Add an ACL system to allow key/value pairs to be attached to blocks

of IP addresses, and implement an ACL restriction that allows account creation to be blocked.
2009-02-19 13:47:43 +00:00 · 2009-02-19 13:47:43 +00:00 · 10b71ba2f6
commit 10b71ba2f6
parent 41e10b09d0
6 changed files with 98 additions and 14 deletions
--- a/app/controllers/user_controller.rb
+++ b/app/controllers/user_controller.rb
@ -11,19 +11,24 @@ class UserController < ApplicationController

  def save
    @title = 'create account'
-    @user = User.new(params[:user])

-    @user.visible = true
-    @user.data_public = true
-    @user.description = "" if @user.description.nil?
-    @user.creation_ip = request.remote_ip
-
-    if @user.save
-      flash[:notice] = "User was successfully created. Check your email for a confirmation note, and you\'ll be mapping in no time :-)<br>Please note that you won't be able to login until you've received and confirmed your email address."
-      Notifier.deliver_signup_confirm(@user, @user.tokens.create)
-      redirect_to :action => 'login'
-    else
+    if Acl.find_by_address(request.remote_ip, :conditions => {:k => "no_account_creation"})
      render :action => 'new'
+    else
+      @user = User.new(params[:user])
+
+      @user.visible = true
+      @user.data_public = true
+      @user.description = "" if @user.description.nil?
+      @user.creation_ip = request.remote_ip
+
+      if @user.save
+        flash[:notice] = "User was successfully created. Check your email for a confirmation note, and you\'ll be mapping in no time :-)<br>Please note that you won't be able to login until you've received and confirmed your email address."
+        Notifier.deliver_signup_confirm(@user, @user.tokens.create)
+        redirect_to :action => 'login'
+      else
+        render :action => 'new'
+      end
    end
  end

--- a/app/models/acl.rb
+++ b/app/models/acl.rb
@ -0,0 +1,13 @@
+class Acl < ActiveRecord::Base
+  def self.find_by_address(address, options)
+    self.with_scope(:find => {:conditions => ["inet_aton(?) & netmask = address", address]}) do
+      return self.find(:first, options)
+    end
+  end
+
+  def self.find_all_by_address(address, options)
+    self.with_scope(:find => {:conditions => ["inet_aton(?) & netmask = address", address]}) do
+      return self.find(:all, options)
+    end
+  end
+end
--- a/app/views/user/new.rhtml
+++ b/app/views/user/new.rhtml
@ -1,7 +1,28 @@
-<h1>Create a user account</h1><br>
-Fill in the form and we'll send you a quick email to activate your account.<br><br>
+<h1>Create a user account</h1>

-By creating an account, you agree that all work uploaded to openstreetmap.org and all data created by use of any tools which connect to openstreetmap.org is to be (non-exclusively) licensed under <a href="http://creativecommons.org/licenses/by-sa/2.0/">this Creative Commons license (by-sa)</a>.<br><br>
+<% if Acl.find_by_address(request.remote_ip, :conditions => {:k => "no_account_creation"}) %>
+
+<p>Unfortunately we are not currently able to create an account for
+   you automatically.
+</p>
+
+<p>Please contact the <a href="mailto:webmaster@openstreetmap.org">webmaster</a>
+   to arrange for an account to be created - we will try and deal with
+   the request as quickly as possible. 
+</p>
+
+<% else %>
+
+<p>Fill in the form and we'll send you a quick email to activate your
+   account.
+</p>
+
+<p>By creating an account, you agree that all work uploaded to
+   openstreetmap.org and all data created by use of any tools which
+   connect to openstreetmap.org is to be (non-exclusively) licensed under
+   <a href="http://creativecommons.org/licenses/by-sa/2.0/">this Creative
+   Commons license (by-sa)</a>.
+</p>

 <%= error_messages_for 'user' %>

@ -18,3 +39,5 @@ By creating an account, you agree that all work uploaded to openstreetmap.org an
 <input type="submit" value="Signup">

 <% end %>
+
+<% end %>
--- a/db/migrate/018_create_acls.rb
+++ b/db/migrate/018_create_acls.rb
@ -0,0 +1,22 @@
+class CreateAcls < ActiveRecord::Migration
+  def self.up
+    create_table "acls", myisam_table do |t|
+      t.column "id",      :integer, :null => false
+      t.column "address", :integer, :null => false
+      t.column "netmask", :integer, :null => false
+      t.column "k",       :string,  :null => false
+      t.column "v",       :string
+    end
+
+    add_primary_key "acls", ["id"]
+    add_index "acls", ["k"], :name => "acls_k_idx"
+
+    change_column "acls", "id", :integer, :null => false, :options => "AUTO_INCREMENT"
+    change_column "acls", "address", :integer, :null => false, :unsigned => true
+    change_column "acls", "netmask", :integer, :null => false, :unsigned => true
+  end
+
+  def self.down
+    drop_table "acls"
+  end
+end
--- a/test/fixtures/acls.yml
+++ b/test/fixtures/acls.yml
@ -0,0 +1,13 @@
+# Read about fixtures at http://ar.rubyonrails.org/classes/Fixtures.html
+
+one:
+  address: 1
+  netmask: 1
+  k: MyText
+  v: MyText
+
+two:
+  address: 1
+  netmask: 1
+  k: MyText
+  v: MyText
--- a/test/unit/acl_test.rb
+++ b/test/unit/acl_test.rb
@ -0,0 +1,8 @@
+require File.dirname(__FILE__) + '/../test_helper'
+
+class AclTest < ActiveSupport::TestCase
+  # Replace this with your real tests.
+  def test_truth
+    assert true
+  end
+end