Merge

--HG-- branch : dev
2025-10-15 03:25:23 +08:00 · 2010-09-02 21:29:10 -07:00
parent 33d47b3c39 a2747b933a
commit 70453d012b
74 changed files with 1755 additions and 293 deletions
--- a/src/Orchard.Web/Modules/Orchard.Users/Controllers/AccountController.cs
+++ b/src/Orchard.Web/Modules/Orchard.Users/Controllers/AccountController.cs
@@ -9,6 +9,11 @@ using Orchard.Mvc.Extensions;
 using Orchard.Security;
 using Orchard.Users.Services;
 using Orchard.Users.ViewModels;
+using Orchard.Settings;
+using JetBrains.Annotations;
+using Orchard.ContentManagement;
+using Orchard.Users.Models;
+using Orchard.Mvc.Results;

 namespace Orchard.Users.Controllers {
    [HandleError]
@@ -30,6 +35,7 @@ namespace Orchard.Users.Controllers {

        public ILogger Logger { get; set; }
        public Localizer T { get; set; }
+        protected virtual ISite CurrentSite { get; [UsedImplicitly] private set; }

        public ActionResult AccessDenied() {
            var returnUrl = Request.QueryString["ReturnUrl"];
@@ -86,6 +92,12 @@ namespace Orchard.Users.Controllers {
        }

        public ActionResult Register() {
+            // ensure users can register
+            var registrationSettings = CurrentSite.As<RegistrationSettingsPart>();
+            if ( !registrationSettings.UsersCanRegister ) {
+                return new NotFoundResult();
+            }
+
            ViewData["PasswordLength"] = MinPasswordLength;

            return View();
@@ -93,14 +105,26 @@ namespace Orchard.Users.Controllers {

        [HttpPost]
        public ActionResult Register(string userName, string email, string password, string confirmPassword) {
+            // ensure users can register
+            var registrationSettings = CurrentSite.As<RegistrationSettingsPart>();
+            if ( !registrationSettings.UsersCanRegister ) {
+                return new NotFoundResult();
+            }
+
            ViewData["PasswordLength"] = MinPasswordLength;

            if (ValidateRegistration(userName, email, password, confirmPassword)) {
                // Attempt to register the user
-                var user = _membershipService.CreateUser(new CreateUserParams(userName, password, email, null, null, true));
-
+                var user = _membershipService.CreateUser(new CreateUserParams(userName, password, email, null, null, false));

                if (user != null) {
+                    if ( user.As<UserPart>().EmailStatus == UserStatus.Pending ) {
+                        string challengeToken = _membershipService.GetEncryptedChallengeToken(user.As<UserPart>());
+                        _membershipService.SendChallengeEmail(user.As<UserPart>(), Url.AbsoluteAction(() => Url.Action("ChallengeEmail", "Account", new { Area = "Orchard.Users", token = challengeToken })));
+
+                        return RedirectToAction("ChallengeEmailSent");
+                    }
+
                    _authenticationService.SignIn(user, false /* createPersistentCookie */);
                    return Redirect("~/");
                }
@@ -154,6 +178,29 @@ namespace Orchard.Users.Controllers {
            return View();
        }

+        public ActionResult ChallengeEmailSent() {
+            return View();
+        }
+
+        public ActionResult ChallengeEmailSuccess() {
+            return View();
+        }
+
+        public ActionResult ChallengeEmailFail() {
+            return View();
+        }
+
+        public ActionResult ChallengeEmail(string token) {
+            var user = _membershipService.ValidateChallengeToken(token);
+
+            if ( user != null ) {
+                _authenticationService.SignIn(user, false /* createPersistentCookie */);
+                return RedirectToAction("ChallengeEmailSuccess");
+            }
+
+            return RedirectToAction("ChallengeEmailFail");
+        }
+
        protected override void OnActionExecuting(ActionExecutingContext filterContext) {
            if (filterContext.HttpContext.User.Identity is WindowsIdentity) {
                throw new InvalidOperationException("Windows authentication is not supported.");
--- a/src/Orchard.Web/Modules/Orchard.Users/Controllers/AdminController.cs
+++ b/src/Orchard.Web/Modules/Orchard.Users/Controllers/AdminController.cs
@@ -1,12 +1,15 @@
 using System.Linq;
 using System.Web.Mvc;
+using JetBrains.Annotations;
 using Orchard.ContentManagement;
 using Orchard.Localization;
 using Orchard.Security;
+using Orchard.Settings;
 using Orchard.UI.Notify;
 using Orchard.Users.Models;
 using Orchard.Users.Services;
 using Orchard.Users.ViewModels;
+using Orchard.Mvc.Extensions;

 namespace Orchard.Users.Controllers {
    [ValidateInput(false)]
@@ -26,6 +29,7 @@ namespace Orchard.Users.Controllers {

        public IOrchardServices Services { get; set; }
        public Localizer T { get; set; }
+        protected virtual ISite CurrentSite { get; [UsedImplicitly] private set; }

        public ActionResult Index() {
            if (!Services.Authorizer.Authorize(Permissions.ManageUsers, T("Not authorized to list users")))
@@ -144,6 +148,55 @@ namespace Orchard.Users.Controllers {
            return RedirectToAction("Index");
        }

+        public ActionResult SendChallengeEmail(int id) {
+            if ( !Services.Authorizer.Authorize(Permissions.ManageUsers, T("Not authorized to manage users")) )
+                return new HttpUnauthorizedResult();
+
+            var user = Services.ContentManager.Get(id);
+
+            if ( user != null ) {
+                string challengeToken = _membershipService.GetEncryptedChallengeToken(user.As<UserPart>());
+                _membershipService.SendChallengeEmail(user.As<UserPart>(), Url.AbsoluteAction(() => Url.Action("ChallengeEmail", "Account", new {Area = "Orchard.Users", token = challengeToken})));
+            }
+
+            Services.Notifier.Information(T("Challenge email sent"));
+
+            return RedirectToAction("Index");
+        }
+
+        public ActionResult Approve(int id) {
+            if ( !Services.Authorizer.Authorize(Permissions.ManageUsers, T("Not authorized to manage users")) )
+                return new HttpUnauthorizedResult();
+
+            var user = Services.ContentManager.Get(id);
+
+            if ( user != null ) {
+                user.As<UserPart>().RegistrationStatus = UserStatus.Approved;
+                Services.Notifier.Information(T("User approved"));
+            }
+
+            return RedirectToAction("Index");
+        }
+
+        public ActionResult Moderate(int id) {
+            if ( !Services.Authorizer.Authorize(Permissions.ManageUsers, T("Not authorized to manage users")) )
+                return new HttpUnauthorizedResult();
+
+            var user = Services.ContentManager.Get(id);
+
+            if ( user != null ) {
+                if ( CurrentSite.SuperUser.Equals(user.As<UserPart>().UserName) ) {
+                    Services.Notifier.Error(T("Super user can't be moderated"));
+                }
+                else {
+                    user.As<UserPart>().RegistrationStatus = UserStatus.Pending;
+                    Services.Notifier.Information(T("User moderated"));
+                }
+            }
+
+            return RedirectToAction("Index");
+        }
+
        bool IUpdateModel.TryUpdateModel<TModel>(TModel model, string prefix, string[] includeProperties, string[] excludeProperties) {
            return TryUpdateModel(model, prefix, includeProperties, excludeProperties);
        }