From: Tom Hughes Date: Mon, 6 Sep 2010 11:49:10 +0000 (+0100) Subject: Merge branch 'master' into openid X-Git-Tag: live~6301 X-Git-Url: https://git.openstreetmap.org/rails.git/commitdiff_plain/dd7ef37ec023646120358a0a6a7959a392b79f1c?hp=-c Merge branch 'master' into openid Conflicts: app/controllers/user_controller.rb app/views/user/terms.html.erb config/locales/en.yml --- dd7ef37ec023646120358a0a6a7959a392b79f1c diff --combined app/controllers/user_controller.rb index aae059252,b9cca0cf6..cc4ae4cd8 --- a/app/controllers/user_controller.rb +++ b/app/controllers/user_controller.rb @@@ -16,56 -16,28 +16,58 @@@ class UserController < ApplicationContr filter_parameter_logging :password, :pass_crypt, :pass_crypt_confirmation - cache_sweeper :user_sweeper, :only => [:account, :set_status, :delete], :unless => OSM_STATUS == :database_offline + cache_sweeper :user_sweeper, :only => [:account, :set_status, :delete], :unless => STATUS == :database_offline def terms - @title = t 'user.new.title' - @legale = params[:legale] || OSM.IPToCountry(request.remote_ip) || APP_CONFIG['default_legale'] + @legale = params[:legale] || OSM.IPToCountry(request.remote_ip) || DEFAULT_LEGALE @text = OSM.legal_text_for_country(@legale) if request.xhr? render :update do |page| - page.replace_html "contributorTerms", :partial => "terms" + page.replace_html "contributorTerms", :partial => "terms", :locals => { :has_decline => params[:has_decline] } + end ++ elsif using_open_id? ++ # The redirect from the OpenID provider reenters here ++ # again and we need to pass the parameters through to ++ # the open_id_authentication function ++ @user = session.delete(:new_user) ++ ++ openid_verify(nil, @user) do |user| + end - elsif params[:user] ++ ++ if @user.openid_url.nil? or @user.invalid? ++ render :action => 'new' ++ else ++ render :action => 'terms' ++ end + else + session[:referer] = params[:referer] + - @user = User.new(params[:user]) + @title = t 'user.terms.title' + @user = User.new(params[:user]) if params[:user] + if params[:user][:openid_url] and @user.pass_crypt.empty? + # We are creating an account with OpenID and no password + # was specified so create a random one + @user.pass_crypt = ActiveSupport::SecureRandom.base64(16) + @user.pass_crypt_confirmation = @user.pass_crypt + end + - if @user.valid? - if params[:user][:openid_url].nil? or - params[:user][:openid_url].empty? - # No OpenID so just move on to the terms - render :action => 'terms' - else + if @user + if @user.invalid? ++ # Something is wrong, so rerender the form + render :action => :new + elsif @user.terms_agreed? ++ # Already agreed to terms, so just show settings + redirect_to :action => :account, :display_name => @user.display_name ++ elsif params[:user][:openid_url] + # Verify OpenID before moving on + session[:new_user] = @user + openid_verify(params[:user][:openid_url], @user) end else - # Something is wrong, so rerender the form - render :action => 'new' - end - elsif using_open_id? - # The redirect from the OpenID provider reenters here - # again and we need to pass the parameters through to - # the open_id_authentication function - @user = session.delete(:new_user) - - openid_verify(nil, @user) do |user| - end - - if @user.openid_url.nil? or @user.invalid? - render :action => 'new' - else - render :action => 'terms' ++ # Not logged in, so redirect to the login page + redirect_to :action => :login, :referer => request.request_uri end end end @@@ -77,6 -49,16 +79,16 @@@ render :action => 'new' elsif params[:decline] redirect_to t('user.terms.declined') + elsif @user + if !@user.terms_agreed? + @user.consider_pd = params[:user][:consider_pd] + @user.terms_agreed = Time.now.getutc + if @user.save + flash[:notice] = t 'user.new.terms accepted' + end + end + + redirect_to :action => :account, :display_name => @user.display_name else @user = User.new(params[:user]) @@@ -89,7 -71,7 +101,7 @@@ if @user.save flash[:notice] = t 'user.new.flash create success message' - Notifier.deliver_signup_confirm(@user, @user.tokens.create(:referer => params[:referer])) + Notifier.deliver_signup_confirm(@user, @user.tokens.create(:referer => session.delete(:referer))) redirect_to :action => 'login' else render :action => 'new' @@@ -121,25 -103,29 +133,25 @@@ @user.home_lat = params[:user][:home_lat] @user.home_lon = params[:user][:home_lon] - if @user.save - set_locale + @user.openid_url = nil if params[:user][:openid_url].empty? - if @user.new_email.nil? or @user.new_email.empty? - flash[:notice] = t 'user.account.flash update success' - else - flash[:notice] = t 'user.account.flash update success confirm needed' - - begin - Notifier.deliver_email_confirm(@user, @user.tokens.create) - rescue - # Ignore errors sending email - end - end - - redirect_to :action => "account", :display_name => @user.display_name + if params[:user][:openid_url].length > 0 and + params[:user][:openid_url] != @user.openid_url + # If the OpenID has changed, we want to check that it is a + # valid OpenID and one the user has control over before saving + # it as a password equivalent for the user. + session[:new_user] = @user + openid_verify(params[:user][:openid_url], @user) + else + update_user(@user) end - else - if flash[:errors] - flash[:errors].each do |attr,msg| - attr = "new_email" if attr == "email" - @user.errors.add(attr,msg) - end + elsif using_open_id? + # The redirect from the OpenID provider reenters here + # again and we need to pass the parameters through to + # the open_id_authentication function + @user = session.delete(:new_user) + openid_verify(nil, @user) do |user| + update_user(user) end end end @@@ -198,29 -184,44 +210,29 @@@ def new @title = t 'user.new.title' - - # The user is logged in already, so don't show them the signup - # page, instead send them to the home page - redirect_to :controller => 'site', :action => 'index' if session[:user] + @referer = params[:referer] || session[:referer] + + if session[:user] + # The user is logged in already, so don't show them the signup + # page, instead send them to the home page + redirect_to :controller => 'site', :action => 'index' + elsif not params['openid'].nil? + flash.now[:notice] = t 'user.new.openid association' + end end def login - @title = t 'user.login.title' - - if params[:user] - email_or_display_name = params[:user][:email] - pass = params[:user][:password] - user = User.authenticate(:username => email_or_display_name, :password => pass) + if params[:username] or using_open_id? + session[:remember_me] ||= params[:remember_me] + session[:referer] ||= params[:referer] - if user - session[:user] = user.id - session_expires_after 1.month if params[:remember_me] - - # The user is logged in, if the referer param exists, redirect - # them to that unless they've also got a block on them, in - # which case redirect them to the block so they can clear it. - if user.blocked_on_view - redirect_to user.blocked_on_view, :referer => params[:referer] - elsif params[:referer] - redirect_to params[:referer] - else - redirect_to :controller => 'site', :action => 'index' - end - elsif User.authenticate(:username => email_or_display_name, :password => pass, :pending => true) - flash.now[:error] = t 'user.login.account not active' - elsif User.authenticate(:username => email_or_display_name, :password => pass, :suspended => true) - webmaster = link_to t('user.login.webmaster'), "mailto:webmaster@openstreetmap.org" - flash.now[:error] = t 'user.login.account suspended', :webmaster => webmaster + if using_open_id? + openid_authentication(params[:openid_url]) else - flash.now[:error] = t 'user.login.auth failure' + password_authentication(params[:username], params[:password]) end else - @title = t 'user.login.title' + flash.now[:notice] = t 'user.login.notice' end end @@@ -394,162 -395,6 +406,162 @@@ private + ## + # handle password authentication + def password_authentication(username, password) + if user = User.authenticate(:username => username, :password => password) + successful_login(user) + elsif User.authenticate(:username => username, :password => password, :pending => true) + failed_login t('user.login.account not active') + elsif User.authenticate(:username => username, :password => password, :suspended => true) + webmaster = link_to t('user.login.webmaster'), "mailto:webmaster@openstreetmap.org" + failed_login t('user.login.account suspended', :webmaster => webmaster) + else + failed_login t('user.login.auth failure') + end + end + + ## + # handle OpenID authentication + def openid_authentication(openid_url) + # If we don't appear to have a user for this URL then ask the + # provider for some extra information to help with signup + if openid_url and User.find_by_openid_url(openid_url) + optional = nil + else + optional = [:nickname, :email] + end + + # Start the authentication + authenticate_with_open_id(openid_expand_url(openid_url), :optional => optional) do |result, identity_url, registration| + if result.successful? + # We need to use the openid url passed back from the OpenID provider + # rather than the one supplied by the user, as these can be different. + # + # For example, you can simply enter yahoo.com in the login box rather + # than a user specific url. Only once it comes back from the provider + # provider do we know the unique address for the user. + if user = User.find_by_openid_url(identity_url) + case user.status + when "pending" then + failed_login t('user.login.account not active') + when "active", "confirmed" then + successful_login(user) + when "suspended" then + webmaster = link_to