cafe-grader-web

Commit r160:0138848b0c5b public

parent | child
Description:
fixed user confirmation bug git-svn-id: http://theory.cpe.ku.ac.th/grader/web/trunk@305 6386c4cd-e34a-4fa8-8920-d93eb39b512e
Commit status:
[Not Reviewed]
References:
default
Diff options:
Raw Diff | Patch Diff | Download Diff | Ignore whitespace | Increase context
Comments:
0 Commit comments 0 Inline Comments
Unresolved TODOs:
There are no unresolved TODOs
Side by Side Unified
Expand All Files Collapse All Files Wide Mode Diff
Add another comment
Browse Files

r160:0138848b0c5b - - 5 files changed: 42 inserted, 31 deleted

Show file before | Show file after | Raw diff | Download diff | Ignore whitespace Increase context Show commentsHide comments
@@ -1,78 +1,86
1 1 class MainController < ApplicationController
2 2
3 3 SYSTEM_MODE_CONF_KEY = 'system.mode'
4 4
5 5 before_filter :authenticate, :except => [:index, :login]
6 6 before_filter :check_viewability, :except => [:index, :login]
7 7
8 - #
9 - # COMMENT OUT: filter in each action instead
10 - #
11 - # before_filter :verify_time_limit, :only => [:submit]
8 + # COMMENTED OUT: filter in each action instead
9 + # before_filter :verify_time_limit, :only => [:submit]
12 10
13 11 verify :method => :post, :only => [:submit],
14 12 :redirect_to => { :action => :index }
15 13
16 - # COMMENT OUT, only need when having high load
17 - # caches_action :index, :login
14 + # COMMENT OUT: only need when having high load
15 + # caches_action :index, :login
18 16
17 + # NOTE: This method is not actually needed, 'config/routes.rb' has
18 + # assigned action login as a default action.
19 19 def index
20 20 redirect_to :action => 'login'
21 21 end
22 22
23 23 def login
24 24 saved_notice = flash[:notice]
25 25 reset_session
26 26 flash[:notice] = saved_notice
27 27
28 + # EXPERIMENT:
29 + # Hide login if in single user mode and the url does not
30 + # explicitly specify /login
28 31 #
29 - # These are for site administrator login
30 - #
32 + # logger.info "PATH: #{request.path}"
33 + # if Configuration['system.single_user_mode'] and
34 + # request.path!='/main/login'
35 + # @hidelogin = true
36 + # end
37 +
38 + # Site administrator login
31 39 @countries = Country.find(:all, :include => :sites)
32 40 @country_select = @countries.collect { |c| [c.name, c.id] }
33 41
34 42 @country_select_with_all = [['Any',0]]
35 43 @countries.each do |country|
36 44 @country_select_with_all << [country.name, country.id]
37 45 end
38 46
39 47 @site_select = []
40 48 @countries.each do |country|
41 49 country.sites.each do |site|
42 50 @site_select << ["#{site.name}, #{country.name}", site.id]
43 51 end
44 52 end
45 53
46 54 @announcements = Announcement.find_for_frontpage
47 55 render :action => 'login', :layout => 'empty'
48 56 end
49 57
50 58 def list
51 59 prepare_list_information
52 60 end
53 61
54 62 def help
55 63 @user = User.find(session[:user_id])
56 64 end
57 65
58 66 def submit
59 67 user = User.find(session[:user_id])
60 68
61 69 @submission = Submission.new(params[:submission])
62 70 @submission.user = user
63 71 @submission.language_id = 0
64 72 if params['file']!=''
65 73 @submission.source = params['file'].read
66 74 @submission.source_filename = params['file'].original_filename
67 75 end
68 76 @submission.submitted_at = Time.new.gmtime
69 77
70 78 if Configuration[SYSTEM_MODE_CONF_KEY]=='contest' and
71 79 user.site!=nil and user.site.finished?
72 80 @submission.errors.add_to_base "The contest is over."
