muck-users 0.1.0 → 0.1.1
Sign up to get free protection for your applications and to get access to all the features.
- data/Rakefile +13 -13
- data/VERSION +1 -1
- data/lib/{muck-users.rb → muck_users.rb} +2 -2
- data/lib/{muck-users → muck_users}/exceptions.rb +1 -1
- data/lib/{muck-users → muck_users}/initialize_routes.rb +0 -0
- data/lib/{muck-users → muck_users}/tasks.rb +2 -2
- data/muck-users.gemspec +117 -8
- data/rails/init.rb +2 -2
- data/rdoc/classes/ActionController.html +112 -0
- data/rdoc/classes/ActionController/AuthenticApplication.html +161 -0
- data/rdoc/classes/ActionController/AuthenticApplication/InstanceMethods.html +741 -0
- data/rdoc/classes/ActionController/Routing.html +107 -0
- data/rdoc/classes/ActionController/Routing/RouteSet.html +148 -0
- data/rdoc/classes/ActiveRecord.html +105 -0
- data/rdoc/classes/ActiveRecord/Acts/MuckUser/ClassMethods.html +171 -0
- data/rdoc/classes/ActiveRecord/Acts/MuckUser/InstanceMethods.html +516 -0
- data/rdoc/classes/ActiveRecord/Acts/MuckUser/SingletonMethods.html +296 -0
- data/rdoc/classes/Disguise.html +111 -0
- data/rdoc/classes/Disguise/Tasks.html +146 -0
- data/rdoc/classes/MuckUsersEngine.html +117 -0
- data/rdoc/classes/MuckUsersEngine/Exceptions.html +111 -0
- data/rdoc/classes/MuckUsersEngine/Exceptions/InvalidPasswordResetCode.html +111 -0
- data/rdoc/created.rid +1 -0
- data/rdoc/files/README_rdoc.html +147 -0
- data/rdoc/files/lib/action_controller/authentic_application_rb.html +101 -0
- data/rdoc/files/lib/active_record/acts/muck_user_rb.html +101 -0
- data/rdoc/files/lib/muck-users/exceptions_rb.html +101 -0
- data/rdoc/files/lib/muck-users/initialize_routes_rb.html +101 -0
- data/rdoc/files/lib/muck-users/tasks_rb.html +110 -0
- data/rdoc/files/lib/muck-users_rb.html +116 -0
- data/rdoc/fr_class_index.html +40 -0
- data/rdoc/fr_file_index.html +33 -0
- data/rdoc/fr_method_index.html +72 -0
- data/rdoc/index.html +24 -0
- data/rdoc/rdoc-style.css +208 -0
- data/tasks/rails.rake +2 -2
- metadata +33 -8
- data/pkg/muck-users-0.1.0.gem +0 -0
- data/tasks/muck_users_engine.rake +0 -27
@@ -0,0 +1,161 @@
|
|
1
|
+
<?xml version="1.0" encoding="iso-8859-1"?>
|
2
|
+
<!DOCTYPE html
|
3
|
+
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
|
4
|
+
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
5
|
+
|
6
|
+
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
|
7
|
+
<head>
|
8
|
+
<title>Module: ActionController::AuthenticApplication</title>
|
9
|
+
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
|
10
|
+
<meta http-equiv="Content-Script-Type" content="text/javascript" />
|
11
|
+
<link rel="stylesheet" href="../.././rdoc-style.css" type="text/css" media="screen" />
|
12
|
+
<script type="text/javascript">
|
13
|
+
// <![CDATA[
|
14
|
+
|
15
|
+
function popupCode( url ) {
|
16
|
+
window.open(url, "Code", "resizable=yes,scrollbars=yes,toolbar=no,status=no,height=150,width=400")
|
17
|
+
}
|
18
|
+
|
19
|
+
function toggleCode( id ) {
|
20
|
+
if ( document.getElementById )
|
21
|
+
elem = document.getElementById( id );
|
22
|
+
else if ( document.all )
|
23
|
+
elem = eval( "document.all." + id );
|
24
|
+
else
|
25
|
+
return false;
|
26
|
+
|
27
|
+
elemStyle = elem.style;
|
28
|
+
|
29
|
+
if ( elemStyle.display != "block" ) {
|
30
|
+
elemStyle.display = "block"
|
31
|
+
} else {
|
32
|
+
elemStyle.display = "none"
|
33
|
+
}
|
34
|
+
|
35
|
+
return true;
|
36
|
+
}
|
37
|
+
|
38
|
+
// Make codeblocks hidden by default
|
39
|
+
document.writeln( "<style type=\"text/css\">div.method-source-code { display: none }</style>" )
|
40
|
+
|
41
|
+
// ]]>
|
42
|
+
</script>
|
43
|
+
|
44
|
+
</head>
|
45
|
+
<body>
|
46
|
+
|
47
|
+
|
48
|
+
|
49
|
+
<div id="classHeader">
|
50
|
+
<table class="header-table">
|
51
|
+
<tr class="top-aligned-row">
|
52
|
+
<td><strong>Module</strong></td>
|
53
|
+
<td class="class-name-in-header">ActionController::AuthenticApplication</td>
|
54
|
+
</tr>
|
55
|
+
<tr class="top-aligned-row">
|
56
|
+
<td><strong>In:</strong></td>
|
57
|
+
<td>
|
58
|
+
<a href="../../files/lib/action_controller/authentic_application_rb.html">
|
59
|
+
lib/action_controller/authentic_application.rb
|
60
|
+
</a>
|
61
|
+
<br />
|
62
|
+
</td>
|
63
|
+
</tr>
|
64
|
+
|
65
|
+
</table>
|
66
|
+
</div>
|
67
|
+
<!-- banner header -->
|
68
|
+
|
69
|
+
<div id="bodyContent">
|
70
|
+
|
71
|
+
|
72
|
+
|
73
|
+
<div id="contextContent">
|
74
|
+
|
75
|
+
|
76
|
+
|
77
|
+
</div>
|
78
|
+
|
79
|
+
<div id="method-list">
|
80
|
+
<h3 class="section-bar">Methods</h3>
|
81
|
+
|
82
|
+
<div class="name-list">
|
83
|
+
<a href="#M000001">included</a>
|
84
|
+
</div>
|
85
|
+
</div>
|
86
|
+
|
87
|
+
</div>
|
88
|
+
|
89
|
+
|
90
|
+
<!-- if includes -->
|
91
|
+
<div id="includes">
|
92
|
+
<h3 class="section-bar">Included Modules</h3>
|
93
|
+
|
94
|
+
<div id="includes-list">
|
95
|
+
<span class="include-name"><a href="AuthenticApplication/InstanceMethods.html">InstanceMethods</a></span>
|
96
|
+
</div>
|
97
|
+
</div>
|
98
|
+
|
99
|
+
<div id="section">
|
100
|
+
|
101
|
+
<div id="class-list">
|
102
|
+
<h3 class="section-bar">Classes and Modules</h3>
|
103
|
+
|
104
|
+
Module <a href="AuthenticApplication/InstanceMethods.html" class="link">ActionController::AuthenticApplication::InstanceMethods</a><br />
|
105
|
+
|
106
|
+
</div>
|
107
|
+
|
108
|
+
|
109
|
+
|
110
|
+
|
111
|
+
|
112
|
+
|
113
|
+
|
114
|
+
<!-- if method_list -->
|
115
|
+
<div id="methods">
|
116
|
+
<h3 class="section-bar">Public Class methods</h3>
|
117
|
+
|
118
|
+
<div id="method-M000001" class="method-detail">
|
119
|
+
<a name="M000001"></a>
|
120
|
+
|
121
|
+
<div class="method-heading">
|
122
|
+
<a href="#M000001" class="method-signature">
|
123
|
+
<span class="method-name">included</span><span class="method-args">(base)</span>
|
124
|
+
</a>
|
125
|
+
</div>
|
126
|
+
|
127
|
+
<div class="method-description">
|
128
|
+
<p>
|
129
|
+
Module automatically mixed into the all controllers
|
130
|
+
</p>
|
131
|
+
<p><a class="source-toggle" href="#"
|
132
|
+
onclick="toggleCode('M000001-source');return false;">[Source]</a></p>
|
133
|
+
<div class="method-source-code" id="M000001-source">
|
134
|
+
<pre>
|
135
