Module: Redmine::SudoMode::Controller

Extended by:
ActiveSupport::Concern
Included in:
ApplicationController
Defined in:
lib/redmine/sudo_mode.rb

Defined Under Namespace

Modules: ClassMethods Classes: SudoRequestFilter

Instance Method Summary collapse

Instance Method Details

#process_sudo_formObject

handle sudo password form submit


120
121
122
123
124
125
126
127
128
129
# File 'lib/redmine/sudo_mode.rb', line 120

def process_sudo_form
  if params[:sudo_password]
    @sudo_form = SudoMode::Form.new(params[:sudo_password])
    if @sudo_form.valid?
      SudoMode.active!
    else
      flash.now[:error] = l(:notice_account_wrong_password)
    end
  end
end

#render_sudo_form(param_names) ⇒ Object

display the sudo password form


108
109
110
111
112
113
114
115
116
117
# File 'lib/redmine/sudo_mode.rb', line 108

def render_sudo_form(param_names)
  @sudo_form ||= SudoMode::Form.new
  @sudo_form.original_fields = params.slice( *param_names )
  # a simple 'render "sudo_mode/new"' works when used directly inside an
  # action, but not when called from a before_action:
  respond_to do |format|
    format.html {render 'sudo_mode/new'}
    format.js   {render 'sudo_mode/new'}
  end
end

#require_sudo_mode(*param_names) ⇒ Object

This renders the sudo mode form / handles sudo form submission.

Call this method in controller actions if sudo permissions are required for processing this request. This approach is good in cases where the action needs to be protected in any case or where the check is simple.

In cases where this decision depends on complex conditions in the model, consider the declarative approach using the require_sudo_mode class method and a corresponding declaration in the model that causes it to throw a SudoRequired Error when necessary.

All parameter names given are included as hidden fields to be resubmitted along with the password.

Returns true when processing the action should continue, false otherwise. If false is returned, render has already been called for display of the password form.

if @user.mail_changed?

require_sudo_mode :user or return

end


90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
# File 'lib/redmine/sudo_mode.rb', line 90

def require_sudo_mode(*param_names)
  return true if SudoMode.active?

  if param_names.blank?
    param_names = params.keys - %w(id action controller sudo_password _method authenticity_token utf8)
  end

  process_sudo_form

  if SudoMode.active?
    true
  else
    render_sudo_form param_names
    false
  end
end

#sudo_modeObject

Sudo mode Around Filter

Checks the 'last used' timestamp from session and sets the SudoMode::active? flag accordingly.

After the request refreshes the timestamp if sudo mode was used during this request.


60
61
62
63
64
65
66
# File 'lib/redmine/sudo_mode.rb', line 60

def sudo_mode
  if sudo_timestamp_valid?
    SudoMode.active!
  end
  yield
  update_sudo_timestamp! if SudoMode.was_used?
end

#sudo_timestamp_valid?Boolean

Returns:

  • (Boolean)

131
132
133
# File 'lib/redmine/sudo_mode.rb', line 131

def sudo_timestamp_valid?
  session[:sudo_timestamp].to_i > SudoMode.timeout.ago.to_i
end

#update_sudo_timestamp!(new_value = Time.now.to_i) ⇒ Object


135
136
137
# File 'lib/redmine/sudo_mode.rb', line 135

def update_sudo_timestamp!(new_value = Time.now.to_i)
  session[:sudo_timestamp] = new_value
end