cafe-grader-web Files · app/controllers/application

cafe-grader-web

Location: cafe-grader-web/app/controllers/application_controller.rb - annotation

Commit Description:

removed deprecated session_key from ApplicationController...

Commit Description:

removed deprecated session_key from ApplicationController git-svn-id: http://theory.cpe.ku.ac.th/grader/web/trunk@380 6386c4cd-e34a-4fa8-8920-d93eb39b512e

References:

r178:f002bd602fc3 default

File last commit:

r178:f002bd602fc3 default

Show/Diff file:

Action:

            
                    app/controllers/application_controller.rb
                
             | 74 lines
             | 2.2 KiB
             | text/x-ruby 
             | RubyLexer
             | 
      
            History
        
           Show Full History
         |
          Source
         | Raw
         |
              
              Download
              
     jittat
  
MERGED 308:HEAD from http://theory.cpe.ku.ac.th/grader/web/branches/ytopc08-2/, removed some registration info...

              r162
            
      # Filters added to this controller apply to all controllers in the application.

      # Likewise, all the methods added will be available for all controllers.

      class ApplicationController < ActionController::Base

        SINGLE_USER_MODE_CONF_KEY = 'system.single_user_mode'

        def admin_authorization

          return false unless authenticate

          user = User.find(session[:user_id], :include => ['roles'])

          redirect_to :controller => 'main', :action => 'login' unless user.admin?

        end

        def authorization_by_roles(allowed_roles)

          return false unless authenticate

          user = User.find(session[:user_id])

          unless user.roles.detect { |role| allowed_roles.member?(role.name) }

            flash[:notice] = 'You are not authorized to view the page you requested'

            redirect_to :controller => 'main', :action => 'login'

            return false

          end

        end

        protected

        def authenticate

          unless session[:user_id]

            redirect_to :controller => 'main', :action => 'login'

            return false

          end

          #Configuration.reload

          # check if run in single user mode

          if (Configuration[SINGLE_USER_MODE_CONF_KEY])

            user = User.find(session[:user_id])

            if user==nil or user.login != 'root'

              redirect_to :controller => 'main', :action => 'login'

              return false

            end

          end

          return true

        end

        def authorization

          return false unless authenticate

          user = User.find(session[:user_id])

          unless user.roles.detect { |role|

      	role.rights.detect{ |right|

      	  right.controller == self.class.controller_name and

                (right.action == 'all' or right.action == action_name)

      	}

            }

            flash[:notice] = 'You are not authorized to view the page you requested'

            #request.env['HTTP_REFERER'] ? (redirect_to :back) : (redirect_to :controller => 'login')

            redirect_to :controller => 'main', :action => 'login'

            return false

          end

        end

        def verify_time_limit

          return true if session[:user_id]==nil

          user = User.find(session[:user_id], :include => :site)

          return true if user==nil or user.site == nil

          if user.site.finished?

            flash[:notice] = 'Error: the contest on your site is over.'

            redirect_to :back

            return false

          end

          return true

        end

      end

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository permissions settings

Sign in to your account

Last Author

jittat MERGED 308:HEAD from http://theory.cpe.ku.ac.th/grader/web/branches/ytopc08-2/, removed some registration info...	r162	# Filters added to this controller apply to all controllers in the application.
		# Likewise, all the methods added will be available for all controllers.

		class ApplicationController < ActionController::Base

		SINGLE_USER_MODE_CONF_KEY = 'system.single_user_mode'

		def admin_authorization
		return false unless authenticate
		user = User.find(session[:user_id], :include => ['roles'])
		redirect_to :controller => 'main', :action => 'login' unless user.admin?
		end

		def authorization_by_roles(allowed_roles)
		return false unless authenticate
		user = User.find(session[:user_id])
		unless user.roles.detect { \|role\| allowed_roles.member?(role.name) }
		flash[:notice] = 'You are not authorized to view the page you requested'
		redirect_to :controller => 'main', :action => 'login'
		return false
		end
		end

		protected

		def authenticate
		unless session[:user_id]
		redirect_to :controller => 'main', :action => 'login'
		return false
		end

		#Configuration.reload
		# check if run in single user mode
		if (Configuration[SINGLE_USER_MODE_CONF_KEY])
		user = User.find(session[:user_id])
		if user==nil or user.login != 'root'
		redirect_to :controller => 'main', :action => 'login'
		return false
		end
		end

		return true
		end

		def authorization
		return false unless authenticate
		user = User.find(session[:user_id])
		unless user.roles.detect { \|role\|
		role.rights.detect{ \|right\|
		right.controller == self.class.controller_name and
		(right.action == 'all' or right.action == action_name)
		}
		}
		flash[:notice] = 'You are not authorized to view the page you requested'
		#request.env['HTTP_REFERER'] ? (redirect_to :back) : (redirect_to :controller => 'login')
		redirect_to :controller => 'main', :action => 'login'
		return false
		end
		end

		def verify_time_limit
		return true if session[:user_id]==nil
		user = User.find(session[:user_id], :include => :site)
		return true if user==nil or user.site == nil
		if user.site.finished?
		flash[:notice] = 'Error: the contest on your site is over.'
		redirect_to :back
		return false
		end
		return true
		end

		end