From a5bcdf6d2c93e0f167ef6c1fae1cce97963c6e2b Mon Sep 17 00:00:00 2001 From: Jean-Philippe Lang Date: Sat, 9 Jul 2011 09:11:13 +0000 Subject: [PATCH] Backported r6197 from trunk. git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/branches/1.2-stable@6198 e93f8b46-1217-0410-a6f0-8f06a7374b81 --- app/controllers/activities_controller.rb | 19 ++++++++- app/controllers/application_controller.rb | 41 +++++++++++++++---- app/controllers/boards_controller.rb | 6 +-- app/controllers/issue_relations_controller.rb | 2 +- app/controllers/issues_controller.rb | 3 +- app/controllers/journals_controller.rb | 2 +- app/controllers/news_controller.rb | 3 +- app/controllers/projects_controller.rb | 3 +- app/controllers/repositories_controller.rb | 2 +- app/controllers/timelog_controller.rb | 5 ++- app/controllers/users_controller.rb | 2 +- 11 files changed, 68 insertions(+), 20 deletions(-) diff --git a/app/controllers/activities_controller.rb b/app/controllers/activities_controller.rb index cd03432b2..bdf0b24ed 100644 --- a/app/controllers/activities_controller.rb +++ b/app/controllers/activities_controller.rb @@ -1,7 +1,24 @@ +# Redmine - project management software +# Copyright (C) 2006-2011 Jean-Philippe Lang +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License +# as published by the Free Software Foundation; either version 2 +# of the License, or (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + class ActivitiesController < ApplicationController menu_item :activity before_filter :find_optional_project - accept_key_auth :index + accept_rss_auth :index def index @days = Setting.activity_days_default.to_i diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index e23f8b108..b3f00815d 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -71,11 +71,11 @@ class ApplicationController < ActionController::Base user = User.try_to_autologin(cookies[:autologin]) session[:user_id] = user.id if user user - elsif params[:format] == 'atom' && request.get? && params[:key] && accept_key_auth_actions.include?(params[:action]) + elsif params[:format] == 'atom' && params[:key] && request.get? && accept_rss_auth? # RSS key authentication does not start a session User.find_by_rss_key(params[:key]) - elsif Setting.rest_api_enabled? && api_request? - if (key = api_key_from_request) && accept_key_auth_actions.include?(params[:action]) + elsif Setting.rest_api_enabled? && accept_api_auth? + if (key = api_key_from_request) # Use API key User.find_by_api_key(key) else @@ -332,14 +332,41 @@ class ApplicationController < ActionController::Base @title = options[:title] || Setting.app_title render :template => "common/feed.atom.rxml", :layout => false, :content_type => 'application/atom+xml' end - + + # TODO: remove in Redmine 1.4 def self.accept_key_auth(*actions) - actions = actions.flatten.map(&:to_s) - write_inheritable_attribute('accept_key_auth_actions', actions) + ActiveSupport::Deprecaction.warn "ApplicationController.accept_key_auth is deprecated and will be removed in Redmine 1.4. Use accept_rss_auth (or accept_api_auth) instead." + accept_rss_auth(*actions) end + # TODO: remove in Redmine 1.4 def accept_key_auth_actions - self.class.read_inheritable_attribute('accept_key_auth_actions') || [] + ActiveSupport::Deprecaction.warn "ApplicationController.accept_key_auth_actions is deprecated and will be removed in Redmine 1.4. Use accept_rss_auth (or accept_api_auth) instead." + self.class.accept_rss_auth + end + + def self.accept_rss_auth(*actions) + if actions.any? + write_inheritable_attribute('accept_rss_auth_actions', actions) + else + read_inheritable_attribute('accept_rss_auth_actions') || [] + end + end + + def accept_rss_auth?(action=action_name) + self.class.accept_rss_auth.include?(action.to_sym) + end + + def self.accept_api_auth(*actions) + if actions.any? + write_inheritable_attribute('accept_api_auth_actions', actions) + else + read_inheritable_attribute('accept_api_auth_actions') || [] + end + end + + def accept_api_auth?(action=action_name) + self.class.accept_api_auth.include?(action.to_sym) end # Returns the number of objects that should be displayed diff --git a/app/controllers/boards_controller.rb b/app/controllers/boards_controller.rb index fa82218de..6ad41e562 100644 --- a/app/controllers/boards_controller.rb +++ b/app/controllers/boards_controller.rb @@ -1,5 +1,5 @@ -# redMine - project management software -# Copyright (C) 2006-2007 Jean-Philippe Lang +# Redmine - project management software +# Copyright (C) 2006-2011 Jean-Philippe Lang # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License @@ -18,7 +18,7 @@ class BoardsController < ApplicationController default_search_scope :messages before_filter :find_project, :find_board_if_available, :authorize - accept_key_auth :index, :show + accept_rss_auth :index, :show helper :messages include MessagesHelper diff --git a/app/controllers/issue_relations_controller.rb