authentasaurus 0.4.13 → 0.4.14
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -143,7 +143,7 @@ module ActionController::Authorization
|
|
|
143
143
|
end
|
|
144
144
|
|
|
145
145
|
# Checks if the current user is logged in but takes no further action
|
|
146
|
-
def is_logged_in?(user_model)
|
|
146
|
+
def is_logged_in?(user_model = nil)
|
|
147
147
|
user_model = User if user_model.nil?
|
|
148
148
|
unless user_model.find_by_id(session[:user_id])
|
|
149
149
|
return cookie_login?(user_model)
|
|
@@ -152,7 +152,7 @@ module ActionController::Authorization
|
|
|
152
152
|
end
|
|
153
153
|
|
|
154
154
|
# Logs in the user through a remember me cookie
|
|
155
|
-
def cookie_login?(user_model)
|
|
155
|
+
def cookie_login?(user_model = nil)
|
|
156
156
|
user_model = User if user_model.nil?
|
|
157
157
|
|
|
158
158
|
if cookies[:remember_me_token]
|
|
@@ -13,84 +13,13 @@ module ActionView::Authorization
|
|
|
13
13
|
return user_model.find session[:user_id] if session[:user_id]
|
|
14
14
|
end
|
|
15
15
|
|
|
16
|
-
# Checks if the current user is logged in and redirects to the login path if the user is not logged in.
|
|
17
|
-
#
|
|
18
|
-
# If skip_request is set to true, the user won't be redirected to the original url after he/she logs in.
|
|
19
|
-
def check_logged_in(skip_request = false, user_model = nil)
|
|
20
|
-
unless is_logged_in?(user_model)
|
|
21
|
-
login_required skip_request
|
|
22
|
-
end
|
|
23
|
-
end
|
|
24
|
-
|
|
25
|
-
# Checks if the current user is logged in and has write permission over the current controller, redirects to no access
|
|
26
|
-
# page if the user hasn't the permissions and redirects to the login path if the user is not logged in
|
|
27
|
-
#
|
|
28
|
-
# If skip_request is set to true, the user won't be redirected to the original url after he/she logs in.
|
|
29
|
-
def check_write_permissions(skip_request = false, user_model = nil)
|
|
30
|
-
if is_logged_in?(user_model)
|
|
31
|
-
user_permissions = session[:user_permissions]
|
|
32
|
-
check = user_permissions[:write].find { |perm| perm==self.controller_name || perm=="all" }
|
|
33
|
-
unless check
|
|
34
|
-
redirect_to no_access_sessions_path
|
|
35
|
-
end
|
|
36
|
-
else
|
|
37
|
-
login_required skip_request
|
|
38
|
-
end
|
|
39
|
-
end
|
|
40
|
-
|
|
41
|
-
# Checks if the current user is logged in and has read permission over the current controller, redirects to no access
|
|
42
|
-
# page if the user hasn't the permissions and redirects to the login path if the user is not logged in
|
|
43
|
-
#
|
|
44
|
-
# If skip_request is set to true, the user won't be redirected to the original url after he/she logs in.
|
|
45
|
-
def check_read_permissions(skip_request = false, user_model = nil)
|
|
46
|
-
if is_logged_in?(user_model)
|
|
47
|
-
user_permissions = session[:user_permissions]
|
|
48
|
-
check = user_permissions[:read].find { |perm| perm==self.controller_name || perm=="all" }
|
|
49
|
-
unless check
|
|
50
|
-
redirect_to no_access_sessions_path
|
|
51
|
-
end
|
|
52
|
-
else
|
|
53
|
-
login_required skip_request
|
|
54
|
-
end
|
|
55
|
-
end
|
|
56
|
-
|
|
57
16
|
# Checks if the current user is logged in but takes no further action
|
|
58
|
-
def is_logged_in?(user_model)
|
|
17
|
+
def is_logged_in?(user_model = nil)
|
|
59
18
|
user_model = User if user_model.nil?
|
|
60
19
|
unless user_model.find_by_id(session[:user_id])
|
|
61
|
-
return cookie_login?(user_model)
|
|
62
|
-
end
|
|
63
|
-
return true
|
|
64
|
-
end
|
|
65
|
-
|
|
66
|
-
# Logs in the user through a remember me cookie
|
|
67
|
-
def cookie_login?(user_model)
|
|
68
|
-
user_model = User if user_model.nil?
|
|
69
|
-
|
|
70
|
-
if cookies[:remember_me_token]
|
|
71
|
-
user = user_model.find_by_remember_me_token cookies[:remember_me_token]
|
|
72
|
-
if user.nil?
|
|
73
|
-
cookies.delete :remember_me_token
|
|
74
|
-
return false
|
|
75
|
-
else
|
|
76
|
-
session[:user_id] = user.id
|
|
77
|
-
session[:user_permissions] = {:read => user.permissions.collect{|per| per.area.name if per.read}, :write => user.permissions.collect{|per| per.area.name if per.write}}
|
|
78
|
-
return true
|
|
79
|
-
end
|
|
80
|
-
else
|
|
81
20
|
return false
|
|
82
21
|
end
|
|
83
|
-
|
|
84
|
-
|
|
85
|
-
# Redirects the user to the login page
|
|
86
|
-
#
|
|
87
|
-
# If skip_request is set to true, the user won't be redirected to the original url after he/she logs in.
|
|
88
|
-
def login_required(skip_request)
|
|
89
|
-
unless(skip_request)
|
|
90
|
-
session[:original_url]=request.url
|
|
91
|
-
end
|
|
92
|
-
flash.now[:alert] = t(:login_required, :scope => [:authentasaurus, :action_controller, :errors, :messages])
|
|
93
|
-
redirect_to new_session_path
|
|
22
|
+
return true
|
|
94
23
|
end
|
|
95
24
|
|
|
96
25
|
# Checks if the current user has the appropriate permission
|
metadata
CHANGED
|
@@ -1,13 +1,13 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: authentasaurus
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
hash:
|
|
4
|
+
hash: 19
|
|
5
5
|
prerelease: false
|
|
6
6
|
segments:
|
|
7
7
|
- 0
|
|
8
8
|
- 4
|
|
9
|
-
-
|
|
10
|
-
version: 0.4.
|
|
9
|
+
- 14
|
|
10
|
+
version: 0.4.14
|
|
11
11
|
platform: ruby
|
|
12
12
|
authors:
|
|
13
13
|
- Omar Mekky
|