##// END OF EJS Templates
jro_apps » redmine
RSS
Use config.relative_url_root as the default path for session and autologin cookies (#21169)....
Jean-Philippe Lang -
r14494:703d8a478201
parent child
Show More
Side by Side Unified
Context file:
r14494:703d8a478201 Loading diff...:
Show file before | Show file after | Hide comments
@@ -1,359 +1,359
1 # Redmine - project management software
1 # Redmine - project management software
2 # Copyright (C) 2006-2015 Jean-Philippe Lang
2 # Copyright (C) 2006-2015 Jean-Philippe Lang
3 #
3 #
4 # This program is free software; you can redistribute it and/or
4 # This program is free software; you can redistribute it and/or
5 # modify it under the terms of the GNU General Public License
5 # modify it under the terms of the GNU General Public License
6 # as published by the Free Software Foundation; either version 2
6 # as published by the Free Software Foundation; either version 2
7 # of the License, or (at your option) any later version.
7 # of the License, or (at your option) any later version.
8 #
8 #
9 # This program is distributed in the hope that it will be useful,
9 # This program is distributed in the hope that it will be useful,
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 # GNU General Public License for more details.
12 # GNU General Public License for more details.
13 #
13 #
14 # You should have received a copy of the GNU General Public License
14 # You should have received a copy of the GNU General Public License
15 # along with this program; if not, write to the Free Software
15 # along with this program; if not, write to the Free Software
16 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
16 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
17
17
18 class AccountController < ApplicationController
18 class AccountController < ApplicationController
19 helper :custom_fields
19 helper :custom_fields
20 include CustomFieldsHelper
20 include CustomFieldsHelper
21
21
22 # prevents login action to be filtered by check_if_login_required application scope filter
22 # prevents login action to be filtered by check_if_login_required application scope filter
23 skip_before_filter :check_if_login_required, :check_password_change
23 skip_before_filter :check_if_login_required, :check_password_change
24
24
25 # Overrides ApplicationController#verify_authenticity_token to disable
25 # Overrides ApplicationController#verify_authenticity_token to disable
26 # token verification on openid callbacks
26 # token verification on openid callbacks
27 def verify_authenticity_token
27 def verify_authenticity_token
28 unless using_open_id?
28 unless using_open_id?
29 super
29 super
30 end
30 end
31 end
31 end
32
32
33 # Login request and validation
33 # Login request and validation
34 def login
34 def login
35 if request.get?
35 if request.get?
36 if User.current.logged?
36 if User.current.logged?
37 redirect_back_or_default home_url, :referer => true
37 redirect_back_or_default home_url, :referer => true
38 end
38 end
39 else
39 else
40 authenticate_user
40 authenticate_user
41 end
41 end
42 rescue AuthSourceException => e
42 rescue AuthSourceException => e
43 logger.error "An error occured when authenticating #{params[:username]}: #{e.message}"
43 logger.error "An error occured when authenticating #{params[:username]}: #{e.message}"
44 render_error :message => e.message
44 render_error :message => e.message
45 end
45 end
46
46
47 # Log out current user and redirect to welcome page
47 # Log out current user and redirect to welcome page
48 def logout
48 def logout
49 if User.current.anonymous?
49 if User.current.anonymous?
50 redirect_to home_url
50 redirect_to home_url
51 elsif request.post?
51 elsif request.post?
52 logout_user
52 logout_user
53 redirect_to home_url
53 redirect_to home_url
54 end
54 end
55 # display the logout form
55 # display the logout form
56 end
56 end
57
57
58 # Lets user choose a new password
58 # Lets user choose a new password
59 def lost_password
59 def lost_password
60 (redirect_to(home_url); return) unless Setting.lost_password?
60 (redirect_to(home_url); return) unless Setting.lost_password?
61 if params[:token]
61 if params[:token]
62 @token = Token.find_token("recovery", params[:token].to_s)
62 @token = Token.find_token("recovery", params[:token].to_s)
63 if @token.nil? || @token.expired?
63 if @token.nil? || @token.expired?
64 redirect_to home_url
64 redirect_to home_url
65 return
65 return
66 end
66 end
67 @user = @token.user
67 @user = @token.user
68 unless @user && @user.active?
