You are currently browsing the Subversion repository.
Changesets can be listed by changeset number.
The Git repository is here.

Changesets
» Changeset 108

Changeset 108

Substantial changes and additions to Hub. Now in a state where
it will integrate with other applications to an acceptable level.
Requires HubSsoLib gem 0.0.4 or later - see Changeset #107.

Comitted by: adh
Date: Monday October 23 18:16:22 2006 (over 18 years ago)

Affected files:

rool/rails/hub/trunk/app/controllers/account_controller.rb:

prev.	current

		# Action permissions for this class as a class variable, exposed
		# to the public through a class method.

8		~~@@permissions = HubSsoLib::Permissions.new({~~
9		~~:logout => [ :admin, :webmaster, :privileged, :normal ],~~
10		~~:expire => [ :admin, :webmaster, :privileged, :normal ],~~
11		~~:change_password => [ :admin, :webmaster, :privileged, :normal ],~~
12		~~:change_details => [ :admin, :webmaster, :privileged, :normal ],~~
13		~~:delete => [ :admin, :webmaster, :privileged, :normal ],~~
14		~~:delete_confirm => [ :admin, :webmaster, :privileged, :normal ],~~
15		~~:list => [ :admin, :webmaster, :privileged ],~~
16		~~:show => [ :admin ],~~
17		~~:edit_roles => [ :admin ],~~
18		~~:destroy => [ :admin ]~~
19		})
	8	@@hubssolib_permissions = HubSsoLib::Permissions.new({
	9	:change_password => [ :admin, :webmaster, :privileged, :normal ],
	10	:change_details => [ :admin, :webmaster, :privileged, :normal ],
	11	:delete => [ :admin, :webmaster, :privileged, :normal ],
	12	:delete_confirm => [ :admin, :webmaster, :privileged, :normal ],
	13	:list => [ :admin, :webmaster, :privileged ],
	14	:show => [ :admin, :webmaster ],
	15	:edit_roles => [ :admin ],
	16	:destroy => [ :admin ]
	17	})

21		~~def AccountController.permissions~~
22		~~@@permissions~~
	19	def AccountController.hubssolib_permissions
	20	@@hubssolib_permissions
		end

25		~~# Ensure that we don't try to ask for log-in or sign up except~~
26		~~# for authorisation-only methods. Avoid session expiry checks#~~
27		~~# if the user is trying to log out.~~
28
29		~~attr_accessor :permissions~~
30		~~skip_before_filter :hubssolib_check_session_expiry, :only => [ :logout, :expire ]~~
31		~~skip_before_filter :hubssolib_login_required, :only => [ :login,~~
32		~~:signup,~~
33		~~:activate,~~
34		~~:forgot_password,~~
35		~~:reset_password ]~~
36
37		~~# If you want "remember me" functionality, add this before_filter and~~
38		~~# uncomment relevant code in some of the methods below.~~
39		~~# before_filter :login_from_cookie~~
40
		# Set up the notification mailer.
		observer :user_observer

		# HTTPS enforcement
		before_filter :hubssolib_ensure_https

	29	# The "proper" login method
	30	#
		def login
		@title = 'Log in'
		return unless request.post?

		@email = params[:email]
52		~~self.hubssolib_current_user = User.authenticate(@email, params[:password])~~
	36	self.hubssolib_current_user = from_real_user(User.authenticate(@email, params[:password]))

54		~~if self.hubssolib_current_user~~
	38	if (self.hubssolib_current_user and self.hubssolib_current_user != :false)
	39	hubssolib_set_last_used(Time.now.utc)

56		~~# If you reinstate (uncomment) this code, ensure you reinstate~~
57		~~# relevant code in the 'logout' method too.~~
58		#
59		~~# if params[:remember_me] == "1"~~
60		~~# user = self.hubssolib_current_user~~
61		~~# user.remember_me~~
62		~~# self.hubssolib_current_user = user~~
63		~~# cookies[:auth_token] = { :value => self.hubssolib_current_user.remember_token , :expires => self.hubssolib_current_user.remember_token_expires_at }~~
64		~~# end~~
65
66		~~session[:last_used] = Time.now.utc~~
67		~~flash[:notice] = 'Logged in successfully.'~~
	41	privileges = self.hubssolib_current_user.roles.to_authenticated_roles.to_human_s.downcase
	42	hubssolib_set_flash(:notice, "Logged in successfully. Welcome, #{self.hubssolib_current_user.real_name}. You have #{privileges} privileges.")
		hubssolib_redirect_back_or_default(:controller => 'tasks', :action => nil)
		else
		flash[:alert] = 'Incorrect e-mail address or password.'
71		~~flash.discard # Ensure the flash message is discarded after this action,~~
72		~~# since it's going to be shown on the same URL so it won't~~
73		~~# get automatically discarded.~~
		end
		end

