Merge branch 'master' of github.com:martini/zammad

2012-04-20 17:38:32 +02:00 · 2012-04-20 17:38:32 +02:00 · 6a042642a6
commit 6a042642a6
parent f2617c9b38 bcccd22ece
11 changed files with 137 additions and 70 deletions
--- a/app/assets/javascripts/app/controllers/login.js.coffee
+++ b/app/assets/javascripts/app/controllers/login.js.coffee
@ -48,20 +48,12 @@ class Index extends App.Controller
  
  login: (e) ->
    e.preventDefault()
-    e.stopPropagation();
-
-    @log 'submit', $(e.target)
-    @username = $(e.target).find('[name="username"]').val()
-    @password = $(e.target).find('[name="password"]').val()
-#    @log @username, @password 
+    params = @formParam(e.target)
    
    # session create with login/password
    auth = new App.Auth
    auth.login(
-      data: {
-        username: @username,
-        password: @password,
-      },
+      data:    params,
      success: @success
      error:   @error,
    )
--- a/app/assets/javascripts/app/views/agent_ticket_create.jst.eco
+++ b/app/assets/javascripts/app/views/agent_ticket_create.jst.eco
@ -22,6 +22,6 @@
    </div>
  </div>
  <div class="form-actions">
-    <button type="reset" class="btn">Cancel</button>&nbsp;<input type="submit" class="btn-primary" value="Create"/>
+    <button type="reset" class="btn">Cancel</button>&nbsp;<input type="submit" class="btn btn-primary" value="Create"/>
  </div>
 </form>
--- a/app/assets/javascripts/app/views/getting_started.jst.eco
+++ b/app/assets/javascripts/app/views/getting_started.jst.eco
@ -18,7 +18,7 @@
        <h2>Master Agent</h2>
        <form class="form-stacked">
          <%- @form_master %>
-          <button class="btn-primary submit">Next...</button>          
+          <button class="btn btn-primary submit">Next...</button>          
        </form>
      </div>
    <% end %>
@ -26,7 +26,7 @@
        <h2>Invite Agents</h2>
        <form class="form-stacked">
          <%- @form_agent %>
-          <button class="btn-primary submit">Send Invitation</button>          
+          <button class="btn btn-primary submit">Send Invitation</button>          
        </form>
      </div>
      <div class="span6">
--- a/app/assets/javascripts/app/views/login.jst.eco
+++ b/app/assets/javascripts/app/views/login.jst.eco
@ -6,11 +6,16 @@
    <div class="container">
      <div class="row">
        <div class="span12">
-          Sign in with
+          <p>Sign in with</p>
          <form id="login" class="form-search">
-            <input name="username" type="text" class="input span3" placeholder="Username" value="<%= @item.username %>" autocapitalize="off"/>
+            <input name="username" type="text" class="input span3" placeholder="Username or email" value="<%= @item.username %>" autocapitalize="off"/>
            <input name="password" type="password" class="input span3" placeholder="Password"/>
-            <button class="btn-primary" type="submit">Sign in</button>
+            <button class="btn btn-primary" type="submit">Sign in</button>
+            <div>
+              <span class="small"><input name="remember_me" value="1" type="checkbox"/> Remember me</span>
+              <span class="small">&middot;</span>
+              <a href="#resend_password" class="small">Forgot password?</a>
+            </div>
          </form>
        </div>
      </div>
@ -25,7 +30,7 @@
      
      <div class="row">
        <div class="span12">
-          Sign in using
+          <p>Sign in using</p>
          <ul>
          <% for auth_provider in @auth_providers: %>
            <li><a href="<%= auth_provider.url %>"><%= auth_provider.name %></a></li>
--- a/app/assets/javascripts/app/views/signup.jst.eco
+++ b/app/assets/javascripts/app/views/signup.jst.eco
@ -2,12 +2,12 @@
  <h1>Join <%= Config.product_name %><small></small></h1>

  <div class="container">
-  
-    <form>
+    <form class="form-horizontal">
+      <p>
        <%- @form %>
-      <button class="btn cancel">Cancel</button>
-      <button class="btn-primary submit">Create my account</button>
+      </p>
+      <a href="#/" class="btn cancel">Cancel</a>
+      <button class="btn btn-primary submit">Create my account</button>
    </form>
-    
  </div>
 </div>
--- a/app/assets/stylesheets/zzz.css
+++ b/app/assets/stylesheets/zzz.css
@ -13,6 +13,15 @@ body {
  background-image: url("../assets/glyphicons-halflings.png");
 }

+/*
+ * 
+ */
+.hero-unit .small {
+  font-size: 12px;
+  line-height: 20px;
+  color: #999999;
+}
+
 /*
 * removed margin of forms to not break the layout with submit buttons within <form></form> area e. g. for modal dialogs
 */
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@ -92,6 +92,18 @@ class ApplicationController < ActionController::Base
      return false
    end

+    # check logon session
+    if params['logon_session'] 
+      logon_session = ActiveRecord::SessionStore::Session.where( :session_id => params['logon_session'] ).first
+      if logon_session
+        userdata = User.find( user_id = logon_session.data[:user_id] )
+      end
+
+      # set logon session user to current user
+      current_user_set(userdata)
+      return true
+    end
+
    # return auth not ok (no session exists)
    if !session[:user_id]
      message = 'no valid session, user_id'
@ -134,7 +146,7 @@ class ApplicationController < ActionController::Base
      :o_id                        => object.id,
      :history_type_id             => history_type.id,
      :history_object_id           => history_object.id,
-      :created_by_id               => session[:user_id]
+      :created_by_id               => current_user.id
    )
  end

--- a/app/controllers/sessions_controller.rb
+++ b/app/controllers/sessions_controller.rb
@ -5,37 +5,70 @@ class SessionsController < ApplicationController

  # "Create" a login, aka "log the user in"
  def create
-    logger.debug 'session create'
-#    logger.debug params.inspect
+
    user = User.authenticate( params[:username], params[:password] )

    # auth failed
    if !user
      render :json => { :error => 'login failed' }, :status => :unprocessable_entity
+      return
    end
    
+    user = User.find_fulldata(user.id)
+    
    # do not show password
    user['password'] = ''
    
-    user['roles']         = user.roles.select('id, name').where(:active => true)      
-    user['groups']        = user.groups.select('id, name').where(:active => true)      
-    user['organization']  = user.organization     
-    user['organizations'] = user.organizations.select('id, name').where(:active => true)      
-    
    # auto population of default collections
    default_collection = default_collections()
    
    # set session user_id
-    session[:user_id] = user.id
+    session[:user_id] = user['id']
+
+    # check logon session
+    logon_session_key = nil
+    if params['logon_session']
+      logon_session_key = Digest::MD5.hexdigest( rand(999999).to_s + Time.new.to_s )
+      session = ActiveRecord::SessionStore::Session.create(
+        :session_id => logon_session_key,
+        :data => {
+          :user_id => user['id']
+        }
+      )
+    end
+
+    # remember me - set session cookie to expire later
+    if params[:remember_me]
+      request.env['rack.session.options'][:expire_after] = 1.year.from_now
+    end

    # return new session data
-    render :json => { :session => user, :default_collections => default_collection }, :status => :created
+    render :json => {
+      :session             => user,
+      :default_collections => default_collection,
+      :logon_session       => logon_session_key,
+    },
+    :status => :created
  end

  def show

+    user_id = nil
+
    # no valid sessions
-    if !session[:user_id]
+    if session[:user_id]
+      user_id = session[:user_id]
+    end
+
+    # check logon session
+    if params['logon_session']
+      session = ActiveRecord::SessionStore::Session.where( :session_id => params['logon_session'] ).first
+      if session
+        user_id = session.data[:user_id]
+      end
+    end
+
+    if !user_id
      render :json => {
        :error  => 'no valid session',
        :config => config_frontend,
@ -45,7 +78,7 @@ class SessionsController < ApplicationController

    # Save the user ID in the session so it can be used in
    # subsequent requests
-    user = user_data_full( session[:user_id] )
+    user = user_data_full( user_id )

    # auto population of default collections
    default_collection = default_collections()
@ -64,6 +97,10 @@ class SessionsController < ApplicationController
    # Remove the user id from the session
    @_current_user = session[:user_id] = nil

+    # reset session cookie (set :expire_after to '' in case remember_me is active)
+    request.env['rack.session.options'][:expire_after] = ''
+    request.env['rack.session.options'][:renew] = true
+
    render :json => { }
  end
    
--- a/app/controllers/ticket_overviews_controller.rb
+++ b/app/controllers/ticket_overviews_controller.rb
@ -376,7 +376,7 @@ class TicketOverviewsController < ApplicationController

