Description:
add enabled option for user
Commit status:
[Not Reviewed]
References:
Diff options:
Comments:
0 Commit comments
0 Inline Comments
Unresolved TODOs:
There are no unresolved TODOs
Author
-
r670:f90ec3934e15 - - 1 file changed: 11 inserted, 13 deleted
| @@ -1,132 +1,130 | |||||
|
|
1 | class ApplicationController < ActionController::Base |
|
1 | class ApplicationController < ActionController::Base |
|
|
2 | protect_from_forgery |
|
2 | protect_from_forgery |
|
|
3 |
|
3 | ||
|
|
4 | before_filter :current_user |
|
4 | before_filter :current_user |
|
|
5 |
|
5 | ||
|
|
6 | SINGLE_USER_MODE_CONF_KEY = 'system.single_user_mode' |
|
6 | SINGLE_USER_MODE_CONF_KEY = 'system.single_user_mode' |
|
|
7 | MULTIPLE_IP_LOGIN_CONF_KEY = 'right.multiple_ip_login' |
|
7 | MULTIPLE_IP_LOGIN_CONF_KEY = 'right.multiple_ip_login' |
|
|
8 |
|
8 | ||
|
|
9 | #report and redirect for unauthorized activities |
|
9 | #report and redirect for unauthorized activities |
|
|
10 | def unauthorized_redirect |
|
10 | def unauthorized_redirect |
|
|
11 | flash[:notice] = 'You are not authorized to view the page you requested' |
|
11 | flash[:notice] = 'You are not authorized to view the page you requested' |
|
|
12 | redirect_to :controller => 'main', :action => 'login' |
|
12 | redirect_to :controller => 'main', :action => 'login' |
|
|
13 | end |
|
13 | end |
|
|
14 |
|
14 | ||
|
|
15 | # Returns the current logged-in user (if any). |
|
15 | # Returns the current logged-in user (if any). |
|
|
16 | def current_user |
|
16 | def current_user |
|
|
17 | return nil unless session[:user_id] |
|
17 | return nil unless session[:user_id] |
|
|
18 | @current_user ||= User.find(session[:user_id]) |
|
18 | @current_user ||= User.find(session[:user_id]) |
|
|
19 | end |
|
19 | end |
|
|
20 |
|
20 | ||
|
|
21 | def admin_authorization |
|
21 | def admin_authorization |
|
|
22 | return false unless authenticate |
|
22 | return false unless authenticate |
|
|
23 | user = User.includes(:roles).find(session[:user_id]) |
|
23 | user = User.includes(:roles).find(session[:user_id]) |
|
|
24 | unless user.admin? |
|
24 | unless user.admin? |
|
|
25 | unauthorized_redirect |
|
25 | unauthorized_redirect |
|
|
26 | return false |
|
26 | return false |
|
|
27 | end |
|
27 | end |
|
|
28 | return true |
|
28 | return true |
|
|
29 | end |
|
29 | end |
|
|
30 |
|
30 | ||
|
|
31 | def authorization_by_roles(allowed_roles) |
|
31 | def authorization_by_roles(allowed_roles) |
|
|
32 | return false unless authenticate |
|
32 | return false unless authenticate |
|
|
33 | user = User.find(session[:user_id]) |
|
33 | user = User.find(session[:user_id]) |
|
|
34 | unless user.roles.detect { |role| allowed_roles.member?(role.name) } |
|
34 | unless user.roles.detect { |role| allowed_roles.member?(role.name) } |
|
|
35 | unauthorized_redirect |
|
35 | unauthorized_redirect |
|
|
36 | return false |
|
36 | return false |
|
|
37 | end |
|
37 | end |
|
|
38 | end |
|
38 | end |
|
|
39 |
|
39 | ||
|
|
40 | def testcase_authorization |
|
40 | def testcase_authorization |
|
|
41 | #admin always has privileged |
|
41 | #admin always has privileged |
|
|
42 | - puts "haha" |
|
||
|
|
43 | if @current_user.admin? |
|
42 | if @current_user.admin? |
|
|
44 | return true |
|
43 | return true |
|
|
45 | end |
|
44 | end |
|
|
46 |
|
45 | ||
|
|
47 | - puts "hehe" |
|
||
|
|
48 | - puts GraderConfiguration["right.view_testcase"] |
