app/controllers/application.rb

# redMine - project management software
# Copyright (C) 2006-2007  Jean-Philippe Lang
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
# 
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
# 
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.

class ApplicationController < ActionController::Base
  before_filter :user_setup, :check_if_login_required, :set_localization
  filter_parameter_logging :password
  
  REDMINE_SUPPORTED_SCM.each do |scm|
    require_dependency "repository/#{scm.underscore}"
  end
  
  def logged_in_user
    User.current.logged? ? User.current : nil
  end
  
  def current_role
    @current_role ||= User.current.role_for_project(@project)
  end
  
  def user_setup
    if session[:user_id]
      # existing session
      User.current = User.find(session[:user_id])
    elsif cookies[:autologin] && Setting.autologin?
      # auto-login feature
      User.current = User.find_by_autologin_key(autologin_key)
    elsif params[:key] && accept_key_auth_actions.include?(params[:action])
      # RSS key authentication
      User.current = User.find_by_rss_key(params[:key])
    else
      User.current = User.anonymous
    end
  end
  
  # check if login is globally required to access the application
  def check_if_login_required
    # no check needed if user is already logged in
    return true if User.current.logged?
    require_login if Setting.login_required?
  end 
  
  def set_localization
    lang = begin
      if !User.current.language.blank? and GLoc.valid_languages.include? User.current.language.to_sym
        User.current.language
      elsif request.env['HTTP_ACCEPT_LANGUAGE']
        accept_lang = parse_qvalues(request.env['HTTP_ACCEPT_LANGUAGE']).first.split('-').first
        if accept_lang and !accept_lang.empty? and GLoc.valid_languages.include? accept_lang.to_sym
          accept_lang
        end
      end
    rescue
      nil
    end || Setting.default_language
    set_language_if_valid(lang)    
  end
  
  def require_login
    if !User.current.logged?
      store_location
      redirect_to :controller => "account", :action => "login"
      return false
    end
    true
  end

  def require_admin
    return unless require_login
    if !User.current.admin?
      render_403
      return false
    end
    true
  end

  # Authorize the user for the requested action
  def authorize(ctrl = params[:controller], action = params[:action])
    allowed = User.current.allowed_to?({:controller => ctrl, :action => action}, @project)
    allowed ? true : (User.current.logged? ? render_403 : require_login)
  end
  
  # make sure that the user is a member of the project (or admin) if project is private
  # used as a before_filter for actions that do not require any particular permission on the project
  def check_project_privacy
    unless @project.active?
      @project = nil
      render_404
      return false
    end
    return true if @project.is_public? || User.current.member_of?(@project) || User.current.admin?
    User.current.logged? ? render_403 : require_login
  end

  # store current uri in session.
  # return to this location by calling redirect_back_or_default
  def store_location
    session[:return_to_params] = params
  end

  # move to the last store_location call or to the passed default one
  def redirect_back_or_default(default)
    if session[:return_to_params].nil?
      redirect_to default
    else
      redirect_to session[:return_to_params]
      session[:return_to_params] = nil
    end
  end
  
  def render_403
    @html_title = "403"
    @project = nil
    render :template => "common/403", :layout => true, :status => 403
    return false
  end
    
  def render_404
    @html_title = "404"
    render :template => "common/404", :layout => true, :status => 404
    return false
  end
  
  def render_feed(items, options={})
    @items = items.sort {|x,y| y.event_datetime <=> x.event_datetime }
    @title = options[:title] || Setting.app_title
    render :template => "common/feed.atom.rxml", :layout => false, :content_type => 'application/atom+xml'
  end
  
  def self.accept_key_auth(*actions)
    actions = actions.flatten.map(&:to_s)
    write_inheritable_attribute('accept_key_auth_actions', actions)
  end
  
  def accept_key_auth_actions
    self.class.read_inheritable_attribute('accept_key_auth_actions') || []
  end

