| Class | UserController |
| In: |
app/controllers/user_controller.rb
|
| Parent: | ApplicationController |
ユーザーを制御する。
| TOKEN_FOR_SINGLE_SIGN_ON | = | :X0034343_A34343_B34343 | layout ‘user‘ |
自動ログインを行う。
# File app/controllers/user_controller.rb, line 15
15: def auto
16: begin
17: queue = MailQueue.find(params[:id])
18: rescue ActiveRecord::RecordNotFound
19: raise MailQueueNotFound, "no such mail queue"
20: end
21: user_login = params[:u]
22: unless !user_login.blank? && (user = User.find_by_login(user_login)) && queue.recipients.include?(user.person)
23: raise RecipientNotFound, "no such recipient"
24: end
25: session[:fragment] = fragment_for(:product => queue.product, :document => queue.document)
26: session[:return_to] = return_to = "/" # default
27: if session[:user_id] # already login
28: if User.find_by_id(session[:user_id]).login == user_login
29: redirect_to session[:return_to]
30: session[:return_to] = nil
31: return
32: else
33: logout(false) # user mismatch
34: end
35: end
36: if queue.product.mail_skip_auth? && skip_authentication(user_login)
37: redirect_to session[:return_to]
38: session[:return_to] = nil
39: return
40: end
41: @user = User.new(:login => user_login)
42: render :action => "login"
43: end
パスワードを変更する。
# File app/controllers/user_controller.rb, line 131
131: def change_password
132: return if generate_filled_in
133: params['user'].delete('form')
134: begin
135: @user.change_password(params['user']['password'], params['user']['password_confirmation'])
136: @user.save!
137: rescue Exception => ex
138: report_exception ex
139: flash.now['message'] = s_("flash|message|Your password could not be changed at this time. Please retry.")
140: render and return
141: end
142: # succeeded to change
143: redirect_to :controller => "menu", :action => "index"
144: begin
145: UserNotify.deliver_change_password(@user, params['user']['password'])
146: rescue Exception => ex
147: report_exception ex
148: end
149: end
ユーザーを削除する。
# File app/controllers/user_controller.rb, line 215
215: def delete
216: @user = @current_user || User.find_by_id( session[:user_id] )
217: begin
218: @user.update_attribute( :deleted, true )
219: logout
220: rescue Exception => ex
221: flash.now['message'] = s_("flash|message|Error: %{ex}.") % {:ex => ex}
222: redirect_back_or_default
223: end
224: end
ユーザー情報の変更を行う。
# File app/controllers/user_controller.rb, line 188
188: def edit
189: return if generate_filled_in
190: if params['user']['form']
191: form = params['user'].delete('form')
192: begin
193: case form
194: when "edit"
195: unclean_params = params['user']
196: user_params = unclean_params.delete_if { |k,v| not User::CHANGEABLE_FIELDS.include?(k) }
197: @user.attributes = user_params
198: @user.save
199: flash.now['notice'] = s_("flash|notice|User has been updated.")
200: when "change_password"
201: change_password
202: when "delete"
203: delete
204: else
205: raise "unknown edit action"
206: end
207: rescue Exception => ex
208: logger.warn ex
209: logger.warn ex.backtrace
210: end
211: end
212: end
パスワードを忘れた場合の処理を行う。
# File app/controllers/user_controller.rb, line 152
152: def forgot_password
153: if authenticated_user?
154: flash['message'] = s_("flash|message|You are currently logged in. You may change your password now.")
155: redirect_to :action => 'change_password'
156: return
157: end
158:
159: return if generate_blank_form
160:
161: login = params['user']['login']
162: if login.empty?
163: flash.now['message'] = s_("flash|message|Please enter a valid login name.")
164: elsif (user = User.find_by_login(login)).nil?
165: flash.now['message'] = s_("flash|message|We could not find a user with the login %{login}") % {:login => CGI.escapeHTML(login)}
166: else
167: begin
168: User.transaction do
169: key = user.generate_security_token
170: url = url_for(:action => 'change_password')
171: url += "?user[id]=#{user.id}&key=#{key}"
172: UserNotify.deliver_forgot_password(user, url)
173: flash['notice'] = s_("flash|notice|Instructions on resetting your password have been emailed to %{login}.") % {:login => CGI.escapeHTML(login)}
174: unless authenticated_user?
175: redirect_to :action => 'login'
176: return
177: end
178: redirect_back_or_default
179: end
180: rescue Exception => ex
181: report_exception ex
182: flash.now['message'] = s_("flash|message|Your password could not be emailed to %{login}") % {:login => CGI.escapeHTML(login)}
183: end
184: end
185: end
ログイン認証を行う。
# File app/controllers/user_controller.rb, line 46
46: def login
47: unless params[TOKEN_FOR_SINGLE_SIGN_ON].blank?
48: return skip_authentication(params[TOKEN_FOR_SINGLE_SIGN_ON])
49: end
50:
51: unless params[:fragment].blank?
52: session[:fragment] = params[:fragment]
53: end
54:
55: if request.xhr?
56: render :update do |page|
57: page.insert_html :before, "view_main", "\n<!-- fragment saved -->\n" # dummy
58: end
59: return
60: end
61:
62: return if generate_blank_form
63: user = User.authenticate(params["user"]["login"], params["user"]["password"], true)
64: @user = user || User.new(params["user"])
65: if user
66: unless user.lockout?
67: reset_session
68: @current_user = Thread.current[:user] = user
69: init_login_session(user)
70: if user.password_expire?
71: create_login_history(user, LoginHistory::RESULT_PASSWORD_EXPIRED)
72: reset_session_all
73: redirect_to :action => "change_password"
74: return
75: end
76: flash["notice"] = s_("flash|notice|Login succeeded")
77: create_login_history(user, LoginHistory::RESULT_LOGIN_SUCCEEDED)
78: redirect_back_or_default
79: return
80: end
81: end
82:
83: @login = params["user"]["login"]
84: flash['message'] = s_("flash|message|Login failed")
85: create_login_history(user, LoginHistory::RESULT_LOGIN_FAILED)
86: end