73 81 prepare_list_information
74 82 render :action => 'list' and return
75 83 end
76 84
77 85 if @submission.valid?
78 86 if @submission.save == false
Show file before | Show file after | Raw diff | Download diff | Ignore whitespace Increase context Show commentsHide comments
@@ -10,101 +10,101
10 10
11 11 in_place_edit_for :user, :alias_for_editing
12 12 in_place_edit_for :user, :email_for_editing
13 13
14 14 def index
15 15 if !Configuration['system.user_setting_enabled']
16 16 redirect_to :controller => 'main', :action => 'list'
17 17 else
18 18 @user = User.find(session[:user_id])
19 19 end
20 20 end
21 21
22 22 def chg_passwd
23 23 user = User.find(session[:user_id])
24 24 user.password = params[:passwd]
25 25 user.password_confirmation = params[:passwd_verify]
26 26 if user.save
27 27 flash[:notice] = 'password changed'
28 28 else
29 29 flash[:notice] = 'Error: password changing failed'
30 30 end
31 31 redirect_to :action => 'index'
32 32 end
33 33
34 34 def new
35 35 @user = User.new
36 36 render :action => 'new', :layout => 'empty'
37 37 end
38 38
39 39 def register
40 40 @user = User.new(params[:user])
41 41 @user.password_confirmation = @user.password = User.random_password
42 42 @user.activated = false
43 43 if (@user.valid?) and (@user.save)
44 44 if send_confirmation_email(@user)
45 45 render :action => 'new_splash', :layout => 'empty'
46 46 else
47 47 render :action => 'email_error', :layout => 'empty'
48 48 end
49 49 else
50 50 @user.errors.add_to_base("Email cannot be blank") if @user.email==''
51 51 render :action => 'new', :layout => 'empty'
52 52 end
53 53 end
54 54
55 55 def confirm
56 56 login = params[:login]
57 57 key = params[:activation]
58 - user = User.find_by_login(login)
59 - if (user) and (user.verify_activation_key(key))
60 - if user.valid? # check uniquenss of email
61 - user.activated = true
62 - user.save
58 + @user = User.find_by_login(login)
59 + if (@user) and (@user.verify_activation_key(key))
60 + if @user.valid? # check uniquenss of email
61 + @user.activated = true
62 + @user.save
63 63 @result = :successful
64 64 else
65 65 @result = :email_used
66 66 end
67 67 else
68 68 @result = :failed
69 69 end
70 70 render :action => 'confirm', :layout => 'empty'
71 71 end
72 72
73 73 protected
74 74
75 75 def send_confirmation_email(user)
76 76 contest_name = Configuration['contest.name']
77 77 activation_url = url_for(:action => 'confirm',
78 78 :login => user.login,
79 79 :activation => user.activation_key)
80 80 home_url = url_for(:controller => 'main', :action => 'index')
81 81 mail = TMail::Mail.new
82 82 mail.to = user.email
83 83 mail.from = Configuration['system.online_registration.from']
84 84 mail.subject = "[#{contest_name}] Confirmation"
85 85 mail.body = <<-EOF
86 86 Hello #{user.full_name},
87 87
88 88 You have registered for #{contest_name} (#{home_url}).
89 89
90 90 Your login is: #{user.login}
91 91 Your password is: #{user.password}
92 92
93 93 Please follow the link:
94 94 #{activation_url}
95 95 to activate your user account.
96 96
97 97 If you did not register, please ignore this e-mail.
98 98
99 99 Thanks!