68 unless @user && @user.active?
69 redirect_to home_url
69 redirect_to home_url
70 return
70 return
71 end
71 end
72 if request.post?
72 if request.post?
73 @user.password, @user.password_confirmation = params[:new_password], params[:new_password_confirmation]
73 @user.password, @user.password_confirmation = params[:new_password], params[:new_password_confirmation]
74 if @user.save
74 if @user.save
75 @token.destroy
75 @token.destroy
76 flash[:notice] = l(:notice_account_password_updated)
76 flash[:notice] = l(:notice_account_password_updated)
77 redirect_to signin_path
77 redirect_to signin_path
78 return
78 return
79 end
79 end
80 end
80 end
81 render :template => "account/password_recovery"
81 render :template => "account/password_recovery"
82 return
82 return
83 else
83 else
84 if request.post?
84 if request.post?
85 email = params[:mail].to_s
85 email = params[:mail].to_s
86 user = User.find_by_mail(email)
86 user = User.find_by_mail(email)
87 # user not found
87 # user not found
88 unless user
88 unless user
89 flash.now[:error] = l(:notice_account_unknown_email)
89 flash.now[:error] = l(:notice_account_unknown_email)
90 return
90 return
91 end
91 end
92 unless user.active?
92 unless user.active?
93 handle_inactive_user(user, lost_password_path)
93 handle_inactive_user(user, lost_password_path)
94 return
94 return
95 end
95 end
96 # user cannot change its password
96 # user cannot change its password
97 unless user.change_password_allowed?
97 unless user.change_password_allowed?
98 flash.now[:error] = l(:notice_can_t_change_password)
98 flash.now[:error] = l(:notice_can_t_change_password)
99 return
99 return
100 end
100 end
101 # create a new token for password recovery
101 # create a new token for password recovery
102 token = Token.new(:user => user, :action => "recovery")
102 token = Token.new(:user => user, :action => "recovery")
103 if token.save
103 if token.save
104 # Don't use the param to send the email
104 # Don't use the param to send the email
105 recipent = user.mails.detect {|e| email.casecmp(e) == 0} || user.mail
105 recipent = user.mails.detect {|e| email.casecmp(e) == 0} || user.mail
106 Mailer.lost_password(token, recipent).deliver
106 Mailer.lost_password(token, recipent).deliver
107 flash[:notice] = l(:notice_account_lost_email_sent)
107 flash[:notice] = l(:notice_account_lost_email_sent)
108 redirect_to signin_path
108 redirect_to signin_path
109 return
109 return
110 end
110 end
111 end
111 end
112 end
112 end
113 end
113 end
114
114
115 # User self-registration
115 # User self-registration
116 def register
116 def register
117 (redirect_to(home_url); return) unless Setting.self_registration? || session[:auth_source_registration]
117 (redirect_to(home_url); return) unless Setting.self_registration? || session[:auth_source_registration]
118 if request.get?
118 if request.get?
119 session[:auth_source_registration] = nil
119 session[:auth_source_registration] = nil
120 @user = User.new(:language => current_language.to_s)
120 @user = User.new(:language => current_language.to_s)
121 else
121 else
122 user_params = params[:user] || {}
122 user_params = params[:user] || {}
123 @user = User.new
123 @user = User.new
124 @user.safe_attributes = user_params
124 @user.safe_attributes = user_params
125 @user.admin = false
125 @user.admin = false
126 @user.register
126 @user.register
127 if session[:auth_source_registration]
127 if session[:auth_source_registration]
128 @user.activate
128 @user.activate
129 @user.login = session[:auth_source_registration][:login]
129 @user.login = session[:auth_source_registration][:login]
130 @user.auth_source_id = session[:auth_source_registration][:auth_source_id]
130 @user.auth_source_id = session[:auth_source_registration][:auth_source_id]
131 if @user.save
131 if @user.save
132 session[:auth_source_registration] = nil
132 session[:auth_source_registration] = nil
133 self.logged_user = @user
133 self.logged_user = @user
134 flash[:notice] = l(:notice_account_activated)
134 flash[:notice] = l(:notice_account_activated)
135 redirect_to my_account_path
135 redirect_to my_account_path
136 end
136 end
137 else
137 else
138 @user.login = params[:user][:login]
138 @user.login = params[:user][:login]
139 unless user_params[:identity_url].present? && user_params[:password].blank? && user_params[:password_confirmation].blank?
