Andreas/tracks
1
0
Fork 0
mirror of https://github.com/TracksApp/tracks.git synced 2026-01-30 20:55:17 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Better signup system implemented. The users table has another new column, 'is_admin'. If no users have been created, the first user to sign in is made the admin user. If the admin user (while logged in), visits the signup page, the form indicates that this user can create a new user (who won't have admin rights). If anyone who is not not logged in and not an admin user visits signup, they are greeted with a message that they don't have permission to create an account, and should contact the admin. I've made a new field in settings.yml to hold your admin email address for this purpose. This should mean that you can safely leave signup.rhtml intact on a public server.

Browse source 
git-svn-id: http://www.rousette.org.uk/svn/tracks-repos/trunk@31 a4c988fc-2ded-0310-b66e-134b36920a42
This commit is contained in:
bsag 2005-02-26 21:19:44 +00:00
parent bc9f91c32d
commit 7776931d69
5 changed files with 47 additions and 20 deletions
Download patch file Download diff file Expand all files Collapse all files

4
tracks/app/models/user.rb
View file

@ -21,10 +21,12 @@ class User < ActiveRecord::Base
def crypt_password
write_attribute("password", self.class.sha1(password)) if password == @password_confirmation
write_attribute("word", self.class.sha1(word))
end
validates_length_of :password, :login, :within => 5..40
validates_presence_of :password, :login
validates_presence_of :password, :login, :word
validates_uniqueness_of :login, :on => :create
validates_uniqueness_of :word, :on => :create
validates_confirmation_of :password, :on => :create
end

6
tracks/app/views/layouts/standard.rhtml
View file

@ -23,11 +23,11 @@
<li><%= link_to( "Completed", :controller => "todo", :action => "completed" ) %></li>
<li><a href="javascript:toggleAll('notes','block')" title="Show all notes">Show</a></li>
<li><a href="javascript:toggleAll('notes','none')" title="Show all notes">Hide</a></li>
<li><%= link_to ("<span style=\"font-family: verdana, sans-serif; font-size: 10px; font-weight:bold; text-decoration:none; color: white; background-color: #F60; border:1px solid;
<li><%= link_to("<span style=\"font-family: verdana, sans-serif; font-size: 10px; font-weight:bold; text-decoration:none; color: white; background-color: #F60; border:1px solid;
border-color: #FC9 #630 #330 #F96; padding:0px 3px 0px 3px; margin:0px;\">RSS</span>", {:controller => "feed", :action => "na_feed", :params => {"name", "#{@session['user']['login']}", "token", "#{@session['user']['word']}"}}, :title => "Subscribe to an RSS feed of your next actions" ) %></li>
<li><%= link_to ("<span style=\"font-family: verdana, sans-serif; font-size: 10px; font-weight:bold; text-decoration:none; color: white; background-color: #F60; border:1px solid;
<li><%= link_to("<span style=\"font-family: verdana, sans-serif; font-size: 10px; font-weight:bold; text-decoration:none; color: white; background-color: #F60; border:1px solid;
border-color: #FC9 #630 #330 #F96; padding:0px 3px 0px 3px; margin:0px;\">TXT</span>", {:controller => "feed", :action => "na_text", :params => {"name", "#{@session['user']['login']}", "token", "#{@session['user']['word']}"}}, :title => "View a plain text feed of your next actions" ) %></li>
<li><%= link_to "Logout &#187;", :controller => "login", :action=>"logout"%></li>
<li><%= link_to "Logout (#{@session['user']['login']}) &#187;", :controller => "login", :action=>"logout"%></li>
</ul>
</div>
<%= @content_for_layout %>