77		~~# The logout method is a standard action but with an optional parameter~~
78		~~# which change the 'flash' message shown to the user. By default the user~~
79		~~# sees a normal 'you have logged out' message, but by passing 'true', the~~
80		~~# message changes to an indication that the session timed out. See also~~
81		~~# the 'expire' method below.~~
	49	# Log out the user and redirect to the Tasks controller.
		#
83		~~def logout(expired = false)~~
	51	def logout
		@title = 'Log out'
85		~~actually_log_out()~~
86
87		~~if (expired)~~
88		~~flash[:attention] = 'Sorry, your session timed out; please log in again.'~~
89		~~redirect_to :controller => 'account', :action => 'login'~~
90		~~else~~
91		~~flash[:attention] = 'You are now logged out.'~~
92		~~redirect_to :controller => 'tasks', :action => nil~~
93		~~end~~
	53	hubssolib_log_out()
	54	flash[:attention] = 'You are now logged out.'
	55	redirect_to :controller => 'tasks', :action => nil
		end

96		~~# This method is called by the application controller if it sees that~~
97		~~# a user as been idle for longer than the idle timeout period. It redirects~~
98		~~# to a URL which causes this action to be run. In turn, all we do is call~~
99		~~# the logout method but set the 'expired' flag to get a better 'flash'~~
100		~~# message shown to the user.~~
101		#
102		~~def expire~~
103		~~self.logout(true)~~
104		~~end~~
105
		def signup
		@title = 'Sign up'
		return unless request.post?
...	...
		@user.roles = HubSsoLib::Roles.new(true).to_s
		@user.save!
		@user.activate
127		~~self.hubssolib_current_user = @user~~
	79	self.hubssolib_current_user = from_real_user(@user)

		flash[:notice] = 'Thanks for signing up. You are now the system administrator ' <<
		'and your account has been automatically activated.'
...	...
		@user = User.find_by_activation_code(activation_code)

		if @user and @user.activate
154		~~self.hubssolib_current_user = @user~~
155		~~session[:last_used] = Time.now.utc~~
	106	self.hubssolib_current_user = from_real_user(@user)

157		~~flash[:notice] = 'Your RISC OS Open web site account is now active.'~~
	108	hubssolib_set_flash(:notice, 'Your RISC OS Open web site account is now active.')
		hubssolib_redirect_back_or_default(:controller => 'tasks', :action => nil)
		else
		flash[:alert] = 'Unable to activate your RISC OS Open web site account. ' <<
...	...
		@title = 'Change password'
		return unless request.post?

176		~~user = self.hubssolib_current_user~~
	127	user = to_real_user(self.hubssolib_current_user)

		if User.authenticate(user.email, params[:old_password])
		if (params[:password] == params[:password_confirmation])
		user.password_confirmation = params[:password_confirmation]
		user.password = params[:password]
		save_password_and_set_flash(user)
183		~~self.hubssolib_current_user = user~~
	134	self.hubssolib_current_user = from_real_user(user)

		redirect_to :controller => 'tasks', :action => nil
		else
		set_password_mismatch_flash
188		~~flash.discard # Staying on same URL, so it won't be discarded automatically -~~
189		~~# do it manually now.~~
190
		@old_password = params[:old_password]
		end
		else
		flash[:alert] = 'Incorrect current password.'
195		~~flash.discard # Staying on same URL again, so discard it manually~~
		end
		end

		def change_details
		@title = 'Update account details'
201		~~@user = self.hubssolib_current_user~~
	148	@user = to_real_user(self.hubssolib_current_user)
		@real_name = @user ? @user.real_name \|\| '' : ''

		return unless request.post?
...	...
		if (params[:real_name])
		@user.real_name = @real_name = params[:real_name]
		@user.save!
209		~~self.hubssolib_current_user = @user~~
	156	self.hubssolib_current_user = from_real_user(@user)

		flash[:notice] = 'Account details updated successfully.'
212		~~flash.discard # The flash is going to be shown on the same URL so it won't~~
213		~~# be automatically discarded; discard it now so it only shows~~
214		~~# up once.~~
	159	redirect_to :controller => 'tasks', :action => nil
		end
		end

