deac/instiki
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Merge branch 'bzr/golem' of /Users/distler/Sites/code/instiki

Browse source
This commit is contained in:
Jacques Distler 2010-11-22 19:13:15 -06:00
parent 88291ee4a2 cd674bbb36
commit 8d7381bb54
2 changed files with 15 additions and 20 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
app/controllers/application_controller.rb
View file

@ -42,10 +42,8 @@ class ApplicationController < ActionController::Base
end end
def check_authorization def check_authorization
if in_a_web? and authorization_needed? and not authorized? redirect_to(:controller => 'wiki', :action => 'login',
redirect_to :controller => 'wiki', :action => 'login', :web => @web_name :web => @web_name) if in_a_web? and authorization_needed? and not authorized?
return false
end
end end
def connect_to_model def connect_to_model
@ -55,10 +53,8 @@ class ApplicationController < ActionController::Base
@author = cookies['author'] || 'AnonymousCoward' @author = cookies['author'] || 'AnonymousCoward'
if @web_name if @web_name
@web = @wiki.webs[@web_name] @web = @wiki.webs[@web_name]
if @web.nil? render(:status => 404, :text => "Unknown web '#{@web_name}'",
render(:status => 404, :text => "Unknown web '#{@web_name}'", :layout => 'error') :layout => 'error') if @web.nil?
return false
end
end end
end end
@ -252,7 +248,6 @@ class ApplicationController < ActionController::Base
layout = false if %w(tex tex_list).include?(action_name) layout = false if %w(tex tex_list).include?(action_name)
headers['Allow'] = 'POST' headers['Allow'] = 'POST'
render(:status => 405, :text => 'You must use an HTTP POST', :layout => layout) render(:status => 405, :text => 'You must use an HTTP POST', :layout => layout)
return false
end end
return true return true
end end

10
app/controllers/file_controller.rb
View file

@ -88,17 +88,14 @@ class FileController < ApplicationController
protected protected
def check_authorized def check_authorized
if authorized? or @web.published? unless authorized? or @web.published?
return true
else
@hide_navigation = true @hide_navigation = true
render(:status => 403, :text => 'This web is private', :layout => true) render(:status => 403, :text => 'This web is private', :layout => true)
return false
end end
end end
def check_allow_uploads def check_allow_uploads
render(:status => 404, :text => "Web #{params['web'].inspect} not found", :layout => 'error') and return false unless @web if @web
if @web.allow_uploads? and authorized? if @web.allow_uploads? and authorized?
return true return true
else else
@ -106,6 +103,9 @@ class FileController < ApplicationController
render(:status => 403, :text => 'File uploads are blocked by the webmaster', :layout => true) render(:status => 403, :text => 'File uploads are blocked by the webmaster', :layout => true)
return false return false
end end
else
render(:status => 404, :text => "Web #{params['web'].inspect} not found", :layout => 'error')
end
end end
private private