Mercurial > hg > soundsoftware-site
comparison app/controllers/.svn/text-base/application_controller.rb.svn-base @ 507:0c939c159af4 redmine-1.2
Update to Redmine 1.2.1 on 1.2-stable branch (Redmine SVN rev 6270)
| author | Chris Cannam |
|---|---|
| date | Thu, 14 Jul 2011 10:32:19 +0100 |
| parents | cbce1fd3b1b7 |
| children |
comparison
equal
deleted
inserted
replaced
| 441:cbce1fd3b1b7 | 507:0c939c159af4 |
|---|---|
| 16 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. | 16 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. |
| 17 | 17 |
| 18 require 'uri' | 18 require 'uri' |
| 19 require 'cgi' | 19 require 'cgi' |
| 20 | 20 |
| 21 class Unauthorized < Exception; end | |
| 22 | |
| 21 class ApplicationController < ActionController::Base | 23 class ApplicationController < ActionController::Base |
| 22 include Redmine::I18n | 24 include Redmine::I18n |
| 23 | 25 |
| 24 layout 'base' | 26 layout 'base' |
| 25 exempt_from_layout 'builder', 'rsb' | 27 exempt_from_layout 'builder', 'rsb' |
| 39 before_filter :user_setup, :check_if_login_required, :set_localization | 41 before_filter :user_setup, :check_if_login_required, :set_localization |
| 40 filter_parameter_logging :password | 42 filter_parameter_logging :password |
| 41 protect_from_forgery | 43 protect_from_forgery |
| 42 | 44 |
| 43 rescue_from ActionController::InvalidAuthenticityToken, :with => :invalid_authenticity_token | 45 rescue_from ActionController::InvalidAuthenticityToken, :with => :invalid_authenticity_token |
| 46 rescue_from ::Unauthorized, :with => :deny_access | |
| 44 | 47 |
| 45 include Redmine::Search::Controller | 48 include Redmine::Search::Controller |
| 46 include Redmine::MenuManager::MenuController | 49 include Redmine::MenuManager::MenuController |
| 47 helper Redmine::MenuManager::MenuHelper | 50 helper Redmine::MenuManager::MenuHelper |
| 48 | 51 |
| 66 elsif cookies[:autologin] && Setting.autologin? | 69 elsif cookies[:autologin] && Setting.autologin? |
| 67 # auto-login feature starts a new session | 70 # auto-login feature starts a new session |
| 68 user = User.try_to_autologin(cookies[:autologin]) | 71 user = User.try_to_autologin(cookies[:autologin]) |
| 69 session[:user_id] = user.id if user | 72 session[:user_id] = user.id if user |
| 70 user | 73 user |
| 71 elsif params[:format] == 'atom' && params[:key] && accept_key_auth_actions.include?(params[:action]) | 74 elsif params[:format] == 'atom' && params[:key] && request.get? && accept_rss_auth? |
| 72 # RSS key authentication does not start a session | 75 # RSS key authentication does not start a session |
| 73 User.find_by_rss_key(params[:key]) | 76 User.find_by_rss_key(params[:key]) |
| 74 elsif Setting.rest_api_enabled? && api_request? | 77 elsif Setting.rest_api_enabled? && accept_api_auth? |
| 75 if (key = api_key_from_request) && accept_key_auth_actions.include?(params[:action]) | 78 if (key = api_key_from_request) |
| 76 # Use API key | 79 # Use API key |
| 77 User.find_by_api_key(key) | 80 User.find_by_api_key(key) |
| 78 else | 81 else |
| 79 # HTTP Basic, either username/password or API key/random | 82 # HTTP Basic, either username/password or API key/random |
| 80 authenticate_with_http_basic do |username, password| | 83 authenticate_with_http_basic do |username, password| |
| 327 @items.sort! {|x,y| y.event_datetime <=> x.event_datetime } | 330 @items.sort! {|x,y| y.event_datetime <=> x.event_datetime } |
| 328 @items = @items.slice(0, Setting.feeds_limit.to_i) | 331 @items = @items.slice(0, Setting.feeds_limit.to_i) |
| 329 @title = options[:title] || Setting.app_title | 332 @title = options[:title] || Setting.app_title |
| 330 render :template => "common/feed.atom.rxml", :layout => false, :content_type => 'application/atom+xml' | 333 render :template => "common/feed.atom.rxml", :layout => false, :content_type => 'application/atom+xml' |
| 331 end | 334 end |
| 332 | 335 |
| 336 # TODO: remove in Redmine 1.4 | |
| 333 def self.accept_key_auth(*actions) | 337 def self.accept_key_auth(*actions) |
| 334 actions = actions.flatten.map(&:to_s) | 338 ActiveSupport::Deprecation.warn "ApplicationController.accept_key_auth is deprecated and will be removed in Redmine 1.4. Use accept_rss_auth (or accept_api_auth) instead." |
| 335 write_inheritable_attribute('accept_key_auth_actions', actions) | 339 accept_rss_auth(*actions) |
| 336 end | 340 end |
| 337 | 341 |
| 342 # TODO: remove in Redmine 1.4 | |
| 338 def accept_key_auth_actions | 343 def accept_key_auth_actions |
| 339 self.class.read_inheritable_attribute('accept_key_auth_actions') || [] | 344 ActiveSupport::Deprecation.warn "ApplicationController.accept_key_auth_actions is deprecated and will be removed in Redmine 1.4. Use accept_rss_auth (or accept_api_auth) instead." |
| 345 self.class.accept_rss_auth | |
| 346 end | |
| 347 | |
| 348 def self.accept_rss_auth(*actions) | |
| 349 if actions.any? | |
| 350 write_inheritable_attribute('accept_rss_auth_actions', actions) | |
| 351 else | |
| 352 read_inheritable_attribute('accept_rss_auth_actions') || [] | |
| 353 end | |
| 354 end | |
| 355 | |
| 356 def accept_rss_auth?(action=action_name) | |
| 357 self.class.accept_rss_auth.include?(action.to_sym) | |
| 358 end | |
| 359 | |
| 360 def self.accept_api_auth(*actions) | |
| 361 if actions.any? | |
| 362 write_inheritable_attribute('accept_api_auth_actions', actions) | |
| 363 else | |
| 364 read_inheritable_attribute('accept_api_auth_actions') || [] | |
| 365 end | |
| 366 end | |
| 367 | |
| 368 def accept_api_auth?(action=action_name) | |
| 369 self.class.accept_api_auth.include?(action.to_sym) | |
| 340 end | 370 end |
| 341 | 371 |
| 342 # Returns the number of objects that should be displayed | 372 # Returns the number of objects that should be displayed |
| 343 # on the paginated list | 373 # on the paginated list |
| 344 def per_page_option | 374 def per_page_option |