|
+
<span class="ruby-comment cmt"># File lib/action_controller/authentic_application.rb, line 6</span>
|
136
|
+
<span class="ruby-keyword kw">def</span> <span class="ruby-keyword kw">self</span>.<span class="ruby-identifier">included</span>(<span class="ruby-identifier">base</span>)
|
137
|
+
<span class="ruby-identifier">base</span>.<span class="ruby-identifier">class_eval</span> <span class="ruby-keyword kw">do</span>
|
138
|
+
<span class="ruby-identifier">include</span> <span class="ruby-constant">InstanceMethods</span>
|
139
|
+
<span class="ruby-keyword kw">end</span>
|
140
|
+
<span class="ruby-comment cmt"># Inclusion hook to make #current_user and #logged_in?, etc available as ActionView helper methods.</span>
|
141
|
+
<span class="ruby-identifier">base</span>.<span class="ruby-identifier">send</span> <span class="ruby-identifier">:helper_method</span>, <span class="ruby-identifier">:current_user_session</span>, <span class="ruby-identifier">:current_user</span>, <span class="ruby-identifier">:logged_in?</span>, <span class="ruby-identifier">:admin?</span>, <span class="ruby-identifier">:is_me?</span>, <span class="ruby-identifier">:is_owner?</span>
|
142
|
+
<span class="ruby-identifier">base</span>.<span class="ruby-identifier">send</span> <span class="ruby-identifier">:filter_parameter_logging</span>, <span class="ruby-identifier">:password</span>, <span class="ruby-identifier">:password_confirmation</span>
|
143
|
+
<span class="ruby-keyword kw">end</span>
|
144
|
+
</pre>
|
145
|
+
</div>
|
146
|
+
</div>
|
147
|
+
</div>
|
148
|
+
|
149
|
+
|
150
|
+
</div>
|
151
|
+
|
152
|
+
|
153
|
+
</div>
|
154
|
+
|
155
|
+
|
156
|
+
<div id="validator-badges">
|
157
|
+
<p><small><a href="http://validator.w3.org/check/referer">[Validate]</a></small></p>
|
158
|
+
</div>
|
159
|
+
|
160
|
+
</body>
|
161
|
+
</html>
|
@@ -0,0 +1,741 @@
|
|
1
|
+
<?xml version="1.0" encoding="iso-8859-1"?>
|
2
|
+
<!DOCTYPE html
|
3
|
+
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
|
4
|
+
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
5
|
+
|
6
|
+
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
|
7
|
+
<head>
|
8
|
+
<title>Module: ActionController::AuthenticApplication::InstanceMethods</title>
|
9
|
+
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
|
10
|
+
<meta http-equiv="Content-Script-Type" content="text/javascript" />
|
11
|
+
<link rel="stylesheet" href="../../.././rdoc-style.css" type="text/css" media="screen" />
|
12
|
+
<script type="text/javascript">
|
13
|
+
// <![CDATA[
|
14
|
+
|
15
|
+
function popupCode( url ) {
|
16
|
+
window.open(url, "Code", "resizable=yes,scrollbars=yes,toolbar=no,status=no,height=150,width=400")
|
17
|
+
}
|
18
|
+
|
19
|
+
function toggleCode( id ) {
|
20
|
+
if ( document.getElementById )
|
21
|
+
elem = document.getElementById( id );
|
22
|
+
else if ( document.all )
|
23
|
+
elem = eval( "document.all." + id );
|
24
|
+
else
|
25
|
+
return false;
|
26
|
+
|
27
|
+
elemStyle = elem.style;
|
28
|
+
|
29
|
+
if ( elemStyle.display != "block" ) {
|
30
|
+
elemStyle.display = "block"
|
31
|
+
} else {
|
32
|
+
elemStyle.display = "none"
|
33
|
+
}
|
34
|
+
|
35
|
+
return true;
|
36
|
+
}
|
37
|
+
|
38
|
+
// Make codeblocks hidden by default
|
39
|
+
document.writeln( "<style type=\"text/css\">div.method-source-code { display: none }</style>" )
|
40
|
+
|
41
|
+
// ]]>
|
42
|
+
</script>
|
43
|
+
|
44
|
+
</head>
|
45
|
+
<body>
|
46
|
+
|
47
|
+
|
48
|
+
|
49
|
+
<div id="classHeader">
|
50
|
+
<table class="header-table">
|
51
|
+
<tr class="top-aligned-row">
|
52
|
+
<td><strong>Module</strong></td>
|
53
|
+
<td class="class-name-in-header">ActionController::AuthenticApplication::InstanceMethods</td>
|
54
|
+
</tr>
|
55
|
+
<tr class="top-aligned-row">
|
56
|
+
<td><strong>In:</strong></td>
|
57
|
+
<td>
|
58
|
+
<a href="../../../files/lib/action_controller/authentic_application_rb.html">
|
59
|
+
lib/action_controller/authentic_application.rb
|
60
|
+
</a>
|
61
|
+
<br />
|
62
|
+
</td>
|
63
|
+
</tr>
|
64
|
+
|
65
|
+
</table>
|
66
|
+
</div>
|
67
|
+
<!-- banner header -->
|
68
|
+
|
69
|
+
<div id="bodyContent">
|
70
|
+
|
71
|
+
|
72
|
+
|
73
|
+
<div id="contextContent">
|
74
|
+
|
75
|
+
|
76
|
+
|
77
|
+
</div>
|
78
|
+
|
79
|
+
<div id="method-list">
|
80
|
+
<h3 class="section-bar">Methods</h3>
|
81
|
+
|
82
|
+
<div class="name-list">
|
83
|
+
<a href="#M000016">access_denied</a>
|
84
|
+
<a href="#M000008">admin?</a>
|
85
|
+
<a href="#M000013">allowed_access?</a>
|
86
|
+
<a href="#M000014">can_access?</a>
|
87
|
+
<a href="#M000007">check_role</a>
|
88
|
+
<a href="#M000004">current_user</a>
|
89
|
+
<a href="#M000003">current_user_session</a>
|
90
|
+
<a href="#M000018">enforce_logout_required</a>
|
91
|
+
<a href="#M000011">is_me?</a>
|
92
|
+
<a href="#M000015">is_mine?</a>
|
93
|
+
<a href="#M000009">is_owner?</a>
|
94
|
+
<a href="#M000010">is_owner?</a>
|
95
|
+
<a href="#M000002">logged_in?</a>
|
96
|
+
<a href="#M000005">login_required</a>
|
97
|
+
<a href="#M000006">not_logged_in_required</a>
|
98
|
+
<a href="#M000017">permission_denied</a>
|
99
|
+
<a href="#M000012">protect_owner</a>
|
100
|
+
<a href="#M000021">redirect_back_or_default</a>
|
101
|
+
<a href="#M000022">redirect_to_referer_or_default</a>
|
102
|
+
<a href="#M000019">store_location</a>
|
103
|
+
<a href="#M000020">store_referer</a>
|
104
|
+
</div>
|
105
|
+
</div>
|
106
|
+
|
107
|
+
</div>
|
108
|
+
|
109
|
+
|
110
|
+
<!-- if includes -->
|
111
|
+
|
112
|
+
<div id="section">
|
113
|
+
|
114
|
+
|
115
|
+
|
116
|
+
|
117
|
+
|
118
|
+
|
119
|
+
|
120
|
+
|
121
|
+
<!-- if method_list -->
|
122
|
+
<div id="methods">
|
123
|
+
<h3 class="section-bar">Protected Instance methods</h3>
|
124
|
+
|
125
|
+
<div id="method-M000016" class="method-detail">
|
126
|
+
<a name="M000016"></a>
|
127
|
+
|
128
|
+
<div class="method-heading">
|
129
|
+
<a href="#M000016" class="method-signature">
|
130
|
+
<span class="method-name">access_denied</span><span class="method-args">()</span>
|
131
|
+
</a>
|
132
|
+
</div>
|
133
|
+
|
134
|
+
<div class="method-description">
|
135
|
+
<p>
|
136
|
+
Redirect as appropriate when an access request fails.
