Commit ad0d9173 authored by Ryan Lee's avatar Ryan Lee

use built ins to make sure POST is used

parent 7461a711
......@@ -2,38 +2,35 @@ class ZepheiraController < ApplicationController
skip_before_filter :verify_authenticity_token
verify method: :post, only: :ldap, render: { nothing: true, status: :method_not_allowed }
def ldap
if request.post?
created = false
user = nil
login = params[:username]
auth_sources = AuthSource.find(:all)
auth_sources.each do |src|
if src.auth_method_name == 'LDAP'
# Cheating. Private method.
attrs = src.__send__(:get_user_dn, login)
if attrs.length > 0
user = User.new(attrs.except(:dn))
user.login = login
user.language = Setting.default_language
if user.save
created = true
logger.info("User '#{user.login}' created from #{user.auth_source.name} by API") if logger && user.auth_source
end
created = false
user = nil
login = params[:username]
auth_sources = AuthSource.find(:all)
auth_sources.each do |src|
if src.auth_method_name == 'LDAP'
# Cheating. Private method.
attrs = src.__send__(:get_user_dn, login)
if attrs.length > 0
user = User.new(attrs.except(:dn))
user.login = login
user.language = Setting.default_language
if user.save
created = true
logger.info("User '#{user.login}' created from #{user.auth_source.name} by API") if logger && user.auth_source
end
end
end
if !created
if user.nil?
render_404
else
render :nothing => true, :status => 422
end
end
if !created
if user.nil?
render_404
else
render :nothing => true, :status => 201
render :nothing => true, :status => 422
end
else
render :nothing => true, :status => 405
render :nothing => true, :status => 201
end
end
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment