authentasaurus 0.7.3 → 0.8.3
Sign up to get free protection for your applications and to get access to all the features.
- data/TODO +3 -0
- data/app/controllers/areas_controller.rb +1 -1
- data/app/controllers/groups_controller.rb +1 -1
- data/app/controllers/permissions_controller.rb +1 -1
- data/app/controllers/recoveries_controller.rb +1 -1
- data/app/controllers/registrations_controller.rb +1 -1
- data/app/controllers/sessions_controller.rb +1 -1
- data/app/controllers/user_invitations_controller.rb +1 -1
- data/app/controllers/users_controller.rb +1 -1
- data/app/controllers/validations_controller.rb +1 -1
- data/app/models/area.rb +1 -1
- data/app/models/group.rb +1 -1
- data/app/models/permission.rb +1 -1
- data/app/models/recovery.rb +1 -1
- data/app/models/session.rb +1 -1
- data/app/models/user_invitation.rb +1 -1
- data/app/models/validation.rb +1 -1
- data/lib/authentasaurus.rb +22 -36
- data/lib/authentasaurus/ac/acts_as_overrider.rb +47 -0
- data/lib/authentasaurus/ac/controllers/areas_controller.rb +80 -0
- data/lib/authentasaurus/ac/controllers/groups_controller.rb +81 -0
- data/lib/authentasaurus/ac/controllers/permissions_controller.rb +81 -0
- data/lib/authentasaurus/ac/controllers/recoveries_controller.rb +72 -0
- data/lib/authentasaurus/ac/controllers/registrations_controller.rb +45 -0
- data/lib/authentasaurus/ac/controllers/sessions_controller.rb +58 -0
- data/lib/authentasaurus/ac/controllers/user_invitations_controller.rb +50 -0
- data/lib/authentasaurus/ac/controllers/users_controller.rb +80 -0
- data/lib/authentasaurus/ac/controllers/validations_controller.rb +53 -0
- data/lib/authentasaurus/ac/routing.rb +90 -0
- data/lib/authentasaurus/ar/acts_as_authenticatable.rb +113 -0
- data/lib/authentasaurus/ar/acts_as_authenticatable_validatable.rb +38 -0
- data/lib/authentasaurus/ar/acts_as_overrider.rb +51 -0
- data/lib/authentasaurus/ar/authenticatable.rb +66 -0
- data/lib/authentasaurus/ar/migrations.rb +173 -0
- data/lib/authentasaurus/{models → ar/models}/recovery.rb +3 -3
- data/lib/authentasaurus/{models → ar/models}/session.rb +1 -1
- data/lib/authentasaurus/{models → ar/models}/user_invitation.rb +1 -1
- data/lib/authentasaurus/{models → ar/models}/validation.rb +1 -1
- data/lib/authentasaurus/arel/acts_as_authenticatable.rb +72 -0
- data/lib/authentasaurus/arel/authenticatable.rb +25 -0
- data/lib/authentasaurus/authorization.rb +341 -0
- data/lib/authentasaurus/railtie.rb +4 -4
- data/lib/generators/authentasaurus/install/templates/initializer.rb +1 -1
- data/rdoc/apple-touch-icon.png +0 -0
- data/rdoc/classes/Authentasaurus.html +65 -0
- data/rdoc/classes/Authentasaurus/Ac.html +72 -0
- data/rdoc/classes/Authentasaurus/Ac/ActsAsOverrider.html +104 -0
- data/rdoc/classes/Authentasaurus/Ac/ActsAsOverrider/ClassMethods.html +397 -0
- data/rdoc/classes/Authentasaurus/Ac/Routing.html +61 -0
- data/rdoc/classes/Authentasaurus/Ac/Routing/InstanceMethods.html +390 -0
- data/rdoc/classes/Authentasaurus/Ar.html +77 -0
- data/rdoc/classes/Authentasaurus/Ar/ActsAsAuthenticatable.html +107 -0
- data/rdoc/classes/Authentasaurus/Ar/ActsAsAuthenticatable/ClassMethods.html +168 -0
- data/rdoc/classes/Authentasaurus/Ar/ActsAsAuthenticatable/InstanceMethods.html +357 -0
- data/rdoc/classes/Authentasaurus/Ar/ActsAsAuthenticatableValidatable.html +109 -0
- data/rdoc/classes/Authentasaurus/Ar/ActsAsAuthenticatableValidatable/ClassMethods.html +113 -0
- data/rdoc/classes/Authentasaurus/Ar/ActsAsAuthenticatableValidatable/InstanceMethods.html +54 -0
- data/rdoc/classes/Authentasaurus/Ar/ActsAsOverrider.html +104 -0
- data/rdoc/classes/Authentasaurus/Ar/ActsAsOverrider/ClassMethods.html +320 -0
- data/rdoc/classes/Authentasaurus/Ar/Authenticatable.html +104 -0
- data/rdoc/classes/Authentasaurus/Ar/Authenticatable/ClassMethods.html +182 -0
- data/rdoc/classes/Authentasaurus/Ar/Migrations.html +63 -0
- data/rdoc/classes/Authentasaurus/Ar/Migrations/Columns.html +68 -0
- data/rdoc/classes/Authentasaurus/Ar/Migrations/Columns/InstanceMethods.html +106 -0
- data/rdoc/classes/Authentasaurus/Ar/Migrations/Tables.html +68 -0
- data/rdoc/classes/Authentasaurus/Ar/Migrations/Tables/InstanceMethods.html +703 -0
- data/rdoc/classes/Authentasaurus/Arel.html +65 -0
- data/rdoc/classes/Authentasaurus/Arel/ActsAsAuthenticatable.html +107 -0
- data/rdoc/classes/Authentasaurus/Arel/ActsAsAuthenticatable/ClassMethods.html +139 -0
- data/rdoc/classes/Authentasaurus/Arel/ActsAsAuthenticatable/InstanceMethods.html +113 -0
- data/rdoc/classes/Authentasaurus/Arel/Authenticatable.html +105 -0
- data/rdoc/classes/Authentasaurus/Arel/Authenticatable/ClassMethods.html +119 -0
- data/rdoc/classes/Authentasaurus/Authorization.html +230 -0
- data/rdoc/classes/Authentasaurus/Authorization/ActionController.html +63 -0
- data/rdoc/classes/Authentasaurus/Authorization/ActionController/ClassMethods.html +263 -0
- data/rdoc/classes/Authentasaurus/Authorization/ActionController/InstanceMethods.html +54 -0
- data/rdoc/classes/Authentasaurus/Authorization/ActionView.html +54 -0
- data/rdoc/classes/Authentasaurus/Authorization/CommonInstanceMethods.html +240 -0
- data/rdoc/created.rid +1 -0
- data/rdoc/css/main.css +278 -0
- data/rdoc/css/panel.css +383 -0
- data/rdoc/css/reset.css +53 -0
- data/rdoc/favicon.ico +0 -0
- data/rdoc/files/README_rdoc.html +366 -0
- data/rdoc/files/TODO.html +64 -0
- data/rdoc/files/lib/authentasaurus/ac/acts_as_overrider_rb.html +52 -0
- data/rdoc/files/lib/authentasaurus/ac/routing_rb.html +60 -0
- data/rdoc/files/lib/authentasaurus/ar/acts_as_authenticatable_rb.html +52 -0
- data/rdoc/files/lib/authentasaurus/ar/acts_as_authenticatable_validatable_rb.html +52 -0
