API tools faq
paste
Guest User

Untitled

a guest
May 17th, 2018
256
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 16.61 KB | None | 0 0
raw download clone embed print report
  1. ## user_controller.rb
  2. class UsersController < ApplicationController
  3.  
  4. before_filter :authenticate, :except => [:login, :sign_on, :register, :sign_up]
  5. before_filter :authorize, :only => [:certificates, :creations, :key_pairs, :logout,
  6. :new_user_certificate,:rsa_key_pairs_selector, :edit, :update,
  7. :destroy, :invitation_for, :invitation_by, :inbox, :outbox]
  8.  
  9. auto_complete_for :user, :name
  10.  
  11. protected
  12.  
  13. def authenticate
  14. if session[:user].nil?
  15. session[:return_to] = request.request_uri
  16. redirect_to :action => 'login'
  17. elsif session[:user] and session[:user][:updated_at] < 30.seconds.ago
  18. user = session[:user]
  19. user.update_attribute(:online_status, true)
  20. end
  21. end
  22.  
  23. def authorize
  24. unless params[:id].nil? or params[:id].to_i == session[:user][:id]
  25. flash[:message] = "You are not permitted to see this content!<br> You were redirected."
  26. end
  27. end
  28.  
  29. public
  30.  
  31. def home
  32. if params[:id].nil? or params[:id].to_i == session[:user][:id]
  33. @user = session[:user]
  34. @menu_highlight = "home"
  35. @section_name = @user.name_to_genitive+" home"
  36. else
  37. @user = User.find(params[:id])
  38. end
  39. @posts = @user.posts.paginate :per_page => 5, :page => params[:page]
  40. end
  41.  
  42. # def home
  43. # @user = session['user']
  44. # @section_name = @user.name_to_genitive+" home"
  45. # @menu_highlight = "home"
  46. # end
  47.  
  48. def creations
  49. @user = session[:user]
  50. @menu_highlight = "creations"
  51. @section_name = @user.name_to_genitive+" creations"
  52. end
  53.  
  54. def certificates
  55. @user = session[:user]
  56. @menu_highlight = "certificates"
  57. @section_name = @user.name_to_genitive+" certificates"
  58. @rsa_key_pairs = @user.rsa_key_pairs.select{ |x| x.id }
  59. end
  60. # def certificates
  61. # @section_name = "certificates"
  62. # @menu_highlight = "certificates"
  63. # @user = session['user']
  64. # @rsa_key_pairs = @user.rsa_key_pairs.select{ |x| x.id }
  65. # end
  66.  
  67. def index
  68. redirect_to :action => 'home'
  69. end
  70. # def index
  71. # unless session['user']
  72. # redirect_to :action => 'login'
  73. # else
  74. # redirect_to :action => 'home'
  75. # end
  76. # end
  77.  
  78. def login
  79. @menu_highlight = "login"
  80. @section_name = "user login"
  81. end
  82.  
  83. def sign_on
  84. # @menu_highlight = "login"
  85. unless ( params[:name].nil? or params[:password].nil? or
  86. (params[:name].empty? or params[:password].empty?) )
  87. user = User.find_by_name_and_password(params[:name], params[:password])
  88. if user
  89. session[:user] = user
  90. session[:cart] = {}
  91. user.update_attribute(:online_status, true)
  92. flash[:message] = "You are now logged in!"
  93. if session[:return_to]
  94. redirect_to(session[:return_to])
  95. session[:return_to] = nil
  96. else
  97. redirect_to :action => 'home', :id => session[:user]
  98. end
  99. else
  100. flash[:message] = "Unknown name or password is incorrect!"
  101. redirect_to :action => 'login'
  102. end
  103. else
  104. flash[:message] = "Please enter your name and password"
  105. redirect_to :action => 'login'
  106. end
  107. end
  108. # def login
  109. # @section_name = "user login"
  110. # @menu_highlight = "login"
  111. # @menu_message = "Please enter your account name and password!"
  112. # if (params['username'] and params['password'])
  113. # user = User.find_by_name(params['username'])
  114. # if (user and params['password'] == user.password)
  115. # session['user'] = user
  116. # flash[:message] = "Well done, logged in!"
  117. # redirect_to :action => 'home'
  118. # else
  119. # flash[:message] = "Unknown user or password wrong!"
  120. # end
  121. # end
  122. # end
  123.  