|
137
|
+
</p>
|
138
|
+
<p>
|
139
|
+
The default action is to redirect to the login screen.
|
140
|
+
</p>
|
141
|
+
<p>
|
142
|
+
Override this method in your controllers if you want to have special
|
143
|
+
behavior in case the user is not authorized to access the requested action.
|
144
|
+
For example, a popup window might simply close itself.
|
145
|
+
</p>
|
146
|
+
<p><a class="source-toggle" href="#"
|
147
|
+
onclick="toggleCode('M000016-source');return false;">[Source]</a></p>
|
148
|
+
<div class="method-source-code" id="M000016-source">
|
149
|
+
<pre>
|
150
|
+
<span class="ruby-comment cmt"># File lib/action_controller/authentic_application.rb, line 127</span>
|
151
|
+
<span class="ruby-keyword kw">def</span> <span class="ruby-identifier">access_denied</span>
|
152
|
+
<span class="ruby-identifier">respond_to</span> <span class="ruby-keyword kw">do</span> <span class="ruby-operator">|</span><span class="ruby-identifier">format</span><span class="ruby-operator">|</span>
|
153
|
+
<span class="ruby-identifier">format</span>.<span class="ruby-identifier">html</span> <span class="ruby-keyword kw">do</span>
|
154
|
+
<span class="ruby-identifier">store_location</span>
|
155
|
+
<span class="ruby-identifier">flash</span>[<span class="ruby-identifier">:error</span>] = <span class="ruby-constant">I18n</span>.<span class="ruby-identifier">t</span>(<span class="ruby-value str">'muck.users.access_denied'</span>)
|
156
|
+
<span class="ruby-identifier">redirect_to</span> <span class="ruby-identifier">login_path</span>
|
157
|
+
<span class="ruby-keyword kw">end</span>
|
158
|
+
<span class="ruby-identifier">format</span>.<span class="ruby-identifier">xml</span> <span class="ruby-keyword kw">do</span>
|
159
|
+
<span class="ruby-identifier">request_http_basic_authentication</span> <span class="ruby-value str">'Web Password'</span>
|
160
|
+
<span class="ruby-keyword kw">end</span>
|
161
|
+
<span class="ruby-keyword kw">end</span>
|
162
|
+
<span class="ruby-keyword kw">end</span>
|
163
|
+
</pre>
|
164
|
+
</div>
|
165
|
+
</div>
|
166
|
+
</div>
|
167
|
+
|
168
|
+
<div id="method-M000008" class="method-detail">
|
169
|
+
<a name="M000008"></a>
|
170
|
+
|
171
|
+
<div class="method-heading">
|
172
|
+
<a href="#M000008" class="method-signature">
|
173
|
+
<span class="method-name">admin?</span><span class="method-args">()</span>
|
174
|
+
</a>
|
175
|
+
</div>
|
176
|
+
|
177
|
+
<div class="method-description">
|
178
|
+
<p><a class="source-toggle" href="#"
|
179
|
+
onclick="toggleCode('M000008-source');return false;">[Source]</a></p>
|
180
|
+
<div class="method-source-code" id="M000008-source">
|
181
|
+
<pre>
|
182
|
+
<span class="ruby-comment cmt"># File lib/action_controller/authentic_application.rb, line 61</span>
|
183
|
+
<span class="ruby-keyword kw">def</span> <span class="ruby-identifier">admin?</span>
|
184
|
+
<span class="ruby-identifier">logged_in?</span> <span class="ruby-operator">&&</span> <span class="ruby-identifier">current_user</span>.<span class="ruby-identifier">admin?</span>
|
185
|
+
<span class="ruby-keyword kw">end</span>
|
186
|
+
</pre>
|
187
|
+
</div>
|
188
|
+
</div>
|
189
|
+
</div>
|
190
|
+
|
191
|
+
<div id="method-M000013" class="method-detail">
|
192
|
+
<a name="M000013"></a>
|
193
|
+
|
194
|
+
<div class="method-heading">
|
195
|
+
<a href="#M000013" class="method-signature">
|
196
|
+
<span class="method-name">allowed_access?</span><span class="method-args">(options)</span>
|
197
|
+
</a>
|
198
|
+
</div>
|
199
|
+
|
200
|
+
<div class="method-description">
|
201
|
+
<p>
|
202
|
+
allow or deny access depending on options specified
|
203
|
+
</p>
|
204
|
+
<p><a class="source-toggle" href="#"
|
205
|
+
onclick="toggleCode('M000013-source');return false;">[Source]</a></p>
|
206
|
+
<div class="method-source-code" id="M000013-source">
|
207
|
+
<pre>
|
208
|
+
<span class="ruby-comment cmt"># File lib/action_controller/authentic_application.rb, line 91</span>
|
209
|
+
<span class="ruby-keyword kw">def</span> <span class="ruby-identifier">allowed_access?</span>(<span class="ruby-identifier">options</span>)
|
210
|
+
<span class="ruby-keyword kw">if</span> <span class="ruby-operator">!</span><span class="ruby-identifier">options</span>[<span class="ruby-identifier">:owner</span>].<span class="ruby-identifier">nil?</span> <span class="ruby-operator">&&</span> <span class="ruby-operator">!</span><span class="ruby-identifier">options</span>[<span class="ruby-identifier">:object_user_id</span>].<span class="ruby-identifier">nil?</span>
|
211
|
+
<span class="ruby-keyword kw">return</span> <span class="ruby-keyword kw">true</span> <span class="ruby-keyword kw">if</span> <span class="ruby-identifier">is_owner?</span>(<span class="ruby-identifier">options</span>[<span class="ruby-identifier">:owner</span>], <span class="ruby-identifier">options</span>[<span class="ruby-identifier">:object_user_id</span>])
|
212
|
+
<span class="ruby-keyword kw">end</span>
|
213
|
+
|
214
|
+
<span class="ruby-identifier">options</span>[<span class="ruby-identifier">:permit_roles</span>].<span class="ruby-identifier">each</span> <span class="ruby-keyword kw">do</span> <span class="ruby-operator">|</span><span class="ruby-identifier">role</span><span class="ruby-operator">|</span>
|
215
|
+
<span class="ruby-keyword kw">return</span> <span class="ruby-keyword kw">true</span> <span class="ruby-keyword kw">if</span> <span class="ruby-identifier">current_user</span>.<span class="ruby-identifier">has_role?</span>(<span class="ruby-identifier">role</span>)
|
216
|
+
<span class="ruby-keyword kw">end</span>
|
217
|
+
|
218
|
+
<span class="ruby-comment cmt"># access denied</span>
|
219
|
+
<span class="ruby-identifier">permission_denied</span>
|
220
|
+
<span class="ruby-keyword kw">false</span>
|
221
|
+
<span class="ruby-keyword kw">end</span>
|
222
|
+
</pre>
|
223
|
+
</div>
|
224
|
+
</div>
|
225
|
+
</div>
|
226
|
+
|
227
|
+
<div id="method-M000014" class="method-detail">
|
228
|
+
<a name="M000014"></a>
|
229
|
+
|
230
|
+
<div class="method-heading">
