end
end
- def authorize(realm = "Web Password", errormessage = "Couldn't authenticate you")
- # make the current_user object from any auth sources we have
- setup_user_auth
-
- # handle authenticate pass/fail
- unless current_user
- # no auth, the user does not exist or the password was wrong
- response.headers["WWW-Authenticate"] = "Basic realm=\"#{realm}\""
- render :plain => errormessage, :status => :unauthorized
- return false
- end
- end
-
def check_database_readable(need_api = false)
- if STATUS == :database_offline || (need_api && STATUS == :api_offline)
+ if Settings.status == "database_offline" || (need_api && Settings.status == "api_offline")
if request.xhr?
report_error "Database offline for maintenance", :service_unavailable
else
end
def check_database_writable(need_api = false)
- if STATUS == :database_offline || STATUS == :database_readonly ||
- (need_api && (STATUS == :api_offline || STATUS == :api_readonly))
+ if Settings.status == "database_offline" || Settings.status == "database_readonly" ||
+ (need_api && (Settings.status == "api_offline" || Settings.status == "api_readonly"))
if request.xhr?
report_error "Database offline for maintenance", :service_unavailable
else
end
def database_status
- if STATUS == :database_offline
+ if Settings.status == "database_offline"
:offline
- elsif STATUS == :database_readonly
+ elsif Settings.status == "database_readonly"
:readonly
else
:online
def api_status
status = database_status
if status == :online
- if STATUS == :api_offline
+ if Settings.status == "api_offline"
status = :offline
- elsif STATUS == :api_readonly
+ elsif Settings.status == "api_readonly"
status = :readonly
end
end
def gpx_status
status = database_status
- status = :offline if status == :online && STATUS == :gpx_offline
+ status = :offline if status == :online && Settings.status == "gpx_offline"
status
end
:style_src => %w['unsafe-inline']
)
- if STATUS == :database_offline || STATUS == :api_offline
+ if Settings.status == "database_offline" || Settings.status == "api_offline"
flash.now[:warning] = t("layouts.osm_offline")
- elsif STATUS == :database_readonly || STATUS == :api_readonly
+ elsif Settings.status == "database_readonly" || Settings.status == "api_readonly"
flash.now[:warning] = t("layouts.osm_read_only")
end
end
end
- def deny_access(exception)
- if @api_deny_access_handling
- api_deny_access(exception)
- else
- web_deny_access(exception)
- end
- end
-
- def web_deny_access(_exception)
+ def deny_access(_exception)
if current_token
set_locale
report_error t("oauth.permissions.missing"), :forbidden
end
end
- def api_deny_access(_exception)
- if current_token
- set_locale
- report_error t("oauth.permissions.missing"), :forbidden
- elsif current_user
- head :forbidden
- else
- realm = "Web Password"
- errormessage = "Couldn't authenticate you"
- response.headers["WWW-Authenticate"] = "Basic realm=\"#{realm}\""
- render :plain => errormessage, :status => :unauthorized
- end
- end
-
- attr_accessor :api_access_handling
-
- def api_deny_access_handler
- @api_deny_access_handling = true
- end
-
private
# extract authorisation credentials from headers, returns user = nil if none
projects / rails.git / blobdiff