  124. # Called by remote devices to register new user
  125. def register_mobile
  126. # parse parameters from request
  127. add_new_user = false
  128. create_key_pair = true
  129. user_name = ""
  130. user_password = ""
  131. user_email = ""
  132. key_algorithm = ""
  133. key_length = ""
  134. key_modulus = ""
  135. if params['newUser']
  136. params['newUser'].each('&') { |substring|
  137. if substring[0,4] == "true"
  138. add_new_user = true
  139. elsif substring[0,5] == "name="
  140. user_name = substring.split("=")[1].sub('&','')
  141. elsif substring[0,9] == "password="
  142. user_password = substring.split("=")[1].sub('&','')
  143. elsif substring[0,6] == "email="
  144. user_email = substring.split("=")[1].sub('&','')
  145. elsif substring[0,13] == "keyAlgorithm="
  146. key_algorithm = substring.split("=")[1].sub('&','')
  147. elsif substring[0,10] == "keyLength="
  148. key_length = substring.split("=")[1].sub('&','')
  149. elsif substring[0,11] == "keyModulus="
  150. key_modulus = substring.split("=")[1].sub('&','')
  151. create_key_pair = false
  152. end
  153. }
  154. # build new user
  155. if (add_new_user == true)
  156. @user = User.new()
  157. @user.name = user_name
  158. @user.password = user_password
  159. @user.email = user_email
  160. if @user.save
  161. user_certificate = UserCertificate.create(:dn => @user.dn, :valid_from => 0.year.from_now.to_time, :valid_until => 1.year.from_now.to_time, :version => 1)
  162. root_certificate = UserCertificate.find_by_dn("/CN=FRODo@HHU/email=info@frodo-hhu.de")
  163. user_certificate.parent = root_certificate
  164. if (create_key_pair)
  165. user_certificate.rsa_key_pair = RsaKeyPair.new({:modulus_length => 1024})
  166. else
  167. #if (key_algorithm == RSA)
  168. user_certificate.rsa_key_pair = RsaKeyPair.new({:modulus_length => 64})
  169. user_certificate.rsa_key_pair.modulus_length = key_length
  170. user_certificate.rsa_key_pair.modulus = key_modulus
  171. user_certificate.rsa_key_pair.public_key_exponent = '010001'
  172. user_certificate.rsa_key_pair.private_key_exponent = 1 # dummy
  173. #end
  174. end
  175. user_certificate.sign_by_root
  176. @user.user_certificates.push user_certificate
  177. @user.rsa_key_pairs.push user_certificate.rsa_key_pair
  178. @user.save
  179. @user_info = "ROOT_CERTIFICATE="+root_certificate.to_xml+
  180. "END_ROOT_CERTIFICATE\nUSER_CERTIFICATE="+user_certificate.to_xml+"END_USER_CERTIFICATE"
  181. if (create_key_pair)
  182. @user_info += "\nUSER_PRIVATE_KEY="+user_certificate.rsa_key_pair.private_key_exponent+"END_USER_PRIVATE_KEY"
  183. end
  184. @user_info += "END_OF_MESSAGE"
  185. else
  186. @user_info = "Error occured while saving new user."
  187. end
  188. end
  189. else
  190. @user_info = "Error: Unknown parameters sent. Please retry."
  191. end
  192. render :partial => 'register_mobile', :layout => false
  193.  
  194. end # register_mobile
  195.  
  196. def logout
  197. @menu_highlight = "logout"
  198. @section_name = "user logout"
  199. user = session[:user]
  200. user.update_attribute(:online_status, false)
  201. reset_session
  202. end
  203. # def logout
  204. # @section_name = "user logout"
  205. # @menu_highlight = "logout"
  206. # session['user'] = nil
  207. # end
  208.  
  209. def key_pairs
  210. @user = session[:user]
  211. @menu_highlight = "key_pairs"
  212. @section_name = @user.name_to_genitive+" key pairs"
  213. end
  214. # def key_pairs
  215. # @section_name = "key pairs"
  216. # @menu_highlight = "key_pairs"
  217. # @user = session['user']
  218. # end
  219.  
  220. def new_user_certificate
  221. @section_name = "certificate creation"
  222. @user = User.find(params[:id])
  223. end
  224.  
  225. # TODO wouldn't be more save to use session???
  226. # def new_user_certificate
  227. # @section_name = "certificate creation"
  228. # @user = session[:user]
  229. # end
  230.  
  231. def register
  232. @menu_highlight = "register"
  233. end
  234.  
  235. def sign_up
  236. @menu_highlight = "register"
  237. @section_name = "user register"
  238. @user = User.new(params[:user])
  239. if @user.save # who ate the error_messages?
  240. user_certificate = UserCertificate.create(:dn => @user.dn, :valid_from => 0.year.from_now.to_time, :valid_until => 1.year.from_now.to_time, :version => 1)
  241. root_certificate = UserCertificate.find_by_dn("/CN=FRODo@HHU/email=info@frodo-hhu.de")
  242. user_certificate.parent = root_certificate
  243. user_certificate.rsa_key_pair = RsaKeyPair.new({:modulus_length => 1024})
  244. user_certificate.sign_by_root
  245. @user.user_certificates.push user_certificate
  246. @user.rsa_key_pairs.push user_certificate.rsa_key_pair
  247. @user.save
  248. session[:user] = @user
  249. session[:cart] = {}
  250. flash[:message] = "You have been registered and logged in!"
