liquid_feedback_frontend

annotate app/main/registration/_action/register.lua @ 1859:02c34183b6df

find changesets by author, revision, files, or words in the commit message
Fixed wrong filename in INSTALL file
author bsw
date Tue Nov 28 18:54:51 2023 +0100 (21 months ago)
parents 38a8b840bff7
children
rev   line source
bsw/jbe@1309 1 local function check_italian_mobile_phone_number(value)
bsw/jbe@1309 2
bsw/jbe@1309 3 if not value then
bsw/jbe@1309 4 return false
bsw/jbe@1309 5 end
bsw/jbe@1309 6
bsw/jbe@1309 7 value = string.gsub(value, "[^0-9]*", "")
bsw/jbe@1309 8
bsw/jbe@1309 9 if #(value) < 9 or #(value) > 10 then
bsw/jbe@1309 10 return false
bsw/jbe@1309 11 end
bsw/jbe@1309 12
bsw/jbe@1309 13 local mobile_phone_prefixes = {
bsw/jbe@1309 14 { min = 320, max = 329, comment = "Wind Tre" },
bsw/jbe@1309 15 { min = 330, max = 339, comment = "Telecom Italia (TIM)" },
bsw/jbe@1309 16 { min = 340, max = 349, comment = "Vodafone Omnitel" },
bsw/jbe@1309 17 { min = 350, max = 359, comment = "" },
bsw/jbe@1309 18 { min = 360, max = 369, comment = "Telecom Italia (TIM)" },
bsw/jbe@1309 19 { min = 370, max = 379, comment = "" },
bsw/jbe@1309 20 { min = 380, max = 389, comment = "Wind Tre" },
bsw/jbe@1309 21 { min = 390, max = 393, comment = "Wind Tre" },
bsw/jbe@1309 22 { min = 394, max = 399, comment = "Wind Tre" }
bsw/jbe@1309 23 }
bsw/jbe@1309 24
bsw/jbe@1309 25 local value_prefix = tonumber(string.match(value, "^(...)"))
bsw/jbe@1309 26
bsw/jbe@1309 27 local valid_prefix = false
bsw/jbe@1309 28
bsw/jbe@1309 29 for i, prefix in ipairs(mobile_phone_prefixes) do
bsw/jbe@1309 30 trace.debug(value_prefix, prefix.min)
bsw/jbe@1309 31 if value_prefix >= prefix.min and value_prefix <= prefix.max then
bsw/jbe@1309 32 valid_prefix = true
bsw/jbe@1309 33 end
bsw/jbe@1309 34 end
bsw/jbe@1309 35
bsw/jbe@1309 36 if valid_prefix then
bsw/jbe@1309 37 return true
bsw/jbe@1309 38 else
bsw/jbe@1309 39 return false
bsw/jbe@1309 40 end
bsw/jbe@1309 41 end
bsw/jbe@1309 42
bsw/jbe@1309 43 local function check_uk_mobile_phone_number(value)
bsw/jbe@1309 44
bsw/jbe@1309 45 if not value then
bsw/jbe@1309 46 return false
bsw/jbe@1309 47 end
bsw/jbe@1309 48
bsw/jbe@1309 49 value = string.gsub(value, "[^0-9]*", "")
bsw/jbe@1309 50
bsw/jbe@1309 51 if #(value) < 11 or #(value) > 11 then
bsw/jbe@1309 52 return false
bsw/jbe@1309 53 end
bsw/jbe@1309 54
bsw/jbe@1309 55 local mobile_phone_prefixes = {
bsw/jbe@1309 56 { min = 071, max = 079, comment = "UK phone" },
bsw/jbe@1309 57 }
bsw/jbe@1309 58
bsw/jbe@1309 59 local value_prefix = tonumber(string.match(value, "^(...)"))
