def authorize_web
if session[:user]
- @user = User.find(session[:user], :conditions => {:visible => true})
+ @user = User.find(session[:user], :conditions => {:status => ["active", "confirmed", "suspended"]})
+
+ if @user.status == "suspended"
+ session[:user] = nil
+ session_expires_automatically
+
+ redirect_to :controller => "user", :action => "suspended"
+ end
elsif session[:token]
@user = User.authenticate(:token => session[:token])
session[:user] = @user.id
report_error message, :bad_request
rescue OSM::APIError => ex
report_error ex.message, ex.status
+ rescue ActionController::UnknownAction => ex
+ raise
rescue Exception => ex
logger.info("API threw unexpected #{ex.class} exception: #{ex.message}")
ex.backtrace.each { |l| logger.info(l) }
end
def api_call_timeout
- Timeout::timeout(APP_CONFIG['api_timeout'], OSM::APITimeoutError) do
+ SystemTimer.timeout_after(APP_CONFIG['api_timeout']) do
yield
end
+ rescue Timeout::Error
+ raise OSM::APITimeoutError
end
##
case
when user.nil? then user = :none
when user.display_name == controller.params[:display_name] then user = :self
+ when user.administrator? then user = :administrator
+ when user.moderator? then user = :moderator
else user = :other
end
##
# extend expire_action to expire all variants
def expire_action(options = {})
- path = fragment_cache_key(options).gsub('?', '.').gsub(':', '.')
+ path = ActionCachePath.path_for(self, options, false).gsub('?', '.').gsub(':', '.')
expire_fragment(Regexp.new(Regexp.escape(path) + "\\..*"))
end