[webui] remove person model - users rule them all

src/api/app/controllers/person_controller.rb

@@ -119,13 +119,6 @@ class ErrRegisterSave < APIException
   end
 
   def internal_register
-    if CONFIG['ldap_mode'] == :on
-      raise ErrRegisterSave.new "LDAP mode enabled, users can only be registered via LDAP"
-    end
-    if CONFIG['proxy_auth_mode'] == :on or CONFIG['ichain_mode'] == :on
-      raise ErrRegisterSave.new "Proxy authentification mode, manual registration is disabled"
-    end
-
     xml = REXML::Document.new( request.raw_post )
 
     logger.debug( "register XML: #{request.raw_post}" )
@@ -135,24 +128,7 @@ def internal_register
     email = xml.elements["/unregisteredperson/email"].text
     password = xml.elements["/unregisteredperson/password"].text
     note = xml.elements["/unregisteredperson/note"].text if xml.elements["/unregisteredperson/note"]
-    status = "confirmed"
-
-    unless User.current and User.current.is_admin?
-      note = ""
-    end
-
-    if ::Configuration.first.registration == "deny"
-      unless User.current and User.current.is_admin?
-        raise ErrRegisterSave.new "User registration is disabled"
-      end
-    elsif ::Configuration.first.registration == "confirmation"
-      status = "unconfirmed"
-    elsif ::Configuration.first.registration != "allow"
-      render_error :message => "Admin configured an unknown config option for registration",
-                   :errorcode => "server_setup_error", :status => 500
-      return
-    end
-    status = xml.elements["/unregisteredperson/state"].text if User.current and User.current.is_admin?
+    status = xml.elements["/unregisteredperson/state"].text
 
     if auth_method == :proxy
       if request.env['HTTP_X_USERNAME'].blank?
@@ -163,29 +139,8 @@ def internal_register
       realname = request.env['HTTP_X_FIRSTNAME'] + " " + request.env['HTTP_X_LASTNAME'] unless request.env['HTTP_X_LASTNAME'].blank?
     end
 
-    newuser = User.create( 
-              :login => login,
-              :password => password,
-              :password_confirmation => password,
-              :email => email )
-
-    newuser.realname = realname
-    newuser.state = User.states[status]
-    newuser.adminnote = note
-    logger.debug("Saving...")
-    newuser.save
-
-    if !newuser.errors.empty?
-      details = newuser.errors.map{ |key, msg| "#{key}: #{msg}" }.join(", ")
-      raise ErrRegisterSave.new "Could not save the registration, details: #{details}"
-    end
-
-    # create subscription for submit requests
-    if Object.const_defined? :Hermes
-      h = Hermes.new
-      h.add_user(login, email)
-      h.add_request_subscription(login)
-    end
+    User.register(login: login, realname: realname, email:
+        email, password: password, note: note, status: status)
 
     # This may fail when no notification is configured. Not important, so no exception handling for now
     # IchainNotifier.deliver_approval(newuser)
@@ -224,27 +179,13 @@ def update_watchlist( user, xml )
 
   def update_globalroles( user, xml )
     new_globalroles = []
-    old_globalroles = []
-
     xml.elements("globalrole") do |e|
       new_globalroles << e.to_s
     end
-
-    user.roles.where(global: true).each do |ugr|
-      old_globalroles << ugr.title
-    end
-    add_to_globalroles = new_globalroles.collect {|i| old_globalroles.include?(i) ? nil : i}.compact
-    remove_from_globalroles = old_globalroles.collect {|i| new_globalroles.include?(i) ? nil : i}.compact
-
-    remove_from_globalroles.each do |title|
-      user.roles_users.where(role_id: Role.find_by_title!(title).id).delete_all
-    end
-
-    add_to_globalroles.each do |title|
-      user.roles_users.new(role: Role.find_by_title!(title))
-    end
-    return true
+
+    user.update_globalroles( new_globalroles )
   end
+
   private :update_globalroles
 
   def change_my_password

src/api/app/models/user.rb

@@ -808,6 +808,80 @@ def watches?(name)
     watched_projects.joins(:project).where(projects: { name: name }).exists?
   end
 
