def authorize_web
if session[:user]
- @user = User.find(session[:user], :conditions => {:visible => true})
+ @user = User.find(session[:user], :conditions => {:status => ["active", "confirmed", "suspended"]})
+
+ if @user.status == "suspended"
+ session[:user] = nil
+ session_expires_automatically
+
+ redirect_to :controller => "user", :action => "suspended"
+ end
elsif session[:token]
@user = User.authenticate(:token => session[:token])
session[:user] = @user.id
report_error message, :bad_request
rescue OSM::APIError => ex
report_error ex.message, ex.status
+ rescue ActionController::UnknownAction => ex
+ raise
rescue Exception => ex
logger.info("API threw unexpected #{ex.class} exception: #{ex.message}")
ex.backtrace.each { |l| logger.info(l) }
raise OSM::APIBadMethodError.new(method) unless ok
end
+ ##
+ # wrap an api call in a timeout
def api_call_timeout
SystemTimer.timeout_after(APP_CONFIG['api_timeout']) do
yield
raise OSM::APITimeoutError
end
+ ##
+ # wrap a web page in a timeout
+ def web_timeout
+ SystemTimer.timeout_after(APP_CONFIG['web_timeout']) do
+ yield
+ end
+ rescue ActionView::TemplateError => ex
+ if ex.original_exception.is_a?(Timeout::Error)
+ render :action => "timeout"
+ else
+ raise
+ end
+ rescue Timeout::Error
+ render :action => "timeout"
+ end
+
##
# extend caches_action to include the parameters, locale and logged in
# status in all cache keys
case
when user.nil? then user = :none
when user.display_name == controller.params[:display_name] then user = :self
+ when user.administrator? then user = :administrator
+ when user.moderator? then user = :moderator
else user = :other
end
##
# extend expire_action to expire all variants
def expire_action(options = {})
- path = fragment_cache_key(options).gsub('?', '.').gsub(':', '.')
+ path = ActionCachePath.path_for(self, options, false).gsub('?', '.').gsub(':', '.')
expire_fragment(Regexp.new(Regexp.escape(path) + "\\..*"))
end
projects / rails.git / blobdiff