Module: Redmine::SudoMode::Controller
- Extended by:
- ActiveSupport::Concern
- Included in:
- ApplicationController
- Defined in:
- lib/redmine/sudo_mode.rb
Defined Under Namespace
Modules: ClassMethods Classes: SudoRequestFilter
Instance Method Summary collapse
-
#process_sudo_form ⇒ Object
handle sudo password form submit.
-
#render_sudo_form(param_names) ⇒ Object
display the sudo password form.
-
#require_sudo_mode(*param_names) ⇒ Object
This renders the sudo mode form / handles sudo form submission.
-
#sudo_mode ⇒ Object
Sudo mode Around Filter.
- #sudo_timestamp_valid? ⇒ Boolean
- #update_sudo_timestamp!(new_value = Time.now.to_i) ⇒ Object
Instance Method Details
#process_sudo_form ⇒ Object
handle sudo password form submit
134 135 136 137 138 139 140 141 142 143 |
# File 'lib/redmine/sudo_mode.rb', line 134 def process_sudo_form if params[:sudo_password] @sudo_form = SudoMode::Form.new(params[:sudo_password]) if @sudo_form.valid? SudoMode.active! else flash.now[:error] = l(:notice_account_wrong_password) end end end |
#render_sudo_form(param_names) ⇒ Object
display the sudo password form
122 123 124 125 126 127 128 129 130 131 |
# File 'lib/redmine/sudo_mode.rb', line 122 def render_sudo_form(param_names) @sudo_form ||= SudoMode::Form.new @sudo_form.original_fields = params.slice(*param_names) # a simple 'render "sudo_mode/new"' works when used directly inside an # action, but not when called from a before_action: respond_to do |format| format.html {render 'sudo_mode/new'} format.js {render 'sudo_mode/new'} end end |
#require_sudo_mode(*param_names) ⇒ Object
This renders the sudo mode form / handles sudo form submission.
Call this method in controller actions if sudo permissions are required for processing this request. This approach is good in cases where the action needs to be protected in any case or where the check is simple.
In cases where this decision depends on complex conditions in the model, consider the declarative approach using the require_sudo_mode class method and a corresponding declaration in the model that causes it to throw a SudoRequired Error when necessary.
All parameter names given are included as hidden fields to be resubmitted along with the password.
Returns true when processing the action should continue, false otherwise. If false is returned, render has already been called for display of the password form.
if @user.mail_changed?
require_sudo_mode :user or return
end
104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 |
# File 'lib/redmine/sudo_mode.rb', line 104 def require_sudo_mode(*param_names) return true if SudoMode.active? if param_names.blank? param_names = params.keys - %w(id action controller sudo_password _method authenticity_token utf8) end process_sudo_form if SudoMode.active? true else render_sudo_form param_names false end end |
#sudo_mode ⇒ Object
Sudo mode Around Filter
Checks the ‘last used’ timestamp from session and sets the SudoMode::active? flag accordingly.
After the request refreshes the timestamp if sudo mode was used during this request.
74 75 76 77 78 79 80 |
# File 'lib/redmine/sudo_mode.rb', line 74 def sudo_mode if SudoMode.active! end yield if SudoMode.was_used? end |
#sudo_timestamp_valid? ⇒ Boolean
145 146 147 |
# File 'lib/redmine/sudo_mode.rb', line 145 def session[:sudo_timestamp].to_i > SudoMode.timeout.ago.to_i end |
#update_sudo_timestamp!(new_value = Time.now.to_i) ⇒ Object
149 150 151 |
# File 'lib/redmine/sudo_mode.rb', line 149 def (new_value = Time.now.to_i) session[:sudo_timestamp] = new_value end |