100 100 EOF
101 101
102 102 smtp_server = Configuration['system.online_registration.smtp']
103 103
104 104 begin
105 105 Net::SMTP.start(smtp_server) do |smtp|
106 106 smtp.send_message(mail.to_s, mail.from, mail.to)
107 107 end
108 108 result = true
109 109 rescue
110 110 result = false
Show file before | Show file after | Raw diff | Download diff | Ignore whitespace Increase context Show commentsHide comments
@@ -83,56 +83,57
83 83 end
84 84 end
85 85
86 86 def alias_for_editing=(e)
87 87 self.alias=e
88 88 end
89 89
90 90 def activation_key
91 91 if self.hashed_password==nil
92 92 encrypt_new_password
93 93 end
94 94 Digest::SHA1.hexdigest(self.hashed_password)[0..7]
95 95 end
96 96
97 97 def verify_activation_key(key)
98 98 key == activation_key
99 99 end
100 100
101 101 def self.random_password(length=5)
102 102 chars = 'abcdefghjkmnopqrstuvwxyz'
103 103 password = ''
104 104 length.times { password << chars[rand(chars.length - 1)] }
105 105 password
106 106 end
107 107
108 108 protected
109 109 def encrypt_new_password
110 110 return if password.blank?
111 111 self.salt = (10+rand(90)).to_s
112 112 self.hashed_password = User.encrypt(self.password,self.salt)
113 113 end
114 114
115 115 def password_required?
116 116 self.hashed_password.blank? || !self.password.blank?
117 117 end
118 118
119 119 def self.encrypt(string,salt)
120 120 Digest::SHA1.hexdigest(salt + string)
121 121 end
122 122
123 123 def uniqueness_of_email_from_activated_users
124 124 user = User.activated_users.find_by_email(self.email)
125 125 if user and (user.login != self.login)
126 126 self.errors.add_to_base("Email has already been taken")
127 127 end
128 128 end
129 129
130 130 def enough_time_interval_between_same_email_registrations
131 + return if !self.new_record?
131 132 open_user = User.find_by_email(self.email,
132 133 :order => 'created_at DESC')
133 134 if open_user and open_user.created_at and
134 135 (open_user.created_at > Time.now.gmtime - 5.minutes)
135 136 self.errors.add_to_base("There are already unactivated registrations with this e-mail address (please wait for 5 minutes)")
136 137 end
137 138 end
138 139 end
Show file before | Show file after | Raw diff | Download diff | Ignore whitespace Increase context Show commentsHide comments
@@ -1,69 +1,70
1 1 %h1= Configuration['ui.front.title']
2 2
3 3 - if @announcements.length!=0
4 4 .announcementbox
5 5 %span{:class => 'title'}
6 6 Announcements
7 7 = render :partial => 'announcement', :collection => @announcements
8 8
9 9 %b= Configuration['ui.front.welcome_message']
10 10 %br/
11 - Please login to see the problem list.
12 - %br/
13 - %br/
14 11
15 - - if flash[:notice]
16 - %hr/
17 - %b= flash[:notice]
18 - %hr/
12 + - if !@hidelogin
13 + Please login to see the problem list.
14 + %br/
15 + %br/
16 +
17 + - if flash[:notice]
18 + %hr/
19 + %b= flash[:notice]
20 + %hr/
19 21
20 - %div{ :style => "border: solid 1px gray; padding: 2px; background: #f0f0f0;"}
21 - - form_tag :controller => 'login', :action => 'login' do
22 - %table
23 - %tr
24 - %td{:align => "right"} Login:
25 - %td= text_field_tag 'login'
26 - %tr
27 - %td{:align => "right"} Password:
28 - %td= password_field_tag
29 - = submit_tag 'Login'
30 -
22 + %div{ :style => "border: solid 1px gray; padding: 2px; background: #f0f0f0;"}
23 + - form_tag :controller => 'login', :action => 'login' do
24 + %table
25 + %tr
26 + %td{:align => "right"} Login:
27 + %td= text_field_tag 'login'
28 + %tr
29 + %td{:align => "right"} Password:
30 + %td= password_field_tag
31 + = submit_tag 'Login'
31 32 %br/
32 33
33 34 - if Configuration['system.online_registration']
34 35 Want to participate?