- data/rdoc/files/lib/authentasaurus/ar/acts_as_overrider_rb.html +52 -0
- data/rdoc/files/lib/authentasaurus/ar/authenticatable_rb.html +52 -0
- data/rdoc/files/lib/authentasaurus/ar/migrations_rb.html +52 -0
- data/rdoc/files/lib/authentasaurus/arel/acts_as_authenticatable_rb.html +52 -0
- data/rdoc/files/lib/authentasaurus/arel/authenticatable_rb.html +72 -0
- data/rdoc/files/lib/authentasaurus/authorization_rb.html +208 -0
- data/rdoc/i/arrows.png +0 -0
- data/rdoc/i/results_bg.png +0 -0
- data/rdoc/i/tree_bg.png +0 -0
- data/rdoc/index.html +15 -0
- data/rdoc/js/jquery-1.3.2.min.js +19 -0
- data/rdoc/js/jquery-effect.js +593 -0
- data/rdoc/js/main.js +22 -0
- data/rdoc/js/searchdoc.js +628 -0
- data/rdoc/panel/index.html +71 -0
- data/rdoc/panel/search_index.js +1 -0
- data/rdoc/panel/tree.js +1 -0
- metadata +92 -44
- data/lib/action_controller/authorization.rb +0 -215
- data/lib/action_view/authorization.rb +0 -52
- data/lib/active_record/acts_as_authenticatable.rb +0 -111
- data/lib/active_record/acts_as_authenticatable_validatable.rb +0 -36
- data/lib/active_record/authenticatable.rb +0 -64
- data/lib/active_resource/acts_as_authenticatable.rb +0 -70
- data/lib/active_resource/authenticatable.rb +0 -24
- data/lib/authentasaurus/areas_controller.rb +0 -78
- data/lib/authentasaurus/groups_controller.rb +0 -79
- data/lib/authentasaurus/models/area.rb +0 -21
- data/lib/authentasaurus/models/group.rb +0 -19
- data/lib/authentasaurus/models/permission.rb +0 -24
- data/lib/authentasaurus/permissions_controller.rb +0 -79
- data/lib/authentasaurus/recoveries_controller.rb +0 -70
- data/lib/authentasaurus/registrations_controller.rb +0 -43
- data/lib/authentasaurus/sessions_controller.rb +0 -56
- data/lib/authentasaurus/user_invitations_controller.rb +0 -48
- data/lib/authentasaurus/users_controller.rb +0 -78
- data/lib/authentasaurus/validations_controller.rb +0 -51
- data/lib/helpers/migrations.rb +0 -171
- data/lib/helpers/routing.rb +0 -87
@@ -0,0 +1,119 @@
|
|
1
|
+
<?xml version="1.0" encoding="utf-8"?>
|
2
|
+
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
|
3
|
+
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
4
|
+
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
|
5
|
+
<head>
|
6
|
+
<title>Authentasaurus::Arel::Authenticatable::ClassMethods</title>
|
7
|
+
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
|
8
|
+
<link rel="stylesheet" href="../../../../css/reset.css" type="text/css" media="screen" />
|
9
|
+
<link rel="stylesheet" href="../../../../css/main.css" type="text/css" media="screen" />
|
10
|
+
<script src="../../../../js/jquery-1.3.2.min.js" type="text/javascript" charset="utf-8"></script>
|
11
|
+
<script src="../../../../js/jquery-effect.js" type="text/javascript" charset="utf-8"></script>
|
12
|
+
<script src="../../../../js/main.js" type="text/javascript" charset="utf-8"></script>
|
13
|
+
</head>
|
14
|
+
|
15
|
+
<body>
|
16
|
+
<div class="banner">
|
17
|
+
<h1>
|
18
|
+
<span class="type">Module</span>
|
19
|
+
Authentasaurus::Arel::Authenticatable::ClassMethods
|
20
|
+
|
21
|
+
</h1>
|
22
|
+
<ul class="files">
|
23
|
+
|
24
|
+
<li><a href="../../../../files/lib/authentasaurus/arel/authenticatable_rb.html">lib/authentasaurus/arel/authenticatable.rb</a></li>
|
25
|
+
|
26
|
+
</ul>
|
27
|
+
</div>
|
28
|
+
<div id="bodyContent">
|
29
|
+
<div id="content">
|
30
|
+
|
31
|
+
|
32
|
+
|
33
|
+
|
34
|
+
|
35
|
+
|
36
|
+
|
37
|
+
|
38
|
+
|
39
|
+
<div class="sectiontitle">Methods</div>
|
40
|
+
<dl class="methods">
|
41
|
+
|
42
|
+
<dt>A</dt>
|
43
|
+
<dd>
|
44
|
+
<ul>
|
45
|
+
|
46
|
+
<li><a href="#M000001">authenticatable</a></li>
|
47
|
+
|
48
|
+
</ul>
|
49
|
+
</dd>
|
50
|
+
|
51
|
+
</dl>
|
52
|
+
|
53
|
+
|
54
|
+
|
55
|
+
<div class="sectiontitle">Included Modules</div>
|
56
|
+
<ul>
|
57
|
+
|
58
|
+
<li>
|
59
|
+
|
60
|
+
<a href="../../Ac/Routing/InstanceMethods.html">Authentasaurus::Ac::Routing::InstanceMethods</a>
|
61
|
+
|
62
|
+
START:includes
|
63
|
+
</li>
|
64
|
+
|
65
|
+
</ul>
|
66
|
+
|
67
|
+
|
68
|
+
|
69
|
+
|
70
|
+
|
71
|
+
|
72
|
+
|
73
|
+
|
74
|
+
|
75
|
+
|
76
|
+
|
77
|
+
<div class="sectiontitle">Instance Public methods</div>
|
78
|
+
|
79
|
+
<div class="method">
|
80
|
+
<div class="title" id="M000001">
|
81
|
+
|
82
|
+
<a name="M000001"></a><b>authenticatable</b>(*args)
|
83
|
+
|
84
|
+
</div>
|
85
|
+
|
86
|
+
|
87
|
+
|
88
|
+
|
89
|
+
<div class="sourcecode">
|
90
|
+
<p class="source-link">
|
91
|
+
Source: <a href="javascript:toggleSource('M000001_source')" id="l_M000001_source">show</a>
|
92
|
+
|
93
|
+
| <a href="http://github.com/cousine/Authentasuarus-2/blob/9f35019b78d87fdf386c9d64834171263868b8aa/lib/authentasaurus/arel/authenticatable.rb#L10" target="_blank" class="github_url">on GitHub</a>
|
94
|
+
|
95
|
+
</p>
|
96
|
+
<div id="M000001_source" class="dyn-source">
|
97
|
+
<pre><span class="ruby-comment cmt"># File lib/authentasaurus/arel/authenticatable.rb, line 10</span>
|
98
|
+
<span class="ruby-keyword kw">def</span> <span class="ruby-identifier">authenticatable</span>(<span class="ruby-operator">*</span><span class="ruby-identifier">args</span>)
|
99
|
+
<span class="ruby-keyword kw">self</span>.<span class="ruby-identifier">unloadable</span>
|
100
|
+
<span class="ruby-identifier">options</span> = <span class="ruby-identifier">args</span>.<span class="ruby-identifier">extract_options!</span>
|
101
|
+
|
102
|
+
