Mercurial > hg > soundsoftware-site
comparison app/controllers/application_controller.rb @ 1295:622f24f53b42 redmine-2.3
Update to Redmine SVN revision 11972 on 2.3-stable branch
| author | Chris Cannam |
|---|---|
| date | Fri, 14 Jun 2013 09:02:21 +0100 |
| parents | 433d4f72a19b |
| children | 4f746d8966dd |
comparison
equal
deleted
inserted
replaced
| 1294:3e4c3460b6ca | 1295:622f24f53b42 |
|---|---|
| 1 # Redmine - project management software | 1 # Redmine - project management software |
| 2 # Copyright (C) 2006-2012 Jean-Philippe Lang | 2 # Copyright (C) 2006-2013 Jean-Philippe Lang |
| 3 # | 3 # |
| 4 # This program is free software; you can redistribute it and/or | 4 # This program is free software; you can redistribute it and/or |
| 5 # modify it under the terms of the GNU General Public License | 5 # modify it under the terms of the GNU General Public License |
| 6 # as published by the Free Software Foundation; either version 2 | 6 # as published by the Free Software Foundation; either version 2 |
| 7 # of the License, or (at your option) any later version. | 7 # of the License, or (at your option) any later version. |
| 20 | 20 |
| 21 class Unauthorized < Exception; end | 21 class Unauthorized < Exception; end |
| 22 | 22 |
| 23 class ApplicationController < ActionController::Base | 23 class ApplicationController < ActionController::Base |
| 24 include Redmine::I18n | 24 include Redmine::I18n |
| 25 include Redmine::Pagination | |
| 26 include RoutesHelper | |
| 27 helper :routes | |
| 25 | 28 |
| 26 class_attribute :accept_api_auth_actions | 29 class_attribute :accept_api_auth_actions |
| 27 class_attribute :accept_rss_auth_actions | 30 class_attribute :accept_rss_auth_actions |
| 28 class_attribute :model_object | 31 class_attribute :model_object |
| 29 | 32 |
| 30 layout 'base' | 33 layout 'base' |
| 31 | 34 |
| 32 protect_from_forgery | 35 protect_from_forgery |
| 33 def handle_unverified_request | 36 def handle_unverified_request |
| 34 super | 37 super |
| 35 cookies.delete(:autologin) | 38 cookies.delete(autologin_cookie_name) |
| 36 end | 39 end |
| 37 | 40 |
| 38 before_filter :session_expiration, :user_setup, :check_if_login_required, :set_localization | 41 before_filter :session_expiration, :user_setup, :check_if_login_required, :set_localization |
| 39 | 42 |
| 40 rescue_from ActionController::InvalidAuthenticityToken, :with => :invalid_authenticity_token | 43 rescue_from ActionController::InvalidAuthenticityToken, :with => :invalid_authenticity_token |
| 122 end | 125 end |
| 123 end | 126 end |
| 124 user | 127 user |
| 125 end | 128 end |
| 126 | 129 |
| 130 def autologin_cookie_name | |
| 131 Redmine::Configuration['autologin_cookie_name'].presence || 'autologin' | |
| 132 end | |
| 133 | |
| 127 def try_to_autologin | 134 def try_to_autologin |
| 128 if cookies[:autologin] && Setting.autologin? | 135 if cookies[autologin_cookie_name] && Setting.autologin? |
| 129 # auto-login feature starts a new session | 136 # auto-login feature starts a new session |
| 130 user = User.try_to_autologin(cookies[:autologin]) | 137 user = User.try_to_autologin(cookies[autologin_cookie_name]) |
| 131 if user | 138 if user |
| 132 reset_session | 139 reset_session |
| 133 start_user_session(user) | 140 start_user_session(user) |
| 134 end | 141 end |
| 135 user | 142 user |
| 148 end | 155 end |
| 149 | 156 |
| 150 # Logs out current user | 157 # Logs out current user |
| 151 def logout_user | 158 def logout_user |
| 152 if User.current.logged? | 159 if User.current.logged? |
| 153 cookies.delete :autologin | 160 cookies.delete(autologin_cookie_name) |
| 154 Token.delete_all(["user_id = ? AND action = ?", User.current.id, 'autologin']) | 161 Token.delete_all(["user_id = ? AND action = ?", User.current.id, 'autologin']) |
| 155 self.logged_user = nil | 162 self.logged_user = nil |
| 156 end | 163 end |
| 157 end | 164 end |
| 158 | 165 |
| 296 raise Unauthorized unless @issues.all?(&:visible?) | 303 raise Unauthorized unless @issues.all?(&:visible?) |
| 297 @projects = @issues.collect(&:project).compact.uniq | 304 @projects = @issues.collect(&:project).compact.uniq |
| 298 @project = @projects.first if @projects.size == 1 | 305 @project = @projects.first if @projects.size == 1 |
| 299 rescue ActiveRecord::RecordNotFound | 306 rescue ActiveRecord::RecordNotFound |
| 300 render_404 | 307 render_404 |
| 308 end | |
| 309 | |
| 310 def find_attachments | |
| 311 if (attachments = params[:attachments]).present? | |
| 312 att = attachments.values.collect do |attachment| | |
| 313 Attachment.find_by_token( attachment[:token] ) if attachment[:token].present? | |
| 314 end | |
| 315 att.compact! | |
| 316 end | |
| 317 @attachments = att || [] | |
| 301 end | 318 end |
| 302 | 319 |
| 303 # make sure that the user is a member of the project (or admin) if project is private | 320 # make sure that the user is a member of the project (or admin) if project is private |
| 304 # used as a before_filter for actions that do not require any particular permission on the project | 321 # used as a before_filter for actions that do not require any particular permission on the project |
| 305 def check_project_privacy | 322 def check_project_privacy |