muck-users 0.1.0 → 0.1.1

data/rdoc/classes/ActionController/AuthenticApplication.html

@@ -0,0 +1,161 @@
+<?xml version="1.0" encoding="iso-8859-1"?>
+<!DOCTYPE html 
+     PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+     "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
+<head>
+  <title>Module: ActionController::AuthenticApplication</title>
+  <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
+  <meta http-equiv="Content-Script-Type" content="text/javascript" />
+  <link rel="stylesheet" href="../.././rdoc-style.css" type="text/css" media="screen" />
+  <script type="text/javascript">
+  // <![CDATA[
+
+  function popupCode( url ) {
+    window.open(url, "Code", "resizable=yes,scrollbars=yes,toolbar=no,status=no,height=150,width=400")
+  }
+
+  function toggleCode( id ) {
+    if ( document.getElementById )
+      elem = document.getElementById( id );
+    else if ( document.all )
+      elem = eval( "document.all." + id );
+    else
+      return false;
+
+    elemStyle = elem.style;
+    
+    if ( elemStyle.display != "block" ) {
+      elemStyle.display = "block"
+    } else {
+      elemStyle.display = "none"
+    }
+
+    return true;
+  }
+  
+  // Make codeblocks hidden by default
+  document.writeln( "<style type=\"text/css\">div.method-source-code { display: none }</style>" )
+  
+  // ]]>
+  </script>
+
+</head>
+<body>
+
+
+
+    <div id="classHeader">
+        <table class="header-table">
+        <tr class="top-aligned-row">
+          <td><strong>Module</strong></td>
+          <td class="class-name-in-header">ActionController::AuthenticApplication</td>
+        </tr>
+        <tr class="top-aligned-row">
+            <td><strong>In:</strong></td>
+            <td>
+                <a href="../../files/lib/action_controller/authentic_application_rb.html">
+                lib/action_controller/authentic_application.rb
+                </a>
+        <br />
+            </td>
+        </tr>
+
+        </table>
+    </div>
+  <!-- banner header -->
+
+  <div id="bodyContent">
+
+
+
+  <div id="contextContent">
+
+
+
+   </div>
+
+    <div id="method-list">
+      <h3 class="section-bar">Methods</h3>
+
+      <div class="name-list">
+      <a href="#M000001">included</a>&nbsp;&nbsp;
+      </div>
+    </div>
+
+  </div>
+
+
+    <!-- if includes -->
+    <div id="includes">
+      <h3 class="section-bar">Included Modules</h3>
+
+      <div id="includes-list">
+        <span class="include-name"><a href="AuthenticApplication/InstanceMethods.html">InstanceMethods</a></span>
+      </div>
+    </div>
+
+    <div id="section">
+
+    <div id="class-list">
+      <h3 class="section-bar">Classes and Modules</h3>
+
+      Module <a href="AuthenticApplication/InstanceMethods.html" class="link">ActionController::AuthenticApplication::InstanceMethods</a><br />
+
+    </div>
+
+
+
+
+      
+
+
+    <!-- if method_list -->
+    <div id="methods">
+      <h3 class="section-bar">Public Class methods</h3>
+
+      <div id="method-M000001" class="method-detail">
+        <a name="M000001"></a>
+
+        <div class="method-heading">
+          <a href="#M000001" class="method-signature">
+          <span class="method-name">included</span><span class="method-args">(base)</span>
+          </a>
+        </div>
+      
+        <div class="method-description">
+          <p>
+Module automatically mixed into the all controllers
+</p>
+          <p><a class="source-toggle" href="#"
+            onclick="toggleCode('M000001-source');return false;">[Source]</a></p>
+          <div class="method-source-code" id="M000001-source">
+<pre>
+<span class="ruby-comment cmt"># File lib/action_controller/authentic_application.rb, line 6</span>
+    <span class="ruby-keyword kw">def</span> <span class="ruby-keyword kw">self</span>.<span class="ruby-identifier">included</span>(<span class="ruby-identifier">base</span>)
+      <span class="ruby-identifier">base</span>.<span class="ruby-identifier">class_eval</span> <span class="ruby-keyword kw">do</span>