+  def update_globalroles( new_globalroles )
+    old_globalroles = []
+
+    self.roles.where(global: true).each do |ugr|
+      old_globalroles << ugr.title
+    end
+
+    add_to_globalroles = new_globalroles.collect {|i| old_globalroles.include?(i) ? nil : i}.compact
+    remove_from_globalroles = old_globalroles.collect {|i| new_globalroles.include?(i) ? nil : i}.compact
+
+    remove_from_globalroles.each do |title|
+      self.roles_users.where(role_id: Role.find_by_title!(title).id).delete_all
+    end
+
+    add_to_globalroles.each do |title|
+      self.roles_users.new(role: Role.find_by_title!(title))
+    end
+  end
+
+  class ErrRegisterSave < APIException
+  end
+
+  def self.register(opts)
+    if CONFIG['ldap_mode'] == :on
+      raise ErrRegisterSave.new "LDAP mode enabled, users can only be registered via LDAP"
+    end
+    if CONFIG['proxy_auth_mode'] == :on or CONFIG['ichain_mode'] == :on
+      raise ErrRegisterSave.new "Proxy authentification mode, manual registration is disabled"
+    end
+
+    status = "confirmed"
+
+    unless User.current and User.current.is_admin?
+      opts[:note] = nil
+    end
+
+    if ::Configuration.first.registration == "deny"
+      unless User.current and User.current.is_admin?
+        raise ErrRegisterSave.new "User registration is disabled"
+      end
+    elsif ::Configuration.first.registration == "confirmation"
+      status = "unconfirmed"
+    elsif ::Configuration.first.registration != "allow"
+      render_error :message => "Admin configured an unknown config option for registration",
+                   :errorcode => "server_setup_error", :status => 500
+      return
+    end
+    status = opts[:status] if User.current and User.current.is_admin?
+
+    newuser = User.create(
+        :login => opts[:login],
+        :password => opts[:password],
+        :password_confirmation => opts[:password],
+        :email => opts[:email] )
+
+    newuser.realname = opts[:realname]
+    newuser.state = User.states[status]
+    newuser.adminnote = opts[:note]
+    logger.debug("Saving...")
+    newuser.save
+
+    if !newuser.errors.empty?
+      details = newuser.errors.map{ |key, msg| "#{key}: #{msg}" }.join(", ")
+      raise ErrRegisterSave.new "Could not save the registration, details: #{details}"
+    end
+
+    # create subscription for submit requests
+    if Object.const_defined? :Hermes
+      h = Hermes.new
+      h.add_user(login, email)
+      h.add_request_subscription(login)
+    end
+  end
+
   protected
   # This method allows to execute a block while deactivating timestamp
   # updating.

src/api/test/functional/person_controller_test.rb

@@ -180,10 +180,10 @@ def test_register_and_change_password_new_way
 
     u = User.find_by_login "adrianSuSE"
     assert_not_nil u
-    assert_equal u.login, "adrianSuSE"
-    assert_equal u.email, "adrian@suse.de"
-    assert_equal u.realname, "Adrian Schroeter"
-    assert_equal u.adminnote, ""
+    assert_equal "adrianSuSE", u.login
+    assert_equal "adrian@suse.de", u.email
+    assert_equal "Adrian Schroeter", u.realname
+    assert_equal nil, u.adminnote
 