|
231
|
+
<a href="#M000014" class="method-signature">
|
232
|
+
<span class="method-name">can_access?</span><span class="method-args">(user, object, roles, &block)</span>
|
233
|
+
</a>
|
234
|
+
</div>
|
235
|
+
|
236
|
+
<div class="method-description">
|
237
|
+
<p><a class="source-toggle" href="#"
|
238
|
+
onclick="toggleCode('M000014-source');return false;">[Source]</a></p>
|
239
|
+
<div class="method-source-code" id="M000014-source">
|
240
|
+
<pre>
|
241
|
+
<span class="ruby-comment cmt"># File lib/action_controller/authentic_application.rb, line 105</span>
|
242
|
+
<span class="ruby-keyword kw">def</span> <span class="ruby-identifier">can_access?</span>(<span class="ruby-identifier">user</span>, <span class="ruby-identifier">object</span>, <span class="ruby-identifier">roles</span>, <span class="ruby-operator">&</span><span class="ruby-identifier">block</span>)
|
243
|
+
<span class="ruby-keyword kw">if</span> <span class="ruby-identifier">logged_in?</span> <span class="ruby-operator">&&</span> <span class="ruby-identifier">user</span>.<span class="ruby-identifier">is_in_role?</span>(<span class="ruby-identifier">event</span>, <span class="ruby-identifier">roles</span>)
|
244
|
+
<span class="ruby-identifier">content</span> = <span class="ruby-identifier">capture</span>(<span class="ruby-operator">&</span><span class="ruby-identifier">block</span>)
|
245
|
+
<span class="ruby-identifier">concat</span>(<span class="ruby-identifier">content</span>, <span class="ruby-identifier">block</span>.<span class="ruby-identifier">binding</span>)
|
246
|
+
<span class="ruby-keyword kw">end</span>
|
247
|
+
<span class="ruby-keyword kw">end</span>
|
248
|
+
</pre>
|
249
|
+
</div>
|
250
|
+
</div>
|
251
|
+
</div>
|
252
|
+
|
253
|
+
<div id="method-M000007" class="method-detail">
|
254
|
+
<a name="M000007"></a>
|
255
|
+
|
256
|
+
<div class="method-heading">
|
257
|
+
<a href="#M000007" class="method-signature">
|
258
|
+
<span class="method-name">check_role</span><span class="method-args">(role)</span>
|
259
|
+
</a>
|
260
|
+
</div>
|
261
|
+
|
262
|
+
<div class="method-description">
|
263
|
+
<p><a class="source-toggle" href="#"
|
264
|
+
onclick="toggleCode('M000007-source');return false;">[Source]</a></p>
|
265
|
+
<div class="method-source-code" id="M000007-source">
|
266
|
+
<pre>
|
267
|
+
<span class="ruby-comment cmt"># File lib/action_controller/authentic_application.rb, line 50</span>
|
268
|
+
<span class="ruby-keyword kw">def</span> <span class="ruby-identifier">check_role</span>(<span class="ruby-identifier">role</span>)
|
269
|
+
<span class="ruby-keyword kw">unless</span> <span class="ruby-identifier">logged_in?</span> <span class="ruby-operator">&&</span> <span class="ruby-identifier">current_user</span>.<span class="ruby-identifier">has_role?</span>(<span class="ruby-identifier">role</span>)
|
270
|
+
<span class="ruby-keyword kw">if</span> <span class="ruby-identifier">logged_in?</span>
|
271
|
+
<span class="ruby-identifier">permission_denied</span>
|
272
|
+
<span class="ruby-keyword kw">else</span>
|
273
|
+
<span class="ruby-identifier">store_referer</span>
|
274
|
+
<span class="ruby-identifier">access_denied</span>
|
275
|
+
<span class="ruby-keyword kw">end</span>
|
276
|
+
<span class="ruby-keyword kw">end</span>
|
277
|
+
<span class="ruby-keyword kw">end</span>
|
278
|
+
</pre>
|
279
|
+
</div>
|
280
|
+
</div>
|
281
|
+
</div>
|
282
|
+
|
283
|
+
<div id="method-M000004" class="method-detail">
|
284
|
+
<a name="M000004"></a>
|
285
|
+
|
286
|
+
<div class="method-heading">
|
287
|
+
<a href="#M000004" class="method-signature">
|
288
|
+
<span class="method-name">current_user</span><span class="method-args">()</span>
|
289
|
+
</a>
|
290
|
+
</div>
|
291
|
+
|
292
|
+
<div class="method-description">
|
293
|
+
<p><a class="source-toggle" href="#"
|
294
|
+
onclick="toggleCode('M000004-source');return false;">[Source]</a></p>
|
295
|
+
<div class="method-source-code" id="M000004-source">
|
296
|
+
<pre>
|
297
|
+
<span class="ruby-comment cmt"># File lib/action_controller/authentic_application.rb, line 29</span>
|
298
|
+
<span class="ruby-keyword kw">def</span> <span class="ruby-identifier">current_user</span>
|
299
|
+
<span class="ruby-keyword kw">return</span> <span class="ruby-ivar">@current_user</span> <span class="ruby-keyword kw">if</span> <span class="ruby-keyword kw">defined?</span>(<span class="ruby-ivar">@current_user</span>)
|
300
|
+
<span class="ruby-ivar">@current_user</span> = <span class="ruby-identifier">current_user_session</span> <span class="ruby-operator">&&</span> <span class="ruby-identifier">current_user_session</span>.<span class="ruby-identifier">record</span>
|
301
|
+
<span class="ruby-keyword kw">end</span>
|
302
|
+
</pre>
|
303
|
+
</div>
|
304
|
+
</div>
|
305
|
+
</div>
|
306
|
+
|
307
|
+
<div id="method-M000003" class="method-detail">
|
308
|
+
<a name="M000003"></a>
|
309
|
+
|
310
|
+
<div class="method-heading">
|
311
|
+
<a href="#M000003" class="method-signature">
|
312
|
+
<span class="method-name">current_user_session</span><span class="method-args">()</span>
|
313
|
+
</a>
|
314
|
+
</div>
|
315
|
+
|
316
|
+
<div class="method-description">
|
317
|
+
<p><a class="source-toggle" href="#"
|
318
|
+
onclick="toggleCode('M000003-source');return false;">[Source]</a></p>
|
319
|
+
<div class="method-source-code" id="M000003-source">
|
320
|
+
<pre>
|
321
|
+
<span class="ruby-comment cmt"># File lib/action_controller/authentic_application.rb, line 24</span>
|
322
|
+
<span class="ruby-keyword kw">def</span> <span class="ruby-identifier">current_user_session</span>
|
323
|
+
<span class="ruby-keyword kw">return</span> <span class="ruby-ivar">@current_user_session</span> <span class="ruby-keyword kw">if</span> <span class="ruby-keyword kw">defined?</span>(<span class="ruby-ivar">@current_user_session</span>)
|
324
|
+
<span class="ruby-ivar">@current_user_session</span> = <span class="ruby-constant">UserSession</span>.<span class="ruby-identifier">find</span>
|
325
|
+
<span class="ruby-keyword kw">end</span>