bsw/jbe@1309 60
bsw/jbe@1309 61 local valid_prefix = false
bsw/jbe@1309 62
bsw/jbe@1309 63 for i, prefix in ipairs(mobile_phone_prefixes) do
bsw/jbe@1309 64 trace.debug(value_prefix, prefix.min)
bsw/jbe@1309 65 if value_prefix >= prefix.min and value_prefix <= prefix.max then
bsw/jbe@1309 66 valid_prefix = true
bsw/jbe@1309 67 end
bsw/jbe@1309 68 end
bsw/jbe@1309 69
bsw/jbe@1309 70 if valid_prefix then
bsw/jbe@1309 71 return true
bsw/jbe@1309 72 else
bsw/jbe@1309 73 return false
bsw/jbe@1309 74 end
bsw/jbe@1309 75 end
bsw/jbe@1309 76
bsw/jbe@1309 77 local errors = 0
bsw/jbe@1309 78
bsw/jbe@1309 79 local manual_verification
bsw/jbe@1309 80
bsw/jbe@1309 81 if config.self_registration.allow_bypass_checks and param.get("manual_verification") then
bsw/jbe@1309 82 manual_verification = true
bsw/jbe@1309 83 end
bsw/jbe@1309 84
bsw/jbe@1309 85 for i, checkbox in ipairs(config.use_terms_checkboxes) do
bsw/jbe@1309 86 local accepted = param.get("use_terms_checkbox_" .. checkbox.name, atom.boolean)
bsw/jbe@1309 87 if not accepted then
bsw/jbe@1309 88 slot.put_into("error", checkbox.not_accepted_error)
bsw/jbe@1309 89 errors = errors + 1
bsw/jbe@1309 90 end
bsw/jbe@1309 91 end
bsw/jbe@1309 92
bsw/jbe@1309 93 local email = param.get("email")
bsw/jbe@1309 94
bsw/jbe@1309 95 local members = Member:new_selector()
bsw/jbe@1309 96 :add_where{ "notify_email = ? OR notify_email_unconfirmed = ?", email }
bsw/jbe@1309 97 :exec()
bsw/jbe@1309 98
bsw/jbe@1309 99 if #members > 0 then
bsw/jbe@1309 100 slot.select("error", function()
bsw/jbe@1309 101 slot.put_into("registration_register_email_invalid", "already_used")
bsw/jbe@1309 102 ui.tag{ content = _"This email address already been used. Please check your inbox for an invitation or contact us." }
bsw/jbe@1309 103 end)
bsw/jbe@1309 104 errors = errors + 1
bsw/jbe@1309 105 end
bsw/jbe@1309 106
bsw/jbe@1309 107 local verification = Verification:new()
bsw/jbe@1309 108 verification.requested = "now"
bsw/jbe@1309 109 verification.request_origin = json.object{
bsw/jbe@1309 110 ip = request.get_header("X-Forwarded-For"),
bsw/jbe@1309 111 hostname = request.get_header("X-Forwarded-Host")
bsw/jbe@1309 112 }
bsw/jbe@1309 113 verification.request_data = json.object()
bsw/jbe@1309 114
bsw/jbe@1309 115 for i, field in ipairs(config.self_registration.fields) do
bsw@1423 116 if not field.internal and field.type ~= "comment" then
bsw@1359 117 if field.name == "date_of_birth" then
bsw@1359 118 local day = tonumber(param.get("verification_data_" .. field.name .. "_day"))
bsw@1359 119 local month = tonumber(param.get("verification_data_" .. field.name .. "_month"))
bsw@1359 120 local year = tonumber(param.get("verification_data_" .. field.name .. "_year"))
bsw@1359 121 local date = atom.date:new{ year = year, month = month, day = day }
bsw@1359 122 if date.invalid then
bsw@1359 123 slot.select("error", function()
bsw@1359 124 ui.container{ content = _"Please check date of birth" }
bsw@1359 125 slot.put_into("self_registration__invalid_" .. field.name, "invalid")
bsw@1359 126 end)
bsw@1359 127 errors = errors + 1
bsw@1359 128 end
bsw@1359 129 local today = atom.date:get_current()
bsw@1421 130 local min_age = config.self_registration.min_age or 16
bsw@1421 131 local date_nyears_ago = atom.date:new{ year = today.year - min_age, month = today.month, day = today.day }
bsw@1421 132 if date_nyears_ago.invalid and today.month == 2 and today.day == 29 then
bsw@1421 133 date_nyears_ago = atom.date:new{ year = today.year - min_age, month = 2, day = 28 }
bsw@1359 134 end
bsw@1421 135 if date > date_nyears_ago then
bsw@1359 136 request.redirect{ external = encode.url { module = "registration", view = "register_rejected_age" } }
bsw@1359 137 return
bsw@1334 138 end
bsw@1359 139 verification.request_data[field.name] = string.format("%04i-%02i-%02i", year, month, day)
bsw@1359 140
bsw@1685 141 elseif field.type == "multiselect" then
bsw@1685 142 local values = {}
bsw@1685 143 for i_options, option in ipairs(field.options) do
bsw@1685 144 if not option.id then
bsw@1685 145 option.id = option.name
bsw@1685 146 end
bsw@1685 147 local value = param.get("verification_data_" .. field.name .. "__" .. option.id)
bsw@1685 148 if value == "1" then
bsw@1685 149 if option.other then
bsw@1685 150 table.insert(values, param.get("verification_data_" .. field.name .. "_other"))
bsw@1685 151 else
bsw@1692 152 table.insert(values, option.id)
bsw@1685 153 end
bsw@1685 154 end
bsw@1689 155 end
bsw@1691 156 if not field.optional and #values < 1 then
bsw@1689 157 slot.put_into("self_registration__invalid_" .. field.name, "to_short")
bsw@1689 158 slot.select("error", function()
bsw@1689 159 ui.container{ content = _("Please enter: #{field_name}", { field_name = field.label or field.title }) }
bsw@1689 160 end)
bsw@1689 161 errors = errors + 1
bsw@1689 162 end
bsw@1685 163 verification.request_data[field.name] = table.concat(values, ", ")
bsw/jbe@1309 164 else
bsw@1359 165 local value = param.get("verification_data_" .. field.name)
bsw@1684 166 if field.type == "dropdown" then
bsw@1684 167 local other_option_id
bsw@1684 168 for i_options, option in ipairs(field.options) do
bsw@1684 169 if not option.id then
bsw@1684 170 option.id = option.name
bsw@1684 171 end
bsw@1684 172 if option.other then
bsw@1684 173 other_option_id = option.id
bsw@1684 174 end
bsw@1684 175 end
bsw@1684 176 if other_option_id and other_option_id == value then
bsw@1684 177 value = param.get("verification_data_" .. field.name .. "_other")
bsw@1684 178 end
bsw@1684 179 end
bsw@1684 180
bsw@1376 181 local optional = false
bsw@1376 182 if field.optional then
bsw@1376 183 optional = true
bsw@1376 184 end
bsw@1376 185 if field.optional_checkbox and param.get("verification_data_" .. field.name .. "_optout", atom.boolean) then
bsw@1376 186 optional = true
bsw@1376 187 end
bsw@1376 188 if not optional and (not value or (#value < 1 and (not manual_verification or field.name ~= "mobile_phone"))) then
bsw@1359 189 slot.put_into("self_registration__invalid_" .. field.name, "to_short")
bsw@1359 190 slot.select("error", function()
bsw@1688 191 ui.container{ content = _("Please enter: #{field_name}", { field_name = field.label or field.title }) }
bsw@1359 192 end)
bsw@1359 193 errors = errors + 1
bsw@1359 194 end
bsw@1359 195 if field.name == "fiscal_code" then
bsw@1359 196 value = string.upper(value)
bsw@1359 197 value = string.gsub(value, "[^A-Z0-9]", "")
bsw@1359 198 elseif field.name == "mobile_phone" then
bsw@1359 199 value = string.gsub(value, "[^0-9]", "")
bsw@1359 200 elseif field.type == "image" then
bsw@1359 201 if field.save_func then
bsw@1359 202 value = field.save_func(value)
bsw@1359 203 end
bsw@1359 204 else
bsw@1359 205 value = string.gsub(value, "^%s+", "")
bsw@1359 206 value = string.gsub(value, "%s+$", "")
bsw@1359 207 value = string.gsub(value, "%s+", " ")
bsw@1359 208 end
bsw@1359 209 verification.request_data[field.name] = value
bsw/jbe@1309 210 end
bsw/jbe@1309 211 end
bsw/jbe@1309 212
bsw@1359 213 local mobile_phone = verification.request_data.mobile_phone
bsw@1359 214
bsw@1359 215 if not manual_verification then
bsw@1359 216 if config.self_registration.check_for_italien_mobile_phone then
bsw@1359 217 if not check_italian_mobile_phone_number(mobile_phone) then
bsw@1359 218 slot.select("error", function()
bsw@1359 219 ui.container{ content = _"Please check the mobile phone number (invalid format)" }
bsw@1359 220 end)
