From 8d53e433c55bef27f6da1e80e61b762115726e78 Mon Sep 17 00:00:00 2001
From: Eric Davis <edavis@littlestreamsoftware.com>
Date: Wed, 11 Feb 2009 19:24:28 +0000
Subject: [PATCH] Added a system setting for allowing OpenID logins and
 registrations

* Defaults to off
* Is set in the Administration panel under Authentication

  #699

git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@2449 e93f8b46-1217-0410-a6f0-8f06a7374b81
---
 app/controllers/account_controller.rb      | 6 +++---
 app/views/account/login.rhtml              | 2 ++
 app/views/account/register.rhtml           | 4 +++-
 app/views/settings/_authentication.rhtml   | 3 +++
 app/views/users/_form.rhtml                | 2 ++
 config/settings.yml                        | 2 ++
 lang/en.yml                                | 1 +
 test/functional/account_controller_test.rb | 6 ++++++
 8 files changed, 22 insertions(+), 4 deletions(-)

diff --git a/app/controllers/account_controller.rb b/app/controllers/account_controller.rb
index 9f5200ee3..b9c6d9788 100644
--- a/app/controllers/account_controller.rb
+++ b/app/controllers/account_controller.rb
@@ -46,10 +46,10 @@ class AccountController < ApplicationController
       self.logged_user = nil
     else
       # Authenticate user
-      unless using_open_id?
-        password_authentication
-      else
+      if using_open_id? && Setting.openid?
         open_id_authenticate(params[:openid_url])
+      else
+        password_authentication
       end
     end
   end
diff --git a/app/views/account/login.rhtml b/app/views/account/login.rhtml
index d7a27821e..c55419d8e 100644
--- a/app/views/account/login.rhtml
+++ b/app/views/account/login.rhtml
@@ -10,10 +10,12 @@
     <td align="right"><label for="password"><%=l(:field_password)%>:</label></td>
     <td align="left"><%= password_field_tag 'password', nil, :size => 40 %></td>
 </tr>
+<% if Setting.openid? %>
 <tr>
   <td align="right"><label for="openid_url"><%=l(:field_identity_url)%></label></td>
   <td align="left"><%= text_field_tag "openid_url" %></td>
 </tr>
+<% end %>
 <tr>
     <td></td>
     <td align="left">
diff --git a/app/views/account/register.rhtml b/app/views/account/register.rhtml
index 71367e9b9..14f2636a4 100644
--- a/app/views/account/register.rhtml
+++ b/app/views/account/register.rhtml
@@ -1,4 +1,4 @@
-<h2><%=l(:label_register)%> <%=link_to l(:label_login_with_open_id_option), signin_url %></h2>
+<h2><%=l(:label_register)%><%=link_to l(:label_login_with_open_id_option), signin_url if Setting.openid? %></h2>
 
 <% form_tag({:action => 'register'}, :class => "tabular") do %>
 <%= error_messages_for 'user' %>
@@ -29,8 +29,10 @@
 <p><label for="user_language"><%=l(:field_language)%></label>
 <%= select("user", "language", lang_options_for_select) %></p>
 
+<% if Setting.openid? %>
 <p><label for="user_identity_url"><%=l(:field_identity_url)%></label>
 <%= text_field 'user', 'identity_url'  %></p>
+<% end %>
 
 <% @user.custom_field_values.select {|v| v.editable? || v.required?}.each do |value| %>
 	<p><%= custom_field_tag_with_label :user, value %></p>
diff --git a/app/views/settings/_authentication.rhtml b/app/views/settings/_authentication.rhtml
index 6bf20cbce..16bc16f1e 100644
--- a/app/views/settings/_authentication.rhtml
+++ b/app/views/settings/_authentication.rhtml
@@ -17,6 +17,9 @@
 
 <p><label><%= l(:label_password_lost) %></label>
 <%= check_box_tag 'settings[lost_password]', 1, Setting.lost_password? %><%= hidden_field_tag 'settings[lost_password]', 0 %></p>
+
+<p><label><%= l(:setting_openid) %></label>
+<%= check_box_tag 'settings[openid]', 1, Setting.openid? %><%= hidden_field_tag 'settings[openid]', 0 %></p>
 </div>
 