  251. # redirect_to :controller => 'welcome', :action => 'index'
  252. redirect_to :action => 'home' , :id => session[:user]
  253. else
  254. flash[:message] = nil
  255. render :action => "register"
  256. end
  257. end
  258. # def register
  259. # @section_name = "user registration"
  260. # @menu_highlight = "register"
  261. # if params['user']
  262. # @user = User.new(params['user'])
  263. # if @user.save # who ate the error_messages?
  264. # user_certificate = UserCertificate.create(:dn => @user.dn, :valid_from => 0.year.from_now.to_time, :valid_until => 1.year.from_now.to_time, :version => 1)
  265. # root_certificate = UserCertificate.find_by_dn("/CN=FRODo@HHU/email=info@frodo-hhu.de")
  266. # user_certificate.parent = root_certificate
  267. # user_certificate.rsa_key_pair = RsaKeyPair.new({:modulus_length => 1024})
  268. # user_certificate.sign_by_root
  269. # @user.user_certificates.push user_certificate
  270. # @user.rsa_key_pairs.push user_certificate.rsa_key_pair
  271. # @user.save
  272. # session['user'] = @user
  273. # flash[:message] = "You have been registered and logged in!"
  274. # redirect_to :controller => 'welcome', :action => 'index'
  275. # else
  276. # flash[:message] = nil
  277. # end
  278. # end
  279. # end
  280.  
  281. def rsa_key_pairs_selector
  282. @user = User.find(params[:id])
  283. @key_length = params[:length]
  284. render :partial => 'rsa_key_pairs_selector'
  285. end
  286. # def rsa_key_pairs_selector
  287. # @user = User.find(params['id'])
  288. # @key_length = params['length']
  289. # render :partial => 'rsa_key_pairs_selector'
  290. # end
  291.  
  292.  
  293. def edit
  294. @user = session[:user]
  295. @menu_highlight = "edit"
  296. @section_name = @user.name_to_genitive+" edit"
  297. end
  298.  
  299. def update
  300. # TODO: make a partial
  301. @user = session[:user]
  302. @menu_highlight = "home"
  303. # user = params[:user]
  304. # user::password |= @user.password
  305. if @user.update_attributes(params[:user])
  306. flash[:message] = 'User was successfully updated.'
  307. redirect_to :action => 'home'
  308. else
  309. flash[:message] = "User couldn't be updated."
  310. redirect_to :action => 'edit'
  311. end
  312. #TODO File exists - /home/sugarray79/NetBeansProjects/frodo-c/public/user/picture/2/thumb
  313. end
  314.  
  315. def destroy
  316. @user = session[:user]
  317. @user.destroy
  318. reset_session
  319. redirect_to :action => 'index'
  320. end
  321.  
  322. def friends
  323. @user = User.find(params[:id])
  324. @section_name = @user.name_to_genitive+" friends"
  325. if @user == session[:user]
  326. @menu_highlight = "friends"
  327. end
  328. @selected = "friends"
  329. @users = @user.friends_accepted.paginate :per_page => 10, :page => params[:page]
  330. end
  331.  
  332. def friends_online
  333. @user = User.find(params[:id])
  334. @section_name = @user.name_to_genitive+" friends"
  335. if @user == session[:user]
  336. @menu_highlight = "friends"
  337. end
  338. @selected = "friends_online"
  339. @users = @user.friends_accepted.online.paginate :per_page => 10, :page => params[:page]
  340. render :action => 'friends'
  341. end
  342.  
  343. def friends_online_widget
  344. # user = User.find(params[:id])
  345. # @online_friends = session[:user].friends_accepted.online :limit => 4
  346. render :partial => 'friends_online_widget'
  347. end
  348.  
  349. def invitation_for
  350. @user = session[:user]
  351. @menu_highlight = "friends"
  352. @section_name = @user.name_to_genitive+" friends"
  353. @selected = "invitation_for"
  354. @users = @user.invitations_for.paginate :per_page => 10, :page => params[:page]
  355. render :action => 'friends'
  356. end
  357.  
  358. def invitation_by
  359. @user = session[:user]
  360. @menu_highlight = "friends"
  361. @section_name = @user.name_to_genitive+" friends"
  362. @selected = "invitation_by"
  363. @users = @user.invitations_by.paginate :per_page => 10, :page => params[:page]
  364. render :action => 'friends'
  365. end
  366.  
