Nemcio/Redmine
1
0
Fork 0
mirror of https://github.com/redmine/redmine.git synced 2026-03-07 04:51:35 +01:00
Code Issues Packages Projects Releases Activity
Files
aaeba2dd20c6d46a2ecf1b4a78ca5400816d40f9
Redmine/hooks/app/controllers/application.rb
Nicolas Chuche ab83ed5d8e r18452@gaspard (orig r1723): jplang | 2008-08-07 21:59:02 +0200 
Slight change to engines to let plugins override views.
 r18456@gaspard (orig r1727):  jplang | 2008-08-10 17:22:54 +0200
 Moves @layout 'base'@ to ApplicationController.
 r18457@gaspard (orig r1728):  jplang | 2008-08-10 23:35:03 +0200
 Quote ids for attachment association since Trac's attachment.id is varchar (#1759).
 r18458@gaspard (orig r1729):  jplang | 2008-08-11 00:18:23 +0200
 Adds links to forum messages using message#id syntax (#1756).
 r18459@gaspard (orig r1730):  jplang | 2008-08-11 20:09:54 +0200
 Allow same name for custom fields on different object types.
 r18460@gaspard (orig r1731):  jplang | 2008-08-11 20:24:39 +0200
 Fixes custom fields display order at several places (#1768).
 r18461@gaspard (orig r1732):  edavis10 | 2008-08-11 22:49:52 +0200
 Added doc/README_FOR_APP so RDoc can be built.  (#1769)
 
 r18462@gaspard (orig r1733):  jplang | 2008-08-11 22:55:17 +0200
 Adds 'Edit' link on account/show for admin users.
 r18463@gaspard (orig r1734):  jplang | 2008-08-11 23:02:36 +0200
 Adds Lock/Unlock/Activate link on user edit screen.
 r18464@gaspard (orig r1735):  jplang | 2008-08-11 23:10:24 +0200
 Adds user count in status drop down on admin user list.
 r18472@gaspard (orig r1743):  edavis10 | 2008-08-13 05:54:54 +0200
 Added missing documentation for setting up the Darcs test repository.
 
 r18473@gaspard (orig r1744):  edavis10 | 2008-08-13 06:20:16 +0200
 Added rake tasks to generate rcov code coverage reports.  rake -T test:coverage to see them all
 
 r18474@gaspard (orig r1745):  edavis10 | 2008-08-13 06:20:23 +0200
 Extracted rcov options and removed gems from the rcov report.
 
 r18476@gaspard (orig r1747):  jplang | 2008-08-15 20:44:46 +0200
 No warning about rcov each time a rake task is ran.
 r18477@gaspard (orig r1748):  edavis10 | 2008-08-20 06:26:46 +0200
 Javascripts are now cached into a single file for downloads in production mode.
 
 Thanks to Philippe Lafoucrière for the patch.  (#1186)
 
 r18478@gaspard (orig r1749):  edavis10 | 2008-08-20 07:09:13 +0200
 Hiding the View Differences button when a wiki page's history only has one version.
 
 Patch contributed by Chaoqun Zou (#1743)
 
 r18479@gaspard (orig r1750):  edavis10 | 2008-08-20 08:14:44 +0200
 Messages on a Board can now be sorted by the number of replies.
 
   #1761
 
 r18480@gaspard (orig r1751):  edavis10 | 2008-08-20 08:21:06 +0200
 Added the "Status:" keyword to the MailHandler for setting and changing an Issue status via email.
 
   #1669
 


git-svn-id: http://redmine.rubyforge.org/svn/branches/work@1752 e93f8b46-1217-0410-a6f0-8f06a7374b81
2008-08-20 18:37:09 +00:00

