##// END OF EJS Templates
jro_apps » redmine
RSS
Adds a configuration setting to enable sudo mode, disabled by default (#19851)....
Jean-Philippe Lang -
r13954:e12322dac3ba
parent child
Show More
Side by Side Unified
Context file:
r13954:e12322dac3ba Loading diff...:
Show file before | Show file after | Hide comments
@@ -170,6 +170,13 default:
170 # same secret token on each machine.
170 # same secret token on each machine.
171 #secret_token: 'change it to a long random string'
171 #secret_token: 'change it to a long random string'
172
172
173 # Requires users to re-enter their password for sensitive actions (editing
174 # of account data, project memberships, application settings, user, group,
175 # role, auth source management and project deletion).
176 # Disabled by default.
177 #
178 #sudo_mode: true
179
173 # Absolute path (e.g. /usr/bin/convert, c:/im/convert.exe) to
180 # Absolute path (e.g. /usr/bin/convert, c:/im/convert.exe) to
174 # the ImageMagick's `convert` binary. Used to generate attachment thumbnails.
181 # the ImageMagick's `convert` binary. Used to generate attachment thumbnails.
175 #imagemagick_convert_command:
182 #imagemagick_convert_command:
Show file before | Show file after | Hide comments
@@ -202,7 +202,7 module Redmine
202 end
202 end
203
203
204 def self.possible?
204 def self.possible?
205 !disabled? && User.current.logged?
205 enabled? && User.current.logged?
206 end
206 end
207
207
208 # Turn off sudo mode (never require password entry).
208 # Turn off sudo mode (never require password entry).
@@ -215,10 +215,9 module Redmine
215 RequestStore.store[:sudo_mode_disabled] = nil
215 RequestStore.store[:sudo_mode_disabled] = nil
216 end
216 end
217
217
218 def self.disabled?
218 def self.enabled?
219 !!RequestStore.store[:sudo_mode_disabled]
