From: Adrian Schröter
---
src/api/app/controllers/application.rb | 10 ++++++
src/api/app/controllers/source_controller.rb | 1 +
src/api/app/helpers/application_helper.rb | 4 ++-
src/api/app/views/layouts/html.rhtml | 15 ++++-----
src/api/app/views/main/index.rhtml | 13 +++-----
.../components/active_rbac/component_controller.rb | 3 +-
src/api/components/active_rbac/group_controller.rb | 4 ++-
.../active_rbac/registration_controller.rb | 4 ++-
src/api/components/active_rbac/role_controller.rb | 2 +
.../active_rbac/static_permission_controller.rb | 2 +
src/api/components/active_rbac/user_controller.rb | 2 +
src/api/config/database.yml | 2 +-
src/webui/app/controllers/application.rb | 34 ++++++++-----------
src/webui/app/controllers/home_controller.rb | 5 +++
src/webui/app/views/main/about.rhtml | 5 ++-
src/webui/app/views/main/index.rhtml | 2 +-
16 files changed, 63 insertions(+), 45 deletions(-)
diff --git a/src/api/app/controllers/application.rb b/src/api/app/controllers/application.rb
index 17ec2f4..a054af2 100644
--- a/src/api/app/controllers/application.rb
+++ b/src/api/app/controllers/application.rb
@@ -140,4 +140,14 @@ class ApplicationController < ActionController::Base
def render_ok
render :nothing => true
end
+
+ def require_admin
+
+ logger.debug "Checking for Admin role for user #{@http_user.login}"
+ unless @http_user.has_role( 'Admin' )
+ logger.debug "not granted!"
+ render :template => 'permerror'
+
+ end
+ end
end
diff --git a/src/api/app/controllers/source_controller.rb b/src/api/app/controllers/source_controller.rb
index 234a436..47003f4 100644
--- a/src/api/app/controllers/source_controller.rb
+++ b/src/api/app/controllers/source_controller.rb
@@ -29,6 +29,7 @@ class SourceController < ApplicationController
begin
Suse::Backend.get( specfile_path )
render_error "status" => 403, "summary" => "SPEC file already exists."
+ return
rescue Suse::Backend::NotFoundError
specfile = File.read "#{RAILS_ROOT}/files/specfiletemplate"
Suse::Backend.put_source( specfile_path, specfile )
diff --git a/src/api/app/helpers/application_helper.rb b/src/api/app/helpers/application_helper.rb
index 0403584..dcc8bf7 100644
--- a/src/api/app/helpers/application_helper.rb
+++ b/src/api/app/helpers/application_helper.rb
@@ -1,4 +1,6 @@
# Methods added to this helper will be available to all templates in the application.
module ApplicationHelper
-
+ def http_user
+ return @http_user
+ end
end
diff --git a/src/api/app/views/layouts/html.rhtml b/src/api/app/views/layouts/html.rhtml
index 06134ac..b15979e 100644
--- a/src/api/app/views/layouts/html.rhtml
+++ b/src/api/app/views/layouts/html.rhtml
@@ -25,12 +25,11 @@
<%= link_to "Frontend Startpage", :controller => "main",
:action => "index" %> |
<a href="http://www.opensuse.org">openSUSE Home</a>
- <br/>
- Logged in as <%= current_user.login %>
- <% if current_user.login == "Anonymous" %>
- <%= link_to "Login", :controller => "login", :action => "login" %>
- <% else %>
- <%= link_to "Logout", :controller => "login", :action => "logout" %>
- <% end %>
-
+ Logged in as
+ <%- if http_user %>
+ <%= http_user.login %>
+ <%- else %>
+ anonymous
+ <%- end %>
</div>
+
diff --git a/src/api/app/views/main/index.rhtml b/src/api/app/views/main/index.rhtml
index eebda96..91d1d4a 100644
--- a/src/api/app/views/main/index.rhtml
+++ b/src/api/app/views/main/index.rhtml
@@ -2,18 +2,15 @@
<%= link_to "openSUSE API Documentation", { :controller => "apidocs" } %>
</p>
-<% if current_user.has_permission( "Permission_Admin" ) %>
+<% if http_user.has_role "Admin" %>
<p>
<%= link_to "Admin Interface", { :controller => "admin" } %>
</p>
-<% end %>
-
<p>
-<% if current_user.login == "Anonymous" %>
- <%= link_to "Create Account", { :controller => "register" } %>
-<% else %>
<%= link_to "User Management", { :controller => "arbac/user", :action => "list" } %>
-<% end %>
</p>
+<% end %>
+
+
+
-<p><a href="http://build.opensuse.org">Go back to openSUSE Build Service web client</a></p>
diff --git a/src/api/components/active_rbac/component_controller.rb b/src/api/components/active_rbac/component_controller.rb
index a66c2ad..abd00d6 100644
--- a/src/api/components/active_rbac/component_controller.rb
+++ b/src/api/components/active_rbac/component_controller.rb
@@ -3,7 +3,6 @@ require_dependency 'active_rbac/configuration'
