diff options
author | Jean-Philippe Lang <jp_lang@yahoo.fr> | 2012-06-10 13:16:56 +0000 |
---|---|---|
committer | Jean-Philippe Lang <jp_lang@yahoo.fr> | 2012-06-10 13:16:56 +0000 |
commit | 74645eb017f2f8a0f9e7ce669c50c3827488b801 (patch) | |
tree | a551422f1783886028107abd2874b4c9cdc35ee9 | |
parent | 26ff9e1c260b6cbb02371f72047e3108a93aee75 (diff) | |
download | redmine-74645eb017f2f8a0f9e7ce669c50c3827488b801.tar.gz redmine-74645eb017f2f8a0f9e7ce669c50c3827488b801.zip |
Configurable session lifetime and timeout (#6597).
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@9797 e93f8b46-1217-0410-a6f0-8f06a7374b81
51 files changed, 555 insertions, 6 deletions
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index c54bb4421..e4d5fb542 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -35,7 +35,7 @@ class ApplicationController < ActionController::Base cookies.delete(:autologin) end - before_filter :user_setup, :check_if_login_required, :set_localization + before_filter :session_expiration, :user_setup, :check_if_login_required, :set_localization rescue_from ActionController::InvalidAuthenticityToken, :with => :invalid_authenticity_token rescue_from ::Unauthorized, :with => :deny_access @@ -44,6 +44,38 @@ class ApplicationController < ActionController::Base include Redmine::MenuManager::MenuController helper Redmine::MenuManager::MenuHelper + def session_expiration + if session[:user_id] + if session_expired? && !try_to_autologin + reset_session + flash[:error] = l(:error_session_expired) + redirect_to signin_url + else + session[:atime] = Time.now.utc.to_i + end + end + end + + def session_expired? + if Setting.session_lifetime? + unless session[:ctime] && (Time.now.utc.to_i - session[:ctime].to_i <= Setting.session_lifetime.to_i * 60) + return true + end + end + if Setting.session_timeout? + unless session[:atime] && (Time.now.utc.to_i - session[:atime].to_i <= Setting.session_timeout.to_i * 60) + return true + end + end + false + end + + def start_user_session(user) + session[:user_id] = user.id + session[:ctime] = Time.now.utc.to_i + session[:atime] = Time.now.utc.to_i + end + def user_setup # Check the settings cache for each request Setting.check_cache @@ -57,10 +89,7 @@ class ApplicationController < ActionController::Base if session[:user_id] # existing session (User.active.find(session[:user_id]) rescue nil) - elsif cookies[:autologin] && Setting.autologin? - # auto-login feature starts a new session - user = User.try_to_autologin(cookies[:autologin]) - session[:user_id] = user.id if user + elsif user = try_to_autologin user elsif params[:format] == 'atom' && params[:key] && request.get? && accept_rss_auth? # RSS key authentication does not start a session @@ -78,12 +107,24 @@ class ApplicationController < ActionController::Base end end + def try_to_autologin + if cookies[:autologin] && Setting.autologin? + # auto-login feature starts a new session + user = User.try_to_autologin(cookies[:autologin]) + if user + reset_session + start_user_session(user) + end + user + end + end + # Sets the logged in user def logged_user=(user) reset_session if user && user.is_a?(User) User.current = user - session[:user_id] = user.id + start_user_session(user) else User.current = User.anonymous end diff --git a/app/views/settings/_authentication.html.erb b/app/views/settings/_authentication.html.erb index fe27e3d88..bba896497 100644 --- a/app/views/settings/_authentication.html.erb +++ b/app/views/settings/_authentication.html.erb @@ -21,5 +21,16 @@ <p><%= setting_check_box :rest_api_enabled %></p> </div> +<fieldset class="box"> + <legend><%= l(:label_session_expiration) %></legend> + + <div class="tabular settings"> + <p><%= setting_select :session_lifetime, [[l(:label_disabled), 0]] + [1, 7, 30, 60, 365].collect{|days| [l('datetime.distance_in_words.x_days', :count => days), (days * 60 * 24).to_s]} %></p> + <p><%= setting_select :session_timeout, [[l(:label_disabled), 0]] + [1, 2, 4, 8, 12, 24, 48].collect{|hours| [l('datetime.distance_in_words.x_hours', :count => hours), (hours * 60).to_s]} %></p> + </div> + + <p><em class="info"><%= l(:text_session_expiration_settings) %></em></p> +</fieldset> + <%= submit_tag l(:button_save) %> <% end %> diff --git a/config/locales/ar.yml b/config/locales/ar.yml index 84912640a..ee1ff3b90 100644 --- a/config/locales/ar.yml +++ b/config/locales/ar.yml @@ -49,6 +49,9 @@ ar: about_x_hours: one: "حوالي ساعة" other: "ساعات %{count}حوالي " + x_hours: + one: "1 hour" + other: "%{count} hours" x_days: one: "يوم" other: "%{count} أيام" @@ -1031,3 +1034,8 @@ ar: text_account_destroy_confirmation: |- Are you sure you want to proceed? Your account will be permanently deleted, with no way to reactivate it. + error_session_expired: Your session has expired. Please login again. + text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours." + setting_session_lifetime: Session maximum lifetime + setting_session_timeout: Session inactivity timeout + label_session_expiration: Session expiration diff --git a/config/locales/bg.yml b/config/locales/bg.yml index 130e9d51e..64b51dc4d 100644 --- a/config/locales/bg.yml +++ b/config/locales/bg.yml @@ -50,6 +50,9 @@ bg: about_x_hours: one: "около 1 час" other: "около %{count} часа" + x_hours: + one: "1 hour" + other: "%{count} hours" x_days: one: "1 ден" other: "%{count} дена" @@ -1028,3 +1031,8 @@ bg: description_date_range_interval: Изберете диапазон чрез задаване на начална и крайна дати description_date_from: Въведете начална дата description_date_to: Въведете крайна дата + error_session_expired: Your session has expired. Please login again. + text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours." + setting_session_lifetime: Session maximum lifetime + setting_session_timeout: Session inactivity timeout + label_session_expiration: Session expiration diff --git a/config/locales/bs.yml b/config/locales/bs.yml index c3a72e521..2d9e1597c 100644 --- a/config/locales/bs.yml +++ b/config/locales/bs.yml @@ -48,6 +48,9 @@ bs: about_x_hours: one: "oko 1 sahat" other: "oko %{count} sahata" + x_hours: + one: "1 hour" + other: "%{count} hours" x_days: one: "1 dan" other: "%{count} dana" @@ -1045,3 +1048,8 @@ bs: text_account_destroy_confirmation: |- Are you sure you want to proceed? Your account will be permanently deleted, with no way to reactivate it. + error_session_expired: Your session has expired. Please login again. + text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours." + setting_session_lifetime: Session maximum lifetime + setting_session_timeout: Session inactivity timeout + label_session_expiration: Session expiration diff --git a/config/locales/ca.yml b/config/locales/ca.yml index 845774c39..89645fbd8 100644 --- a/config/locales/ca.yml +++ b/config/locales/ca.yml @@ -52,6 +52,9 @@ ca: about_x_hours: one: "aproximadament 1 hora" other: "aproximadament %{count} hores" + x_hours: + one: "1 hour" + other: "%{count} hours" x_days: one: "1 dia" other: "%{count} dies" @@ -1033,3 +1036,8 @@ ca: text_account_destroy_confirmation: |- Are you sure you want to proceed? Your account will be permanently deleted, with no way to reactivate it. + error_session_expired: Your session has expired. Please login again. + text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours." + setting_session_lifetime: Session maximum lifetime + setting_session_timeout: Session inactivity timeout + label_session_expiration: Session expiration diff --git a/config/locales/cs.yml b/config/locales/cs.yml index d37131b37..eb1018b39 100644 --- a/config/locales/cs.yml +++ b/config/locales/cs.yml @@ -53,6 +53,9 @@ cs: about_x_hours: one: "asi 1 hodina" other: "asi %{count} hodin" + x_hours: + one: "1 hour" + other: "%{count} hours" x_days: one: "1 den" other: "%{count} dnů" @@ -1034,3 +1037,8 @@ cs: text_account_destroy_confirmation: |- Are you sure you want to proceed? Your account will be permanently deleted, with no way to reactivate it. + error_session_expired: Your session has expired. Please login again. + text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours." + setting_session_lifetime: Session maximum lifetime + setting_session_timeout: Session inactivity timeout + label_session_expiration: Session expiration diff --git a/config/locales/da.yml b/config/locales/da.yml index 54abf8487..99578c70d 100644 --- a/config/locales/da.yml +++ b/config/locales/da.yml @@ -51,6 +51,9 @@ da: about_x_hours: one: "cirka en time" other: "cirka %{count} timer" + x_hours: + one: "1 hour" + other: "%{count} hours" x_days: one: "en dag" other: "%{count} dage" @@ -1048,3 +1051,8 @@ da: text_account_destroy_confirmation: |- Are you sure you want to proceed? Your account will be permanently deleted, with no way to reactivate it. + error_session_expired: Your session has expired. Please login again. + text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours." + setting_session_lifetime: Session maximum lifetime + setting_session_timeout: Session inactivity timeout + label_session_expiration: Session expiration diff --git a/config/locales/de.yml b/config/locales/de.yml index 28af280c2..20b95ed0c 100644 --- a/config/locales/de.yml +++ b/config/locales/de.yml @@ -52,6 +52,9 @@ de: about_x_hours: one: 'etwa 1 Stunde' other: 'etwa %{count} Stunden' + x_hours: + one: "1 hour" + other: "%{count} hours" x_days: one: '1 Tag' other: '%{count} Tagen' @@ -1049,3 +1052,8 @@ de: setting_unsubscribe: Erlaubt Benutzern das eigene Benutzerkonto zu löschen button_delete_my_account: Mein Benutzerkonto löschen text_account_destroy_confirmation: Möchten Sie wirklich fortfahren?\nIhr Benutzerkonto wird für immer gelöscht und kann nicht wiederhergestellt werden. + error_session_expired: Your session has expired. Please login again. + text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours." + setting_session_lifetime: Session maximum lifetime + setting_session_timeout: Session inactivity timeout + label_session_expiration: Session expiration diff --git a/config/locales/el.yml b/config/locales/el.yml index 8836550b8..88b4a435c 100644 --- a/config/locales/el.yml +++ b/config/locales/el.yml @@ -51,6 +51,9 @@ el: about_x_hours: one: "περίπου 1 ώρα" other: "περίπου %{count} ώρες" + x_hours: + one: "1 hour" + other: "%{count} hours" x_days: one: "1 ημέρα" other: "%{count} ημέρες" @@ -1031,3 +1034,8 @@ el: text_account_destroy_confirmation: |- Are you sure you want to proceed? Your account will be permanently deleted, with no way to reactivate it. + error_session_expired: Your session has expired. Please login again. + text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours." + setting_session_lifetime: Session maximum lifetime + setting_session_timeout: Session inactivity timeout + label_session_expiration: Session expiration diff --git a/config/locales/en-GB.yml b/config/locales/en-GB.yml index ce6b5c67d..48597e8be 100644 --- a/config/locales/en-GB.yml +++ b/config/locales/en-GB.yml @@ -48,6 +48,9 @@ en-GB: about_x_hours: one: "about 1 hour" other: "about %{count} hours" + x_hours: + one: "1 hour" + other: "%{count} hours" x_days: one: "1 day" other: "%{count} days" @@ -1033,3 +1036,8 @@ en-GB: text_account_destroy_confirmation: |- Are you sure you want to proceed? Your account will be permanently deleted, with no way to reactivate it. + error_session_expired: Your session has expired. Please login again. + text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours." + setting_session_lifetime: Session maximum lifetime + setting_session_timeout: Session inactivity timeout + label_session_expiration: Session expiration diff --git a/config/locales/en.yml b/config/locales/en.yml index d1718a77b..05ef97b0e 100644 --- a/config/locales/en.yml +++ b/config/locales/en.yml @@ -49,6 +49,9 @@ en: about_x_hours: one: "about 1 hour" other: "about %{count} hours" + x_hours: + one: "1 hour" + other: "%{count} hours" x_days: one: "1 day" other: "%{count} days" @@ -194,6 +197,7 @@ en: error_unable_delete_issue_status: 'Unable to delete issue status' error_unable_to_connect: "Unable to connect (%{value})" error_attachment_too_big: "This file cannot be uploaded because it exceeds the maximum allowed file size (%{max_size})" + error_session_expired: "Your session has expired. Please login again." warning_attachments_not_saved: "%{count} file(s) could not be saved." mail_subject_lost_password: "Your %{value} password" @@ -385,6 +389,8 @@ en: setting_default_issue_start_date_to_creation_date: Use current date as start date for new issues setting_commit_cross_project_ref: Allow issues of all the other projects to be referenced and fixed setting_unsubscribe: Allow users to delete their own account + setting_session_lifetime: Session maximum lifetime + setting_session_timeout: Session inactivity timeout permission_add_project: Create project permission_add_subprojects: Create subprojects @@ -847,6 +853,7 @@ en: label_item_position: "%{position} of %{count}" label_completed_versions: Completed versions label_search_for_watchers: Search for watchers to add + label_session_expiration: Session expiration button_login: Login button_submit: Submit @@ -982,6 +989,7 @@ en: text_issue_conflict_resolution_add_notes: "Add my notes and discard my other changes" text_issue_conflict_resolution_cancel: "Discard all my changes and redisplay %{link}" text_account_destroy_confirmation: "Are you sure you want to proceed?\nYour account will be permanently deleted, with no way to reactivate it." + text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours." default_role_manager: Manager default_role_developer: Developer diff --git a/config/locales/es.yml b/config/locales/es.yml index 64123b9f3..e37d57d76 100644 --- a/config/locales/es.yml +++ b/config/locales/es.yml @@ -79,6 +79,9 @@ es: about_x_hours: one: "alrededor de 1 hora" other: "alrededor de %{count} horas" + x_hours: + one: "1 hour" + other: "%{count} hours" x_days: one: "1 día" other: "%{count} días" @@ -1068,3 +1071,8 @@ es: text_account_destroy_confirmation: |- Are you sure you want to proceed? Your account will be permanently deleted, with no way to reactivate it. + error_session_expired: Your session has expired. Please login again. + text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours." + setting_session_lifetime: Session maximum lifetime + setting_session_timeout: Session inactivity timeout + label_session_expiration: Session expiration diff --git a/config/locales/et.yml b/config/locales/et.yml index 3fcc8d290..b9c858902 100644 --- a/config/locales/et.yml +++ b/config/locales/et.yml @@ -66,6 +66,9 @@ et: about_x_hours: one: "umbes tund" other: "umbes %{count} tundi" + x_hours: + one: "1 hour" + other: "%{count} hours" x_days: one: "1 päev" other: "%{count} päeva" @@ -1044,3 +1047,8 @@ et: description_date_range_interval: "Vali vahemik algus- ja lõpukuupäeva abil" description_date_from: "Sisesta alguskuupäev" description_date_to: "Sisesta lõpukuupäev" + error_session_expired: Your session has expired. Please login again. + text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours." + setting_session_lifetime: Session maximum lifetime + setting_session_timeout: Session inactivity timeout + label_session_expiration: Session expiration diff --git a/config/locales/eu.yml b/config/locales/eu.yml index 7df380898..674c87338 100644 --- a/config/locales/eu.yml +++ b/config/locales/eu.yml @@ -52,6 +52,9 @@ eu: about_x_hours: one: "ordu 1 inguru" other: "%{count} ordu inguru" + x_hours: + one: "1 hour" + other: "%{count} hours" x_days: one: "egun 1" other: "%{count} egun" @@ -1034,3 +1037,8 @@ eu: text_account_destroy_confirmation: |- Are you sure you want to proceed? Your account will be permanently deleted, with no way to reactivate it. + error_session_expired: Your session has expired. Please login again. + text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours." + setting_session_lifetime: Session maximum lifetime + setting_session_timeout: Session inactivity timeout + label_session_expiration: Session expiration diff --git a/config/locales/fa.yml b/config/locales/fa.yml index c91cfe67b..a163fa283 100644 --- a/config/locales/fa.yml +++ b/config/locales/fa.yml @@ -49,6 +49,9 @@ fa: about_x_hours: one: "نزدیک 1 ساعت" other: "نزدیک %{count} ساعت" + x_hours: + one: "1 hour" + other: "%{count} hours" x_days: one: "1 روز" other: "%{count} روز" @@ -1033,3 +1036,8 @@ fa: text_account_destroy_confirmation: |- Are you sure you want to proceed? Your account will be permanently deleted, with no way to reactivate it. + error_session_expired: Your session has expired. Please login again. + text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours." + setting_session_lifetime: Session maximum lifetime + setting_session_timeout: Session inactivity timeout + label_session_expiration: Session expiration diff --git a/config/locales/fi.yml b/config/locales/fi.yml index d6b71723d..915784179 100644 --- a/config/locales/fi.yml +++ b/config/locales/fi.yml @@ -94,6 +94,9 @@ fi: about_x_hours: one: "noin tunti" other: "noin %{count} tuntia" + x_hours: + one: "1 hour" + other: "%{count} hours" x_days: one: "päivä" other: "%{count} päivää" @@ -1052,3 +1055,8 @@ fi: text_account_destroy_confirmation: |- Are you sure you want to proceed? Your account will be permanently deleted, with no way to reactivate it. + error_session_expired: Your session has expired. Please login again. + text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours." + setting_session_lifetime: Session maximum lifetime + setting_session_timeout: Session inactivity timeout + label_session_expiration: Session expiration diff --git a/config/locales/fr.yml b/config/locales/fr.yml index e53698ef3..64b65c258 100644 --- a/config/locales/fr.yml +++ b/config/locales/fr.yml @@ -53,6 +53,9 @@ fr: about_x_hours: one: "environ une heure" other: "environ %{count} heures" + x_hours: + one: "une heure" + other: "%{count} heures" x_days: one: "un jour" other: "%{count} jours" @@ -201,6 +204,7 @@ fr: error_workflow_copy_target: 'Veuillez sélectionner les trackers et rôles cibles' error_issue_done_ratios_not_updated: L'avancement des demandes n'a pas pu être mis à jour. error_attachment_too_big: Ce fichier ne peut pas être attaché car il excède la taille maximale autorisée (%{max_size}) + error_session_expired: "Votre session a expiré. Veuillez vous reconnecter." warning_attachments_not_saved: "%{count} fichier(s) n'ont pas pu être sauvegardés." @@ -381,6 +385,8 @@ fr: setting_default_issue_start_date_to_creation_date: Donner à la date de début d'une nouvelle demande la valeur de la date du jour setting_commit_cross_project_ref: Permettre le référencement et la résolution des demandes de tous les autres projets setting_unsubscribe: Permettre aux utilisateurs de supprimer leur propre compte + setting_session_lifetime: Durée de vie maximale des sessions + setting_session_timeout: Durée maximale d'inactivité permission_add_project: Créer un projet permission_add_subprojects: Créer des sous-projets @@ -822,6 +828,7 @@ fr: label_copy_attachments: Copier les fichiers label_item_position: "%{position} sur %{count}" label_completed_versions: Versions passées + label_session_expiration: Expiration des sessions button_login: Connexion button_submit: Soumettre @@ -938,6 +945,7 @@ fr: text_issue_conflict_resolution_add_notes: "Ajouter mes notes et ignorer mes autres changements" text_issue_conflict_resolution_cancel: "Annuler ma mise à jour et réafficher %{link}" text_account_destroy_confirmation: "Êtes-vous sûr de vouloir continuer ?\nVotre compte sera définitivement supprimé, sans aucune possibilité de le réactiver." + text_session_expiration_settings: "Attention : le changement de ces paramètres peut entrainer l'expiration des sessions utilisateurs en cours, y compris la vôtre." default_role_manager: "Manager " default_role_developer: "Développeur " diff --git a/config/locales/gl.yml b/config/locales/gl.yml index dd6a61168..7bed3d6f6 100644 --- a/config/locales/gl.yml +++ b/config/locales/gl.yml @@ -90,6 +90,9 @@ gl: about_x_hours: one: 'aproximadamente unha hora' other: '%{count} horas' + x_hours: + one: "1 hour" + other: "%{count} hours" x_days: one: '1 día' other: '%{count} días' @@ -1042,3 +1045,8 @@ gl: text_account_destroy_confirmation: |- Are you sure you want to proceed? Your account will be permanently deleted, with no way to reactivate it. + error_session_expired: Your session has expired. Please login again. + text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours." + setting_session_lifetime: Session maximum lifetime + setting_session_timeout: Session inactivity timeout + label_session_expiration: Session expiration diff --git a/config/locales/he.yml b/config/locales/he.yml index fde9b4e59..c059bb181 100644 --- a/config/locales/he.yml +++ b/config/locales/he.yml @@ -55,6 +55,9 @@ he: about_x_hours: one: 'בערך שעה אחת' other: 'בערך %{count} שעות' + x_hours: + one: "1 hour" + other: "%{count} hours" x_days: one: 'יום אחד' other: '%{count} ימים' @@ -1036,3 +1039,8 @@ he: text_account_destroy_confirmation: |- Are you sure you want to proceed? Your account will be permanently deleted, with no way to reactivate it. + error_session_expired: Your session has expired. Please login again. + text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours." + setting_session_lifetime: Session maximum lifetime + setting_session_timeout: Session inactivity timeout + label_session_expiration: Session expiration diff --git a/config/locales/hr.yml b/config/locales/hr.yml index 778ca9405..0f75ffb9b 100644 --- a/config/locales/hr.yml +++ b/config/locales/hr.yml @@ -48,6 +48,9 @@ hr: about_x_hours: one: "oko sat vremena" other: "oko %{count} sati" + x_hours: + one: "1 hour" + other: "%{count} hours" x_days: one: "1 dan" other: "%{count} dana" @@ -1034,3 +1037,8 @@ hr: text_account_destroy_confirmation: |- Are you sure you want to proceed? Your account will be permanently deleted, with no way to reactivate it. + error_session_expired: Your session has expired. Please login again. + text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours." + setting_session_lifetime: Session maximum lifetime + setting_session_timeout: Session inactivity timeout + label_session_expiration: Session expiration diff --git a/config/locales/hu.yml b/config/locales/hu.yml index 6e161f90a..ad6f65bae 100644 --- a/config/locales/hu.yml +++ b/config/locales/hu.yml @@ -50,6 +50,9 @@ about_x_hours: one: 'csaknem 1 órája' other: 'csaknem %{count} órája' + x_hours: + one: "1 hour" + other: "%{count} hours" x_days: one: '1 napja' other: '%{count} napja' @@ -1050,3 +1053,8 @@ text_account_destroy_confirmation: |- Are you sure you want to proceed? Your account will be permanently deleted, with no way to reactivate it. + error_session_expired: Your session has expired. Please login again. + text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours." + setting_session_lifetime: Session maximum lifetime + setting_session_timeout: Session inactivity timeout + label_session_expiration: Session expiration diff --git a/config/locales/id.yml b/config/locales/id.yml index 6beb3859d..d85e3fbee 100644 --- a/config/locales/id.yml +++ b/config/locales/id.yml @@ -46,6 +46,9 @@ id: about_x_hours: one: "sekitar sejam" other: "sekitar %{count} jam" + x_hours: + one: "1 hour" + other: "%{count} hours" x_days: one: "sehari" other: "%{count} hari" @@ -1037,3 +1040,8 @@ id: text_account_destroy_confirmation: |- Are you sure you want to proceed? Your account will be permanently deleted, with no way to reactivate it. + error_session_expired: Your session has expired. Please login again. + text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours." + setting_session_lifetime: Session maximum lifetime + setting_session_timeout: Session inactivity timeout + label_session_expiration: Session expiration diff --git a/config/locales/it.yml b/config/locales/it.yml index a5aa649f8..b3dfd5ec4 100644 --- a/config/locales/it.yml +++ b/config/locales/it.yml @@ -54,6 +54,9 @@ it: about_x_hours: one: "circa un'ora" other: "circa %{count} ore" + x_hours: + one: "1 hour" + other: "%{count} hours" x_days: one: "1 giorno" other: "%{count} giorni" @@ -1032,3 +1035,8 @@ it: text_account_destroy_confirmation: |- Are you sure you want to proceed? Your account will be permanently deleted, with no way to reactivate it. + error_session_expired: Your session has expired. Please login again. + text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours." + setting_session_lifetime: Session maximum lifetime + setting_session_timeout: Session inactivity timeout + label_session_expiration: Session expiration diff --git a/config/locales/ja.yml b/config/locales/ja.yml index 35bdfb8c3..002732eb0 100644 --- a/config/locales/ja.yml +++ b/config/locales/ja.yml @@ -52,6 +52,9 @@ ja: about_x_hours: one: "約1時間" other: "約%{count}時間" + x_hours: + one: "1 hour" + other: "%{count} hours" x_days: one: "1日" other: "%{count}日" @@ -1061,3 +1064,8 @@ ja: text_account_destroy_confirmation: |- 本当にアカウントを削除しますか? アカウントは恒久的に削除されます。