[Xfce4-commits] <moka:master> Handle user requests.
Nick Schermer
noreply at xfce.org
Sun Nov 20 14:30:19 CET 2011
Updating branch refs/heads/master
to e99864e83fbf49ab98b2d9713d235dcc9aa29e00 (commit)
from fac1d0a4a163defe1f6299a66f779dacfda85015 (commit)
commit e99864e83fbf49ab98b2d9713d235dcc9aa29e00
Author: Nick Schermer <nick at xfce.org>
Date: Sun Jul 17 15:22:40 2011 +0200
Handle user requests.
examples/one-man-one-project/config.ru | 9 +++-
lib/controllers/authentication.rb | 68 ++++++++++++++++++++-----------
lib/controllers/maintainers.rb | 10 +++-
lib/models/maintainer.rb | 1 +
lib/views/login_request.haml | 18 +++++---
lib/views/login_unauthenticated.haml | 2 +-
lib/views/maintainer.haml | 14 ++++++-
lib/views/maintainer_profile.haml | 11 +++++-
8 files changed, 93 insertions(+), 40 deletions(-)
diff --git a/examples/one-man-one-project/config.ru b/examples/one-man-one-project/config.ru
index 384108d..d6d5e2f 100755
--- a/examples/one-man-one-project/config.ru
+++ b/examples/one-man-one-project/config.ru
@@ -112,7 +112,8 @@ nick = Moka::Models::Maintainer.first_or_create(
{ :username => 'nick' },
{ :realname => 'Nick Schermer',
:password => Digest::SHA1.hexdigest('test'),
- :email => 'nick at xfce.org' }
+ :email => 'nick at xfce.org',
+ :active => true }
)
nick.roles << admin
nick.roles << goodies
@@ -122,7 +123,8 @@ jannis = Moka::Models::Maintainer.first_or_create(
{ :username => 'jannis' },
{ :realname => 'Jannis Pohlmann',
:password => Digest::SHA1.hexdigest('test'),
- :email => 'jannis at xfce.org' }
+ :email => 'jannis at xfce.org',
+ :active => true }
)
jannis.roles << goodies
jannis.save
@@ -131,7 +133,8 @@ jeromeg = Moka::Models::Maintainer.first_or_create(
{ :username => 'jeromeg' },
{ :realname => 'Jérôme Guelfucci',
:password => Digest::SHA1.hexdigest('test'),
- :email => 'jeromeg at xfce.org' }
+ :email => 'jeromeg at xfce.org',
+ :active => false }
)
jeromeg.roles << goodies
jeromeg.save
diff --git a/lib/controllers/authentication.rb b/lib/controllers/authentication.rb
index 150e1c6..18d8572 100755
--- a/lib/controllers/authentication.rb
+++ b/lib/controllers/authentication.rb
@@ -9,30 +9,30 @@ module Moka
module Authentication
def authentication_initialize
use Rack::Session::Cookie
-
- Warden::Manager.serialize_into_session do |maintainer|
- maintainer.username
+
+ Warden::Manager.serialize_into_session do |maintainer|
+ maintainer.username
end
-
- Warden::Manager.serialize_from_session do |username|
- Moka::Models::Maintainer.get(username)
+
+ Warden::Manager.serialize_from_session do |username|
+ Moka::Models::Maintainer.get(username)
end
-
+
Warden::Manager.before_failure do |env, opts|
env['REQUEST_METHOD'] = 'POST'
end
-
- Warden::Strategies.add(:maintainer) do
+
+ Warden::Strategies.add(:maintainer) do
def valid?
params['username'] and params['password']
end
-
+
def authenticate!
maintainer = Moka::Models::Maintainer.authenticate(params['username'], params['password'])
- maintainer.nil? ? fail!("Authentication failed") : success!(maintainer)
+ maintainer.nil? or maintainer.active == false ? fail!("Authentication failed") : success!(maintainer)
end
end
-
+
use Warden::Manager do |manager|
manager.default_strategies :maintainer
manager.failure_app = Moka::Application
@@ -67,7 +67,7 @@ module Moka
end
elsif (context.is_a? Moka::Models::Maintainer)
# abort processing the current page if the user is not
- # the same as the required maintainer and his/her user
+ # the same as the required maintainer and his/her user
# roles and the required roles have no elements in common
unless authentication_user == context
if not authentication_user.authorized?(roles)
@@ -87,7 +87,7 @@ module Moka
env['warden'].user
end
end
-
+
def self.registered(app)
app.helpers Helpers
@@ -96,10 +96,10 @@ module Moka
end
app.post '/login/?' do
-
+
maintainer = Moka::Models::Maintainer.get(params['username'])
- if maintainer and maintainer.password == 'invalid'
+ if maintainer and maintainer.active == true and maintainer.password == 'invalid'
maintainer.password = Digest::SHA1.hexdigest(params['password'])
maintainer.save
redirect '/'
@@ -108,34 +108,54 @@ module Moka
env['warden'].authenticate!
