Show More
Commit Description:
fix logins user_id from string to integer
Commit Description:
fix logins user_id from string to integer
References:
File last commit:
Show/Diff file:
Action:
app/controllers/application_controller.rb
| 92 lines
| 2.8 KiB
| text/x-ruby
| RubyLexer
|
jittat
|
r162 | class ApplicationController < ActionController::Base | ||
Jittat Fakcharoenphol
|
r318 | protect_from_forgery | ||
|
jittat
|
r162 | |||
| SINGLE_USER_MODE_CONF_KEY = 'system.single_user_mode' | ||||
| def admin_authorization | ||||
| return false unless authenticate | ||||
| user = User.find(session[:user_id], :include => ['roles']) | ||||
| r425 | unless user.admin? | |||
| flash[:notice] = 'You are not authorized to view the page you requested' | ||||
| redirect_to :controller => 'main', :action => 'login' unless user.admin? | ||||
| return false | ||||
| end | ||||
| return true | ||||
|
jittat
|
r162 | end | ||
| def authorization_by_roles(allowed_roles) | ||||
| return false unless authenticate | ||||
| user = User.find(session[:user_id]) | ||||
| unless user.roles.detect { |role| allowed_roles.member?(role.name) } | ||||
| flash[:notice] = 'You are not authorized to view the page you requested' | ||||
| redirect_to :controller => 'main', :action => 'login' | ||||
| return false | ||||
| end | ||||
| end | ||||
| protected | ||||
| def authenticate | ||||
| unless session[:user_id] | ||||
| r424 | flash[:notice] = 'You need to login' | |||
| if GraderConfiguration[SINGLE_USER_MODE_CONF_KEY] | ||||
| flash[:notice] = 'You need to login but you cannot log in at this time' | ||||
| end | ||||
|
jittat
|
r162 | redirect_to :controller => 'main', :action => 'login' | ||
| return false | ||||
| end | ||||
| # check if run in single user mode | ||||
|
Jittat Fakcharoenphol
|
r320 | if GraderConfiguration[SINGLE_USER_MODE_CONF_KEY] | ||
|
jittat
|
r162 | user = User.find(session[:user_id]) | ||
|
Jittat Fakcharoenphol
|
r284 | if user==nil or (not user.admin?) | ||
|
Jittat Fakcharoenphol
|
r301 | flash[:notice] = 'You cannot log in at this time' | ||
|
jittat
|
r162 | redirect_to :controller => 'main', :action => 'login' | ||
| return false | ||||
| end | ||||
|
Jittat Fakcharoenphol
|
r295 | return true | ||
|
jittat
|
r162 | end | ||
|
Jittat Fakcharoenphol
|
r320 | if GraderConfiguration.multicontests? | ||
|
Jittat Fakcharoenphol
|
r295 | user = User.find(session[:user_id]) | ||
|
Jittat Fakcharoenphol
|
r296 | return true if user.admin? | ||
|
Jittat Fakcharoenphol
|
r295 | begin | ||
| if user.contest_stat(true).forced_logout | ||||
| flash[:notice] = 'You have been automatically logged out.' | ||||
| redirect_to :controller => 'main', :action => 'index' | ||||
| end | ||||
| rescue | ||||
| end | ||||
| end | ||||
|
jittat
|
r162 | return true | ||
| end | ||||
| def authorization | ||||
| return false unless authenticate | ||||
| user = User.find(session[:user_id]) | ||||
| unless user.roles.detect { |role| | ||||
| role.rights.detect{ |right| | ||||
| right.controller == self.class.controller_name and | ||||
| (right.action == 'all' or right.action == action_name) | ||||
| } | ||||
| } | ||||
| flash[:notice] = 'You are not authorized to view the page you requested' | ||||
| #request.env['HTTP_REFERER'] ? (redirect_to :back) : (redirect_to :controller => 'login') | ||||
| redirect_to :controller => 'main', :action => 'login' | ||||
| return false | ||||
| end | ||||
| end | ||||
| def verify_time_limit | ||||
| return true if session[:user_id]==nil | ||||
| user = User.find(session[:user_id], :include => :site) | ||||
| return true if user==nil or user.site == nil | ||||
|
Jittat Fakcharoenphol
|
r217 | if user.contest_finished? | ||
| flash[:notice] = 'Error: the contest you are participating is over.' | ||||
|
jittat
|
r162 | redirect_to :back | ||
| return false | ||||
| end | ||||
| return true | ||||
| end | ||||
| end | ||||