35 36 %b
36 37 Please
37 38 = link_to 'register.', :controller => :users, :action => :new
38 39 %br/
39 40
40 41 - if (Configuration['system.mode']=='contest') and (Configuration['contest.multisites'])
41 42 %script{:type => 'text/javascript'}
42 43 var siteList = new Array();
43 44 - @countries.each do |country|
44 45 = "siteList[#{country.id}] = new Array();"
45 46 - country.sites.each do |site|
46 47 = "siteList[#{country.id}][#{site.id}] = \"#{site.name}\";"
47 48
48 49 var allSiteList = new Array();
49 50 - @site_select.each do |sel|
50 51 = "allSiteList[#{sel[1]}]=\"#{sel[0]}\";"
51 52
52 53 %script{:type => 'text/javascript', :src => '/javascripts/site_update.js'}
53 54
54 55 %div{ :style => "border: solid 1px gray; padding: 2px; background: #f0f0f0;"}
55 56 %b For Site Administrator.
56 57 %br/
57 58 Please select your country and site and login.
58 59 - form_for :login, nil, :url => {:controller => 'login', :action => 'site_login'} do |f|
59 60 Country:
60 61 = select :site_country, :id, @country_select_with_all, {}, {:onchange => "updateSiteList();", :onclick => "updateSiteList();" }
61 62 Site:
62 63 = select :login, :site_id, @site_select
63 64 %br/
64 65 Password:
65 66 = f.password_field :password
66 67 = submit_tag "Site Administrator Login"
67 68
68 69 %script{:type => 'text/javascript'}
69 70 updateSiteList();
Show file before | Show file after | Raw diff | Download diff | Ignore whitespace Increase context Show commentsHide comments
@@ -38,58 +38,59
38 38 User.should_receive(:new).with(any_args()).and_return(@john)
39 39 @john.should_receive(:activated=).with(false)
40 40 @john.should_receive(:valid?).and_return(true)
41 41 @john.should_receive(:save).and_return(true)
42 42
43 43 smtp_mock = mock("smtp")
44 44 smtp_mock.should_receive(:send_message) do |msg,fr,to|
45 45 to.should == [@john_info[:email]]
46 46 msg.index(@john_activation_key).should_not be_nil
47 47 end
48 48
49 49 Net::SMTP.should_receive(:start).
50 50 with(any_args()).
51 51 and_yield(smtp_mock)
52 52
53 53 post :register, :login => @john_info[:login],
54 54 :full_name => @john_info[:full_name],
55 55 :email => @john_info[:email]
56 56
57 57 response.should render_template('users/new_splash')
58 58 end
59 59
60 60 it "should create unactivated user and return error page when e-mail sending error" do
61 61 User.should_receive(:new).with(any_args()).and_return(@john)
62 62 @john.should_receive(:activated=).with(false)
63 63 @john.should_receive(:valid?).and_return(true)
64 64 @john.should_receive(:save).and_return(true)
65 65
66 66 smtp_mock = mock("smtp")
67 67 smtp_mock.should_receive(:send_message).
68 68 and_throw(:error)
69 69
70 70 Net::SMTP.should_receive(:start).
71 71 with(any_args()).
72 72 and_yield(smtp_mock)
73 73
74 74 post :register, :login => @john_info[:login],
75 75 :full_name => @john_info[:full_name],
76 76 :email => @john_info[:email]
77 77
78 78 response.should render_template('users/email_error')
79 79 end
80 80
81 81 it "should activate user with valid activation key" do
82 82 login = @john_info[:login]
83 83 User.should_receive(:find_by_login).
84 84 with(login).
85 85 and_return(@john)
86 + User.should_not_receive(:find_by_email)
86 87 @john.should_receive(:valid?).and_return(true)
87 88 @john.should_receive(:activated=).with(true)
88 89 @john.should_receive(:save).and_return(true)
89 90
90 91 get :confirm, :login => login, :activation => @john_activation_key
91 92
92 93 response.should render_template('users/confirm')
93 94 end
94 95
95 96 end
You need to be logged in to leave comments. Login now