Module: Redmine::SudoMode::Controller

Extended by:
ActiveSupport::Concern
Included in:
ApplicationController
Defined in:
lib/redmine/sudo_mode.rb

Defined Under Namespace

Modules: ClassMethods Classes: SudoRequestFilter

Instance Method Summary collapse

Instance Method Details

#process_sudo_formObject

handle sudo password form submit



117
118
119
120
121
122
123
124
125
126
# File 'lib/redmine/sudo_mode.rb', line 117

def process_sudo_form
  if params[:sudo_password]
    @sudo_form = SudoMode::Form.new(params[:sudo_password])
    if @sudo_form.valid?
      SudoMode.active!
    else
      flash.now[:error] = l(:notice_account_wrong_password)
    end
  end
end

#render_sudo_form(param_names) ⇒ Object

display the sudo password form



105
106
107
108
109
110
111
112
113
114
# File 'lib/redmine/sudo_mode.rb', line 105

def render_sudo_form(param_names)
  @sudo_form ||= SudoMode::Form.new
  @sudo_form.original_fields = params.slice( *param_names )
  # a simple 'render "sudo_mode/new"' works when used directly inside an
  # action, but not when called from a before_action:
  respond_to do |format|
    format.html {render 'sudo_mode/new'}
    format.js   {render 'sudo_mode/new'}
  end
end

#require_sudo_mode(*param_names) ⇒ Object

This renders the sudo mode form / handles sudo form submission.

Call this method in controller actions if sudo permissions are required for processing this request. This approach is good in cases where the action needs to be protected in any case or where the check is simple.

In cases where this decision depends on complex conditions in the model, consider the declarative approach using the require_sudo_mode class method and a corresponding declaration in the model that causes it to throw a SudoRequired Error when necessary.

All parameter names given are included as hidden fields to be resubmitted along with the password.

Returns true when processing the action should continue, false otherwise. If false is returned, render has already been called for display of the password form.

if @user.mail_changed?

require_sudo_mode :user or return

end



87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
# File 'lib/redmine/sudo_mode.rb', line 87

def require_sudo_mode(*param_names)
  return true if SudoMode.active?

  if param_names.blank?
    param_names = params.keys - %w(id action controller sudo_password _method authenticity_token utf8)
  end

  process_sudo_form

  if SudoMode.active?
    true
  else
    render_sudo_form param_names
    false
  end
end

#sudo_modeObject

Sudo mode Around Filter

Checks the ‘last used’ timestamp from session and sets the SudoMode::active? flag accordingly.

After the request refreshes the timestamp if sudo mode was used during this request.



57
58
59
60
61
62
63
# File 'lib/redmine/sudo_mode.rb', line 57

def sudo_mode
  if sudo_timestamp_valid?
    SudoMode.active!
  end
  yield
  update_sudo_timestamp! if SudoMode.was_used?
end

#sudo_timestamp_valid?Boolean

Returns:

  • (Boolean)


128
129
130
# File 'lib/redmine/sudo_mode.rb', line 128

def sudo_timestamp_valid?
  session[:sudo_timestamp].to_i > SudoMode.timeout.ago.to_i
end

#update_sudo_timestamp!(new_value = Time.now.to_i) ⇒ Object



132
133
134
# File 'lib/redmine/sudo_mode.rb', line 132

def update_sudo_timestamp!(new_value = Time.now.to_i)
  session[:sudo_timestamp] = new_value
end