Merge pull request #251 from openHPI/bugfixes

Multiple Bugfixes
This commit is contained in:
rteusner
2019-02-05 13:15:25 +01:00
committed by GitHub
10 changed files with 42 additions and 27 deletions

View File

@ -20,7 +20,14 @@ class ApplicationController < ActionController::Base
def render_not_authorized
respond_to do |format|
format.html { redirect_to(request.referrer || :root, alert: t('application.not_authorized')) }
format.html do
# Prevent redirect loop
if request.url == request.referrer
redirect_to :root, alert: t('application.not_authorized')
else
redirect_back fallback_location: :root, allow_other_host: false, alert: t('application.not_authorized')
end
end
format.json { render json: {error: t('application.not_authorized')}, status: :unauthorized }
end
end

View File

@ -37,7 +37,6 @@ class CommentsController < ApplicationController
def create
@comment = Comment.new(comment_params_without_request_id)
respond_to do |format|
if @comment.save
if comment_params[:request_id]
request_for_comment = RequestForComment.find(comment_params[:request_id])
@ -49,19 +48,16 @@ class CommentsController < ApplicationController
else
render json: @comment.errors, status: :unprocessable_entity
end
end
authorize!
end
# PATCH/PUT /comments/1.json
def update
respond_to do |format|
if @comment.update(comment_params_without_request_id)
render :show, status: :ok, location: @comment
else
render json: @comment.errors, status: :unprocessable_entity
end
end
authorize!
end

View File

@ -20,10 +20,14 @@ class SessionsController < ApplicationController
def create_through_lti
store_lti_session_data(consumer: @consumer, parameters: params)
store_nonce(params[:oauth_nonce])
if params[:redirect_target]
redirect_to(params[:redirect_target])
else
redirect_to(implement_exercise_path(@exercise),
notice: t("sessions.create_through_lti.session_#{lti_outcome_service?(@exercise.id, @current_user.id , @consumer.id) ? 'with' : 'without'}_outcome",
consumer: @consumer))
end
end
def destroy
if current_user.external_user?

View File

@ -15,7 +15,7 @@ class StudyGroupsController < ApplicationController
def edit
@search = @study_group.users.search(params[:q])
@members = StudyGroupMembership.where(user: @search.result)
@members = StudyGroupMembership.where(user: @search.result, study_group: @study_group)
end
def update

View File

@ -2,7 +2,7 @@ class InternalUser < User
authenticates_with_sorcery!
validates :email, presence: true, uniqueness: true
validates :email, presence: true, uniqueness: true, case_sensitive: false
validates :password, confirmation: true, if: :password_void?, on: :update, presence: true
validates :role, inclusion: {in: ROLES}

View File

@ -8,4 +8,12 @@ class StudyGroup < ApplicationRecord
has_many :users, through: :study_group_memberships, source_type: 'ExternalUser'
has_many :submissions
belongs_to :consumer
def to_s
if name.blank?
"StudyGroup " + id.to_s
else
name
end
end
end

View File

@ -8,7 +8,7 @@
- if object
li.breadcrumb-item = object
- else
li.breadcrumb-item = link_to_if(policy(model).show?, model.model_name.human(count: 2), send(:"#{model.model_name.collection}_path"))
li.breadcrumb-item = link_to_if(policy(model).index?, model.model_name.human(count: 2), send(:"#{model.model_name.collection}_path"))
- if object
li.breadcrumb-item = link_to_if(policy(object).show?, object, send(:"#{model.model_name.singular}_path", object))
li.breadcrumb-item.active

View File

@ -10,7 +10,7 @@ h1 = ExternalUser.model_name.human(count: 2)
tbody
- @users.each do |user|
tr
td = link_to_if(policy(user).show?, user.displayname)
td = link_to_if(policy(user).show?, user.displayname, user)
td = link_to_if(policy(user.consumer).show?, user.consumer, user.consumer)
td = link_to(t('shared.show'), user) if policy(user).show?

View File

@ -158,7 +158,7 @@ Rails.application.config.sorcery.configure do |config|
# downcase the username before trying to authenticate, default is false
# Default: `false`
#
# user.downcase_username_before_authenticating =
user.downcase_username_before_authenticating = true
# change default email attribute.

View File

@ -26,7 +26,7 @@ Rails.application.routes.draw do
get '/my_rfc_activity', as: 'my_rfc_activity', to: 'request_for_comments#get_rfcs_with_my_comments'
delete '/comment_by_id', to: 'comments#destroy_by_id'
put '/comments', to: 'comments#update'
put '/comments', to: 'comments#update', defaults: { format: :json }
resources :subscriptions, only: [:create, :destroy] do
member do