<span class="ruby-keyword kw">self</span>.<span class="ruby-identifier">site</span> = <span class="ruby-identifier">options</span>[<span class="ruby-identifier">:site</span>] <span class="ruby-operator">||</span> <span class="ruby-constant">Rails</span>.<span class="ruby-identifier">application</span>.<span class="ruby-identifier">config</span>.<span class="ruby-identifier">authentasaurus</span>[<span class="ruby-identifier">:modules</span>][<span class="ruby-identifier">:remote</span>][<span class="ruby-keyword kw">self</span>.<span class="ruby-identifier">name</span>.<span class="ruby-identifier">underscore</span>.<span class="ruby-identifier">gsub</span>(<span class="ruby-regexp re">/_sync/</span>, <span class="ruby-value str">""</span>).<span class="ruby-identifier">to_sym</span>][<span class="ruby-identifier">:site</span>]
|
103
|
+
<span class="ruby-keyword kw">self</span>.<span class="ruby-identifier">element_name</span> = <span class="ruby-identifier">options</span>[<span class="ruby-identifier">:session_element</span>].<span class="ruby-identifier">try</span>(<span class="ruby-identifier">:to_s</span>) <span class="ruby-operator">||</span> <span class="ruby-constant">Rails</span>.<span class="ruby-identifier">application</span>.<span class="ruby-identifier">config</span>.<span class="ruby-identifier">authentasaurus</span>[<span class="ruby-identifier">:modules</span>][<span class="ruby-identifier">:remote</span>][<span class="ruby-keyword kw">self</span>.<span class="ruby-identifier">name</span>.<span class="ruby-identifier">underscore</span>.<span class="ruby-identifier">gsub</span>(<span class="ruby-regexp re">/_sync/</span>, <span class="ruby-value str">""</span>).<span class="ruby-identifier">to_sym</span>][<span class="ruby-identifier">:session_element</span>]
|
104
|
+
<span class="ruby-keyword kw">self</span>.<span class="ruby-identifier">sync</span> = <span class="ruby-identifier">options</span>[<span class="ruby-identifier">:sync</span>] <span class="ruby-operator">||</span> <span class="ruby-constant">Rails</span>.<span class="ruby-identifier">application</span>.<span class="ruby-identifier">config</span>.<span class="ruby-identifier">authentasaurus</span>[<span class="ruby-identifier">:modules</span>][<span class="ruby-identifier">:remote</span>][<span class="ruby-keyword kw">self</span>.<span class="ruby-identifier">name</span>.<span class="ruby-identifier">underscore</span>.<span class="ruby-identifier">gsub</span>(<span class="ruby-regexp re">/_sync/</span>, <span class="ruby-value str">""</span>).<span class="ruby-identifier">to_sym</span>][<span class="ruby-identifier">:sync</span>]
|
105
|
+
<span class="ruby-keyword kw">self</span>.<span class="ruby-identifier">sync_to</span> = <span class="ruby-identifier">options</span>[<span class="ruby-identifier">:sync_to</span>].<span class="ruby-identifier">try</span>(<span class="ruby-identifier">:to_s</span>).<span class="ruby-identifier">try</span>(<span class="ruby-identifier">:camelize</span>).<span class="ruby-identifier">try</span>(<span class="ruby-identifier">:constantize</span>) <span class="ruby-operator">||</span> <span class="ruby-constant">Rails</span>.<span class="ruby-identifier">application</span>.<span class="ruby-identifier">config</span>.<span class="ruby-identifier">authentasaurus</span>[<span class="ruby-identifier">:modules</span>][<span class="ruby-identifier">:remote</span>][<span class="ruby-keyword kw">self</span>.<span class="ruby-identifier">name</span>.<span class="ruby-identifier">underscore</span>.<span class="ruby-identifier">gsub</span>(<span class="ruby-regexp re">/_sync/</span>, <span class="ruby-value str">""</span>).<span class="ruby-identifier">to_sym</span>][<span class="ruby-identifier">:sync_to</span>].<span class="ruby-identifier">camelize</span>.<span class="ruby-identifier">constantize</span>
|
106
|
+
|
107
|
+
|
108
|
+
<span class="ruby-comment cmt"># include authentication methods</span>
|
109
|
+
<span class="ruby-identifier">include</span> <span class="ruby-constant">Authentasaurus</span><span class="ruby-operator">::</span><span class="ruby-constant">Arel</span><span class="ruby-operator">::</span><span class="ruby-constant">ActsAsAuthenticatable</span>
|
110
|
+
<span class="ruby-keyword kw">end</span></pre>
|
111
|
+
</div>
|
112
|
+
</div>
|
113
|
+
|
114
|
+
</div>
|
115
|
+
|
116
|
+
</div>
|
117
|
+
</div>
|
118
|
+
</body>
|
119
|
+
</html>
|
@@ -0,0 +1,230 @@
|
|
1
|
+
<?xml version="1.0" encoding="utf-8"?>
|
2
|
+
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
|
3
|
+
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
4
|
+
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
|
5
|
+
<head>
|
6
|
+
<title>Authentasaurus::Authorization</title>
|
7
|
+
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
|
8
|
+
<link rel="stylesheet" href="../../css/reset.css" type="text/css" media="screen" />
|
9
|
+
<link rel="stylesheet" href="../../css/main.css" type="text/css" media="screen" />
|
10
|
+
<script src="../../js/jquery-1.3.2.min.js" type="text/javascript" charset="utf-8"></script>
|
11
|
+
<script src="../../js/jquery-effect.js" type="text/javascript" charset="utf-8"></script>
|
12
|
+
<script src="../../js/main.js" type="text/javascript" charset="utf-8"></script>
|
13
|
+
</head>
|
14
|
+
|
15
|
+
<body>
|
16
|
+
<div class="banner">
|
17
|
+
<h1>
|
18
|
+
<span class="type">Module</span>
|
19
|
+
Authentasaurus::Authorization
|
20
|
+
|
21
|
+
</h1>
|
22
|
+
<ul class="files">
|
23
|
+
|
24
|
+
<li><a href="../../files/lib/authentasaurus/authorization_rb.html">lib/authentasaurus/authorization.rb</a></li>
|
25
|
+
|
26
|
+
</ul>
|
27
|
+
</div>
|
28
|
+
<div id="bodyContent">
|
29
|
+
<div id="content">
|
30
|
+
|
31
|
+
<div class="description">
|
32
|
+
<h1><a href="Authorization.html">Authorization</a> Helpers</h1>
|
33
|
+
<p>
|
34
|
+
The authorization module provides helpers for restricting access to your
|
35
|
+
controllers.