42
tracks/app/views/login/signup.rhtml
View file

@ -1,17 +1,37 @@
<%= start_form_tag :action=> "signup" %>
<div title="Account signup" id="signupform" class="form">
<h3>Signup</h3>
<%= render_errors @user %><br/>
<label for="user_login">Desired login:</label><br/>
<%= text_field "user", "login", :size => 30 %><br/>
<label for="user_password">Choose password:</label><br/>
<%= password_field "user", "password", :size => 30 %><br/>
<label for="user_password_confirmation">Confirm password:</label><br/>
<%= password_field "user", "password_confirmation", :size => 30 %><br/>
<input type="submit" value="Signup &#187;" class="primary" />
<% if User.find_all.empty? %>
<%= hidden_field "user", "is_admin", "value" => 1 %>
<h3>Sign up as the admin user</h3>
<%= render_errors @user %><br/>
<label for="user_login">Desired login:</label><br/>
<%= text_field "user", "login", :size => 30 %><br/>
<label for="user_password">Choose password:</label><br/>
<%= password_field "user", "password", :size => 30 %><br/>
<label for="user_password_confirmation">Confirm password:</label><br/>
<%= password_field "user", "password_confirmation", :size => 30 %><br/>
<label for="user_word">Secret word (different to password):</label><br />
<%= password_field "user", "word", :size => 30 %><br />
<input type="submit" value="Signup &#187;" class="primary" />
<% elsif (@session['user'] && @session['user']['is_admin'] == 1) %>
<%= hidden_field "user", "is_admin", "value" => 0 %>
<h3>Sign up a new user</h3>
<%= render_errors @user %><br/>
<label for="user_login">Desired login:</label><br/>
<%= text_field "user", "login", :size => 30 %><br/>
<label for="user_password">Choose password:</label><br/>
<%= password_field "user", "password", :size => 30 %><br/>
<label for="user_password_confirmation">Confirm password:</label><br/>
<%= password_field "user", "password_confirmation", :size => 30 %><br/>
<label for="user_word">Secret word (different to password):</label><br />
<%= password_field "user", "word", :size => 30 %><br />
<input type="submit" value="Signup &#187;" class="primary" />
<% else %>
<h3>Signup</h3>
<p>You don't have permission to sign up for a new account.</p>
<p>Please contact the site administrator <%= mail_to "#{app_configurations["admin"]["email"]}", "by email", :encode => "hex" %> to get permission.</p>
<% end %>
<%= end_form_tag %>

1
tracks/doc/CHANGENOTES.txt
View file

@ -30,6 +30,7 @@ or whatever the full URL is. This should help people who put Tracks in a subdire
but ONLY if you're using the development environment; with production it's fine, and with the gem version of Redcloth it's fine in both environments.
13. Modified the 'count' badge on todo/list: now shows the number of uncompleted items in contexts that *aren't* hidden (i.e. the actions actually listed on todo/list). Number of items in hidden contexts are shown in parentheses after the link to that context. So you don't forget about that stuff ;-)
14. Protected RSS and text feeds at last! The appropriate URLs can be copied from the RSS and TXT links in the navigation bar. The URL includes the login name of the current user, and an MD5 encoded string of the 'word' field of the users table. This is checked against users to make sure it's valid; if it is, the feed is displayed, if not, you get an error message.
15. Better signup system implemented. The users table has another new column, 'is_admin'. If no users have been created, the first user to sign in is made the admin user. If the admin user (while logged in), visits the signup page, the form indicates that this user can create a new user (who won't have admin rights). If anyone who is not not logged in and not an admin user visits signup, they are greeted with a message that they don't have permission to create an account, and should contact the admin. I've made a new field in settings.yml to hold your admin email address for this purpose. This should mean that you can safely leave signup.rhtml intact on a public server.
## Version 1.01

14
tracks/public/stylesheets/scaffold.css
View file

@ -1,15 +1,19 @@
body { background-color: #fff; color: #333; }
body, p, ol, ul, td {
body, ol, ul, td {
font-family: verdana, arial, helvetica, sans-serif;
font-size: 12px;
line-height: 18px;
background: #eee;
}
a { color: #000; }
a:visited { color: #666; }
a:hover { color: #fff; background-color: #000; }
p {
background: #ff9;
}
a { color: #f00; padding: 3px; }
a:visited { color: #f00; }
a:hover { color: #000; background-color: #f00; }
h1, h2, h3 { color: #333; font-family: verdana, arial, helvetica, sans-serif; text-align: center; }
h1 { font-size: 28px }
@ -31,7 +35,7 @@ pre {
}
div.form {
width: 40%;
width: 25%;
margin: 100px auto;
padding: 10px;
border: 1px solid #999;