  # qvalues http header parser
  # code taken from webrick
  def parse_qvalues(value)
    tmp = []
    if value
      parts = value.split(/,\s*/)
      parts.each {|part|
        if m = %r{^([^\s,]+?)(?:;\s*q=(\d+(?:\.\d+)?))?$}.match(part)
          val = m[1]
          q = (m[2] or 1).to_f
          tmp.push([val, q])
        end
      }
      tmp = tmp.sort_by{|val, q| -q}
      tmp.collect!{|val, q| val}
    end
    return tmp
  end
end
added svn:eol-style native property on /app files git-svn-id: http://redmine.rubyforge.org/svn/trunk@333 e93f8b46-1217-0410-a6f0-8f06a7374b81 2007-03-12 17:59:02 +00:00			`# redMine - project management software`
			`# Copyright (C) 2006-2007 Jean-Philippe Lang`
			`#`
			`# This program is free software; you can redistribute it and/or`
			`# modify it under the terms of the GNU General Public License`
			`# as published by the Free Software Foundation; either version 2`
			`# of the License, or (at your option) any later version.`
			`#`
			`# This program is distributed in the hope that it will be useful,`
			`# but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
			`# GNU General Public License for more details.`
			`#`
			`# You should have received a copy of the GNU General Public License`
			`# along with this program; if not, write to the Free Software`
			`# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.`

			`class ApplicationController < ActionController::Base`
Merged 0.6 branch into trunk. Permissions management was rewritten. Some permissions can now be specifically defined for non member and anonymous users. This migration: * is irreversible (please, don't forget to backup your database before upgrading) * resets role's permissions (go to "Admin -> Roles & Permissions" to set them after upgrading) git-svn-id: http://redmine.rubyforge.org/svn/trunk@674 e93f8b46-1217-0410-a6f0-8f06a7374b81 2007-08-29 16:52:35 +00:00			`before_filter :user_setup, :check_if_login_required, :set_localization`
added svn:eol-style native property on /app files git-svn-id: http://redmine.rubyforge.org/svn/trunk@333 e93f8b46-1217-0410-a6f0-8f06a7374b81 2007-03-12 17:59:02 +00:00			`filter_parameter_logging :password`

Applied this fix http://dev.rubyonrails.org/ticket/4967 to solve namespaced models dependencies problem. git-svn-id: http://redmine.rubyforge.org/svn/trunk@561 e93f8b46-1217-0410-a6f0-8f06a7374b81 2007-06-12 23:03:38 +00:00			`REDMINE_SUPPORTED_SCM.each do \|scm\|`
			`require_dependency "repository/#{scm.underscore}"`
			`end`

Merged 0.6 branch into trunk. Permissions management was rewritten. Some permissions can now be specifically defined for non member and anonymous users. This migration: * is irreversible (please, don't forget to backup your database before upgrading) * resets role's permissions (go to "Admin -> Roles & Permissions" to set them after upgrading) git-svn-id: http://redmine.rubyforge.org/svn/trunk@674 e93f8b46-1217-0410-a6f0-8f06a7374b81 2007-08-29 16:52:35 +00:00			`def logged_in_user`
			`User.current.logged? ? User.current : nil`
added svn:eol-style native property on /app files git-svn-id: http://redmine.rubyforge.org/svn/trunk@333 e93f8b46-1217-0410-a6f0-8f06a7374b81 2007-03-12 17:59:02 +00:00			`end`

Merged 0.6 branch into trunk. Permissions management was rewritten. Some permissions can now be specifically defined for non member and anonymous users. This migration: * is irreversible (please, don't forget to backup your database before upgrading) * resets role's permissions (go to "Admin -> Roles & Permissions" to set them after upgrading) git-svn-id: http://redmine.rubyforge.org/svn/trunk@674 e93f8b46-1217-0410-a6f0-8f06a7374b81 2007-08-29 16:52:35 +00:00			`def current_role`
			`@current_role \|\|= User.current.role_for_project(@project)`
			`end`

