Merged r9798 to r9801 from trunk.

author Jean-Philippe Lang <jp_lang@yahoo.fr>

Sun, 10 Jun 2012 13:39:42 +0000 (13:39 +0000)

committer Jean-Philippe Lang <jp_lang@yahoo.fr>

Sun, 10 Jun 2012 13:39:42 +0000 (13:39 +0000)
author Jean-Philippe Lang <jp_lang@yahoo.fr>
Sun, 10 Jun 2012 13:39:42 +0000 (13:39 +0000)
committer Jean-Philippe Lang <jp_lang@yahoo.fr>
Sun, 10 Jun 2012 13:39:42 +0000 (13:39 +0000)
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb

index c54bb44213c073e9dbb4666b0ab87f043d0beafc..61f357cd0e54b808a5ae9ded2662571d0136b1f1 100644 (file)
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -445,9 +445,9 @@ class ApplicationController < ActionController::Base
    # Returns the API key present in the request
    def api_key_from_request
      if params[:key].present?
-      params[:key]
+      params[:key].to_s
      elsif request.headers["X-Redmine-API-Key"].present?
-      request.headers["X-Redmine-API-Key"]
+      request.headers["X-Redmine-API-Key"].to_s
      end
    end
  
diff --git a/app/models/user.rb b/app/models/user.rb

index 904420315d42f30071c08dfff7658aeb77630a22..d0d1df8348b0e63afbfeb9138a43d0b4ae2555b6 100644 (file)
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -130,8 +130,11 @@ class User < Principal
  
    # Returns the user that matches provided login and password, or nil
    def self.try_to_login(login, password)
+    login = login.to_s
+    password = password.to_s
+
      # Make sure no one can sign in with an empty password
-    return nil if password.to_s.empty?
+    return nil if password.empty?
      user = find_by_login(login)
      if user
        # user is already in local database
@@ -164,7 +167,7 @@ class User < Principal
  
    # Returns the user who matches the given autologin +key+ or nil
    def self.try_to_autologin(key)
-    tokens = Token.find_all_by_action_and_value('autologin', key)
+    tokens = Token.find_all_by_action_and_value('autologin', key.to_s)
      # Make sure there's only 1 token that matches the key
      if tokens.size == 1
        token = tokens.first
@@ -338,12 +341,12 @@ class User < Principal
    end
  
    def self.find_by_rss_key(key)
-    token = Token.find_by_value(key)
+    token = Token.find_by_action_and_value('feeds', key.to_s)
      token && token.user.active? ? token.user : nil
    end
  
    def self.find_by_api_key(key)
-    token = Token.find_by_action_and_value('api', key)
+    token = Token.find_by_action_and_value('api', key.to_s)
      token && token.user.active? ? token.user : nil
    end
author	Jean-Philippe Lang <jp_lang@yahoo.fr>
	Sun, 10 Jun 2012 13:39:42 +0000 (13:39 +0000)
committer	Jean-Philippe Lang <jp_lang@yahoo.fr>
	Sun, 10 Jun 2012 13:39:42 +0000 (13:39 +0000)
app/controllers/application_controller.rb		patch \| blob \| history
app/models/user.rb		patch \| blob \| history