Class: SessionsController

This controller handles the login/logout function of the site.

Methods

change_metaserver
check_test_password
create
destroy
ensure_valid_metaserver_settings
ensure_valid_password
first_login?
get_projects
init
new
setup
update_user_selection

Public Instance methods

change_metaserver()

If the user chooses ‘Change Meta-Server’, this method will reset all the internal variables so she can start choosing a new Meta-Server from the begining.

[ show source ]

    # File app/controllers/sessions_controller.rb, line 29
29:   def change_metaserver
30:     session[:meta_server] = nil
31:     render :update do |page|
32:       page.replace_html 'meta_server', :partial => 'meta_server'
33:     end
34:   end

create()

Create a new session for the :login user if the :password matches the one configured in this instance (see Configuration.password)

[ show source ]

     # File app/controllers/sessions_controller.rb, line 102
102:   def create
103:     usr = params.fetch(:login, nil)
104:     pwd = params.fetch(:password, nil)
105:     if not ( usr.nil? || pwd.nil? || pwd != Configuration.password)
106:       flash[:first_login] = first_login?
107:       self.current_user = usr
108:       redirect_back_or_default('/')
109:       flash[:notice] = 'Logged in successfully.'
110:     else
111:       flash.now[:error] = 'Try again.'
112:       render :action => 'new'
113:     end
114:   end

destroy()

Logout action. Reset the session.

[ show source ]

     # File app/controllers/sessions_controller.rb, line 117
117:   def destroy
118:     #self.current_user.forget_me if logged_in?
119:     #cookies.delete :auth_token
120:     reset_session
121:     flash[:notice] = "You have been logged out."
122:     redirect_back_or_default( login_path )
123:   end

get_projects()

When the user chooses ‘Checkout from Meta-Server’ this action will retrieve the available projects from the Meta-Server for the user to choose from.

[ show source ]

    # File app/controllers/sessions_controller.rb, line 38
38:   def get_projects
39:     render :update do |page|
40:       @projects = nil
41:       begin
42:         meta_server = session[:meta_server] || MetaServer.new( params.fetch( :meta_server, {} ) )
43:         @projects = Project.find_from_metaserver(meta_server)
44:         session[:meta_server] = meta_server
45: 
46:         page.replace_html 'meta_server', :partial => 'project_browser'
47:       rescue Exception => e
48:         flash.now[:meta_server] = e.message
49:         page.replace_html 'meta_server', :partial => 'meta_server'
50:       end
51:     end
52:   end

init()

Initialise the session, clear any objects that might currently exist and present the session start up configuration HTML form.

[ show source ]

    # File app/controllers/sessions_controller.rb, line 14
14:   def init
15:     unless (Configuration.password == 'improvable_dradis')
16:       redirect_to :action => :new
17:     end
18:     @projects = nil
19:     @new_project = true
20:     if session[:meta_server]
21:       @new_project = false
22:       @projects = Project.find_from_metaserver( session[:meta_server] )
23:     end
24:   end

new()

Present the login form

[ show source ]

    # File app/controllers/sessions_controller.rb, line 97
97:   def new
98:   end

setup()

Once the user submits the settings form we initialise the database, note that the ensure_valid_password and ensure_valid_metaserver_settings filters have performed the necessary validation of the supplied input

[ show source ]

    # File app/controllers/sessions_controller.rb, line 57
57:   def setup
58:     unless (Configuration.password == 'improvable_dradis')
59:       redirect_to :action => :new
60:       return
61:     end
62: 
63:    
64:     # Step 3: Initialise the project
65:     # @password was set by the ensure_valid_password filter
66:     c = Configuration.find_by_name('password')
67:     c.value = @password 
68:     c.save
69: 
70:     if (@new_project)
71:       Configuration.create( :name => 'mode', :value => 'new' )
72:     else
73:       # Download project revision
74:       uploadsNode = Node.find_or_create_by_label(Configuration.uploadsNode)
75:       import_path = File.join( RAILS_ROOT, 'attachments', uploadsNode.id.to_s )
76:       FileUtils.mkdir_p( import_path )
77:       package_file = File.join( import_path, 'revision_import.zip' )
78:       File.open( package_file, 'wb+') do |f|
79:         f.write Base64::decode64( @project_revision.get(:download) )
80:       end
81: 
82:       # Unpack, restore the DB and attachments
83:       ProjectPackageUpload.import( 
84:         :file => Attachment.new(:filename => 'revision_import.zip', 
85:                                 :node_id => uploadsNode.id) 
86:       )
87: 
88:       Configuration.create( :name => 'mode', :value => 'meta-server' )
89:       Configuration.create( :name => 'project', :value => @project_revision.prefix_options[:project_id].to_s )
90:     end
91: 
92:     flash[:notice] =  'Password set. Please log in.<br/> Remember to adjust the client configuration file (client/conf/dradis.xml).'
93:     redirect_to :action => :new
94:   end

Protected Instance methods

check_test_password()

before filter, if the database doesn‘t contain a valid password, a new one is created.