139 unless user_params[:identity_url].present? && user_params[:password].blank? && user_params[:password_confirmation].blank?
140 @user.password, @user.password_confirmation = user_params[:password], user_params[:password_confirmation]
140 @user.password, @user.password_confirmation = user_params[:password], user_params[:password_confirmation]
141 end
141 end
142
142
143 case Setting.self_registration
143 case Setting.self_registration
144 when '1'
144 when '1'
145 register_by_email_activation(@user)
145 register_by_email_activation(@user)
146 when '3'
146 when '3'
147 register_automatically(@user)
147 register_automatically(@user)
148 else
148 else
149 register_manually_by_administrator(@user)
149 register_manually_by_administrator(@user)
150 end
150 end
151 end
151 end
152 end
152 end
153 end
153 end
154
154
155 # Token based account activation
155 # Token based account activation
156 def activate
156 def activate
157 (redirect_to(home_url); return) unless Setting.self_registration? && params[:token].present?
157 (redirect_to(home_url); return) unless Setting.self_registration? && params[:token].present?
158 token = Token.find_token('register', params[:token].to_s)
158 token = Token.find_token('register', params[:token].to_s)
159 (redirect_to(home_url); return) unless token and !token.expired?
159 (redirect_to(home_url); return) unless token and !token.expired?
160 user = token.user
160 user = token.user
161 (redirect_to(home_url); return) unless user.registered?
161 (redirect_to(home_url); return) unless user.registered?
162 user.activate
162 user.activate
163 if user.save
163 if user.save
164 token.destroy
164 token.destroy
165 flash[:notice] = l(:notice_account_activated)
165 flash[:notice] = l(:notice_account_activated)
166 end
166 end
167 redirect_to signin_path
167 redirect_to signin_path
168 end
168 end
169
169
170 # Sends a new account activation email
170 # Sends a new account activation email
171 def activation_email
171 def activation_email
172 if session[:registered_user_id] && Setting.self_registration == '1'
172 if session[:registered_user_id] && Setting.self_registration == '1'
173 user_id = session.delete(:registered_user_id).to_i
173 user_id = session.delete(:registered_user_id).to_i
174 user = User.find_by_id(user_id)
174 user = User.find_by_id(user_id)
175 if user && user.registered?
175 if user && user.registered?
176 register_by_email_activation(user)
176 register_by_email_activation(user)
177 return
177 return
178 end
178 end
179 end
179 end
180 redirect_to(home_url)
180 redirect_to(home_url)
181 end
181 end
182
182
183 private
183 private
184
184
185 def authenticate_user
185 def authenticate_user
186 if Setting.openid? && using_open_id?
186 if Setting.openid? && using_open_id?
187 open_id_authenticate(params[:openid_url])
187 open_id_authenticate(params[:openid_url])
188 else
188 else
189 password_authentication
189 password_authentication
190 end
190 end
191 end
191 end
192
192
193 def password_authentication
193 def password_authentication
194 user = User.try_to_login(params[:username], params[:password], false)
194 user = User.try_to_login(params[:username], params[:password], false)
195
195
196 if user.nil?
196 if user.nil?
197 invalid_credentials
197 invalid_credentials
198 elsif user.new_record?
198 elsif user.new_record?
199 onthefly_creation_failed(user, {:login => user.login, :auth_source_id => user.auth_source_id })
199 onthefly_creation_failed(user, {:login => user.login, :auth_source_id => user.auth_source_id })
200 else
200 else
201 # Valid user
201 # Valid user
202 if user.active?
202 if user.active?
