Changesets can be listed by changeset number.
The Git repository is here.
- Revision:
- 120
- Log:
Hub integration. RForum Users are lazy-created when Hub users, logged in,
visit RForum for the first time. RForum navigation links to log in and
out or change settings all point at Hub. Webmaster and adminstrator roles
in Hub map to administrator permissions in RForum; in addition to the
RForum permission management system, though, added Hub permissions hashes
to various controllers to include Hub authorisation too. Two layers can't
hurt and it means sensible return-to'd redirections to Hub for some
action types.Corrected grammar on deletion confirmation messages and tidied up a few
templates here and there, too.
- Author:
- adh
- Date:
- Sat Oct 28 23:53:03 +0100 2006
- Size:
- 7316 Bytes
1 | require 'navbar' |
2 | require 'post_menu' |
3 | require 'url_generator' |
4 | require 'digest/sha1' |
5 | |
6 | # The filters added to this controller will be run for all controllers in the application. |
7 | # Likewise will all the methods added be available for all controllers. |
8 | class ApplicationController < ActionController::Base |
9 | |
10 | # Hub single sign-on support. |
11 | |
12 | require 'hub_sso_lib' |
13 | include HubSsoLib::Core |
14 | before_filter :hubssolib_beforehand |
15 | after_filter :hubssolib_afterwards |
16 | |
17 | # Standard RForum gubbins follows. |
18 | |
19 | model :forum, :post, :topic, :user |
20 | helper :application |
21 | |
22 | session :session_expires => Time.now + 1.years |
23 | |
24 | include RForum::Localization |
25 | |
26 | layout 'default' |
27 | before_filter :check_block, :setup_user, :setup_url_generator, :setup_local, \ |
28 | :setup_skin |
29 | |
30 | before_filter :detect_site if RForum::CONFIG[:use_sites] |
31 | |
32 | before_filter :get_forums |
33 | |
34 | after_filter :finish_user, :remember_location |
35 | |
36 | # Default index action: redirect to start page |
37 | def index |
38 | redirect_to :controller => 'forum', :action => 'list' |
39 | end |
40 | |
41 | protected |
42 | |
43 | def rescue_action(e) |
44 | if e.is_a?(RForum::SecurityError) |
45 | redirect_to :controller => 'security', :action => 'access_denied' |
46 | else |
47 | super |
48 | end |
49 | end |
50 | |
51 | # Check if the client IP is blocked |
52 | def check_block |
53 | if BlockedIp.blocked?(@request.remote_ip) |
54 | # don't waste any time on template rendering |
55 | render_text 'blocked', 403 |
56 | return false |
57 | end |
58 | end |
59 | |
60 | # Get a unique name from the Hub user, in abstracted form. |
61 | # While it must be unique, its content is irrelevant in the |
62 | # Hub integrated RForum as it doesn't get displayed to any |
63 | # normal user. |
64 | # |
65 | def get_hub_user_name |
66 | Digest::SHA1.hexdigest("#{hubssolib_get_user_address} (#{hubssolib_get_user_id})") |
67 | end |
68 | |
69 | # Map a Hub user's parameters to an RForum User model's |
70 | # parameters. Returns a hash appropriate for updating an |
71 | # existing model or to create a brand new RForum User. |
72 | # |
73 | def map_hub_user_to_forum_user |
74 | |
75 | return { |
76 | :name => get_hub_user_name, # Must be unique and <= 60 characters; SHA1 digest keeps it to 40 |
77 | :firstname => hubssolib_unique_name, |
78 | :email => hubssolib_get_user_address, |
79 | :surname => '' |
80 | } |
81 | end |
82 | |
83 | def hub_user_is_rforum_admin? |
84 | hubssolib_get_user_roles.include?('admin,webmaster') ? true : false |
85 | end |
86 | |
87 | # Filter method that sets up the current user parameters |
88 | # by mapping in the currently logged in Hub user to a new |
89 | # or updated RForum user. |
90 | # |
91 | def setup_user |
92 | @user = nil |
93 | |
94 | if (hubssolib_logged_in?) |
95 | @user = User.find_by_name(get_hub_user_name) |
96 | |
97 | # This for now is the quick and dirty code. We either create |
98 | # a new user on a default map of parameters from Hub to |
99 | # RForum user, or we update the Hub parts - on each and every |
100 | # action in RForum. This is, obviously, very slow. |
101 | |
102 | if (@user) |
103 | @user.update_attributes(map_hub_user_to_forum_user) |
104 | else |
105 | # There is no user with the same unique ID, but there may be |
106 | # a user with the same e-mail address - somebody might have |
107 | # deleted and recreated their account, or a person may have |
108 | # given up an e-mail address but it could have been claimed |
109 | # by an entirely new user. In any event, a new ID with the |
110 | # same e-mail address implies the old address is stale; Hub |
111 | # insists on unique addreses. We don't want to delete that |
112 | # user because their user name is associated with posts, so |
113 | # instead, clear its email address. |
114 | |
115 | @other_user = User.find_by_email(hubssolib_get_user_address) |
116 | |
117 | if @other_user |
118 | @other_user.email = '' |
119 | @other_user.save! |
120 | end |
121 | |
122 | # Now create the shiny new account and save it. |
123 | |
124 | @user = User.new(map_hub_user_to_forum_user) |
125 | @user.save! |
126 | end |
127 | |
128 | # The role column requires special attention |
129 | |
130 | admin = hub_user_is_rforum_admin? |
131 | |
132 | if (admin != @user.admin?) |
133 | @user.role = admin ? 'Admin' : 'User' |
134 | @user.save! |
135 | |
136 | # Although we think we just modified this user, the model is |
137 | # part of a class hierarchy for administration or normal user |
138 | # profiles. Reloading the model makes sure we get an Admin or |
139 | # User underneath; without that, we'll have a role string that |
140 | # may be updated, but the class type will be unchanged for the |
141 | # remainder of this action (but would update on the next one, |
142 | # since the model gets reloaded each time). |
143 | |
144 | @user = User.find_by_name(get_hub_user_name) |
145 | end |
146 | else |
147 | @user = Guest.new(@session[:guest_name], @session[:guest_email]) if @user.nil? |
148 | end |
149 | |
150 | raise RForum::SecurityError if @user.nil? |
151 | |
152 | # if @params['user_id'] and @params['key'] |
153 | # @user = User.find_by_token(@params['user_id'], @params['key']) |
154 | # @authenticated_by_token = true |
155 | # # set the token to expire in no more than next 10 minutes |
156 | # if @user |
157 | # @user.token_expiry = [@user.token_expiry, Time.at(Time.now.to_i + 600 * 1000)].min |
158 | # @user.save |
159 | # end |
160 | # elsif @session[:user_id] |
161 | # @user = User.find(@session[:user_id]) |
162 | # else |
163 | # @user = Guest.new(@session[:guest_name], @session[:guest_email]) if @user.nil? |
164 | # end |
165 | # |
166 | # raise RForum::SecurityError if @user.nil? |
167 | # |
168 | # rescue => e |
169 | # reset_session |
170 | # if retried? |
171 | # raise e |
172 | # else |
173 | # retried = true |
174 | # retry |
175 | # end |
176 | end |
177 | |
178 | def setup_url_generator |
179 | UrlGenerator.controller = self |
180 | end |
181 | |
182 | def finish_user |
183 | @session[:user_id] = @user.id |
184 | @session[:guest_name] = @user.guest_name |
185 | @session[:guest_email] = @user.guest_email |
186 | end |
187 | |
188 | @@REMEMBER_NOT = ['user', 'security', 'feed'] |
189 | def remember_location |
190 | if @response.headers['Status'] == '200 OK' |
191 | @session[:return_to] = url_for unless @@REMEMBER_NOT.include? controller_name |
192 | end |
193 | end |
194 | |
195 | def return_to_last_remembered |
196 | begin |
197 | redirect_to_url(@session[:return_to] || '/') |
198 | rescue RForum::SecurityError |
199 | redirect_to_url('/') |
200 | end |
201 | end |
202 | |
203 | def setup_local |
204 | @headers["Content-Type"] = "text/html; charset=#{RForum::CONFIG[:web_charset]}" |
205 | end |
206 | |
207 | def setup_skin |
208 | if @params['set_skin'] |
209 | @session[:skin] = @params['set_skin'] |
210 | end |
211 | |
212 | @skin = @session[:skin] || RForum::CONFIG[:skin] |
213 | end |
214 | |
215 | def detect_site |
216 | @site = Site.find(:first, :conditions => ["host = ?", request.host]) |
217 | if @site |
218 | self.class.layout @site.layout || 'default' |
219 | @skin = @session[:skin] || @site.skin || 'default' |
220 | end |
221 | end |
222 | |
223 | def get_forums |
224 | if @site |
225 | @forums = @site.forums.find(:all, :order => 'position') |
226 | else |
227 | @forums = Forum.find(:all, :order => 'site_id, position') |
228 | end |
229 | end |
230 | |
231 | def redirect_if_site_doesnt_match |
232 | if @site && @forum && @forum.site && (@site != @forum.site) |
233 | headers["Status"] = "301 Moved Permanently" |
234 | redirect_to_url 'http://' + @forum.site.host + request.path |
235 | return true |
236 | end |
237 | return false |
238 | end |
239 | end |
240 | |
241 | module RForum |
242 | |
243 | # Security error. Controllers throw these in situations where a user is trying to access a |
244 | # function that he is not authorized to access. |
245 | # Normally, RForum does not show URLs that would allow the user to access such features. |
246 | class SecurityError < StandardError |
247 | end |
248 | |
249 | end |