Commit 77f74ed4 authored by mh's avatar mh
Browse files

go through all the controller logic and adapt certain rails practices (e.g. don't mix routes)

parent ce49bacf
......@@ -26,11 +26,6 @@ class ApplicationController < ActionController::Base
end
helper_method :trees_enabled?
def recovery_token
session[:trees_recovery_token]
end
helper_method :recovery_token
def admin?
@is_admin ||= Admin::Enabled && Admin::Admins.include?(current_user)
end
......
......@@ -17,6 +17,7 @@ module EmailValidation
end
def self.check_external_email(string)
return false unless string.present?
if string.match(URI::MailTo::EMAIL_REGEXP)
string =~ /(.*)@([^@]+)$/
local = $1
......@@ -30,6 +31,7 @@ module EmailValidation
def self.immerda_email_conform(string)
return false unless string.present?
email_regex = %r{^
([a-z0-9\-\._]+)
@
......
class DeleteAccountController < ApplicationController
def show
if params[:pass]
begin
ApiBackend::delete_account(current_user, params['pass'])
flash[:notice] = :delete_success
session[:user_id] = nil
redirect_to '/'
rescue => e
if e.api_msg == 'auth_fail'
flash[:notice] = :auth_fail
else
flash[:notice] = :failed
end
def delete
begin
ApiBackend::delete_account(current_user, params[:pass])
flash[:notice] = :delete_success
session[:user_id] = nil
redirect_to '/'
rescue => e
if e.api_msg == 'auth_fail'
flash[:notice] = :auth_fail
else
flash[:notice] = :failed
end
end
end
end
......@@ -11,7 +11,7 @@ class PasswordController < ApplicationController
end
begin
ApiBackend::change_password(current_user, params['old'], params['new'])
rescue => e
rescue ApiBackend::ApiError => e
if e.api_msg == 'auth_fail'
flash[:notice] = :auth_fail
else
......
class RecoveryEmailController < ApplicationController
def show
if params[:recovery_email]
if !EmailValidation::check_external_email(params[:recovery_email])
flash[:notice] = :invalid_recovery_email
return
end
begin
ApiBackend::set_recovery_email(current_user, params[:recovery_email])
flash[:notice] = :success
redirect_to '/'
rescue
flash[:notice] = :failed
end
def update
if !EmailValidation::check_external_email(params[:recovery_email])
flash[:notice] = :invalid_recovery_email
render 'show' and return
end
ApiBackend::set_recovery_email(current_user, params[:recovery_email])
flash[:notice] = :success
redirect_to '/'
rescue ApiBackend::ApiError => e
flash[:notice] = :failed
render 'show'
end
end
class SignupController < ApplicationController
def authorize
@token = nil
token = params[:token]
if token
begin
res = ApiBackend::check_invite(token)
@token = token
@domains = res['domains']
rescue
end
def new
if @token
render 'create'
end
end
def new
def verify
if @token
@email = params[:email]
@new_pw = params[:new]
@enable_trees = params[:enable_trees]
@recovery_email = params[:recovery_email]
@domain = params[:domain]
@keep_recovery_token = params[:keep_recovery_token]
render 'create'
else
redirect_to '/signup'
end
end
if request.post? && !@domain
@enable_trees = true
def create
redirect_to '/signup' unless @token
@email = params[:email]
@new_pw = params[:new]
@enable_trees = params[:enable_trees]
@recovery_email = params[:recovery_email]
@domain = params[:domain]
@keep_recovery_token = params[:keep_recovery_token]
full_email = "#{@email}@#{@domain}"
if EmailValidation::immerda_email_conform(full_email)
begin
ApiBackend::valid_new_email?(full_email)
rescue ApiBackend::ApiError => e
