Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ## user_controller.rb
- class UsersController < ApplicationController
- before_filter :authenticate, :except => [:login, :sign_on, :register, :sign_up]
- before_filter :authorize, :only => [:certificates, :creations, :key_pairs, :logout,
- :new_user_certificate,:rsa_key_pairs_selector, :edit, :update,
- :destroy, :invitation_for, :invitation_by, :inbox, :outbox]
- auto_complete_for :user, :name
- protected
- def authenticate
- if session[:user].nil?
- session[:return_to] = request.request_uri
- redirect_to :action => 'login'
- elsif session[:user] and session[:user][:updated_at] < 30.seconds.ago
- user = session[:user]
- user.update_attribute(:online_status, true)
- end
- end
- def authorize
- unless params[:id].nil? or params[:id].to_i == session[:user][:id]
- flash[:message] = "You are not permitted to see this content!<br> You were redirected."
- end
- end
- public
- def home
- if params[:id].nil? or params[:id].to_i == session[:user][:id]
- @user = session[:user]
- @menu_highlight = "home"
- @section_name = @user.name_to_genitive+" home"
- else
- @user = User.find(params[:id])
- end
- @posts = @user.posts.paginate :per_page => 5, :page => params[:page]
- end
- # def home
- # @user = session['user']
- # @section_name = @user.name_to_genitive+" home"
- # @menu_highlight = "home"
- # end
- def creations
- @user = session[:user]
- @menu_highlight = "creations"
- @section_name = @user.name_to_genitive+" creations"
- end
- def certificates
- @user = session[:user]
- @menu_highlight = "certificates"
- @section_name = @user.name_to_genitive+" certificates"
- @rsa_key_pairs = @user.rsa_key_pairs.select{ |x| x.id }
- end
- # def certificates
- # @section_name = "certificates"
- # @menu_highlight = "certificates"
- # @user = session['user']
- # @rsa_key_pairs = @user.rsa_key_pairs.select{ |x| x.id }
- # end
- def index
- redirect_to :action => 'home'
- end
- # def index
- # unless session['user']
- # redirect_to :action => 'login'
- # else
- # redirect_to :action => 'home'
- # end
- # end
- def login
- @menu_highlight = "login"
- @section_name = "user login"
- end
- def sign_on
- # @menu_highlight = "login"
- unless ( params[:name].nil? or params[:password].nil? or
- (params[:name].empty? or params[:password].empty?) )
- user = User.find_by_name_and_password(params[:name], params[:password])
- if user
- session[:user] = user
- session[:cart] = {}
- user.update_attribute(:online_status, true)
- flash[:message] = "You are now logged in!"
- if session[:return_to]
- redirect_to(session[:return_to])
- session[:return_to] = nil
- else
- redirect_to :action => 'home', :id => session[:user]
- end
- else
- flash[:message] = "Unknown name or password is incorrect!"
- redirect_to :action => 'login'
- end
- else
- flash[:message] = "Please enter your name and password"
- redirect_to :action => 'login'
- end
- end
- # def login
- # @section_name = "user login"
- # @menu_highlight = "login"
- # @menu_message = "Please enter your account name and password!"
- # if (params['username'] and params['password'])
- # user = User.find_by_name(params['username'])
- # if (user and params['password'] == user.password)
- # session['user'] = user
- # flash[:message] = "Well done, logged in!"
- # redirect_to :action => 'home'
- # else
- # flash[:message] = "Unknown user or password wrong!"
