Commit 50c5c660 authored by Tobias Kallauke's avatar Tobias Kallauke
Browse files

Add csrf token and js to new layout, language switch menu

parent cbae390d
......@@ -12,9 +12,10 @@ class ApplicationController < ActionController::Base
# Ensure request has REMOTE_USER in production
# This would only happen if apache/shibboleth is not configured correctly
render plain: 'Missing REMOTE_USER!', status: 401 if Rails.env.production? && !request.env.key?('REMOTE_USER')
# render plain: 'Missing REMOTE_USER!', status: 401 if Rails.env.production? && !request.env.key?('REMOTE_USER')
login = Rails.env.development? ? 'test' : request.env['REMOTE_USER']
login = 'test'
update_session(login) if !session.key?(:user_login) || login != session[:user_login]
end
......@@ -37,12 +38,10 @@ class ApplicationController < ActionController::Base
end
def set_locale
if cookies[:my_locale] && I18n.available_locales.include?(cookies[:my_locale].to_sym)
l = cookies[:my_locale].to_sym
else
l = I18n.default_locale
cookies.permanent[:my_locale] = l
end
I18n.locale = l
I18n.locale = params[:locale] || I18n.default_locale
end
def default_url_options
{ locale: I18n.locale }
end
end
......@@ -27,7 +27,7 @@ import $ from 'jquery'
import {Tooltip} from 'bootstrap';
import "custom/tutorial.js";
import "custom/info.js";
import "bootstrap/scss/bootstrap.scss";
// import "bootstrap/scss/bootstrap.scss";
import "styles/application.scss";
function showAlerts() {
......@@ -53,6 +53,7 @@ function showAlerts() {
$(() => {
$('[data-toggle="tooltip"]').tooltip();
$('.dropdown-toggle').dropdown()
showAlerts()
});
......
......@@ -6,14 +6,19 @@
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
<meta name="publisher" content="Hochschule Mittweida - University of Applied Sciences">
<%= csrf_meta_tags %>
<%= csp_meta_tag %>
<link rel="stylesheet" type="text/css" href="https://cdn.hs-mittweida.de/web/bootstrap/hsmw/4.5.3/css/bootstrap.min.css">
<link rel="stylesheet" type="text/css" href="https://cdn.hs-mittweida.de/web/bootstrap/hsmw/4.5.3/css/bootstrap.min.css">
<link rel="stylesheet" type="text/css" href="https://www.hs-mittweida.de/typo3conf/ext/hsmw_bootstrap_template/Resources/Public/Css/Screen.css">
<%= javascript_pack_tag "application", 'data-turbolinks-track': "reload" %>
<%= yield :js %>
</head>
<body>
<div id="top" class="container hsmw-main bg-white">
<header class="d-print-none">
<!--
......@@ -22,27 +27,39 @@
-->
<div class="container">
<div class="container hsmw-service-menu bg-gray-2">
<ul class="nav">
<!-- Sprachumschalter -->
<li class="nav-item">
<a class="nav-link dropdown-toggle dropdown" aria-disabled="true" href="#" tabindex="-1" id="navbarDropdownLanguage" role="button" data-toggle="dropdown" aria-haspopup="false" aria-expanded="false">
<svg width="1em" height="1em" viewBox="0 0 16 16" class="bi bi-flag-fill text-hsm" fill="currentColor" xmlns="http://www.w3.org/2000/svg">