t('user.login.webmaster'), "mailto:webmaster@openstreetmap.org" + failed_login t('user.login.account suspended', :webmaster => webmaster) + else + failed_login t('user.login.auth failure') + end + else + # We don't have a user registered to this OpenID, so redirect + # to the create account page with username and email filled + # in if they have been given by the OpenID provider through + # the simple registration protocol. + redirect_to :controller => 'user', :action => 'new', :nickname => registration['nickname'], :email => registration['email'], :openid => identity_url + end + elsif result.missing? + failed_login t('user.login.openid missing provider') + elsif result.invalid? + failed_login t('user.login.openid invalid') + else + failed_login t('user.login.auth failure') + end + end + end + + ## + # verify an OpenID URL + def openid_verify(openid_url, user) + user.openid_url = openid_url + + authenticate_with_open_id(openid_expand_url(openid_url)) do |result, identity_url| + if result.successful? + # We need to use the openid url passed back from the OpenID provider + # rather than the one supplied by the user, as these can be different. + # + # For example, you can simply enter yahoo.com in the login box rather + # than a user specific url. Only once it comes back from the provider + # provider do we know the unique address for the user. + user.openid_url = identity_url + yield user + elsif result.missing? + flash.now[:error] = t 'user.login.openid missing provider' + elsif result.invalid? + flash.now[:error] = t 'user.login.openid invalid' + else + flash.now[:error] = t 'user.login.auth failure' + end + end + end + + ## + # special case some common OpenID providers by applying heuristics to + # try and come up with the correct URL based on what the user entered + def openid_expand_url(openid_url) + if openid_url.nil? + return nil + elsif openid_url.match(/(.*)gmail.com(\/?)$/) or openid_url.match(/(.*)googlemail.com(\/?)$/) + # Special case gmail.com as it is potentially a popular OpenID + # provider and, unlike yahoo.com, where it works automatically, Google + # have hidden their OpenID endpoint somewhere obscure this making it + # somewhat less user friendly. + return 'https://www.google.com/accounts/o8/id' + else + return openid_url + end + end + + ## + # process a successful login + def successful_login(user) + session[:user] = user.id + + session_expires_after 1.month if session[:remember_me] + + if user.blocked_on_view + redirect_to user.blocked_on_view, :referer => params[:referer] + elsif session[:referer] + redirect_to session[:referer] + else + redirect_to :controller => 'site', :action => 'index' + end + + session.delete(:remember_me) + session.delete(:referer) + end + + ## + # process a failed login + def failed_login(message) + flash[:error] = message + + redirect_to :action => 'login', :referer => session[:referer] + + session.delete(:remember_me) + session.delete(:referer) + end + + ## + # update a user's details + def update_user(user) + if user.save + set_locale + + if user.new_email.nil? or user.new_email.empty? + flash.now[:notice] = t 'user.account.flash update success' + else + flash.now[:notice] = t 'user.account.flash update success confirm needed' + + begin + Notifier.deliver_email_confirm(user, user.tokens.create) + rescue + # Ignore errors sending email + end + end + end + end + ## # require that the user is a administrator, or fill out a helpful error message # and return them to the user page. diff --combined app/views/user/account.html.erb index ba5b652ac,d5bcb3821..3bfd7577e --- a/app/views/user/account.html.erb +++ b/app/views/user/account.html.erb @@@ -27,11 -27,6 +27,11 @@@ <%= f.password_field :pass_crypt_confirmation, {:value => '', :size => 30, :maxlength => 255, :autocomplete => :off} %> + + <%= t 'user.account.openid.openid' %> + <%= f.text_field :openid_url, {:class => "openid_url"} %> (<%= t 'user.account.openid.link text' %>) + + <%= t 'user.account.public editing.heading' %> @@@ -43,6 -38,24 +43,24 @@@ + + <%= t 'user.account.contributor terms.heading' %> + + <% if @user.terms_agreed? %> + <%= t 'user.account.contributor terms.agreed' %> + (<%= t 'user.account.contributor terms.link text' %>) +
+ <% if @user.consider_pd? %> + <%= t 'user.account.contributor terms.agreed_with_pd' %> + <% end %> + <% else %> + <%= t 'user.account.contributor terms.not yet agreed' %>
+ + <%= link_to t('user.account.contributor terms.review link text'), :controller => 'user', :action => 'terms' %> + <% end %> + + + <%= t 'user.account.profile description' %> <%= f.text_area :description, :rows => '5', :cols => '60' %> diff --combined app/views/user/terms.html.erb index ae801bc11,3b3585199..cd8da54da --- a/app/views/user/terms.html.erb +++ b/app/views/user/terms.html.erb @@@ -1,6 -1,6 +1,6 @@@

