[Xfce4-commits] <moka:master> Allow password changes through the interface.

Nick Schermer noreply at xfce.org
Sun Nov 20 14:30:02 CET 2011 

Updating branch refs/heads/master
         to 67afb23169419dd830adcf330dc2a4badebe1081 (commit)
       from 5b9396c1de9d99ada16504bdd0f5fe866ee68da9 (commit)

commit 67afb23169419dd830adcf330dc2a4badebe1081
Author: Nick Schermer <nick at xfce.org>
Date:   Sun Apr 3 12:43:24 2011 +0200

    Allow password changes through the interface.

 lib/controllers/maintainers.rb |   35 +++++++++++++++++++++++++++++------
 lib/views/head.erb             |    1 +
 lib/views/maintainer.erb       |   28 ++++++++++++++++++++++++++--
 lib/views/stylesheet.sass      |    3 +++
 4 files changed, 59 insertions(+), 8 deletions(-)

diff --git a/lib/controllers/maintainers.rb b/lib/controllers/maintainers.rb
index 1a1a372..abedddd 100755
--- a/lib/controllers/maintainers.rb
+++ b/lib/controllers/maintainers.rb
@@ -11,18 +11,41 @@ module Moka
 
           view :maintainer
         end
-        
+
         app.post '/maintainer/:username' do
           @maintainer = Maintainer.find_by_username(params[:username])
 
           authentication_required(@maintainer)
 
-	  @maintainer.email = params[:email]
-	  @maintainer.save
-          
-	  view :maintainer
-        end
+          # validate the password against the authenticated user
+          encrypted_password = Digest::SHA1.hexdigest(params[:password])
+          if Moka::Models::Maintainer.use_http_auth? or authentication_user.password == encrypted_password
+            if not params[:new_password].empty?
+              if not params[:new_password].eql? params[:new_password2]
+                error_set(:newpassword, 'The two passwords you entered did not match.')
+              elsif params[:new_password].length < 6
+                error_set(:newpassword, 'The password must be at least 6 characters long.')
+              else
+                encrypted_password = Digest::SHA1.hexdigest(params[:new_password])
+                @maintainer.password = encrypted_password
+              end
+            end
+
+            @maintainer.email = params[:email]
+            @maintainer.realname = params[:realname]
+            @maintainer.save
 
+            error_set(:succeed, 'The changes to your name and password have been saved.')
+          else
+            if authentication_user.username == @maintainer.username
+              error_set(:password, 'You did not enter your old password correctly.')
+            else
+              error_set(:password, 'You did not enter your OWN password correctly.')
+            end
+          end
+
+          view :maintainer
+        end
       end
     end
   end
diff --git a/lib/views/head.erb b/lib/views/head.erb
index 1e6b7fd..1af4084 100755
--- a/lib/views/head.erb
+++ b/lib/views/head.erb
@@ -18,6 +18,7 @@
       <% end %>
       <a href="http://identi.ca/xfce">identi.ca Channel</a>
       <% if not Moka::Models::Maintainer.use_http_auth? and env['warden'].authenticated? %>
+        <a href="/maintainer/<%= authentication_user.username %>">Profile</a>
         <a href="/logout">Logout</a>
       <% end %>
     </p>
diff --git a/lib/views/maintainer.erb b/lib/views/maintainer.erb
index 35f8cc7..3c61f58 100755
--- a/lib/views/maintainer.erb
+++ b/lib/views/maintainer.erb
@@ -1,10 +1,34 @@
 <%= header :title => "Update account data for #{@maintainer.realname}" %>
 <h2>Account data</h2>
 <form method="post">
+  <% if error(:succeed) %>
+      <p class="message"><%= error(:succeed) %></p>
+  <% end %>
   <fieldset>
     <p><label for="email">Email address:</label> <input type="text" id="email" name="email" value="<%= @maintainer.email %>"/></p>
-    <p><label for="password">Password:</label> <a href="https://xfce.org">Change it here</a></p>
-    <p><span class="placeholder"> </span> <input type="submit" value="Save"/></p>
+    <p><label for="realname">Real Name:</label> <input type="text" id="realname" name="realname" value="<%= @maintainer.realname %>"/></p>
+    <% if not Moka::Models::Maintainer.use_http_auth? %>
+      <hr />
+      <p>Leave the password fields empty if you don't want to set a new password. The password needs to be at least 6 characters long.</p>
+      <% if error(:newpassword) %>
+        <p class="error"><%= error(:newpassword) %></p>
+      <% end %>
+      <p><label for="new_password">New password:</label> <input type="password" id="new_password" name="new_password" value=""/></p>
+      <p><label for="new_password2">Confirm new password:</label> <input type="password" id="new_password2" name="new_password2" value=""/></p>
+      <hr />
+      <% if authentication_user.username == @maintainer.username %>
+        <p>Please enter your existing password to confirm account changes.</p>
+      <% else %>
+        <p>You are editing the account of someone else; enter your <strong>OWN</strong> password to confirm.</strong></p>
+      <% end %>
+      <% if error(:password) %>
+        <p class="error"><%= error(:password) %></p>
+      <% end %>
+      <p><label for="password">Password:</label> <input type="password" id="password" name="password" value=""></p>
+      <p><span class="placeholder"> </span> <input type="submit" value="Save"/></p>
+    <% else %>
+      <p><label for="password">Password:</label> <a href="https://xfce.org">Change it here</a></p
+    <% end %>
   </fieldset>
 </form>
 <%= footer %>
diff --git a/lib/views/stylesheet.sass b/lib/views/stylesheet.sass
index ef93715..3d0f502 100755
--- a/lib/views/stylesheet.sass
+++ b/lib/views/stylesheet.sass
@@ -124,6 +124,9 @@ fieldset
 .error
   color: red
 
+.message
+  color: green
+
 .preview
   background-color: rgb(245, 245, 245)
   overflow-x: auto

More information about the Xfce4-commits mailing list