Merge branch 'bzr/golem' of /Users/distler/Sites/code/instiki

master
Jacques Distler 2010-11-22 19:13:15 -06:00
commit 8d7381bb54
2 changed files with 15 additions and 20 deletions

View File

@ -41,11 +41,9 @@ class ApplicationController < ActionController::Base
s.scan( %r(\w{#{n},#{n}}) ).collect {|a| (a.hex * 2/3).to_s(16).rjust(n,'0')}.join s.scan( %r(\w{#{n},#{n}}) ).collect {|a| (a.hex * 2/3).to_s(16).rjust(n,'0')}.join
end end
def check_authorization def check_authorization
if in_a_web? and authorization_needed? and not authorized? redirect_to(:controller => 'wiki', :action => 'login',
redirect_to :controller => 'wiki', :action => 'login', :web => @web_name :web => @web_name) if in_a_web? and authorization_needed? and not authorized?
return false
end
end end
def connect_to_model def connect_to_model
@ -55,10 +53,8 @@ class ApplicationController < ActionController::Base
@author = cookies['author'] || 'AnonymousCoward' @author = cookies['author'] || 'AnonymousCoward'
if @web_name if @web_name
@web = @wiki.webs[@web_name] @web = @wiki.webs[@web_name]
if @web.nil? render(:status => 404, :text => "Unknown web '#{@web_name}'",
render(:status => 404, :text => "Unknown web '#{@web_name}'", :layout => 'error') :layout => 'error') if @web.nil?
return false
end
end end
end end
@ -252,7 +248,6 @@ class ApplicationController < ActionController::Base
layout = false if %w(tex tex_list).include?(action_name) layout = false if %w(tex tex_list).include?(action_name)
headers['Allow'] = 'POST' headers['Allow'] = 'POST'
render(:status => 405, :text => 'You must use an HTTP POST', :layout => layout) render(:status => 405, :text => 'You must use an HTTP POST', :layout => layout)
return false
end end
return true return true
end end

View File

@ -88,23 +88,23 @@ class FileController < ApplicationController
protected protected
def check_authorized def check_authorized
if authorized? or @web.published? unless authorized? or @web.published?
return true
else
@hide_navigation = true @hide_navigation = true
render(:status => 403, :text => 'This web is private', :layout => true) render(:status => 403, :text => 'This web is private', :layout => true)
return false
end end
end end
def check_allow_uploads def check_allow_uploads
render(:status => 404, :text => "Web #{params['web'].inspect} not found", :layout => 'error') and return false unless @web if @web
if @web.allow_uploads? and authorized? if @web.allow_uploads? and authorized?
return true return true
else
@hide_navigation = true
render(:status => 403, :text => 'File uploads are blocked by the webmaster', :layout => true)
return false
end
else else
@hide_navigation = true render(:status => 404, :text => "Web #{params['web'].inspect} not found", :layout => 'error')
render(:status => 403, :text => 'File uploads are blocked by the webmaster', :layout => true)
return false
end end
end end