  367. def invite_friend
  368. user = session[:user]
  369. friend = User.find(params[:id])
  370. if user.invited?(friend)
  371. flash[:message] = "The Invitation has already been sent. No further Invitations will be sent"
  372. elsif user.has_been_declined_by?(friend)
  373. flash[:message] = "User has declined your Invitation. No further Invitations will be sent"
  374. elsif user.friend?(friend)
  375. flash[:message] = "You have already friendship with #{friend.name}"
  376. else
  377. flash[:message] = 'The Invitation has been sent'
  378. Friendship.create(:user => user, :friend => friend)
  379. end
  380. redirect_to :action => 'home'
  381. end
  382.  
  383. def confirm_friendship
  384. user = session[:user]
  385. friend = User.find(params[:id])
  386. friend.friendship(user).update_attribute(:status, 1)
  387. if user.friendship(friend)
  388. user.friendship(friend).update_attribute(:status, 1)
  389. else
  390. Friendship.create(:user => user, :friend => friend , :status => 1)
  391. flash[:message] = 'Friend was successfully added'
  392. end
  393. redirect_to :action => 'home'
  394. end
  395.  
  396. def decline_friendship
  397. user = session[:user]
  398. friend = User.find(params[:id])
  399. friend.friendship(user).update_attribute(:status, -1)
  400. flash[:message] = 'Friendship was successfully denied'
  401. redirect_to :action => 'home'
  402. end
  403.  
  404. def delete_friend
  405. user = session[:user]
  406. friend = User.find(params[:id])
  407. friend.friendship(user).destroy
  408. user.friendship(friend).destroy
  409. flash[:message] = 'Friend was successfully deleted'
  410. redirect_to :action => 'home'
  411. end
  412.  
  413. def inbox
  414. @user = session[:user]
  415. @menu_highlight = "messages"
  416. @section_name = @user.name_to_genitive+" messages"
  417. @tab_selected = "inbox"
  418. @messages = @user.inbox.paginate :order => "created_at DESC", :per_page => 5, :page => params[:page]
  419. render :template => 'messages/inbox'
  420. end
  421.  
  422. def outbox
  423. @user = session[:user]
  424. @menu_highlight = "messages"
  425. @section_name = @user.name_to_genitive+" messages"
  426. @tab_selected = "outbox"
  427. @messages = @user.outbox.paginate :order => "created_at DESC", :per_page => 5, :page => params[:page]
  428. render :template => 'messages/outbox'
  429. end
  430.  
  431. def new_message
  432. @user = User.find(params[:id])
  433. @menu_highlight = "messages"
  434. @section_name = "new messages"
  435. render :template => 'messages/new'
  436. end
  437.  
  438. def create_message
  439. @message = Message.new(params[:message])
  440. @message.author_id = session[:user][:id]
  441. if @message.save
  442. flash[:message] = 'Message was successfully sent'
  443. redirect_to :action => :home , :id => params[:message][:recipient_id]
  444. else
  445. @user = User.find(params[:id])
  446. render :template => "messages/new"
  447. end
  448. end
  449.  
  450. def show_message_body
  451. message = Message.find(params[:id])
  452. if message.recipient_id == session[:user][:id] and message.r_read == false
  453. message.update_attribute(:r_read, true)
  454. end
  455. render :partial => 'messages/body', :locals => {:message => message}
  456. end
  457.  
  458. def show_message_subject
  459. message = Message.find(params[:id])
  460. render :partial => 'messages/subject', :locals => {:message => message}
  461. end
  462.  
  463. def destroy_message
  464. message = Message.find(params[:second_id])
  465. if message.author_id == session[:user][:id]
  466. unless message.r_del == true
  467. message.update_attribute(:a_del, true)
  468. else
  469. message.destroy
  470. end
  471. redirect_to :action => 'outbox'
  472. else
  473. unless message.a_del == true
  474. message.update_attribute(:r_del, true)
  475. else
  476. message.destroy
  477. end
  478. redirect_to :action => 'inbox'
  479. end
  480. end
  481.  
  482. def search
  483. #acts_as_ferret:
  484. # @users = User.find_by_contents("#{params[:user][:name]}").paginate :per_page => 3, :page => params[:page]
  485. # @users = User.find(:all, :conditions => ['name LIKE ?', "%#{params[:user][:name]}%"]).paginate :per_page => 3, :page => params[:page]
  486. @users = User.find_all_by_name("#{params[:user][:name]}").paginate :per_page => 3, :page => params[:page]
  487. end
  488.  
  489. def add_post
  490. user = User.find(params[:id])
  491. @post = Post.new(params[:post])
  492. @post.author_id = session[:user][:id]
  493. @post.postable = user
  494. @post.save
  495. end
  496.  
  497. def delete_post
  498. post = Post.find(params[:second_id])
  499. if (session[:user] == post.author or session[:user] == post.user)
  500. post.destroy
  501. flash[:message] = 'Post was successfully deleted'
  502. end
  503. redirect_to :action => 'home'
  504. end
  505.  
  506. end
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!