From 9607b5bbfd53212b2ecc711311aa8529a8f06b8c Mon Sep 17 00:00:00 2001
From: "Matthew K. Fu JuYuan" <matthewfu@gmail.com>
Date: Tue, 3 Jul 2012 18:12:44 +0800
Subject: [PATCH] =?UTF-8?q?rulingcom=E5=B8=B3=E8=99=9F=E4=B8=8D=E9=80=8F?=
 =?UTF-8?q?=E9=81=8ELDAP=E8=AA=8D=E8=AD=89?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 app/controllers/sessions_controller.rb | 77 +++++++++++++++-----------
 1 file changed, 44 insertions(+), 33 deletions(-)

diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb
index 77680e5b..be961ac2 100644
--- a/app/controllers/sessions_controller.rb
+++ b/app/controllers/sessions_controller.rb
@@ -12,42 +12,53 @@ class SessionsController < Devise::SessionsController
     login_uid = params[:user][:nccu_ldap_uid]
     result = false
     ldap_filter = "(uid=#{login_uid})"
-    if $nccu_ldap_connection.bind
-        logger.info "=LDAP Binded password ok..."
-        result =check_auth_with_ldap(login_uid,login_password) 
-        if result && login_password!=''
-          logger.info "==LDAP  password passed..."
-          nccu_id = get_nccu_id_from_mid_site(login_uid)
-          resource =  nccu_id.nil? ? nil : (User.first(conditions:{ nccu_ldap_uid: nccu_id }))
-           # resource = env['warden'].authenticate!(:check_nccu_ldap)
-           # resource = warden.authenticate!(:scope => resource_name, :recall => "#{controller_path}#new")
-           set_flash_message(:notice, :signed_in) if is_navigational_format?
-           if (resource.nil? || nccu_id.nil?)
-             logger.error "===LDAP passed local block... resource:#{resource.inspect}\n nccu_id:#{nccu_id} \t login_uid:#{login_uid}"
-             flash[:notice] = t('devise.failure.ldap_pass_but_account_not_in_orbit')
-             render :action => "new"
-           else
-             logger.info "===ALL passed"
-             resource_name = resource._type.downcase
-             sign_in(resource_name, resource)
-             respond_with resource, :location => redirect_location(resource_name, resource)
-           end
-           elsif resource = User.first(conditions:{email: login_uid})
+    if User.first({conditions:{ email: login_uid}}).nil?
 
-             resource_name = resource._type.downcase
-             sign_in(resource_name, resource)
-             respond_with resource, :location => redirect_location(resource_name, resource)
+      if ($nccu_ldap_connection.bind rescue false)
+          logger.info "=LDAP Binded password ok..."
+          result =check_auth_with_ldap(login_uid,login_password) 
+          if result && login_password!=''
+            logger.info "==LDAP  password passed..."
+            nccu_id = get_nccu_id_from_mid_site(login_uid)
+            resource =  nccu_id.nil? ? nil : (User.first(conditions:{ nccu_ldap_uid: nccu_id }))
+            # resource = env['warden'].authenticate!(:check_nccu_ldap)
+             # resource = warden.authenticate!(:scope => resource_name, :recall => "#{controller_path}#new")
+            set_flash_message(:notice, :signed_in) if is_navigational_format?
+            if (resource.nil? || nccu_id.nil?)
+               logger.error "===LDAP passed local block... resource:#{resource.inspect}\n nccu_id:#{nccu_id} \t login_uid:#{login_uid}"
+              flash[:notice] = t('devise.failure.ldap_pass_but_account_not_in_orbit')
+              render :action => "new"
+            else
+               logger.info "===ALL passed"
+              resource_name = resource._type.downcase
+              sign_in(resource_name, resource)
+              respond_with resource, :location => redirect_location(resource_name, resource)
+            end
+          else
+            logger.error "==password LDAP fail..."
+            flash[:notice] = t('devise.failure.ldap_invalid')
+            render :action => "new" 
+          end
         else
-          logger.error "==password LDAP fail..."
-          flash[:notice] = t('devise.failure.ldap_invalid')
-          render :action => "new" 
+          logger.error "=LDAP fail..."
+          flash[:notice] = t('devise.failure.ldap_connection_failed')
+          render :action => "new"
         end
-      else
-        logger.error "=LDAP fail..."
-        flash[:notice] = t('devise.failure.ldap_connection_failed')
-        render :action => "new"
-      end
-        logger.info "=======End Debugging======"
+        else #if rulingcom account
+          logger.info "=======Rulingcom account======"
+          resource = User.first(conditions:{email: login_uid})
+          if resource.valid_password?(params[:user][:password])
+              resource_name = resource._type.downcase
+              sign_in(resource_name, resource)
+              respond_with resource, :location => redirect_location(resource_name, resource)
+            else
+              logger.error "==password Local fail..."
+              flash[:notice] = t('devise.failure.invalid')
+              render :action => "new" 
+          end
+        end
+      logger.info "=======End Debugging======"
+
     end
 private  
   def check_auth_with_ldap(login_uid,login_password)