API tools faq
paste
Guest User

Untitled

a guest
Feb 21st, 2018
95
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.79 KB | None | 0 0
raw download clone embed print report
  1. # This controller provides actions for users to register with the system
  2. # and retrieve lost passwords
  3. class ActiveRbac::RegistrationController < ActiveRbac::ComponentController
  4. # Use the configured layout.
  5. layout ActiveRbacConfig.config(:controller_layout)
  6.  
  7. # Redirect to signup page
  8. def index
  9. redirect_to :action => 'register'
  10. end
  11.  
  12. # Displays a "registration" form on GET and tries to register a user on POST.
  13. def register
  14. if request.method != :post
  15. # On anything but POST, we simply initialize @user with a new User object
  16. # for the form.
  17. @user = User.new
  18. else
  19. # On POST we try to register the user.
  20.  
  21. # Set password and password_confirmation into [:user] parameters
  22. params[:user] = Hash.new if params[:user].nil?
  23. params[:user][:password] = params[:password]
  24. params[:user][:password_confirmation] = params[:password_confirmation]
  25.  
  26. # Execute the blocks given for the signup_fields configuration settings.
  27. # These will add validation functions to the User model.
  28. ActiveRbacConfig.config(:controller_registration_signup_fields).each do |field|
  29. field[:validation_proc].call
  30. end
  31.  
  32. @user = User.new(params[:user])
  33. @user.password_hash_type = ActiveRbacConfig.config(:model_default_hash_type)
  34.  
  35. if @user.save then
  36. @user.create_user_registration
  37.  
  38. # The confirm_url should be set in the mailer, but seemingly the url methods
  39. # hooked up with the routing are not available there.
  40. confirm_url = url_for(:controller => 'registration',
  41. :action => 'confirm',
  42. :user => @user.id,
  43. :token => @user.user_registration.token)
  44. RegistrationMailer.deliver_confirm_registration(@user, confirm_url)
  45.  
  46. render 'active_rbac/registration/register_success'
  47. return
  48. end
  49. end
  50.  
  51. # Set the additional partials to render within the form into the template
  52. @additional_partials = ActiveRbacConfig.config(:controller_registration_signup_fields).collect do |field|
  53. field[:template_path]
  54. end
  55. end
  56.  
  57. # Displays a "do you really want to confirm registration" form on GET and
  58. # tries to confirm the user's registration on POST.
  59. def confirm
  60. if request.method != :post
  61. # Show the confirmation form on anything but GET
  62. @user = User.find(params[:user])
  63.  
  64. unless !@user.user_registration.nil? and @user.user_registration.token == params[:token]
  65. # moo, just to get into the right rescue below
  66. raise ActiveRecord::RecordNotFound
  67. end
  68.  
  69. @token = params[:token]
  70. else
  71. # Handle the confirmation on POST.
  72. if params[:yes].nil?
  73. # User said "no"
  74. flash[:success] = 'Your registration has not been confirmed.'
  75. redirect_to '/'
  76. end
  77.  
  78. @user = User.find(params[:user])
  79.  
  80. unless !@user.user_registration.nil? and @user.user_registration.token == params[:token]
  81. # moo, just to get into the right rescue below
  82. raise ActiveRecord::RecordNotFound
  83. end
  84.  
  85. # Delete UserRegistration for good
  86. @user.state = User.states['confirmed']
  87. @user.save!
  88. UserRegistration.delete @user.user_registration.id
  89.  
  90. render 'active_rbac/registration/confirm_success'
  91. end
  92. rescue ActiveRecord::RecordNotFound
  93. render 'active_rbac/registration/confirm_failure'
  94. end
  95.  
  96. # Displays "lost password form" on GET and tries to send a new one on POST.
  97. def lostpassword
  98. @errors = Array.new
  99.  
  100. if request.method == :post
  101. # Try to find the user with the given login and email adress
  102. @user = User.find :first,
  103. :conditions => [ 'login = ? AND email = ?', params[:login], params[:email] ]
  104.  
  105.  
  106. # We raise this here manually to have error handling in one place only
  107. raise ActiveRecord::RecordNotFound if @user.nil?
  108.  
  109. # A bit abusive to raise this exception here, but it is the same
  110. # error that is visible to users.
  111. unless [ User.states['confirmed'], User.states['retrieved_password'] ].include?(@user.state)
  112. raise ActiveRecord::RecordNotFound
  113. end
  114.  
  115. # Change the user's password to a random one
  116. password = Digest::MD5.hexdigest((rand 1000).to_s + Time.now.to_s).slice(1,10)
  117. @user.update_password password
  118. @user.state = User.states['retrieved_password']
  119. @user.save!
  120.  
  121. # Deliver lost password email
  122. RegistrationMailer.deliver_lost_password(@user, password)
  123.  
  124. # Render a success page
  125. render 'active_rbac/registration/lostpassword_success'
  126. end
  127. rescue ActiveRecord::RecordNotFound
  128. @errors << 'You have entered an invalid user name or an invalid email address.'
  129. end
  130. end
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!