|
36
|
+
</p>
|
37
|
+
<p>
|
38
|
+
Each controller is considered an area in <a
|
39
|
+
href="../Authentasaurus.html">Authentasaurus</a>, for example
|
40
|
+
UsersController stands for “users” area. Each area must be
|
41
|
+
defined in the Areas table so <a
|
42
|
+
href="../Authentasaurus.html">Authentasaurus</a> can control access to it.
|
43
|
+
</p>
|
44
|
+
<p>
|
45
|
+
<a href="../Authentasaurus.html">Authentasaurus</a> provides a simple rake
|
46
|
+
task to define areas automatically:
|
47
|
+
</p>
|
48
|
+
<pre>
|
49
|
+
rake authentasaurus:create_areas
|
50
|
+
</pre>
|
51
|
+
<h2>Restricting Access</h2>
|
52
|
+
<p>
|
53
|
+
You can restrict access to any controller using one of the following class
|
54
|
+
methods on your controller.
|
55
|
+
</p>
|
56
|
+
<p>
|
57
|
+
At login, <a href="../Authentasaurus.html">Authentasaurus</a> will load the
|
58
|
+
permissions of the group the user belongs to in the session and will use
|
59
|
+
them to authorize access to the area.
|
60
|
+
</p>
|
61
|
+
<p>
|
62
|
+
There are three levels of restriction in <a
|
63
|
+
href="../Authentasaurus.html">Authentasaurus</a>, login, read and write;
|
64
|
+
with the exception of login, read and write don’t have any logic
|
65
|
+
behind them; they are defined using the Permission and are only
|
66
|
+
symbolically named i.e.: you can use read instead of write and vice versa
|
67
|
+
it only depends on how you use them.
|
68
|
+
</p>
|
69
|
+
<h3>Restricting access to logged in users</h3>
|
70
|
+
<p>
|
71
|
+
You can restrict access to an area to logged in users only using the <a
|
72
|
+
href="Authorization/ActionController/ClassMethods.html#M000011">ActionController::ClassMethods#require_login</a>
|
73
|
+
class method.
|
74
|
+
</p>
|
75
|
+
<p>
|
76
|
+
Consider the following example restricting access to the pages controller
|
77
|
+
to only logged in users:
|
78
|
+
</p>
|
79
|
+
<pre>
|
80
|
+
class PagesController < ActionController::Base
|
81
|
+
require_login
|
82
|
+
...
|
83
|
+
end
|
84
|
+
</pre>
|
85
|
+
<p>
|
86
|
+
You can also specify which actions to restrict:
|
87
|
+
</p>
|
88
|
+
<pre>
|
89
|
+
require_login :new, :create, :index
|
90
|
+
</pre>
|
91
|
+
<p>
|
92
|
+
<a href="../Authentasaurus.html">Authentasaurus</a> will automatically
|
93
|
+
redirect users to the sign-in page if they try accessing the area while
|
94
|
+
they are not logged in. Once the user logs in he/she is redirected back to
|
95
|
+
his/her original destination unless you explicitly skip that behaviour:
|
96
|
+
</p>
|
97
|
+
<pre>
|
98
|
+
require_login :skip_request => true
|
99
|
+
</pre>
|
100
|
+
<h3>Restricting access according to permissions</h3>
|
101
|
+
<p>
|
102
|
+
Unlike the login restriction, permissions restrictions checks if the user
|
103
|
+
is logged in and has the permission to access the area.
|
104
|
+
</p>
|
105
|
+
<p>
|
106
|
+
Users get permissions from their parent group and permissions are
|
107
|
+
dynamically set in the database.
|
108
|
+
</p>
|
109
|
+
<p>
|
110
|
+
<a href="../Authentasaurus.html">Authentasaurus</a> currently supports only
|
111
|
+
two permissions, read and write, both permissions are symbolically named,
|
112
|
+
they have no meaning.
|
113
|
+
</p>
|
114
|
+
<h4>Restricting access to users with read permission</h4>
|
115
|
+
<pre>
|
116
|
+
class PagesController < ActionController::Base
|
117
|
+
require_read
|
118
|
+
...
|
119
|
+
end
|
120
|
+
</pre>
|
121
|
+
<p>
|
122
|
+
<a
|
123
|
+
href="Authorization/ActionController/ClassMethods.html#M000013">ActionController::ClassMethods#require_read</a>
|
124
|
+
takes the same options as <a
|
125
|
+
href="Authorization/ActionController/ClassMethods.html#M000011">ActionController::ClassMethods#require_login</a>
|
126
|
+
and <a
|
127
|
+
href="Authorization/ActionController/ClassMethods.html#M000012">ActionController::ClassMethods#require_write</a>
|
128
|
+
</p>
|
129
|
+
<h4>Restricting access to users with write permission</h4>
|
130
|
+
<pre>
|
131
|
+
class PagesController < ActionController::Base
|
132
|
+
require_write
|
133
|
+
...
