From: Tom Hughes <tom@compton.nu>
Date: Sun, 17 Oct 2010 09:59:29 +0000 (+0100)
Subject: Merge branch 'master' into openid
X-Git-Tag: live~6292
X-Git-Url: https://git.openstreetmap.org/rails.git/commitdiff_plain/e09b187cae178c000a683635d408cab72dc3d35b

Merge branch 'master' into openid

Conflicts:
	app/controllers/user_controller.rb
---

e09b187cae178c000a683635d408cab72dc3d35b
diff --cc app/controllers/user_controller.rb
index 1ac3b1ca5,c8603afec..d456c1353
--- a/app/controllers/user_controller.rb
+++ b/app/controllers/user_controller.rb
@@@ -46,27 -30,18 +46,33 @@@ class UserController < ApplicationContr
        @title = t 'user.terms.title'
        @user = User.new(params[:user]) if params[:user]
  
 +      if params[:user] and params[:user][:openid_url] and @user.pass_crypt.empty?
 +        # We are creating an account with OpenID and no password
 +        # was specified so create a random one
 +        @user.pass_crypt = ActiveSupport::SecureRandom.base64(16) 
 +        @user.pass_crypt_confirmation = @user.pass_crypt 
 +      end
 +
        if @user
          if @user.invalid?
-           # Something is wrong, so rerender the form
-           render :action => :new
+           if @user.new_record?
++            # Something is wrong with a new user, so rerender the form
+             render :action => :new
+           else
++            # Error in existing user, so go to account settings
+             flash[:errors] = @user.errors
+             redirect_to :action => :account, :display_name => @user.display_name
+           end
          elsif @user.terms_agreed?
 +          # Already agreed to terms, so just show settings
            redirect_to :action => :account, :display_name => @user.display_name
 +        elsif params[:user] and params[:user][:openid_url]
 +          # Verify OpenID before moving on
 +          session[:new_user] = @user
 +          openid_verify(params[:user][:openid_url], @user)
          end
        else
 +        # Not logged in, so redirect to the login page
          redirect_to :action => :login, :referer => request.request_uri
        end
      end
@@@ -133,26 -108,30 +139,33 @@@
        @user.home_lat = params[:user][:home_lat]
        @user.home_lon = params[:user][:home_lon]
  
 -      if @user.save
 -        set_locale
 +      @user.openid_url = nil if params[:user][:openid_url].empty?
  
 -        if @user.new_email.nil? or @user.new_email.empty?
 -          flash[:notice] = t 'user.account.flash update success'
 -        else
 -          flash[:notice] = t 'user.account.flash update success confirm needed'
 -
 -          begin
 -            Notifier.deliver_email_confirm(@user, @user.tokens.create)
 -          rescue
 -            # Ignore errors sending email
 -          end
 -        end
 -
 -        redirect_to :action => "account", :display_name => @user.display_name
 +      if params[:user][:openid_url].length > 0 and
 +         params[:user][:openid_url] != @user.openid_url
 +        # If the OpenID has changed, we want to check that it is a
 +        # valid OpenID and one the user has control over before saving
 +        # it as a password equivalent for the user.
 +        session[:new_user] = @user
 +        openid_verify(params[:user][:openid_url], @user)
 +      else
 +        update_user(@user)
 +      end
 +    elsif using_open_id?
 +      # The redirect from the OpenID provider reenters here
 +      # again and we need to pass the parameters through to
 +      # the open_id_authentication function
 +      @user = session.delete(:new_user)
 +      openid_verify(nil, @user) do |user|
 +        update_user(user)
        end
+     else
+       if flash[:errors]
+         flash[:errors].each do |attr,msg|
+           attr = "new_email" if attr == "email" and !@user.new_email.nil?
+           @user.errors.add(attr,msg)
+         end
+       end
      end
    end