<%= t 'user.terms.heading' %>

-

<%= t 'user.terms.press accept button' %>

+

<%= t 'user.terms.read and accept' %>

<% form_tag :action => 'terms' do %> @@@ -13,7 -13,7 +13,7 @@@ :before => update_page do |page| page.replace_html 'contributorTerms', image_tag('searching.gif') end, - :url => {:legale => legale} + :url => {:legale => legale, :has_decline => params.has_key?(:user)} ) %> <%= label_tag "legale_#{legale}", t('user.terms.legale_names.' + name) %> @@@ -22,7 -22,7 +22,7 @@@ <% end %>
- <%= render :partial => "terms" %> + <%= render :partial => "terms", :locals => { :has_decline =>params.has_key?(:user) } %>
<% form_tag({:action => "save"}, { :id => "termsForm" }) do %> @@@ -33,14 -33,17 +33,18 @@@

<%= hidden_field_tag('referer', h(params[:referer])) unless params[:referer].nil? %> - <%= hidden_field('user', 'email') %> - <%= hidden_field('user', 'email_confirmation') %> - <%= hidden_field('user', 'display_name') %> - <%= hidden_field('user', 'pass_crypt') %> - <%= hidden_field('user', 'pass_crypt_confirmation') %> - <%= hidden_field('user', 'openid_url') %> + <% if params[:user] %> + <%= hidden_field('user', 'email') %> + <%= hidden_field('user', 'email_confirmation') %> + <%= hidden_field('user', 'display_name') %> + <%= hidden_field('user', 'pass_crypt') %> + <%= hidden_field('user', 'pass_crypt_confirmation') %> ++ <%= hidden_field('user', 'openid_url') %> + <% end %>

