Re-enable adding new users via the web interface

Also unify user creation and user editing.
This commit is contained in:
Eelco Dolstra 2013-11-05 12:41:10 +01:00
parent 36c961a376
commit 299ac07cbc
2 changed files with 54 additions and 63 deletions

View file

@ -124,53 +124,36 @@ sub setPassword {
sub register :Local Args(0) { sub register :Local Args(0) {
my ($self, $c) = @_; my ($self, $c) = @_;
die "Not implemented!\n"; accessDenied($c, "User registration is currently not implemented.") unless isAdmin($c);
$c->stash->{template} = 'user.tt'; $c->stash->{template} = 'user.tt';
$c->stash->{create} = 1; $c->stash->{create} = 1;
return if $c->request->method ne "POST"; return if $c->request->method ne "POST";
my $userName = trim $c->req->params->{username}; my $userName = trim $c->req->params->{username};
my $fullName = trim $c->req->params->{fullname};
my $password = trim $c->req->params->{password};
$c->stash->{username} = $userName; $c->stash->{username} = $userName;
$c->stash->{fullname} = $fullName;
sub fail { error($c, "You did not enter the correct digits from the security image.")
my ($c, $msg) = @_; unless isAdmin($c) || $c->validate_captcha($c->req->param('captcha'));
$c->stash->{errorMsg} = $msg;
}
return fail($c, "You did not enter the correct digits from the security image.") error($c, "Your user name is invalid. It must start with a lower-case letter followed by lower-case letters, digits, dots or underscores.")
unless $c->validate_captcha($c->req->param('captcha'));
return fail($c, "Your user name is invalid. It must start with a lower-case letter followed by lower-case letters, digits, dots or underscores.")
if $userName !~ /^$userNameRE$/; if $userName !~ /^$userNameRE$/;
return fail($c, "Your user name is already taken.") error($c, "Your user name is already taken.")
if $c->find_user({ username => $userName }); if $c->find_user({ username => $userName });
return fail($c, "Your must specify your full name.") if $fullName eq "";
return fail($c, "You must specify a password of at least 6 characters.")
unless isValidPassword($password);
return fail($c, "The passwords you specified did not match.")
if $password ne trim $c->req->params->{password2};
txn_do($c->model('DB')->schema, sub { txn_do($c->model('DB')->schema, sub {
my $user = $c->model('DB::Users')->create( my $user = $c->model('DB::Users')->create(
{ username => $userName { username => $userName
, fullname => $fullName
, password => "!" , password => "!"
, emailaddress => "", , emailaddress => "",
, type => "hydra" , type => "hydra"
}); });
setPassword($user, $password); updatePreferences($c, $user);
}); });
unless ($c->user_exists) { unless ($c->user_exists) {
$c->authenticate({username => $userName, password => $password}) $c->set_authenticated({username => $userName})
or error($c, "Unable to authenticate the new user!"); or error($c, "Unable to authenticate the new user!");
} }
@ -179,6 +162,42 @@ sub register :Local Args(0) {
} }
sub updatePreferences {
my ($c, $user) = @_;
my $password = trim($c->req->params->{password} // "");
if ($user->type eq "hydra" && ($user->password eq "!" || $password ne "")) {
error($c, "You must specify a password of at least 6 characters.")
unless isValidPassword($password);
error($c, "The passwords you specified did not match.")
if $password ne trim $c->req->params->{password2};
setPassword($user, $password);
}
my $fullName = trim($c->req->params->{fullname} // "");
error($c, "Your must specify your full name.") if $fullName eq "";
my $emailAddress = trim($c->req->params->{emailaddress} // "");
# FIXME: validate email address?
$user->update(
{ fullname => $fullName
, emailonerror => $c->stash->{params}->{"emailonerror"} ? 1 : 0
});
if (isAdmin($c)) {
$user->update({ emailaddress => $emailAddress })
if $user->type eq "hydra";
$user->userroles->delete;
$user->userroles->create({ role => $_ })
foreach paramToList($c, "roles");
}
}
sub currentUser :Path('/current-user') :ActionClass('REST') { } sub currentUser :Path('/current-user') :ActionClass('REST') { }
sub currentUser_GET { sub currentUser_GET {
@ -264,32 +283,8 @@ sub edit_POST {
return; return;
} }
my $fullName = trim $c->stash->{params}->{fullname};
txn_do($c->model('DB')->schema, sub { txn_do($c->model('DB')->schema, sub {
updatePreferences($c, $user);
error($c, "Your must specify your full name.") if $fullName eq "";
$user->update(
{ fullname => $fullName
, emailonerror => $c->stash->{params}->{"emailonerror"} ? 1 : 0
});
my $password = $c->stash->{params}->{password} // "";
if ($user->type eq "hydra" && $password ne "") {
error($c, "You must specify a password of at least 6 characters.")
unless isValidPassword($password);
error($c, "The passwords you specified did not match.")
if $password ne trim $c->stash->{params}->{password2};
setPassword($user, $password);
}
if (isAdmin($c)) {
$user->userroles->delete;
$user->userroles->create({ role => $_})
foreach paramToList($c, "roles");
}
}); });
if ($c->request->looks_like_browser) { if ($c->request->looks_like_browser) {

View file

@ -34,7 +34,7 @@
</div> </div>
</div> </div>
[% IF !create && user.type == 'hydra' %] [% IF create || user.type == 'hydra' %]
<div class="control-group"> <div class="control-group">
<label class="control-label">Password</label> <label class="control-label">Password</label>
<div class="controls"> <div class="controls">
@ -50,16 +50,13 @@
</div> </div>
[% END %] [% END %]
<!--
<div class="control-group"> <div class="control-group">
<label class="control-label">Email</label> <label class="control-label">Email</label>
<div class="controls"> <div class="controls">
<input type="text" class="span3" name="emailaddress" [% HTML.attributes(value => user.emailaddress) %]/> <input type="text" class="span3" name="emailaddress" [% IF !create && user.type == 'persona' %]disabled="disabled"[% END %] [%+ HTML.attributes(value => user.emailaddress) %]/>
</div> </div>
</div> </div>
-->
[% IF !create %]
<div class="control-group"> <div class="control-group">
<div class="controls"> <div class="controls">
<label class="checkbox"> <label class="checkbox">
@ -67,9 +64,8 @@
</label> </label>
</div> </div>
</div> </div>
[% END %]
[% IF !create %] [% IF !create || c.check_user_roles('admin') %]
<div class="control-group"> <div class="control-group">
<label class="control-label">Roles</label> <label class="control-label">Roles</label>
<div class="controls"> <div class="controls">
@ -81,7 +77,7 @@
</div> </div>
[% END %] [% END %]
[% IF create %] [% IF create && !c.check_user_roles('admin') %]
<div class="control-group"> <div class="control-group">
<div class="controls"> <div class="controls">
<img src="[% c.uri_for('/captcha') %]" alt="CAPTCHA"/> <img src="[% c.uri_for('/captcha') %]" alt="CAPTCHA"/>