Class: ApplicationController

Inherits:
ActionController::Base
  • Object
show all
Includes:
Redmine::I18n, Redmine::MenuManager::MenuController
Defined in:
app/controllers/application.rb

Direct Known Subclasses

AccountController, AdminController, AttachmentsController, AuthSourcesController, BoardsController, CustomFieldsController, DocumentsController, EnumerationsController, IssueCategoriesController, IssueRelationsController, IssueStatusesController, IssuesController, JournalsController, MembersController, MessagesController, MyController, NewsController, ProjectsController, QueriesController, ReportsController, RepositoriesController, RolesController, SearchController, SettingsController, TimelogController, TrackersController, UsersController, VersionsController, WatchersController, WelcomeController, WikiController, WikisController, WorkflowsController

Class Method Summary (collapse)

Instance Method Summary (collapse)

Methods included from Redmine::MenuManager::MenuController

#current_menu_item, included, #menu_items, #redirect_to_project_menu_item

Methods included from Redmine::I18n

#current_language, #day_name, #find_language, #format_date, #format_time, included, #l, #l_hours, #l_or_humanize, #ll, #month_name, #set_language_if_valid, #valid_languages

Class Method Details

+ (Object) accept_key_auth(*actions)



182
183
184
185
# File 'app/controllers/application.rb', line 182

def self.accept_key_auth(*actions)
  actions = actions.flatten.map(&:to_s)
  write_inheritable_attribute('accept_key_auth_actions', actions)
end

Instance Method Details

- (Object) accept_key_auth_actions



187
188
189
# File 'app/controllers/application.rb', line 187

def accept_key_auth_actions
  self.class.read_inheritable_attribute('accept_key_auth_actions') || []
end

- (Object) attach_files(obj, attachments)

TODO: move to model



192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
# File 'app/controllers/application.rb', line 192

def attach_files(obj, attachments)
  attached = []
  unsaved = []
  if attachments && attachments.is_a?(Hash)
    attachments.each_value do |attachment|
      file = attachment['file']
      next unless file && file.size > 0
      a = Attachment.create(:container => obj, 
                            :file => file,
                            :description => attachment['description'].to_s.strip,
                            :author => User.current)
      a.new_record? ? (unsaved << a) : (attached << a)
    end
    if unsaved.any?
      flash[:warning] = l(:warning_attachments_not_saved, unsaved.size)
    end
  end
  attached
end

- (Object) authorize(ctrl = params[:controller], action = params[:action])

Authorize the user for the requested action



121
122
123
124
# File 'app/controllers/application.rb', line 121

def authorize(ctrl = params[:controller], action = params[:action])
  allowed = User.current.allowed_to?({:controller => ctrl, :action => action}, @project)
  allowed ? true : deny_access
end

- (Object) check_if_login_required

check if login is globally required to access the application



78
79
80
81
82
# File 'app/controllers/application.rb', line 78

def 
  # no check needed if user is already logged in
  return true if User.current.logged?
   if Setting.
end

- (Object) check_project_privacy

make sure that the user is a member of the project (or admin) if project is private used as a before_filter for actions that do not require any particular permission on the project



128
129
130
131
132
133
134
135
136
137
138
139
140
# File 'app/controllers/application.rb', line 128

def check_project_privacy
  if @project && @project.active?
    if @project.is_public? || User.current.member_of?(@project) || User.current.admin?
      true
    else
      User.current.logged? ? render_403 : 
    end
  else
    @project = nil
    render_404
    false
  end
end

- (Object) current_role



41
42
43
# File 'app/controllers/application.rb', line 41

def current_role
  @current_role ||= User.current.role_for_project(@project)
end

- (Object) deny_access



116
117
118
# File 'app/controllers/application.rb', line 116

def deny_access
  User.current.logged? ? render_403 : 
end

- (Object) filename_for_content_disposition(name)

Returns a string that can be used as filename value in Content-Disposition header



249
250
251
# File 'app/controllers/application.rb', line 249

def filename_for_content_disposition(name)
  request.env['HTTP_USER_AGENT'] =~ %r{MSIE} ? ERB::Util.url_encode(name) : name
end

- (Object) find_current_user

Returns the current user or nil if no user is logged in



53
54
55
56
57
58
59
60
61
62
63
64
# File 'app/controllers/application.rb', line 53

def find_current_user
  if session[:user_id]
    # existing session
    (User.active.find(session[:user_id]) rescue nil)
  elsif cookies[:autologin] && Setting.autologin?
    # auto-login feature
    User.try_to_autologin(cookies[:autologin])
  elsif params[:key] && accept_key_auth_actions.include?(params[:action])
    # RSS key authentication
    User.find_by_rss_key(params[:key])
  end
end

- (Object) logged_user=(user)

Sets the logged in user



67
68
69
70
71
72
73
74
75
# File 'app/controllers/application.rb', line 67

def logged_user=(user)
  if user && user.is_a?(User)
    User.current = user
    session[:user_id] = user.id
  else
    User.current = User.anonymous
    session[:user_id] = nil
  end
end

- (Object) parse_qvalues(value)

qvalues http header parser code taken from webrick



229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
# File 'app/controllers/application.rb', line 229

def parse_qvalues(value)
  tmp = []
  if value
    parts = value.split(/,\s*/)
    parts.each {|part|
      if m = %r{^([^\s,]+?)(?:;\s*q=(\d+(?:\.\d+)?))?$}.match(part)
        val = m[1]
        q = (m[2] or 1).to_f
        tmp.push([val, q])
      end
    }
    tmp = tmp.sort_by{|val, q| -q}
    tmp.collect!{|val, q| val}
  end
  return tmp
rescue
  nil
end

- (Object) per_page_option

Returns the number of objects that should be displayed on the paginated list



214
215
216
217
218
219
220
221
222
223
224
225
# File 'app/controllers/application.rb', line 214

def per_page_option
  per_page = nil
  if params[:per_page] && Setting.per_page_options_array.include?(params[:per_page].to_s.to_i)
    per_page = params[:per_page].to_s.to_i
    session[:per_page] = per_page
  elsif session[:per_page]
    per_page = session[:per_page]
  else
    per_page = Setting.per_page_options_array.first || 25
  end
  per_page
end

- (Object) redirect_back_or_default(default)



142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
# File 'app/controllers/application.rb', line 142

def redirect_back_or_default(default)
  back_url = CGI.unescape(params[:back_url].to_s)
  if !back_url.blank?
    begin
      uri = URI.parse(back_url)
      # do not redirect user to another host or to the login or register page
      if (uri.relative? || (uri.host == request.host)) && !uri.path.match(%r{/(login|account/register)})
        redirect_to(back_url) and return
      end
    rescue URI::InvalidURIError
      # redirect to default
    end
  end
  redirect_to default
end

- (Object) render_403



158
159
160
161
162
# File 'app/controllers/application.rb', line 158

def render_403
  @project = nil
  render :template => "common/403", :layout => !request.xhr?, :status => 403
  return false
end

- (Object) render_404



164
165
166
167
# File 'app/controllers/application.rb', line 164

def render_404
  render :template => "common/404", :layout => !request.xhr?, :status => 404
  return false
end

- (Object) render_error(msg)



169
170
171
172
# File 'app/controllers/application.rb', line 169

def render_error(msg)
  flash.now[:error] = msg
  render :text => '', :layout => !request.xhr?, :status => 500
end

- (Object) render_feed(items, options = {})



174
175
176
177
178
179
180
# File 'app/controllers/application.rb', line 174

def render_feed(items, options={})    
  @items = items || []
  @items.sort! {|x,y| y.event_datetime <=> x.event_datetime }
  @items = @items.slice(0, Setting.feeds_limit.to_i)
  @title = options[:title] || Setting.app_title
  render :template => "common/feed.atom.rxml", :layout => false, :content_type => 'application/atom+xml'
end

- (Object) require_admin



107
108
109
110
111
112
113
114
# File 'app/controllers/application.rb', line 107

def require_admin
  return unless 
  if !User.current.admin?
    render_403
    return false
  end
  true
end

- (Object) require_login



99
100
101
102
103
104
105
# File 'app/controllers/application.rb', line 99

def 
  if !User.current.logged?
    redirect_to :controller => "account", :action => "login", :back_url => url_for(params)
    return false
  end
  true
end

- (Object) set_localization



84
85
86
87
88
89
90
91
92
93
94
95
96
97
# File 'app/controllers/application.rb', line 84

def set_localization
  lang = nil
  if User.current.logged?
    lang = find_language(User.current.language)
  end
  if lang.nil? && request.env['HTTP_ACCEPT_LANGUAGE']
    accept_lang = parse_qvalues(request.env['HTTP_ACCEPT_LANGUAGE']).first.downcase
    if !accept_lang.blank?
      lang = find_language(accept_lang) || find_language(accept_lang.split('-').first)
    end
  end
  lang ||= Setting.default_language
  set_language_if_valid(lang)
end

- (Object) user_setup



45
46
47
48
49
50
# File 'app/controllers/application.rb', line 45

def user_setup
  # Check the settings cache for each request
  Setting.check_cache
  # Find the current user
  self.logged_user = find_current_user
end