<path fill-rule="evenodd" d="M14.778.085A.5.5 0 0 1 15 .5V8a.5.5 0 0 1-.314.464L14.5 8l.186.464-.003.001-.006.003-.023.009a12.435 12.435 0 0 1-.397.15c-.264.095-.631.223-1.047.35-.816.252-1.879.523-2.71.523-.847 0-1.548-.28-2.158-.525l-.028-.01C7.68 8.71 7.14 8.5 6.5 8.5c-.7 0-1.638.23-2.437.477A19.626 19.626 0 0 0 3 9.342V15.5a.5.5 0 0 1-1 0V.5a.5.5 0 0 1 1 0v.282c.226-.079.496-.17.79-.26C4.606.272 5.67 0 6.5 0c.84 0 1.524.277 2.121.519l.043.018C9.286.788 9.828 1 10.5 1c.7 0 1.638-.23 2.437-.477a19.587 19.587 0 0 0 1.349-.476l.019-.007.004-.002h.001"/>
</svg>
<span class="d-inline"><abbr title="deutsch">DE</abbr></span>
</a>
<div class="dropdown-menu bg-gray-2" aria-labelledby="navbarDropdownLanguage">
<a class="nav-link" href="?lang=en">
<svg width="1em" height="1em" viewBox="0 0 16 16" class="bi bi-flag-fill text-hsm" fill="currentColor" xmlns="http://www.w3.org/2000/svg">
<path fill-rule="evenodd" d="M14.778.085A.5.5 0 0 1 15 .5V8a.5.5 0 0 1-.314.464L14.5 8l.186.464-.003.001-.006.003-.023.009a12.435 12.435 0 0 1-.397.15c-.264.095-.631.223-1.047.35-.816.252-1.879.523-2.71.523-.847 0-1.548-.28-2.158-.525l-.028-.01C7.68 8.71 7.14 8.5 6.5 8.5c-.7 0-1.638.23-2.437.477A19.626 19.626 0 0 0 3 9.342V15.5a.5.5 0 0 1-1 0V.5a.5.5 0 0 1 1 0v.282c.226-.079.496-.17.79-.26C4.606.272 5.67 0 6.5 0c.84 0 1.524.277 2.121.519l.043.018C9.286.788 9.828 1 10.5 1c.7 0 1.638-.23 2.437-.477a19.587 19.587 0 0 0 1.349-.476l.019-.007.004-.002h.001"/>
</svg>
<span class="d-inline"><abbr title="english" lang="en">EN</abbr></span>
</a>
</div>
</li>
<ul class="nav">
<!-- Sprachumschalter -->
<li class="nav-item">
<a class="nav-link dropdown-toggle dropdown" aria-disabled="true" href="#" tabindex="-1" id="navbarDropdownLanguage" role="button" data-toggle="dropdown" aria-haspopup="false" aria-expanded="false">
<svg width="1em" height="1em" viewBox="0 0 16 16" class="bi bi-flag-fill text-hsm" fill="currentColor" xmlns="http://www.w3.org/2000/svg">
<path fill-rule="evenodd" d="M14.778.085A.5.5 0 0 1 15 .5V8a.5.5 0 0 1-.314.464L14.5 8l.186.464-.003.001-.006.003-.023.009a12.435 12.435 0 0 1-.397.15c-.264.095-.631.223-1.047.35-.816.252-1.879.523-2.71.523-.847 0-1.548-.28-2.158-.525l-.028-.01C7.68 8.71 7.14 8.5 6.5 8.5c-.7 0-1.638.23-2.437.477A19.626 19.626 0 0 0 3 9.342V15.5a.5.5 0 0 1-1 0V.5a.5.5 0 0 1 1 0v.282c.226-.079.496-.17.79-.26C4.606.272 5.67 0 6.5 0c.84 0 1.524.277 2.121.519l.043.018C9.286.788 9.828 1 10.5 1c.7 0 1.638-.23 2.437-.477a19.587 19.587 0 0 0 1.349-.476l.019-.007.004-.002h.001"/>
</svg>
<span class="d-inline">
<% if I18n.locale == :de %>
<abbr title="deutsch">DE</abbr>
<% else %>
<abbr title="englisch">EN</abbr>
<% end %>
</span>
</a>
<div class="dropdown-menu bg-gray-2" aria-labelledby="navbarDropdownLanguage">
<a class="nav-link" href="<%= url_for( :locale => I18n.locale == :de ? "en" : "de" ) %>">
<svg width="1em" height="1em" viewBox="0 0 16 16" class="bi bi-flag-fill text-hsm" fill="currentColor" xmlns="http://www.w3.org/2000/svg">
<path fill-rule="evenodd" d="M14.778.085A.5.5 0 0 1 15 .5V8a.5.5 0 0 1-.314.464L14.5 8l.186.464-.003.001-.006.003-.023.009a12.435 12.435 0 0 1-.397.15c-.264.095-.631.223-1.047.35-.816.252-1.879.523-2.71.523-.847 0-1.548-.28-2.158-.525l-.028-.01C7.68 8.71 7.14 8.5 6.5 8.5c-.7 0-1.638.23-2.437.477A19.626 19.626 0 0 0 3 9.342V15.5a.5.5 0 0 1-1 0V.5a.5.5 0 0 1 1 0v.282c.226-.079.496-.17.79-.26C4.606.272 5.67 0 6.5 0c.84 0 1.524.277 2.121.519l.043.018C9.286.788 9.828 1 10.5 1c.7 0 1.638-.23 2.437-.477a19.587 19.587 0 0 0 1.349-.476l.019-.007.004-.002h.001"/>