- # end
- # end
- # end
- # Called by remote devices to register new user
- def register_mobile
- # parse parameters from request
- add_new_user = false
- create_key_pair = true
- user_name = ""
- user_password = ""
- user_email = ""
- key_algorithm = ""
- key_length = ""
- key_modulus = ""
- if params['newUser']
- params['newUser'].each('&') { |substring|
- if substring[0,4] == "true"
- add_new_user = true
- elsif substring[0,5] == "name="
- user_name = substring.split("=")[1].sub('&','')
- elsif substring[0,9] == "password="
- user_password = substring.split("=")[1].sub('&','')
- elsif substring[0,6] == "email="
- user_email = substring.split("=")[1].sub('&','')
- elsif substring[0,13] == "keyAlgorithm="
- key_algorithm = substring.split("=")[1].sub('&','')
- elsif substring[0,10] == "keyLength="
- key_length = substring.split("=")[1].sub('&','')
- elsif substring[0,11] == "keyModulus="
- key_modulus = substring.split("=")[1].sub('&','')
- create_key_pair = false
- end
- }
- # build new user
- if (add_new_user == true)
- @user = User.new()
- @user.name = user_name
- @user.password = user_password
- @user.email = user_email
- if @user.save
- user_certificate = UserCertificate.create(:dn => @user.dn, :valid_from => 0.year.from_now.to_time, :valid_until => 1.year.from_now.to_time, :version => 1)
- root_certificate = UserCertificate.find_by_dn("/CN=FRODo@HHU/email=info@frodo-hhu.de")
- user_certificate.parent = root_certificate
- if (create_key_pair)
- user_certificate.rsa_key_pair = RsaKeyPair.new({:modulus_length => 1024})
- else
- #if (key_algorithm == RSA)
- user_certificate.rsa_key_pair = RsaKeyPair.new({:modulus_length => 64})
- user_certificate.rsa_key_pair.modulus_length = key_length
- user_certificate.rsa_key_pair.modulus = key_modulus
- user_certificate.rsa_key_pair.public_key_exponent = '010001'
- user_certificate.rsa_key_pair.private_key_exponent = 1 # dummy
- #end
- end
- user_certificate.sign_by_root
- @user.user_certificates.push user_certificate
- @user.rsa_key_pairs.push user_certificate.rsa_key_pair
- @user.save
- @user_info = "ROOT_CERTIFICATE="+root_certificate.to_xml+
- "END_ROOT_CERTIFICATE\nUSER_CERTIFICATE="+user_certificate.to_xml+"END_USER_CERTIFICATE"
- if (create_key_pair)
- @user_info += "\nUSER_PRIVATE_KEY="+user_certificate.rsa_key_pair.private_key_exponent+"END_USER_PRIVATE_KEY"
- end
- @user_info += "END_OF_MESSAGE"
- else
- @user_info = "Error occured while saving new user."
- end
- end
- else
- @user_info = "Error: Unknown parameters sent. Please retry."
- end
- render :partial => 'register_mobile', :layout => false
- end # register_mobile
- def logout
- @menu_highlight = "logout"
- @section_name = "user logout"
- user = session[:user]
- user.update_attribute(:online_status, false)
- reset_session
- end
- # def logout
- # @section_name = "user logout"
- # @menu_highlight = "logout"
- # session['user'] = nil
- # end
- def key_pairs
- @user = session[:user]
- @menu_highlight = "key_pairs"
- @section_name = @user.name_to_genitive+" key pairs"
- end
- # def key_pairs
- # @section_name = "key pairs"
- # @menu_highlight = "key_pairs"
- # @user = session['user']
- # end
- def new_user_certificate
- @section_name = "certificate creation"
- @user = User.find(params[:id])
- end
- # TODO wouldn't be more save to use session???
- # def new_user_certificate
- # @section_name = "certificate creation"
- # @user = session[:user]
- # end
- def register
- @menu_highlight = "register"
- end
- def sign_up
- @menu_highlight = "register"
- @section_name = "user register"
- @user = User.new(params[:user])
- if @user.save # who ate the error_messages?
- user_certificate = UserCertificate.create(:dn => @user.dn, :valid_from => 0.year.from_now.to_time, :valid_until => 1.year.from_now.to_time, :version => 1)
- root_certificate = UserCertificate.find_by_dn("/CN=FRODo@HHU/email=info@frodo-hhu.de")
- user_certificate.parent = root_certificate
- user_certificate.rsa_key_pair = RsaKeyPair.new({:modulus_length => 1024})
- user_certificate.sign_by_root
- @user.user_certificates.push user_certificate
- @user.rsa_key_pairs.push user_certificate.rsa_key_pair
- @user.save
- session[:user] = @user
- session[:cart] = {}
- flash[:message] = "You have been registered and logged in!"
- # redirect_to :controller => 'welcome', :action => 'index'
- redirect_to :action => 'home' , :id => session[:user]
- else
- flash[:message] = nil
- render :action => "register"
- end
- end
- # def register
- # @section_name = "user registration"
- # @menu_highlight = "register"
- # if params['user']
- # @user = User.new(params['user'])
- # if @user.save # who ate the error_messages?
- # user_certificate = UserCertificate.create(:dn => @user.dn, :valid_from => 0.year.from_now.to_time, :valid_until => 1.year.from_now.to_time, :version => 1)
- # root_certificate = UserCertificate.find_by_dn("/CN=FRODo@HHU/email=info@frodo-hhu.de")
- # user_certificate.parent = root_certificate
- # user_certificate.rsa_key_pair = RsaKeyPair.new({:modulus_length => 1024})
- # user_certificate.sign_by_root
- # @user.user_certificates.push user_certificate
- # @user.rsa_key_pairs.push user_certificate.rsa_key_pair
- # @user.save
- # session['user'] = @user
- # flash[:message] = "You have been registered and logged in!"
- # redirect_to :controller => 'welcome', :action => 'index'
- # else
- # flash[:message] = nil
- # end
- # end
- # end
- def rsa_key_pairs_selector
- @user = User.find(params[:id])
- @key_length = params[:length]
- render :partial => 'rsa_key_pairs_selector'
- end
- # def rsa_key_pairs_selector
- # @user = User.find(params['id'])
- # @key_length = params['length']
- # render :partial => 'rsa_key_pairs_selector'
- # end
- def edit
- @user = session[:user]
- @menu_highlight = "edit"
- @section_name = @user.name_to_genitive+" edit"
- end
- def update
- # TODO: make a partial
- @user = session[:user]
- @menu_highlight = "home"
- # user = params[:user]
- # user::password |= @user.password
- if @user.update_attributes(params[:user])
- flash[:message] = 'User was successfully updated.'
- redirect_to :action => 'home'
- else
- flash[:message] = "User couldn't be updated."
- redirect_to :action => 'edit'
- end
- #TODO File exists - /home/sugarray79/NetBeansProjects/frodo-c/public/user/picture/2/thumb
- end
- def destroy
- @user = session[:user]
- @user.destroy
- reset_session
- redirect_to :action => 'index'
- end
- def friends
- @user = User.find(params[:id])
- @section_name = @user.name_to_genitive+" friends"
- if @user == session[:user]
- @menu_highlight = "friends"
- end
- @selected = "friends"
- @users = @user.friends_accepted.paginate :per_page => 10, :page => params[:page]
- end
- def friends_online
- @user = User.find(params[:id])
- @section_name = @user.name_to_genitive+" friends"
- if @user == session[:user]
- @menu_highlight = "friends"
- end
- @selected = "friends_online"
- @users = @user.friends_accepted.online.paginate :per_page => 10, :page => params[:page]
- render :action => 'friends'
- end
- def friends_online_widget
- # user = User.find(params[:id])
- # @online_friends = session[:user].friends_accepted.online :limit => 4
- render :partial => 'friends_online_widget'
- end
- def invitation_for
- @user = session[:user]
- @menu_highlight = "friends"
- @section_name = @user.name_to_genitive+" friends"
- @selected = "invitation_for"
- @users = @user.invitations_for.paginate :per_page => 10, :page => params[:page]
- render :action => 'friends'
- end
- def invitation_by
- @user = session[:user]
- @menu_highlight = "friends"
- @section_name = @user.name_to_genitive+" friends"
- @selected = "invitation_by"
- @users = @user.invitations_by.paginate :per_page => 10, :page => params[:page]
- render :action => 'friends'
- end
- def invite_friend
- user = session[:user]
- friend = User.find(params[:id])
- if user.invited?(friend)
- flash[:message] = "The Invitation has already been sent. No further Invitations will be sent"
- elsif user.has_been_declined_by?(friend)
- flash[:message] = "User has declined your Invitation. No further Invitations will be sent"
- elsif user.friend?(friend)
