cafe-grader-web

Commit r83:092dd4df7102 public

parent | child
Description:
[web] temporary fixed on problem of reloading Configuration, when there are many mongrel processes git-svn-id: http://theory.cpe.ku.ac.th/grader/web/trunk@164 6386c4cd-e34a-4fa8-8920-d93eb39b512e
Commit status:
[Not Reviewed]
References:
default
Diff options:
Raw Diff | Patch Diff | Download Diff | Show whitespace | Increase context
Comments:
0 Commit comments 0 Inline Comments
Unresolved TODOs:
There are no unresolved TODOs
Side by Side Unified
Expand All Files Collapse All Files Wide Mode Diff
Add another comment
Browse Files

r83:092dd4df7102 - - 1 file changed: 1 inserted, 0 deleted

Show file before | Show file after | Raw diff | Download diff | Show whitespace Increase context Show commentsHide comments
@@ -3,48 +3,49
3
3
4 class ApplicationController < ActionController::Base
4 class ApplicationController < ActionController::Base
5 # Pick a unique cookie name to distinguish our session data from others'
5 # Pick a unique cookie name to distinguish our session data from others'
6 session :session_key => '_grader_session_id'
6 session :session_key => '_grader_session_id'
7
7
8 SINGLE_USER_MODE_CONF_KEY = 'system.single_user_mode'
8 SINGLE_USER_MODE_CONF_KEY = 'system.single_user_mode'
9
9
10 def authorization_by_roles(allowed_roles)
10 def authorization_by_roles(allowed_roles)
11 return false unless authenticate
11 return false unless authenticate
12 user = User.find(session[:user_id])
12 user = User.find(session[:user_id])
13 unless user.roles.detect { |role| allowed_roles.member?(role.name) }
13 unless user.roles.detect { |role| allowed_roles.member?(role.name) }
14 flash[:notice] = 'You are not authorized to view the page you requested'
14 flash[:notice] = 'You are not authorized to view the page you requested'
15 redirect_to :controller => 'main', :action => 'login'
15 redirect_to :controller => 'main', :action => 'login'
16 return false
16 return false
17 end
17 end
18 end
18 end
19
19
20 protected
20 protected
21 def authenticate
21 def authenticate
22 unless session[:user_id]
22 unless session[:user_id]
23 redirect_to :controller => 'main', :action => 'login'
23 redirect_to :controller => 'main', :action => 'login'
24 return false
24 return false
25 end
25 end
26
26
27 + Configuration.reload
27 # check if run in single user mode
28 # check if run in single user mode
28 if (Configuration[SINGLE_USER_MODE_CONF_KEY])
29 if (Configuration[SINGLE_USER_MODE_CONF_KEY])
29 user = User.find(session[:user_id])
30 user = User.find(session[:user_id])
30 if user==nil or user.login != 'root'
31 if user==nil or user.login != 'root'
31 redirect_to :controller => 'main', :action => 'login'
32 redirect_to :controller => 'main', :action => 'login'
32 return false
33 return false
33 end
34 end
34 end
35 end
35
36
36 return true
37 return true
37 end
38 end
38
39
39 def authorization
40 def authorization
40 return false unless authenticate
41 return false unless authenticate
41 user = User.find(session[:user_id])
42 user = User.find(session[:user_id])
42 unless user.roles.detect { |role|
43 unless user.roles.detect { |role|
43 role.rights.detect{ |right|
44 role.rights.detect{ |right|
44 right.controller == self.class.controller_name and
45 right.controller == self.class.controller_name and
45 (right.action == 'all' or right.action == action_name)
46 (right.action == 'all' or right.action == action_name)
46 }
47 }
47 }
48 }
48 flash[:notice] = 'You are not authorized to view the page you requested'
49 flash[:notice] = 'You are not authorized to view the page you requested'
49 #request.env['HTTP_REFERER'] ? (redirect_to :back) : (redirect_to :controller => 'login')
50 #request.env['HTTP_REFERER'] ? (redirect_to :back) : (redirect_to :controller => 'login')
50 redirect_to :controller => 'main', :action => 'login'
51 redirect_to :controller => 'main', :action => 'login'
You need to be logged in to leave comments. Login now