Description:
[web] improved log-in & roles efficiency
git-svn-id: http://theory.cpe.ku.ac.th/grader/web/trunk@196 6386c4cd-e34a-4fa8-8920-d93eb39b512e
Commit status:
[Not Reviewed]
References:
Diff options:
Comments:
0 Commit comments
0 Inline Comments
Unresolved TODOs:
There are no unresolved TODOs
Author
jittat
-
r104:7a05c208f2ec - - 6 files changed: 23 inserted, 10 deleted
| @@ -1,7 +1,6 | |||
|
|
1 | 1 | class AnnouncementsController < ApplicationController |
|
|
2 | 2 | |
|
|
3 |
- before_filter :a |
|
|
|
4 | - before_filter { |controller| controller.authorization_by_roles(['admin'])} | |
|
|
3 | + before_filter :admin_authorization | |
|
|
5 | 4 | |
|
|
6 | 5 | in_place_edit_for :announcement, :published |
|
|
7 | 6 | |
| @@ -7,6 +7,12 | |||
|
|
7 | 7 | |
|
|
8 | 8 | SINGLE_USER_MODE_CONF_KEY = 'system.single_user_mode' |
|
|
9 | 9 | |
|
|
10 | + def admin_authorization | |
|
|
11 | + return false unless authenticate | |
|
|
12 | + user = User.find(session[:user_id], :include => ['roles']) | |
|
|
13 | + redirect_to :controller => 'main', :action => 'login' unless user.admin? | |
|
|
14 | + end | |
|
|
15 | + | |
|
|
10 | 16 | def authorization_by_roles(allowed_roles) |
|
|
11 | 17 | return false unless authenticate |
|
|
12 | 18 | user = User.find(session[:user_id]) |
| @@ -18,13 +24,14 | |||
|
|
18 | 24 | end |
|
|
19 | 25 | |
|
|
20 | 26 | protected |
|
|
27 | + | |
|
|
21 | 28 | def authenticate |
|
|
22 | 29 | unless session[:user_id] |
|
|
23 | 30 | redirect_to :controller => 'main', :action => 'login' |
|
|
24 | 31 | return false |
|
|
25 | 32 | end |
|
|
26 | 33 | |
|
|
27 | - Configuration.reload | |
|
|
34 | + #Configuration.reload | |
|
|
28 | 35 | # check if run in single user mode |
|
|
29 | 36 | if (Configuration[SINGLE_USER_MODE_CONF_KEY]) |
|
|
30 | 37 | user = User.find(session[:user_id]) |
| @@ -10,6 +10,11 | |||
|
|
10 | 10 | if user = User.authenticate(params[:login], params[:password]) |
|
|
11 | 11 | session[:user_id] = user.id |
|
|
12 | 12 | redirect_to :controller => 'main', :action => 'list' |
|
|
13 | + if user.admin? | |
|
|
14 | + session[:admin] = true | |
|
|
15 | + else | |
|
|
16 | + session[:admin] = false | |
|
|
17 | + end | |
|
|
13 | 18 | else |
|
|
14 | 19 | flash[:notice] = 'Wrong password' |
|
|
15 | 20 | redirect_to :controller => 'main', :action => 'login' |
| @@ -5,9 +5,7 | |||
|
|
5 | 5 | verify :method => :post, :only => ['create'], |
|
|
6 | 6 | :redirect_to => { :action => 'list' } |
|
|
7 | 7 | |
|
|
8 |
- before_filter :only => ['console','show'] |
|
|
|
9 | - controller.authorization_by_roles(['admin']) | |
|
|
10 | - end | |
|
|
8 | + before_filter :admin_authorization, :only => ['console','show','reply'] | |
|
|
11 | 9 | |
|
|
12 | 10 | def list |
|
|
13 | 11 | @user = User.find(session[:user_id]) |
| @@ -5,7 +5,7 | |||
|
|
5 | 5 | menu_items = '' |
|
|
6 | 6 | user = User.find(session[:user_id]) |
|
|
7 | 7 | |
|
|
8 |
- if (user!=nil) and ( |
|
|
|
8 | + if (user!=nil) and (session[:admin]) | |
|
|
9 | 9 | # admin menu |
|
|
10 | 10 | menu_items << "<b>Administrative task:</b> " |
|
|
11 | 11 | append_to menu_items, '[Announcements]', 'announcements', 'index' |
| @@ -20,7 +20,11 | |||
|
|
20 | 20 | = in_place_editor_field :configuration, :value, {}, :rows=>1 |
|
|
21 | 21 | |
|
|
22 | 22 | %br/ |
|
|
23 | - = link_to '[Reload configuration]', :action => 'reload' | |
|
|
23 | + Your config is saved, but it does not automatically take effect. | |
|
|
24 | 24 | %br/ |
|
|
25 | - Your config is saved, but it does not automatically take effect. | |
|
|
26 | - You must reload. | |
|
|
25 | + If you have one mongrel process running, you can | |
|
|
26 | + = link_to '[click]', :action => 'reload' | |
|
|
27 | + here to reload. | |
|
|
28 | + %br/ | |
|
|
29 | + If you have more than one process running, you should restart | |
|
|
30 | + them manually. | |
You need to be logged in to leave comments.
Login now