-
-
Save ratnikov/31698 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
require 'cgi' | |
module LoggedInControllerExtension | |
def self.included(base) | |
base.extend Setup | |
base.setup_logged_in | |
end | |
module Setup | |
def setup_logged_in | |
include InstanceMethods | |
before_filter :validate_ace_user | |
helper_method :current_user, :display_forecast_link?, :display_admin_home_link? | |
self.allow_forgery_protection = false | |
end | |
end | |
module InstanceMethods | |
protected | |
def current_user | |
@current_user | |
end | |
def username | |
session[ApplicationController::SESSION_KEY__USERNAME] | |
end | |
def clear_session | |
referrer = "#{request.protocol}#{request.host_with_port}#{request.request_uri}" | |
session[ApplicationController::SESSION_KEY__REFERRER] = CGI::escape(referrer) | |
end | |
def validate_ace_user | |
if username.nil? | |
if request.request_uri.length > 1 | |
clear_session | |
end | |
redirect_to :controller => "/login", :action => "index" | |
return false | |
end | |
@current_user = Member.find_by_username(username) | |
if (@current_user.inactive?) | |
flash[:error] = "Your account has been deactivated. For more information please contact support@#{AceConfig['email_domain']}" | |
clear_session | |
redirect_to :controller => '/login', :action => :index | |
end | |
true | |
end | |
def display_forecast_link? | |
@current_user.has_site_role?(:project_billing_admin) | |
end | |
def display_admin_home_link? | |
@current_user and @current_user.has_any_of_these_site_roles?( | |
:project_billing_admin, | |
:can_view_reports, | |
:hour_report_admin, | |
:news_admin, | |
:text_admin, | |
:template_task_admin, | |
:links_admin, | |
:work_order_admin | |
) | |
end | |
end | |
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
require File.dirname(__FILE__) + '/../test_helper' | |
class LoggedInController | |
include LoggedInControllerExtension | |
attr_accessor :redirect_to_args | |
def web_method | |
render :text => '' | |
end | |
def redirect_to *args | |
self.redirect_to_args = args | |
end | |
end | |
class LoggedInControllerTest < ActionController::TestCase | |
context "given an inactive user" do | |
@controller.username = member(:inactive_user).username | |
@controller.validate_ace_user | |
class << @controller | |
attr_accessor :session_cleared | |
def clear_session; self.session_cleared = true end | |
end | |
assert !validate_ace_user, "Should fail ace user for whatever reason." | |
assert_equal({ :controller => "/login", :action => "index" }, | |
assert @controller.session_cleared, "Should have cleared the session." | |
end | |
end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment