when a non-banned, deleted user logs in, reactivate their account

2015-11-18 12:08:45 -06:00 · 2015-11-18 12:08:45 -06:00 · c354485916
parent 77e2000cb3
commit c354485916
2 changed files with 38 additions and 2 deletions
--- a/app/controllers/login_controller.rb
+++ b/app/controllers/login_controller.rb
@ -22,8 +22,25 @@ class LoginController < ApplicationController
      user = User.where(:username => params[:email]).first
    end

-    if user && user.is_active? &&
-    user.try(:authenticate, params[:password].to_s)
+    begin
+      if !user
+        raise "no user"
+      end
+
+      if !user.try(:authenticate, params[:password].to_s)
+        raise "authentication failed"
+      end
+
+      if user.is_banned?
+        raise "user is banned"
+      end
+
+      if !user.is_active?
+        user.undelete!
+        flash[:success] = "Your account has been reactivated and your " <<
+          "unmoderated comments have been undeleted."
+      end
+
      session[:u] = user.session_token

      if !user.password_digest.to_s.match(/^\$2a\$#{BCrypt::Engine::DEFAULT_COST}\$/)
@ -46,6 +63,7 @@ class LoginController < ApplicationController
      end

      return redirect_to "/"
+    rescue
    end

    flash.now[:error] = "Invalid e-mail address and/or password."
--- a/app/models/user.rb
+++ b/app/models/user.rb
@ -191,6 +191,24 @@ class User < ActiveRecord::Base
    end
  end

+  def undelete!
+    User.transaction do
+      self.comments.each{|c| c.undelete_for_user(self) }
+
+      self.sent_messages.each do |m|
+        m.deleted_by_author = false
+        m.save
+      end
+      self.received_messages.each do |m|
+        m.deleted_by_recipient = false
+        m.save
+      end
+
+      self.deleted_at = nil
+      self.save!
+    end
+  end
+
  def initiate_password_reset_for_ip(ip)
    self.password_reset_token = "#{Time.now.to_i}-#{Utils.random_str(30)}"
    self.save!