削除後に再度アカウントを有効にする手段はありません。 + error_session_expired: Your session has expired. Please login again. + text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours." + setting_session_lifetime: Session maximum lifetime + setting_session_timeout: Session inactivity timeout + label_session_expiration: Session expiration diff --git a/config/locales/ko.yml b/config/locales/ko.yml index c28383867..c224cb967 100644 --- a/config/locales/ko.yml +++ b/config/locales/ko.yml @@ -49,6 +49,9 @@ ko: about_x_hours: one: "약 한시간" other: "약 %{count}시간" + x_hours: + one: "1 hour" + other: "%{count} hours" x_days: one: "하루" other: "%{count}일" @@ -1081,3 +1084,8 @@ ko: text_account_destroy_confirmation: |- 계속하시겠습니까? 계정이 삭제되면 복구할 수 없습니다. + error_session_expired: Your session has expired. Please login again. + text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours." + setting_session_lifetime: Session maximum lifetime + setting_session_timeout: Session inactivity timeout + label_session_expiration: Session expiration diff --git a/config/locales/lt.yml b/config/locales/lt.yml index fb26e3f9e..6c9e6b8ae 100644 --- a/config/locales/lt.yml +++ b/config/locales/lt.yml @@ -58,6 +58,9 @@ lt: about_x_hours: one: "apie 1 valanda" other: "apie %{count} valandų" + x_hours: + one: "1 hour" + other: "%{count} hours" x_days: one: "1 diena" other: "%{count} dienų" @@ -1091,3 +1094,8 @@ lt: text_account_destroy_confirmation: |- Are you sure you want to proceed? Your account will be permanently deleted, with no way to reactivate it. + error_session_expired: Your session has expired. Please login again. + text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours." + setting_session_lifetime: Session maximum lifetime + setting_session_timeout: Session inactivity timeout + label_session_expiration: Session expiration diff --git a/config/locales/lv.yml b/config/locales/lv.yml index 5bb429db9..35a3797fe 100644 --- a/config/locales/lv.yml +++ b/config/locales/lv.yml @@ -45,6 +45,9 @@ lv: about_x_hours: one: "aptuveni 1 stunda" other: "aptuveni %{count} stundas" + x_hours: + one: "1 hour" + other: "%{count} hours" x_days: one: "1 diena" other: "%{count} dienas" @@ -1025,3 +1028,8 @@ lv: text_account_destroy_confirmation: |- Are you sure you want to proceed? Your account will be permanently deleted, with no way to reactivate it. + error_session_expired: Your session has expired. Please login again. + text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours." + setting_session_lifetime: Session maximum lifetime + setting_session_timeout: Session inactivity timeout + label_session_expiration: Session expiration diff --git a/config/locales/mk.yml b/config/locales/mk.yml index fe5fa575b..98ffb7e32 100644 --- a/config/locales/mk.yml +++ b/config/locales/mk.yml @@ -49,6 +49,9 @@ mk: about_x_hours: one: "околу 1 час" other: "околу %{count} часа" + x_hours: + one: "1 hour" + other: "%{count} hours" x_days: one: "1 ден" other: "%{count} дена" @@ -1031,3 +1034,8 @@ mk: text_account_destroy_confirmation: |- Are you sure you want to proceed? Your account will be permanently deleted, with no way to reactivate it. + error_session_expired: Your session has expired. Please login again. + text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours." + setting_session_lifetime: Session maximum lifetime + setting_session_timeout: Session inactivity timeout + label_session_expiration: Session expiration diff --git a/config/locales/mn.yml b/config/locales/mn.yml index e00c9f075..5404d9397 100644 --- a/config/locales/mn.yml +++ b/config/locales/mn.yml @@ -48,6 +48,9 @@ mn: about_x_hours: one: "1 цаг орчим" other: "ойролцоогоор %{count} цаг" + x_hours: + one: "1 hour" + other: "%{count} hours" x_days: one: "1 өдөр" other: "%{count} өдөр" @@ -1031,3 +1034,8 @@ mn: text_account_destroy_confirmation: |- Are you sure you want to proceed? Your account will be permanently deleted, with no way to reactivate it. + error_session_expired: Your session has expired. Please login again. + text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours." + setting_session_lifetime: Session maximum lifetime + setting_session_timeout: Session inactivity timeout + label_session_expiration: Session expiration diff --git a/config/locales/nl.yml b/config/locales/nl.yml index 371040fe5..6e11e546a 100644 --- a/config/locales/nl.yml +++ b/config/locales/nl.yml @@ -48,6 +48,9 @@ nl: about_x_hours: one: "ongeveer 1 uur" other: "ongeveer %{count} uren" + x_hours: + one: "1 hour" + other: "%{count} hours" x_days: one: "1 dag" other: "%{count} dagen" @@ -1013,3 +1016,8 @@ nl: text_account_destroy_confirmation: |- Are you sure you want to proceed? Your account will be permanently deleted, with no way to reactivate it. + error_session_expired: Your session has expired. Please login again. + text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours." + setting_session_lifetime: Session maximum lifetime + setting_session_timeout: Session inactivity timeout + label_session_expiration: Session expiration diff --git a/config/locales/no.yml b/config/locales/no.yml index fb937f062..af57b1623 100644 --- a/config/locales/no.yml +++ b/config/locales/no.yml @@ -43,6 +43,9 @@ about_x_hours: one: "rundt 1 time" other: "rundt %{count} timer" + x_hours: + one: "1 hour" + other: "%{count} hours" x_days: one: "1 dag" other: "%{count} dager" @@ -1021,3 +1024,8 @@ text_account_destroy_confirmation: |- Are you sure you want to proceed? Your account will be permanently deleted, with no way to reactivate it. + error_session_expired: Your session has expired. Please login again. + text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours." + setting_session_lifetime: Session maximum lifetime + setting_session_timeout: Session inactivity timeout + label_session_expiration: Session expiration diff --git a/config/locales/pl.yml b/config/locales/pl.yml index 3451f65e2..07333f5b4 100644 --- a/config/locales/pl.yml +++ b/config/locales/pl.yml @@ -81,6 +81,9 @@ pl: about_x_hours: one: "około godziny" other: "około %{count} godzin" + x_hours: + one: "1 hour" + other: "%{count} hours" x_days: one: "1 dzień" other: "%{count} dni" @@ -1048,3 +1051,8 @@ pl: text_account_destroy_confirmation: |- Are you sure you want to proceed? Your account will be permanently deleted, with no way to reactivate it. + error_session_expired: Your session has expired. Please login again. + text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours." + setting_session_lifetime: Session maximum lifetime + setting_session_timeout: Session inactivity timeout + label_session_expiration: Session expiration diff --git a/config/locales/pt-BR.yml b/config/locales/pt-BR.yml index 531fa3f7b..dd103e5a1 100644 --- a/config/locales/pt-BR.yml +++ b/config/locales/pt-BR.yml @@ -52,6 +52,9 @@ pt-BR: about_x_hours: one: 'aproximadamente 1 hora' other: 'aproximadamente %{count} horas' + x_hours: + one: "1 hour" + other: "%{count} hours" x_days: one: '1 dia' @@ -1053,3 +1056,8 @@ pt-BR: text_account_destroy_confirmation: |- Are you sure you want to proceed? Your account will be permanently deleted, with no way to reactivate it. + error_session_expired: Your session has expired. Please login again. + text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours." + setting_session_lifetime: Session maximum lifetime + setting_session_timeout: Session inactivity timeout + label_session_expiration: Session expiration diff --git a/config/locales/pt.yml b/config/locales/pt.yml index ab20eb1f5..6bc523f1a 100644 --- a/config/locales/pt.yml +++ b/config/locales/pt.yml @@ -50,6 +50,9 @@ pt: about_x_hours: one: "aproximadamente 1 hora" other: "aproximadamente %{count} horas" + x_hours: + one: "1 hour" + other: "%{count} hours" x_days: one: "1 dia" other: "%{count} dias" @@ -1036,3 +1039,8 @@ pt: text_account_destroy_confirmation: |- Are you sure you want to proceed? Your account will be permanently deleted, with no way to reactivate it. + error_session_expired: Your session has expired. Please login again. + text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours." + setting_session_lifetime: Session maximum lifetime + setting_session_timeout: Session inactivity timeout + label_session_expiration: Session expiration diff --git a/config/locales/ro.yml b/config/locales/ro.yml index 9092ccb88..eea6356da 100644 --- a/config/locales/ro.yml +++ b/config/locales/ro.yml @@ -46,6 +46,9 @@ ro: about_x_hours: one: "aproximativ o oră" other: "aproximativ %{count} ore" + x_hours: + one: "1 hour" + other: "%{count} hours" x_days: one: "o zi" other: "%{count} zile" @@ -1028,3 +1031,8 @@ ro: text_account_destroy_confirmation: |- Are you sure you want to proceed? Your account will be permanently deleted, with no way to reactivate it. + error_session_expired: Your session has expired. Please login again. + text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours." + setting_session_lifetime: Session maximum lifetime + setting_session_timeout: Session inactivity timeout + label_session_expiration: Session expiration diff --git a/config/locales/ru.yml b/config/locales/ru.yml index 568211b24..08c958ae1 100644 --- a/config/locales/ru.yml +++ b/config/locales/ru.yml @@ -116,6 +116,9 @@ ru: few: "около %{count} часов" many: "около %{count} часов" other: "около %{count} часа" + x_hours: + one: "1 hour" + other: "%{count} hours" x_days: one: "%{count} день" few: "%{count} дня" @@ -1144,3 +1147,8 @@ ru: setting_unsubscribe: "Разрешить пользователям удалять свои учетные записи" button_delete_my_account: "Удалить мою учетную запись" text_account_destroy_confirmation: "Ваша учетная запись будет полностью удалена без возможности восстановления.\nВы уверены, что хотите продолжить?" + error_session_expired: Your session has expired. Please login again. + text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours." + setting_session_lifetime: Session maximum lifetime + setting_session_timeout: Session inactivity timeout + label_session_expiration: Session expiration diff --git a/config/locales/sk.yml b/config/locales/sk.yml index d7c2bf4c2..3d0a955f6 100644 --- a/config/locales/sk.yml +++ b/config/locales/sk.yml @@ -48,6 +48,9 @@ sk: about_x_hours: one: "okolo 1 hodiny" other: "okolo %{count} hodín" + x_hours: + one: "1 hour" + other: "%{count} hours" x_days: one: "1 deň" other: "%{count} dní" @@ -1031,3 +1034,8 @@ sk: text_account_destroy_confirmation: |- Are you sure you want to proceed? Your account will be permanently deleted, with no way to reactivate it. + error_session_expired: Your session has expired. Please login again. + text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours." + setting_session_lifetime: Session maximum lifetime + setting_session_timeout: Session inactivity timeout + label_session_expiration: Session expiration diff --git a/config/locales/sl.yml b/config/locales/sl.yml index 98ea5a2d3..a95bca43d 100644 --- a/config/locales/sl.yml +++ b/config/locales/sl.yml @@ -49,6 +49,9 @@ sl: about_x_hours: one: "okrog 1. ure" other: "okrog %{count} ur" + x_hours: + one: "1 hour" + other: "%{count} hours" x_days: one: "1 dan" other: "%{count} dni" @@ -1031,3 +1034,8 @@ sl: text_account_destroy_confirmation: |- Are you sure you want to proceed? Your account will be permanently deleted, with no way to reactivate it. + error_session_expired: Your session has expired. Please login again. + text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours." + setting_session_lifetime: Session maximum lifetime + setting_session_timeout: Session inactivity timeout + label_session_expiration: Session expiration diff --git a/config/locales/sq.yml b/config/locales/sq.yml index 5b000d31e..33179fccf 100644 --- a/config/locales/sq.yml +++ b/config/locales/sq.yml @@ -49,6 +49,9 @@ sq: about_x_hours: one: "about 1 hour" other: "about %{count} hours" + x_hours: + one: "1 hour" + other: "%{count} hours" x_days: one: "1 day" other: "%{count} days" @@ -1027,3 +1030,8 @@ sq: description_date_range_interval: Choose range by selecting start and end date description_date_from: Enter start date description_date_to: Enter end date + error_session_expired: Your session has expired. Please login again. + text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours." + setting_session_lifetime: Session maximum lifetime + setting_session_timeout: Session inactivity timeout + label_session_expiration: Session expiration diff --git a/config/locales/sr-YU.yml b/config/locales/sr-YU.yml index 92a7cd7a0..464c728f5 100644 --- a/config/locales/sr-YU.yml +++ b/config/locales/sr-YU.yml @@ -50,6 +50,9 @@ sr-YU: about_x_hours: one: "približno jedan sat" other: "približno %{count} sati" + x_hours: + one: "1 hour" + other: "%{count} hours" x_days: one: "jedan dan" other: "%{count} dana" @@ -1031,3 +1034,8 @@ sr-YU: text_account_destroy_confirmation: |- Are you sure you want to proceed? Your account will be permanently deleted, with no way to reactivate it. + error_session_expired: Your session has expired. Please login again. + text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours." + setting_session_lifetime: Session maximum lifetime + setting_session_timeout: Session inactivity timeout + label_session_expiration: Session expiration diff --git a/config/locales/sr.yml b/config/locales/sr.yml index f3369a919..ba9988db1 100644 --- a/config/locales/sr.yml +++ b/config/locales/sr.yml @@ -50,6 +50,9 @@ sr: about_x_hours: one: "приближно један сат" other: "приближно %{count} сати" + x_hours: + one: "1 hour" + other: "%{count} hours" x_days: one: "један дан" other: "%{count} дана" @@ -1032,3 +1035,8 @@ sr: text_account_destroy_confirmation: |- Are you sure you want to proceed? Your account will be permanently deleted, with no way to reactivate it. + error_session_expired: Your session has expired. Please login again. + text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours." + setting_session_lifetime: Session maximum lifetime + setting_session_timeout: Session inactivity timeout + label_session_expiration: Session expiration diff --git a/config/locales/sv.yml b/config/locales/sv.yml index 9931eafc5..906fae8d5 100644 --- a/config/locales/sv.yml +++ b/config/locales/sv.yml @@ -78,6 +78,9 @@ sv: about_x_hours: one: "ungefär en timme" other: "ungefär %{count} timmar" + x_hours: + one: "1 hour" + other: "%{count} hours" x_days: one: "en dag" other: "%{count} dagar" @@ -1069,3 +1072,8 @@ sv: description_date_range_interval: Ange intervall genom att välja start- och slutdatum description_date_from: Ange startdatum description_date_to: Ange slutdatum + error_session_expired: Your session has expired. Please login again. + text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours." + setting_session_lifetime: Session maximum lifetime + setting_session_timeout: Session inactivity timeout + label_session_expiration: Session expiration diff --git a/config/locales/th.yml b/config/locales/th.yml index 29005f911..db7140eeb 100644 --- a/config/locales/th.yml +++ b/config/locales/th.yml @@ -48,6 +48,9 @@ th: about_x_hours: one: "about 1 hour" other: "about %{count} hours" + x_hours: + one: "1 hour" + other: "%{count} hours" x_days: one: "1 day" other: "%{count} days" @@ -1028,3 +1031,8 @@ th: text_account_destroy_confirmation: |- Are you sure you want to proceed? Your account will be permanently deleted, with no way to reactivate it. + error_session_expired: Your session has expired. Please login again. + text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours." + setting_session_lifetime: Session maximum lifetime + setting_session_timeout: Session inactivity timeout + label_session_expiration: Session expiration diff --git a/config/locales/tr.yml b/config/locales/tr.yml index 8503750b0..dd304c2c5 100644 --- a/config/locales/tr.yml +++ b/config/locales/tr.yml @@ -55,6 +55,9 @@ tr: about_x_hours: one: 'yaklaşık 1 saat' other: 'yaklaşık %{count} saat' + x_hours: + one: "1 hour" + other: "%{count} hours" x_days: one: '1 gün' other: '%{count} gün' @@ -1050,3 +1053,8 @@ tr: text_account_destroy_confirmation: |- Are you sure you want to proceed? Your account will be permanently deleted, with no way to reactivate it. + error_session_expired: Your session has expired. Please login again. + text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours." + setting_session_lifetime: Session maximum lifetime + setting_session_timeout: Session inactivity timeout + label_session_expiration: Session expiration diff --git a/config/locales/uk.yml b/config/locales/uk.yml index a629c4dae..f46523e3e 100644 --- a/config/locales/uk.yml +++ b/config/locales/uk.yml @@ -48,6 +48,9 @@ uk: about_x_hours: one: "about 1 hour" other: "about %{count} hours" + x_hours: + one: "1 hour" + other: "%{count} hours" x_days: one: "1 day" other: "%{count} days" @@ -1026,3 +1029,8 @@ uk: setting_unsubscribe: "Дозволити користувачам видаляти свої облікові записи" button_delete_my_account: "Видалити мій обліковий запис" text_account_destroy_confirmation: "Ваш обліковий запис буде повністю видалений без можливості відновлення.