redirect '/'
end
-
+
app.post '/unauthenticated' do
view :login_unauthenticated
end
-
+
app.get '/logout/?' do
env['warden'].logout
redirect '/'
end
-
+
app.get '/login/forgot' do
-
+
view :login_forgot
end
-
+
app.get '/login/request' do
-
+
view :login_request
end
app.get '/login/request/sshinfo' do
-
+
view :login_request_sshinfo
end
app.post '/login/request' do
+ if params[:username].empty? or params[:realname].empty? or params[:email].empty?
+ error_set(:username, 'All fields below are required')
+ view :login_request
+ elsif not Moka::Models::Maintainer.get(params[:username]).nil?
+ error_set(:username, 'This username is already taken')
+ view :login_request
+ elsif params[:password].empty? or params[:password].length < 6
+ error_set(:password, 'The password must be at least 6 characters long.')
+ view :login_request
+ elsif not params[:password].eql? params[:password2]
+ error_set(:password, 'The two passwords you entered did not match.')
+ view :login_request
+ else
+ @maintainer = Moka::Models::Maintainer.create (:username => params[:username])
+ @maintainer.email = params[:email]
+ @maintainer.realname = params[:realname]
+ @maintainer.password = Digest::SHA1.hexdigest(params[:password])
+ @maintainer.active = false
+ @maintainer.save
- view :login_request_finished
+ view :login_request_finished
+ end
end
end
end
diff --git a/lib/controllers/maintainers.rb b/lib/controllers/maintainers.rb
index f55cb34..531c5c3 100755
--- a/lib/controllers/maintainers.rb
+++ b/lib/controllers/maintainers.rb
@@ -20,13 +20,13 @@ module Moka
end
app.post '/maintainer/:id' do
- @maintainer = Maintainer.get(params[:name])
+ @maintainer = Maintainer.get(params[:username])
authentication_required(@maintainer)
# validate the password against the authenticated user
encrypted_password = Digest::SHA1.hexdigest(params[:password])
- if authentication_user.password == encrypted_password
+ if authentication_user.password.eql? encrypted_password
if not params[:new_password].empty?
if not params[:new_password].eql? params[:new_password2]
error_set(:newpassword, 'The two passwords you entered did not match.')
@@ -45,6 +45,10 @@ module Moka
pubkeys.push(key) if not key.empty?
end
+ if authentication_user.is_admin
+ @maintainer.active = params[:active] ? true : false
+ end
+
@maintainer.email = params[:email]
@maintainer.realname = params[:realname]
@maintainer.pubkeys = pubkeys.join("\n")
@@ -52,7 +56,7 @@ module Moka
error_set(:succeed, 'The changes to your profile have been saved.')
else
- if authentication_user.name == @maintainer.name
+ if authentication_user.username == @maintainer.username
error_set(:password, 'You did not enter your old password correctly.')
else
error_set(:password, 'You did not enter your OWN password correctly.')
diff --git a/lib/models/maintainer.rb b/lib/models/maintainer.rb
index 8096b62..d2046b4 100755
--- a/lib/models/maintainer.rb
+++ b/lib/models/maintainer.rb
@@ -6,6 +6,7 @@ module Moka
include DataMapper::Resource
property :username, String, :key => true
+ property :active, Boolean, :default => false
property :realname, String
property :password, String
property :email, String
diff --git a/lib/views/login_request.haml b/lib/views/login_request.haml
index 9e2934a..d0e6070 100644
--- a/lib/views/login_request.haml
+++ b/lib/views/login_request.haml
@@ -1,16 +1,18 @@
%h2 Introduction
-%p
- The following form allows you to submit your user info to request an
- Xfce developers account. This account needs to be approved by one of
- the Xfce developers, so it is wise to introduce yourself on the
+%p
+ The following form allows you to submit your user info to request an
+ Xfce developers account. This account needs to be approved by one of
+ the Xfce developers, so it is wise to introduce yourself on the
%a{:href => "http://www.xfce.org/community"} Xfce4-dev
- mailing list first, else the request will be rejected. Translators
+ mailing list first, else the request will be rejected. Translators
don't need a developer account, they can sign up at the
%a{:href => "https://translations.xfce.org/"} translation
page and request to join a translation team after registration.