219 Redmine::Configuration['sudo_mode'] && !RequestStore.store[:sudo_mode_disabled]
220 end
220 end
221
222 end
221 end
223 end
222 end
224
223
Show file before | Show file after | Hide comments
@@ -22,7 +22,6 class AuthSourcesControllerTest < ActionController::TestCase
22
22
23 def setup
23 def setup
24 @request.session[:user_id] = 1
24 @request.session[:user_id] = 1
25 Redmine::SudoMode.disable!
26 end
25 end
27
26
28 def test_index
27 def test_index
Show file before | Show file after | Hide comments
@@ -22,7 +22,6 class EmailAddressesControllerTest < ActionController::TestCase
22
22
23 def setup
23 def setup
24 User.current = nil
24 User.current = nil
25 Redmine::SudoMode.disable!
26 end
25 end
27
26
28 def test_index_with_no_additional_emails
27 def test_index_with_no_additional_emails
Show file before | Show file after | Hide comments
@@ -22,7 +22,6 class GroupsControllerTest < ActionController::TestCase
22
22
23 def setup
23 def setup
24 @request.session[:user_id] = 1
24 @request.session[:user_id] = 1
25 Redmine::SudoMode.disable!
26 end
25 end
27
26
28 def test_index
27 def test_index
Show file before | Show file after | Hide comments
@@ -23,7 +23,6 class MembersControllerTest < ActionController::TestCase
23 def setup
23 def setup
24 User.current = nil
24 User.current = nil
25 @request.session[:user_id] = 2
25 @request.session[:user_id] = 2
26 Redmine::SudoMode.disable!
27 end
26 end
28
27
29 def test_new
28 def test_new
Show file before | Show file after | Hide comments
@@ -23,7 +23,6 class MyControllerTest < ActionController::TestCase
23
23
24 def setup
24 def setup
25 @request.session[:user_id] = 2
25 @request.session[:user_id] = 2
26 Redmine::SudoMode.disable!
27 end
26 end
28
27
29 def test_index
28 def test_index
Show file before | Show file after | Hide comments
@@ -28,7 +28,6 class ProjectsControllerTest < ActionController::TestCase
28 def setup
28 def setup
29 @request.session[:user_id] = nil
29 @request.session[:user_id] = nil
30 Setting.default_language = 'en'
30 Setting.default_language = 'en'
31 Redmine::SudoMode.disable!
32 end
31 end
33
32
34 def test_index_by_anonymous_should_not_show_private_projects
33 def test_index_by_anonymous_should_not_show_private_projects
Show file before | Show file after | Hide comments
@@ -23,7 +23,6 class RolesControllerTest < ActionController::TestCase
23 def setup
23 def setup
24 User.current = nil
24 User.current = nil
25 @request.session[:user_id] = 1 # admin
25 @request.session[:user_id] = 1 # admin
26 Redmine::SudoMode.disable!
27 end
26 end
28
27
29 def test_index
28 def test_index
Show file before | Show file after | Hide comments
@@ -24,7 +24,6 class SettingsControllerTest < ActionController::TestCase
24 def setup
24 def setup
25 User.current = nil
25 User.current = nil
26 @request.session[:user_id] = 1 # admin
26 @request.session[:user_id] = 1 # admin
27 Redmine::SudoMode.disable!
28 end
27 end
29
28
30 def test_index
29 def test_index
Show file before | Show file after | Hide comments
@@ -30,7 +30,6 class UsersControllerTest < ActionController::TestCase
30 def setup
30 def setup
31 User.current = nil
31 User.current = nil
32 @request.session[:user_id] = 1 # admin
32 @request.session[:user_id] = 1 # admin
33 Redmine::SudoMode.disable!
34 end
33 end
35
34
36 def test_index
35 def test_index
Show file before | Show file after | Hide comments
@@ -26,14 +26,6 class AdminTest < Redmine::IntegrationTest
26 :members,
26 :members,
27 :enabled_modules
27 :enabled_modules
28
28
29 def setup
30 Redmine::SudoMode.enable!
31 end
32
33 def teardown
34 Redmine::SudoMode.disable!
35 end
36
37 def test_add_user
29 def test_add_user
38 log_user("admin", "admin")
30 log_user("admin", "admin")
39 get "/users/new"
31 get "/users/new"
@@ -44,15 +36,6 class AdminTest < Redmine::IntegrationTest
44 :lastname => "Smith", :mail => "psmith@somenet.foo",
36 :lastname => "Smith", :mail => "psmith@somenet.foo",
45 :language => "en", :password => "psmith09",
37 :language => "en", :password => "psmith09",
46 :password_confirmation => "psmith09" }
38 :password_confirmation => "psmith09" }
47 assert_response :success
48 assert_nil User.find_by_login("psmith")
49
50 post "/users",
51 :user => { :login => "psmith", :firstname => "Paul",
52 :lastname => "Smith", :mail => "psmith@somenet.foo",
53 :language => "en", :password => "psmith09",
54 :password_confirmation => "psmith09" },
55 :sudo_password => 'admin'
56
39
57 user = User.find_by_login("psmith")
40 user = User.find_by_login("psmith")
58 assert_kind_of User, user
41 assert_kind_of User, user
Show file before | Show file after | Hide comments
@@ -4,11 +4,31 class SudoTest < Redmine::IntegrationTest
4 fixtures :projects, :members, :member_roles, :roles, :users
4 fixtures :projects, :members, :member_roles, :roles, :users
5
5
6 def setup
6 def setup
7 Redmine::SudoMode.enable!
7 Redmine::SudoMode.stubs(:enabled?).returns(true)
8 end
8 end
9
9
10 def teardown
10 def test_add_user
11 Redmine::SudoMode.disable!
11 log_user("admin", "admin")
12 get "/users/new"
13 assert_response :success
14 post "/users",
15 :user => { :login => "psmith", :firstname => "Paul",
16 :lastname => "Smith", :mail => "psmith@somenet.foo",
17 :language => "en", :password => "psmith09",
18 :password_confirmation => "psmith09" }
19 assert_response :success
20 assert_nil User.find_by_login("psmith")
21
22 post "/users",
23 :user => { :login => "psmith", :firstname => "Paul",
24 :lastname => "Smith", :mail => "psmith@somenet.foo",
25 :language => "en", :password => "psmith09",
26 :password_confirmation => "psmith09" },
27 :sudo_password => 'admin'
28 assert_response 302
29
30 user = User.find_by_login("psmith")
31 assert_kind_of User, user
12 end
32 end
13
33
14 def test_create_member_xhr
34 def test_create_member_xhr
Show file before | Show file after | Hide comments
@@ -33,6 +33,8 include ObjectHelpers
33 require 'net/ldap'
33 require 'net/ldap'
34 require 'mocha/setup'
34 require 'mocha/setup'
35
35
36 Redmine::SudoMode.disable!
37
36 class ActionView::TestCase
38 class ActionView::TestCase
37 helper :application
39 helper :application
38 include ApplicationHelper
40 include ApplicationHelper
General Comments 0
You need to be logged in to leave comments. Login now