203 successful_authentication(user)
203 successful_authentication(user)
204 update_sudo_timestamp! # activate Sudo Mode
204 update_sudo_timestamp! # activate Sudo Mode
205 else
205 else
206 handle_inactive_user(user)
206 handle_inactive_user(user)
207 end
207 end
208 end
208 end
209 end
209 end
210
210
211 def open_id_authenticate(openid_url)
211 def open_id_authenticate(openid_url)
212 back_url = signin_url(:autologin => params[:autologin])
212 back_url = signin_url(:autologin => params[:autologin])
213 authenticate_with_open_id(
213 authenticate_with_open_id(
214 openid_url, :required => [:nickname, :fullname, :email],
214 openid_url, :required => [:nickname, :fullname, :email],
215 :return_to => back_url, :method => :post
215 :return_to => back_url, :method => :post
216 ) do |result, identity_url, registration|
216 ) do |result, identity_url, registration|
217 if result.successful?
217 if result.successful?
218 user = User.find_or_initialize_by_identity_url(identity_url)
218 user = User.find_or_initialize_by_identity_url(identity_url)
219 if user.new_record?
219 if user.new_record?
220 # Self-registration off
220 # Self-registration off
221 (redirect_to(home_url); return) unless Setting.self_registration?
221 (redirect_to(home_url); return) unless Setting.self_registration?
222 # Create on the fly
222 # Create on the fly
223 user.login = registration['nickname'] unless registration['nickname'].nil?
223 user.login = registration['nickname'] unless registration['nickname'].nil?
224 user.mail = registration['email'] unless registration['email'].nil?
224 user.mail = registration['email'] unless registration['email'].nil?
225 user.firstname, user.lastname = registration['fullname'].split(' ') unless registration['fullname'].nil?
225 user.firstname, user.lastname = registration['fullname'].split(' ') unless registration['fullname'].nil?
226 user.random_password
226 user.random_password
227 user.register
227 user.register
228 case Setting.self_registration
228 case Setting.self_registration
229 when '1'
229 when '1'
230 register_by_email_activation(user) do
230 register_by_email_activation(user) do
231 onthefly_creation_failed(user)
231 onthefly_creation_failed(user)
232 end
232 end
233 when '3'
233 when '3'
234 register_automatically(user) do
234 register_automatically(user) do
235 onthefly_creation_failed(user)
235 onthefly_creation_failed(user)
236 end
236 end
237 else
237 else
238 register_manually_by_administrator(user) do
238 register_manually_by_administrator(user) do
239 onthefly_creation_failed(user)
239 onthefly_creation_failed(user)
240 end
240 end
241 end
241 end
242 else
242 else
243 # Existing record
243 # Existing record
244 if user.active?
244 if user.active?
245 successful_authentication(user)
245 successful_authentication(user)
246 else
246 else
247 handle_inactive_user(user)
247 handle_inactive_user(user)
248 end
248 end
249 end
249 end
250 end
250 end
251 end
251 end
252 end
252 end
253
253
254 def successful_authentication(user)
254 def successful_authentication(user)
255 logger.info "Successful authentication for '#{user.login}' from #{request.remote_ip} at #{Time.now.utc}"
255 logger.info "Successful authentication for '#{user.login}' from #{request.remote_ip} at #{Time.now.utc}"
256 # Valid user
256 # Valid user
257 self.logged_user = user
257 self.logged_user = user
258 # generate a key and set cookie if autologin
258 # generate a key and set cookie if autologin
259 if params[:autologin] && Setting.autologin?
259 if params[:autologin] && Setting.autologin?
260 set_autologin_cookie(user)
260 set_autologin_cookie(user)
261 end
261 end
262 call_hook(:controller_account_success_authentication_after, {:user => user })
262 call_hook(:controller_account_success_authentication_after, {:user => user })
263 redirect_back_or_default my_page_path
263 redirect_back_or_default my_page_path
264 end
264 end
265
265
266 def set_autologin_cookie(user)
266 def set_autologin_cookie(user)
267 token = Token.create(:user => user, :action => 'autologin')
267 token = Token.create(:user => user, :action => 'autologin')
268 secure = Redmine::Configuration['autologin_cookie_secure']
268 secure = Redmine::Configuration['autologin_cookie_secure']
269 if secure.nil?
269 if secure.nil?
270 secure = request.ssl?
270 secure = request.ssl?