sleep 5 # do not allow brute forcing mails
flash[:notice] = e.api_msg
return
end
if request.post? && @domain && @email && @email != ""
full_email = "#{@email}@#{@domain}"
begin
ApiBackend::valid_new_email?(full_email)
rescue => e
sleep 5
flash[:notice] = e.api_msg
return
end
if params['new'] != params['confirm']
flash[:notice] = :password_change_mismatch
return
end
if !password_policy?(params[:new])
return
end
if params['new'] != params['confirm']
flash[:notice] = :password_change_mismatch
return
end
unless password_policy?(params[:new])
return
end
if @recovery_email && @recovery_email != '' &&
!EmailValidation::check_external_email(@recovery_email)
flash[:notice] = :invalid_recovery_email
return
end
if @recovery_email.present? && !EmailValidation::check_external_email(@recovery_email)
flash[:notice] = :invalid_recovery_email
return
end
if @enable_trees && !@keep_recovery_token
flash[:notice] = :decide_recovery_token
return
end
if @enable_trees && !@keep_recovery_token
flash[:notice] = :decide_recovery_token
return
end
begin
res = ApiBackend::create_new_mailbox(
full_email, @new_pw, @enable_trees, @token,
@recovery_email, @keep_recovery_token == 'yes')
flash.delete(:notice)
puts res
if @keep_recovery_token != 'yes'
@trees_recovery_token = res['trees_recovery_token']
end
@account_successfully_created = true
rescue
flash[:notice] = :signup_failed
begin
res = ApiBackend::create_new_mailbox(
full_email, @new_pw, @enable_trees, @token,
@recovery_email, @keep_recovery_token == 'yes')
if @keep_recovery_token != 'yes'
@trees_recovery_token = res['trees_recovery_token']
end
render 'success'
rescue ApiBackend::ApiError => e
flash[:notice] = :signup_failed
end
else
flash[:notice] = :invalid_alias_domain
end
end
private
def authorize
@token = nil
token_to_validate = params[:token]
if token_to_validate
begin
res = ApiBackend::check_invite(token_to_validate)
@token = token_to_validate
@domains = res['domains']
rescue ApiBackend::ApiError => e
flash[:notice] = :check_token_failed
end
end
end
end
class TreesController < ApplicationController
def show
if params[:pass]
begin
ApiBackend::trees_enable(current_user, params['pass'])
session[:trees_enabled] = true
flash[:notice] = :trees_enabled
redirect_to '/trees_token'
rescue => e
if e.api_msg == 'auth_fail'
flash[:notice] = :auth_fail
else
flash[:notice] = :trees_enable_failed
end
end
def update
ApiBackend::trees_enable(current_user, pass)
session[:trees_enabled] = true
flash[:notice] = :trees_enabled
redirect_to '/trees_token'
rescue ApiBackend::ApiError => e
if e.api_msg == 'auth_fail'
flash[:notice] = :auth_fail
else
flash[:notice] = :trees_enable_failed
end
render 'show'
end
end
class TreesTokenController < ApplicationController
def show
if params[:pass]
begin
res = ApiBackend::trees_token(current_user, params[:pass])
session[:trees_recovery_token] = res['trees_recovery_token']
flash.delete(:notice)
rescue => e
if e.api_msg == 'auth_fail'
flash[:notice] = :auth_fail
else
flash[:notice] = :get_token_failed
end
def create
begin
res = ApiBackend::trees_token(current_user, params[:pass])
@recovery_token = res['trees_recovery_token']
rescue ApiBackend::ApiError => e
if e.api_msg == 'auth_fail'
flash[:notice] = :auth_fail
else
flash[:notice] = :get_token_failed
end
end
render 'show'
end
end
......@@ -11,73 +11,73 @@ class UsersController < AdminController
end
def create
if request.post?