|
326
|
+
</pre>
|
327
|
+
</div>
|
328
|
+
</div>
|
329
|
+
</div>
|
330
|
+
|
331
|
+
<div id="method-M000018" class="method-detail">
|
332
|
+
<a name="M000018"></a>
|
333
|
+
|
334
|
+
<div class="method-heading">
|
335
|
+
<a href="#M000018" class="method-signature">
|
336
|
+
<span class="method-name">enforce_logout_required</span><span class="method-args">()</span>
|
337
|
+
</a>
|
338
|
+
</div>
|
339
|
+
|
340
|
+
<div class="method-description">
|
341
|
+
<p><a class="source-toggle" href="#"
|
342
|
+
onclick="toggleCode('M000018-source');return false;">[Source]</a></p>
|
343
|
+
<div class="method-source-code" id="M000018-source">
|
344
|
+
<pre>
|
345
|
+
<span class="ruby-comment cmt"># File lib/action_controller/authentic_application.rb, line 171</span>
|
346
|
+
<span class="ruby-keyword kw">def</span> <span class="ruby-identifier">enforce_logout_required</span>
|
347
|
+
<span class="ruby-identifier">respond_to</span> <span class="ruby-keyword kw">do</span> <span class="ruby-operator">|</span><span class="ruby-identifier">format</span><span class="ruby-operator">|</span>
|
348
|
+
<span class="ruby-identifier">format</span>.<span class="ruby-identifier">html</span> <span class="ruby-keyword kw">do</span>
|
349
|
+
<span class="ruby-identifier">redirect_to</span> <span class="ruby-identifier">current_user</span>
|
350
|
+
<span class="ruby-keyword kw">end</span>
|
351
|
+
<span class="ruby-keyword kw">end</span>
|
352
|
+
<span class="ruby-keyword kw">end</span>
|
353
|
+
</pre>
|
354
|
+
</div>
|
355
|
+
</div>
|
356
|
+
</div>
|
357
|
+
|
358
|
+
<div id="method-M000011" class="method-detail">
|
359
|
+
<a name="M000011"></a>
|
360
|
+
|
361
|
+
<div class="method-heading">
|
362
|
+
<a href="#M000011" class="method-signature">
|
363
|
+
<span class="method-name">is_me?</span><span class="method-args">(user)</span>
|
364
|
+
</a>
|
365
|
+
</div>
|
366
|
+
|
367
|
+
<div class="method-description">
|
368
|
+
<p>
|
369
|
+
check to see if the given user is the same as the current user
|
370
|
+
</p>
|
371
|
+
<p><a class="source-toggle" href="#"
|
372
|
+
onclick="toggleCode('M000011-source');return false;">[Source]</a></p>
|
373
|
+
<div class="method-source-code" id="M000011-source">
|
374
|
+
<pre>
|
375
|
+
<span class="ruby-comment cmt"># File lib/action_controller/authentic_application.rb, line 75</span>
|
376
|
+
<span class="ruby-keyword kw">def</span> <span class="ruby-identifier">is_me?</span>(<span class="ruby-identifier">user</span>)
|
377
|
+
<span class="ruby-identifier">user</span> <span class="ruby-operator">==</span> <span class="ruby-identifier">current_user</span>
|
378
|
+
<span class="ruby-keyword kw">end</span>
|
379
|
+
</pre>
|
380
|
+
</div>
|
381
|
+
</div>
|
382
|
+
</div>
|
383
|
+
|
384
|
+
<div id="method-M000015" class="method-detail">
|
385
|
+
<a name="M000015"></a>
|
386
|
+
|
387
|
+
<div class="method-heading">
|
388
|
+
<a href="#M000015" class="method-signature">
|
389
|
+
<span class="method-name">is_mine?</span><span class="method-args">(user, &block)</span>
|
390
|
+
</a>
|
391
|
+
</div>
|
392
|
+
|
393
|
+
<div class="method-description">
|
394
|
+
<p><a class="source-toggle" href="#"
|
395
|
+
onclick="toggleCode('M000015-source');return false;">[Source]</a></p>
|
396
|
+
<div class="method-source-code" id="M000015-source">
|
397
|
+
<pre>
|
398
|
+
<span class="ruby-comment cmt"># File lib/action_controller/authentic_application.rb, line 112</span>
|
399
|
+
<span class="ruby-keyword kw">def</span> <span class="ruby-identifier">is_mine?</span>(<span class="ruby-identifier">user</span>, <span class="ruby-operator">&</span><span class="ruby-identifier">block</span>)
|
400
|
+
<span class="ruby-keyword kw">if</span> <span class="ruby-identifier">logged_in?</span> <span class="ruby-operator">&&</span> (<span class="ruby-identifier">current_user</span>.<span class="ruby-identifier">id</span> <span class="ruby-operator">==</span> <span class="ruby-identifier">user</span>.<span class="ruby-identifier">id</span>)
|
401
|
+
<span class="ruby-identifier">content</span> = <span class="ruby-identifier">capture</span>(<span class="ruby-operator">&</span><span class="ruby-identifier">block</span>)
|
402
|
+
<span class="ruby-identifier">concat</span>(<span class="ruby-identifier">content</span>, <span class="ruby-identifier">block</span>.<span class="ruby-identifier">binding</span>)
|
403
|
+
<span class="ruby-keyword kw">end</span>
|
404
|
+
<span class="ruby-keyword kw">end</span>
|
405
|
+
</pre>
|
406
|
+
</div>
|
407
|
+
</div>
|
408
|
+
</div>
|
409
|
+
|
410
|
+
<div id="method-M000009" class="method-detail">
|
411
|
+
<a name="M000009"></a>
|
412
|
+
|
413
|
+
<div class="method-heading">
|
414
|
+
<a href="#M000009" class="method-signature">
|
415
|
+
<span class="method-name">is_owner?</span><span class="method-args">(obj)</span>
|
416
|
+
</a>
|
417
|
+
</div>
|
418
|
+
|
419
|
+
<div class="method-description">
|
420
|
+
<p>
|
421
|
+
check to see if the current user is the owner of the specified object
|
422
|
+
</p>
|
423
|
+
<p><a class="source-toggle" href="#"
|
424
|
+
onclick="toggleCode('M000009-source');return false;">[Source]</a></p>
|
425
|
+
<div class="method-source-code" id="M000009-source">
|
426
|
+
<pre>
|
427
|
+
<span class="ruby-comment cmt"># File lib/action_controller/authentic_application.rb, line 66</span>
|
428
|
+
<span class="ruby-keyword kw">def</span> <span class="ruby-identifier">is_owner?</span>(<span class="ruby-identifier">obj</span>)
|
429
|
+
<span class="ruby-identifier">obj</span>.<span class="ruby-identifier">user_id</span> <span class="ruby-operator">==</span> <span class="ruby-identifier">current_user</span>.<span class="ruby-identifier">id</span>
|
430
|
+
<span class="ruby-keyword kw">end</span>
|
431
|
+
</pre>
|
432
|
+
</div>
|
433
|
+
</div>
|
434
|
+
</div>
|
435
|
+
|
436
|
+
<div id="method-M000010" class="method-detail">
|
437
|
+
<a name="M000010"></a>
|
438
|
+
|
439
|
+
<div class="method-heading">
|
440
|
+
<a href="#M000010" class="method-signature">
|
441
|
+