271 end
271 end
272 cookie_options = {
272 cookie_options = {
273 :value => token.value,
273 :value => token.value,
274 :expires => 1.year.from_now,
274 :expires => 1.year.from_now,
275 :path => (Redmine::Configuration['autologin_cookie_path'] || '/'),
275 :path => (Redmine::Configuration['autologin_cookie_path'] || RedmineApp::Application.config.relative_url_root || '/'),
276 :secure => secure,
276 :secure => secure,
277 :httponly => true
277 :httponly => true
278 }
278 }
279 cookies[autologin_cookie_name] = cookie_options
279 cookies[autologin_cookie_name] = cookie_options
280 end
280 end
281
281
282 # Onthefly creation failed, display the registration form to fill/fix attributes
282 # Onthefly creation failed, display the registration form to fill/fix attributes
283 def onthefly_creation_failed(user, auth_source_options = { })
283 def onthefly_creation_failed(user, auth_source_options = { })
284 @user = user
284 @user = user
285 session[:auth_source_registration] = auth_source_options unless auth_source_options.empty?
285 session[:auth_source_registration] = auth_source_options unless auth_source_options.empty?
286 render :action => 'register'
286 render :action => 'register'
287 end
287 end
288
288
289 def invalid_credentials
289 def invalid_credentials
290 logger.warn "Failed login for '#{params[:username]}' from #{request.remote_ip} at #{Time.now.utc}"
290 logger.warn "Failed login for '#{params[:username]}' from #{request.remote_ip} at #{Time.now.utc}"
291 flash.now[:error] = l(:notice_account_invalid_creditentials)
291 flash.now[:error] = l(:notice_account_invalid_creditentials)
292 end
292 end
293
293
294 # Register a user for email activation.
294 # Register a user for email activation.
295 #
295 #
296 # Pass a block for behavior when a user fails to save
296 # Pass a block for behavior when a user fails to save
297 def register_by_email_activation(user, &block)
297 def register_by_email_activation(user, &block)
298 token = Token.new(:user => user, :action => "register")
298 token = Token.new(:user => user, :action => "register")
299 if user.save and token.save
299 if user.save and token.save
300 Mailer.register(token).deliver
300 Mailer.register(token).deliver
301 flash[:notice] = l(:notice_account_register_done, :email => ERB::Util.h(user.mail))
301 flash[:notice] = l(:notice_account_register_done, :email => ERB::Util.h(user.mail))
302 redirect_to signin_path
302 redirect_to signin_path
303 else
303 else
304 yield if block_given?
304 yield if block_given?
305 end
305 end
306 end
306 end
307
307
308 # Automatically register a user
308 # Automatically register a user
309 #
309 #
310 # Pass a block for behavior when a user fails to save
310 # Pass a block for behavior when a user fails to save
311 def register_automatically(user, &block)
311 def register_automatically(user, &block)
312 # Automatic activation
312 # Automatic activation
313 user.activate
313 user.activate
314 user.last_login_on = Time.now
314 user.last_login_on = Time.now
315 if user.save
315 if user.save
316 self.logged_user = user
316 self.logged_user = user
317 flash[:notice] = l(:notice_account_activated)
317 flash[:notice] = l(:notice_account_activated)
318 redirect_to my_account_path
318 redirect_to my_account_path
319 else
319 else
320 yield if block_given?
320 yield if block_given?
321 end
321 end
322 end
322 end
323
323
324 # Manual activation by the administrator
324 # Manual activation by the administrator
325 #
325 #
326 # Pass a block for behavior when a user fails to save
326 # Pass a block for behavior when a user fails to save
327 def register_manually_by_administrator(user, &block)
327 def register_manually_by_administrator(user, &block)
328 if user.save
328 if user.save
329 # Sends an email to the administrators
329 # Sends an email to the administrators
330 Mailer.account_activation_request(user).deliver
330 Mailer.account_activation_request(user).deliver
331 account_pending(user)
331 account_pending(user)
332 else
332 else
333 yield if block_given?
333 yield if block_given?
334 end
334 end
335 end
335 end
336
336
337 def handle_inactive_user(user, redirect_path=signin_path)
337 def handle_inactive_user(user, redirect_path=signin_path)
338 if user.registered?
