Merged r9798 to r9801 from trunk.

author Jean-Philippe Lang <jp_lang@yahoo.fr>

Sun, 10 Jun 2012 13:40:02 +0000 (13:40 +0000)

committer Jean-Philippe Lang <jp_lang@yahoo.fr>

Sun, 10 Jun 2012 13:40:02 +0000 (13:40 +0000)
author Jean-Philippe Lang <jp_lang@yahoo.fr>
Sun, 10 Jun 2012 13:40:02 +0000 (13:40 +0000)
committer Jean-Philippe Lang <jp_lang@yahoo.fr>
Sun, 10 Jun 2012 13:40:02 +0000 (13:40 +0000)
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb

index 2ed4f1521325a166426f07be7ba3a0887acc2fc5..c0793a4bfd6c220af98cd28888d215d25aaf6c1a 100644 (file)
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -458,9 +458,9 @@ class ApplicationController < ActionController::Base
    # Returns the API key present in the request
    def api_key_from_request
      if params[:key].present?
-      params[:key]
+      params[:key].to_s
      elsif request.headers["X-Redmine-API-Key"].present?
-      request.headers["X-Redmine-API-Key"]
+      request.headers["X-Redmine-API-Key"].to_s
      end
    end
  
diff --git a/app/models/user.rb b/app/models/user.rb

index b11d918075e05b4b215c6da66bba0772e8e4888d..e116d0cecfadae840e1b408c87d53ef92fe9431e 100644 (file)
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -130,8 +130,11 @@ class User < Principal
  
    # Returns the user that matches provided login and password, or nil
    def self.try_to_login(login, password)
+    login = login.to_s
+    password = password.to_s
+
      # Make sure no one can sign in with an empty password
-    return nil if password.to_s.empty?
+    return nil if password.empty?
      user = find_by_login(login)
      if user
        # user is already in local database
@@ -164,7 +167,7 @@ class User < Principal
  
    # Returns the user who matches the given autologin +key+ or nil
    def self.try_to_autologin(key)
-    tokens = Token.find_all_by_action_and_value('autologin', key)
+    tokens = Token.find_all_by_action_and_value('autologin', key.to_s)
      # Make sure there's only 1 token that matches the key
      if tokens.size == 1
        token = tokens.first
@@ -338,12 +341,12 @@ class User < Principal
    end
  
    def self.find_by_rss_key(key)
-    token = Token.find_by_value(key)
+    token = Token.find_by_action_and_value('feeds', key.to_s)
      token && token.user.active? ? token.user : nil
    end
  
    def self.find_by_api_key(key)
-    token = Token.find_by_action_and_value('api', key)
+    token = Token.find_by_action_and_value('api', key.to_s)
      token && token.user.active? ? token.user : nil
    end
author	Jean-Philippe Lang <jp_lang@yahoo.fr>
	Sun, 10 Jun 2012 13:40:02 +0000 (13:40 +0000)
committer	Jean-Philippe Lang <jp_lang@yahoo.fr>
	Sun, 10 Jun 2012 13:40:02 +0000 (13:40 +0000)
app/controllers/application_controller.rb		patch \| blob \| history
app/models/user.rb		patch \| blob \| history