# All controllers in ActiveRBAC extend this controller. Currently, it only
# provides the method config to access ActiveRBAC's configuration.
class ActiveRbac::ComponentController < ApplicationController
-
protected
# This method returns the config class. See this
@@ -21,4 +20,4 @@ class ActiveRbac::ComponentController < ApplicationController
# An alias to self.config
def config; self.class.config; end
-end
\ No newline at end of file
+end
diff --git a/src/api/components/active_rbac/group_controller.rb b/src/api/components/active_rbac/group_controller.rb
index 866b1b0..9735b5d 100644
--- a/src/api/components/active_rbac/group_controller.rb
+++ b/src/api/components/active_rbac/group_controller.rb
@@ -23,6 +23,8 @@ class ActiveRbac::GroupController < ActiveRbac::ComponentController
:redirect_to => { :action => 'list' },
:add_flash => { :error => 'You sent an invalid request!' }
+ before_filter :require_admin
+
# Simply redirects to #list
def index
redirect_to :action => 'list'
@@ -147,4 +149,4 @@ class ActiveRbac::GroupController < ActiveRbac::ComponentController
flash[:error] = 'This group could not be found.'
redirect_to :action => 'list'
end
-end
\ No newline at end of file
+end
diff --git a/src/api/components/active_rbac/registration_controller.rb b/src/api/components/active_rbac/registration_controller.rb
index e665002..6094d72 100644
--- a/src/api/components/active_rbac/registration_controller.rb
+++ b/src/api/components/active_rbac/registration_controller.rb
@@ -7,6 +7,8 @@ class ActiveRbac::RegistrationController < ActiveRbac::ComponentController
# Configuration class
layout config.controller[:layout]
+ before_filter :require_admin
+
# Redirect to signup page
def index
redirect_to :action => 'register'
@@ -123,4 +125,4 @@ class ActiveRbac::RegistrationController < ActiveRbac::ComponentController
rescue ActiveRecord::RecordNotFound
@errors << 'You have entered an invalid user name or an invalid email address.'
end
-end
\ No newline at end of file
+end
diff --git a/src/api/components/active_rbac/role_controller.rb b/src/api/components/active_rbac/role_controller.rb
index 9119d89..4989f96 100644
--- a/src/api/components/active_rbac/role_controller.rb
+++ b/src/api/components/active_rbac/role_controller.rb
@@ -3,6 +3,8 @@ require_dependency 'active_rbac/helpers/rbac_helper'
class ActiveRbac::RoleController < ActiveRbac::ComponentController
uses_component_template_root
+ before_filter :require_admin
+
# The RbacHelper allows us to render +acts_as_tree+ AR elegantly
helper RbacHelper
diff --git a/src/api/components/active_rbac/static_permission_controller.rb b/src/api/components/active_rbac/static_permission_controller.rb
index 900c651..fa00e23 100644
--- a/src/api/components/active_rbac/static_permission_controller.rb
+++ b/src/api/components/active_rbac/static_permission_controller.rb
@@ -24,6 +24,8 @@ class ActiveRbac::StaticPermissionController < ActiveRbac::ComponentController
:redirect_to => { :action => 'list' },
:add_flash => { :error => 'You sent an invalid request!' }
+ before_filter :require_admin
+
# Simply redirects to #list
def index
redirect_to :action => 'list'
diff --git a/src/api/components/active_rbac/user_controller.rb b/src/api/components/active_rbac/user_controller.rb
index b749436..e8b645e 100644
--- a/src/api/components/active_rbac/user_controller.rb
+++ b/src/api/components/active_rbac/user_controller.rb
@@ -10,6 +10,8 @@ class ActiveRbac::UserController < ActiveRbac::ComponentController
# The layout this controller uses is configured in the
# Configuration class
layout config.controller[:layout]
+
+ before_filter :require_admin
# We force users to use POST on the state changing actions.
verify :method => :post,
diff --git a/src/api/config/database.yml b/src/api/config/database.yml
index a70ea7b..ef02a31 100644
--- a/src/api/config/database.yml
+++ b/src/api/config/database.yml
@@ -34,7 +34,7 @@ production:
adapter: mysql
database: frontend_production
username: opensuse
- password:
+ password:
host: 127.0.0.1
diff --git a/src/webui/app/controllers/application.rb b/src/webui/app/controllers/application.rb
index e90dddb..c93ce03 100644
--- a/src/webui/app/controllers/application.rb
+++ b/src/webui/app/controllers/application.rb
@@ -10,22 +10,10 @@ class ApplicationController < ActionController::Base
session_options[:prefix] = "ruby_webclient_sess."
