Mercurial > hg > soundsoftware-site
comparison app/controllers/.svn/text-base/application_controller.rb.svn-base @ 507:0c939c159af4 redmine-1.2
Update to Redmine 1.2.1 on 1.2-stable branch (Redmine SVN rev 6270)
author | Chris Cannam |
---|---|
date | Thu, 14 Jul 2011 10:32:19 +0100 |
parents | cbce1fd3b1b7 |
children |
comparison
equal
deleted
inserted
replaced
441:cbce1fd3b1b7 | 507:0c939c159af4 |
---|---|
16 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. | 16 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. |
17 | 17 |
18 require 'uri' | 18 require 'uri' |
19 require 'cgi' | 19 require 'cgi' |
20 | 20 |
21 class Unauthorized < Exception; end | |
22 | |
21 class ApplicationController < ActionController::Base | 23 class ApplicationController < ActionController::Base |
22 include Redmine::I18n | 24 include Redmine::I18n |
23 | 25 |
24 layout 'base' | 26 layout 'base' |
25 exempt_from_layout 'builder', 'rsb' | 27 exempt_from_layout 'builder', 'rsb' |
39 before_filter :user_setup, :check_if_login_required, :set_localization | 41 before_filter :user_setup, :check_if_login_required, :set_localization |
40 filter_parameter_logging :password | 42 filter_parameter_logging :password |
41 protect_from_forgery | 43 protect_from_forgery |
42 | 44 |
43 rescue_from ActionController::InvalidAuthenticityToken, :with => :invalid_authenticity_token | 45 rescue_from ActionController::InvalidAuthenticityToken, :with => :invalid_authenticity_token |
46 rescue_from ::Unauthorized, :with => :deny_access | |
44 | 47 |
45 include Redmine::Search::Controller | 48 include Redmine::Search::Controller |
46 include Redmine::MenuManager::MenuController | 49 include Redmine::MenuManager::MenuController |
47 helper Redmine::MenuManager::MenuHelper | 50 helper Redmine::MenuManager::MenuHelper |
48 | 51 |
66 elsif cookies[:autologin] && Setting.autologin? | 69 elsif cookies[:autologin] && Setting.autologin? |
67 # auto-login feature starts a new session | 70 # auto-login feature starts a new session |
68 user = User.try_to_autologin(cookies[:autologin]) | 71 user = User.try_to_autologin(cookies[:autologin]) |
69 session[:user_id] = user.id if user | 72 session[:user_id] = user.id if user |
70 user | 73 user |
71 elsif params[:format] == 'atom' && params[:key] && accept_key_auth_actions.include?(params[:action]) | 74 elsif params[:format] == 'atom' && params[:key] && request.get? && accept_rss_auth? |
72 # RSS key authentication does not start a session | 75 # RSS key authentication does not start a session |
73 User.find_by_rss_key(params[:key]) | 76 User.find_by_rss_key(params[:key]) |
74 elsif Setting.rest_api_enabled? && api_request? | 77 elsif Setting.rest_api_enabled? && accept_api_auth? |
75 if (key = api_key_from_request) && accept_key_auth_actions.include?(params[:action]) | 78 if (key = api_key_from_request) |
76 # Use API key | 79 # Use API key |
77 User.find_by_api_key(key) | 80 User.find_by_api_key(key) |
78 else | 81 else |
79 # HTTP Basic, either username/password or API key/random | 82 # HTTP Basic, either username/password or API key/random |
80 authenticate_with_http_basic do |username, password| | 83 authenticate_with_http_basic do |username, password| |
327 @items.sort! {|x,y| y.event_datetime <=> x.event_datetime } | 330 @items.sort! {|x,y| y.event_datetime <=> x.event_datetime } |
328 @items = @items.slice(0, Setting.feeds_limit.to_i) | 331 @items = @items.slice(0, Setting.feeds_limit.to_i) |
329 @title = options[:title] || Setting.app_title | 332 @title = options[:title] || Setting.app_title |
330 render :template => "common/feed.atom.rxml", :layout => false, :content_type => 'application/atom+xml' | 333 render :template => "common/feed.atom.rxml", :layout => false, :content_type => 'application/atom+xml' |
331 end | 334 end |
332 | 335 |
336 # TODO: remove in Redmine 1.4 | |
333 def self.accept_key_auth(*actions) | 337 def self.accept_key_auth(*actions) |
334 actions = actions.flatten.map(&:to_s) | 338 ActiveSupport::Deprecation.warn "ApplicationController.accept_key_auth is deprecated and will be removed in Redmine 1.4. Use accept_rss_auth (or accept_api_auth) instead." |
335 write_inheritable_attribute('accept_key_auth_actions', actions) | 339 accept_rss_auth(*actions) |
336 end | 340 end |
337 | 341 |
342 # TODO: remove in Redmine 1.4 | |
338 def accept_key_auth_actions | 343 def accept_key_auth_actions |
339 self.class.read_inheritable_attribute('accept_key_auth_actions') || [] | 344 ActiveSupport::Deprecation.warn "ApplicationController.accept_key_auth_actions is deprecated and will be removed in Redmine 1.4. Use accept_rss_auth (or accept_api_auth) instead." |
345 self.class.accept_rss_auth | |
346 end | |
347 | |
348 def self.accept_rss_auth(*actions) | |
349 if actions.any? | |
350 write_inheritable_attribute('accept_rss_auth_actions', actions) | |
351 else | |
352 read_inheritable_attribute('accept_rss_auth_actions') || [] | |
353 end | |
354 end | |
355 | |
356 def accept_rss_auth?(action=action_name) | |
357 self.class.accept_rss_auth.include?(action.to_sym) | |
358 end | |
359 | |
360 def self.accept_api_auth(*actions) | |
361 if actions.any? | |
362 write_inheritable_attribute('accept_api_auth_actions', actions) | |
363 else | |
364 read_inheritable_attribute('accept_api_auth_actions') || [] | |
365 end | |
366 end | |
367 | |
368 def accept_api_auth?(action=action_name) | |
369 self.class.accept_api_auth.include?(action.to_sym) | |
340 end | 370 end |
341 | 371 |
342 # Returns the number of objects that should be displayed | 372 # Returns the number of objects that should be displayed |
343 # on the paginated list | 373 # on the paginated list |
344 def per_page_option | 374 def per_page_option |