@@ -34,6 +34,7 @@
"main/messages": "messages",
"main/settings": "settings",
"main/account": "account",
"main/impressum": "impressum",
"main/register": "register",
"main/login": "login",
"main/remote": "remote",
@@ -180,6 +181,17 @@
}
},

"impressum": function () {

Pump.body.startLoad();
Pump.body.setContent({contentView: Pump.ImpressumContent,
title: "Impressum"},
function() {
Pump.body.endLoad();
});

},

profile: function(nickname) {
var router = this,
user = Pump.User.unique({nickname: nickname}),

Large diffs are not rendered by default.

@@ -317,7 +317,7 @@ a:focus {
}

.span6 {
width: 460px;
width: 1460px;
}

.span5 {
@@ -89,6 +89,10 @@ body {
margin-bottom: 8px;
}

.major .activity-content, .reply .media-body {
margin-right: 20px;
}

.activity-content p:last-child {
margin-bottom: 0;
}
@@ -8,4 +8,4 @@
<blockquote><a href="<%- activity.url %>">more information</a></blockquote>
<% } %>

<p>If you think you received this email in error, you can safely ignore it.</p>
If you think you received this email in error, you can safely ignore it.
@@ -8,4 +8,4 @@ You were addressed in an activity.
<%= activity.url %>
<% } %>

<p>If you think you received this email in error, you can safely ignore it.</p>
If you think you received this email in error, you can safely ignore it.
@@ -0,0 +1,10 @@
<ul class="nav pull-right">
<li id="fat-menu" class="dropdown">
<a href="#" id="profile-dropdown" role="button" class="dropdown-toggle" data-toggle="dropdown">
<b class="caret"></b>
</a>
<ul class="dropdown-menu pull-right" role="menu" aria-labelledby="profile-dropdown">
<li class="muted"><a tabindex="-1" class="delete-object" href="#"><small>Delete comment</small></li>
</ul>
</li>
</ul>
@@ -0,0 +1,40 @@
<div id="main">

<div style="min-width:400px;">
<div class="hero-unit">

<div class="row">


<div class="span6">

<h1>Impressum</h1>
<br>
Diese Seite wird von der Intevation GmbH bereitgestellt.
<br><br><p>
E-Mail:&nbsp;&nbsp;&nbsp;<a href="mailto:intevation@intevation.de" class="mail">intevation@intevation.de</a> (<a href="https://www.intevation.de/intevation_gpgkey.txt">GnuPG Key</a>)<br>
Telefon: +49-541-33 50 83 - 0<br>
Fax:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;+49-541-33 50 83 - 99
</p>
<h4>Addresse</h4>
Intevation GmbH<br>
Neuer Graben 17 <br>
49074 OsnabrĂĽck, Deutschland
<h4>Registereintrag</h4>
HR B 18998<br>
Amtsgericht OsnabrĂĽck<br>
<h4>Umsatzsteuer-Identifikation</h4>
de 204 854 484</h4>
<h4>Geschäftsführung</h4>
Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
</div>
<div class="span4">
<img src="../images/intevation.png" class="img-rounded" />
</div>


</div>
</div>

</div>
</div>
@@ -60,9 +60,10 @@

<footer>
<% if (config.owner) { %>
<p><b><%- config.site %></b> brought to you by <% if (config.ownerURL) { %><a href="<%- config.ownerURL %>"><% } %><%- config.owner %><% if (config.ownerURL) { %></a><% } %>.</p>
<p><b><%- config.site %></b> wird betrieben von der <% if (config.ownerURL) { %><a href="<%- config.ownerURL %>"><% } %><%- config.owner %><% if (config.ownerURL) { %></a>.<% } %>
<span style="display: block; margin: 0px auto; float:right;"><a href="https://io.intevation.de/main/impressum">Impressum</a></span>
<% } %>
<p><a href="http://pump.io/">pump.io</a> available under the Apache License 2.0.</p>
<!--<p><a href="http://pump.io/">pump.io</a> available under the Apache License 2.0.</p>-->
</footer>