- <%= submit_tag(t('user.terms.decline'), :name => "decline", :id => "decline") %> + <% if params[:user] %> + <%= submit_tag(t('user.terms.decline'), :name => "decline", :id => "decline") %> + <% end %> <%= submit_tag(t('user.terms.agree'), :name => "agree", :id => "agree") %>

diff --combined config/locales/en.yml index 972e52708,870ea3276..d027b8a9a --- a/config/locales/en.yml +++ b/config/locales/en.yml @@@ -1491,9 -1491,6 +1491,9 @@@ en create_account: "create an account" email or username: "Email Address or Username:" password: "Password:" + openid: "{{logo}} OpenID:" + username_heading: "Login with username and password:" + openid_heading: "Login with OpenID:" remember: "Remember me:" lost password link: "Lost your password?" login_button: "Login" @@@ -1501,28 -1498,7 +1501,29 @@@ account suspended: Sorry, your account has been suspended due to suspicious activity.
Please contact the {{webmaster}} if you wish to discuss this. webmaster: webmaster auth failure: "Sorry, could not log in with those details." + notice: "Find out more about OpenStreetMap's upcoming license change (translations) (discussion)" + openid missing provider: "Sorry, could not contact your OpenID provider" + openid invalid: "Sorry, your OpenID seems to be malformed" + openid_logo_alt: "Log in with an OpenID" + openid_providers: + openid: + title: Login with an OpenID URL + alt: Login with an OpenID URL + yahoo: + title: Login with a Yahoo! OpenID + alt: Login with a Yahoo! OpenID + google: + title: Login with a Google OpenID + alt: Login with a Google OpenID + myopenid: + title: Login with a myOpenID OpenID + alt: Login with a myOpenID OpenID + wordpress: + title: Login with a Wordpress.com OpenID + alt: Login with a Wordpress.com OpenID + myspace: + title: Login with a MySpace OpenID + alt: Login with a MySpace OpenID logout: title: "Logout" heading: "Logout from OpenStreetMap" @@@ -1555,29 -1531,18 +1556,31 @@@ not displayed publicly: 'Not displayed publicly (see privacy policy)' display name: "Display Name:" display name description: "Your publicly displayed username. You can change this later in the preferences." + openid: "{{logo}} OpenID:" password: "Password:" confirm password: "Confirm Password:" + use openid: "Alternatively, use {{logo}} OpenID to login" + openid no password: "With OpenID a password is not required, but some extra tools or server may still need one." + openid association: | +

Your OpenID is not associated with a OpenStreetMap account yet.

+ continue: Continue flash create success message: "User was successfully created. Check your email for a confirmation note, and you will be mapping in no time :-)

Please note that you will not be able to login until you've received and confirmed your email address.

