If we're doing admin authentication internally, don't bother with the request environment, set the admin_name on the session instead.

author: Louise Crow <louise.crow@gmail.com> 2012-10-30 15:47:05 +0000
committer: Louise Crow <louise.crow@gmail.com> 2012-10-30 15:49:43 +0000
commit: 5715cc4628f9ebd99448f85fdf3e2c191d3d2875 (patch)
tree: 3ff0f8faeb3b07099d258937188f7fe29ab9ffc6 /app/controllers/application_controller.rb
parent: 081d912ee868843c5b73b201761b1d8d19239e34 (diff)
1 files changed, 8 insertions, 2 deletions
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index bd56a9fa8..725b1b2c4 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -340,11 +340,17 @@ class ApplicationController < ActionController::Base
 
     end
 
+    # For administration interface, return display name of authenticated user
     def admin_current_user
-        admin_http_auth_user
+        if Configuration::skip_admin_auth
+            admin_http_auth_user
+        else
+            session[:admin_name]
+        end
     end
 
-    # For administration interface, return display name of authenticated user
+    # If we're skipping Alaveteli admin authentication, assume that the environment
+    # will give us an authenticated user name
     def admin_http_auth_user
         # This needs special magic in mongrel: http://www.ruby-forum.com/topic/83067
         # Hence the second clause which reads X-Forwarded-User header if available.
author	Louise Crow <louise.crow@gmail.com>	2012-10-30 15:47:05 +0000
committer	Louise Crow <louise.crow@gmail.com>	2012-10-30 15:49:43 +0000
commit	5715cc4628f9ebd99448f85fdf3e2c191d3d2875 (patch)
tree	3ff0f8faeb3b07099d258937188f7fe29ab9ffc6 /app/controllers/application_controller.rb
parent	081d912ee868843c5b73b201761b1d8d19239e34 (diff)