Merge branch 'release/0.21'0.21.0.0

Conflicts: locale/cy/app.po locale/es_NI/app.po locale/hr/app.po locale/is_IS/app.po locale/sr@latin/app.po
author: Louise Crow <louise.crow@gmail.com> 2015-03-30 16:00:02 +0100
committer: Louise Crow <louise.crow@gmail.com> 2015-03-30 16:00:02 +0100
commit: f24cc98afa25ad6010ae5316eecc15dfdb3fa79b (patch)
tree: c32fecb16bb2097da7dfdf90e6915fce0bf1a425 /app/controllers/user_controller.rb
parent: 823e58dc69960c600230b10604a0051359173f85 (diff)
parent: 3c0604cf900ad274d8f6ff421d39854ccbf4b6af (diff)
1 files changed, 13 insertions, 16 deletions
diff --git a/app/controllers/user_controller.rb b/app/controllers/user_controller.rb
index 43eb99c58..d66b4aa8e 100644
--- a/app/controllers/user_controller.rb
+++ b/app/controllers/user_controller.rb
@@ -7,15 +7,8 @@
 require 'set'
 
 class UserController < ApplicationController
-
     layout :select_layout
 
-    protect_from_forgery :only => [ :contact,
-                                    :set_profile_photo,
-                                    :signchangeemail,
-                                    :clear_profile_photo,
-                                    :set_profile_about_me ] # See ActionController::RequestForgeryProtection for details
-
     # Show page about a user
     def show
         long_cache
@@ -260,16 +253,8 @@ class UserController < ApplicationController
         do_post_redirect post_redirect
     end
 
-    # Logout form
-    def _do_signout
-        session[:user_id] = nil
-        session[:user_circumstance] = nil
-        session[:remember_me] = false
-        session[:using_admin] = nil
-        session[:admin_name] = nil
-    end
     def signout
-        self._do_signout
+        clear_session_credentials
         if params[:r]
             redirect_to URI.parse(params[:r]).path
         else
@@ -475,6 +460,12 @@ class UserController < ApplicationController
             return
         end
         if !params[:submitted_draft_profile_photo].nil?
+            if @user.banned?
+              flash[:error]= _('Banned users cannot edit their profile')
+              redirect_to set_profile_photo_path
+              return
+            end
+
             # check for uploaded image
             file_name = nil
             file_content = nil
@@ -584,6 +575,12 @@ class UserController < ApplicationController
             return
         end
 
+        if @user.banned?
+          flash[:error] = _('Banned users cannot edit their profile')
+          redirect_to set_profile_about_me_path
+          return
+        end
+
         @about_me = AboutMeValidator.new(params[:about_me])
         if !@about_me.valid?
             render :action => 'set_profile_about_me'
author	Louise Crow <louise.crow@gmail.com>	2015-03-30 16:00:02 +0100
committer	Louise Crow <louise.crow@gmail.com>	2015-03-30 16:00:02 +0100
commit	f24cc98afa25ad6010ae5316eecc15dfdb3fa79b (patch)
tree	c32fecb16bb2097da7dfdf90e6915fce0bf1a425 /app/controllers/user_controller.rb
parent	823e58dc69960c600230b10604a0051359173f85 (diff)
parent	3c0604cf900ad274d8f6ff421d39854ccbf4b6af (diff)