If you use an antispam system which sends confirmation requests then please make sure you whitelist webmaster@openstreetmap.org as we are unable to reply to any confirmation requests." + terms accepted: "Thanks for accepting the new contributor terms!" terms: + title: "Contributor terms" heading: "Contributor terms" - press accept button: "Please read the agreement below and press the agree button to create your account." + read and accept: "Please read the agreement below and press the agree button to confirm that you accept the terms of this agreement for your existing and future contributions." consider_pd: "In addition to the above agreement, I consider my contributions to be in the Public Domain" consider_pd_why: "what's this?" - consider_pd_why_url: http://wiki.openstreetmap.org/wiki/Why_would_I_want_my_contributions_to_be_public_domain + consider_pd_why_url: http://www.osmfoundation.org/wiki/License/Why_would_I_want_my_contributions_to_be_public_domain agree: Agree declined: "http://wiki.openstreetmap.org/wiki/Contributor_Terms_Declined" decline: "Decline" @@@ -1650,10 -1615,6 +1653,10 @@@ current email address: "Current Email Address:" new email address: "New Email Address:" email never displayed publicly: "(never displayed publicly)" + openid: + openid: "OpenID:" + link: "http://wiki.openstreetmap.org/wiki/OpenID" + link text: "what is this?" public editing: heading: "Public editing:" enabled: "Enabled. Not anonymous and can edit data." @@@ -1664,6 -1625,14 +1667,14 @@@ public editing note: heading: "Public editing" text: "Currently your edits are anonymous and people cannot send you messages or see your location. To show what you edited and allow people to contact you through the website, click the button below. Since the 0.6 API changeover, only public users can edit map data. (find out why)." + contributor terms: + heading: "Contributor Terms:" + agreed: "You have agreed to the new Contributor Terms." + not yet agreed: "You have not yet agreed to the new Contributor Terms." + review link text: "Please follow this link at your convenience to review and accept the new Contributor Terms." + agreed_with_pd: "You have also declared that you consider your edits to be in the Public Domain." + link: "http://www.osmfoundation.org/wiki/License/Contributor_Terms" + link text: "what is this?" profile description: "Profile Description:" preferred languages: "Preferred Languages:" image: "Image:" diff --combined config/locales/is.yml index 6c50d94f2,65e68b166..0483fb818 --- a/config/locales/is.yml +++ b/config/locales/is.yml @@@ -327,7 -327,9 +327,9 @@@ is title: Blogg notenda user_title: Blogg {{user}} location: + edit: breyta location: "Staðsetning:" + view: kort new: title: Ný bloggfærsla no_such_entry: @@@ -981,7 -983,6 +983,6 @@@ visibility_help: hvað þýðir þetta trace_header: see_all_traces: Sjá alla ferla - see_just_your_traces: Sýna aðeins þína ferla, eða hlaða upp feril see_your_traces: Sjá aðeins þína ferla traces_waiting: Þú ert með {{count}} ferla í bið. Íhugaðu að bíða með að senda inn fleiri ferla til að aðrir notendur komist að. trace_optionals: @@@ -1019,8 -1020,6 +1020,8 @@@ current email address: "Núverandi netfang:" delete image: Eyða þessari mynd email never displayed publicly: (aldrei sýnt opinberlega) + openid: + link text: "hvað er openID?" flash update success: Stillingarnar þínar voru uppfærðar. flash update success confirm needed: Stillingarnar þínar voru uppfærðar. Póstur var sendur á netfangið þitt sem þú þarft að bregðast við til að netfangið þitt verði staðfest. home location: "Staðsetning:" @@@ -1081,28 -1080,6 +1082,28 @@@ remember: "Muna innskráninguna:" title: Innskrá webmaster: vefstjóra + openid_heading: "Innskráning með OpenID:" + username_heading: "Innskráning með OpenStreetMap aðgang:" + openid_logo_alt: "Innskrá með OpenID" + openid_providers: + openid: + title: Innskrá með OpenID slóð + alt: Innskrá með OpenID slóð + yahoo: + title: Innsrká með Yahoo! OpenID + alt: Innsrká með Yahoo! OpenID + google: + title: Innsrká með Google OpenID + alt: Innsrká með Google OpenID + myopenid: + title: Innsrká með myOpenID OpenID + alt: Innsrká með myOpenID OpenID + wordpress: + title: Innsrká með Wordpress.com OpenID + alt: Innsrká með Wordpress.com OpenID + myspace: + title: Innsrká með MySpace OpenID + alt: Innsrká með MySpace OpenID logout: heading: Útskrá logout_button: Útskrá @@@ -1134,21 -1111,6 +1135,21 @@@ no_auto_account_create: Því miður getum við eki búið til reikning fyrir þig sjálfkrafa. not displayed publicly: Ekki sýnt opinberlega (sjá meðferð persónuupplýsinga) password: "Lykilorð:" + openID associate: "Tengja OpenID við þennan aðgang" + openID: "OpenID:" + openID description: '(Valfrjálst) Ef þú ert með OpenID getur þú tengt það við nýja aðganginn þinn.' + openID nopassword: "Með OpenID þarft þú ekki að gefa upp lykilorð við innskráningu. Í stað þess notar þú OpenID." + openID association: | + Þetta OpenID er ekki tengt við neinn OpenStreetMap aðgang. + + signup: Nýskrá title: Nýskrá no_such_user: body: Það er ekki til notandi með nafninu {{user}}. Kannski slóstu nafnið rangt inn eða fylgdir ógildum tengli. @@@ -1182,7 -1144,6 +1183,6 @@@ italy: Ítalía rest_of_world: Restin af heiminum legale_select: "Staðfærð og þýdd útgáfa notandaskilmálanna:" - press accept button: Eftirfarandi skilmálar gilda um framlög þín til OpenStreetMap. Vinsamlegast lestu þá og ýttu á „Samþykkja“ sért þú samþykk(ur) þeim, annars ekki. view: activate_user: virkja þennan notanda add as friend: bæta við sem vin