			`def user_setup`
added svn:eol-style native property on /app files git-svn-id: http://redmine.rubyforge.org/svn/trunk@333 e93f8b46-1217-0410-a6f0-8f06a7374b81 2007-03-12 17:59:02 +00:00			`if session[:user_id]`
Merged 0.6 branch into trunk. Permissions management was rewritten. Some permissions can now be specifically defined for non member and anonymous users. This migration: * is irreversible (please, don't forget to backup your database before upgrading) * resets role's permissions (go to "Admin -> Roles & Permissions" to set them after upgrading) git-svn-id: http://redmine.rubyforge.org/svn/trunk@674 e93f8b46-1217-0410-a6f0-8f06a7374b81 2007-08-29 16:52:35 +00:00			`# existing session`
			`User.current = User.find(session[:user_id])`
			`elsif cookies[:autologin] && Setting.autologin?`
			`# auto-login feature`
			`User.current = User.find_by_autologin_key(autologin_key)`
			`elsif params[:key] && accept_key_auth_actions.include?(params[:action])`
			`# RSS key authentication`
			`User.current = User.find_by_rss_key(params[:key])`
added svn:eol-style native property on /app files git-svn-id: http://redmine.rubyforge.org/svn/trunk@333 e93f8b46-1217-0410-a6f0-8f06a7374b81 2007-03-12 17:59:02 +00:00			`else`
Merged 0.6 branch into trunk. Permissions management was rewritten. Some permissions can now be specifically defined for non member and anonymous users. This migration: * is irreversible (please, don't forget to backup your database before upgrading) * resets role's permissions (go to "Admin -> Roles & Permissions" to set them after upgrading) git-svn-id: http://redmine.rubyforge.org/svn/trunk@674 e93f8b46-1217-0410-a6f0-8f06a7374b81 2007-08-29 16:52:35 +00:00			`User.current = User.anonymous`
added svn:eol-style native property on /app files git-svn-id: http://redmine.rubyforge.org/svn/trunk@333 e93f8b46-1217-0410-a6f0-8f06a7374b81 2007-03-12 17:59:02 +00:00			`end`
			`end`

			`# check if login is globally required to access the application`
			`def check_if_login_required`
Added autologin feature (disabled by default). To enable this feature, go to administration settings and choose a duration for autologin. When enabled, a checkbox on the login form lets users activate autologin. git-svn-id: http://redmine.rubyforge.org/svn/trunk@514 e93f8b46-1217-0410-a6f0-8f06a7374b81 2007-05-06 12:49:32 +00:00			`# no check needed if user is already logged in`
Merged 0.6 branch into trunk. Permissions management was rewritten. Some permissions can now be specifically defined for non member and anonymous users. This migration: * is irreversible (please, don't forget to backup your database before upgrading) * resets role's permissions (go to "Admin -> Roles & Permissions" to set them after upgrading) git-svn-id: http://redmine.rubyforge.org/svn/trunk@674 e93f8b46-1217-0410-a6f0-8f06a7374b81 2007-08-29 16:52:35 +00:00			`return true if User.current.logged?`
added svn:eol-style native property on /app files git-svn-id: http://redmine.rubyforge.org/svn/trunk@333 e93f8b46-1217-0410-a6f0-8f06a7374b81 2007-03-12 17:59:02 +00:00			`require_login if Setting.login_required?`
			`end`

