Feature #2356 » redmine-add-cas-support2.patch
| app/controllers/account_controller.rb | ||
|---|---|---|
| 19 | 19 |
helper :custom_fields |
| 20 | 20 |
include CustomFieldsHelper |
| 21 | 21 |
|
| 22 |
@cas_initialized = false |
|
| 23 |
class << self; attr_accessor :cas_initialized; end |
|
| 24 | ||
| 22 | 25 |
# prevents login action to be filtered by check_if_login_required application scope filter |
| 23 | 26 |
skip_before_filter :check_if_login_required |
| 24 | 27 | |
| 25 | 28 |
# Login request and validation |
| 26 | 29 |
def login |
| 27 |
if request.get? |
|
| 30 |
if Setting.cas? && Setting.cas_force != '0' && !session[:cas_user] |
|
| 31 |
cas_authenticate |
|
| 32 |
elsif request.get? |
|
| 28 | 33 |
logout_user |
| 29 | 34 |
else |
| 30 | 35 |
authenticate_user |
| ... | ... | |
| 34 | 39 |
# Log out current user and redirect to welcome page |
| 35 | 40 |
def logout |
| 36 | 41 |
logout_user |
| 37 |
redirect_to home_url |
|
| 42 |
redirect_to home_url unless Setting.cas?
|
|
| 38 | 43 |
end |
| 39 | 44 |
|
| 40 | 45 |
# Enable user to choose a new password |
| ... | ... | |
| 125 | 130 |
redirect_to :action => 'login' |
| 126 | 131 |
end |
| 127 | 132 |
|
| 133 |
def cas_authenticate |
|
| 134 |
unless self.class.cas_initialized |
|
| 135 |
CASClient::Frameworks::Rails::Filter.configure( |
|
| 136 |
:cas_base_url => Setting.cas_base_url |
|
| 137 |
) |
|
| 138 |
self.class.cas_initialized = true |
|
| 139 |
end |
|
| 140 | ||
| 141 |
CASClient::Frameworks::Rails::Filter.filter(self) unless session[:cas_user] |
|
| 142 |
if session[:cas_user] |
|
| 143 |
user = User.find_or_initialize_by_login(session[:cas_user]) |
|
| 144 |
if user.new_record? |
|
| 145 |
# Self-registration off |
|
| 146 |
redirect_to(home_url) && return unless Setting.self_registration? |
|
| 147 | ||
| 148 |
# Create on the fly |
|
| 149 |
user.login = session[:cas_user] |
|
| 150 |
user.mail = session[:cas_user] + Setting.cas_email_suffix |
|
| 151 |
user.firstname = session[:cas_user] |
|
| 152 |
user.lastname = session[:cas_user] |
|
| 153 |
user.random_password |
|
| 154 |
user.status = User::STATUS_REGISTERED |
|
| 155 | ||
| 156 |
case Setting.self_registration |
|
| 157 |
when '1' |
|
| 158 |
register_by_email_activation(user) do |
|
| 159 |
onthefly_creation_failed(user) |
|
| 160 |
end |
|
| 161 |
when '3' |
|
| 162 |
register_automatically(user) do |
|
| 163 |
onthefly_creation_failed(user) |
|
| 164 |
end |
|
| 165 |
else |
|
| 166 |
register_manually_by_administrator(user) do |
|
| 167 |
onthefly_creation_failed(user) |
|
| 168 |
end |
|
| 169 |
end |
|
| 170 |
else |
|
| 171 |
# Existing record |
|
| 172 |
if user.active? |
|
| 173 |
successful_authentication(user) |
|
| 174 |
else |
|
| 175 |
account_pending |
|
| 176 |
end |
|
| 177 |
end |
|
| 178 |
end |
|
| 179 |
end |
|
| 180 | ||
| 128 | 181 |
private |
| 129 | 182 |
|
| 130 | 183 |
def logout_user |
| 131 | 184 |
if User.current.logged? |
| 132 | 185 |
cookies.delete :autologin |
| 133 | 186 |
Token.delete_all(["user_id = ? AND action = ?", User.current.id, 'autologin']) |
| 187 | ||
| 188 |
# Log out of CAS if its there |
|
| 189 |
CASClient::Frameworks::Rails::Filter.logout(self, home_url) if Setting.cas? |
|
| 190 | ||
| 134 | 191 |
self.logged_user = nil |
| 135 | 192 |
end |
| 136 | 193 |
end |
| ... | ... | |
| 197 | 254 |
end |
| 198 | 255 |
end |
| 199 | 256 |
end |
| 200 |
|
|
| 257 | ||
| 201 | 258 |
def successful_authentication(user) |
| 202 | 259 |
# Valid user |
| 203 | 260 |
self.logged_user = user |
| app/models/setting.rb | ||
|---|---|---|
| 143 | 143 |
def self.openid? |