+        <span class="ruby-identifier">include</span> <span class="ruby-constant">InstanceMethods</span>
+      <span class="ruby-keyword kw">end</span>
+      <span class="ruby-comment cmt"># Inclusion hook to make #current_user and #logged_in?, etc available as ActionView helper methods.</span>
+      <span class="ruby-identifier">base</span>.<span class="ruby-identifier">send</span> <span class="ruby-identifier">:helper_method</span>, <span class="ruby-identifier">:current_user_session</span>, <span class="ruby-identifier">:current_user</span>, <span class="ruby-identifier">:logged_in?</span>, <span class="ruby-identifier">:admin?</span>, <span class="ruby-identifier">:is_me?</span>, <span class="ruby-identifier">:is_owner?</span>
+      <span class="ruby-identifier">base</span>.<span class="ruby-identifier">send</span> <span class="ruby-identifier">:filter_parameter_logging</span>, <span class="ruby-identifier">:password</span>, <span class="ruby-identifier">:password_confirmation</span>
+    <span class="ruby-keyword kw">end</span>
+</pre>
+          </div>
+        </div>
+      </div>
+
+
+    </div>
+
+
+  </div>
+
+
+<div id="validator-badges">
+  <p><small><a href="http://validator.w3.org/check/referer">[Validate]</a></small></p>
+</div>
+
+</body>
+</html>

data/rdoc/classes/ActionController/AuthenticApplication/InstanceMethods.html

@@ -0,0 +1,741 @@
+<?xml version="1.0" encoding="iso-8859-1"?>
+<!DOCTYPE html 
+     PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+     "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
+<head>
+  <title>Module: ActionController::AuthenticApplication::InstanceMethods</title>
+  <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
+  <meta http-equiv="Content-Script-Type" content="text/javascript" />
+  <link rel="stylesheet" href="../../.././rdoc-style.css" type="text/css" media="screen" />
+  <script type="text/javascript">
+  // <![CDATA[
+
+  function popupCode( url ) {
+    window.open(url, "Code", "resizable=yes,scrollbars=yes,toolbar=no,status=no,height=150,width=400")
+  }
+
+  function toggleCode( id ) {
+    if ( document.getElementById )
+      elem = document.getElementById( id );
+    else if ( document.all )
+      elem = eval( "document.all." + id );
+    else
+      return false;
+
+    elemStyle = elem.style;
+    
+    if ( elemStyle.display != "block" ) {
+      elemStyle.display = "block"
+    } else {
+      elemStyle.display = "none"
+    }
+
+    return true;
+  }
+  
+  // Make codeblocks hidden by default
+  document.writeln( "<style type=\"text/css\">div.method-source-code { display: none }</style>" )
+  
+  // ]]>
+  </script>
+
+</head>
+<body>
+
+
+
+    <div id="classHeader">
+        <table class="header-table">
+        <tr class="top-aligned-row">
+          <td><strong>Module</strong></td>
+          <td class="class-name-in-header">ActionController::AuthenticApplication::InstanceMethods</td>
+        </tr>
+        <tr class="top-aligned-row">
+            <td><strong>In:</strong></td>
+            <td>
+                <a href="../../../files/lib/action_controller/authentic_application_rb.html">
+                lib/action_controller/authentic_application.rb
+                </a>
+        <br />
+            </td>
+        </tr>
+
+        </table>
+    </div>
+  <!-- banner header -->
+
+  <div id="bodyContent">
+
+
+
+  <div id="contextContent">
+
+
+
+   </div>
+
+    <div id="method-list">
+      <h3 class="section-bar">Methods</h3>
+
+      <div class="name-list">
+      <a href="#M000016">access_denied</a>&nbsp;&nbsp;
+      <a href="#M000008">admin?</a>&nbsp;&nbsp;
+      <a href="#M000013">allowed_access?</a>&nbsp;&nbsp;
+      <a href="#M000014">can_access?</a>&nbsp;&nbsp;
+      <a href="#M000007">check_role</a>&nbsp;&nbsp;
+      <a href="#M000004">current_user</a>&nbsp;&nbsp;
+      <a href="#M000003">current_user_session</a>&nbsp;&nbsp;
+      <a href="#M000018">enforce_logout_required</a>&nbsp;&nbsp;
