mods/standard/sets/all/account.rb in wagn-1.12.13 vs mods/standard/sets/all/account.rb in wagn-1.13.0.pre
- old
+ new
@@ -3,29 +3,34 @@
Card::UserID
end
end
def account
- Account[ id ]
+ fetch :trait=>:account
end
def accountable?
- Card.toggle( rule(:accountable) ) and
- fetch( :trait=>:account, :new=>{} ).permitted?( :create) #don't use #ok? here because we don't want to check part permissions
+ Card.toggle( rule :accountable )
end
def parties
@parties ||= (all_roles << self.id).flatten.reject(&:blank?)
end
-def among? card_with_acct
- card_with_acct.each do |auth|
- return true if parties.member? auth
+def among? ok_ids
+ ok_ids.each do |ok_id|
+ return true if parties.member? ok_id
end
- card_with_acct.member? Card::AnyoneID
+ ok_ids.member? Card::AnyoneID
end
+def is_own_account?
+ # card is +*account card of signed_in user.
+ cardname.part_names[0].key == Auth.as_card.key and
+ cardname.part_names[1].key == Card[:account].key
+end
+
def read_rules
@read_rules ||= begin
rule_ids = []
unless id==Card::WagnBotID # always_ok, so not needed
( [ Card::AnyoneID ] + parties ).each do |party_id|
@@ -38,217 +43,25 @@
end
end
def all_roles
@all_roles ||=
- if id == Card::AnonID
+ if id == Card::AnonymousID
[]
else
- Account.as_bot do
+ Auth.as_bot do
role_trait = fetch :trait=>:roles
- [ Card::AuthID ] + ( role_trait ? role_trait.item_ids : [] )
+ [ Card::AnyoneSignedInID ] + ( role_trait ? role_trait.item_ids : [] )
end
end
end
-format :html do
- view :invitation_fields do |args|
- email_params = params[:email] || {}
- subject = email_params[:subject] || Card.setting('*invite+*subject') || ''
- message = email_params[:message] || Card.setting('*invite+*message') || ''
-
- success = Card.setting "#{ Card[:invite].name }+#{ Card[:thanks].name }"
- args[:buttons] = %{
- #{ submit_tag 'Invite' }
- #{ link_to 'Cancel', previous_location }
- }
-
- %{
- #{ hidden_field_tag :success, "REDIRECT: #{success}" if success }
- #{ fieldset :subject, text_field( :email, :subject, :value=>subject, :size=>60 ) }
- #{ fieldset :message, text_area( :email, :message, :value=>message, :rows=>10, :cols => 60 ),
- :help => "We'll create a password and attach it to the email." }
- #{ _optional_render :button_fieldset, args }
- }
- end
-
-
- view :account, :perms=> lambda { |r| r.card.update_account_ok? } do |args|
- frame_and_form :update, args, 'notify-success'=>'account details updated' do
- %{
- #{ render_account_detail }
- #{ _optional_render :button_fieldset, args }
- }
- end
- end
-
- def default_account_args args
- default_new_account_args args
- args[:buttons] = submit_tag 'Save Changes'
- end
-
-
- view :account_detail, :perms=>lambda { |r| r.card.update_account_ok? } do |args|
- account = args[:account] || card.account
-
- %{
- #{ fieldset :email,
- text_field( 'card[account_args]', :email, :autocomplete => :off, :value=>account.email ),
- :editor => 'content'
- }
- #{ fieldset :password,
- password_field( 'card[account_args]', :password ),
- :help => (args[:setup] ? nil : 'no change if blank'),
- :editor => 'content'
- }
- #{ fieldset 'confirm password',
- password_field( 'card[account_args]', :password_confirmation ),
- :editor => 'content'
- }
- #{
- if !args[:setup] && Account.user.id != account.id
- fieldset :block, check_box_tag( 'card[account_args][blocked]', '1', account.blocked? ), :help=>'prevents sign-ins'
- end
- }
- }
-
- end
-
-
- view :new_account, :perms=> lambda { |r| r.card.accountable? && !r.card.account } do |args|
- frame_and_form :update, args do
- %{
- #{ _render_email_fieldset }
- #{ _render_invitation_field }
- }
- end
- end
-
- def default_new_account_args args
- args[:hidden] = { :success => { :id=>'_self', :view=>'account' } }
- end
-
-
- view :email_fieldset do |args|
- fieldset :email, text_field( 'card[account_args]', :email ), :editor=>'content'
