From 75fb68c4d1eb647a268890c080da2dc3875c0e77 Mon Sep 17 00:00:00 2001 From: Stefan Wintermeyer Date: Tue, 29 Jan 2013 16:44:47 +0100 Subject: Get rid of @current_user. The use of current_user is better. --- app/controllers/application_controller.rb | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) (limited to 'app/controllers/application_controller.rb') diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index e4165f3..2d49890 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -106,7 +106,7 @@ class ApplicationController < ActionController::Base end rescue_from CanCan::AccessDenied do |exception| - if @current_user + if current_user redirect_to root_url, :alert => 'Access denied! Please ask your admin to grant you the necessary rights.' else if Tenant.count == 0 && User.count == 0 @@ -121,13 +121,13 @@ class ApplicationController < ActionController::Base private - def current_user - begin - @current_user ||= User.find(session[:user_id]) if session[:user_id] - rescue ActiveRecord::RecordNotFound + def current_user + if session[:user_id] && User.where(:id => session[:user_id]).any? + return User.where(:id => session[:user_id]).first + else session[:user_id] = nil + return nil end - @current_user end def go_to_setup_if_new_installation -- cgit v1.2.3 From bf3af8f8a444365f3040da2928837986409fa016 Mon Sep 17 00:00:00 2001 From: Stefan Wintermeyer Date: Tue, 29 Jan 2013 18:43:06 +0100 Subject: Single Sign On via a ENV['USER_NAME'] mechanism. --- app/controllers/application_controller.rb | 18 ++++++++++++++---- 1 file changed, 14 insertions(+), 4 deletions(-) (limited to 'app/controllers/application_controller.rb') diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 2d49890..2aadf19 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -122,11 +122,21 @@ class ApplicationController < ActionController::Base private def current_user - if session[:user_id] && User.where(:id => session[:user_id]).any? - return User.where(:id => session[:user_id]).first + if session[:user_id] || GsParameter.get('SingleSignOnEnvUserNameKey').blank? + if session[:user_id] && User.where(:id => session[:user_id]).any? + return User.where(:id => session[:user_id]).first + else + session[:user_id] = nil + return nil + end else - session[:user_id] = nil - return nil + if User.where(:user_name => request.env[GsParameter.get('SingleSignOnEnvUserNameKey')]).any? + auth_user = User.where(:user_name => request.env[GsParameter.get('SingleSignOnEnvUserNameKey')]).first + session[:user_id] = auth_user.id + return auth_user + else + return nil + end end end -- cgit v1.2.3 From 8da882cf3ec53f9057b17bd8dd39c2eadb2a88c2 Mon Sep 17 00:00:00 2001 From: Stefan Wintermeyer Date: Thu, 31 Jan 2013 11:39:25 +0100 Subject: Fixed single sign on. #145 --- app/controllers/application_controller.rb | 61 ++++++++++++++----------------- 1 file changed, 28 insertions(+), 33 deletions(-) (limited to 'app/controllers/application_controller.rb') diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 2aadf19..d1d918e 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -2,26 +2,21 @@ class ApplicationController < ActionController::Base protect_from_forgery - before_filter :set_locale + before_filter :start_setup_if_new_installation - before_filter :go_to_setup_if_new_installation - before_filter :home_breadcrumb - + before_filter :set_locale helper_method :current_user - + helper_method :guess_local_ip_address helper_method :guess_local_host - + + before_filter :home_breadcrumb + helper_method :'have_https?' + helper_method :'single_sign_on_system?' helper_method :random_pin - - #TODO Add check_authorization. See - # https://github.com/ryanb/cancan - # https://github.com/ryanb/cancan/wiki/Ensure-Authorization - # and Gemeinschaft 4 - # Generate a new name for an Object # def generate_a_new_name(parent, child = nil) @@ -56,6 +51,8 @@ class ApplicationController < ActionController::Base def random_pin if GsParameter.get('MINIMUM_PIN_LENGTH') > 0 (1..GsParameter.get('MINIMUM_PIN_LENGTH')).map{|i| (0 .. 9).to_a.sample}.join + else + (1..8).map{|i| (0 .. 9).to_a.sample}.join end end @@ -109,40 +106,38 @@ class ApplicationController < ActionController::Base if current_user redirect_to root_url, :alert => 'Access denied! Please ask your admin to grant you the necessary rights.' else - if Tenant.count == 0 && User.count == 0 - # This is a brand new system. We need to run a setup first. - redirect_to wizards_new_initial_setup_path - else - # You need to login first. - redirect_to log_in_path, :alert => 'Access denied! You need to login first.' - end + # You need to login first. + redirect_to log_in_path, :alert => 'Access denied! You need to login first.' end end private def current_user - if session[:user_id] || GsParameter.get('SingleSignOnEnvUserNameKey').blank? + if session[:user_id].nil? && single_sign_on_system? + auth_user = User.where(:user_name => request.env[GsParameter.get('SingleSignOnEnvUserNameKey')]).first + else if session[:user_id] && User.where(:id => session[:user_id]).any? - return User.where(:id => session[:user_id]).first + auth_user = User.where(:id => session[:user_id]).first else - session[:user_id] = nil - return nil + auth_user = nil end + end + session[:user_id] = auth_user.try(:id) + return auth_user + end + + def single_sign_on_system? + if GsParameter.get('SingleSignOnEnvUserNameKey').blank? + false else - if User.where(:user_name => request.env[GsParameter.get('SingleSignOnEnvUserNameKey')]).any? - auth_user = User.where(:user_name => request.env[GsParameter.get('SingleSignOnEnvUserNameKey')]).first - session[:user_id] = auth_user.id - return auth_user - else - return nil - end + true end - end + end - def go_to_setup_if_new_installation + def start_setup_if_new_installation if Rails.env != 'test' - if GemeinschaftSetup.all.count == 0 + if GemeinschaftSetup.count == 0 redirect_to new_gemeinschaft_setup_path end end -- cgit v1.2.3