diff options
-rw-r--r-- | lib/authorization-helper.rb | 5 | ||||
-rw-r--r-- | lib/opentox.rb | 4 |
2 files changed, 5 insertions, 4 deletions
diff --git a/lib/authorization-helper.rb b/lib/authorization-helper.rb index a32f9b7..625c99f 100644 --- a/lib/authorization-helper.rb +++ b/lib/authorization-helper.rb @@ -10,7 +10,8 @@ module OpenTox # @return [String] subjectid from session or nil def login(username, password) logout - session[:subjectid] = OpenTox::Authorization.authenticate(username, password) + OpenTox::Authorization.authenticate(username, password) + session[:subjectid] = OpenTox::RestClientWrapper.subjectid $logger.debug "ToxCreate login user #{username} with subjectid: " + session[:subjectid].to_s if session[:subjectid] != nil session[:username] = username @@ -69,7 +70,7 @@ module OpenTox request_method = request.env['REQUEST_METHOD'] uri = clean_uri("#{request.env['rack.url_scheme']}://#{request.env['HTTP_HOST']}#{request.env['REQUEST_URI']}") #.sub("http://","https://") request_method = "GET" if request_method == "POST" && uri =~ /\/model\/\d+\/?$/ - return OpenTox::Authorization.authorized?(uri, request_method, subjectid) + return OpenTox::Authorization.authorized?(uri, request_method) end # Cleans URI from querystring and file-extension. Sets port 80 to emptystring diff --git a/lib/opentox.rb b/lib/opentox.rb index 762c1f7..5809b88 100644 --- a/lib/opentox.rb +++ b/lib/opentox.rb @@ -39,12 +39,12 @@ module OpenTox @accept = request.env['HTTP_ACCEPT'] @accept = "text/html" if @accept =~ /\*\/\*/ or request.env["HTTP_USER_AGENT"]=~/MSIE/ @accept = request.params["media"] if request.params["media"] - Authorization.check_policy(@uri, @subjectid) if env['REQUEST_METHOD'] == "PUT" && $aa[:uri] + Authorization.check_policy(@uri) if env['REQUEST_METHOD'] == "PUT" && $aa[:uri] response['Content-Type'] = @accept end after do - Authorization.check_policy(@uri, @subjectid) if env['REQUEST_METHOD'].to_s == "POST" && $aa[:uri] + Authorization.check_policy(@uri) if env['REQUEST_METHOD'].to_s == "POST" && $aa[:uri] end |