|
134
|
+
end
|
135
|
+
</pre>
|
136
|
+
<p>
|
137
|
+
<a
|
138
|
+
href="Authorization/ActionController/ClassMethods.html#M000012">ActionController::ClassMethods#require_write</a>
|
139
|
+
takes the same options as <a
|
140
|
+
href="Authorization/ActionController/ClassMethods.html#M000011">ActionController::ClassMethods#require_login</a>
|
141
|
+
and <a
|
142
|
+
href="Authorization/ActionController/ClassMethods.html#M000013">ActionController::ClassMethods#require_read</a>
|
143
|
+
</p>
|
144
|
+
<h2>Checking if the user is logged in in actions or views</h2>
|
145
|
+
<p>
|
146
|
+
Along with the class helpers, <a
|
147
|
+
href="../Authentasaurus.html">Authentasaurus</a> includes a helper to check
|
148
|
+
if the user is logged in inside any of your actions:
|
149
|
+
</p>
|
150
|
+
<pre>
|
151
|
+
is_logged_in?
|
152
|
+
</pre>
|
153
|
+
<p>
|
154
|
+
Check <a
|
155
|
+
href="Authorization/CommonInstanceMethods.html#M000009">ActionController::CommonInstanceMethods#is_logged_in?</a>
|
156
|
+
for more information.
|
157
|
+
</p>
|
158
|
+
<h2>Checking permissions in actions or views</h2>
|
159
|
+
<p>
|
160
|
+
You can also check if the logged in user has a certain permission.
|
161
|
+
</p>
|
162
|
+
<p>
|
163
|
+
Consider the following example to check if the logged in user has read
|
164
|
+
permission on the current area
|
165
|
+
</p>
|
166
|
+
<pre>
|
167
|
+
has?(:read)
|
168
|
+
</pre>
|
169
|
+
<p>
|
170
|
+
You can also check permissions on an area while in another, for example to
|
171
|
+
check if the current user has write permission on the users area:
|
172
|
+
</p>
|
173
|
+
<pre>
|
174
|
+
has?(:write,:users)
|
175
|
+
</pre>
|
176
|
+
<p>
|
177
|
+
Check <a
|
178
|
+
href="Authorization/CommonInstanceMethods.html#M000006">ActionController::CommonInstanceMethods#has?</a>
|
179
|
+
for more information.
|
180
|
+
</p>
|
181
|
+
<h2>Retrieving the current user in actions or views</h2>
|
182
|
+
<p>
|
183
|
+
To get the logged in user you can use the following helper:
|
184
|
+
</p>
|
185
|
+
<pre>
|
186
|
+
current_user
|
187
|
+
</pre>
|
188
|
+
<p>
|
189
|
+
Check <a
|
190
|
+
href="Authorization/CommonInstanceMethods.html#M000005">ActionController::CommonInstanceMethods#current_user</a>
|
191
|
+
for more information.
|
192
|
+
</p>
|
193
|
+
|
194
|
+
</div>
|
195
|
+
|
196
|
+
|
197
|
+
|
198
|
+
|
199
|
+
|
200
|
+
|
201
|
+
|
202
|
+
|
203
|
+
|
204
|
+
|
205
|
+
|
206
|
+
|
207
|
+
|
208
|
+
|
209
|
+
|
210
|
+
<div class="sectiontitle">Classes and Modules</div>
|
211
|
+
<ul>
|
212
|
+
|
213
|
+
<li><span class="type">MODULE</span> <a href="Authorization/ActionController.html">Authentasaurus::Authorization::ActionController</a></li>
|
214
|
+
|
215
|
+
<li><span class="type">MODULE</span> <a href="Authorization/ActionView.html">Authentasaurus::Authorization::ActionView</a></li>
|
216
|
+
|
217
|
+
<li><span class="type">MODULE</span> <a href="Authorization/CommonInstanceMethods.html">Authentasaurus::Authorization::CommonInstanceMethods</a></li>
|
218
|
+
|
219
|
+
</ul>
|
220
|
+
|
221
|
+
|
222
|
+
|
223
|
+
|
224
|
+
|
225
|
+
|
226
|
+
|
227
|
+
</div>
|
228
|
+
</div>
|
229
|
+
</body>
|
230
|
+
</html>
|
@@ -0,0 +1,63 @@
|
|
1
|
+
<?xml version="1.0" encoding="utf-8"?>
|
2
|
+
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
|
3
|
+
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
4
|
+
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
|
5
|
+
<head>
|
6
|
+
<title>Authentasaurus::Authorization::ActionController</title>
|
7
|
+
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
|
8
|
+
<link rel="stylesheet" href="../../../css/reset.css" type="text/css" media="screen" />
|
9
|
+
<link rel="stylesheet" href="../../../css/main.css" type="text/css" media="screen" />
|
10
|
+
<script src="../../../js/jquery-1.3.2.min.js" type="text/javascript" charset="utf-8"></script>
|
11
|
+
<script src="../../../js/jquery-effect.js" type="text/javascript" charset="utf-8"></script>
|
12
|
+
<script src="../../../js/main.js" type="text/javascript" charset="utf-8"></script>
|
13
|
+
</head>
|
14
|
+
|
15
|
+
<body>
|
16
|
+
<div class="banner">
|
17
|
+
<h1>
|
18
|
+
<span class="type">Module</span>
|
19
|
+
Authentasaurus::Authorization::ActionController
|
20
|
+
|
21
|
+
</h1>
|
22
|
+
<ul class="files">
|
23
|
+
|
24
|
+
<li><a href="../../../files/lib/authentasaurus/authorization_rb.html">lib/authentasaurus/authorization.rb</a></li>
|
25
|
+
|
26
|
+
</ul>
|
27
|
+
</div>
|
28
|
+
<div id="bodyContent">
|
29
|
+
<div id="content">
|
30
|
+
|
31
|
+
|
32
|
+
|
33
|
+
|
34
|
+
|
35
|
+
|
36
|
+
|
37
|
+
|
38
|
+
|
39
|
+
|
40
|
+
|
41
|
+
|
42
|
+
|
43
|
+
|
44
|
+
|
45
|
+
<div class="sectiontitle">Classes and Modules</div>
|
46
|
+
<ul>
|
47
|
+
|
48
|
+
<li><span class="type">MODULE</span> <a href="ActionController/ClassMethods.html">Authentasaurus::Authorization::ActionController::ClassMethods</a></li>
|
49
|
+
|
50
|
+
<li><span class="type">MODULE</span> <a href="ActionController/InstanceMethods.html">Authentasaurus::Authorization::ActionController::InstanceMethods</a></li>
|
51
|
+
|
52
|
+
</ul>
|
53
|
+
|
54
|
+
|
55
|
+
|
56
|
+
|
57
|
+
|
58
|
+
|
59
|
+
|
60
|
+
</div>
|
61
|
+
</div>
|
62
|
+
</body>
|
63
|
+
</html>
|
@@ -0,0 +1,263 @@
|
|
1
|
+
<?xml version="1.0" encoding="utf-8"?>
|
2
|
+
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
|
3
|
+
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
4
|
+
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
|
5
|
+
<head>
|
6
|
+
<title>Authentasaurus::Authorization::ActionController::ClassMethods</title>
|
7
|
+
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
|
8
|
+
<link rel="stylesheet" href="../../../../css/reset.css" type="text/css" media="screen" />
|
9
|
+
<link rel="stylesheet" href="../../../../css/main.css" type="text/css" media="screen" />
|
10
|
+