338 if user.registered?
339 account_pending(user, redirect_path)
339 account_pending(user, redirect_path)
340 else
340 else
341 account_locked(user, redirect_path)
341 account_locked(user, redirect_path)
342 end
342 end
343 end
343 end
344
344
345 def account_pending(user, redirect_path=signin_path)
345 def account_pending(user, redirect_path=signin_path)
346 if Setting.self_registration == '1'
346 if Setting.self_registration == '1'
347 flash[:error] = l(:notice_account_not_activated_yet, :url => activation_email_path)
347 flash[:error] = l(:notice_account_not_activated_yet, :url => activation_email_path)
348 session[:registered_user_id] = user.id
348 session[:registered_user_id] = user.id
349 else
349 else
350 flash[:error] = l(:notice_account_pending)
350 flash[:error] = l(:notice_account_pending)
351 end
351 end
352 redirect_to redirect_path
352 redirect_to redirect_path
353 end
353 end
354
354
355 def account_locked(user, redirect_path=signin_path)
355 def account_locked(user, redirect_path=signin_path)
356 flash[:error] = l(:notice_account_locked)
356 flash[:error] = l(:notice_account_locked)
357 redirect_to redirect_path
357 redirect_to redirect_path
358 end
358 end
359 end
359 end
Show file before | Show file after | Hide comments
@@ -1,81 +1,83
1 require File.expand_path('../boot', __FILE__)
1 require File.expand_path('../boot', __FILE__)
2
2
3 require 'rails/all'
3 require 'rails/all'
4
4
5 Bundler.require(*Rails.groups)
5 Bundler.require(*Rails.groups)
6
6
7 module RedmineApp
7 module RedmineApp
8 class Application < Rails::Application
8 class Application < Rails::Application
9 # Settings in config/environments/* take precedence over those specified here.
9 # Settings in config/environments/* take precedence over those specified here.
10 # Application configuration should go into files in config/initializers
10 # Application configuration should go into files in config/initializers
11 # -- all .rb files in that directory are automatically loaded.
11 # -- all .rb files in that directory are automatically loaded.
12
12
13 # Custom directories with classes and modules you want to be autoloadable.
13 # Custom directories with classes and modules you want to be autoloadable.
14 config.autoload_paths += %W(#{config.root}/lib)
14 config.autoload_paths += %W(#{config.root}/lib)
15
15
16 # Only load the plugins named here, in the order given (default is alphabetical).
16 # Only load the plugins named here, in the order given (default is alphabetical).
17 # :all can be used as a placeholder for all plugins not explicitly named.
17 # :all can be used as a placeholder for all plugins not explicitly named.
18 # config.plugins = [ :exception_notification, :ssl_requirement, :all ]
18 # config.plugins = [ :exception_notification, :ssl_requirement, :all ]
19
19
20 config.active_record.store_full_sti_class = true
20 config.active_record.store_full_sti_class = true
21 config.active_record.default_timezone = :local
21 config.active_record.default_timezone = :local
22
22
23 # Set Time.zone default to the specified zone and make Active Record auto-convert to this zone.
23 # Set Time.zone default to the specified zone and make Active Record auto-convert to this zone.
24 # Run "rake -D time" for a list of tasks for finding time zone names. Default is UTC.
24 # Run "rake -D time" for a list of tasks for finding time zone names. Default is UTC.
25 # config.time_zone = 'Central Time (US & Canada)'
25 # config.time_zone = 'Central Time (US & Canada)'
26
26
27 # The default locale is :en and all translations from config/locales/*.rb,yml are auto loaded.
27 # The default locale is :en and all translations from config/locales/*.rb,yml are auto loaded.
28 # config.i18n.load_path += Dir[Rails.root.join('my', 'locales', '*.{rb,yml}').to_s]
28 # config.i18n.load_path += Dir[Rails.root.join('my', 'locales', '*.{rb,yml}').to_s]
29 # config.i18n.default_locale = :de
29 # config.i18n.default_locale = :de
30
30
31 I18n.enforce_available_locales = true
31 I18n.enforce_available_locales = true
32
32
33 # Configure the default encoding used in templates for Ruby 1.9.
