Make the sudo timeout configurable (#19851).

git-svn-id: http://svn.redmine.org/redmine/trunk@14353 e93f8b46-1217-0410-a6f0-8f06a7374b81

diff --git a/config/configuration.yml.example b/config/configuration.yml.example
index 1ce65e31dd63ae56a649810bcb4d9a634c929470..db22fb0f4b7e0c2cc5b3b00d5c4a54779055c749 100644 (file)
--- a/config/configuration.yml.example
+++ b/config/configuration.yml.example
@@ -172,10 +172,11 @@ default:
 
   # Requires users to re-enter their password for sensitive actions (editing
   # of account data, project memberships, application settings, user, group,
-  # role, auth source management and project deletion).
-  # Disabled by default.
+  # role, auth source management and project deletion). Disabled by default.
+  # Timeout is set in minutes.
   #
   #sudo_mode: true
+  #sudo_mode_timeout: 15
 
   # Absolute path (e.g. /usr/bin/convert, c:/im/convert.exe) to
   # the ImageMagick's `convert` binary. Used to generate attachment thumbnails.

diff --git a/lib/redmine/sudo_mode.rb b/lib/redmine/sudo_mode.rb
index bcbdd28f25ed034aecbd5b7da322ba0d1048df14..afb510ea44b1b2c7ee8edfb984d644a1e738713b 100644 (file)
--- a/lib/redmine/sudo_mode.rb
+++ b/lib/redmine/sudo_mode.rb
@@ -4,10 +4,6 @@ require 'rack/utils'
 module Redmine
   module SudoMode
 
-    # timespan after which sudo mode expires when unused.
-    MAX_INACTIVITY = 15.minutes
-
-
     class SudoRequired < StandardError
     end
 
@@ -132,7 +128,7 @@ module Redmine
       end
 
       def sudo_timestamp_valid?
-        session[:sudo_timestamp].to_i > MAX_INACTIVITY.ago.to_i
+        session[:sudo_timestamp].to_i > SudoMode.timeout.ago.to_i
       end
 
       def update_sudo_timestamp!(new_value = Time.now.to_i)
@@ -218,6 +214,10 @@ module Redmine
     def self.enabled?
       Redmine::Configuration['sudo_mode'] && !RequestStore.store[:sudo_mode_disabled]
     end
+
+    # Timespan after which sudo mode expires when unused.
+    def self.timeout
+      Redmine::Configuration['sudo_mode_timeout'].to_i.minutes
+    end
   end
 end
-