diff --git a/app/controllers/auth_sources_controller.rb b/app/controllers/auth_sources_controller.rb index 0ba89ec02..ede9e0733 100644 --- a/app/controllers/auth_sources_controller.rb +++ b/app/controllers/auth_sources_controller.rb @@ -20,6 +20,7 @@ class AuthSourcesController < ApplicationController menu_item :ldap_authentication before_filter :require_admin + before_filter :find_auth_source, :only => [:edit, :update, :test_connection, :destroy] def index @auth_source_pages, @auth_sources = paginate AuthSource, :per_page => 10 @@ -28,6 +29,7 @@ class AuthSourcesController < ApplicationController def new klass_name = params[:type] || 'AuthSourceLdap' @auth_source = AuthSource.new_subclass_instance(klass_name, params[:auth_source]) + render_404 unless @auth_source end def create @@ -41,11 +43,9 @@ class AuthSourcesController < ApplicationController end def edit - @auth_source = AuthSource.find(params[:id]) end def update - @auth_source = AuthSource.find(params[:id]) if @auth_source.update_attributes(params[:auth_source]) flash[:notice] = l(:notice_successful_update) redirect_to auth_sources_path @@ -55,7 +55,6 @@ class AuthSourcesController < ApplicationController end def test_connection - @auth_source = AuthSource.find(params[:id]) begin @auth_source.test_connection flash[:notice] = l(:notice_successful_connection) @@ -66,11 +65,18 @@ class AuthSourcesController < ApplicationController end def destroy - @auth_source = AuthSource.find(params[:id]) unless @auth_source.users.exists? @auth_source.destroy flash[:notice] = l(:notice_successful_delete) end redirect_to auth_sources_path end + + private + + def find_auth_source + @auth_source = AuthSource.find(params[:id]) + rescue ActiveRecord::RecordNotFound + render_404 + end end diff --git a/app/views/auth_sources/_form.html.erb b/app/views/auth_sources/_form.html.erb index 79abae7d8..05c6ca9e9 100644 --- a/app/views/auth_sources/_form.html.erb +++ b/app/views/auth_sources/_form.html.erb @@ -1,13 +1,6 @@ <%= error_messages_for 'auth_source' %> -
-<%= text_field 'auth_source', 'name' %>
- --<%= check_box 'auth_source', 'onthefly_register' %>
+<%= f.text_field :name, :required => true %>
+<%= f.check_box :onthefly_register, :label => :field_onthefly %>
-<%= text_field 'auth_source', 'name' %>
- --<%= text_field 'auth_source', 'host' %>
- --<%= text_field 'auth_source', 'port', :size => 6 %> <%= check_box 'auth_source', 'tls' %> LDAPS
- --<%= text_field 'auth_source', 'account' %>
- --<%= password_field 'auth_source', 'account_password', :name => 'ignore', - :value => ((@auth_source.new_record? || @auth_source.account_password.blank?) ? '' : ('x'*15)), - :onfocus => "this.value=''; this.name='auth_source[account_password]';", - :onchange => "this.name='auth_source[account_password]';" %>
- --<%= text_field 'auth_source', 'base_dn', :size => 60 %>
- --<%= text_field 'auth_source', 'filter', :size => 60 %>
- --<%= text_field 'auth_source', 'timeout', :size => 4 %>
- --<%= check_box 'auth_source', 'onthefly_register' %>
+<%= f.text_field :name, :required => true %>
+<%= f.text_field :host, :required => true %>
+<%= f.text_field :port, :required => true, :size => 6 %> <%= f.check_box :tls, :no_label => true %> LDAPS
+<%= f.text_field :account %>
+<%= f.password_field :account_password, :label => :field_password, + :name => 'dummy_password', + :value => ((@auth_source.new_record? || @auth_source.account_password.blank?) ? '' : ('x'*15)), + :onfocus => "this.value=''; this.name='auth_source[account_password]';", + :onchange => "this.name='auth_source[account_password]';" %>
+<%= f.text_field :base_dn, :required => true, :size => 60 %>
+<%= f.text_field :filter, :size => 60, :label => :field_auth_source_ldap_filter %>
+<%= f.text_field :timeout, :size => 4 %>
+<%= f.check_box :onthefly_register, :label => :field_onthefly %>