...	...
		if @user = User.find_by_email(params[:email])
		@user.forgot_password
		@user.save!
225		~~self.hubssolib_current_user = @user~~
	170	self.hubssolib_current_user = from_real_user(@user)

		flash[:notice] = 'An e-mail message which tells you how to reset your ' <<
		'account password has been set to your e-mail address.'
...	...
		redirect_to :controller => 'tasks', :action => nil
		else
		flash[:alert] = 'No account was found for the given e-mail address.'
233		~~flash.discard # Saying on same URL, so manually ensure that flash is discarded after use~~
		end
		end

...	...
		@user = User.find_by_password_reset_code(params[:id])

		if (@user.nil?)
248		~~flash[:alert] = 'Invalid reset code. Did your e-mail client break up the reset ' <<~~
249		~~'link so it spanned more than one line? If so, please try again, ' <<~~
250		~~'copying all of the link in the message however many lines it spans.'~~
	192	hubssolib_set_flash(:alert, 'Invalid reset code. Did your e-mail client break up the reset ' <<
	193	'link so it spanned more than one line? If so, please try again, ' <<
	194	'copying all of the link in the message however many lines it spans.')

		hubssolib_redirect_back_or_default(:controller => 'tasks', :action => nil)
		return
...	...

		unless params[:password]
		flash[:alert] = 'Reset your password using the form below.'
265		~~flash.discard # Staying on same URL, so ensure the flash is discarded after use~~
		return
		end

...	...
		@user.password = params[:password]
		@user.reset_password
		save_password_and_set_flash(@user)
274		~~self.hubssolib_current_user = @user~~
	217	self.hubssolib_current_user = from_real_user(@user)
		redirect_to :controller => 'tasks', :action => nil
		return
		else
		set_password_mismatch_flash
279		~~flash.discard # Staying on same URL, so ensure the flash is discarded after use~~
		return
		end
		end

		def delete
		flash[:alert] = 'Are you sure?'
286		~~flash.discard~~
		title = 'Delete account: Are you sure?'
		end

		def delete_confirm
291		~~me = self.hubssolib_current_user~~
292		~~actually_log_out()~~
	232	me = to_real_user(self.hubssolib_current_user)
	233	hubssolib_log_out()
		me.destroy

		flash.clear
296		~~flash[:alert] = 'Your account has been deleted.'~~
	237	flash[:attention] = 'Your account has been deleted.'
		redirect_to :controller => 'tasks', :action => nil
		end

...	...

		unless (roles.validate)
		flash[:alert] = 'Invalid roles chosen. Ensure at least one item in the list is selected.'
331		~~flash.discard # Staying on the same action, so must manually discard the flash~~
		else
		@user.roles = roles.to_s
		@user.save!
335		~~self.hubssolib_current_user = @user~~

	276	# Did I update my own roles?
	277
	278	if (self.hubssolib_current_user.id == @user.id)
	279	self.hubssolib_current_user = from_real_user(@user)
	280	end
	281
		flash[:notice] = 'Account roles updated successfully.'
		redirect_to :action => 'show', :id => @user.id
		end
...	...
		def destroy
		user = User.find(params[:id])

345		~~if (user == self.hubssolib_current_user)~~
	290	if (user.id == self.hubssolib_current_user.id)
		flash[:alert] = 'Please use the normal control panel to delete your own account.'
		elsif (user.roles.to_authenticated_roles.include?(:admin))
348		~~flash[:alert] = 'You cannot destroy an administrator account! You can only do that at the control panel when logged into the account, or at the database level.'~~
	293	flash[:alert] = 'You cannot destroy an administrator account from here! ' <<
	294	'You can only do that at the control panel when ' <<
	295	'logged into the account, or at the database level.'
		else
		user.destroy
		flash[:alert] = 'The account has been deleted.'
...	...

		protected

	306	# Pass a HubSsoLib::User object. Returns an equivalent User Model object.
	307	#
	308	def to_real_user(user)
	309	return nil if user.nil?
	310	raise 'Incorrect argument class' unless user.class == HubSsoLib::User
	311
	312	real_user = User.find(user.id)
	313	raise 'No equivalent real user' unless real_user
	314
	315	real_user.salt = user.salt
	316	real_user.roles = user.roles
	317	real_user.activated_at = user.activated_at
	318	real_user.real_name = user.real_name
	319	real_user.crypted_password = user.crypted_password
	320	real_user.remember_token_expires_at = user.remember_token_expires_at
	321	real_user.activation_code = user.activation_code
	322	real_user.member_id = user.member_id
	323	real_user.password_reset_code = user.password_reset_code
	324	real_user.remember_token = user.remember_token
	325	real_user.email = user.email
	326	real_user.password_reset_code_expires_at = user.password_reset_code_expires_at
	327
	328	return real_user
	329	end
	330
	331	# Pass a User Model object. Returns an equivalent HubSsoLib::User object.
	332	#
	333	def from_real_user(real_user)
	334	return nil if real_user.nil?
	335	raise 'Incorrect argument class' unless real_user.class == User
	336
	337	user = HubSsoLib::User.new
	338
	339	user.salt = real_user.salt
	340	user.roles = real_user.roles
	341	user.updated_at = real_user.updated_at
	342	user.activated_at = real_user.activated_at
	343	user.real_name = real_user.real_name
	344	user.crypted_password = real_user.crypted_password
	345	user.remember_token_expires_at = real_user.remember_token_expires_at
	346	user.activation_code = real_user.activation_code
	347	user.member_id = real_user.member_id
	348	user.id = real_user.id
	349	user.password_reset_code = real_user.password_reset_code
	350	user.remember_token = real_user.remember_token
	351	user.email = real_user.email
	352	user.created_at = real_user.created_at
	353	user.password_reset_code_expires_at = real_user.password_reset_code_expires_at
	354
	355	return user
	356	end
	357
		def save_password_and_set_flash(user)
		user.save ?
		flash[:notice] = 'Your password has been changed.' :
...	...
		def set_password_mismatch_flash
		flash[:alert] = 'The new password differed from the password confirmation you entered.'
		end
368
369		~~def actually_log_out~~
370		~~self.hubssolib_current_user.forget_me if hubssolib_logged_in?~~
371
372		~~# Calling reset_session() is more thorough, but stops the flash[...] from~~
373		~~# working. Clearing the user field works well enough. We must clear the~~
374		~~# current user to ensure the security cookie is cleared too.~~
375		~~session[:user] = nil~~
376		~~self.hubssolib_current_user = nil~~
377		~~end~~
378
		end

rool/rails/hub/trunk/app/controllers/application.rb:

prev.	current


		class ApplicationController < ActionController::Base

6		~~# Include the authorisation engine support code.~~
	6	# Hub single sign-on support.

		require 'hub_sso_lib'
		include HubSsoLib::Core
	10	before_filter :hubssolib_update_state

11		~~# Make sure the authorisation engine is always called before anything~~
12		~~# else is allowed. The login requirement filter checks for session expiry~~
13		~~# on authorised pages when logged in. We also call an update filter so~~
14		~~# that the expiry timeout is updated for methods that don't need login.~~
15
16		~~before_filter :hubssolib_login_required~~
17		~~before_filter :hubssolib_update_session_expiry~~
18
		end

rool/rails/hub/trunk/app/controllers/tasks_controller.rb:

prev.	current

		def index
		# Generate a list of available tasks.

21		~~@title = 'Web site tasks'~~
	21	@title = 'Control panel'
		end
		end

rool/rails/hub/trunk/app/helpers/account_helper.rb:

prev.	current

		'</td>'
		end

41		~~# Return a series of actions to perform from details of a user account, in~~
42		~~# "<li>" tags. Pass the user object for which the actions should~~
43		~~# be generated.~~
44		#
45		~~def show_actions(user)~~
46		~~'<li>' <<~~
47		~~button_to('Edit account roles', { :action => 'edit_roles', :id => user.id }) <<~~
48		~~'</li><li>' <<~~
49		~~button_to('Delete this account', { :action => 'destroy', :id => user.id }, :confirm => "Are you absolutely sure you want to permanently delete this account?") <<~~
50		~~'</li>'~~
51		~~end~~
52
		# Output a selection list for roles. Pass the name of the parent
		# object, the name of the field to take the selected value, an array
		# of option values for the selection list and the associated roles

rool/rails/hub/trunk/app/helpers/application_helper.rb:

prev.	current

		# Methods added to this helper will be available to all templates in the application.
	2
		module ApplicationHelper
	4
	5	# Make a link to the given controller and action, using an image based on the
	6	# action name of the given width and height. A <br /> tag separates the image
	7	# from some given text to add underneath, also a link. Since web spiders may
	8	# follow standard links, do not use this call for destructive actions such as
	9	# 'delete'; use make_protected_action_link instead. Remember that 'robots.txt'
	10	# files are not entirely sufficient as some local Desktop cacheing software
	11	# packages ignore them, and this sort of software is more likely to be running
	12	# under login credentials that let it get at otherwise protected pages.
	13	#
	14	# If you don't want the text link adding, pass 'nil' or an empty string.
	15	#
	16	def make_action_link(controller, action, width, height, text)
	17	html = link_to(image_tag("#{controller}/#{action}", :size => "#{width}x#{height}", :border => 0),
	18	{:controller => controller, :action => action}, :class => 'image')
	19
	20	unless (text.nil? or text.empty?)
	21	html << '<br />'
	22	html << link_to(text, :controller => controller, :action => action)
	23	end
	24
	25	return html
	26	end
	27
	28	# Make a protected link to the given controller and action with the given ID,
	29	# using an image based on the action name. The link is done as an image button
	30	# in a form to help stop accidental activation by web spiders (so use this call
	31	# for destructive actions such as 'delete'). Some given text is put underneath
	32	# the form but not included as part of the link. The final parameter is
	33	# optional; if you want a JavaScript "onclick" confirmation before the form can
	34	# be submitted, pass the message to use in the dialogue box here.
	35	#
	36	# If you don't want the text link adding, pass 'nil' or an empty string.
	37	#
	38	def make_protected_action_link(controller, action, id, text, onclick = nil)
	39	html = start_form_tag({:controller => controller, :action => action, :id => id})
	40	opts = {:type => 'image',
	41	:name => 'submit',
	42	:alt => Inflector.humanize(action),
	43	:src => image_path("#{controller}/#{action}")}
	44
	45	unless (onclick.nil? or onclick.empty?)
	46	opts[:onclick] = "return confirm('#{onclick}');"
	47	end
	48
	49	html << tag('input', opts)
	50	html << end_form_tag()
	51
	52	unless (text.nil? or text.empty?)
	53	html << text
	54	end
	55	end
		end

rool/rails/hub/trunk/app/models/user.rb:

prev.	current

		crypted_password == encrypt(password)
		end

49		~~def remember_token?~~
50		~~remember_token_expires_at && Time.now.utc < remember_token_expires_at~~
51		~~end~~
52
53		~~# These create and unset the fields required for remembering users between browser closes~~
54		~~def remember_me~~
55		~~self.remember_token_expires_at = 2.weeks.from_now.utc~~
56		~~self.remember_token = encrypt("#{email}--#{remember_token_expires_at}")~~
57		~~save(false)~~
58		~~end~~
59
60		~~def forget_me~~
61		~~self.remember_token_expires_at = nil~~
62		~~self.remember_token = nil~~
63		~~save(false)~~
64		~~end~~
65
		# Activates the user in the database.
		def activate
		@activated = true

rool/rails/hub/trunk/app/views/account/change_details.rhtml:

prev.	current

		</table>

		<p align="center" />
24		~~<%= submit_tag('Change') %>~~
	24	<%= submit_tag('Update') %>
		<%= end_form_tag %>

		<p />
		If you don't want to do this, you can
29		~~<%= link_to 'go back to the list of tasks', :controller => 'tasks', :action => 'index' %>~~
	29	<%= link_to 'go back to the control panel', :controller => 'tasks', :action => 'index' %>
		instead.

rool/rails/hub/trunk/app/views/account/change_password.rhtml:

prev.	current


		<p />
		If you don't want to do this, you can
28		~~<%= link_to 'go back to the list of tasks', :controller => 'tasks', :action => 'index' %>~~
	28	<%= link_to 'go back to the control panel', :controller => 'tasks', :action => 'index' %>
		instead.

rool/rails/hub/trunk/app/views/account/delete.rhtml:

prev.	current

1		~~If you are sure you want to delete your account, please use the~~
2		~~button below to confirm the action. Once deleted your account~~
3		~~cannot be recovered, except by creating a new account from scratch.~~
	1	<%= image_tag 'account/delete_confirm', :size => '80x80', :alt => 'Delete confirmation', :align => 'left' %>

5		~~<p />~~
6		~~<%= button_to 'Yes, really delete my account!', :controller => 'account', :action => 'delete_confirm' %>~~
	3	If you are sure you want to delete your account, please use the
	4	button below to confirm the action. Once deleted your account
	5	cannot be recovered, except by creating a new account from scratch.