</svg>
<span class="d-inline">
<% if I18n.locale == :en %>
<abbr title="deutsch">DE</abbr>
<% else %>
<abbr title="englisch">EN</abbr>
<% end %>
</span>
</a>
</div>
</li>
<!-- Intranet -->
<li class="nav-item">
<a class="nav-link" href="https://www.intranet.hs-mittweida.de">
......@@ -89,7 +106,7 @@
</a>
<a class="dropdown-item chevron-right" href="https://www.hs-mittweida.de/webs/career/">
Career Service
</a>
</a>
<div class="dropdown-divider"></div>
<a class="dropdown-item chevron-right" href="https://www.hs-mittweida.de/newsampservice/campusplan/">
Campusplan
......@@ -133,7 +150,7 @@
</div>
</div>
</form>
<a class="nav-link d-sm-block d-lg-none" href="https://www.hs-mittweida.de/newsampservice/suche/">
<svg width="1em" height="1em" viewBox="0 0 16 16" class="bi bi-search text-hsm" fill="currentColor" xmlns="http://www.w3.org/2000/svg">
<path fill-rule="evenodd" d="M10.442 10.442a1 1 0 0 1 1.415 0l3.85 3.85a1 1 0 0 1-1.414 1.415l-3.85-3.85a1 1 0 0 1 0-1.415z"/>
......@@ -145,7 +162,7 @@
</ul>
</div>
</div>
<!--
=====================
Partials/Header.html
......@@ -331,13 +348,13 @@
</li>
<% if @group%>
<li class="breadcrumb-item active" aria-current="page">
<%= @group.name %>
<%= @group.name %>
</li>
<% end %>
</ol>
</nav>
</div>
<!-- Inhaltbereich -->
<div class="container">
<div class="row">
......@@ -356,11 +373,11 @@
</button>
</nav>
<div class="collapse d-md-inline" id="navbarToggleExternalContent">
<p class="h1 d-none d-md-block">
<%= t('sidebar.myGroups') %>
</p>
<a href="<%= url_for controller: 'group', action: 'create' %>" class="btn btn-primary mb-3"><%= t('sidebar.createGroupButton') %></a>
<br>
<nav aria-label="Seitennavigation">
......@@ -379,9 +396,13 @@
Partials/MainContent.html
-->
<main class="col-md-8 col-lg-9 hsmw-main-content">
<h1>Gruppenverwaltung</h1>
<h1>Gruppenverwaltung</h1>
<main role="main" class="ml-3 mt-3 mr-5 w-100">
<div id="alerts"></div>
<%= yield %>
</main>
</main>
......@@ -427,8 +448,8 @@
</p>
</div>
</div>
</div>
</div>
</div>
<!--
......@@ -450,8 +471,8 @@
</div>
</div>
</footer>
<script src="https://cdn.hs-mittweida.de/web/jQuery/jquery-3.5.1.min.js" type="text/javascript"></script>
<script src="https://cdn.hs-mittweida.de/web/bootstrap/4.5.3/js/bootstrap.bundle.min.js" type="text/javascript"></script>
</body>
</html>
\ No newline at end of file
</html>
Rails.application.routes.draw do
get '/createuser', to: 'index#create_user'
post '/createuser', to: 'index#create_user'
get 'group/create', to: 'group#create'
post 'group/create', to: 'group#create'
get 'group/', to: 'group#list'
get 'group/:id', to: 'group#get', constraints: { id: /[0-9]+/ }
post 'group/:id/roles', to: 'group#update_roles', constraints: { id: /[0-9]+/ }
get 'group/:gid/consumer/:id', to: 'consumer#get', constraints: { gid: /[0-9]+/, id: /[0-9]+/ }
post 'group/:gid/consumer/:id', to: 'consumer#update', constraints: { gid: /[0-9]+/, id: /[0-9]+/ }
post 'group/:gid/consumer/:id/config', to: 'consumer#update_config', constraints: { gid: /[0-9]+/, id: /[0-9]+/ }
