Andreas/tracks
1
0
Fork 0
mirror of https://github.com/TracksApp/tracks.git synced 2026-03-09 06:02:36 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

My apologies for this large, multi-pronged commit. What's here:

Browse source 
* Introduce Tracks::Config class to wrap environment.rb config settings
* Remove unused admin and index actions from user_controller
* Introduce flash partial and standardize on symbol keys for the flash hash
* Replace usages of render_partial with render :partial

Two new authentication options! These probably need documentation...

* Introduce LDAP authentication option (see configuration in environment.rb.tmpl). Thanks to Jeremy Evans for creating the SimpleLdapAuthenticator plugin. Note: the ldap auth integration test is likely to be fragile. Works for me on OS X with openldap, but your mileage may vary.
* Introduce Open ID authentication option (see configuration in environment.rb.tmpl and http://openid.net for more info). Thanks to East Media for the Open ID Consumer Plugin.
 
In environment.rb, you can enable any combination of the three auth options. If you have more than one selected, users can opt between them via their preferences pages. To play with the Open ID auth, you can get an identity at pip.verisignlabs.com.

Note that there are some new migrations to support the new authentication options, so don't forget to rake migrate!


git-svn-id: http://www.rousette.org.uk/svn/tracks-repos/trunk@334 a4c988fc-2ded-0310-b66e-134b36920a42
This commit is contained in:
lukemelia 2006-11-05 10:41:59 +00:00
parent 4e0b459524
commit 99b734a52c
69 changed files with 1649 additions and 218 deletions
Download patch file Download diff file Expand all files Collapse all files

22
tracks/app/controllers/context_controller.rb
View file

@ -86,10 +86,10 @@ class ContextController < ApplicationController
# fallback for standard requests
if @saved
flash["notice"] = 'Added new next action.'
flash[:notice] = 'Added new next action.'
redirect_to :controller => 'todo', :action => 'list'
else
flash["warning"] = 'The next action was not added. Please try again.'
flash[:warning] = 'The next action was not added. Please try again.'
redirect_to :controller => 'todo', :action => 'list'
end
@ -97,7 +97,7 @@ class ContextController < ApplicationController
if request.xhr? # be sure to include an error.rjs
render :action => 'error'
else
flash["warning"] = 'An error occurred on the server.'
flash[:warning] = 'An error occurred on the server.'
redirect_to :controller => 'todo', :action => 'list'
end
end
@ -118,9 +118,9 @@ class ContextController < ApplicationController
return if request.xhr?
if @saved
flash['notice'] = "The action <strong>'#{@item.description}'</strong> was marked as <strong>#{@item.done? ? 'complete' : 'incomplete' }</strong>"
flash[:notice] = "The action <strong>'#{@item.description}'</strong> was marked as <strong>#{@item.done? ? 'complete' : 'incomplete' }</strong>"
else
flash['notice'] = "The action <strong>'#{@item.description}'</strong> was NOT marked as <strong>#{@item.done? ? 'complete' : 'incomplete' } due to an error on the server.</strong>"
flash[:notice] = "The action <strong>'#{@item.description}'</strong> was NOT marked as <strong>#{@item.done? ? 'complete' : 'incomplete' } due to an error on the server.</strong>"
end
redirect_to :action => "list"
end
@ -133,9 +133,9 @@ class ContextController < ApplicationController
@context.attributes = params["context"]
@context.name = deurlize(@context.name)
if @context.save
render_partial 'context_listing', @context
render :partial => 'context_listing', :object => @context
else
flash["warning"] = "Couldn't update new context"
flash[:warning] = "Couldn't update new context"
render :text => ""
end
end
@ -148,7 +148,7 @@ class ContextController < ApplicationController
if @context.destroy
render_text ""
else
flash["warning"] = "Couldn't delete context \"#{@context.name}\""
flash[:warning] = "Couldn't delete context \"#{@context.name}\""
redirect_to( :controller => "context", :action => "list" )
end
end
@ -178,7 +178,7 @@ class ContextController < ApplicationController
return @context
else
@context = nil # Should be nil anyway.
flash["warning"] = "Item and session user mis-match: #{@context.user_id} and #{@user.id}!"
flash[:warning] = "Item and session user mis-match: #{@context.user_id} and #{@user.id}!"
render_text ""
end
end
@ -189,7 +189,7 @@ class ContextController < ApplicationController
return @context
else
@context = nil
flash["warning"] = "Project and session user mis-match: #{@context.user_id} and #{@user.id}!"
flash[:warning] = "Project and session user mis-match: #{@context.user_id} and #{@user.id}!"
render_text ""
end
end
@ -199,7 +199,7 @@ class ContextController < ApplicationController
if @user == item.user
return item
else
flash["warning"] = "Item and session user mis-match: #{item.user.name} and #{@user.name}!"
flash[:warning] = "Item and session user mis-match: #{item.user.name} and #{@user.name}!"
render_text ""
end
end

66
tracks/app/controllers/login_controller.rb
View file

@ -2,7 +2,8 @@ class LoginController < ApplicationController
model :user, :preference
layout 'login'
skip_before_filter :set_session_expiration
open_id_consumer if Tracks::Config.auth_schemes.include?('open_id')
def login
@page_title = "TRACKS::Login"
case request.method
@ -13,15 +14,68 @@ class LoginController < ApplicationController
# of inactivity
session['noexpiry'] = params['user_noexpiry']
msg = (should_expire_sessions?) ? "will expire after 1 hour of inactivity." : "will not expire."
flash['notice'] = "Login successful: session #{msg}"
flash[:notice] = "Login successful: session #{msg}"
cookies[:tracks_login] = { :value => @user.login, :expires => Time.now + 1.year }
redirect_back_or_default :controller => "todo", :action => "index"
else
@login = params['user_login']
flash['warning'] = "Login unsuccessful"
flash[:warning] = "Login unsuccessful"
end
end
end
def begin
# If the URL was unusable (either because of network conditions,
# a server error, or that the response returned was not an OpenID
# identity page), the library will return HTTP_FAILURE or PARSE_ERROR.
# Let the user know that the URL is unusable.
case open_id_response.status
when OpenID::SUCCESS
# The URL was a valid identity URL. Now we just need to send a redirect
# to the server using the redirect_url the library created for us.
# redirect to the server
redirect_to open_id_response.redirect_url((request.protocol + request.host_with_port + "/"), url_for(:action => 'complete'))
else
flash[:warning] = "Unable to find openid server for <q>#{params[:openid_url]}</q>"
redirect_to :action => 'login'
end
end
def complete
case open_id_response.status
when OpenID::FAILURE
# In the case of failure, if info is non-nil, it is the
# URL that we were verifying. We include it in the error
# message to help the user figure out what happened.
if open_id_response.identity_url
flash[:message] = "Verification of #{open_id_response.identity_url} failed. "
else
flash[:message] = "Verification failed. "
end
flash[:message] += open_id_response.msg.to_s
when OpenID::SUCCESS
# Success means that the transaction completed without
# error. If info is nil, it means that the user cancelled
# the verification.
@user = User.find_by_open_id_url(open_id_response.identity_url)
unless (@user.nil?)
flash[:message] = "You have successfully verified #{open_id_response.identity_url} as your identity."
session['user_id'] = @user.id
redirect_back_or_default :controller => 'todo', :action => 'index'
else
flash[:warning] = "You have successfully verified #{open_id_response.identity_url} as your identity, but you do not have a Tracks account. Please ask your administrator to sign you up."
end
when OpenID::CANCEL
flash[:message] = "Verification cancelled."
else
flash[:warning] = "Unknown response status: #{open_id_response.status}"
end
redirect_to :action => 'login' unless performed?
end
def signup
if User.find_all.empty? # the first user of the system
@ -53,7 +107,7 @@ class LoginController < ApplicationController
@user = User.authenticate(user.login, params['user']['password'])
@user.create_preference
@user.save
flash['notice'] = "Signup successful for user #{@user.login}."
flash[:notice] = "Signup successful for user #{@user.login}."
redirect_back_or_default :controller => "todo", :action => "index"
end
end
@ -70,8 +124,8 @@ class LoginController < ApplicationController
def logout
session['user_id'] = nil
reset_session
flash['notice'] = "You have been logged out of Tracks."
redirect_to :controller => "login", :action => "login"
flash[:notice] = "You have been logged out of Tracks."
redirect_to :action => "login"
end
def check_expiry

16
tracks/app/controllers/note_controller.rb
View file

@ -26,19 +26,19 @@ class NoteController < ApplicationController
note.attributes = params["new_note"]
if note.save
render_partial 'notes_summary', note
render :partial => 'notes_summary', :object => note
else
render_text ""
render :text => ''
end
end
def delete
note = check_user_return_note
if note.destroy
render_text ""
render :text => ''
else
flash["warning"] = "Couldn't delete note \"#{note.id.to_s}\""
render_text ""
flash[:warning] = "Couldn't delete note \"#{note.id.to_s}\""
render :text => ''
end
end
@ -46,10 +46,10 @@ class NoteController < ApplicationController
note = check_user_return_note
note.attributes = params["note"]
if note.save
render_partial 'notes', note
render :partial => 'notes', :object => note
else
flash["warning"] = "Couldn't update note \"#{note.id.to_s}\""
render_text ""
render :text => ''
end
end
@ -60,7 +60,7 @@ class NoteController < ApplicationController
if @user == note.user
return note
else
render_text ""
render :text => ''
end
end
end

36
tracks/app/controllers/project_controller.rb
View file

@ -34,7 +34,7 @@ class ProjectController < ApplicationController
@page_title = "TRACKS::Project: #{@project.name}"
if @contexts.empty?
flash['warning'] = 'You must add at least one context before adding next actions.'
flash[:warning] = 'You must add at least one context before adding next actions.'
end
if @not_done.empty?
@ -108,10 +108,10 @@ class ProjectController < ApplicationController
# fallback for standard requests
if @saved
flash["notice"] = 'Added new next action.'
flash[:notice] = 'Added new next action.'
redirect_to :controller => 'todo', :action => 'index'
else
flash["warning"] = 'The next action was not added. Please try again.'
flash[:warning] = 'The next action was not added. Please try again.'
redirect_to :controller => 'todo', :action => 'index'
end
@ -119,7 +119,7 @@ class ProjectController < ApplicationController
if request.xhr? # be sure to include an error.rjs
render :action => 'error'
else
flash["warning"] = 'An error occurred on the server.'
flash[:warning] = 'An error occurred on the server.'
redirect_to :controller => 'todo', :action => 'index'
end
end
@ -140,9 +140,9 @@ class ProjectController < ApplicationController
return if request.xhr?
if @saved
flash['notice'] = "The action <strong>'#{@item.description}'</strong> was marked as <strong>#{@item.done? ? 'complete' : 'incomplete' }</strong>"
flash[:notice] = "The action <strong>'#{@item.description}'</strong> was marked as <strong>#{@item.done? ? 'complete' : 'incomplete' }</strong>"
else
flash['notice'] = "The action <strong>'#{@item.description}'</strong> was NOT marked as <strong>#{@item.done? ? 'complete' : 'incomplete' } due to an error on the server.</strong>"
flash[:notice] = "The action <strong>'#{@item.description}'</strong> was NOT marked as <strong>#{@item.done? ? 'complete' : 'incomplete' } due to an error on the server.</strong>"
end
redirect_to :action => "list"
end
@ -152,13 +152,13 @@ class ProjectController < ApplicationController
def update
self.init
check_user_set_project
@project.attributes = params["project"]
@project.attributes = params['project']
@project.name = deurlize(@project.name)
if @project.save
render_partial 'project_listing', @project
render :partial => 'project_listing', :object => @project
else
flash["warning"] = "Couldn't update project"
render_text ""
flash[:warning] = "Couldn't update project"
render :text => ''
end
end
@ -178,9 +178,9 @@ class ProjectController < ApplicationController
def destroy
check_user_set_project
if @project.destroy
render_text ""
render :text => ''
else
flash["warning"] = "Couldn't delete project \"#{@project.name}\""
flash[:warning] = "Couldn't delete project \"#{@project.name}\""
redirect_to( :controller => "project", :action => "list" )
end
end
@ -210,8 +210,8 @@ class ProjectController < ApplicationController
return @project
else
@project = nil # Should be nil anyway
flash["warning"] = "Project and session user mis-match: #{@project.user_id} and #{@user.id}!"
render_text ""
flash[:warning] = "Project and session user mis-match: #{@project.user_id} and #{@user.id}!"
render :text => ''
end
end
@ -221,8 +221,8 @@ class ProjectController < ApplicationController
return @project
else
@project = nil
flash["warning"] = "Project and session user mis-match: #{@project.user_id} and #{@user.id}!"
render_text ""
flash[:warning] = "Project and session user mis-match: #{@project.user_id} and #{@user.id}!"
render :text => ''
end
end
@ -231,8 +231,8 @@ class ProjectController < ApplicationController
if @user == item.user
return item
else
flash["warning"] = "Item and session user mis-match: #{item.user.name} and #{@user.name}!"
render_text ""
flash[:warning] = "Item and session user mis-match: #{item.user.name} and #{@user.name}!"
render :text => ''
end
end

81
tracks/app/controllers/user_controller.rb
View file

@ -1,13 +1,9 @@
class UserController < ApplicationController
layout 'standard'
prepend_before_filter :login_required
def index
render_text "This will be our jumping-off point for managing user functions!"
end
def admin
render_text "You'll only be allowed to go here if you're an administrator."
if Tracks::Config.auth_schemes.include?('open_id')
open_id_consumer
before_filter :begin_open_id_auth, :only => :update_auth_type
end
verify :method => :post,
@ -22,7 +18,7 @@ class UserController < ApplicationController
#
def create
admin = User.find_admin
#render_text "user is " + session["user_id"].to_s + " and admin is " + a.id.to_s
#logger.debug "user is " + session["user_id"].to_s + " and admin is " + a.id.to_s
unless session["user_id"].to_i == admin.id.to_i
access_denied
return
@ -81,6 +77,71 @@ class UserController < ApplicationController
redirect_to :controller => 'user', :action => 'change_password'
end
end
def change_auth_type
@page_title = "TRACKS::Change authentication type"
end
def update_auth_type
if (params[:user][:auth_type] == 'open_id')
case open_id_response.status
when OpenID::SUCCESS
# The URL was a valid identity URL. Now we just need to send a redirect
# to the server using the redirect_url the library created for us.
# redirect to the server
redirect_to open_id_response.redirect_url((request.protocol + request.host_with_port + "/"), url_for(:action => 'complete'))
else
flash[:warning] = "Unable to find openid server for <q>#{params[:openid_url]}</q>"
redirect_to :action => 'change_auth_type'
end
return
end
@user.auth_type = params[:user][:auth_type]
if @user.save
flash[:notice] = "Authentication type updated."
redirect_to :controller => 'user', :action => 'preferences'
else
flash[:warning] = "There was a problem updating your authentication type: #{ @user.errors.full_messages.join(', ')}"
redirect_to :controller => 'user', :action => 'change_auth_type'
end
end
def complete
case open_id_response.status
when OpenID::FAILURE
# In the case of failure, if info is non-nil, it is the
# URL that we were verifying. We include it in the error
# message to help the user figure out what happened.
if open_id_response.identity_url
flash[:message] = "Verification of #{open_id_response.identity_url} failed. "
else
flash[:message] = "Verification failed. "
end
flash[:message] += open_id_response.msg.to_s
when OpenID::SUCCESS
# Success means that the transaction completed without
# error. If info is nil, it means that the user cancelled
# the verification.
@user.auth_type = 'open_id'
@user.open_id_url = open_id_response.identity_url
if @user.save
flash[:message] = "You have successfully verified #{open_id_response.identity_url} as your identity and set your authentication type to Open ID."
else
flash[:warning] = "You have successfully verified #{open_id_response.identity_url} as your identity but there was a problem saving your authentication preferences."
end
redirect_to :action => 'preferences'
when OpenID::CANCEL
flash[:message] = "Verification cancelled."
else
flash[:warning] = "Unknown response status: #{open_id_response.status}"
end
redirect_to :action => 'change_auth_type' unless performed?
end
def refresh_token
@user.crypt_word
@ -93,10 +154,10 @@ class UserController < ApplicationController
def do_change_password_for(user)
user.change_password(params[:updateuser][:password], params[:updateuser][:password_confirmation])
if user.save
flash["notice"] = "Password updated."
flash[:notice] = "Password updated."
return true
else
flash["warning"] = 'There was a problem saving the password. Please retry.'
flash[:warning] = 'There was a problem saving the password. Please retry.'
return false
end
end