diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index e50e330e5..5c1215b4f 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -5,12 +5,12 @@ # modify it under the terms of the GNU General Public License # as published by the Free Software Foundation; either version 2 # of the License, or (at your option) any later version. -# +# # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. -# +# # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. @@ -23,29 +23,29 @@ class ApplicationController < ActionController::Base layout 'base' exempt_from_layout 'builder', 'rsb' - + # Remove broken cookie after upgrade from 0.8.x (#4292) # See https://rails.lighthouseapp.com/projects/8994/tickets/3360 # TODO: remove it when Rails is fixed before_filter :delete_broken_cookies def delete_broken_cookies if cookies['_redmine_session'] && cookies['_redmine_session'] !~ /--/ - cookies.delete '_redmine_session' + cookies.delete '_redmine_session' redirect_to home_path return false end end - + before_filter :user_setup, :check_if_login_required, :set_localization filter_parameter_logging :password protect_from_forgery - + rescue_from ActionController::InvalidAuthenticityToken, :with => :invalid_authenticity_token - + include Redmine::Search::Controller include Redmine::MenuManager::MenuController helper Redmine::MenuManager::MenuHelper - + Redmine::Scm::Base.all.each do |scm| require_dependency "repository/#{scm.underscore}" end @@ -56,7 +56,7 @@ class ApplicationController < ActionController::Base # Find the current user User.current = find_current_user end - + # Returns the current user or nil if no user is logged in # and starts a session if needed def find_current_user @@ -94,14 +94,14 @@ class ApplicationController < ActionController::Base User.current = User.anonymous end end - + # check if login is globally required to access the application def check_if_login_required # no check needed if user is already logged in return true if User.current.logged? require_login if Setting.login_required? - end - + end + def set_localization lang = nil if User.current.logged? @@ -117,7 +117,7 @@ class ApplicationController < ActionController::Base lang ||= Setting.default_language set_language_if_valid(lang) end - + def require_login if !User.current.logged? # Extract only the basic url parameters on non-GET requests @@ -146,7 +146,7 @@ class ApplicationController < ActionController::Base end true end - + def deny_access User.current.logged? ? render_403 : require_login end @@ -197,7 +197,7 @@ class ApplicationController < ActionController::Base # Finds and sets @project based on @object.project def find_project_from_association render_404 unless @object.present? - + @project = @object.project rescue ActiveRecord::RecordNotFound render_404 @@ -230,7 +230,7 @@ class ApplicationController < ActionController::Base rescue ActiveRecord::RecordNotFound render_404 end - + # Check if project is unique before bulk operations def check_project_uniqueness unless @project @@ -239,7 +239,7 @@ class ApplicationController < ActionController::Base return false end end - + # make sure that the user is a member of the project (or admin) if project is private # used as a before_filter for actions that do not require any particular permission on the project def check_project_privacy @@ -277,26 +277,26 @@ class ApplicationController < ActionController::Base redirect_to default false end - + def render_403(options={}) @project = nil render_error({:message => :notice_not_authorized, :status => 403}.merge(options)) return false end - + def render_404(options={}) render_error({:message => :notice_file_not_found, :status => 404}.merge(options)) return false end - + # Renders an error response def render_error(arg) arg = {:message => arg} unless arg.is_a?(Hash) - + @message = arg[:message] @message = l(@message) if @message.is_a?(Symbol) @status = arg[:status] || 500 - + respond_to do |format| format.html { render :template => 'common/error', :layout => use_layout, :status => @status @@ -314,31 +314,31 @@ class ApplicationController < ActionController::Base def use_layout request.xhr? ? false : 'base' end - + def invalid_authenticity_token if api_request? logger.error "Form authenticity token is missing or is invalid. API calls must include a proper Content-type header (text/xml or text/json)." end render_error "Invalid form authenticity token." end - - def render_feed(items, options={}) + + def render_feed(items, options={}) @items = items || [] @items.sort! {|x,y| y.event_datetime <=> x.event_datetime } @items = @items.slice(0, Setting.feeds_limit.to_i) @title = options[:title] || Setting.app_title render :template => "common/feed.atom.rxml", :layout => false, :content_type => 'application/atom+xml' end - + def self.accept_key_auth(*actions) actions = actions.flatten.map(&:to_s) write_inheritable_attribute('accept_key_auth_actions', actions) end - + def accept_key_auth_actions self.class.read_inheritable_attribute('accept_key_auth_actions') || [] end - + # Returns the number of objects that should be displayed # on the paginated list def per_page_option @@ -374,10 +374,10 @@ class ApplicationController < ActionController::Base offset = 0 if offset < 0 end offset ||= 0 - + [offset, limit] end - + # qvalues http header parser # code taken from webrick def parse_qvalues(value) @@ -398,16 +398,16 @@ class ApplicationController < ActionController::Base rescue nil end - + # Returns a string that can be used as filename value in Content-Disposition header def filename_for_content_disposition(name) request.env['HTTP_USER_AGENT'] =~ %r{MSIE} ? ERB::Util.url_encode(name) : name end - + def api_request? %w(xml json).include? params[:format] end - + # Returns the API key present in the request def api_key_from_request if params[:key].present? @@ -464,7 +464,7 @@ class ApplicationController < ActionController::Base ) render options end - + # Overrides #default_template so that the api template # is used automatically if it exists def default_template(action_name = self.action_name) @@ -478,7 +478,7 @@ class ApplicationController < ActionController::Base end super end - + # Overrides #pick_layout so that #render with no arguments # doesn't use the layout for api requests def pick_layout(*args)