full_email = "#{params[:alias]}@#{params[:domain]}"
full_email = "#{params[:alias]}@#{params[:domain]}"
begin
if params[:forward]
ApiBackend::create_new_forward_admin(full_email, params[:forward])
else
ApiBackend::create_new_mailbox_admin(
full_email, params[:password], params[:enable_trees],
params[:recovery_email], params[:keep_recovery_token] == 'yes')
end
rescue => e
puts e
flash[:notice] = :failed
end
redirect_to '/users'
end
def new
@domains = ApiBackend::list_domains
@storagehosts = ApiBackend::storagehosts
end
def update
(action, value) =
(if params[:forward]
[:forward, params[:forward]]
elsif params[:password]
[:legacy_password, params[:password]]
elsif params[:trees_secret_box] && params[:trees_secret_box].length == 189
[:trees_secret_box, params[:trees_secret_box]]
elsif params[:trees_password_force] && params[:trees_password_force].length > 6
[:trees_force_password, params[:trees_password_force]]
elsif params[:quota]
[:mbxquota, params[:quota]]
elsif params[:recovery_email] && params[:recovery_email] =~ /@/
[:recovery_email, params[:recovery_email]]
elsif params[:verify_recovery_email]
[:verify_recovery_email, params[:verify_recovery_email]]
elsif params[:unlock]
[:unlock, true]
elsif params[:delete]
[:delete, true]
else
[nil, nil]
end)
if action
begin
if params[:forward]
ApiBackend::create_new_forward_admin(full_email, params[:forward])
else
ApiBackend::create_new_mailbox_admin(
full_email, params[:password], params[:enable_trees],
params[:recovery_email], params[:keep_recovery_token] == 'yes')
ApiBackend::user_update(params[:email], action, value)
flash[:notice] = :success
if action == :delete
redirect_to '/users'
end
rescue => e
puts e
rescue
flash[:notice] = :failed
end
redirect_to '/users'
else
flash[:notice] = :not_implemented
end
@domains = ApiBackend::list_domains
@storagehosts = ApiBackend::storagehosts
end
def edit
@email = params[:email]
@post_path = "#{URI::escape(@email)}"
if request.post?
(action, value) =
(if params[:forward]
[:forward, params[:forward]]
elsif params[:password]
[:legacy_password, params[:password]]
elsif params[:trees_secret_box] && params[:trees_secret_box].length == 189
[:trees_secret_box, params[:trees_secret_box]]
elsif params[:trees_password_force] && params[:trees_password_force].length > 6
[:trees_force_password, params[:trees_password_force]]
elsif params[:quota]
[:mbxquota, params[:quota]]
elsif params[:recovery_email] && params[:recovery_email] =~ /@/
[:recovery_email, params[:recovery_email]]
elsif params[:verify_recovery_email]
[:verify_recovery_email, params[:verify_recovery_email]]
elsif params[:unlock]
[:unlock, true]
elsif params[:delete]
[:delete, true]
else
[nil, nil]
end)
if action
begin
ApiBackend::user_update(@email, action, value)
flash[:notice] = :success
if action == :delete
redirect_to '/users'
end
rescue
flash[:notice] = :failed
end
else
flash[:notice] = :not_implemented
end
end
@domains = ApiBackend::list_domains
begin
res = ApiBackend::user_info(@email)
@the_user = res['user']
res = ApiBackend::list_domains
rescue
end
end
......
<h3><%= t :new_account %></h3>
<%= form_tag("/signup/create", method: "post") do %>
<table>
<tr><td>
<%= label_tag(:email, (t :email)) %>
</td><td>
<%= text_field_tag(:email, '', value: @email || 'ig', autofill: 'off') %>
@
<%= select_tag :domain, options_for_select(@domains.map{|d| [d,d]}) %>
</td><td>
</td><td>
</td></tr>
<tr><td>
<%= label_tag(:new, (t :new_pw)) %>
</td><td>
<%= password_field_tag(:new, "", value: @new_pw, autofill: 'off') %>
</td><td>
<div id="new_ok">&nbsp;</div>
</td><td>
<div id="pwscore" style="text-align:center;width:30px;margin:0 10px 10px;padding:1px;">&nbsp;</div>
</td></tr>
<tr><td>