+      <a href="#M000011">is_me?</a>&nbsp;&nbsp;
+      <a href="#M000015">is_mine?</a>&nbsp;&nbsp;
+      <a href="#M000009">is_owner?</a>&nbsp;&nbsp;
+      <a href="#M000010">is_owner?</a>&nbsp;&nbsp;
+      <a href="#M000002">logged_in?</a>&nbsp;&nbsp;
+      <a href="#M000005">login_required</a>&nbsp;&nbsp;
+      <a href="#M000006">not_logged_in_required</a>&nbsp;&nbsp;
+      <a href="#M000017">permission_denied</a>&nbsp;&nbsp;
+      <a href="#M000012">protect_owner</a>&nbsp;&nbsp;
+      <a href="#M000021">redirect_back_or_default</a>&nbsp;&nbsp;
+      <a href="#M000022">redirect_to_referer_or_default</a>&nbsp;&nbsp;
+      <a href="#M000019">store_location</a>&nbsp;&nbsp;
+      <a href="#M000020">store_referer</a>&nbsp;&nbsp;
+      </div>
+    </div>
+
+  </div>
+
+
+    <!-- if includes -->
+
+    <div id="section">
+
+
+
+
+
+      
+
+
+    <!-- if method_list -->
+    <div id="methods">
+      <h3 class="section-bar">Protected Instance methods</h3>
+
+      <div id="method-M000016" class="method-detail">
+        <a name="M000016"></a>
+
+        <div class="method-heading">
+          <a href="#M000016" class="method-signature">
+          <span class="method-name">access_denied</span><span class="method-args">()</span>
+          </a>
+        </div>
+      
+        <div class="method-description">
+          <p>
+Redirect as appropriate when an access request fails.
+</p>
+<p>
+The default action is to redirect to the login screen.
+</p>
+<p>
+Override this method in your controllers if you want to have special
+behavior in case the user is not authorized to access the requested action.
+For example, a popup window might simply close itself.
+</p>
+          <p><a class="source-toggle" href="#"
+            onclick="toggleCode('M000016-source');return false;">[Source]</a></p>
+          <div class="method-source-code" id="M000016-source">
+<pre>
+<span class="ruby-comment cmt"># File lib/action_controller/authentic_application.rb, line 127</span>
+      <span class="ruby-keyword kw">def</span> <span class="ruby-identifier">access_denied</span>
+        <span class="ruby-identifier">respond_to</span> <span class="ruby-keyword kw">do</span> <span class="ruby-operator">|</span><span class="ruby-identifier">format</span><span class="ruby-operator">|</span>
+          <span class="ruby-identifier">format</span>.<span class="ruby-identifier">html</span> <span class="ruby-keyword kw">do</span>
+            <span class="ruby-identifier">store_location</span>
+            <span class="ruby-identifier">flash</span>[<span class="ruby-identifier">:error</span>] = <span class="ruby-constant">I18n</span>.<span class="ruby-identifier">t</span>(<span class="ruby-value str">'muck.users.access_denied'</span>)
+            <span class="ruby-identifier">redirect_to</span> <span class="ruby-identifier">login_path</span>
+          <span class="ruby-keyword kw">end</span>
+          <span class="ruby-identifier">format</span>.<span class="ruby-identifier">xml</span> <span class="ruby-keyword kw">do</span>
+            <span class="ruby-identifier">request_http_basic_authentication</span> <span class="ruby-value str">'Web Password'</span>
+          <span class="ruby-keyword kw">end</span>
+        <span class="ruby-keyword kw">end</span>
+      <span class="ruby-keyword kw">end</span>
+</pre>
+          </div>
+        </div>
+      </div>
+
+      <div id="method-M000008" class="method-detail">
+        <a name="M000008"></a>
+
+        <div class="method-heading">
+          <a href="#M000008" class="method-signature">
+          <span class="method-name">admin?</span><span class="method-args">()</span>
+          </a>
+        </div>
+      
+        <div class="method-description">
+          <p><a class="source-toggle" href="#"
+            onclick="toggleCode('M000008-source');return false;">[Source]</a></p>
+          <div class="method-source-code" id="M000008-source">
+<pre>
+<span class="ruby-comment cmt"># File lib/action_controller/authentic_application.rb, line 61</span>
+      <span class="ruby-keyword kw">def</span> <span class="ruby-identifier">admin?</span>
+        <span class="ruby-identifier">logged_in?</span> <span class="ruby-operator">&amp;&amp;</span> <span class="ruby-identifier">current_user</span>.<span class="ruby-identifier">admin?</span>
+      <span class="ruby-keyword kw">end</span>
+</pre>
+          </div>
+        </div>
+      </div>
+
+      <div id="method-M000013" class="method-detail">
+        <a name="M000013"></a>
+
+        <div class="method-heading">
+          <a href="#M000013" class="method-signature">
+          <span class="method-name">allowed_access?</span><span class="method-args">(options)</span>
+          </a>
+        </div>
+      
+        <div class="method-description">
+          <p>
+allow or deny access depending on options specified
+</p>
+          <p><a class="source-toggle" href="#"
+            onclick="toggleCode('M000013-source');return false;">[Source]</a></p>
+          <div class="method-source-code" id="M000013-source">
+<pre>
+<span class="ruby-comment cmt"># File lib/action_controller/authentic_application.rb, line 91</span>
+      <span class="ruby-keyword kw">def</span> <span class="ruby-identifier">allowed_access?</span>(<span class="ruby-identifier">options</span>)
+        <span class="ruby-keyword kw">if</span> <span class="ruby-operator">!</span><span class="ruby-identifier">options</span>[<span class="ruby-identifier">:owner</span>].<span class="ruby-identifier">nil?</span> <span class="ruby-operator">&amp;&amp;</span> <span class="ruby-operator">!</span><span class="ruby-identifier">options</span>[<span class="ruby-identifier">:object_user_id</span>].<span class="ruby-identifier">nil?</span>
+          <span class="ruby-keyword kw">return</span> <span class="ruby-keyword kw">true</span> <span class="ruby-keyword kw">if</span> <span class="ruby-identifier">is_owner?</span>(<span class="ruby-identifier">options</span>[<span class="ruby-identifier">:owner</span>], <span class="ruby-identifier">options</span>[<span class="ruby-identifier">:object_user_id</span>])
+        <span class="ruby-keyword kw">end</span>
+
+        <span class="ruby-identifier">options</span>[<span class="ruby-identifier">:permit_roles</span>].<span class="ruby-identifier">each</span> <span class="ruby-keyword kw">do</span> <span class="ruby-operator">|</span><span class="ruby-identifier">role</span><span class="ruby-operator">|</span>
+          <span class="ruby-keyword kw">return</span> <span class="ruby-keyword kw">true</span> <span class="ruby-keyword kw">if</span> <span class="ruby-identifier">current_user</span>.<span class="ruby-identifier">has_role?</span>(<span class="ruby-identifier">role</span>)
+        <span class="ruby-keyword kw">end</span>
+
+        <span class="ruby-comment cmt"># access denied</span>
+        <span class="ruby-identifier">permission_denied</span>
+        <span class="ruby-keyword kw">false</span> 
+      <span class="ruby-keyword kw">end</span>
+</pre>
+          </div>
+        </div>
+      </div>
+
+      <div id="method-M000014" class="method-detail">
+        <a name="M000014"></a>
+
+        <div class="method-heading">
+          <a href="#M000014" class="method-signature">
+          <span class="method-name">can_access?</span><span class="method-args">(user, object, roles, &amp;block)</span>
+          </a>
+        </div>
+      
+        <div class="method-description">
+          <p><a class="source-toggle" href="#"
+            onclick="toggleCode('M000014-source');return false;">[Source]</a></p>
+          <div class="method-source-code" id="M000014-source">
+<pre>
+<span class="ruby-comment cmt"># File lib/action_controller/authentic_application.rb, line 105</span>
+      <span class="ruby-keyword kw">def</span> <span class="ruby-identifier">can_access?</span>(<span class="ruby-identifier">user</span>, <span class="ruby-identifier">object</span>, <span class="ruby-identifier">roles</span>, <span class="ruby-operator">&amp;</span><span class="ruby-identifier">block</span>)
