Revert "Merge branch 'user_not_active_auth' into 'master'"

This reverts commit d8c77643e546e5e82306aa6756cdf9931e008cc2, reversing changes made to 950a07082d85808991b63c99f0c30386af945a86.

Revert "Merge branch 'user_not_active_auth' into 'master'"
This reverts commit d8c77643e546e5e82306aa6756cdf9931e008cc2, reversing changes made to 950a07082d85808991b63c99f0c30386af945a86.
Braulio Bhavamitra
1 parent d8c77643
Showing 3 changed files with 8 additions and 53 deletions Show diff stats
app/controllers/public/account_controller.rb
app/models/user.rb
test/functional/account_controller_test.rb
@@ -46,12 +46,8 @@ class AccountController &lt; ApplicationController
     self.current_user = plugins_alternative_authentication
-    begin
-      self.current_user ||= User.authenticate(params[:user][:login], params[:user][:password], environment) if params[:user]
-    rescue User::UserNotActivated => e
-      session[:notice] = e.message
-      return
-    end
+    self.current_user ||= User.authenticate(params[:user][:login], params[:user][:password], environment) if params[:user]
+
     if logged_in?
       check_join_in_community(self.current_user)
@@ -120,17 +120,11 @@ class User &lt; ActiveRecord::Base
   validates_inclusion_of :terms_accepted, :in => [ '1' ], :if => lambda { |u| ! u.terms_of_use.blank? }, :message => N_('{fn} must be checked in order to signup.').fix_i18n
-  scope :has_login?, lambda { |login,email,environment_id|
-    where('login = ? OR email = ?', login, email).
-    where(environment_id: environment_id)
-  }
-
   # Authenticates a user by their login name or email and unencrypted password.  Returns the user or nil.
   def self.authenticate(login, password, environment = nil)
     environment ||= Environment.default
-
-    u = self.has_login?(login, login, environment.id)
-    u = u.first if u.is_a?(ActiveRecord::Relation)
+    u = self.first :conditions => ['(login = ? OR email = ?) AND environment_id = ? AND activated_at IS NOT NULL',
+                                   login, login, environment.id] # need to get the salt
     u && u.authenticated?(password) ? u : nil
   end
@@ -242,23 +236,7 @@ class User &lt; ActiveRecord::Base
     password.crypt(salt)
   end
-  class UserNotActivated < StandardError
-    attr_reader :user
-
-    def initialize(message, user = nil)
-      @user = user
-
-      super(message)
-    end
-  end
-
   def authenticated?(password)
-
-    unless self.activated?
-      message = _('The user "%{login}" is not activated! Please check your email to activate your user') % {login: self.login}
-      raise UserNotActivated.new(message, self)
-    end
-
     result = (crypted_password == encrypt(password))
     if (encryption_method != User.system_encryption_method) && result
       self.password_type = User.system_encryption_method.to_s
@@ -297,15 +275,9 @@ class User &lt; ActiveRecord::Base
   #   current password.
   # * Saves the record unless it is a new one.
   def change_password!(current, new, confirmation)
-
-    begin
-      unless self.authenticated?(current)
-        self.errors.add(:current_password, _('does not match.'))
-        raise IncorrectPassword
-      end
-    rescue UserNotActivated => e
-      self.errors.add(:current_password, e.message)
-      raise UserNotActivated
+    unless self.authenticated?(current)
+      self.errors.add(:current_password, _('does not match.'))