<%= label_tag(:confirm, (t :confirm_pw)) %>
</td><td>
<%= password_field_tag(:confirm) %>
</td><td>
<div id='confirm_ok'>
</td><td>
</td></tr>
<tr><td>
<%= label_tag(:recovery_email, (t :recovery_email)) %>
</td><td>
<%= text_field_tag(:recovery_email, '', value: @recovery_email) %>
</td><td>
</td><td>
</td></tr>
</table>
<%= t :recovery_email_short_help %>
<br />
<br />
<p>
<input type="checkbox" id="enable_trees" name="enable_trees" value="true"
<%= if @enable_trees then 'checked="checked"' else '' end %>/>
<b><%= t :encrypt_mailbox %></b>
<br/>
<%= t :encrypt_mailbox_help %>
<br />
<div id="keep_recovery_token_question">
<br />
<%= t :keep_recovery_token_help %>
<br />
<input type="radio" id="keep_recovery_token_no" name="keep_recovery_token" value="no"
<%= if @keep_recovery_token == 'no' then 'checked="checked"' else '' end %>
/>
<%= t(:init_delete_token) %>
<br />
<input type="radio" id="keep_recovery_token_yes" name="keep_recovery_token" value="yes"
<%= if @keep_recovery_token == 'yes' then 'checked="checked"' else '' end %>
/>
<%= t(:init_keep_token) %>
</div>
</p>
<p>
<%= hidden_field_tag(:token, '', value: @token) %>
<%= submit_tag(t :create) %>
</p>
<% end %>
<h3><%= t :new_account %></h3>
<% if !@token || @token == "" %>
<%= form_tag("/signup", method: "post") do %>
<%= label_tag(:token, (t :invite_token)) %>
<%= text_field_tag(:token) %>
<%= submit_tag(t :submit) %>
<% end %>
<% elsif @account_successfully_created %>
<p>
<b> <%= t(:hello) %> <%= @email %>@<%= @domain %> </b>
<br />
<br />
<%= t(:new_account_intro1) %>
</p>
<% if @trees_recovery_token %>
<p>
<%= t(:new_account_intro_token) %>
<br />
<br />
<b>Token</b> <div class="recovery-token"><%= @trees_recovery_token %></div>
</p>
<p>
<%= t(:app_passwords_short_help) %>
</p>
<br />
<br />
<% end %>
<p>
<%= t(:new_account_intro2) %>
</p>
<p>
<ul class="menu">
<li><%= link_to t(:main_title), index_path %></li>
<li><a href="https://immerda.ch">immerda.ch</a></li>
<li><a href="https://webmail.immerda.ch">Webmail</a></li>
</ul>
</p>
<% else %>
<%= form_tag("/signup", method: "post") do %>
<table>
<tr><td>
<%= label_tag(:email, (t :email)) %>
</td><td>
<%= text_field_tag(:email, '', value: @email || 'ig', autofill: 'off') %>
@
<%= select_tag :domain, options_for_select(@domains.map{|d| [d,d]}) %>
</td><td>
</td><td>
</td></tr>
<tr><td>
<%= label_tag(:new, (t :new_pw)) %>
</td><td>
<%= password_field_tag(:new, "", value: @new_pw, autofill: 'off') %>
</td><td>
<div id="new_ok">&nbsp;</div>
</td><td>
<div id="pwscore" style="text-align:center;width:30px;margin:0 10px 10px;padding:1px;">&nbsp;</div>
</td></tr>
<tr><td>
<%= label_tag(:confirm, (t :confirm_pw)) %>
</td><td>
<%= password_field_tag(:confirm) %>
</td><td>
<div id='confirm_ok'>
</td><td>
</td></tr>
<tr><td>
<%= label_tag(:recovery_email, (t :recovery_email)) %>
</td><td>
<%= text_field_tag(:recovery_email, '', value: @recovery_email) %>
</td><td>
</td><td>
</td></tr>
</table>
<%= t :recovery_email_short_help %>
<br />
<br />
<p>
<input type="checkbox" id="enable_trees" name="enable_trees" value="true"
<%= if @enable_trees then 'checked="checked"' else '' end %>/>
<b><%= t :encrypt_mailbox %></b>
<br/>
<%= t :encrypt_mailbox_help %>
<br />
<div id="keep_recovery_token_question">
<br />
<%= t :keep_recovery_token_help %>
<br />
<input type="radio" id="keep_recovery_token_no" name="keep_recovery_token" value="no"
<%= if @keep_recovery_token == 'no' then 'checked="checked"' else '' end %>
/>
<%= t(:init_delete_token) %>
<br />
<input type="radio" id="keep_recovery_token_yes" name="keep_recovery_token" value="yes"
<%= if @keep_recovery_token == 'yes' then 'checked="checked"' else '' end %>
/>
<%= t(:init_keep_token) %>
</div>