drop_table :client_applications
+ drop_table :oauth_tokens
+ drop_table :oauth_nonces
+ end
+
+end
--- /dev/null
+class AddFineOAuthPermissions < ActiveRecord::Migration
+ PERMISSIONS = [:allow_read_prefs, :allow_write_prefs, :allow_write_diary,
+ :allow_write_api, :allow_read_gpx, :allow_write_gpx ]
+
+ def self.up
+ PERMISSIONS.each do |perm|
+ # add fine-grained permissions columns for OAuth tokens, allowing people to
+ # give permissions to parts of the site only.
+ add_column :oauth_tokens, perm, :boolean, :null => false, :default => false
+
+ # add fine-grained permissions columns for client applications, allowing the
+ # client applications to request particular privileges.
+ add_column :client_applications, perm, :boolean, :null => false, :default => false
+ end
+ end
+
+ def self.down
+ PERMISSIONS.each do |perm|
+ remove_column :oauth_tokens, perm
+ remove_column :client_applications, perm
+ end
+ end
+end
--- /dev/null
+require 'lib/migrate'
+
+class AddForeignKeysToOauthTables < ActiveRecord::Migration
+ def self.up
+ add_foreign_key :oauth_tokens, [:user_id], :users, [:id]
+ add_foreign_key :oauth_tokens, [:client_application_id], :client_applications, [:id]
+ add_foreign_key :client_applications, [:user_id], :users, [:id]
+ end
+
+ def self.down
+ remove_foreign_key :oauth_tokens, [:user_id], :users
+ remove_foreign_key :oauth_tokens, [:client_application_id], :client_applications
+ remove_foreign_key :client_applications, [:user_id], :users
+ end
+end
projects / rails.git / commitdiff