      # load article ids
 #      if item.history_object == 'Ticket'
-        tickets.push Ticket.find(item.o_id)
+        tickets.push Ticket.find( item['o_id'] )
 #      end
 #      if item.history_object 'Ticket::Article'
 #        tickets.push Ticket::Article.find(item.o_id)
@ -386,8 +386,8 @@ class TicketOverviewsController < ApplicationController
 #      end
          
      # load users
-      if !users[item.created_by_id]
-        users[item.created_by_id] = user_data_full(item.created_by_id)
+      if !users[ item['created_by_id'] ]
+        users[ item['created_by_id'] ] = user_data_full( item['created_by_id'] )
      end
    }

@ -411,7 +411,7 @@ class TicketOverviewsController < ApplicationController

      # load article ids
 #      if item.history_object == 'Ticket'
-        tickets.push Ticket.find(item.o_id)
+        tickets.push Ticket.find( item['o_id'] )
 #      end
 #      if item.history_object 'Ticket::Article'
 #        tickets.push Ticket::Article.find(item.o_id)
@ -421,8 +421,8 @@ class TicketOverviewsController < ApplicationController
 #      end
          
      # load users
-      if !users[item.created_by_id]
-        users[item.created_by_id] = user_data_full(item.created_by_id)
+      if !users[ item['created_by_id'] ]
+        users[ item['created_by_id'] ] = user_data_full( item['created_by_id'] )
      end
    }

--- a/app/models/history.rb
+++ b/app/models/history.rb
@ -25,12 +25,15 @@ class History < ActiveRecord::Base
      where( :history_type_id   => History::Type.where( :name => ['created', 'updated']) ).
      order('created_at DESC, id DESC').
      limit(10)
+    datas = []
    stream.each do |item|
-      item['history_object'] = item.history_object
-      item['history_type']   = item.history_type
+      data = item.attributes
+      data['history_object'] = item.history_object
+      data['history_type']   = item.history_type
+      datas.push data
 #      item['history_attribute'] = item.history_attribute
    end
-    return stream
+    return datas
  end

  def self.recent_viewed(user)
@ -40,12 +43,15 @@ class History < ActiveRecord::Base
      where( :history_type_id => History::Type.where( :name => ['viewed']) ).
      order('created_at DESC, id DESC').
      limit(10)
+    datas = []
    stream.each do |item|
-      item['history_object'] = item.history_object
-      item['history_type'] = item.history_type
+      data = item.attributes
+      data['history_object'] = item.history_object
+      data['history_type']   = item.history_type
+      datas.push data
 #      item['history_attribute'] = item.history_attribute
    end
-    return stream
+    return datas
  end
  
  private
--- a/app/models/user.rb
+++ b/app/models/user.rb
@ -13,31 +13,38 @@ class User < ApplicationModel
  store                   :preferences

  def self.authenticate( username, password )
+    
+    # do not authenticate with nothing
+    return if !username
+    return if !password
+    
+    # try to find user based on login
    user = User.where( :login => username, :active => true ).first
-    return nil if user.nil?
-    logger.debug 'auth'
-    logger.debug username
-    logger.debug user.login
-    logger.debug password
-    logger.debug user.password
-    logger.debug user.inspect
-#    return user
-    return user if user.password == password
-    return
+    
+    # try second lookup with email
+    if !user
+      user = User.where( :email => username, :active => true ).first
+    end
+    
+    # no user found
+    if !user
+      return nil
+    end
+    
+    # auth ok
+    if user.password == password
+      return user
+    end
+
+    # auth failed
+    return false
  end

  def self.create_from_hash!(hash)
-#    logger.debug(hash.inspect)
-#    raise hash.to_yaml  
-#    exit
    url = ''
    if hash['info']['urls'] then
      url = hash['info']['urls']['Website'] || hash['info']['urls']['Twitter'] || ''
    end
-#    logger.debug(hash['info'].inspect)
-#    raise url.to_yaml
-#    exit
-#    logger.debug('aaaaaaaa')
    roles = Role.where( :name => 'Customer' )
    create(
      :login         => hash['info']['nickname'] || hash['uid'],
@ -61,7 +68,6 @@ class User < ApplicationModel
    user = User.find(user_id)
    data = user.attributes

-
    # get linked accounts
    data['accounts'] = {}
    authorizations = user.authorizations() || []