12345678910111213141516171819202122232425262728293031323334353637383940414243444546 |
- class PassesController < ApplicationController
- protect_from_forgery
- before_action :common
- before_action :determine_user
- def common
- @current_url = url_for(:only_path => false)
- end
- # deduplicate this with people_controller.rb
- def determine_user
- if session[:cas].respond_to?(:with_indifferent_access)
- session[:cas] = session[:cas].with_indifferent_access
- end
- if session[:cas].nil? || session[:cas][:user].nil? #|| (session[:cas][:last_validated_at].blank? || session[:cas][:last_validated_at] < 15.minutes.ago)
- redirect_to "https://login.mephi.ru/login?service=#{url_for(:only_path => false)}"
- end
- @user = session[:cas]
- unless @user.nil?
- @user["user"] = @user["user"].downcase
- @allowed_users = [ 'dyokunev', 'nnromanov', 'aatruttse', 'avsolodovnikov', 'pvmakarov', 'kvmartinov', 'earoganov' ]
- unless @allowed_users.include?(@user["user"])
- render(:file => File.join(Rails.root, 'public/403.html'), :status => 403, :layout => false)
- end
- end
- end
- def show
- @pass = Pass.find(params[:id])
- respond_to do |format|
- format.html
- format.json { render :json => @pass.to_json }
- format.xml { render :xml => @pass.to_xml }
- format.yaml { render :yaml => @pass.to_yaml }
- format.jpeg { send_data @pass.GetPhoto, :type => 'image/jpeg', :disposition => 'inline' }
- end
- end
- end
|