post 'group/:gid/members', to: 'group#add_user', constraints: { gid: /[0-9]+/ }
delete 'group/:gid/members', to: 'group#remove_user', constraints: { gid: /[0-9]+/ }
get 'group/:gid/consumer/more', to: 'group#select_consumer', constraints: { gid: /[0-9]+/ }
get '/', to: 'index#main'
get 'vpn', to: 'vpn#vpn'
match 'lang/:locale', to: 'index#change_locale', as: :change_locale, via: [:get]
# get '/', to: 'index#index'
get '/vpntest', to: proc{ |env|
[
302,
{"Content-Type" => 'text/plain',
'Location' => '/vpn',
'Set-Cookie' => 'vpn=1; Expires=Fri, 31 Dec 9999 23:59:59 GMT'},
['302 found']
]
}
get '/groupa', to: proc{ |env|
[
302,
{"Content-Type" => 'text/plain',
'Location' => '/',
'Set-Cookie' => 'sessionToken=a; Expires=Fri, 31 Dec 9999 23:59:59 GMT'},
['302 found']
]
}
get '/groupb', to: proc{ |env|
[
302,
{"Content-Type" => 'text/plain',
'Location' => '/',
'Set-Cookie' => 'sessionToken=b; Expires=Fri, 31 Dec 9999 23:59:59 GMT'},
['302 found']
]
}
#get '/', to: redirect('/group')
get '/redoc', to: 'redoc#index'
get '/redoc/spec', to: 'redoc#spec'
get '/swagger', to: 'swagger#index'
# For details on the DSL available within this file, see https://guides.rubyonrails.org/routing.html
scope '(:locale)', locale: /en|de/ do
get '/createuser', to: 'index#create_user'
post '/createuser', to: 'index#create_user'
get 'group/create', to: 'group#create'
post 'group/create', to: 'group#create'
get 'group/', to: 'group#list'
get 'group/:id', to: 'group#get', constraints: { id: /[0-9]+/ }
post 'group/:id/roles', to: 'group#update_roles', constraints: { id: /[0-9]+/ }
get 'group/:gid/consumer/:id', to: 'consumer#get', constraints: { gid: /[0-9]+/, id: /[0-9]+/ }
post 'group/:gid/consumer/:id', to: 'consumer#update', constraints: { gid: /[0-9]+/, id: /[0-9]+/ }
post 'group/:gid/consumer/:id/config', to: 'consumer#update_config', constraints: { gid: /[0-9]+/, id: /[0-9]+/ }
post 'group/:gid/members', to: 'group#add_user', constraints: { gid: /[0-9]+/ }
delete 'group/:gid/members', to: 'group#remove_user', constraints: { gid: /[0-9]+/ }
get 'group/:gid/consumer/more', to: 'group#select_consumer', constraints: { gid: /[0-9]+/ }
get '/', to: 'index#main'
get 'vpn', to: 'vpn#vpn'
match 'lang/:locale', to: 'index#change_locale', as: :change_locale, via: [:get]
# get '/', to: 'index#index'
get '/vpntest', to: proc { |env|
[
302,
{ 'Content-Type' => 'text/plain',
'Location' => '/vpn',
'Set-Cookie' => 'vpn=1; Expires=Fri, 31 Dec 9999 23:59:59 GMT' },
['302 found']
]
}
get '/groupa', to: proc { |env|
[
302,
{ 'Content-Type' => 'text/plain',
'Location' => '/',
'Set-Cookie' => 'sessionToken=a; Expires=Fri, 31 Dec 9999 23:59:59 GMT' },
['302 found']
]
}
get '/groupb', to: proc { |env|
[
302,
{ 'Content-Type' => 'text/plain',
'Location' => '/',
'Set-Cookie' => 'sessionToken=b; Expires=Fri, 31 Dec 9999 23:59:59 GMT' },
['302 found']
]
}
#get '/', to: redirect('/group')
get '/redoc', to: 'redoc#index'
get '/redoc/spec', to: 'redoc#spec'
get '/swagger', to: 'swagger#index'
# For details on the DSL available within this file, see https://guides.rubyonrails.org/routing.html
end
end
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment