blob: d0d0fef7ec4b9100f877a7b6731696467e101aeb (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
|
# controllers/application.rb:
# Parent class of all controllers in FOI site. Filters added to this controller
# apply to all controllers in the application. Likewise, all the methods added
# will be available for all controllers.
#
# Copyright (c) 2007 UK Citizens Online Democracy. All rights reserved.
# Email: francis@mysociety.org; WWW: http://www.mysociety.org/
#
# $Id: application.rb,v 1.20 2007-10-31 17:25:29 francis Exp $
class ApplicationController < ActionController::Base
# Standard hearders, footers and navigation for whole site
layout "default"
# Pick a unique cookie name to distinguish our session data from others'
session :session_key => '_foi_session_id'
private
# Check the user is logged in
def authenticated?
unless session[:user]
session[:intended_uri] = request.request_uri
session[:intended_params] = params
redirect_to signin_url
return false
end
return true
end
# Return logged in user
def authenticated_user
return User.find(session[:user])
end
# Do a POST redirect. This is a nasty hack - we store the posted values to
# the controller, and when the GET redirect with "?post_redirect=1"
# happens, load them in.
def post_redirect(uri, params)
session[:post_redirect_params] = params
# XXX what is built in Ruby URI munging function?
if uri.include?("?")
uri += "&post_redirect=1"
else
uri += "?post_redirect=1"
end
redirect_to uri
end
# If we are in a faked redirect to POST request, then set post params.
before_filter :check_in_post_redirect
def check_in_post_redirect
if params[:post_redirect] and session[:post_redirect_params]
params.update(session[:post_redirect_params])
end
end
# Default layout shows user in corner, so needs access to it
before_filter :authentication_check
def authentication_check
if session[:user]
@user = authenticated_user
end
end
# For administration interface, return display name of authenticated user
def admin_http_auth_user
if not request.env["REMOTE_USER"]
return "*unknown*";
else
return request.env["REMOTE_USER"]
end
end
# Simplified links to our objects
# XXX See controllers/user_controller.rb controllers/body_controller.rb for inverse
# XXX consolidate somehow with stuff in helpers/application_helper.rb
helper_method :simplify_url_part
def simplify_url_part(text)
text.downcase!
text.gsub!(/ /, "-")
text.gsub!(/[^a-z0-9_-]/, "")
text
end
end
|