|
||
|
|
49 | unauthorized_redirect unless GraderConfiguration["right.view_testcase"] |
|
46 | unauthorized_redirect unless GraderConfiguration["right.view_testcase"] |
|
|
50 | end |
|
47 | end |
|
|
51 |
|
48 | ||
|
|
52 | protected |
|
49 | protected |
|
|
53 |
|
50 | ||
|
|
54 | def authenticate |
|
51 | def authenticate |
|
|
55 | unless session[:user_id] |
|
52 | unless session[:user_id] |
|
|
56 | flash[:notice] = 'You need to login' |
|
53 | flash[:notice] = 'You need to login' |
|
|
57 | if GraderConfiguration[SINGLE_USER_MODE_CONF_KEY] |
|
54 | if GraderConfiguration[SINGLE_USER_MODE_CONF_KEY] |
|
|
58 | flash[:notice] = 'You need to login but you cannot log in at this time' |
|
55 | flash[:notice] = 'You need to login but you cannot log in at this time' |
|
|
59 | end |
|
56 | end |
|
|
60 | redirect_to :controller => 'main', :action => 'login' |
|
57 | redirect_to :controller => 'main', :action => 'login' |
|
|
61 | return false |
|
58 | return false |
|
|
62 | end |
|
59 | end |
|
|
63 |
|
60 | ||
|
|
|
61 | + | ||
|
|
64 | # check if run in single user mode |
|
62 | # check if run in single user mode |
|
|
65 | if GraderConfiguration[SINGLE_USER_MODE_CONF_KEY] |
|
63 | if GraderConfiguration[SINGLE_USER_MODE_CONF_KEY] |
|
|
66 | - user = User.find_by_id(session[:user_id]) |
|
64 | + if @current_user==nil or (not @current_user.admin?) |
|
|
67 | - if user==nil or (not user.admin?) |
|
||
|
|
68 | flash[:notice] = 'You cannot log in at this time' |
|
65 | flash[:notice] = 'You cannot log in at this time' |
|
|
69 | redirect_to :controller => 'main', :action => 'login' |
|
66 | redirect_to :controller => 'main', :action => 'login' |
|
|
70 | return false |
|
67 | return false |
|
|
71 | end |
|
68 | end |
|
|
72 | - unless user.enabled? |
|
||
|
|
73 | - flash[:notice] = 'Your account is disabled' |
|
||
|
|
74 | - redirect_to :controller => 'main', :action => 'login' |
|
||
|
|
75 | - return false |
|
||
|
|
76 | - end |
|
||
|
|
77 | return true |
|
69 | return true |
|
|
78 | end |
|
70 | end |
|
|
79 |
|
71 | ||
|
|
|
72 | + # check if the user is enabled | ||
|
|
|
73 | + unless @current_user.enabled? or @current_user.admin? | ||
|
|
|
74 | + flash[:notice] = 'Your account is disabled' | ||
|
|
|
75 | + redirect_to :controller => 'main', :action => 'login' | ||
|
|
|
76 | + return false | ||
|
|
|
77 | + end | ||
|
|
|
78 | + | ||
|
|
80 | if GraderConfiguration.multicontests? |
|
79 | if GraderConfiguration.multicontests? |
|
|
81 | - user = User.find(session[:user_id]) |
|
80 | + return true if @current_user.admin? |
|
|
82 | - return true if user.admin? |
|
||
|
|
83 | begin |
|
81 | begin |
|
|
84 | - if user.contest_stat(true).forced_logout |
|
82 | + if @current_user.contest_stat(true).forced_logout |
|
|
85 | flash[:notice] = 'You have been automatically logged out.' |
|
83 | flash[:notice] = 'You have been automatically logged out.' |
|
|
86 | redirect_to :controller => 'main', :action => 'index' |
|
84 | redirect_to :controller => 'main', :action => 'index' |
|
|
87 | end |
|
85 | end |
|
|
88 | rescue |
|
86 | rescue |
|
|
89 | end |
|
87 | end |
|
|
90 | end |
|
88 | end |
|
|
91 | return true |
|
89 | return true |
|
|
92 | end |
|
90 | end |
|
|
93 |
|
91 | ||
|
|
94 | def authenticate_by_ip_address |
|
92 | def authenticate_by_ip_address |
|
|
95 | #this assume that we have already authenticate normally |