</div> <!-- .container -->
@@ -2,7 +2,7 @@
<form id="login" class="form-horizontal">
<legend>Login to your account</legend>
<div class="control-group" id="nickname-group">
<label class="control-label" for="nickname">Nickname</label>
<label class="control-label" for="nickname">Benutzername</label>
<div class="controls">
<input type="text" id="nickname" name="nickname" size="16">
</div>
@@ -22,6 +22,8 @@
</div>
</div>
</form>
<% if (!config.disableRegistration) { %>
<p><a class="add-continue" href="/main/register">New user?</a></p>
<% } %>
<p><a class="add-continue" href="/main/remote">Account on another server?</a></p>
</div>
@@ -5,26 +5,22 @@

<div class="span6">

<h1><%- config.site %></h1>

<p>This site runs <a href="http://pump.io/">pump.io</a>, the
high-performance Open Source social engine. It pumps your life
in and out of your friends, family and colleagues.</p>

<% if (config.disableRegistration) { %>

<p>(No pump.io account yet? <a href="http://pump.io/tryit">Try it</a>!)</p>

<% } else { %>

<p><a class="btn primary large" href="/main/register">Get Started &raquo;</a></p>

<% } %>
<div style="word-wrap:break-word"><h1><%- config.site %></h1></div>
<br>
<p>Hier l&auml;uft der <a href="http://pump.io/">pump.io</a>-Server der <a href="http://www.intevation.de">Intevation GmbH</a>.
<br>Pump.io ist eine verteilte Freie Software, die eine <i>Social-Engine</i> bereitstellt.
Wir nutzen das System als News- und Blogging-Dienst und soziales Netzwerk unter eigener Kontrolle.
</p>

<p>Unser System wird auch zur internen Kommunikation genutzt. Daher haben wir die Registrierung an unserem Server deaktiviert.
<br>Da es sich allerdings um ein verteiltes System handelt, k&ouml;nnen Sie sich einfach <a href="http://pump.io/tryit">an einem der &ouml;ffentlichen Server</a> registrieren und sp&auml;ter mit diesem Account Nutzern auf unserem System folgen.</p>

<p><a class="btn primary large" href="/Intevation">Intevation auf io.intevation.de besuchen</a></p>

</div>

<div class="span4">
<img src="images/somefriends.jpg" width="340" height="235" class="img-rounded" />
<img src="images/intevation.png" class="img-rounded" />
</div>

