##// END OF EJS Templates
jro_apps » redmine
RSS
Modified logged_in_user_membership controller method so that it returns a role...
Jean-Philippe Lang -
r412:8e6d575d4e86
parent child
Show More
Show file before | Show file after | Hide comments
@@ -1,147 +1,148
1 1 # redMine - project management software
2 2 # Copyright (C) 2006-2007 Jean-Philippe Lang
3 3 #
4 4 # This program is free software; you can redistribute it and/or
5 5 # modify it under the terms of the GNU General Public License
6 6 # as published by the Free Software Foundation; either version 2
7 7 # of the License, or (at your option) any later version.
8 8 #
9 9 # This program is distributed in the hope that it will be useful,
10 10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 12 # GNU General Public License for more details.
13 13 #
14 14 # You should have received a copy of the GNU General Public License
15 15 # along with this program; if not, write to the Free Software
16 16 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
17 17
18 18 class ApplicationController < ActionController::Base
19 19 before_filter :check_if_login_required, :set_localization
20 20 filter_parameter_logging :password
21 21
22 22 def logged_in_user=(user)
23 23 @logged_in_user = user
24 24 session[:user_id] = (user ? user.id : nil)
25 25 end
26 26
27 27 def logged_in_user
28 28 if session[:user_id]
29 29 @logged_in_user ||= User.find(session[:user_id])
30 30 else
31 31 nil
32 32 end
33 33 end
34 34
35 # Returns the role that the logged in user has on the current project
36 # or nil if current user is not a member of the project
35 37 def logged_in_user_membership
36 @user_membership ||= Member.find(:first, :conditions => ["user_id=? and project_id=?", self.logged_in_user.id, @project.id])
38 @user_membership ||= logged_in_user.role_for_project(@project)
37 39 end
38 40
39 41 # check if login is globally required to access the application
40 42 def check_if_login_required
41 43 require_login if Setting.login_required?
42 44 end
43 45
44 46 def set_localization
45 47 lang = begin
46 48 if self.logged_in_user and self.logged_in_user.language and !self.logged_in_user.language.empty? and GLoc.valid_languages.include? self.logged_in_user.language.to_sym
47 49 self.logged_in_user.language
48 50 elsif request.env['HTTP_ACCEPT_LANGUAGE']
49 51 accept_lang = parse_qvalues(request.env['HTTP_ACCEPT_LANGUAGE']).first.split('-').first
50 52 if accept_lang and !accept_lang.empty? and GLoc.valid_languages.include? accept_lang.to_sym
51 53 accept_lang
52 54 end
53 55 end
54 56 rescue
55 57 nil
56 58 end || Setting.default_language
57 59 set_language_if_valid(lang)
58 60 end
59 61
60 62 def require_login
61 63 unless self.logged_in_user
62 64 store_location
63 65 redirect_to :controller => "account", :action => "login"
64 66 return false
65 67 end
66 68 true
67 69 end
68 70
69 71 def require_admin
70 72 return unless require_login
71 73 unless self.logged_in_user.admin?
72 74 render :nothing => true, :status => 403
73 75 return false
74 76 end
75 77 true
76 78 end
77 79
78 80 # authorizes the user for the requested action.
79 81 def authorize(ctrl = params[:controller], action = params[:action])
80 82 # check if action is allowed on public projects
81 83 if @project.is_public? and Permission.allowed_to_public "%s/%s" % [ ctrl, action ]
82 84 return true
83 85 end
84 86 # if action is not public, force login
85 87 return unless require_login
86 88 # admin is always authorized
87 89 return true if self.logged_in_user.admin?
88 90 # if not admin, check membership permission
89 @user_membership ||= logged_in_user.role_for_project(@project)
90 if @user_membership and Permission.allowed_to_role( "%s/%s" % [ ctrl, action ], @user_membership )
91 if logged_in_user_membership and Permission.allowed_to_role( "%s/%s" % [ ctrl, action ], logged_in_user_membership )
91 92 return true
92 93 end
93 94 render :nothing => true, :status => 403
94 95 false
95 96 end
96 97
97 98 # make sure that the user is a member of the project (or admin) if project is private
98 99 # used as a before_filter for actions that do not require any particular permission on the project
99 100 def check_project_privacy
100 101 return true if @project.is_public?
101 102 return false unless logged_in_user
102 103 return true if logged_in_user.admin? || logged_in_user_membership
103 104 render :nothing => true, :status => 403
104 105 false
105 106 end
106 107
107 108 # store current uri in session.
108 109 # return to this location by calling redirect_back_or_default
109 110 def store_location
110 111 session[:return_to_params] = params
111 112 end
112 113
113 114 # move to the last store_location call or to the passed default one
114 115 def redirect_back_or_default(default)
115 116 if session[:return_to_params].nil?
116 117 redirect_to default
117 118 else
118 119 redirect_to session[:return_to_params]
119 120 session[:return_to_params] = nil
120 121 end
121 122 end
122 123
123 124 def render_404
124 125 @html_title = "404"
125 126 render :template => "common/404", :layout => true, :status => 404
126 127 return false
127 128 end
128 129
129 130 # qvalues http header parser
130 131 # code taken from webrick
131 132 def parse_qvalues(value)
132 133 tmp = []
133 134 if value
134 135 parts = value.split(/,\s*/)
135 136 parts.each {|part|
136 137 if m = %r{^([^\s,]+?)(?:;\s*q=(\d+(?:\.\d+)?))?$}.match(part)
137 138 val = m[1]
138 139 q = (m[2] or 1).to_f
139 140 tmp.push([val, q])
140 141 end
141 142 }
142 143 tmp = tmp.sort_by{|val, q| -q}
143 144 tmp.collect!{|val, q| val}
144 145 end
145 146 return tmp
146 147 end
147 148 end No newline at end of file
General Comments 0
You need to be logged in to leave comments. Login now