%h2 Account Information
%form{:method => "post"}
+ - if env[:error][:username]
+ %p.error.quote #{env[:error][:username]}
%p
%label{:for => "username"} Login Name:
%input{:type => "text", :name => "username", :value => params[:username]}
@@ -21,6 +23,8 @@
%label{:for => "email"} Email address:
%input{:type => "text", :name => "email", :value => params[:email]}
%hr
+ - if env[:error][:password]
+ %p.error.quote #{env[:error][:password]}
%p
%label{:for => "password"} Password:
%input{:type => "password", :name => "password"}
@@ -29,8 +33,8 @@
%input{:type => "password", :name => "password2"}
%hr
%p.quote
- The public key is required to push git commits over ssh. Make sure you provide the publickey and
- not the fingerprint... Read more about how to generate and use SSH keys
+ The public key is required to push git commits over ssh. Make sure you provide the publickey and
+ not the fingerprint... Read more about how to generate and use SSH keys
%a{:href => "/login/request/sshinfo"} here.
%p
%label{:for => "pubkeys"} SSH public-keys:
diff --git a/lib/views/login_unauthenticated.haml b/lib/views/login_unauthenticated.haml
index 53909bb..196a8b8 100755
--- a/lib/views/login_unauthenticated.haml
+++ b/lib/views/login_unauthenticated.haml
@@ -1,5 +1,5 @@
%h2 Invalid Username or Password
-%p.error The username or password you entered is not valid.
+%p.error The username or password you entered is not valid or the account has not been activated yet.
%p
Try
%a{:href => "/login"} again
diff --git a/lib/views/maintainer.haml b/lib/views/maintainer.haml
index 1a97438..0ceecec 100644
--- a/lib/views/maintainer.haml
+++ b/lib/views/maintainer.haml
@@ -1,6 +1,18 @@
%h2 Inactive Maintainers
%p Account for maintainers that have not been activated yet.
+%table
+ %tr
+ %th Username
+ %th Real Name
+ %th Email
+ - for maintainer in Maintainer.all(:active => false).sort
+ %tr
+ %td
+ %a{:href => "/maintainer/#{maintainer.username}"} #{maintainer.username}
+ %td #{maintainer.realname}
+ %td #{maintainer.email}
+
%h2 Active Maintainers
%p Accounts of the maintainers that are currently using the release manager.
@@ -9,7 +21,7 @@
%th Username
%th Real Name
%th Email
- - for maintainer in Maintainer.all.sort
+ - for maintainer in Maintainer.all(:active => true).sort
%tr
%td
%a{:href => "/maintainer/#{maintainer.username}"} #{maintainer.username}
diff --git a/lib/views/maintainer_profile.haml b/lib/views/maintainer_profile.haml
index a85482f..df2d859 100644
--- a/lib/views/maintainer_profile.haml
+++ b/lib/views/maintainer_profile.haml
@@ -2,10 +2,15 @@
%form{:method => "post"}
%p
%label{:for => "username"} Login Name:
- %input{:type => "text", :name => "username", :disabled => true, :value => @maintainer.username}
+ %input{:type => "text", :name => "fooname", :disabled => true, :value => @maintainer.username}
+ %input{:type => "hidden", :name => "username", :value => @maintainer.username}
%p
%label{:for => "email"} Email address:
%input{:type => "text", :name => "email", :value => @maintainer.email}
+ - if authentication_user.is_admin
+ %p
+ %label{:for => "active"} Account active:
+ %input{:type => "checkbox", :name => "active", :checked => @maintainer.active}
%p
%label{:for => "realname"} Real Name:
%input{:type => "text", :name => "realname", :value => @maintainer.realname}
@@ -14,6 +19,8 @@
%textarea{:name => "pubkeys", :rows => "5", :wrap => "off", :value => @maintainer.pubkeys}
%hr
%p Leave the password fields empty if you don't want to set a new password. The password needs to be at least 6 characters long.
+ - if env[:error][:newpassword]
+ %p.error.quote #{env[:error][:newpassword]}
%p
%label{:for => "new_password"} New password:
%input{:type => "password", :name => "new_password"}
@@ -22,6 +29,8 @@
%input{:type => "password", :name => "new_password2"}
%hr
%p Please enter your existing password to confirm account changes.
+ - if env[:error][:password]
+ %p.error.quote #{env[:error][:password]}
%p
%label{:for => "password"} Password:
%input{:type => "password", :name => "password"}
More information about the Xfce4-commits
mailing list