33 # Configure the default encoding used in templates for Ruby 1.9.
34 config.encoding = "utf-8"
34 config.encoding = "utf-8"
35
35
36 # Configure sensitive parameters which will be filtered from the log file.
36 # Configure sensitive parameters which will be filtered from the log file.
37 config.filter_parameters += [:password]
37 config.filter_parameters += [:password]
38
38
39 # Enable the asset pipeline
39 # Enable the asset pipeline
40 config.assets.enabled = false
40 config.assets.enabled = false
41
41
42 # Version of your assets, change this if you want to expire all your assets
42 # Version of your assets, change this if you want to expire all your assets
43 config.assets.version = '1.0'
43 config.assets.version = '1.0'
44
44
45 config.action_mailer.perform_deliveries = false
45 config.action_mailer.perform_deliveries = false
46
46
47 # Do not include all helpers
47 # Do not include all helpers
48 config.action_controller.include_all_helpers = false
48 config.action_controller.include_all_helpers = false
49
49
50 # Do not supress errors in after_rollback and after_commit callbacks
50 # Do not supress errors in after_rollback and after_commit callbacks
51 config.active_record.raise_in_transactional_callbacks = true
51 config.active_record.raise_in_transactional_callbacks = true
52
52
53 # XML parameter parser removed from core in Rails 4.0
53 # XML parameter parser removed from core in Rails 4.0
54 # and extracted to actionpack-xml_parser gem
54 # and extracted to actionpack-xml_parser gem
55 config.middleware.insert_after ActionDispatch::ParamsParser, ActionDispatch::XmlParamsParser
55 config.middleware.insert_after ActionDispatch::ParamsParser, ActionDispatch::XmlParamsParser
56
56
57 # Sets the Content-Length header on responses with fixed-length bodies
57 # Sets the Content-Length header on responses with fixed-length bodies
58 config.middleware.use Rack::ContentLength
58 config.middleware.use Rack::ContentLength
59
59
60 # Verify validity of user sessions
60 # Verify validity of user sessions
61 config.redmine_verify_sessions = true
61 config.redmine_verify_sessions = true
62
62
63 # Specific cache for search results, the default file store cache is not
63 # Specific cache for search results, the default file store cache is not
64 # a good option as it could grow fast. A memory store (32MB max) is used
64 # a good option as it could grow fast. A memory store (32MB max) is used
65 # as the default. If you're running multiple server processes, it's
65 # as the default. If you're running multiple server processes, it's
66 # recommended to switch to a shared cache store (eg. mem_cache_store).
66 # recommended to switch to a shared cache store (eg. mem_cache_store).
67 # See http://guides.rubyonrails.org/caching_with_rails.html#cache-stores
67 # See http://guides.rubyonrails.org/caching_with_rails.html#cache-stores
68 # for more options (same options as config.cache_store).
68 # for more options (same options as config.cache_store).
69 config.redmine_search_cache_store = :memory_store
69 config.redmine_search_cache_store = :memory_store
70
70
71 # Configure log level here so that additional environment file
71 # Configure log level here so that additional environment file
72 # can change it (environments/ENV.rb would take precedence over it)
72 # can change it (environments/ENV.rb would take precedence over it)
73 config.log_level = Rails.env.production? ? :info : :debug
73 config.log_level = Rails.env.production? ? :info : :debug
74
74
75 config.session_store :cookie_store, :key => '_redmine_session'
75 config.session_store :cookie_store,
76 :key => '_redmine_session',
77 :path => config.relative_url_root || '/'
76
78
77 if File.exists?(File.join(File.dirname(__FILE__), 'additional_environment.rb'))
79 if File.exists?(File.join(File.dirname(__FILE__), 'additional_environment.rb'))
78 instance_eval File.read(File.join(File.dirname(__FILE__), 'additional_environment.rb'))
80 instance_eval File.read(File.join(File.dirname(__FILE__), 'additional_environment.rb'))
79 end
81 end
80 end
82 end
81 end
83 end
General Comments 0
You need to be logged in to leave comments. Login now