+      raise IncorrectPassword
     end
     self.force_change_password!(new, confirmation)
   end
@@ -40,14 +40,6 @@ class AccountControllerTest &lt; ActionController::TestCase
     post :login, :user => { :login => 'fake', :password => 'fake' }
   end
-  should 'fail login if a user is inactive and show a warning message' do
-    user = User.create!(login: 'testuser', email: 'test@email.com', password:'test', password_confirmation:'test', activation_code: nil)
-    post :login, :user => { :login => 'testuser', :password => 'test' }
-
-    assert_match 'not activated', session[:notice]
-    assert_nil session[:user]
-  end
-
   def test_should_fail_login_and_not_redirect
     @request.env["HTTP_REFERER"] = 'bli'
     post :login, :user => {:login => 'johndoe', :password => 'bad password'}
@@ -281,9 +273,8 @@ class AccountControllerTest &lt; ActionController::TestCase
     assert_template 'invalid_change_password_code'
   end
-  should 'require password confirmation correctly to enter new password' do
+  should 'require password confirmation correctly to enter new pasword' do
     user = create_user('testuser', :email => 'testuser@example.com', :password => 'test', :password_confirmation => 'test')
-    user.activate
     change = ChangePassword.create!(:requestor => user.person)
     post :new_password, :code => change.code, :change_password => { :password => 'onepass', :password_confirmation => 'another_pass' }
@@ -758,8 +749,6 @@ class AccountControllerTest &lt; ActionController::TestCase
     get :activate
     assert_nil assigns(:message)
     post :login, :user => {:login => 'testuser', :password => 'test123'}
-
-    assert_match 'not activated', session[:notice]
     assert_nil session[:user]
   end
@@ -769,8 +758,6 @@ class AccountControllerTest &lt; ActionController::TestCase
     get :activate, :activation_code => 'wrongcode'
     assert_nil assigns(:message)
     post :login, :user => {:login => 'testuser', :password => 'test123'}
-
-    assert_match 'not activated', session[:notice]
     assert_nil session[:user]
   end
	@@ -120,17 +120,11 @@ class User < ActiveRecord::Base		@@ -120,17 +120,11 @@ class User < ActiveRecord::Base
120		120
121	validates_inclusion_of :terms_accepted, :in => [ '1' ], :if => lambda { \|u\| ! u.terms_of_use.blank? }, :message => N_('{fn} must be checked in order to signup.').fix_i18n	121	validates_inclusion_of :terms_accepted, :in => [ '1' ], :if => lambda { \|u\| ! u.terms_of_use.blank? }, :message => N_('{fn} must be checked in order to signup.').fix_i18n
122		122
123	- scope :has_login?, lambda { \|login,email,environment_id\|
124	- where('login = ? OR email = ?', login, email).
125	- where(environment_id: environment_id)
126	- }
127	-
128	# Authenticates a user by their login name or email and unencrypted password. Returns the user or nil.	123	# Authenticates a user by their login name or email and unencrypted password. Returns the user or nil.
129	def self.authenticate(login, password, environment = nil)	124	def self.authenticate(login, password, environment = nil)
130	environment \|\|= Environment.default	125	environment \|\|= Environment.default
131	-
132	- u = self.has_login?(login, login, environment.id)
133	- u = u.first if u.is_a?(ActiveRecord::Relation)	126	+ u = self.first :conditions => ['(login = ? OR email = ?) AND environment_id = ? AND activated_at IS NOT NULL',
		127	+ login, login, environment.id] # need to get the salt
134	u && u.authenticated?(password) ? u : nil	128	u && u.authenticated?(password) ? u : nil
135	end	129	end
136		130
	@@ -242,23 +236,7 @@ class User < ActiveRecord::Base		@@ -242,23 +236,7 @@ class User < ActiveRecord::Base
242	password.crypt(salt)	236	password.crypt(salt)
243	end	237	end
244		238
245	- class UserNotActivated < StandardError
246	- attr_reader :user
247	-
248	- def initialize(message, user = nil)
249	- @user = user
250	-
251	- super(message)
252	- end
253	- end
254	-
255	def authenticated?(password)	239	def authenticated?(password)
256	-
257	- unless self.activated?
258	- message = _('The user "%{login}" is not activated! Please check your email to activate your user') % {login: self.login}
259	- raise UserNotActivated.new(message, self)
260	- end
261	-
262	result = (crypted_password == encrypt(password))	240	result = (crypted_password == encrypt(password))
263	if (encryption_method != User.system_encryption_method) && result	241	if (encryption_method != User.system_encryption_method) && result
264	self.password_type = User.system_encryption_method.to_s	242	self.password_type = User.system_encryption_method.to_s
	@@ -297,15 +275,9 @@ class User < ActiveRecord::Base		@@ -297,15 +275,9 @@ class User < ActiveRecord::Base
297	# current password.	275	# current password.
298	# * Saves the record unless it is a new one.	276	# * Saves the record unless it is a new one.
299	def change_password!(current, new, confirmation)	277	def change_password!(current, new, confirmation)
300	-
301	- begin
302	- unless self.authenticated?(current)
303	- self.errors.add(:current_password, _('does not match.'))
304	- raise IncorrectPassword
305	- end
306	- rescue UserNotActivated => e
307	- self.errors.add(:current_password, e.message)
308	- raise UserNotActivated	278	+ unless self.authenticated?(current)
		279	+ self.errors.add(:current_password, _('does not match.'))
		280	+ raise IncorrectPassword
309	end	281	end
310	self.force_change_password!(new, confirmation)	282	self.force_change_password!(new, confirmation)
311	end	283	end