<script src="../../../../js/jquery-1.3.2.min.js" type="text/javascript" charset="utf-8"></script>
|
11
|
+
<script src="../../../../js/jquery-effect.js" type="text/javascript" charset="utf-8"></script>
|
12
|
+
<script src="../../../../js/main.js" type="text/javascript" charset="utf-8"></script>
|
13
|
+
</head>
|
14
|
+
|
15
|
+
<body>
|
16
|
+
<div class="banner">
|
17
|
+
<h1>
|
18
|
+
<span class="type">Module</span>
|
19
|
+
Authentasaurus::Authorization::ActionController::ClassMethods
|
20
|
+
|
21
|
+
</h1>
|
22
|
+
<ul class="files">
|
23
|
+
|
24
|
+
<li><a href="../../../../files/lib/authentasaurus/authorization_rb.html">lib/authentasaurus/authorization.rb</a></li>
|
25
|
+
|
26
|
+
</ul>
|
27
|
+
</div>
|
28
|
+
<div id="bodyContent">
|
29
|
+
<div id="content">
|
30
|
+
|
31
|
+
|
32
|
+
|
33
|
+
|
34
|
+
|
35
|
+
|
36
|
+
|
37
|
+
|
38
|
+
|
39
|
+
<div class="sectiontitle">Methods</div>
|
40
|
+
<dl class="methods">
|
41
|
+
|
42
|
+
<dt>R</dt>
|
43
|
+
<dd>
|
44
|
+
<ul>
|
45
|
+
|
46
|
+
<li><a href="#M000011">require_login</a>,</li>
|
47
|
+
|
48
|
+
<li><a href="#M000013">require_read</a>,</li>
|
49
|
+
|
50
|
+
<li><a href="#M000012">require_write</a></li>
|
51
|
+
|
52
|
+
</ul>
|
53
|
+
</dd>
|
54
|
+
|
55
|
+
</dl>
|
56
|
+
|
57
|
+
|
58
|
+
|
59
|
+
|
60
|
+
|
61
|
+
|
62
|
+
|
63
|
+
|
64
|
+
|
65
|
+
|
66
|
+
|
67
|
+
|
68
|
+
|
69
|
+
<div class="sectiontitle">Instance Public methods</div>
|
70
|
+
|
71
|
+
<div class="method">
|
72
|
+
<div class="title" id="M000011">
|
73
|
+
|
74
|
+
<a name="M000011"></a><b>require_login</b>(*attrs)
|
75
|
+
|
76
|
+
</div>
|
77
|
+
|
78
|
+
<div class="description">
|
79
|
+
<p>
|
80
|
+
Requires the user to login before accessing the actions specified
|
81
|
+
</p>
|
82
|
+
<p>
|
83
|
+
<b>ex:</b> Tells <a href="../../../Authentasaurus.html">Authentasaurus</a>
|
84
|
+
that the action destroy requires login and that <a
|
85
|
+
href="../../../Authentasaurus.html">Authentasaurus</a> shouldn’t
|
86
|
+
store the request in the session (typically for logout actions).
|
87
|
+
</p>
|
88
|
+
<pre>
|
89
|
+
require_login :destroy, :skip_request => true
|
90
|
+
</pre>
|
91
|
+
<p>
|
92
|
+
<b>Options</b>
|
93
|
+
</p>
|
94
|
+
<pre>
|
95
|
+
:skip_request - skips saving the original request (to redirect to after login)
|
96
|
+
:user_model - if defined, authentasaurus will use that model instead of the default "User"
|
97
|
+
:if - specifies a method, proc or string to call to determine if the authorization should occur
|
98
|
+
:unless - specifies a method, proc or string to call to determine if the authorization should not occur
|
99
|
+
</pre>
|
100
|
+
|
101
|
+
</div>
|
102
|
+
|
103
|
+
|
104
|
+
|
105
|
+
|
106
|
+
<div class="sourcecode">
|
107
|
+
<p class="source-link">
|
108
|
+
Source: <a href="javascript:toggleSource('M000011_source')" id="l_M000011_source">show</a>
|
109
|
+
|
110
|
+
| <a href="http://github.com/cousine/Authentasuarus-2/blob/9f35019b78d87fdf386c9d64834171263868b8aa/lib/authentasaurus/authorization.rb#L183" target="_blank" class="github_url">on GitHub</a>
|
111
|
+
|
112
|
+
</p>
|
113
|
+
<div id="M000011_source" class="dyn-source">
|
114
|
+
<pre><span class="ruby-comment cmt"># File lib/authentasaurus/authorization.rb, line 183</span>
|
115
|
+
<span class="ruby-keyword kw">def</span> <span class="ruby-identifier">require_login</span> (<span class="ruby-operator">*</span><span class="ruby-identifier">attrs</span>)
|
116
|
+
<span class="ruby-identifier">options</span> = <span class="ruby-identifier">attrs</span>.<span class="ruby-identifier">extract_options!</span>.<span class="ruby-identifier">symbolize_keys</span>
|
117
|
+
<span class="ruby-identifier">attrs</span> = <span class="ruby-identifier">attrs</span>.<span class="ruby-identifier">flatten</span>
|
118
|
+
|
119
|
+
<span class="ruby-keyword kw">unless</span> <span class="ruby-identifier">attrs</span>.<span class="ruby-identifier">empty?</span>
|
120
|
+
<span class="ruby-identifier">before_filter</span> <span class="ruby-identifier">:only</span> =<span class="ruby-operator">></span> <span class="ruby-identifier">attrs</span>, <span class="ruby-identifier">:if</span> =<span class="ruby-operator">></span> <span class="ruby-identifier">options</span>[<span class="ruby-identifier">:if</span>], <span class="ruby-identifier">:unless</span> =<span class="ruby-operator">></span> <span class="ruby-identifier">options</span>[<span class="ruby-identifier">:unless</span>] <span class="ruby-keyword kw">do</span> <span class="ruby-operator">|</span><span class="ruby-identifier">controller</span><span class="ruby-operator">|</span>
|
121
|
+
<span class="ruby-identifier">controller</span>.<span class="ruby-identifier">instance_eval</span> {<span class="ruby-identifier">check_logged_in</span> <span class="ruby-operator">!</span><span class="ruby-identifier">options</span>[<span class="ruby-identifier">:skip_request</span>].<span class="ruby-identifier">nil?</span>, <span class="ruby-identifier">options</span>[<span class="ruby-identifier">:user_model</span>]}
|
122
|
+
<span class="ruby-keyword kw">end</span>
|
123
|
+
<span class="ruby-keyword kw">else</span>
|
124
|
+
<span class="ruby-identifier">before_filter</span> <span class="ruby-identifier">:if</span> =<span class="ruby-operator">></span> <span class="ruby-identifier">options</span>[<span class="ruby-identifier">:if</span>], <span class="ruby-identifier">:unless</span> =<span class="ruby-operator">></span> <span class="ruby-identifier">options</span>[<span class="ruby-identifier">:unless</span>] <span class="ruby-keyword kw">do</span> <span class="ruby-operator">|</span><span class="ruby-identifier">c</span><span class="ruby-operator">|</span>
|
125
|
+
<span class="ruby-identifier">c</span>.<span class="ruby-identifier">instance_eval</span> {<span class="ruby-identifier">check_logged_in</span> <span class="ruby-operator">!</span><span class="ruby-identifier">options</span>[<span class="ruby-identifier">:skip_request</span>].<span class="ruby-identifier">nil?</span>, <span class="ruby-identifier">options</span>[<span class="ruby-identifier">:user_model</span>]}
|
126
|
+
<span class="ruby-keyword kw">end</span>
|
127
|
+
<span class="ruby-keyword kw">end</span>
|
128
|
+
<span class="ruby-keyword kw">end</span></pre>
|
129
|
+
</div>
|
130
|
+
</div>
|
131
|
+
|
132
|
+
</div>
|
133
|
+
|
134
|
+
<div class="method">
|
135
|
+
<div class="title" id="M000013">
|
136
|
+
|
137
|
+
<a name="M000013"></a><b>require_read</b>(*attrs)
|
138
|
+
|
139
|
+
</div>
|
140
|
+
|
141
|
+
<div class="description">
|
142
|
+
<p>
|
143
|
+
Requires the user to have a read permission to that area to access the
|
144
|
+
actions specified
|
145
|
+
</p>
|
146
|
+
<p>
|
147
|
+
<b>ex:</b> Tells <a href="../../../Authentasaurus.html">Authentasaurus</a>
|
148
|
+
that the action show_user requires login and read permission.
|
149
|
+
</p>
|
150
|
+
<pre>
|
151
|
+
require_read :show_user
|
152
|
+
</pre>
|
153
|
+
<p>
|
154
|
+
<b>Options</b>
|
155
|
+
</p>
|
156
|
+
<pre>
|
157
|
+
:skip_request - skips saving the original request (to redirect to after login)
|
158
|
+
:user_model - if defined, authentasaurus will use that model instead of the default "User"
|
159
|
+
:if - specifies a method, proc or string to call to determine if the authorization should occur
|
160
|
+
:unless - specifies a method, proc or string to call to determine if the authorization should not occur
|
161
|
+
</pre>
|
162
|
+
|
163
|
+
</div>
|
164
|
+
|
165
|
+
|
166
|
+
|
167
|
+
|
168
|
+
<div class="sourcecode">
|
169
|
+
<p class="source-link">
|
170
|
+
Source: <a href="javascript:toggleSource('M000013_source')" id="l_M000013_source">show</a>
|
171
|
+
|
172
|
+
| <a href="http://github.com/cousine/Authentasuarus-2/blob/9f35019b78d87fdf386c9d64834171263868b8aa/lib/authentasaurus/authorization.rb#L239" target="_blank" class="github_url">on GitHub</a>
|
173
|
+
|
174
|
+
</p>
|
175
|
+
<div id="M000013_source" class="dyn-source">
|
176
|
+
<pre><span class="ruby-comment cmt"># File lib/authentasaurus/authorization.rb, line 239</span>
|
177
|
+
<span class="ruby-keyword kw">def</span> <span class="ruby-identifier">require_read</span>(<span class="ruby-operator">*</span><span class="ruby-identifier">attrs</span>)
|
178
|
+
<span class="ruby-identifier">options</span> = <span class="ruby-identifier">attrs</span>.<span class="ruby-identifier">extract_options!</span>.<span class="ruby-identifier">symbolize_keys</span>
|
179
|
+
<span class="ruby-identifier">attrs</span> = <span class="ruby-identifier">attrs</span>.<span class="ruby-identifier">flatten</span>
|
180
|
+
|
181
|
+
<span class="ruby-keyword kw">unless</span> <span class="ruby-identifier">attrs</span>.<span class="ruby-identifier">empty?</span>
|
182
|
+
<span class="ruby-identifier">before_filter</span> <span class="ruby-identifier">:only</span> =<span class="ruby-operator">></span> <span class="ruby-identifier">attrs</span>, <span class="ruby-identifier">:if</span> =<span class="ruby-operator">></span> <span class="ruby-identifier">options</span>[<span class="ruby-identifier">:if</span>], <span class="ruby-identifier">:unless</span> =<span class="ruby-operator">></span> <span class="ruby-identifier">options</span>[<span class="ruby-identifier">:unless</span>] <span class="ruby-keyword kw">do</span> <span class="ruby-operator">|</span><span class="ruby-identifier">controller</span><span class="ruby-operator">|</span>
|
183
|
+
<span class="ruby-identifier">controller</span>.<span class="ruby-identifier">instance_eval</span> { <span class="ruby-identifier">check_read_permissions</span> <span class="ruby-operator">!</span><span class="ruby-identifier">options</span>[<span class="ruby-identifier">:skip_request</span>].<span class="ruby-identifier">nil?</span>, <span class="ruby-identifier">options</span>[<span class="ruby-identifier">:user_model</span>] }
|
184
|
+
<span class="ruby-keyword kw">end</span>
|
185
|
+
<span class="ruby-keyword kw">else</span>
|
186
|
+
<span class="ruby-identifier">before_filter</span> <span class="ruby-identifier">:if</span> =<span class="ruby-operator">></span> <span class="ruby-identifier">options</span>[<span class="ruby-identifier">:if</span>], <span class="ruby-identifier">:unless</span> =<span class="ruby-operator">></span> <span class="ruby-identifier">options</span>[<span class="ruby-identifier">:unless</span>] <span class="ruby-keyword kw">do</span> <span class="ruby-operator">|</span><span class="ruby-identifier">c</span><span class="ruby-operator">|</span>
|
187
|
+
<span class="ruby-identifier">c</span>.<span class="ruby-identifier">instance_eval</span> { <span class="ruby-identifier">check_read_permissions</span> <span class="ruby-operator">!</span><span class="ruby-identifier">options</span>[<span class="ruby-identifier">:skip_request</span>].<span class="ruby-identifier">nil?</span>, <span class="ruby-identifier">options</span>[<span class="ruby-identifier">:user_model</span>] }
|
188
|
+
<span class="ruby-keyword kw">end</span>
|
189
|
+
<span class="ruby-keyword kw">end</span>
|
190
|
+
<span class="ruby-keyword kw">end</span></pre>
|
191
|
+
</div>
|
192
|
+
</div>
|
193
|
+
|
194
|
+
</div>
|
195
|
+
|
196
|
+
<div class="method">
|
197
|
+
<div class="title" id="M000012">
|
198
|
+
|
199
|
+
<a name="M000012"></a><b>require_write</b>(*attrs)
|
200
|
+
|
201
|
+
</div>
|
202
|
+
|
203
|
+
<div class="description">
|
204
|
+
<p>
|
205
|
+
Requires the user to have a write permission to that area to access the
|
206
|
+
actions specified
|
207
|
+
</p>
|
208
|
+
<p>
|
209
|
+
<b>ex:</b> Tells <a href="../../../Authentasaurus.html">Authentasaurus</a>
|
210
|
+
that the actions create_user and delete_user requires login and write
|
211
|
+
permission.