- flash[:message] = "You have already friendship with #{friend.name}"
- else
- flash[:message] = 'The Invitation has been sent'
- Friendship.create(:user => user, :friend => friend)
- end
- redirect_to :action => 'home'
- end
- def confirm_friendship
- user = session[:user]
- friend = User.find(params[:id])
- friend.friendship(user).update_attribute(:status, 1)
- if user.friendship(friend)
- user.friendship(friend).update_attribute(:status, 1)
- else
- Friendship.create(:user => user, :friend => friend , :status => 1)
- flash[:message] = 'Friend was successfully added'
- end
- redirect_to :action => 'home'
- end
- def decline_friendship
- user = session[:user]
- friend = User.find(params[:id])
- friend.friendship(user).update_attribute(:status, -1)
- flash[:message] = 'Friendship was successfully denied'
- redirect_to :action => 'home'
- end
- def delete_friend
- user = session[:user]
- friend = User.find(params[:id])
- friend.friendship(user).destroy
- user.friendship(friend).destroy
- flash[:message] = 'Friend was successfully deleted'
- redirect_to :action => 'home'
- end
- def inbox
- @user = session[:user]
- @menu_highlight = "messages"
- @section_name = @user.name_to_genitive+" messages"
- @tab_selected = "inbox"
- @messages = @user.inbox.paginate :order => "created_at DESC", :per_page => 5, :page => params[:page]
- render :template => 'messages/inbox'
- end
- def outbox
- @user = session[:user]
- @menu_highlight = "messages"
- @section_name = @user.name_to_genitive+" messages"
- @tab_selected = "outbox"
- @messages = @user.outbox.paginate :order => "created_at DESC", :per_page => 5, :page => params[:page]
- render :template => 'messages/outbox'
- end
- def new_message
- @user = User.find(params[:id])
- @menu_highlight = "messages"
- @section_name = "new messages"
- render :template => 'messages/new'
- end
- def create_message
- @message = Message.new(params[:message])
- @message.author_id = session[:user][:id]
- if @message.save
- flash[:message] = 'Message was successfully sent'
- redirect_to :action => :home , :id => params[:message][:recipient_id]
- else
- @user = User.find(params[:id])
- render :template => "messages/new"
- end
- end
- def show_message_body
- message = Message.find(params[:id])
- if message.recipient_id == session[:user][:id] and message.r_read == false
- message.update_attribute(:r_read, true)
- end
- render :partial => 'messages/body', :locals => {:message => message}
- end
- def show_message_subject
- message = Message.find(params[:id])
- render :partial => 'messages/subject', :locals => {:message => message}
- end
- def destroy_message
- message = Message.find(params[:second_id])
- if message.author_id == session[:user][:id]
- unless message.r_del == true
- message.update_attribute(:a_del, true)
- else
- message.destroy
- end
- redirect_to :action => 'outbox'
- else
- unless message.a_del == true
- message.update_attribute(:r_del, true)
- else
- message.destroy
- end
- redirect_to :action => 'inbox'
- end
- end
- def search
- #acts_as_ferret:
- # @users = User.find_by_contents("#{params[:user][:name]}").paginate :per_page => 3, :page => params[:page]
- # @users = User.find(:all, :conditions => ['name LIKE ?', "%#{params[:user][:name]}%"]).paginate :per_page => 3, :page => params[:page]
- @users = User.find_all_by_name("#{params[:user][:name]}").paginate :per_page => 3, :page => params[:page]
- end
- def add_post
- user = User.find(params[:id])
- @post = Post.new(params[:post])
- @post.author_id = session[:user][:id]
- @post.postable = user
- @post.save
- end
- def delete_post
- post = Post.find(params[:second_id])
- if (session[:user] == post.author or session[:user] == post.user)
- post.destroy
- flash[:message] = 'Post was successfully deleted'
- end
- redirect_to :action => 'home'
- end
- end
Add Comment
Please, Sign In to add comment