Feature #332 ยป 0001-my-mods-suggestions.patch
app/controllers/application_controller.rb | ||
---|---|---|
helper 'layout'
|
||
before_filter :require_ssl, :require_login
|
||
before_filter :welcome, :detect_notices, :only => :index
|
||
before_filter :load_tabs, :manage_tabs
|
||
before_filter :welcome, :only => :index
|
||
# We only really need to see these when listing, (with a GET)
|
||
before_filter :detect_notices, :only => :index
|
||
# host list AJAX methods
|
||
# its located here, as it might be requested from the dashboard controller or via the hosts controller
|
||
... | ... | |
end
|
||
# Force a user to login if ldap authentication is enabled
|
||
# Force a user to login if authentication is enabled
|
||
# Sets @user and User.current to the logged in user, or to admin if logins are not used
|
||
def require_login
|
||
if SETTINGS[:login]
|
||
unless (session[:user] and (@user = User.find(session[:user])))
|
||
session[:original_uri] = request.request_uri
|
||
redirect_to login_users_path
|
||
unless session[:user] and @user = User.find(session[:user])
|
||
# User is not found or first login
|
||
if SETTINGS[:login]
|
||
# authentication is enabled
|
||
session[:original_uri] = request.request_uri # keep the old request uri that we can redirect later on
|
||
redirect_to login_users_path and return
|
||
else
|
||
# We assume we always have a user logged in, if authentication is disabled, the user is the build-in admin account.
|
||
if @user = User.find_by_login("admin")
|
||
session[:user] = @user.id
|
||
else
|
||
# TODO: Test this!
|
||
flash[:foreman_error] = "Unable to find internal system admin account - do you want to fix this?..."
|
||
end
|
||
end
|
||
else
|
||
session[:user] ||= User.find_by_login "admin"
|
||
@user = session[:user]
|
||
end
|
||
User.current = @user
|
||
end
|
||
# returns current user
|
||
def current_user
|
||
@username
|
||
@user
|
||
end
|
||
def invalid_request
|
||
... | ... | |
private
|
||
def detect_notices
|
||
@notices = User.current.try :notices
|
||
@notices = current_user.notices
|
||
end
|
||
def active_tab=(value); @active_tab = session[:controller_active_tabs][controller_name] = value; end
|
app/controllers/notices_controller.rb | ||
---|---|---|
class NoticesController < ApplicationController
|
||
def acknowledge
|
||
def destroy
|
||
@notice = Notice.find(params[:id])
|
||
if @notice.global
|
||
@notice.destroy
|
||
else
|
||
@notice.users.delete(User.current)
|
||
@notice.users.delete current_user
|
||
@notice.destroy unless @notice.users.any?
|
||
end
|
||
redirect_to :back
|
app/models/notice.rb | ||
---|---|---|
class Notice < ActiveRecord::Base
|
||
has_and_belongs_to_many :users, :join_table =>'user_notices'
|
||
validates_inclusion_of :level, :in => %w{warning message}
|
||
TYPES = %w{message warning}
|
||
before_validation :set_default_notice_level
|
||
validates_inclusion_of :level, :in => TYPES
|
||
validates_presence_of :content
|
||
before_save :add_to_all_users
|
||
def to_s
|
||
"#{global? ? "global" : "individual"} #{content}"
|
||
end
|
||
private
|
||
def add_to_all_users
|
||
self.users = User.all
|
||
end
|
||
def to_s
|
||
"#{global? ? "global" : "individual"} #{content[0,20]}"
|
||
def set_default_notice_level
|
||
self.level ||= TYPES.first
|
||
end
|
||
end
|
app/models/user.rb | ||
---|---|---|
validates_format_of :mail, :with => /^([^@\s]+)@((?:[-a-z0-9]+\.)+[a-z]{2,})$/i, :allow_nil => true
|
||
validates_length_of :mail, :maximum => 60, :allow_nil => true
|
||
before_destroy Ensure_not_used_by.new(:hosts)
|
||
before_destroy Ensure_not_used_by.new(:hosts), :ensure_admin_is_not_deleted
|
||
validate :name_used_in_a_usergroup
|
||
before_validation :prepare_password
|
||
... | ... | |
auth_source and auth_source.can_set_password?
|
||
end
|
||
private
|
||
private
|
||
def prepare_password
|
||
unless password.blank?
|
||
... | ... | |
end
|
||
end
|
||
# The internal Admin Account is always available
|
||
# this is required as when not using external authentication, the systems logs you in with the
|
||
# admin account automatically
|
||
def ensure_admin_is_not_deleted
|
||
if login == "admin"
|
||
errors.add_to_base "Can't Delete Internal Admin account"
|
||
logger.warn "Unable to delete Internal Admin Account"
|
||
return false
|
||
end
|
||
end
|
||
end
|
app/views/common/_notice.erb | ||
---|---|---|
<% unless (@notices.empty?) -%>
|
||
<div id="notice" style="clear:both;">
|
||
<% field_set_tag "Notifications" do %>
|
||
<table width="100%">
|
||
<% for notice in @notices-%>
|
||
<tr>
|
||
<td style="width:1%"><img src="images/<%= notice.level -%>.png"></td>
|
||
<td>
|
||
<%= notice.content %>
|
||
</td>
|
||
<td align="right" style="width:1%">
|
||
<% link_to notice_ack_path(notice) do -%>
|
||
<img src="images/close_hl.png">
|
||
<% end -%>
|
||
</td>
|
||
</tr>
|
||
<% end %>
|
||
</table>
|
||
<% end %>
|
||
</div>
|
||
<%= link_to_function "Toggle notifications section", toggle_div(:notice), :style => "float:right;color:red"%>
|
||
<% end %>
|
||
<div id="notice" style="clear:both;">
|
||
<% field_set_tag "Notifications" do %>
|
||
<table width="100%">
|
||
<% for notice in @notices-%>
|
||
<tr>
|
||
<td style="width:1%"><img src="images/<%= notice.level -%>.png"></td>
|
||
<td>
|
||
<%= truncate notice.content, 100 %>
|
||
</td>
|
||
<td align="right" style="width:1%">
|
||
<% link_to notice, :method => :delete do -%>
|
||
<img src="images/close_hl.png">
|
||
<% end -%>
|
||
</td>
|
||
</tr>
|
||
<% end %>
|
||
</table>
|
||
<% end %>
|
||
</div>
|
||
<%= link_to_function "Toggle notifications section", toggle_div(:notice), :style => "float:right;color:red"%>
|
app/views/layouts/standard.rhtml | ||
---|---|---|
<%= render "common/searchbar" rescue "<!-- The search facility is not available in this controllers -->" unless params[:action] == 'show' %>
|
||
<%= content_tag('div', flash[:foreman_error], :class => 'flash error') if flash[:foreman_error] -%>
|
||
<%= content_tag('div', flash[:foreman_notice], :class => 'flash notice') if flash[:foreman_notice] -%>
|
||
<%= render 'common/notice' -%>
|
||
<%= render 'common/notice' unless @notices.empty? -%>
|
||
<div id="content">
|
||
<%- if show_title? -%>
|
||
<h1><%=h yield(:title) %></h1>
|
config/routes.rb | ||
---|---|---|
:multiple_enable => :get, :submit_multiple_enable => :post}
|
||
map.dashboard '/dashboard', :controller => 'dashboard'
|
||
map.statistics '/statistics', :controller => 'statistics'
|
||
map.notice_ack '/acknowlege/:id', :controller => 'notices', :action => 'acknowledge'
|
||
map.resources :notices, :only => :destroy
|
||
map.resources :audits
|
||
map.resources :usergroups
|
||
map.resources :lookup_keys
|
test/functional/notices_controller_test.rb | ||
---|---|---|
class NoticesControllerTest < ActionController::TestCase
|
||
def setup
|
||
#User.current = User.first
|
||
@notice = Notice.create :global => false, :content => "hello", :level => "message"
|
||
@request.env['HTTP_REFERER'] = hosts_path
|
||
end
|
||
def test_acknowledge_for_global
|
||
@notice = Notice.create :global => true, :content => "hello", :level => "message"
|
||
@new_notice = Notice.create :global => true, :content => "hello", :level => "warning"
|
||
original = Notice.count
|
||
get :acknowledge, {:id => @notice.id}, set_session_user
|
||
delete :destroy, {:id => @new_notice}, set_session_user
|
||
final = Notice.count
|
||
assert original == final + 1
|
||
end
|
||
def test_acknowledge_for_individual
|
||
original = User.current.notices.count
|
||
get :acknowledge, {:id => @notice.id}, set_session_user
|
||
delete :destroy, {:id => @notice}, set_session_user
|
||
final = User.current.notices.count
|
||
assert (original == final + 1)
|
||
end
|
||
... | ... | |
def test_notice_is_finally_deleted
|
||
for user in User.all do
|
||
User.current = user
|
||
get :acknowledge, {:id => @notice.id}, {:user => user}
|
||
delete :destroy, {:id => @notice}, set_session_user
|
||
end
|
||
assert Notice.count == 0
|
||
end
|
test/unit/user_test.rb | ||
---|---|---|
assert_equal nil, User.try_to_login("anything", "")
|
||
end
|
||
# couldn't continue testing the rest of login method cause use auth_source.authenticate, which is not implemented yet
|
||
test "should not be able to delete the admin account" do
|
||
assert !User.find_by_login("admin").delete
|
||
end
|
||
end
|
||