<span class="method-name">is_owner?</span><span class="method-args">(user, user_id)</span>
|
442
|
+
</a>
|
443
|
+
</div>
|
444
|
+
|
445
|
+
<div class="method-description">
|
446
|
+
<p><a class="source-toggle" href="#"
|
447
|
+
onclick="toggleCode('M000010-source');return false;">[Source]</a></p>
|
448
|
+
<div class="method-source-code" id="M000010-source">
|
449
|
+
<pre>
|
450
|
+
<span class="ruby-comment cmt"># File lib/action_controller/authentic_application.rb, line 70</span>
|
451
|
+
<span class="ruby-keyword kw">def</span> <span class="ruby-identifier">is_owner?</span>(<span class="ruby-identifier">user</span>, <span class="ruby-identifier">user_id</span>)
|
452
|
+
<span class="ruby-identifier">user</span>.<span class="ruby-identifier">id</span> <span class="ruby-operator">==</span> <span class="ruby-identifier">user_id</span>
|
453
|
+
<span class="ruby-keyword kw">end</span>
|
454
|
+
</pre>
|
455
|
+
</div>
|
456
|
+
</div>
|
457
|
+
</div>
|
458
|
+
|
459
|
+
<div id="method-M000002" class="method-detail">
|
460
|
+
<a name="M000002"></a>
|
461
|
+
|
462
|
+
<div class="method-heading">
|
463
|
+
<a href="#M000002" class="method-signature">
|
464
|
+
<span class="method-name">logged_in?</span><span class="method-args">()</span>
|
465
|
+
</a>
|
466
|
+
</div>
|
467
|
+
|
468
|
+
<div class="method-description">
|
469
|
+
<p>
|
470
|
+
Returns true or false if the user is logged in.
|
471
|
+
</p>
|
472
|
+
<p><a class="source-toggle" href="#"
|
473
|
+
onclick="toggleCode('M000002-source');return false;">[Source]</a></p>
|
474
|
+
<div class="method-source-code" id="M000002-source">
|
475
|
+
<pre>
|
476
|
+
<span class="ruby-comment cmt"># File lib/action_controller/authentic_application.rb, line 20</span>
|
477
|
+
<span class="ruby-keyword kw">def</span> <span class="ruby-identifier">logged_in?</span>
|
478
|
+
<span class="ruby-operator">!</span><span class="ruby-identifier">current_user</span>.<span class="ruby-identifier">blank?</span>
|
479
|
+
<span class="ruby-keyword kw">end</span>
|
480
|
+
</pre>
|
481
|
+
</div>
|
482
|
+
</div>
|
483
|
+
</div>
|
484
|
+
|
485
|
+
<div id="method-M000005" class="method-detail">
|
486
|
+
<a name="M000005"></a>
|
487
|
+
|
488
|
+
<div class="method-heading">
|
489
|
+
<a href="#M000005" class="method-signature">
|
490
|
+
<span class="method-name">login_required</span><span class="method-args">()</span>
|
491
|
+
</a>
|
492
|
+
</div>
|
493
|
+
|
494
|
+
<div class="method-description">
|
495
|
+
<p><a class="source-toggle" href="#"
|
496
|
+
onclick="toggleCode('M000005-source');return false;">[Source]</a></p>
|
497
|
+
<div class="method-source-code" id="M000005-source">
|
498
|
+
<pre>
|
499
|
+
<span class="ruby-comment cmt"># File lib/action_controller/authentic_application.rb, line 34</span>
|
500
|
+
<span class="ruby-keyword kw">def</span> <span class="ruby-identifier">login_required</span>
|
501
|
+
<span class="ruby-keyword kw">unless</span> <span class="ruby-identifier">logged_in?</span>
|
502
|
+
<span class="ruby-identifier">store_location</span>
|
503
|
+
<span class="ruby-identifier">flash</span>[<span class="ruby-identifier">:notice</span>] = <span class="ruby-constant">I18n</span>.<span class="ruby-identifier">t</span>(<span class="ruby-value str">'muck.users.login_requred'</span>)
|
504
|
+
<span class="ruby-identifier">access_denied</span>
|
505
|
+
<span class="ruby-keyword kw">end</span>
|
506
|
+
<span class="ruby-keyword kw">end</span>
|
507
|
+
</pre>
|
508
|
+
</div>
|
509
|
+
</div>
|
510
|
+
</div>
|
511
|
+
|
512
|
+
<div id="method-M000006" class="method-detail">
|
513
|
+
<a name="M000006"></a>
|
514
|
+
|
515
|
+
<div class="method-heading">
|
516
|
+
<a href="#M000006" class="method-signature">
|
517
|
+
<span class="method-name">not_logged_in_required</span><span class="method-args">()</span>
|
518
|
+
</a>
|
519
|
+
</div>
|
520
|
+
|
521
|
+
<div class="method-description">
|
522
|
+
<p><a class="source-toggle" href="#"
|
523
|
+
onclick="toggleCode('M000006-source');return false;">[Source]</a></p>
|
524
|
+
<div class="method-source-code" id="M000006-source">
|
525
|
+
<pre>
|
526
|
+
<span class="ruby-comment cmt"># File lib/action_controller/authentic_application.rb, line 42</span>
|
527
|
+
<span class="ruby-keyword kw">def</span> <span class="ruby-identifier">not_logged_in_required</span>
|
528
|
+
<span class="ruby-keyword kw">if</span> <span class="ruby-identifier">logged_in?</span>
|
529
|
+
<span class="ruby-identifier">store_location</span>
|
530
|
+
<span class="ruby-identifier">flash</span>[<span class="ruby-identifier">:notice</span>] = <span class="ruby-identifier">t</span>(<span class="ruby-value str">'muck.users.logout_required'</span>)
|
531
|
+
<span class="ruby-identifier">enforce_logout_required</span>
|
532
|
+
<span class="ruby-keyword kw">end</span>
|
533
|
+
<span class="ruby-keyword kw">end</span>
|
534
|
+
</pre>
|
535
|
+
</div>
|
536
|
+
</div>
|
537
|
+
</div>
|
538
|
+
|
539
|
+
<div id="method-M000017" class="method-detail">
|
540
|
+
<a name="M000017"></a>
|
541
|
+
|
542
|
+
<div class="method-heading">
|
543
|
+
<a href="#M000017" class="method-signature">
|
544
|
+
<span class="method-name">permission_denied</span><span class="method-args">()</span>
|
545
|
+
</a>
|
546
|
+
</div>
|
547
|
+
|
548
|
+
<div class="method-description">
|
549
|
+
<p><a class="source-toggle" href="#"
|
550
|
+
onclick="toggleCode('M000017-source');return false;">[Source]</a></p>
|
551
|
+
<div class="method-source-code" id="M000017-source">
|
552
|
+
<pre>
|
553
|
+
<span class="ruby-comment cmt"># File lib/action_controller/authentic_application.rb, line 140</span>
|
554
|
+
<span class="ruby-keyword kw">def</span> <span class="ruby-identifier">permission_denied</span>
|
555
|
+
<span class="ruby-identifier">respond_to</span> <span class="ruby-keyword kw">do</span> <span class="ruby-operator">|</span><span class="ruby-identifier">format</span><span class="ruby-operator">|</span>
|
556
|
+
<span class="ruby-identifier">format</span>.<span class="ruby-identifier">html</span> <span class="ruby-keyword kw">do</span>
