diff options
| author | Robert | 2017-06-19 13:50:07 +0200 |
|---|---|---|
| committer | Robert | 2017-06-19 13:52:07 +0200 |
| commit | aceeb812800c9429631f9c21d3f1b063ee634fef (patch) | |
| tree | 91e7c7ada3c38c24959e79d1d56643e9e21ae97d | |
| parent | 9ef3d205aa091d509455b3607d5ecc74431c6196 (diff) | |
| download | chouette-core-aceeb812800c9429631f9c21d3f1b063ee634fef.tar.bz2 | |
Refs #3791@2h; fixes cas_extra_attributes= and redirects correctly; still missing flash message
| -rw-r--r-- | app/controllers/devise/cas_sessions_controller.rb | 10 | ||||
| -rw-r--r-- | app/models/user.rb | 3 |
2 files changed, 9 insertions, 4 deletions
diff --git a/app/controllers/devise/cas_sessions_controller.rb b/app/controllers/devise/cas_sessions_controller.rb index 0a9d9ecb2..d000d0309 100644 --- a/app/controllers/devise/cas_sessions_controller.rb +++ b/app/controllers/devise/cas_sessions_controller.rb @@ -20,14 +20,14 @@ class Devise::CasSessionsController < Devise::SessionsController if LoginPolicy.new(current_user).boiv? redirect_to after_sign_in_path_for(current_user) else - redirect_to root_path, flash: {alert: t('devise.sessions.new.unauthorized')} + destroy message: t('devise.sessions.new.unauthorized') end end def unregistered end - def destroy + def destroy message: nil # if :cas_create_user is false a CAS session might be open but not signed_in # in such case we destroy the session here if signed_in?(resource_name) @@ -36,7 +36,11 @@ class Devise::CasSessionsController < Devise::SessionsController reset_session end - redirect_to(cas_logout_url) + if message + redirect_to(cas_logout_url, flash: {alert: message}) + else + redirect_to(cas_logout_url) + end end def single_sign_out diff --git a/app/models/user.rb b/app/models/user.rb index 1a06746da..4ba05b164 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -31,13 +31,14 @@ class User < ActiveRecord::Base @@edit_offer_permissions = ['routes.create', 'routes.edit', 'routes.destroy', 'journey_patterns.create', 'journey_patterns.edit', 'journey_patterns.destroy', 'vehicle_journeys.create', 'vehicle_journeys.edit', 'vehicle_journeys.destroy', 'time_tables.create', 'time_tables.edit', 'time_tables.destroy', 'footnotes.edit', 'footnotes.create', 'footnotes.destroy', 'routing_constraint_zones.create', 'routing_constraint_zones.edit', - 'routing_constraint_zones.destroy', 'referentials.create', 'referentials.edit', 'referentials.destroy'] + 'routing_constraint_zones.destroy', 'referentials.create', 'referentials.edit', 'referentials.destroy', 'boiv:edit-offer'] mattr_reader :edit_offer_permissions def self.all_permissions edit_offer_permissions end + # Callback invoked by DeviseCasAuthenticable::Model#authernticate_with_cas_ticket def cas_extra_attributes=(extra_attributes) extra = extra_attributes.inject({}){|memo,(k,v)| memo[k.to_sym] = v; memo} self.name = extra[:full_name] |