Module: Redmine::SudoMode::Controller
- Extended by:
- ActiveSupport::Concern
- Included in:
- ApplicationController
- Defined in:
- lib/redmine/sudo_mode.rb
Defined Under Namespace
Modules: ClassMethods Classes: SudoRequestFilter
Instance Method Summary collapse
-
#process_sudo_form ⇒ Object
handle sudo password form submit.
-
#render_sudo_form(param_names) ⇒ Object
display the sudo password form.
-
#require_sudo_mode(*param_names) ⇒ Object
This renders the sudo mode form / handles sudo form submission.
-
#sudo_mode ⇒ Object
Sudo mode Around Filter.
- #sudo_timestamp_valid? ⇒ Boolean
- #update_sudo_timestamp!(new_value = Time.now.to_i) ⇒ Object
Instance Method Details
#process_sudo_form ⇒ Object
handle sudo password form submit
119 120 121 122 123 124 125 126 127 128 |
# File 'lib/redmine/sudo_mode.rb', line 119 def process_sudo_form if params[:sudo_password] @sudo_form = SudoMode::Form.new(params[:sudo_password]) if @sudo_form.valid? SudoMode.active! else flash.now[:error] = l(:notice_account_wrong_password) end end end |
#render_sudo_form(param_names) ⇒ Object
display the sudo password form
107 108 109 110 111 112 113 114 115 116 |
# File 'lib/redmine/sudo_mode.rb', line 107 def render_sudo_form(param_names) @sudo_form ||= SudoMode::Form.new @sudo_form.original_fields = params.slice( *param_names ) # a simple 'render "sudo_mode/new"' works when used directly inside an # action, but not when called from a before_filter: respond_to do |format| format.html { render 'sudo_mode/new' } format.js { render 'sudo_mode/new' } end end |
#require_sudo_mode(*param_names) ⇒ Object
This renders the sudo mode form / handles sudo form submission.
Call this method in controller actions if sudo permissions are required for processing this request. This approach is good in cases where the action needs to be protected in any case or where the check is simple.
In cases where this decision depends on complex conditions in the model, consider the declarative approach using the require_sudo_mode class method and a corresponding declaration in the model that causes it to throw a SudoRequired Error when necessary.
All parameter names given are included as hidden fields to be resubmitted along with the password.
Returns true when processing the action should continue, false otherwise. If false is returned, render has already been called for display of the password form.
if @user.mail_changed?
require_sudo_mode :user or return
end
89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 |
# File 'lib/redmine/sudo_mode.rb', line 89 def require_sudo_mode(*param_names) return true if SudoMode.active? if param_names.blank? param_names = params.keys - %w(id action controller sudo_password _method authenticity_token utf8) end process_sudo_form if SudoMode.active? true else render_sudo_form param_names false end end |
#sudo_mode ⇒ Object
Sudo mode Around Filter
Checks the 'last used' timestamp from session and sets the SudoMode::active? flag accordingly.
After the request refreshes the timestamp if sudo mode was used during this request.
59 60 61 62 63 64 65 |
# File 'lib/redmine/sudo_mode.rb', line 59 def sudo_mode if SudoMode.active! end yield if SudoMode.was_used? end |
#sudo_timestamp_valid? ⇒ Boolean
130 131 132 |
# File 'lib/redmine/sudo_mode.rb', line 130 def session[:sudo_timestamp].to_i > SudoMode.timeout.ago.to_i end |
#update_sudo_timestamp!(new_value = Time.now.to_i) ⇒ Object
134 135 136 |
# File 'lib/redmine/sudo_mode.rb', line 134 def (new_value = Time.now.to_i) session[:sudo_timestamp] = new_value end |