|
557
|
+
<span class="ruby-comment cmt">#Put your domain name here ex. http://www.example.com</span>
|
558
|
+
<span class="ruby-identifier">domain_name</span> = <span class="ruby-constant">GlobalConfig</span>.<span class="ruby-identifier">application_base_url</span>
|
559
|
+
<span class="ruby-identifier">http_referer</span> = <span class="ruby-identifier">session</span>[<span class="ruby-identifier">:refer_to</span>]
|
560
|
+
<span class="ruby-keyword kw">if</span> <span class="ruby-identifier">http_referer</span>.<span class="ruby-identifier">nil?</span>
|
561
|
+
<span class="ruby-identifier">store_referer</span>
|
562
|
+
<span class="ruby-identifier">http_referer</span> = ( <span class="ruby-identifier">session</span>[<span class="ruby-identifier">:refer_to</span>] <span class="ruby-operator">||</span> <span class="ruby-identifier">domain_name</span> )
|
563
|
+
<span class="ruby-keyword kw">end</span>
|
564
|
+
<span class="ruby-identifier">flash</span>[<span class="ruby-identifier">:error</span>] = <span class="ruby-constant">I18n</span>.<span class="ruby-identifier">t</span>(<span class="ruby-value str">'muck.users.permission_denied'</span>)
|
565
|
+
<span class="ruby-comment cmt">#The [0..20] represents the 21 characters in http://localhost:3000</span>
|
566
|
+
<span class="ruby-comment cmt">#You have to set that to the number of characters in your domain name</span>
|
567
|
+
<span class="ruby-keyword kw">if</span> <span class="ruby-identifier">http_referer</span>[<span class="ruby-value">0</span><span class="ruby-operator">..</span><span class="ruby-identifier">domain_name</span>.<span class="ruby-identifier">length</span>] <span class="ruby-operator">!=</span> <span class="ruby-identifier">domain_name</span>
|
568
|
+
<span class="ruby-identifier">session</span>[<span class="ruby-identifier">:refer_to</span>] = <span class="ruby-keyword kw">nil</span>
|
569
|
+
<span class="ruby-identifier">redirect_to</span> <span class="ruby-identifier">root_path</span>
|
570
|
+
<span class="ruby-keyword kw">else</span>
|
571
|
+
<span class="ruby-identifier">redirect_to_referer_or_default</span>(<span class="ruby-identifier">root_path</span>)
|
572
|
+
<span class="ruby-keyword kw">end</span>
|
573
|
+
<span class="ruby-keyword kw">end</span>
|
574
|
+
<span class="ruby-identifier">format</span>.<span class="ruby-identifier">xml</span> <span class="ruby-keyword kw">do</span>
|
575
|
+
<span class="ruby-identifier">headers</span>[<span class="ruby-value str">"Status"</span>] = <span class="ruby-value str">"Unauthorized"</span>
|
576
|
+
<span class="ruby-identifier">headers</span>[<span class="ruby-value str">"WWW-Authenticate"</span>] = <span class="ruby-value str">%(Basic realm="Web Password")</span>
|
577
|
+
<span class="ruby-identifier">render</span> <span class="ruby-identifier">:text</span> =<span class="ruby-operator">></span> <span class="ruby-constant">I18n</span>.<span class="ruby-identifier">t</span>(<span class="ruby-value str">'muck.users.permission_denied'</span>), <span class="ruby-identifier">:status</span> =<span class="ruby-operator">></span> <span class="ruby-value str">'401 Unauthorized'</span>
|
578
|
+
<span class="ruby-keyword kw">end</span>
|
579
|
+
<span class="ruby-identifier">format</span>.<span class="ruby-identifier">js</span> <span class="ruby-keyword kw">do</span>
|
580
|
+
<span class="ruby-identifier">render</span> <span class="ruby-identifier">:text</span> =<span class="ruby-operator">></span> <span class="ruby-constant">I18n</span>.<span class="ruby-identifier">t</span>(<span class="ruby-value str">'muck.users.permission_denied'</span>)
|
581
|
+
<span class="ruby-keyword kw">end</span>
|
582
|
+
<span class="ruby-keyword kw">end</span>
|
583
|
+
<span class="ruby-keyword kw">end</span>
|
584
|
+
</pre>
|
585
|
+
</div>
|
586
|
+
</div>
|
587
|
+
</div>
|
588
|
+
|
589
|
+
<div id="method-M000012" class="method-detail">
|
590
|
+
<a name="M000012"></a>
|
591
|
+
|
592
|
+
<div class="method-heading">
|
593
|
+
<a href="#M000012" class="method-signature">
|
594
|
+
<span class="method-name">protect_owner</span><span class="method-args">(obj)</span>
|
595
|
+
</a>
|
596
|
+
</div>
|
597
|
+
|
598
|
+
<div class="method-description">
|
599
|
+
<p>
|
600
|
+
checks permissions on an object. Redirects if the current user
|
601
|
+
doesn‘t own it or have admin rights
|
602
|
+
</p>
|
603
|
+
<p><a class="source-toggle" href="#"
|
604
|
+
onclick="toggleCode('M000012-source');return false;">[Source]</a></p>
|
605
|
+
<div class="method-source-code" id="M000012-source">
|
606
|
+
<pre>
|
607
|
+
<span class="ruby-comment cmt"># File lib/action_controller/authentic_application.rb, line 81</span>
|
608
|
+
<span class="ruby-keyword kw">def</span> <span class="ruby-identifier">protect_owner</span>(<span class="ruby-identifier">obj</span>)
|
609
|
+
<span class="ruby-keyword kw">if</span> <span class="ruby-identifier">is_owner?</span>(<span class="ruby-identifier">obj</span>) <span class="ruby-operator">||</span> <span class="ruby-identifier">admin?</span>
|
610
|
+
<span class="ruby-keyword kw">true</span>
|
611
|
+
<span class="ruby-keyword kw">else</span>
|
612
|
+
<span class="ruby-identifier">permission_denied</span>
|
613
|
+
<span class="ruby-keyword kw">false</span>
|
614
|
+
<span class="ruby-keyword kw">end</span>
|
615
|
+
<span class="ruby-keyword kw">end</span>
|
616
|
+
</pre>
|
617
|
+
</div>
|
618
|
+
</div>
|
619
|
+
</div>
|
620
|
+
|
621
|
+
<div id="method-M000021" class="method-detail">
|
622
|
+
<a name="M000021"></a>
|
623
|
+
|
624
|
+
<div class="method-heading">
|
625
|
+
<a href="#M000021" class="method-signature">
|
626
|
+
<span class="method-name">redirect_back_or_default</span><span class="method-args">(default)</span>
|
627
|
+
</a>
|
628
|
+
</div>
|
629
|
+
|
630
|
+
<div class="method-description">
|
631
|
+
<p>
|
632
|
+
Redirect to the URI stored by the most recent <a
|
633
|
+
href="InstanceMethods.html#M000019">store_location</a> call or to the
|
634
|
+
passed default.