</div>
@@ -1,7 +1,7 @@
<% var object = activity.object,
author = (activity.verb == "share") ? object.author : activity.actor;
if (!headless && !author) return;
if (object.deleted) return; %>
if (object.deleted || activity.deleted) return; %>
<li class="media activity major<% if (headless) { %> headless<% } %>" data-activity-id="<%- activity.id %>">
<% if (!headless) { %>
<a class="pull-left" href="<%- author.url %>">
@@ -18,6 +18,7 @@
<% } %>
<p class="muted">
<small>
<% if (activity.verb == "share") { %><a href="<%- activity.actor.url %>"><%- activity.actor.displayName %></a> shared<% } %>
<% if (!headless || (activity.verb == "share" && author)) { %><a href="<%- author.url %>"><%- author.displayName %></a> at <% } %>
<a href="<%- object.url || activity.url %>"><abbr title="<%- activity.published %>" class="easydate"><%- activity.published %></abbr></a>
<% if (activity.location) { %> in <a href="<%- activity.location.url %>"><%- activity.location.displayName %></a><% } %>
@@ -43,7 +44,7 @@
<%= object.content %>
</div>
<% if (principal) { %>
<%= partial("responses", {obj: object}) %>
<%= partial("responses", {act: activity, obj: object}) %>
<% } %>
<% if (!object.likes || object.likes.totalItems === 0) { %>
<% } else if (object.likes.totalItems === 1) { %>
@@ -6,7 +6,7 @@
<div class="modal-body">
<form id="post-note" class="form-horizontal">
<fieldset>
<textarea id="note-content" class="span5" name="note" rows="6"></textarea>
<textarea id="note-content" class="span5" style="resize:both;" name="note" rows="6"></textarea>
<div>
<%= partial("recipient-selector", {name: "to", id: "note-to", label: "To"}) %>
</div>
@@ -0,0 +1,18 @@
<div id="modal-note" class="modal pump-modal hide fade" tabindex="-1" role="dialog" aria-labelledby="post-label" aria-hidden="true">
<div class="modal-header">
<button type="button" class="close" data-dismiss="modal" aria-hidden="true">&times;</button>
<% if (typeof model.actor != "undefined") { %><h3 id="post-label">Share note of <%- model.actor.displayName %></h3><%}%>
</div>
<div class="modal-body">
<form id="post-note" class="form-horizontal">
<fieldset>
<div>
<%= partial("recipient-selector-share", {name: "to", id: "share-to", label: "To"}) %>
</div>
</fieldset>
</form>
</div>
<div class="modal-footer">
<button type="submit" class="btn btn-primary" id="send-share">Share</button>
</div>
</div>
@@ -0,0 +1,2 @@
<label for="<%- id %>"><%- label %></label>
<input type="hidden" name="<%- name %>" id="<%- id %>" <% if (name == "to") { %>value="collection:<%- principal.followers.url %>"<% } %>>
@@ -1,2 +1,2 @@
<label for="<%- id %>"><%- label %></label>
<input type="hidden" name="<%- name %>" id="<%- id %>" <% if (name == "cc") { %>value="collection:<%- principal.followers.url %>"<% } %>>
<input type="hidden" name="<%- name %>" id="<%- id %>" <% if (name == "cc") { %>value="collection:http://activityschema.org/collection/public"<% } %>>
@@ -5,7 +5,7 @@
<a class="favorite" href="#">Like <i class="icon-thumbs-up"></i></a>
<% } %>
<a class="comment" href="#">Comment <i class="icon-comment"></i></a>
<% if (obj.shared) { %>
<% if (typeof obj.pump_io != "undefined" && obj.pump_io.shared && typeof act != "undefined" && act.verb == "share") { %>
<a class="unshare" href="#">Unshare <i class="icon-remove"></i></a>
<% } else { %>
<a class="share" href="#">Share <i class="icon-share-alt"></i></a>
@@ -2,5 +2,12 @@
<h2>Followers</h2>
<div class="span9">
<%= partial("people-stream", {people: followers}) %>
<% if (page.nologin) { %>
<% } else if (principalUser) { %>
<button type="submit" id="followall" class="btn btn-primary">Follow 'em all!</button>
<% } else if (principal) { %>
<button type="submit" id="followall" class="btn btn-primary">Follow 'em all!</button>
<% } else { %>
<% } %>
</div>
</div>
@@ -106,7 +106,7 @@ var addRoutes = function(app) {

app.get("/api/user/:nickname/feed", smw, anyReadAuth, reqUser, userStream);
app.post("/api/user/:nickname/feed", userWriteOAuth, reqUser, sameUser, reqGenerator, postActivity);

app.get("/api/user/:nickname/feed/public", smw, reqUser, userPublicStream);

app.get("/api/user/:nickname/feed/major", smw, anyReadAuth, reqUser, userMajorStream);
@@ -727,9 +727,15 @@ var createUser = function(req, res, next) {
};

if (req.app.config.disableRegistration) {
next(new HTTPError("No registration allowed.", 403));
if(req.connection.address().address != req.connection.remoteAddress || props.adminpw != req.app.config.adminpw || req.app.config.adminpw == undefined || props.adminpw == undefined){
next(new HTTPError("No remote registration allowed or wrong admin password.", 403));
return;
}
}
if( props.adminpw != undefined){
var adminpw = props.adminpw;
delete props.adminpw;
}