			`def set_localization`
			`lang = begin`
Merged 0.6 branch into trunk. Permissions management was rewritten. Some permissions can now be specifically defined for non member and anonymous users. This migration: * is irreversible (please, don't forget to backup your database before upgrading) * resets role's permissions (go to "Admin -> Roles & Permissions" to set them after upgrading) git-svn-id: http://redmine.rubyforge.org/svn/trunk@674 e93f8b46-1217-0410-a6f0-8f06a7374b81 2007-08-29 16:52:35 +00:00			`if !User.current.language.blank? and GLoc.valid_languages.include? User.current.language.to_sym`
			`User.current.language`
added svn:eol-style native property on /app files git-svn-id: http://redmine.rubyforge.org/svn/trunk@333 e93f8b46-1217-0410-a6f0-8f06a7374b81 2007-03-12 17:59:02 +00:00			`elsif request.env['HTTP_ACCEPT_LANGUAGE']`
			`accept_lang = parse_qvalues(request.env['HTTP_ACCEPT_LANGUAGE']).first.split('-').first`
			`if accept_lang and !accept_lang.empty? and GLoc.valid_languages.include? accept_lang.to_sym`
			`accept_lang`
			`end`
			`end`
			`rescue`
			`nil`
			`end \|\| Setting.default_language`
			`set_language_if_valid(lang)`
			`end`

			`def require_login`
Merged 0.6 branch into trunk. Permissions management was rewritten. Some permissions can now be specifically defined for non member and anonymous users. This migration: * is irreversible (please, don't forget to backup your database before upgrading) * resets role's permissions (go to "Admin -> Roles & Permissions" to set them after upgrading) git-svn-id: http://redmine.rubyforge.org/svn/trunk@674 e93f8b46-1217-0410-a6f0-8f06a7374b81 2007-08-29 16:52:35 +00:00			`if !User.current.logged?`
added svn:eol-style native property on /app files git-svn-id: http://redmine.rubyforge.org/svn/trunk@333 e93f8b46-1217-0410-a6f0-8f06a7374b81 2007-03-12 17:59:02 +00:00			`store_location`
			`redirect_to :controller => "account", :action => "login"`
			`return false`
			`end`
			`true`
			`end`

			`def require_admin`
			`return unless require_login`
Merged 0.6 branch into trunk. Permissions management was rewritten. Some permissions can now be specifically defined for non member and anonymous users. This migration: * is irreversible (please, don't forget to backup your database before upgrading) * resets role's permissions (go to "Admin -> Roles & Permissions" to set them after upgrading) git-svn-id: http://redmine.rubyforge.org/svn/trunk@674 e93f8b46-1217-0410-a6f0-8f06a7374b81 2007-08-29 16:52:35 +00:00			`if !User.current.admin?`
A 403 error page is now displayed (instead of a blank page) when trying to access a protected page. git-svn-id: http://redmine.rubyforge.org/svn/trunk@495 e93f8b46-1217-0410-a6f0-8f06a7374b81 2007-04-30 19:47:28 +00:00			`render_403`
added svn:eol-style native property on /app files git-svn-id: http://redmine.rubyforge.org/svn/trunk@333 e93f8b46-1217-0410-a6f0-8f06a7374b81 2007-03-12 17:59:02 +00:00			`return false`
			`end`
			`true`
			`end`

Merged 0.6 branch into trunk. Permissions management was rewritten. Some permissions can now be specifically defined for non member and anonymous users. This migration: * is irreversible (please, don't forget to backup your database before upgrading) * resets role's permissions (go to "Admin -> Roles & Permissions" to set them after upgrading) git-svn-id: http://redmine.rubyforge.org/svn/trunk@674 e93f8b46-1217-0410-a6f0-8f06a7374b81 2007-08-29 16:52:35 +00:00			`# Authorize the user for the requested action`
added svn:eol-style native property on /app files git-svn-id: http://redmine.rubyforge.org/svn/trunk@333 e93f8b46-1217-0410-a6f0-8f06a7374b81 2007-03-12 17:59:02 +00:00			`def authorize(ctrl = params[:controller], action = params[:action])`
Merged 0.6 branch into trunk. Permissions management was rewritten. Some permissions can now be specifically defined for non member and anonymous users. This migration: * is irreversible (please, don't forget to backup your database before upgrading) * resets role's permissions (go to "Admin -> Roles & Permissions" to set them after upgrading) git-svn-id: http://redmine.rubyforge.org/svn/trunk@674 e93f8b46-1217-0410-a6f0-8f06a7374b81 2007-08-29 16:52:35 +00:00			`allowed = User.current.allowed_to?({:controller => ctrl, :action => action}, @project)`
			`allowed ? true : (User.current.logged? ? render_403 : require_login)`
added svn:eol-style native property on /app files git-svn-id: http://redmine.rubyforge.org/svn/trunk@333 e93f8b46-1217-0410-a6f0-8f06a7374b81 2007-03-12 17:59:02 +00:00			`end`