|
635
|
+
</p>
|
636
|
+
<p><a class="source-toggle" href="#"
|
637
|
+
onclick="toggleCode('M000021-source');return false;">[Source]</a></p>
|
638
|
+
<div class="method-source-code" id="M000021-source">
|
639
|
+
<pre>
|
640
|
+
<span class="ruby-comment cmt"># File lib/action_controller/authentic_application.rb, line 194</span>
|
641
|
+
<span class="ruby-keyword kw">def</span> <span class="ruby-identifier">redirect_back_or_default</span>(<span class="ruby-identifier">default</span>)
|
642
|
+
<span class="ruby-identifier">redirect_to</span>(<span class="ruby-identifier">session</span>[<span class="ruby-identifier">:return_to</span>] <span class="ruby-operator">||</span> <span class="ruby-identifier">default</span>)
|
643
|
+
<span class="ruby-identifier">session</span>[<span class="ruby-identifier">:return_to</span>] = <span class="ruby-keyword kw">nil</span>
|
644
|
+
<span class="ruby-keyword kw">end</span>
|
645
|
+
</pre>
|
646
|
+
</div>
|
647
|
+
</div>
|
648
|
+
</div>
|
649
|
+
|
650
|
+
<div id="method-M000022" class="method-detail">
|
651
|
+
<a name="M000022"></a>
|
652
|
+
|
653
|
+
<div class="method-heading">
|
654
|
+
<a href="#M000022" class="method-signature">
|
655
|
+
<span class="method-name">redirect_to_referer_or_default</span><span class="method-args">(default)</span>
|
656
|
+
</a>
|
657
|
+
</div>
|
658
|
+
|
659
|
+
<div class="method-description">
|
660
|
+
<p><a class="source-toggle" href="#"
|
661
|
+
onclick="toggleCode('M000022-source');return false;">[Source]</a></p>
|
662
|
+
<div class="method-source-code" id="M000022-source">
|
663
|
+
<pre>
|
664
|
+
<span class="ruby-comment cmt"># File lib/action_controller/authentic_application.rb, line 199</span>
|
665
|
+
<span class="ruby-keyword kw">def</span> <span class="ruby-identifier">redirect_to_referer_or_default</span>(<span class="ruby-identifier">default</span>)
|
666
|
+
<span class="ruby-identifier">redirect_to</span>(<span class="ruby-identifier">session</span>[<span class="ruby-identifier">:refer_to</span>] <span class="ruby-operator">||</span> <span class="ruby-identifier">default</span>)
|
667
|
+
<span class="ruby-identifier">session</span>[<span class="ruby-identifier">:refer_to</span>] = <span class="ruby-keyword kw">nil</span>
|
668
|
+
<span class="ruby-keyword kw">end</span>
|
669
|
+
</pre>
|
670
|
+
</div>
|
671
|
+
</div>
|
672
|
+
</div>
|
673
|
+
|
674
|
+
<div id="method-M000019" class="method-detail">
|
675
|
+
<a name="M000019"></a>
|
676
|
+
|
677
|
+
<div class="method-heading">
|
678
|
+
<a href="#M000019" class="method-signature">
|
679
|
+
<span class="method-name">store_location</span><span class="method-args">()</span>
|
680
|
+
</a>
|
681
|
+
</div>
|
682
|
+
|
683
|
+
<div class="method-description">
|
684
|
+
<p>
|
685
|
+
Store the URI of the current request in the session. We can return to this
|
686
|
+
location by calling <a
|
687
|
+
href="InstanceMethods.html#M000021">redirect_back_or_default</a>. Only
|
688
|
+
store html requests so we don‘t redirect a user back to and rss or
|
689
|
+
xml feed
|
690
|
+
</p>
|
691
|
+
<p><a class="source-toggle" href="#"
|
692
|
+
onclick="toggleCode('M000019-source');return false;">[Source]</a></p>
|
693
|
+
<div class="method-source-code" id="M000019-source">
|
694
|
+
<pre>
|
695
|
+
<span class="ruby-comment cmt"># File lib/action_controller/authentic_application.rb, line 182</span>
|
696
|
+
<span class="ruby-keyword kw">def</span> <span class="ruby-identifier">store_location</span>
|
697
|
+
<span class="ruby-keyword kw">if</span> <span class="ruby-identifier">request</span>.<span class="ruby-identifier">format</span> <span class="ruby-operator">==</span> <span class="ruby-identifier">:html</span>
|
698
|
+
<span class="ruby-identifier">session</span>[<span class="ruby-identifier">:return_to</span>] = <span class="ruby-identifier">request</span>.<span class="ruby-identifier">request_uri</span>
|
699
|
+
<span class="ruby-keyword kw">end</span>
|
700
|
+
<span class="ruby-keyword kw">end</span>
|
701
|
+
</pre>
|
702
|
+
</div>
|
703
|
+
</div>
|
704
|
+
</div>
|
705
|
+
|
706
|
+
<div id="method-M000020" class="method-detail">
|
707
|
+
<a name="M000020"></a>
|
708
|
+
|
709
|
+
<div class="method-heading">
|
710
|
+
<a href="#M000020" class="method-signature">
|
711
|
+
<span class="method-name">store_referer</span><span class="method-args">()</span>
|
712
|
+
</a>
|
713
|
+
</div>
|
714
|
+
|
715
|
+
<div class="method-description">
|
716
|
+
<p><a class="source-toggle" href="#"
|
717
|
+
onclick="toggleCode('M000020-source');return false;">[Source]</a></p>
|
718
|
+
<div class="method-source-code" id="M000020-source">
|
719
|
+
<pre>
|
720
|
+
<span class="ruby-comment cmt"># File lib/action_controller/authentic_application.rb, line 188</span>
|
721
|
+
<span class="ruby-keyword kw">def</span> <span class="ruby-identifier">store_referer</span>
|
722
|
+
<span class="ruby-identifier">session</span>[<span class="ruby-identifier">:refer_to</span>] = <span class="ruby-identifier">request</span>.<span class="ruby-identifier">env</span>[<span class="ruby-value str">"HTTP_REFERER"</span>]
|
723
|
+
<span class="ruby-keyword kw">end</span>
|
724
|
+
</pre>
|
725
|
+
</div>
|
726
|
+
</div>
|
727
|
+
</div>
|
728
|
+
|
729
|
+
|
730
|
+
</div>
|
731
|
+
|
732
|
+
|
733
|
+
</div>
|
734
|
+
|
735
|
+
|
736
|
+
<div id="validator-badges">
|
737
|
+
<p><small><a href="http://validator.w3.org/check/referer">[Validate]</a></small></p>
|
738
|
+
</div>
|
739
|
+
|
740
|
+
</body>
|
741
|
+
</html>
|