|
212
|
+
</p>
|
213
|
+
<pre>
|
214
|
+
require_write :create_user, :delete_user
|
215
|
+
</pre>
|
216
|
+
<p>
|
217
|
+
<b>Options</b>
|
218
|
+
</p>
|
219
|
+
<pre>
|
220
|
+
:skip_request - skips saving the original request (to redirect to after login)
|
221
|
+
:user_model - if defined, authentasaurus will use that model instead of the default "User"
|
222
|
+
:if - specifies a method, proc or string to call to determine if the authorization should occur
|
223
|
+
:unless - specifies a method, proc or string to call to determine if the authorization should not occur
|
224
|
+
</pre>
|
225
|
+
|
226
|
+
</div>
|
227
|
+
|
228
|
+
|
229
|
+
|
230
|
+
|
231
|
+
<div class="sourcecode">
|
232
|
+
<p class="source-link">
|
233
|
+
Source: <a href="javascript:toggleSource('M000012_source')" id="l_M000012_source">show</a>
|
234
|
+
|
235
|
+
| <a href="http://github.com/cousine/Authentasuarus-2/blob/9f35019b78d87fdf386c9d64834171263868b8aa/lib/authentasaurus/authorization.rb#L211" target="_blank" class="github_url">on GitHub</a>
|
236
|
+
|
237
|
+
</p>
|
238
|
+
<div id="M000012_source" class="dyn-source">
|
239
|
+
<pre><span class="ruby-comment cmt"># File lib/authentasaurus/authorization.rb, line 211</span>
|
240
|
+
<span class="ruby-keyword kw">def</span> <span class="ruby-identifier">require_write</span>(<span class="ruby-operator">*</span><span class="ruby-identifier">attrs</span>)
|
241
|
+
<span class="ruby-identifier">options</span> = <span class="ruby-identifier">attrs</span>.<span class="ruby-identifier">extract_options!</span>.<span class="ruby-identifier">symbolize_keys</span>
|
242
|
+
<span class="ruby-identifier">attrs</span> = <span class="ruby-identifier">attrs</span>.<span class="ruby-identifier">flatten</span>
|
243
|
+
|
244
|
+
|
245
|
+
<span class="ruby-keyword kw">unless</span> <span class="ruby-identifier">attrs</span>.<span class="ruby-identifier">empty?</span>
|
246
|
+
<span class="ruby-identifier">before_filter</span> <span class="ruby-identifier">:only</span> =<span class="ruby-operator">></span> <span class="ruby-identifier">attrs</span>, <span class="ruby-identifier">:if</span> =<span class="ruby-operator">></span> <span class="ruby-identifier">options</span>[<span class="ruby-identifier">:if</span>], <span class="ruby-identifier">:unless</span> =<span class="ruby-operator">></span> <span class="ruby-identifier">options</span>[<span class="ruby-identifier">:unless</span>] <span class="ruby-keyword kw">do</span> <span class="ruby-operator">|</span><span class="ruby-identifier">controller</span><span class="ruby-operator">|</span>
|
247
|
+
<span class="ruby-identifier">controller</span>.<span class="ruby-identifier">instance_eval</span> { <span class="ruby-identifier">check_write_permissions</span> <span class="ruby-operator">!</span><span class="ruby-identifier">options</span>[<span class="ruby-identifier">:skip_request</span>].<span class="ruby-identifier">nil?</span>, <span class="ruby-identifier">options</span>[<span class="ruby-identifier">:user_model</span>] }
|
248
|
+
<span class="ruby-keyword kw">end</span>
|
249
|
+
<span class="ruby-keyword kw">else</span>
|
250
|
+
<span class="ruby-identifier">before_filter</span> <span class="ruby-identifier">:if</span> =<span class="ruby-operator">></span> <span class="ruby-identifier">options</span>[<span class="ruby-identifier">:if</span>], <span class="ruby-identifier">:unless</span> =<span class="ruby-operator">></span> <span class="ruby-identifier">options</span>[<span class="ruby-identifier">:unless</span>] <span class="ruby-keyword kw">do</span> <span class="ruby-operator">|</span><span class="ruby-identifier">c</span><span class="ruby-operator">|</span>
|
251
|
+
<span class="ruby-identifier">c</span>.<span class="ruby-identifier">instance_eval</span> {<span class="ruby-identifier">check_write_permissions</span> <span class="ruby-operator">!</span><span class="ruby-identifier">options</span>[<span class="ruby-identifier">:skip_request</span>].<span class="ruby-identifier">nil?</span>, <span class="ruby-identifier">options</span>[<span class="ruby-identifier">:user_model</span>]}
|
252
|
+
<span class="ruby-keyword kw">end</span>
|
253
|
+
<span class="ruby-keyword kw">end</span>
|
254
|
+
<span class="ruby-keyword kw">end</span></pre>
|
255
|
+
</div>
|
256
|
+
</div>
|
257
|
+
|
258
|
+
</div>
|
259
|
+
|
260
|
+
</div>
|
261
|
+
</div>
|
262
|
+
</body>
|
263
|
+
</html>
|