			`# make sure that the user is a member of the project (or admin) if project is private`
			`# used as a before_filter for actions that do not require any particular permission on the project`
			`def check_project_privacy`
Added the ability to archive projects: * Only administrators can archive/unarchive projects. * Once archived, the project is visible on the admin project listing only. It doesn't show up anywhere else in the app. Subprojects are also archived. * Archive/unarchive preserve everything on the project (issues, members, ...). * A subproject can not be unarchived if its parent project is archived. git-svn-id: http://redmine.rubyforge.org/svn/trunk@549 e93f8b46-1217-0410-a6f0-8f06a7374b81 2007-05-27 17:42:04 +00:00			`unless @project.active?`
			`@project = nil`
			`render_404`
			`return false`
			`end`
Merged 0.6 branch into trunk. Permissions management was rewritten. Some permissions can now be specifically defined for non member and anonymous users. This migration: * is irreversible (please, don't forget to backup your database before upgrading) * resets role's permissions (go to "Admin -> Roles & Permissions" to set them after upgrading) git-svn-id: http://redmine.rubyforge.org/svn/trunk@674 e93f8b46-1217-0410-a6f0-8f06a7374b81 2007-08-29 16:52:35 +00:00			`return true if @project.is_public? \|\| User.current.member_of?(@project) \|\| User.current.admin?`
			`User.current.logged? ? render_403 : require_login`
added svn:eol-style native property on /app files git-svn-id: http://redmine.rubyforge.org/svn/trunk@333 e93f8b46-1217-0410-a6f0-8f06a7374b81 2007-03-12 17:59:02 +00:00			`end`

v0.2.0 git-svn-id: http://redmine.rubyforge.org/svn/trunk@7 e93f8b46-1217-0410-a6f0-8f06a7374b81 2006-07-09 16:30:01 +00:00			`# store current uri in session.`
			`# return to this location by calling redirect_back_or_default`
			`def store_location`
* replaced :controller => '' broken statements by :controller => 'welcome' * request_uri method no more used git-svn-id: http://redmine.rubyforge.org/svn/trunk@175 e93f8b46-1217-0410-a6f0-8f06a7374b81 2007-01-25 18:27:42 +00:00			`session[:return_to_params] = params`
v0.2.0 git-svn-id: http://redmine.rubyforge.org/svn/trunk@7 e93f8b46-1217-0410-a6f0-8f06a7374b81 2006-07-09 16:30:01 +00:00			`end`

