Description:
removed deprecated session_key from ApplicationController
git-svn-id: http://theory.cpe.ku.ac.th/grader/web/trunk@380 6386c4cd-e34a-4fa8-8920-d93eb39b512e
Commit status:
[Not Reviewed]
References:
Diff options:
Comments:
0 Commit comments
0 Inline Comments
Unresolved TODOs:
There are no unresolved TODOs
Author
jittat
-
r178:f002bd602fc3 - - 1 file changed: 0 inserted, 2 deleted
| @@ -1,54 +1,52 | |||
|
|
1 | 1 | # Filters added to this controller apply to all controllers in the application. |
|
|
2 | 2 | # Likewise, all the methods added will be available for all controllers. |
|
|
3 | 3 | |
|
|
4 | 4 | class ApplicationController < ActionController::Base |
|
|
5 | - # Pick a unique cookie name to distinguish our session data from others' | |
|
|
6 | - session :session_key => '_grader_session_id' | |
|
|
7 | 5 | |
|
|
8 | 6 | SINGLE_USER_MODE_CONF_KEY = 'system.single_user_mode' |
|
|
9 | 7 | |
|
|
10 | 8 | def admin_authorization |
|
|
11 | 9 | return false unless authenticate |
|
|
12 | 10 | user = User.find(session[:user_id], :include => ['roles']) |
|
|
13 | 11 | redirect_to :controller => 'main', :action => 'login' unless user.admin? |
|
|
14 | 12 | end |
|
|
15 | 13 | |
|
|
16 | 14 | def authorization_by_roles(allowed_roles) |
|
|
17 | 15 | return false unless authenticate |
|
|
18 | 16 | user = User.find(session[:user_id]) |
|
|
19 | 17 | unless user.roles.detect { |role| allowed_roles.member?(role.name) } |
|
|
20 | 18 | flash[:notice] = 'You are not authorized to view the page you requested' |
|
|
21 | 19 | redirect_to :controller => 'main', :action => 'login' |
|
|
22 | 20 | return false |
|
|
23 | 21 | end |
|
|
24 | 22 | end |
|
|
25 | 23 | |
|
|
26 | 24 | protected |
|
|
27 | 25 | |
|
|
28 | 26 | def authenticate |
|
|
29 | 27 | unless session[:user_id] |
|
|
30 | 28 | redirect_to :controller => 'main', :action => 'login' |
|
|
31 | 29 | return false |
|
|
32 | 30 | end |
|
|
33 | 31 | |
|
|
34 | 32 | #Configuration.reload |
|
|
35 | 33 | # check if run in single user mode |
|
|
36 | 34 | if (Configuration[SINGLE_USER_MODE_CONF_KEY]) |
|
|
37 | 35 | user = User.find(session[:user_id]) |
|
|
38 | 36 | if user==nil or user.login != 'root' |
|
|
39 | 37 | redirect_to :controller => 'main', :action => 'login' |
|
|
40 | 38 | return false |
|
|
41 | 39 | end |
|
|
42 | 40 | end |
|
|
43 | 41 | |
|
|
44 | 42 | return true |
|
|
45 | 43 | end |
|
|
46 | 44 | |
|
|
47 | 45 | def authorization |
|
|
48 | 46 | return false unless authenticate |
|
|
49 | 47 | user = User.find(session[:user_id]) |
|
|
50 | 48 | unless user.roles.detect { |role| |
|
|
51 | 49 | role.rights.detect{ |right| |
|
|
52 | 50 | right.controller == self.class.controller_name and |
|
|
53 | 51 | (right.action == 'all' or right.action == action_name) |
|
|
54 | 52 | } |
You need to be logged in to leave comments.
Login now