8		~~<p />~~
9		~~If you don't want to do this, you can~~
10		~~<%= link_to 'go back to the list of tasks', :controller => 'tasks', :action => 'index' %>~~
11		~~instead.~~
	7	<p />
	8	<%= button_to 'Yes, really delete my account!', :controller => 'account', :action => 'delete_confirm' %>
	9
	10	<p />
	11	If you don't want to do this, you can
	12	<%= link_to 'go back to the control panel', :controller => 'tasks', :action => 'index' %>
	13	instead.

rool/rails/hub/trunk/app/views/account/edit_roles.rhtml:

prev.	current

		<%= end_form_tag %>

		<p />
34		~~To cancel the change, select one of the following options:~~
	34	Alternatively, please select one of the following options:

		<p />
37		~~<ul>~~
38		~~<li><%= link_to 'Return to control panel', :controller => 'tasks', :action => nil %></li>~~
39		~~<li><%= link_to 'Return to the list', :action => 'list' %></li>~~
40		~~<li><%= button_to 'Return to account details', :action => 'show', :id => @user.id %></li>~~
41		~~</ul>~~
	37	<table border="0" cellspacing="0" cellpadding="6" align="center">
	38	<tr valign="top" align="center">
	39	<td><%= make_action_link('tasks', 'index', 80, 80, 'Control<br />panel') %></td>
	40	<td>  </td>
	41	<td><%= make_action_link('account', 'list', 80, 80, 'Return<br />to list') %></td>
	42	<td>  </td>
	43	<td><%= make_protected_action_link('account', 'show', @user.id, 'Return<br />to details') %></td>
	44	<td>  </td>
	45	<td class="dangerous"><%= make_protected_action_link('account', 'destroy', @user.id, 'Delete<br />account', 'Are you absolutely sure you want to permanently delete this account?') %></td>
	46	</tr>
	47	</table>

rool/rails/hub/trunk/app/views/account/forgot_password.rhtml:

prev.	current


		<p />
		If you don't want to do this, you can
20		~~<%= link_to 'go back to the list of tasks', :controller => 'tasks', :action => 'index' %>~~
	20	<%= link_to 'go back to the control panel', :controller => 'tasks', :action => 'index' %>
		instead.

rool/rails/hub/trunk/app/views/account/list.rhtml:

prev.	current

		</table>

		<p />
28		~~Options:~~
29
30		~~<p />~~
31		~~<ul>~~
32		~~<li><%= link_to 'Return to control panel', :controller => 'tasks', :action => nil %></li>~~
33		~~</ul>~~
	28	When you've finished managing accounts, you can
	29	<%= link_to 'return to control panel', :controller => 'tasks', :action => nil %>.

rool/rails/hub/trunk/app/views/account/login.rhtml:

prev.	current

1		~~Please enter your e-mail address and account password in the table below, then~~
2		~~use the "Log in" button below to proceed. If you don't have a web site account~~
3		~~yet, <%= link_to 'please sign up', { :action => 'signup' } %>.~~
	1	Please enter your e-mail address and account password in the table below, then
	2	use the "Log in" button below to proceed.

5		~~<p />~~
6		~~<%= start_form_tag %>~~
7		~~<table class="list" cellspacing="1" cellpadding="4" border="1" align="center" bgcolor="#ffffff">~~
8		~~<tr>~~
9		~~<th bgcolor="#eeeeee" align="left"><label for="email">E-mail address</label></th>~~
10		~~<td><%= text_field_tag 'email', @email, :size => 40, :maxlength => 200 %></td>~~
11		~~</tr>~~
12		~~<tr>~~
13		~~<th bgcolor="#eeeeee" align="left"><label for="password">Password</label></th>~~
14		~~<td><%= password_field_tag 'password', '', :size => 40, :maxlength => 40 %></td>~~
15		~~</tr>~~
16		~~</table>~~
	4	<p />
	5	<%= start_form_tag %>
	6	<table class="list" cellspacing="1" cellpadding="4" border="1" align="center" bgcolor="#ffffff">
	7	<tr>
	8	<th bgcolor="#eeeeee" align="left"><label for="email">E-mail address</label></th>
	9	<td><%= text_field_tag 'email', @email, :size => 40, :maxlength => 200 %></td>
	10	</tr>
	11	<tr>
	12	<th bgcolor="#eeeeee" align="left"><label for="password">Password</label></th>
	13	<td><%= password_field_tag 'password', '', :size => 40, :maxlength => 40 %></td>
	14	</tr>
	15	</table>

18		~~<p align="center" />~~
19		~~<%= submit_tag('Log in') %>~~
20		~~<%= end_form_tag %>~~
	17	<p align="center" />
	18	<%= submit_tag('Log in') %>
	19	<%= end_form_tag %>

22		~~<p />~~
23		~~Other options:~~
	21	<p />
	22	Other options:

25		~~<p />~~
26		~~<ul>~~
27		~~<li><%= link_to 'Go back to the list of tasks', :controller => 'tasks', :action => 'index' %></li>~~
28		~~<li><%= link_to 'Forgotten your password?', :controller => 'account', :action => 'forgot_password' %></li>~~
29		~~</ul>~~
	24	<p />
	25	<table border="0" cellspacing="0" cellpadding="6" align="center">
	26	<tr valign="top" align="center">
	27	<td><%= make_action_link('tasks', 'index', 80, 80, 'Control<br />panel') %></td>
	28	<td>  </td>
	29	<td><%= make_action_link('account', 'forgot_password', 80, 80, 'Forgotten<br />password?') %></td>
	30	<td>  </td>
	31	<td><%= make_action_link('account', 'signup', 80, 80, 'Sign up!') %></td>
	32	</tr>
	33	</table>

rool/rails/hub/trunk/app/views/account/show.rhtml:

prev.	current

		</table>

		<p />
41		~~Options:~~
42
43		~~<p />~~
44		~~<ul>~~
45		~~<li><%= link_to 'Return to the list', :action => 'list' %></li>~~
46		~~<li><%= link_to 'Return to control panel', :controller => 'tasks', :action => nil %></li>~~
47		~~<%= show_actions(@user) %>~~
48		~~</ul>~~
	41	<table border="0" cellspacing="0" cellpadding="6" align="center">
	42	<tr valign="top" align="center">
	43	<td><%= make_action_link('tasks', 'index', 80, 80, 'Control<br />panel') %></td>
	44	<td>  </td>
	45	<td><%= make_action_link('account', 'list', 80, 80, 'Return<br />to list') %></td>
	46	<td>  </td>
	47	<td><%= make_protected_action_link('account', 'edit_roles', @user.id, 'Edit<br />roles') %></td>
	48	<td>  </td>
	49	<td class="dangerous"><%= make_protected_action_link('account', 'destroy', @user.id, 'Delete<br />account', 'Are you absolutely sure you want to permanently delete this account?') %></td>
	50	</tr>
	51	</table>

rool/rails/hub/trunk/app/views/account/signup.rhtml:

prev.	current

		log in.

		<p />
	6	Your <b>e-mail address</b> is required for account activiation. Please give a
	7	reasonably complete <b>real name</b> that you are happy being used in forum posts,
	8	documentation pages, welcome messages and so-on (e.g. "John Doe"). Your
	9	<b>password</b> can consist of any combination of letters, numbers and symbols
	10	but must be at least four characters long.
	11
	12	<p />
		<%= error_messages_for :user %>

		<% form_for :user do \|f\| %>
...	...
		<% end %>

		<p />
	41	We will never pass your details to third parties or send you unsolicited e-mail messages.
	42	For more information, please see our <a href="/rails/radiant/documentation/privacy">privacy
	43	page</a>.
	44
	45
	46	<p />
		If you don't want to do this, you can
35		~~<%= link_to 'go back to the list of tasks', :controller => 'tasks', :action => 'index' %>~~
	48	<%= link_to 'go back to the control panel', :controller => 'tasks', :action => 'index' %>
		instead.

rool/rails/hub/trunk/app/views/layouts/default.rhtml:

prev.	current

		<table width="85%" cellspacing="0" cellpadding="0" align="center">
		<tr valign="top" align="left">
		<td width="75%">
19		~~<%= '<h2 align="left" class="notice">' + flash[:notice] + '</h2><p>' if (flash[:notice]) -%>~~
20		~~<%= '<h2 align="left" class="attention">' + flash[:attention] + '</h2><p>' if (flash[:attention]) -%>~~
21		~~<%= '<h2 align="left" class="alert">' + flash[:alert] + '</h2><p>' if (flash[:alert]) -%>~~
	19	<%= hubssolib_flash_tags -%>

	21	<div class="content">
		<%= @content_for_layout %>
	23	</div>
		</td>

		<td>  </td>

rool/rails/hub/trunk/app/views/shared/_theme.rhtml:

prev.	current

1		~~-->The RISC OS Open Hub theme is an original creation<!--~~
	1	-->The RISC OS Open Hub icons are adapted from material at <a href="http://openclipart.org/">openclipart.org</a><!--

rool/rails/hub/trunk/app/views/tasks/index.rhtml:

prev.	current

1		~~<h2>RISC OS Open web site accounts</h2>~~
	1	<h2>Web site accounts: Control panel</h2>

3		~~<p />~~
4		~~The RISC OS Open web site asks its users to create accounts if~~
5		~~they want to do things like make forum posts or comment on news~~
6		~~articles. Currently available account management options are~~
7		~~listed below.~~
	3	<p />
	4	The RISC OS Open web site asks its users to create accounts if
	5	they want to do things like make forum posts or comment on news
	6	articles. Currently available account management options are
	7	listed below.

