cafe-grader-web

Commit r301:bdf9a550f783 public

parent | child
Description:
shows warning message when user cannot log in in single user mode
Commit status:
[Not Reviewed]
References:
default
Diff options:
Raw Diff | Patch Diff | Download Diff | Ignore whitespace | Increase context
Comments:
0 Commit comments 0 Inline Comments
Unresolved TODOs:
There are no unresolved TODOs
Side by Side Unified
Expand All Files Collapse All Files Wide Mode Diff
Add another comment
Browse Files

r301:bdf9a550f783 - - 1 file changed: 1 inserted, 0 deleted

Show file before | Show file after | Raw diff | Download diff | Ignore whitespace Increase context Show commentsHide comments
@@ -1,85 +1,86
1 # Filters added to this controller apply to all controllers in the application.
1 # Filters added to this controller apply to all controllers in the application.
2 # Likewise, all the methods added will be available for all controllers.
2 # Likewise, all the methods added will be available for all controllers.
3
3
4 class ApplicationController < ActionController::Base
4 class ApplicationController < ActionController::Base
5
5
6 SINGLE_USER_MODE_CONF_KEY = 'system.single_user_mode'
6 SINGLE_USER_MODE_CONF_KEY = 'system.single_user_mode'
7
7
8 def admin_authorization
8 def admin_authorization
9 return false unless authenticate
9 return false unless authenticate
10 user = User.find(session[:user_id], :include => ['roles'])
10 user = User.find(session[:user_id], :include => ['roles'])
11 redirect_to :controller => 'main', :action => 'login' unless user.admin?
11 redirect_to :controller => 'main', :action => 'login' unless user.admin?
12 end
12 end
13
13
14 def authorization_by_roles(allowed_roles)
14 def authorization_by_roles(allowed_roles)
15 return false unless authenticate
15 return false unless authenticate
16 user = User.find(session[:user_id])
16 user = User.find(session[:user_id])
17 unless user.roles.detect { |role| allowed_roles.member?(role.name) }
17 unless user.roles.detect { |role| allowed_roles.member?(role.name) }
18 flash[:notice] = 'You are not authorized to view the page you requested'
18 flash[:notice] = 'You are not authorized to view the page you requested'
19 redirect_to :controller => 'main', :action => 'login'
19 redirect_to :controller => 'main', :action => 'login'
20 return false
20 return false
21 end
21 end
22 end
22 end
23
23
24 protected
24 protected
25
25
26 def authenticate
26 def authenticate
27 unless session[:user_id]
27 unless session[:user_id]
28 redirect_to :controller => 'main', :action => 'login'
28 redirect_to :controller => 'main', :action => 'login'
29 return false
29 return false
30 end
30 end
31
31
32 # check if run in single user mode
32 # check if run in single user mode
33 if Configuration[SINGLE_USER_MODE_CONF_KEY]
33 if Configuration[SINGLE_USER_MODE_CONF_KEY]
34 user = User.find(session[:user_id])
34 user = User.find(session[:user_id])
35 if user==nil or (not user.admin?)
35 if user==nil or (not user.admin?)
36 + flash[:notice] = 'You cannot log in at this time'
36 redirect_to :controller => 'main', :action => 'login'
37 redirect_to :controller => 'main', :action => 'login'
37 return false
38 return false
38 end
39 end
39 return true
40 return true
40 end
41 end
41
42
42 if Configuration.multicontests?
43 if Configuration.multicontests?
43 user = User.find(session[:user_id])
44 user = User.find(session[:user_id])
44 return true if user.admin?
45 return true if user.admin?
45 begin
46 begin
46 if user.contest_stat(true).forced_logout
47 if user.contest_stat(true).forced_logout
47 flash[:notice] = 'You have been automatically logged out.'
48 flash[:notice] = 'You have been automatically logged out.'
48 redirect_to :controller => 'main', :action => 'index'
49 redirect_to :controller => 'main', :action => 'index'
49 end
50 end
50 rescue
51 rescue
51 end
52 end
52 end
53 end
53 return true
54 return true
54 end
55 end
55
56
56 def authorization
57 def authorization
57 return false unless authenticate
58 return false unless authenticate
58 user = User.find(session[:user_id])
59 user = User.find(session[:user_id])
59 unless user.roles.detect { |role|
60 unless user.roles.detect { |role|
60 role.rights.detect{ |right|
61 role.rights.detect{ |right|
61 right.controller == self.class.controller_name and
62 right.controller == self.class.controller_name and
62 (right.action == 'all' or right.action == action_name)
63 (right.action == 'all' or right.action == action_name)
63 }
64 }
64 }
65 }
65 flash[:notice] = 'You are not authorized to view the page you requested'
66 flash[:notice] = 'You are not authorized to view the page you requested'
66 #request.env['HTTP_REFERER'] ? (redirect_to :back) : (redirect_to :controller => 'login')
67 #request.env['HTTP_REFERER'] ? (redirect_to :back) : (redirect_to :controller => 'login')
67 redirect_to :controller => 'main', :action => 'login'
68 redirect_to :controller => 'main', :action => 'login'
68 return false
69 return false
69 end
70 end
70 end
71 end
71
72
72 def verify_time_limit
73 def verify_time_limit
73 return true if session[:user_id]==nil
74 return true if session[:user_id]==nil
74 user = User.find(session[:user_id], :include => :site)
75 user = User.find(session[:user_id], :include => :site)
75 return true if user==nil or user.site == nil
76 return true if user==nil or user.site == nil
76 if user.contest_finished?
77 if user.contest_finished?
77 flash[:notice] = 'Error: the contest you are participating is over.'
78 flash[:notice] = 'Error: the contest you are participating is over.'
78 redirect_to :back
79 redirect_to :back
79 return false
80 return false
80 end
81 end
81 return true
82 return true
82 end
83 end
83
84
84 end
85 end
85
86
You need to be logged in to leave comments. Login now