[ show source ]

     # File app/controllers/sessions_controller.rb, line 128
128:   def check_test_password
129:     if (Configuration.password == 'improvable_dradis')
130:       redirect_to :action => :init
131:     end
132:   end

ensure_valid_metaserver_settings()

Check that a user has choosen a revision if running in meta-server @mode

[ show source ]

     # File app/controllers/sessions_controller.rb, line 191
191:   def ensure_valid_metaserver_settings
192:     # Step 2: Ensure that we have a Revision, if the user has chosen meta-server mode
193:     revision = params.fetch(:revision, nil)
194: 
195:     if (@mode.nil? || ((@mode!='meta-server') & (@mode!='new')))
196:       flash[:error] = 'You have to choose a valid mode'
197:       redirect_to :action => :init
198:       return false
199:     end
200: 
201:     if (@mode == 'meta-server') && revision.nil? 
202:       flash[:error] = 'You have to choose a revision to checkout'
203:       redirect_to :action => :init
204:       return false
205:     end
206: 
207:     if (@mode == 'meta-server') && session[:meta_server].nil?
208:       # TODO: this should never happen!!
209:       #flash[:error] = 'You have to choose a revision to checkout'
210:       redirect_to :action => :init
211:       return      
212:     end
213:     
214:     
215:     @project_revision = nil
216:     if ( !@new_project )
217:       project, revision = revision.split('_')
218:       p_id = project.to_i
219:       r_id = revision.to_i
220:       begin
221:         Project.site_from_metaserver( session[:meta_server] )
222:         project = Project.find(p_id)
223:         revision_found = false
224:         project.attributes['revisions'].each do |rev|
225:           next if (rev.id != r_id)
226:           revision_found = true
227:           @project_revision = rev
228:         end
229: 
230:         if !revision_found
231:           flash[:error] = 'Invalid revision'
232:           redirect_to :action => :init
233:           return      
234:         end
235:       rescue
236:           flash[:error] = 'Invalid revision'
237:           redirect_to :action => :init
238:           return      
239:       end
240:     end
241:    
242:     return true
243:   end

ensure_valid_password()

Ensure that the user has provided a valid password, that the password matches the confirmation and that they are not empty.

[ show source ]

     # File app/controllers/sessions_controller.rb, line 162
162:   def ensure_valid_password
163:     # Step 1:  Password and Password confirmation match
164:     pwd = params.fetch( :password, nil )
165:     if (pwd.nil?)
166:       flash[:error] = 'You need to provide new password information.'
167:       redirect_to :action => :init
168:       return false
169:     end
170:     
171:     pwd1 = pwd.fetch( :value, nil )
172:     pwd2 = pwd.fetch( :confirm_value, nil )
173:     
174:     if (pwd1.nil? || pwd2.nil? || pwd1.blank?)
175:       flash[:error] = 'You need to provide both a password and a confirmation.'
176:       redirect_to :action => :init
177:       return false
178:     end
179:     
180:     if not pwd1 == pwd2
181:       flash[:error] = 'The password did not match the confirmation.'
182:       redirect_to :action => :init
183:       return false
184:     end
185:  
186:     @password = pwd1
187:     return true
188:   end

first_login?()

we determine if the login event is the first for this dradis deployment by checking the existance of a file in the config folder the file is created if it does not exist

[ show source ]

     # File app/controllers/sessions_controller.rb, line 137
137:   def first_login?
138:     if File.exists?(File.join(RAILS_ROOT, "config/first_login.txt"))
139:       first_login = false
140:     else
141:       file_handle = File.new(File.join(RAILS_ROOT, "config/first_login.txt"), "w")
142:       file_handle << "This file indicates that a succesful login event has occurred on this dradis instance"
143:       file_handle.close
144:       first_login = true
145:     end
146:     return first_login
147:   end

update_user_selection()

Ensure that we keep the choosen preferences by the user, just in case a validation does fail, the user should still be presented with the right interface

[ show source ]

     # File app/controllers/sessions_controller.rb, line 152
152:   def update_user_selection
153:     @mode = params.fetch(:mode, nil)
154:     # Just in case validation fails, ensure that the checkboxes have the right
155:     # selection
156:     session[:meta_server] = nil if (@mode == 'new')
157:     @new_project = session[:meta_server] ? false : true
158:   end