bsw@1359 221 errors = errors + 1
bsw@1359 222 end
bsw@1359 223 end
bsw@1359 224
bsw@1359 225 if config.self_registration.check_for_uk_mobile_phone then
bsw@1359 226 if not check_uk_mobile_phone_number(mobile_phone) then
bsw@1359 227 slot.select("error", function()
bsw@1359 228 ui.container{ content = _"Please check the mobile phone number (invalid format)" }
bsw@1359 229 end)
bsw@1359 230 errors = errors + 1
bsw@1359 231 end
bsw/jbe@1309 232 end
bsw/jbe@1309 233 end
bsw/jbe@1309 234 end
bsw/jbe@1309 235
bsw/jbe@1309 236 if config.self_registration.check_for_italian_fiscal_code then
bsw/jbe@1309 237 local check_fiscal_code = execute.chunk{ module = "registration", chunk = "_check_fiscal_code" }
bsw/jbe@1309 238
bsw/jbe@1309 239 local fiscal_code_valid, fiscal_code_error = check_fiscal_code(
bsw/jbe@1309 240 verification.request_data.fiscal_code,
bsw/jbe@1309 241 {
bsw/jbe@1309 242 first_name = verification.request_data.first_name,
bsw/jbe@1309 243 last_name = verification.request_data.name,
bsw/jbe@1309 244 year = tonumber(string.match(verification.request_data.date_of_birth, "^(....)-..-..$")),
bsw/jbe@1309 245 month = tonumber(string.match(verification.request_data.date_of_birth, "^....-(..)-..$")),
bsw/jbe@1309 246 day = tonumber(string.match(verification.request_data.date_of_birth, "^....-..-(..)$")),
bsw/jbe@1309 247 }
bsw/jbe@1309 248 )
bsw/jbe@1309 249
bsw/jbe@1309 250 if fiscal_code_valid then
bsw/jbe@1309 251 verification.comment = (verification.comment or "").. " /// Fiscal code matched"
bsw/jbe@1309 252 else
bsw/jbe@1309 253 slot.select("error", function()
bsw/jbe@1309 254 ui.container{ content = _"Please check the fiscal code (invalid format or does not match name, first name and/or date of birth)" }
bsw/jbe@1309 255 end)
bsw/jbe@1309 256 errors = errors + 1
bsw/jbe@1309 257 --table.insert(manual_check_reasons, "fiscal code does not match (" .. fiscal_code_error .. ")")
bsw/jbe@1309 258 end
bsw/jbe@1309 259 end
bsw/jbe@1309 260
bsw/jbe@1309 261 if errors > 0 then
bsw/jbe@1309 262 return false
bsw/jbe@1309 263 end
bsw/jbe@1309 264
bsw/jbe@1309 265 local member = Member:new()
bsw/jbe@1309 266 member.notify_email = email
bsw/jbe@1309 267 member:save()
bsw/jbe@1309 268
bsw/jbe@1309 269 for i, checkbox in ipairs(config.use_terms_checkboxes) do
bsw/jbe@1309 270 local accepted = param.get("use_terms_checkbox_" .. checkbox.name, atom.boolean)
bsw/jbe@1309 271 local member_useterms = MemberUseterms:new()
bsw/jbe@1309 272 member_useterms.member_id = member.id
bsw/jbe@1309 273 member_useterms.contract_identifier = checkbox.name
bsw/jbe@1309 274 member_useterms:save()
bsw/jbe@1309 275 end
bsw/jbe@1309 276
bsw/jbe@1309 277 verification.requesting_member_id = member.id
bsw/jbe@1309 278
bsw/jbe@1309 279 local manual_check_reasons = {}
bsw/jbe@1309 280
bsw/jbe@1309 281 if manual_verification then
bsw/jbe@1309 282 table.insert(manual_check_reasons, "User requested manual verification (during step 1)")
bsw/jbe@1309 283 end
bsw/jbe@1309 284
bsw@1731 285 if config.self_registration.sms_id then
bsw@1731 286 local existing_verifications = Verification:new_selector()
bsw@1731 287 :add_where{ "request_data->>'mobile_phone' = ?", mobile_phone }
bsw@1731 288 :add_where("comment ilike '%SMS code%'")
bsw@1731 289 :exec()
bsw@1731 290
bsw@1731 291 if #existing_verifications > 0 then
bsw@1731 292 table.insert(manual_check_reasons, "mobile phone number already used before")
bsw@1731 293 end
bsw@1316 294 end
bsw@1316 295
bsw@1731 296 if config.self_registration.force_manual_check then
bsw@1731 297 table.insert(manual_check_reasons, "Manual check enforced by configuration")
bsw/jbe@1309 298 end
bsw/jbe@1309 299
bsw/jbe@1309 300 if #manual_check_reasons > 0 then