     # change password
     data = 'NEWPASSW0RD'
@@ -232,7 +232,7 @@ def test_register_old_way
     assert_equal u.login, "adrianSuSE"
     assert_equal u.email, "adrian@suse.de"
     assert_equal u.realname, "Adrian Schroeter"
-    assert_equal u.adminnote, ""
+    assert_equal nil, u.adminnote
     u.destroy
 
   end

src/api/test/functional/webui/all_routes_test.rb

@@ -156,7 +156,6 @@ class Webui::AllRoutesTest < Webui::IntegrationTest
     urls << webui_engine.home_list_my_path
     urls << webui_engine.home_requests_path
     urls << webui_engine.home_home_project_path
-    urls << webui_engine.home_remove_watched_project_path
     urls << webui_engine.apidocs_path
     urls << webui_engine.apidocs_index_path
 

src/api/webui/app/controllers/webui/configuration_controller.rb

@@ -12,7 +12,7 @@ def connect_instance
   end
 
   def users
-    @users = ::User.all.to_a
+    @users = ::User.where("login != '_nobody_'").to_a
   end
 
   def groups

src/api/webui/app/controllers/webui/home_controller.rb

@@ -151,13 +151,6 @@ def home_project
     redirect_to :controller => :project, :action => :show, :project => "home:#{User.current.login}"
   end
 
-  def remove_watched_project
-    logger.debug "removing watched project '#{params[:project]}' from user '#{@user}'"
-    @user.remove_watched_project(params[:project])
-    @user.save
-    render :partial => 'watch_list'
-  end
-
   def overwrite_user
     @displayed_user = User.current
     if params['user'].present?
@@ -168,7 +161,7 @@ def overwrite_user
         flash[:error] = "User not found #{params['user']}"
       end
     end
-    unless @displayed_user
+    if @displayed_user.is_nobody?
       flash[:error] = "Please log in"
       redirect_to :controller => :user, :action => :login
     end

src/api/webui/app/controllers/webui/package_controller.rb

@@ -142,7 +142,7 @@ def binary
       # ignore files not available
       @durl = nil
     end
-    if @user and !@durl
+    unless User.current.is_nobody? or @durl
       # only use API for logged in users if the mirror is not available
       @durl = rpm_url( @project, @package, @repository, @arch, @filename )
     end

src/api/webui/app/controllers/webui/project_controller.rb

@@ -1100,10 +1100,10 @@ def package_buildresult
 
   def toggle_watch
     if User.current.watches? @project.name
-      logger.debug "Remove #{@project} from watchlist for #{@user}"
+      logger.debug "Remove #{@project} from watchlist for #{User.current}"
       User.current.remove_watched_project @project.name
     else
-      logger.debug "Add #{@project} to watchlist for #{@user}"
+      logger.debug "Add #{@project} to watchlist for #{User.current}"
       User.current.add_watched_project @project.name
     end
 

src/api/webui/app/controllers/webui/request_controller.rb

@@ -75,8 +75,9 @@ def show
 
     @my_open_reviews = @req['my_open_reviews']
     @other_open_reviews = @req['other_open_reviews']
-    @can_add_reviews = ['new', 'review'].include?(@state) && (@is_author || @is_target_maintainer || @my_open_reviews.length > 0) && !@user.nil?
-    @can_handle_request = ['new', 'review', 'declined'].include?(@state) && (@is_target_maintainer || @is_author) && !@user.nil?
+    @can_add_reviews = ['new', 'review'].include?(@state) && (@is_author || @is_target_maintainer || @my_open_reviews.length > 0) && !User.current.is_nobody?
+    @can_handle_request = ['new', 'review', 'declined'].include?(@state) && (@is_target_maintainer || @is_author) && !User.current.is_nobody?
+Rails.logger.debug "CHR #{@can_handle_request} - #{@is_target_maintainer} - #{@is_author}"
 
     @events = @req['events']
     @actions = @req['actions']
@@ -197,9 +198,9 @@ def delete_request_dialog
   end
 
   def delete_request
-    required_parameters :project, :package
+    required_parameters :project
     begin
-      req = BsRequest.new(:type => 'delete', :targetproject => params[:project], :targetpackage => params[:package], :description => params[:description])
+      req = Webui::BsRequest.new(:type => 'delete', :targetproject => params[:project], :targetpackage => params[:package], :description => params[:description])
       req.save(:create => true)
       Rails.cache.delete 'requests_new'
     rescue ActiveXML::Transport::Error => e