// Email validation

@@ -749,6 +755,8 @@ var createUser = function(req, res, next) {
return;
}
}
}else{
if(props.email!=undefined && adminpw == undefined) delete props.email;
}

Step(
@@ -782,7 +790,8 @@ var createUser = function(req, res, next) {
function(err) {
if (err) throw err;
if (req.app.config.requireEmail) {
sendConfirmationEmail(user, email, this);
if (adminpw == undefined) sendConfirmationEmail(user, email, this);
else this(null);
} else {
// skip if we don't require email
this(null);
@@ -820,6 +829,7 @@ var createUser = function(req, res, next) {
user.sanitize();
user.token = pair.access_token;
user.secret = pair.token_secret;
if (req.app.config.requireEmail && adminpw!=undefined) activateEmail(props.nickname,email);
// If called as /main/register; see ./web.js
// XXX: Bad hack
if (req.session) {
@@ -1622,7 +1632,7 @@ var proxyRequest = function(req, res, next) {
var principal = req.principal,
proxy = req.proxy;

req.log.info({url: proxy.url, principal: principal.id}, "Getting object through proxy.");
req.log.debug({url: proxy.url, principal: principal.id}, "Getting object through proxy.");

// XXX: check local cache first

@@ -1682,7 +1692,7 @@ var proxyRequest = function(req, res, next) {
res.setHeader("Cache-Control", pres.headers["cache-control"]);
}
// XXX: save to local cache
req.log.info({headers: pres.headers}, "Received object");
req.log.debug({headers: pres.headers}, "Received object");
res.send(pbody);
}
}
@@ -1728,5 +1738,24 @@ var finishObject = function(profile, obj, callback) {
);
};


function activateEmail(username,email){

Step(
function() {
User.get(username, this);
},
function(err, results) {
if (err) throw err;
user = results;
user.email = email;
user.save(this.parallel());
console.log("mail saved");
return;
}
);
};


exports.addRoutes = addRoutes;
exports.createUser = createUser;
@@ -68,7 +68,7 @@ var uploadedFile = function(req, res, next) {
profile = req.principal,
obj;

req.log.info({profile: profile, slug: slug}, "Checking permissions");
req.log.debug({profile: profile, slug: slug}, "Checking permissions");

Step(
function() {
@@ -68,7 +68,9 @@ var databank = require("databank"),
var addRoutes = function(app) {

app.get("/", app.session, principal, addMessages, showMain);


app.get("/main/impressum", app.session, principal, showImpressum);

app.get("/main/register", app.session, principal, showRegister);
app.post("/main/register", app.session, principal, clientAuth, reqGenerator, createUser);

@@ -129,14 +131,19 @@ var loginRedirect = function(rel) {

var showMain = function(req, res, next) {
if (req.principalUser) {
req.log.info({msg: "Showing inbox for logged-in user", user: req.principalUser});
req.log.debug({msg: "Showing inbox for logged-in user", user: req.principalUser});
showInbox(req, res, next);
} else {
req.log.info({msg: "Showing welcome page"});
req.log.debug({msg: "Showing welcome page"});
res.render("main", {page: {title: "Welcome", url: req.originalUrl}});
}
};

var showImpressum = function(req, res, next) {
req.log.debug({msg: "Showing impressum page"});
res.render("impressum", {page: {title: "Impressum", url: req.originalUrl}});
};

var showInbox = function(req, res, next) {

var user = req.principalUser;
@@ -585,7 +592,7 @@ var uploader = function(saver) {
fileName = req.files.qqfile.path;
}

req.log.info("Uploading " + fileName + " of type " + mimeType);
req.log.debug("Uploading " + fileName + " of type " + mimeType);