session_options[:key] = "opensuse_webclient_session"
- prepend_before_filter :authorize, :except => [ :index ]
- before_filter :transmit_credentials, :except => [ :index ]
+ before_filter :authorize
- def transmit_credentials
- # We need to call authorize here because the transmit_credentials method seems
- # to get called very early in the chain from the lib probably...
- authorize false
-
- TRANSPORT.login proc {
- # STDERR.puts session.inspect
- [session[:login], session[:passwd]]
- }
- end
-
#filter
- def authorize( do_redirect = true )
+ def authorize
logger.debug "application/authorize: login: #{session[:login]}, passwd: XXXX"
@@ -42,12 +30,17 @@ class ApplicationController < ActionController::Base
session[:passwd] = userpass[1]
end
else
- if do_redirect
- session[:return_to] = request.request_uri
- redirect_to :controller => 'user', :action => 'login'
- end
+ session[:return_to] = request.request_uri
+ redirect_to :controller => 'user', :action => 'login'
end
end
+
+ # Do the transport
+ TRANSPORT.login proc {
+ # STDERR.puts session.inspect
+ [session[:login], session[:passwd]]
+ }
+
end
def rescue_action_in_public( exception )
@@ -74,9 +67,10 @@ class ApplicationController < ActionController::Base
render :template => 'error', :status => @code
when ActiveXML::GeneralError
@code = exception.message.root.elements['code'].text
- render :template => 'error', :status => 442
+ render :template => 'error', :status => @code
else
- raise exception
+ render :template => 'error', :status => 500
+ #raise exception
end
end
diff --git a/src/webui/app/controllers/home_controller.rb b/src/webui/app/controllers/home_controller.rb
index 8eab8f3..083dd7a 100644
--- a/src/webui/app/controllers/home_controller.rb
+++ b/src/webui/app/controllers/home_controller.rb
@@ -1,6 +1,11 @@
class HomeController < ApplicationController
def index
+ unless session[:login]
+ @error_message = "There must be a user logged in to show the homepage"
+ render :template => 'error'
+ end
+
logger.debug("Homepage for logged in user: #{session[:login]}")
@user = Person.find( :login => session[:login] )
diff --git a/src/webui/app/views/main/about.rhtml b/src/webui/app/views/main/about.rhtml
index c2f45a0..75af2eb 100644
--- a/src/webui/app/views/main/about.rhtml
+++ b/src/webui/app/views/main/about.rhtml
@@ -1,5 +1,6 @@
<h2>About</h2>
<p>This is the web client for the openSUSE build service.</p>
-
-<p>SVN Revision: $Revision: 354 $</p>
+<p>Check the openSUSE <a href="http://www.opensuse.org/Build_Service">
+ openSUSE Build Service wiki page</a> for details.</p>
+<p>SVN Revision: $Revision: 509 $</p>
diff --git a/src/webui/app/views/main/index.rhtml b/src/webui/app/views/main/index.rhtml
index b4596da..51b1c22 100644
--- a/src/webui/app/views/main/index.rhtml
+++ b/src/webui/app/views/main/index.rhtml
@@ -6,7 +6,7 @@ still missing, but the basic build functionality is there.</p>
<p>More information can be found in the openSUSE Wiki on the <a
href="http://www.opensuse.org/Build_Service">Build Service pages</a>. If you would like to discuss the Build Service
-please use the <a href="mailto:opensuse-buildservice@opensuse.org">opensuse-buildservice@opensuse.org</a> mailing
+please use the <a href="mailto:opensuse-buildservice-subscribe@opensuse.org">opensuse-buildservice@opensuse.org</a> mailing
list.</p>
<p>Have fun experimenting with the openSUSE Build Service :-).</p>
--
1.7.7
--
To unsubscribe, e-mail: obs-commits+unsubscribe@opensuse.org
To contact the owner, e-mail: obs-commits+owner@opensuse.org