b/app/controllers/issue_relations_controller.rb index b095df37a..fbf1cf0b4 100644 --- a/app/controllers/issue_relations_controller.rb +++ b/app/controllers/issue_relations_controller.rb @@ -1,4 +1,4 @@ -# redMine - project management software +# Redmine - project management software # Copyright (C) 2006-2007 Jean-Philippe Lang # # This program is free software; you can redistribute it and/or diff --git a/app/controllers/issues_controller.rb b/app/controllers/issues_controller.rb index 63ee316a3..8a8162be5 100644 --- a/app/controllers/issues_controller.rb +++ b/app/controllers/issues_controller.rb @@ -27,7 +27,8 @@ class IssuesController < ApplicationController before_filter :find_optional_project, :only => [:index] before_filter :check_for_default_issue_status, :only => [:new, :create] before_filter :build_new_issue_from_params, :only => [:new, :create] - accept_key_auth :index, :show, :create, :update, :destroy + accept_rss_auth :index, :show + accept_api_auth :index, :show, :create, :update, :destroy rescue_from Query::StatementInvalid, :with => :query_statement_invalid diff --git a/app/controllers/journals_controller.rb b/app/controllers/journals_controller.rb index 9eed2eaca..461598e26 100644 --- a/app/controllers/journals_controller.rb +++ b/app/controllers/journals_controller.rb @@ -20,7 +20,7 @@ class JournalsController < ApplicationController before_filter :find_issue, :only => [:new] before_filter :find_optional_project, :only => [:index] before_filter :authorize, :only => [:new, :edit, :diff] - accept_key_auth :index + accept_rss_auth :index menu_item :issues helper :issues diff --git a/app/controllers/news_controller.rb b/app/controllers/news_controller.rb index bc7eabb58..7dbd80a57 100644 --- a/app/controllers/news_controller.rb +++ b/app/controllers/news_controller.rb @@ -23,7 +23,8 @@ class NewsController < ApplicationController before_filter :find_project, :only => [:new, :create] before_filter :authorize, :except => [:index] before_filter :find_optional_project, :only => :index - accept_key_auth :index + accept_rss_auth :index + accept_api_auth :index helper :watchers diff --git a/app/controllers/projects_controller.rb b/app/controllers/projects_controller.rb index 8579d0a80..4b750dc0e 100644 --- a/app/controllers/projects_controller.rb +++ b/app/controllers/projects_controller.rb @@ -24,7 +24,8 @@ class ProjectsController < ApplicationController before_filter :authorize, :except => [ :index, :list, :new, :create, :copy, :archive, :unarchive, :destroy] before_filter :authorize_global, :only => [:new, :create] before_filter :require_admin, :only => [ :copy, :archive, :unarchive, :destroy ] - accept_key_auth :index, :show, :create, :update, :destroy + accept_rss_auth :index + accept_api_auth :index, :show, :create, :update, :destroy after_filter :only => [:create, :edit, :update, :archive, :unarchive, :destroy] do |controller| if controller.request.post? diff --git a/app/controllers/repositories_controller.rb b/app/controllers/repositories_controller.rb index a30353eb9..eef856032 100644 --- a/app/controllers/repositories_controller.rb +++ b/app/controllers/repositories_controller.rb @@ -30,7 +30,7 @@ class RepositoriesController < ApplicationController before_filter :find_repository, :except => :edit before_filter :find_project, :only => :edit before_filter :authorize - accept_key_auth :revisions + accept_rss_auth :revisions rescue_from Redmine::Scm::Adapters::CommandFailed, :with => :show_error_command_failed diff --git a/app/controllers/timelog_controller.rb b/app/controllers/timelog_controller.rb index 16e6e2457..ccd170158 100644 --- a/app/controllers/timelog_controller.rb +++ b/app/controllers/timelog_controller.rb @@ -1,5 +1,5 @@ # Redmine - project management software -# Copyright (C) 2006-2010 Jean-Philippe Lang +# Copyright (C) 2006-2011 Jean-Philippe Lang # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License @@ -22,7 +22,8 @@ class TimelogController < ApplicationController before_filter :find_time_entries, :only => [:bulk_edit, :bulk_update, :destroy] before_filter :authorize, :except => [:index] before_filter :find_optional_project, :only => [:index] - accept_key_auth :index, :show, :create, :update, :destroy + accept_rss_auth :index + accept_api_auth :index, :show, :create, :update, :destroy helper :sort include SortHelper diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb index dc991c59d..40a9ee427 100644 --- a/app/controllers/users_controller.rb +++ b/app/controllers/users_controller.rb @@ -20,7 +20,7 @@ class UsersController < ApplicationController before_filter :require_admin, :except => :show before_filter :find_user, :only => [:show, :edit, :update, :destroy, :edit_membership, :destroy_membership] - accept_key_auth :index, :show, :create, :update, :destroy + accept_api_auth :index, :show, :create, :update, :destroy helper :sort include SortHelper -- 2.39.5