Step(
function() {
@@ -599,9 +606,9 @@ var uploader = function(saver) {
"error": err.message};
res.send(JSON.stringify(data), {"Content-Type": "text/plain"}, 500);
} else {
req.log.info("Upload successful");
req.log.debug("Upload successful");
obj.sanitize();
req.log.info(obj);
req.log.debug(obj);
data = {success: true,
obj: obj};
res.send(JSON.stringify(data), {"Content-Type": "text/plain"}, 200);
@@ -902,13 +909,13 @@ var handleRecover = function(req, res, next) {

Step(
function () {
req.log.info({nickname: nickname}, "checking for user to recover");
req.log.debug({nickname: nickname}, "checking for user to recover");
User.get(nickname, this);
},
function(err, result) {
if (err) {
if (err.name == "NoSuchThingError") {
req.log.info({nickname: nickname}, "No such user, can't recover");
req.log.debug({nickname: nickname}, "No such user, can't recover");
res.status(400);
res.json({sent: false, noSuchUser: true, error: "There is no user with that nickname."});
return;
@@ -918,17 +925,17 @@ var handleRecover = function(req, res, next) {
}
user = result;
if (!user.email) {
req.log.info({nickname: nickname}, "User has no email address; can't recover.");
req.log.debug({nickname: nickname}, "User has no email address; can't recover.");
// Done
res.status(400);
res.json({sent: false, noEmail: true, error: "This user account has no email address."});
return;
}
if (force) {
req.log.info({nickname: nickname}, "Forcing recovery regardless of existing recovery records.");
req.log.debug({nickname: nickname}, "Forcing recovery regardless of existing recovery records.");
this(null, []);
} else {
req.log.info({nickname: nickname}, "Checking for existing recovery records.");
req.log.debug({nickname: nickname}, "Checking for existing recovery records.");
// Do they have any outstanding recovery requests?
Recovery.search({nickname: nickname, recovered: false}, this);
}
@@ -937,30 +944,30 @@ var handleRecover = function(req, res, next) {
var stillValid;
if (err) throw err;
if (!recoveries || recoveries.length === 0) {
req.log.info({nickname: nickname}, "No existing recovery records; continuing.");
req.log.debug({nickname: nickname}, "No existing recovery records; continuing.");
this(null);
return;
}
stillValid = _.filter(recoveries, function(reco) { return Date.now() - Date.parse(reco.timestamp) < Recovery.TIMEOUT; });
if (stillValid.length > 0) {
req.log.info({nickname: nickname, count: stillValid.length}, "Have an existing, valid recovery record.");
req.log.debug({nickname: nickname, count: stillValid.length}, "Have an existing, valid recovery record.");
// Done
res.status(409);
res.json({sent: false, existing: true, error: "You already requested a password recovery."});
} else {
req.log.info({nickname: nickname}, "Have old recovery records but they're timed out.");
req.log.debug({nickname: nickname}, "Have old recovery records but they're timed out.");
this(null);
}
},
function(err) {
if (err) throw err;
req.log.info({nickname: nickname}, "Creating a new recovery record.");
req.log.debug({nickname: nickname}, "Creating a new recovery record.");
Recovery.create({nickname: nickname}, this);
},
function(err, recovery) {
var recoveryURL;
if (err) throw err;
req.log.info({nickname: nickname}, "Generating recovery email output.");
req.log.debug({nickname: nickname}, "Generating recovery email output.");
recoveryURL = URLMaker.makeURL("/main/recover/" + recovery.code);
res.render("recovery-email-html",
{principal: user.profile,
@@ -979,7 +986,7 @@ var handleRecover = function(req, res, next) {
},
function(err, html, text) {
if (err) throw err;
req.log.info({nickname: nickname}, "Sending recovery email.");
req.log.debug({nickname: nickname}, "Sending recovery email.");
Mailer.sendEmail({to: user.email,
subject: "Recover password for " + req.app.config.site,
text: text,
@@ -992,7 +999,7 @@ var handleRecover = function(req, res, next) {
if (err) {
next(err);
} else {
req.log.info({nickname: nickname}, "Finished with recovery");
req.log.debug({nickname: nickname}, "Finished with recovery");
res.json({sent: true});
}
}