| 144 | 144 |
Object.const_defined?(:OpenID) && self[:openid].to_i > 0 |
| 145 | 145 |
end |
| 146 | ||
| 147 |
def self.cas? |
|
| 148 |
Object.const_defined?(:CAS) && self[:cas].to_i > 0 |
|
| 149 |
end |
|
| 146 | 150 |
|
| 147 | 151 |
# Checks if settings have changed since the values were read |
| 148 | 152 |
# and clears the cache hash if it's the case |
| app/views/account/login.rhtml | ||
|---|---|---|
| 26 | 26 |
</td> |
| 27 | 27 |
</tr> |
| 28 | 28 |
<tr> |
| 29 |
<% if Setting.cas? %> |
|
| 30 |
<tr> |
|
| 31 |
<td align="left"> |
|
| 32 |
<%= link_to l(:label_cas_login), :controller => 'account', :action => 'cas_authenticate' %> |
|
| 33 |
</td> |
|
| 34 |
</tr> |
|
| 35 |
<% end %> |
|
| 29 | 36 |
<td align="left"> |
| 30 | 37 |
<% if Setting.lost_password? %> |
| 31 | 38 |
<%= link_to l(:label_password_lost), :controller => 'account', :action => 'lost_password' %> |
| app/views/settings/_authentication.rhtml | ||
|---|---|---|
| 16 | 16 | |
| 17 | 17 |
<p><%= setting_check_box :openid, :disabled => !Object.const_defined?(:OpenID) %></p> |
| 18 | 18 | |
| 19 |
<p><%= setting_check_box :cas, :disabled => !Object.const_defined?(:CAS) %></p> |
|
| 20 | ||
| 21 |
<p><%= setting_text_field :cas_base_url, :disabled => !Object.const_defined?(:CAS), :size => 50 %></p> |
|
| 22 | ||
| 23 |
<p><%= setting_text_field :cas_email_suffix, :disabled => !Object.const_defined?(:CAS), :size => 50 %></p> |
|
| 24 | ||
| 25 |
<p><%= setting_check_box :cas_force, :disabled => !Object.const_defined?(:CAS) %></p> |
|
| 26 | ||
| 19 | 27 |
<p><%= setting_check_box :rest_api_enabled %></p> |
| 20 | 28 |
</div> |
| 21 | 29 | |
| config/environment.rb | ||
|---|---|---|
| 57 | 57 |
if File.exists?(File.join(File.dirname(__FILE__), 'additional_environment.rb')) |
| 58 | 58 |
instance_eval File.read(File.join(File.dirname(__FILE__), 'additional_environment.rb')) |
| 59 | 59 |
end |
| 60 |
config.action_controller.session = { :key => "_myapp_session", :secret => "ksadjfklasdjfkl;asdjfkljasd;klfjasdkl;fj;klasdjfkl;jsdl;kfajsdkfj;aklsdjfk;j" }
|
|
| 60 | 61 |
end |
| config/locales/en.yml | ||
|---|---|---|
| 327 | 327 |
setting_file_max_size_displayed: Max size of text files displayed inline |
| 328 | 328 |
setting_repository_log_display_limit: Maximum number of revisions displayed on file log |
| 329 | 329 |
setting_openid: Allow OpenID login and registration |
| 330 |
setting_cas: Use CAS login and registration |
|
| 331 |
setting_cas_base_url: CAS server base URL |
|
| 332 |
setting_cas_email_suffix: Default email suffix for CAS users |
|
| 333 |
setting_cas_force: ONLY allow login using CAS (this disables normal login) |
|
| 330 | 334 |
setting_password_min_length: Minimum password length |
| 331 | 335 |
setting_new_project_user_role_id: Role given to a non-admin user who creates a project |
| 332 | 336 |
setting_default_projects_modules: Default enabled modules for new projects |
| ... | ... | |
| 454 | 458 |
label_register: Register |
| 455 | 459 |
label_login_with_open_id_option: or login with OpenID |
| 456 | 460 |
label_password_lost: Lost password |
| 461 |
label_cas_login: Login using CAS |
|
| 457 | 462 |
label_home: Home |
| 458 | 463 |
label_my_page: My page |
| 459 | 464 |
label_my_account: My account |
| config/settings.yml | ||
|---|---|---|
| 182 | 182 |
default: '' |
| 183 | 183 |
rest_api_enabled: |
| 184 | 184 |
default: 0 |
| 185 |
cas: |
|
| 186 |
default: 0 |
|
| 187 |
cas_base_url: |
|
| 188 |
default: '' |
|
| 189 |
cas_email_suffix: |
|
| 190 |
default: '' |
|
| 191 |
cas_force: |
|
| 192 |
default: 0 |
|
- « Previous
- 1
- 2
- Next »