- end
-
-
- view :signin_and_forgot_password, :perms=>:none do |args|
- %{
- <div id="sign-in">#{ _render_signin args }</div>
- <div id="forgot-password">#{ _render_forgot_password args }</div>
- }
- end
-
- view :signin, :perms=>:none do |args|
- args.merge!( {
- :title=>'Sign In',
- :optional_help=>:show,
- :optional_menu=>:never,
- :hidden=>{ :success=>'REDIRECT:*previous' },
- :buttons=> submit_tag( 'Sign in' )
- })
- if Card.new(:type_id=>Card::AccountRequestID).ok? :create
- args[:buttons] += link_to( '...or sign up!', wagn_path("new/:account_request"))
- end
-
- frame_and_form 'account/signin', args, :recaptcha=>:off do
- [
- fieldset( :email, text_field_tag( 'login', params[:login], :id=>'login_field' ) ),
- fieldset( :password, password_field_tag( 'password' ) ),
- _optional_render( :button_fieldset, args )
- ]
- end
- end
-
- view :forgot_password, :perms=>:none do |args|
- args.merge!( {
- :title=>'Forgot Password',
- :optional_help=>:show,
- :optional_menu=>:never,
- :hidden => { :success => { :view=>:forgot_password }},
- :buttons => submit_tag( 'Reset my password' )
- } )
-
- frame_and_form 'account/forgot_password', args, :recaptcha=>:off,
- 'notify-success'=>"Check your email for your new temporary password" do
- [
- fieldset( :email, text_field_tag( 'email', params[:email] ) ),
- _optional_render( :button_fieldset, args )
- ]
- end
- end
+event :generate_token do
+ Digest::SHA1.hexdigest "--#{Time.now.to_s}--#{rand 10}--"
end
-
event :set_stamper, :before=>:approve do
- self.updater_id = Account.current_id
+ self.updater_id = Auth.current_id
self.creator_id = self.updater_id if new_card?
end
-event :create_account, :after=>:store, :on=>:save do
- if @account_args && !account && Card.toggle( rule :accountable )
-
- # note - following must be done here because subcard handling happens later (after mods loaded)
- # and account card must be created before user entry
- # when all are cards, neither the as_bot nor the special treatment should be necessary.
- account_card = Account.as_bot do
- Card.create! :name=>"#{ name }+#{ Card[:account].name }"
- end
-
- @account_args[:status] = 'pending' unless accountable?
- @account_args.reverse_merge! :card_id => self.id, :status => 'active', :account_id => account_card.id
-
- user = User.new @account_args
- handle_user_save user
- @newly_activated_account = user if user.active?
- end
-end
-
-event :update_account, :after=>:store, :on=>:update do
- if @account_args && account && update_account_ok?
- @account_args[:blocked] = account_args[:blocked] == '1'
- if Account.as_id == id and account_args[:blocked]
- raise Card::Oops, "can't block own account"
- end
- user = account
- user.attributes = @account_args
- handle_user_save user
- end
-end
-
-def handle_user_save user
- unless user.save
- user.errors.each do |key,err|
- errors.add key,err
- end
- raise ActiveRecord::Rollback
- end
-end
-
-
-activation_ready = proc do |c|
- Wagn::Env.params[:activate] and c.accountable? and c.account
-end
-
-event :activate_account, :after=>:store, :on=>:update, :when=>activation_ready do
- account.update_attributes :status=>'active'
- @newly_activated_account = account
-end
-
-
-event :notify_accounted, :after=>:extend do
- if @newly_activated_account && @newly_activated_account.active?
- email_args = Wagn::Env.params[:email] || {}
- email_args[:message] ||= Card.setting('*signup+*message') || "Thanks for signing up to #{Card.setting('*title')}!"
- email_args[:subject] ||= Card.setting('*signup+*subject') || "Account info for #{Card.setting('*title')}!"
- @newly_activated_account.send_account_info email_args
- end
-end
-
-event :block_deleted_user, :after=>:store, :on=>:delete do
- if account = Account[ self.id ]
- account.update_attributes :status=>'blocked'
- end
-end