 <div style="float:right;">
diff --git a/app/views/users/_form.rhtml b/app/views/users/_form.rhtml
index 1579ea53b..00b6aeac5 100644
--- a/app/views/users/_form.rhtml
+++ b/app/views/users/_form.rhtml
@@ -7,7 +7,9 @@
 <p><%= f.text_field :lastname, :required => true %></p>
 <p><%= f.text_field :mail, :required => true %></p>
 <p><%= f.select :language, lang_options_for_select %></p>
+<% if Setting.openid? %>
 <p><%= f.text_field :identity_url  %></p>
+<% end %>
 
 <% @user.custom_field_values.each do |value| %>
 	<p><%= custom_field_tag_with_label :user, value %></p>
diff --git a/config/settings.yml b/config/settings.yml
index 1aba06441..73b4c4cfb 100644
--- a/config/settings.yml
+++ b/config/settings.yml
@@ -143,3 +143,5 @@ emails_footer:
     To change your notification preferences, please click here: http://hostname/my/account
 gravatar_enabled:  
   default: 0
+openid:
+  default: 0
diff --git a/lang/en.yml b/lang/en.yml
index a75a52990..1bb9fff85 100644
--- a/lang/en.yml
+++ b/lang/en.yml
@@ -229,6 +229,7 @@ setting_sequential_project_identifiers: Generate sequential project identifiers
 setting_gravatar_enabled: Use Gravatar user icons
 setting_diff_max_lines_displayed: Max number of diff lines displayed
 setting_repository_log_display_limit: Maximum number of revisions displayed on file log
+setting_openid: Allow OpenID login and registration
 
 permission_edit_project: Edit project
 permission_select_project_modules: Select project modules
diff --git a/test/functional/account_controller_test.rb b/test/functional/account_controller_test.rb
index aec626a2f..a95ae5bd8 100644
--- a/test/functional/account_controller_test.rb
+++ b/test/functional/account_controller_test.rb
@@ -66,6 +66,7 @@ class AccountControllerTest < Test::Unit::TestCase
   
   def test_login_with_openid_for_existing_user
     Setting.self_registration = '3'
+    Setting.openid = '1'
     existing_user = User.new(:firstname => 'Cool',
                              :lastname => 'User',
                              :mail => 'user@somedomain.com',
@@ -79,6 +80,7 @@ class AccountControllerTest < Test::Unit::TestCase
 
   def test_login_with_openid_with_new_user_created
     Setting.self_registration = '3'
+    Setting.openid = '1'
     post :login, :openid_url => 'http://openid.example.com/good_user'
     assert_redirected_to 'my/account'
     user = User.find_by_login('cool_user')
@@ -89,6 +91,7 @@ class AccountControllerTest < Test::Unit::TestCase
 
   def test_login_with_openid_with_new_user_and_self_registration_off
     Setting.self_registration = '0'
+    Setting.openid = '1'
     post :login, :openid_url => 'http://openid.example.com/good_user'
     assert_redirected_to home_url
     user = User.find_by_login('cool_user')
@@ -97,6 +100,7 @@ class AccountControllerTest < Test::Unit::TestCase
 
   def test_login_with_openid_with_new_user_created_with_email_activation_should_have_a_token
     Setting.self_registration = '1'
+    Setting.openid = '1'
     post :login, :openid_url => 'http://openid.example.com/good_user'
     assert_redirected_to 'login'
     user = User.find_by_login('cool_user')
@@ -108,6 +112,7 @@ class AccountControllerTest < Test::Unit::TestCase
   
   def test_login_with_openid_with_new_user_created_with_manual_activation
     Setting.self_registration = '2'
+    Setting.openid = '1'
     post :login, :openid_url => 'http://openid.example.com/good_user'
     assert_redirected_to 'login'
     user = User.find_by_login('cool_user')
@@ -117,6 +122,7 @@ class AccountControllerTest < Test::Unit::TestCase
   
   def test_login_with_openid_with_new_user_with_conflict_should_register
     Setting.self_registration = '3'
+    Setting.openid = '1'
     existing_user = User.new(:firstname => 'Cool', :lastname => 'User', :mail => 'user@somedomain.com')
     existing_user.login = 'cool_user'
     assert existing_user.save!