9		~~<p />~~
10		~~<ul>~~
	9	<p />
	10	<table border="0" cellspacing="0" cellpadding="6" align="center">
	11	<tr valign="top" align="center">
		<% unless hubssolib_logged_in? -%>
12		~~<li><%= link_to 'Log in to your web site account', :controller => 'account', :action => 'login' %></li>~~
13		~~<li><%= link_to 'Create a new account', :controller => 'account', :action => 'signup' %></li>~~
14		~~<li><%= link_to "Forgotten your password?", :controller => 'account', :action => 'forgot_password' %></li>~~
	13	<td><%= make_action_link('account', 'login', 80, 80, 'Log in') %></td>
	14	<td>  </td>
	15	<td><%= make_action_link('account', 'forgot_password', 80, 80, 'Forgotten<br />password?') %></td>
	16	<td>  </td>
	17	<td><%= make_action_link('account', 'signup', 80, 80, 'Sign up!') %></td>
		<% else -%>
16		~~<li><%= link_to 'Change my account password', :controller => 'account', :action => 'change_password' %></li>~~
17		~~<li><%= link_to 'Update account details', :controller => 'account', :action => 'change_details' %></li>~~
18		~~<li><%= link_to 'Delete my account', :controller => 'account', :action => 'delete' %></li>~~
19		~~<li><%= link_to 'Log out', :controller => 'account', :action => 'logout' %></li>~~
	19	<td><%= make_action_link('account', 'logout', 80, 80, 'Log out') %></td>
	20	<td>  </td>
	21	<td><%= make_action_link('account', 'change_password', 80, 80, 'Change<br />password') %></td>
	22	<td>  </td>
	23	<td><%= make_action_link('account', 'change_details', 80, 80, 'Update<br />details') %></td>
	24	<td>  </td>
	25	<td class="dangerous"><%= make_protected_action_link('account', 'delete', nil, 'Delete<br />account') %></td>
		<% end -%>
21		~~</ul>~~
	27	</tr>
	28	</table>

		<% if hubssolib_logged_in? && hubssolib_authorized?('list', AccountController) -%>
24		~~<p />~~
25		~~Administrative options:~~
	31	<p />
	32	Administrative options:

27		~~<p />~~
28		~~<ul>~~
29		~~<li><%= link_to 'List all accounts', :controller => 'account', :action => 'list' %></li>~~
30		~~</ul>~~
31		~~<% end -%>~~
	34	<p />
	35	<table border="0" cellspacing="0" cellpadding="6" align="center">
	36	<tr valign="top" align="center">
	37	<td><%= make_action_link('account', 'list', 80, 80, 'List accounts') %></td>
	38	</tr>
	39	</table>
	40	<% end -%>

rool/rails/hub/trunk/config/environment.rb:

prev.	current

		# codes persist in the database indefinitely but will be rejected
		# if too old when someone tries to use one.
		RESET_TIME_LIMIT = 2 * 24 * 60 * 60
95
96		~~# Time limit, in seconds, for the account inactivity timeout.~~
97		~~# If a user performs no Clubhouse actions during this time they~~
98		~~# will be automatically logged out upon their next action.~~
99		~~IDLE_TIME_LIMIT = 15 * 60~~
100
101		~~# Random file location~~
102		~~RND_FILE_PATH = '/home/adh/.rnd'~~
103
104		~~# Session data cookie name~~
105		~~SESSION_DATA_KEY = 'hubapp_session_data'~~
106
107		~~# Session data cookie expiry time in seconds~~
108		~~SESSION_DATA_EXPIRY = 2 * 24 * 60 * 60~~

rool/rails/hub/trunk/public/stylesheets/risc_os_open.css:

prev.	current

		text-align: center;
		}

	43	TABLE TD.dangerous IMG,
	44	TABLE TD.dangerous INPUT[type='image']
	45	{
	46	border: 2px solid #966;
	47	background: #fee;
	48	margin: 1px;
	49	}
	50
		FORM.button-to INPUT
		{
		margin-top: 4px;
...	...
		margin-top: 4px;
		width: 100%;
		}
	62
	63	TABLE TD INPUT[type='image']
	64	{
	65	border: none;
	66	background: inherit;
	67	}
	68
	69	DIV.content A.image,
	70	DIV.content A.image:hover
	71	{
	72	background: inherit;
	73	border: none;
	74	}
	75