bsw/jbe@1309 301 local reasons = table.concat(manual_check_reasons, ", ")
bsw/jbe@1309 302 verification.comment = (verification.comment or "").. " /// Manual verification needed: " .. reasons
bsw/jbe@1309 303 verification:save()
bsw/jbe@1309 304 request.redirect{ external = encode.url { module = "registration", view = "register_manual_check_needed" } }
bsw/jbe@1309 305
bsw@1731 306 elseif config.self_registration.sms_id then
bsw/jbe@1309 307 local pin = multirand.string(6, "0123456789")
bsw/jbe@1309 308 verification.request_data.sms_code = pin
bsw/jbe@1309 309 verification.request_data.sms_code_tries = 3
bsw/jbe@1309 310 local sms_text = config.self_registration.sms_text
bsw/jbe@1309 311 local sms_text = string.gsub(sms_text, "{PIN}", pin)
bsw/jbe@1309 312 local phone_number
bsw/jbe@1309 313 if config.self_registration.sms_strip_leading_zero then
bsw/jbe@1309 314 phone_number = string.match(verification.request_data.mobile_phone, "0(.+)")
bsw/jbe@1309 315 else
bsw/jbe@1309 316 phone_number = verification.request_data.mobile_phone
bsw/jbe@1309 317 end
bsw/jbe@1309 318 phone_number = config.self_registration.sms_prefix .. phone_number
bsw/jbe@1309 319 local params = {
bsw/jbe@1309 320 id = config.self_registration.sms_id,
bsw/jbe@1309 321 pass = config.self_registration.sms_pass,
bsw/jbe@1309 322 gateway = config.self_registration.sms_gateway,
bsw/jbe@1309 323 absender = config.self_registration.sms_from,
bsw/jbe@1309 324 text = sms_text,
bsw/jbe@1309 325 nummer = phone_number,
bsw/jbe@1309 326 test = config.self_registration.test and "1" or nil
bsw/jbe@1309 327 }
bsw/jbe@1309 328 local params_list = {}
bsw/jbe@1309 329 for k, v in pairs(params) do
bsw/jbe@1309 330 table.insert(params_list, encode.url_part(k) .. "=" .. encode.url_part(v))
bsw/jbe@1309 331 end
bsw/jbe@1309 332
bsw/jbe@1309 333 local params_string = table.concat(params_list, "&")
bsw/jbe@1309 334 local url = "http://gateway.any-sms.biz/send_sms.php?" .. params_string
bsw/jbe@1309 335 local output, err, status = extos.pfilter(nil, "curl", url)
bsw/jbe@1309 336 verification.request_data.sms_code_sent_status = output
bsw/jbe@1309 337 if not string.match(output, "^err:0") then
bsw/jbe@1309 338 verification.comment = (verification.comment or "").. " /// Manual verification needed: sending SMS failed (" .. output .. ")"
bsw/jbe@1309 339 verification:save()
bsw/jbe@1309 340 request.redirect{ external = encode.url { module = "registration", view = "register_manual_check_needed" } }
bsw/jbe@1309 341 return
bsw/jbe@1309 342 end
bsw/jbe@1309 343 verification.comment = (verification.comment or "") .. " /// SMS code " .. pin .. " sent"
bsw/jbe@1309 344 verification:save()
bsw/jbe@1309 345 request.redirect{ external = encode.url { module = "registration", view = "register_enter_pin", id = verification.id } }
bsw@1731 346
bsw@1731 347 else
bsw@1731 348 local success = execute.action{
bsw@1731 349 module = "registration", action = "_verify", params = {
bsw@1731 350 verification = verification
bsw@1731 351 }
bsw@1731 352 }
bsw@1731 353 if success == "ok" then
bsw@1738 354 if verification.request_data.unit then
bsw@1738 355 local unit_privilege = Privilege:new()
bsw@1738 356 unit_privilege.member_id = verification.requesting_member_id
bsw@1738 357 unit_privilege.unit_id = tonumber(verification.request_data.unit)
bsw@1738 358 unit_privilege.voting_right = true
bsw@1738 359 unit_privilege.initiative_right = true
bsw@1738 360 unit_privilege:save()
bsw@1738 361 end
bsw@1731 362 request.redirect{ external = encode.url { module = "registration", view = "register_completed" } }
bsw@1731 363 end
bsw@1731 364
bsw/jbe@1309 365 end
bsw/jbe@1309 366
bsw/jbe@1309 367
bsw/jbe@1309 368

Impressum / About Us