			`# move to the last store_location call or to the passed default one`
			`def redirect_back_or_default(default)`
* replaced :controller => '' broken statements by :controller => 'welcome' * request_uri method no more used git-svn-id: http://redmine.rubyforge.org/svn/trunk@175 e93f8b46-1217-0410-a6f0-8f06a7374b81 2007-01-25 18:27:42 +00:00			`if session[:return_to_params].nil?`
v0.2.0 git-svn-id: http://redmine.rubyforge.org/svn/trunk@7 e93f8b46-1217-0410-a6f0-8f06a7374b81 2006-07-09 16:30:01 +00:00			`redirect_to default`
			`else`
* replaced :controller => '' broken statements by :controller => 'welcome' * request_uri method no more used git-svn-id: http://redmine.rubyforge.org/svn/trunk@175 e93f8b46-1217-0410-a6f0-8f06a7374b81 2007-01-25 18:27:42 +00:00			`redirect_to session[:return_to_params]`
			`session[:return_to_params] = nil`
v0.2.0 git-svn-id: http://redmine.rubyforge.org/svn/trunk@7 e93f8b46-1217-0410-a6f0-8f06a7374b81 2006-07-09 16:30:01 +00:00			`end`
			`end`
added svn:eol-style native property on /app files git-svn-id: http://redmine.rubyforge.org/svn/trunk@333 e93f8b46-1217-0410-a6f0-8f06a7374b81 2007-03-12 17:59:02 +00:00
A 403 error page is now displayed (instead of a blank page) when trying to access a protected page. git-svn-id: http://redmine.rubyforge.org/svn/trunk@495 e93f8b46-1217-0410-a6f0-8f06a7374b81 2007-04-30 19:47:28 +00:00			`def render_403`
			`@html_title = "403"`
			`@project = nil`
			`render :template => "common/403", :layout => true, :status => 403`
			`return false`
			`end`

added svn:eol-style native property on /app files git-svn-id: http://redmine.rubyforge.org/svn/trunk@333 e93f8b46-1217-0410-a6f0-8f06a7374b81 2007-03-12 17:59:02 +00:00			`def render_404`
			`@html_title = "404"`
			`render :template => "common/404", :layout => true, :status => 404`
			`return false`
			`end`
Merged 0.6 branch into trunk. Permissions management was rewritten. Some permissions can now be specifically defined for non member and anonymous users. This migration: * is irreversible (please, don't forget to backup your database before upgrading) * resets role's permissions (go to "Admin -> Roles & Permissions" to set them after upgrading) git-svn-id: http://redmine.rubyforge.org/svn/trunk@674 e93f8b46-1217-0410-a6f0-8f06a7374b81 2007-08-29 16:52:35 +00:00
			`def render_feed(items, options={})`
			`@items = items.sort {\|x,y\| y.event_datetime <=> x.event_datetime }`
			`@title = options[:title] \|\| Setting.app_title`
			`render :template => "common/feed.atom.rxml", :layout => false, :content_type => 'application/atom+xml'`
			`end`

			`def self.accept_key_auth(*actions)`
			`actions = actions.flatten.map(&:to_s)`
			`write_inheritable_attribute('accept_key_auth_actions', actions)`
			`end`

			`def accept_key_auth_actions`
			`self.class.read_inheritable_attribute('accept_key_auth_actions') \|\| []`
			`end`
added svn:eol-style native property on /app files git-svn-id: http://redmine.rubyforge.org/svn/trunk@333 e93f8b46-1217-0410-a6f0-8f06a7374b81 2007-03-12 17:59:02 +00:00
			`# qvalues http header parser`
			`# code taken from webrick`
			`def parse_qvalues(value)`
			`tmp = []`
			`if value`
			`parts = value.split(/,\s*/)`
			`parts.each {\|part\|`
			`if m = %r{^([^\s,]+?)(?:;\s*q=(\d+(?:\.\d+)?))?$}.match(part)`
			`val = m[1]`
			`q = (m[2] or 1).to_f`
			`tmp.push([val, q])`
			`end`
			`}`
			`tmp = tmp.sort_by{\|val, q\| -q}`
			`tmp.collect!{\|val, q\| val}`
			`end`
			`return tmp`
			`end`
Merged 0.6 branch into trunk. Permissions management was rewritten. Some permissions can now be specifically defined for non member and anonymous users. This migration: * is irreversible (please, don't forget to backup your database before upgrading) * resets role's permissions (go to "Admin -> Roles & Permissions" to set them after upgrading) git-svn-id: http://redmine.rubyforge.org/svn/trunk@674 e93f8b46-1217-0410-a6f0-8f06a7374b81 2007-08-29 16:52:35 +00:00			`end`