Module: Redmine::SudoMode::Controller

Extended by:
ActiveSupport::Concern
Included in:
ApplicationController
Defined in:
lib/redmine/sudo_mode.rb

Defined Under Namespace

Modules: ClassMethods Classes: SudoRequestFilter

Instance Method Summary collapse

Instance Method Details

#process_sudo_formObject

handle sudo password form submit

Since:

  • 3.1.0



119
120
121
122
123
124
125
126
127
128
# File 'lib/redmine/sudo_mode.rb', line 119

def process_sudo_form
  if params[:sudo_password]
    @sudo_form = SudoMode::Form.new(params[:sudo_password])
    if @sudo_form.valid?
      SudoMode.active!
    else
      flash.now[:error] = l(:notice_account_wrong_password)
    end
  end
end

#render_sudo_form(param_names) ⇒ Object

display the sudo password form

Since:

  • 3.1.0



107
108
109
110
111
112
113
114
115
116
# File 'lib/redmine/sudo_mode.rb', line 107

def render_sudo_form(param_names)
  @sudo_form ||= SudoMode::Form.new
  @sudo_form.original_fields = params.slice( *param_names )
  # a simple 'render "sudo_mode/new"' works when used directly inside an
  # action, but not when called from a before_action:
  respond_to do |format|
    format.html { render 'sudo_mode/new' }
    format.js   { render 'sudo_mode/new' }
  end
end

#require_sudo_mode(*param_names) ⇒ Object

This renders the sudo mode form / handles sudo form submission.

Call this method in controller actions if sudo permissions are required for processing this request. This approach is good in cases where the action needs to be protected in any case or where the check is simple.

In cases where this decision depends on complex conditions in the model, consider the declarative approach using the require_sudo_mode class method and a corresponding declaration in the model that causes it to throw a SudoRequired Error when necessary.

All parameter names given are included as hidden fields to be resubmitted along with the password.

Returns true when processing the action should continue, false otherwise. If false is returned, render has already been called for display of the password form.

if @user.mail_changed?

require_sudo_mode :user or return

end

Since:

  • 3.1.0



89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
# File 'lib/redmine/sudo_mode.rb', line 89

def require_sudo_mode(*param_names)
  return true if SudoMode.active?

  if param_names.blank?
    param_names = params.keys - %w(id action controller sudo_password _method authenticity_token utf8)
  end

  process_sudo_form

  if SudoMode.active?
    true
  else
    render_sudo_form param_names
    false
  end
end

#sudo_modeObject

Sudo mode Around Filter

Checks the 'last used' timestamp from session and sets the SudoMode::active? flag accordingly.

After the request refreshes the timestamp if sudo mode was used during this request.

Since:

  • 3.1.0



59
60
61
62
63
64
65
# File 'lib/redmine/sudo_mode.rb', line 59

def sudo_mode
  if sudo_timestamp_valid?
    SudoMode.active!
  end
  yield
  update_sudo_timestamp! if SudoMode.was_used?
end

#sudo_timestamp_valid?Boolean

Returns:

  • (Boolean)

Since:

  • 3.1.0



130
131
132
# File 'lib/redmine/sudo_mode.rb', line 130

def sudo_timestamp_valid?
  session[:sudo_timestamp].to_i > SudoMode.timeout.ago.to_i
end

#update_sudo_timestamp!(new_value = Time.now.to_i) ⇒ Object

Since:

  • 3.1.0



134
135
136
# File 'lib/redmine/sudo_mode.rb', line 134

def update_sudo_timestamp!(new_value = Time.now.to_i)
  session[:sudo_timestamp] = new_value
end