jro_apps/redmine Commit - r13300:62cf53384d78

1

# Redmine - project management software

1

# Redmine - project management software

2

3

#

3

#

4

# This program is free software; you can redistribute it and/or

4

# This program is free software; you can redistribute it and/or

5

# modify it under the terms of the GNU General Public License

5

# modify it under the terms of the GNU General Public License

6

# as published by the Free Software Foundation; either version 2

6

# as published by the Free Software Foundation; either version 2

7

# of the License, or (at your option) any later version.

7

# of the License, or (at your option) any later version.

8

#

8

#

9

# This program is distributed in the hope that it will be useful,

9

# This program is distributed in the hope that it will be useful,

10

# but WITHOUT ANY WARRANTY; without even the implied warranty of

10

# but WITHOUT ANY WARRANTY; without even the implied warranty of

11

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the

11

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the

12

# GNU General Public License for more details.

12

# GNU General Public License for more details.

13

#

13

#

14

# You should have received a copy of the GNU General Public License

14

# You should have received a copy of the GNU General Public License

15

# along with this program; if not, write to the Free Software

15

# along with this program; if not, write to the Free Software

16

# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.

16

# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.

17

18

class Token < ActiveRecord::Base

18

class Token < ActiveRecord::Base

19

belongs_to :user

19

belongs_to :user

20

validates_uniqueness_of :value

20

validates_uniqueness_of :value

21

attr_protected :id

21

attr_protected :id

22

23

before_create :delete_previous_tokens, :generate_new_token

23

before_create :delete_previous_tokens, :generate_new_token

24

25

@@validity_time = 1.day

25

cattr_accessor :validity_time

26

self.validity_time = 1.day

26

27

def generate_new_token

28

def generate_new_token

28

self.value = Token.generate_token_value

29

self.value = Token.generate_token_value

29

end

30

end

30

31

# Return true if token has expired

32

# Return true if token has expired

32

def expired?

33

def expired?

33

return Time.now > self.created_on + @@validity_time

34

return Time.now > self.created_on + self.class.validity_time

34

end

35

end

35

36

# Delete all expired tokens

37

# Delete all expired tokens

37

def self.destroy_expired

38

def self.destroy_expired

38

Token.~~delete_all~~ ["action NOT IN (?) AND created_on < ?", ['feeds', 'api'], Time.now - @@validity_time]

39

Token.where("action NOT IN (?) AND created_on < ?", ['feeds', 'api'], Time.now - validity_time).delete_all

39

end

40

end

40

41

# Returns the active user who owns the key for the given action

42

# Returns the active user who owns the key for the given action

42

def self.find_active_user(action, key, validity_days=nil)

43

def self.find_active_user(action, key, validity_days=nil)

43

user = find_user(action, key, validity_days)

44

user = find_user(action, key, validity_days)

44

if user && user.active?

45

if user && user.active?

45

user

46

user

46

end

47

end

47

end

48

end

48

49

# Returns the user who owns the key for the given action

50

# Returns the user who owns the key for the given action

50

def self.find_user(action, key, validity_days=nil)

51

def self.find_user(action, key, validity_days=nil)

51

token = find_token(action, key, validity_days)

52

token = find_token(action, key, validity_days)

52

if token

53

if token

53

token.user

54

token.user

54

end

55

end

55

end

56

end

56

57

# Returns the token for action and key with an optional

58

# Returns the token for action and key with an optional

58

# validity duration (in number of days)

59

# validity duration (in number of days)

59

def self.find_token(action, key, validity_days=nil)

60

def self.find_token(action, key, validity_days=nil)

60

action = action.to_s

61

action = action.to_s

61

key = key.to_s

62

key = key.to_s

62

return nil unless action.present? && key =~ /\A[a-z0-9]+\z/i

63

return nil unless action.present? && key =~ /\A[a-z0-9]+\z/i

63

64

token = Token.where(:action => action, :value => key).first

65

token = Token.where(:action => action, :value => key).first

65

if token && (token.action == action) && (token.value == key) && token.user

66

if token && (token.action == action) && (token.value == key) && token.user

66

if validity_days.nil? || (token.created_on > validity_days.days.ago)

67

if validity_days.nil? || (token.created_on > validity_days.days.ago)

67

token

68

token

68

end

69

end

69

end

70

end

70

end

71

end

71

72

def self.generate_token_value

73

def self.generate_token_value

73

Redmine::Utils.random_hex(20)

74

Redmine::Utils.random_hex(20)

74

end

75

end

75

76

private

77

private

77

78

# Removes obsolete tokens (same user and action)

79

# Removes obsolete tokens (same user and action)

79

def delete_previous_tokens

80

def delete_previous_tokens

80

if user

81

if user

81

Token.delete_all(['user_id = ? AND action = ?', user.id, action])

82

Token.where(:user_id => user.id, :action => action).delete_all

82

end

83

end

83

end

84

end

84

end

85

end

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages

             # Redmine - project management software
             # Copyright (C) 2006-2014  Jean-Philippe Lang
             #
             # This program is free software; you can redistribute it and/or
             # modify it under the terms of the GNU General Public License
             # as published by the Free Software Foundation; either version 2
             # of the License, or (at your option) any later version.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU General Public License
             # along with this program; if not, write to the Free Software
             # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
             class Token < ActiveRecord::Base
               belongs_to :user
               validates_uniqueness_of :value
               attr_protected :id
               before_create :delete_previous_tokens, :generate_new_token
-              @@validity_time = 1.day
+              cattr_accessor :validity_time
+              self.validity_time = 1.day
               def generate_new_token
                 self.value = Token.generate_token_value
               end
               # Return true if token has expired
               def expired?
-                return Time.now > self.created_on + @@validity_time
+                return Time.now > self.created_on + self.class.validity_time
               end
               # Delete all expired tokens
               def self.destroy_expired
-                Token.delete_all ["action NOT IN (?) AND created_on < ?", ['feeds', 'api'], Time.now - @@validity_time]
+                Token.where("action NOT IN (?) AND created_on < ?", ['feeds', 'api'], Time.now - validity_time).delete_all
               end
               # Returns the active user who owns the key for the given action
               def self.find_active_user(action, key, validity_days=nil)
                 user = find_user(action, key, validity_days)
                 if user && user.active?
                   user
                 end
               end
               # Returns the user who owns the key for the given action
               def self.find_user(action, key, validity_days=nil)
                 token = find_token(action, key, validity_days)
                 if token
                   token.user
                 end
               end
               # Returns the token for action and key with an optional
               # validity duration (in number of days)
               def self.find_token(action, key, validity_days=nil)
                 action = action.to_s
                 key = key.to_s
                 return nil unless action.present? && key =~ /\A[a-z0-9]+\z/i
                 token = Token.where(:action => action, :value => key).first
                 if token && (token.action == action) && (token.value == key) && token.user
                   if validity_days.nil? || (token.created_on > validity_days.days.ago)
                     token
                   end
                 end
               end
               def self.generate_token_value
                 Redmine::Utils.random_hex(20)
               end
               private
               # Removes obsolete tokens (same user and action)
               def delete_previous_tokens
                 if user
-                  Token.delete_all(['user_id = ? AND action = ?', user.id, action])
+                  Token.where(:user_id => user.id, :action => action).delete_all
                 end
               end
             end