222 lines
6.8 KiB
Ruby
Raw Blame History

# redMine - project management software
# Copyright (C) 2006-2007 Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
require 'uri'
class ApplicationController < ActionController::Base
layout 'base'
before_filter :user_setup, :check_if_login_required, :set_localization
filter_parameter_logging :password
include Redmine::MenuManager::MenuController
helper Redmine::MenuManager::MenuHelper
REDMINE_SUPPORTED_SCM.each do |scm|
require_dependency "repository/#{scm.underscore}"
end
def current_role
@current_role ||= User.current.role_for_project(@project)
end
def user_setup
# Check the settings cache for each request
Setting.check_cache
# Find the current user
User.current = find_current_user
end
# Returns the current user or nil if no user is logged in
def find_current_user
if session[:user_id]
# existing session
(User.find_active(session[:user_id]) rescue nil)
elsif cookies[:autologin] && Setting.autologin?
# auto-login feature
User.find_by_autologin_key(cookies[:autologin])
elsif params[:key] && accept_key_auth_actions.include?(params[:action])
# RSS key authentication
User.find_by_rss_key(params[:key])
end
end
# check if login is globally required to access the application
def check_if_login_required
# no check needed if user is already logged in
return true if User.current.logged?
require_login if Setting.login_required?
end
def set_localization
User.current.language = nil unless User.current.logged?
lang = begin
if !User.current.language.blank? && GLoc.valid_language?(User.current.language)
User.current.language
elsif request.env['HTTP_ACCEPT_LANGUAGE']
accept_lang = parse_qvalues(request.env['HTTP_ACCEPT_LANGUAGE']).first.downcase
if !accept_lang.blank? && (GLoc.valid_language?(accept_lang) || GLoc.valid_language?(accept_lang = accept_lang.split('-').first))
User.current.language = accept_lang
end
end
rescue
nil
end || Setting.default_language
set_language_if_valid(lang)
end
def require_login
if !User.current.logged?
redirect_to :controller => "account", :action => "login", :back_url => request.request_uri
return false
end
true
end
def require_admin
return unless require_login
if !User.current.admin?
render_403
return false
end
true
end
# Authorize the user for the requested action
def authorize(ctrl = params[:controller], action = params[:action])
allowed = User.current.allowed_to?({:controller => ctrl, :action => action}, @project)
allowed ? true : (User.current.logged? ? render_403 : require_login)
end
# make sure that the user is a member of the project (or admin) if project is private
# used as a before_filter for actions that do not require any particular permission on the project
def check_project_privacy
if @project && @project.active?
if @project.is_public? || User.current.member_of?(@project) || User.current.admin?
true
else
User.current.logged? ? render_403 : require_login
end
else
@project = nil
render_404
false
end
end
def redirect_back_or_default(default)
back_url = params[:back_url]
if !back_url.blank?
uri = URI.parse(back_url)
# do not redirect user to another host
if uri.relative? || (uri.host == request.host)
redirect_to(back_url) and return
end
end
redirect_to default
end
def render_403
@project = nil
render :template => "common/403", :layout => !request.xhr?, :status => 403
return false
end
def render_404
render :template => "common/404", :layout => !request.xhr?, :status => 404
return false
end
def render_error(msg)
flash.now[:error] = msg
render :nothing => true, :layout => !request.xhr?, :status => 500
end
def render_feed(items, options={})
@items = items || []
@items.sort! {|x,y| y.event_datetime <=> x.event_datetime }
@items = @items.slice(0, Setting.feeds_limit.to_i)
@title = options[:title] || Setting.app_title
render :template => "common/feed.atom.rxml", :layout => false, :content_type => 'application/atom+xml'
end
def self.accept_key_auth(*actions)
actions = actions.flatten.map(&:to_s)
write_inheritable_attribute('accept_key_auth_actions', actions)
end
def accept_key_auth_actions
self.class.read_inheritable_attribute('accept_key_auth_actions') || []
end
# TODO: move to model
def attach_files(obj, attachments)
attached = []
if attachments && attachments.is_a?(Hash)
attachments.each_value do |attachment|
file = attachment['file']
next unless file && file.size > 0
a = Attachment.create(:container => obj,
:file => file,
:description => attachment['description'].to_s.strip,
:author => User.current)
attached << a unless a.new_record?
end
end
attached
end
# Returns the number of objects that should be displayed
# on the paginated list
def per_page_option
per_page = nil
if params[:per_page] && Setting.per_page_options_array.include?(params[:per_page].to_s.to_i)
per_page = params[:per_page].to_s.to_i
session[:per_page] = per_page
elsif session[:per_page]
per_page = session[:per_page]
else
per_page = Setting.per_page_options_array.first || 25
end
per_page
end
# qvalues http header parser
# code taken from webrick
def parse_qvalues(value)
tmp = []
if value
parts = value.split(/,\s*/)
parts.each {|part|
if m = %r{^([^\s,]+?)(?:;\s*q=(\d+(?:\.\d+)?))?$}.match(part)
val = m[1]
q = (m[2] or 1).to_f
tmp.push([val, q])
end
}
tmp = tmp.sort_by{|val, q| -q}
tmp.collect!{|val, q| val}
end
return tmp
end
# Returns a string that can be used as filename value in Content-Disposition header
def filename_for_content_disposition(name)
request.env['HTTP_USER_AGENT'] =~ %r{MSIE} ? ERB::Util.url_encode(name) : name
end
end
Reference in New Issue View Git Blame Copy Permalink