|
93 | #this assume that we have already authenticate normally |
|
|
96 | unless GraderConfiguration[MULTIPLE_IP_LOGIN_CONF_KEY] |
|
94 | unless GraderConfiguration[MULTIPLE_IP_LOGIN_CONF_KEY] |
|
|
97 | user = User.find(session[:user_id]) |
|
95 | user = User.find(session[:user_id]) |
|
|
98 | if (not user.admin? and user.last_ip and user.last_ip != request.remote_ip) |
|
96 | if (not user.admin? and user.last_ip and user.last_ip != request.remote_ip) |
|
|
99 | flash[:notice] = "You cannot use the system from #{request.remote_ip}. Your last ip is #{user.last_ip}" |
|
97 | flash[:notice] = "You cannot use the system from #{request.remote_ip}. Your last ip is #{user.last_ip}" |
|
|
100 | redirect_to :controller => 'main', :action => 'login' |
|
98 | redirect_to :controller => 'main', :action => 'login' |
|
|
101 | puts "CHEAT: user #{user.login} tried to login from '#{request.remote_ip}' while last ip is '#{user.last_ip}' at #{Time.zone.now}" |
|
99 | puts "CHEAT: user #{user.login} tried to login from '#{request.remote_ip}' while last ip is '#{user.last_ip}' at #{Time.zone.now}" |
|
|
102 | return false |
|
100 | return false |
|
|
103 | end |
|
101 | end |
|
|
104 | unless user.last_ip |
|
102 | unless user.last_ip |
|
|
105 | user.last_ip = request.remote_ip |
|
103 | user.last_ip = request.remote_ip |
|
|
106 | user.save |
|
104 | user.save |
|
|
107 | end |
|
105 | end |
|
|
108 | end |
|
106 | end |
|
|
109 | return true |
|
107 | return true |
|
|
110 | end |
|
108 | end |
|
|
111 |
|
109 | ||
|
|
112 | def authorization |
|
110 | def authorization |
|
|
113 | return false unless authenticate |
|
111 | return false unless authenticate |
|
|
114 | user = User.find(session[:user_id]) |
|
112 | user = User.find(session[:user_id]) |
|
|
115 | unless user.roles.detect { |role| |
|
113 | unless user.roles.detect { |role| |
|
|
116 | role.rights.detect{ |right| |
|
114 | role.rights.detect{ |right| |
|
|
117 | right.controller == self.class.controller_name and |
|
115 | right.controller == self.class.controller_name and |
|
|
118 | (right.action == 'all' or right.action == action_name) |
|
116 | (right.action == 'all' or right.action == action_name) |
|
|
119 | } |
|
117 | } |
|
|
120 | } |
|
118 | } |
|
|
121 | flash[:notice] = 'You are not authorized to view the page you requested' |
|
119 | flash[:notice] = 'You are not authorized to view the page you requested' |
|
|
122 | #request.env['HTTP_REFERER'] ? (redirect_to :back) : (redirect_to :controller => 'login') |
|
120 | #request.env['HTTP_REFERER'] ? (redirect_to :back) : (redirect_to :controller => 'login') |
|
|
123 | redirect_to :controller => 'main', :action => 'login' |
|
121 | redirect_to :controller => 'main', :action => 'login' |
|
|
124 | return false |
|
122 | return false |
|
|
125 | end |
|
123 | end |
|
|
126 | end |
|
124 | end |
|
|
127 |
|
125 | ||
|
|
128 | def verify_time_limit |
|
126 | def verify_time_limit |
|
|
129 | return true if session[:user_id]==nil |
|
127 | return true if session[:user_id]==nil |
|
|
130 | user = User.find(session[:user_id], :include => :site) |
|
128 | user = User.find(session[:user_id], :include => :site) |
|
|
131 | return true if user==nil or user.site == nil |
|
129 | return true if user==nil or user.site == nil |
|
|
132 | if user.contest_finished? |
|
130 | if user.contest_finished? |
You need to be logged in to leave comments.
Login now