\nВи певні, что бажаете продовжити?" + error_session_expired: Your session has expired. Please login again. + text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours." + setting_session_lifetime: Session maximum lifetime + setting_session_timeout: Session inactivity timeout + label_session_expiration: Session expiration diff --git a/config/locales/vi.yml b/config/locales/vi.yml index 725023269..d3f13aef3 100644 --- a/config/locales/vi.yml +++ b/config/locales/vi.yml @@ -79,6 +79,9 @@ vi: about_x_hours: one: "khoảng 1 giờ" other: "khoảng %{count} giờ" + x_hours: + one: "1 hour" + other: "%{count} hours" x_days: one: "1 ngày" other: "%{count} ngày" @@ -1082,3 +1085,8 @@ vi: text_account_destroy_confirmation: |- Are you sure you want to proceed? Your account will be permanently deleted, with no way to reactivate it. + error_session_expired: Your session has expired. Please login again. + text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours." + setting_session_lifetime: Session maximum lifetime + setting_session_timeout: Session inactivity timeout + label_session_expiration: Session expiration diff --git a/config/locales/zh-TW.yml b/config/locales/zh-TW.yml index e66bedf76..4f9e10a06 100644 --- a/config/locales/zh-TW.yml +++ b/config/locales/zh-TW.yml @@ -120,6 +120,9 @@ about_x_hours: one: "約 1 小時" other: "約 %{count} 小時" + x_hours: + one: "1 hour" + other: "%{count} hours" x_days: one: "1 天" other: "%{count} 天" @@ -1111,3 +1114,8 @@ description_date_range_interval: 選擇起始與結束日期以設定範圍區間 description_date_from: 輸入起始日期 description_date_to: 輸入結束日期 + error_session_expired: Your session has expired. Please login again. + text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours." + setting_session_lifetime: Session maximum lifetime + setting_session_timeout: Session inactivity timeout + label_session_expiration: Session expiration diff --git a/config/locales/zh.yml b/config/locales/zh.yml index 61bb111ca..c947c5e51 100644 --- a/config/locales/zh.yml +++ b/config/locales/zh.yml @@ -51,6 +51,9 @@ zh: about_x_hours: one: "大约一小时" other: "大约 %{count} 小时" + x_hours: + one: "1 hour" + other: "%{count} hours" x_days: one: "一天" other: "%{count} 天" @@ -1033,3 +1036,8 @@ zh: text_account_destroy_confirmation: |- 确定继续处理? 您的账号一旦删除,将无法再次激活使用。 + error_session_expired: Your session has expired. Please login again. + text_session_expiration_settings: "Warning: changing these settings may expire the current sessions including yours." + setting_session_lifetime: Session maximum lifetime + setting_session_timeout: Session inactivity timeout + label_session_expiration: Session expiration diff --git a/config/settings.yml b/config/settings.yml index 66bc78e15..67c8f6ca7 100644 --- a/config/settings.yml +++ b/config/settings.yml @@ -36,6 +36,14 @@ unsubscribe: password_min_length: format: int default: 4 +# Maximum lifetime of user sessions in minutes +session_lifetime: + format: int + default: 0 +# User session timeout in minutes +session_timeout: + format: int + default: 0 attachment_max_size: format: int default: 5120 diff --git a/test/functional/sessions_test.rb b/test/functional/sessions_test.rb new file mode 100644 index 000000000..d469f5050 --- /dev/null +++ b/test/functional/sessions_test.rb @@ -0,0 +1,113 @@ +# Redmine - project management software +# Copyright (C) 2006-2012 Jean-Philippe Lang +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License +# as published by the Free Software Foundation; either version 2 +# of the License, or (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + +require File.expand_path('../../test_helper', __FILE__) + +class SessionStartTest < ActionController::TestCase + tests AccountController + + def test_login_should_set_session_timestamps + post :login, :username => 'jsmith', :password => 'jsmith' + assert_response 302 + assert_equal 2, session[:user_id] + assert_not_nil session[:ctime] + assert_not_nil session[:atime] + end +end + +class SessionsTest < ActionController::TestCase + tests WelcomeController + + def test_atime_from_user_session_should_be_updated + created = 2.hours.ago.utc.to_i + get :index, {}, {:user_id => 2, :ctime => created, :atime => created} + assert_response :success + assert_equal created, session[:ctime] + assert_not_equal created, session[:atime] + assert session[:atime] > created + end + + def test_user_session_should_not_be_reset_if_lifetime_and_timeout_disabled + with_settings :session_lifetime => '0', :session_timeout => '0' do + get :index, {}, {:user_id => 2} + assert_response :success + end + end + + def test_user_session_without_ctime_should_be_reset_if_lifetime_enabled + with_settings :session_lifetime => '720' do + get :index, {}, {:user_id => 2} + assert_redirected_to '/login' + end + end + + def test_user_session_with_expired_ctime_should_be_reset_if_lifetime_enabled + with_settings :session_timeout => '720' do + get :index, {}, {:user_id => 2, :atime => 2.days.ago.utc.to_i} + assert_redirected_to '/login' + end + end + + def test_user_session_with_valid_ctime_should_not_be_reset_if_lifetime_enabled + with_settings :session_timeout => '720' do + get :index, {}, {:user_id => 2, :atime => 3.hours.ago.utc.to_i} + assert_response :success + end + end + + def test_user_session_without_atime_should_be_reset_if_timeout_enabled + with_settings :session_timeout => '60' do + get :index, {}, {:user_id => 2} + assert_redirected_to '/login' + end + end + + def test_user_session_with_expired_atime_should_be_reset_if_timeout_enabled + with_settings :session_timeout => '60' do + get :index, {}, {:user_id => 2, :atime => 4.hours.ago.utc.to_i} + assert_redirected_to '/login' + end + end + + def test_user_session_with_valid_atime_should_not_be_reset_if_timeout_enabled + with_settings :session_timeout => '60' do + get :index, {}, {:user_id => 2, :atime => 10.minutes.ago.utc.to_i} + assert_response :success + end + end + + def test_expired_user_session_should_be_restarted_if_autologin + with_settings :session_lifetime => '720', :session_timeout => '60', :autologin => 7 do + token = Token.create!(:user_id => 2, :action => 'autologin', :created_on => 1.day.ago) + @request.cookies['autologin'] = token.value + created = 2.hours.ago.utc.to_i + + get :index, {}, {:user_id => 2, :ctime => created, :atime => created} + assert_equal 2, session[:user_id] + assert_response :success + assert_not_equal created, session[:ctime] + assert session[:ctime] >= created + end + end + + def test_anonymous_session_should_not_be_reset + with_settings :session_lifetime => '720', :session_timeout => '60' do + get :index + assert_response :success + end + end +end |