2 files changed, 34 insertions, 14 deletions

diff --git a/app/controllers/admin_controller.rb b/app/controllers/admin_controller.rb
index 1612e5179..884d7e540 100644
--- a/app/controllers/admin_controller.rb
+++ b/app/controllers/admin_controller.rb
@@ -46,23 +46,40 @@ class AdminController < ApplicationController
             expire_for_request(info_request)
         end
     end
-	private
 
-	def authenticate
-            config_username = MySociety::Config.get('ADMIN_USERNAME', '')
-            config_password = MySociety::Config.get('ADMIN_PASSWORD', '')
-            if !config_username.empty? && !config_password.empty?
-                authenticate_or_request_with_http_basic do |user_name, password|
-                    if user_name == config_username && password == config_password
-                        session[:using_admin] = 1
-                        request.env['REMOTE_USER'] = user_name
-                    else
-                        request_http_basic_authentication
+    private
+
+    def authenticate
+        if MySociety::Config.get('SKIP_ADMIN_AUTH', false)
+            session[:using_admin] = 1
+            return
+        else
+            if session[:using_admin].nil?
+                if params[:emergency].nil?
+                    if authenticated?(
+                                      :web => _("To log into the administrative interface"),
+                                      :email => _("Then you can log into the administrative interface"),
+                                      :email_subject => _("Log into the admin interface"),
+                                      :user_name => "a superuser")
+                        if !@user.nil? && @user.admin_level == "super"
+                            session[:using_admin] = 1
+                            request.env['REMOTE_USER'] = @user.url_name
+                        end
+                    end
+                else
+                    config_username = MySociety::Config.get('ADMIN_USERNAME', '')
+                    config_password = MySociety::Config.get('ADMIN_PASSWORD', '')
+                    authenticate_or_request_with_http_basic do |user_name, password|
+                        if user_name == config_username && password == config_password
+                            session[:using_admin] = 1
+                            request.env['REMOTE_USER'] = user_name
+                        else
+                            request_http_basic_authentication
+                        end
                     end
                 end
-            else
-                session[:using_admin] = 1
             end
-	end
+        end
+    end
 end
 
diff --git a/app/views/user/sign.rhtml b/app/views/user/sign.rhtml
index bfd0fa63e..7a0daa4c1 100644
--- a/app/views/user/sign.rhtml
+++ b/app/views/user/sign.rhtml
@@ -12,6 +12,9 @@
         <% end %>
         </p>
 
+    <% if @post_redirect.post_params["controller"] == "admin_general" %>
+     <p>Don't have a superuser account yet?  <%= link_to "Sign in as the emergency user", @post_redirect.uri + "?emergency=1" %></p>
+    <% end %>
     <%= render :partial => 'signin', :locals => { :sign_in_as_existing_user => true } %>
 
     </div>