+        <span class="ruby-keyword kw">if</span> <span class="ruby-identifier">logged_in?</span> <span class="ruby-operator">&amp;&amp;</span> <span class="ruby-identifier">user</span>.<span class="ruby-identifier">is_in_role?</span>(<span class="ruby-identifier">event</span>, <span class="ruby-identifier">roles</span>)
+          <span class="ruby-identifier">content</span> = <span class="ruby-identifier">capture</span>(<span class="ruby-operator">&amp;</span><span class="ruby-identifier">block</span>)
+          <span class="ruby-identifier">concat</span>(<span class="ruby-identifier">content</span>, <span class="ruby-identifier">block</span>.<span class="ruby-identifier">binding</span>)
+        <span class="ruby-keyword kw">end</span>
+      <span class="ruby-keyword kw">end</span>
+</pre>
+          </div>
+        </div>
+      </div>
+
+      <div id="method-M000007" class="method-detail">
+        <a name="M000007"></a>
+
+        <div class="method-heading">
+          <a href="#M000007" class="method-signature">
+          <span class="method-name">check_role</span><span class="method-args">(role)</span>
+          </a>
+        </div>
+      
+        <div class="method-description">
+          <p><a class="source-toggle" href="#"
+            onclick="toggleCode('M000007-source');return false;">[Source]</a></p>
+          <div class="method-source-code" id="M000007-source">
+<pre>
+<span class="ruby-comment cmt"># File lib/action_controller/authentic_application.rb, line 50</span>
+      <span class="ruby-keyword kw">def</span> <span class="ruby-identifier">check_role</span>(<span class="ruby-identifier">role</span>)
+        <span class="ruby-keyword kw">unless</span> <span class="ruby-identifier">logged_in?</span> <span class="ruby-operator">&amp;&amp;</span> <span class="ruby-identifier">current_user</span>.<span class="ruby-identifier">has_role?</span>(<span class="ruby-identifier">role</span>)
+          <span class="ruby-keyword kw">if</span> <span class="ruby-identifier">logged_in?</span>
+            <span class="ruby-identifier">permission_denied</span>
+          <span class="ruby-keyword kw">else</span>
+            <span class="ruby-identifier">store_referer</span>
+            <span class="ruby-identifier">access_denied</span>
+          <span class="ruby-keyword kw">end</span>
+        <span class="ruby-keyword kw">end</span>
+      <span class="ruby-keyword kw">end</span>
+</pre>
+          </div>
+        </div>
+      </div>
+
+      <div id="method-M000004" class="method-detail">
+        <a name="M000004"></a>
+
+        <div class="method-heading">
+          <a href="#M000004" class="method-signature">
+          <span class="method-name">current_user</span><span class="method-args">()</span>
+          </a>
+        </div>
+      
+        <div class="method-description">
+          <p><a class="source-toggle" href="#"
+            onclick="toggleCode('M000004-source');return false;">[Source]</a></p>
+          <div class="method-source-code" id="M000004-source">
+<pre>
+<span class="ruby-comment cmt"># File lib/action_controller/authentic_application.rb, line 29</span>
+      <span class="ruby-keyword kw">def</span> <span class="ruby-identifier">current_user</span>
+        <span class="ruby-keyword kw">return</span> <span class="ruby-ivar">@current_user</span> <span class="ruby-keyword kw">if</span> <span class="ruby-keyword kw">defined?</span>(<span class="ruby-ivar">@current_user</span>)
+        <span class="ruby-ivar">@current_user</span> = <span class="ruby-identifier">current_user_session</span> <span class="ruby-operator">&amp;&amp;</span> <span class="ruby-identifier">current_user_session</span>.<span class="ruby-identifier">record</span>
+      <span class="ruby-keyword kw">end</span>
+</pre>
+          </div>
+        </div>
+      </div>
+
+      <div id="method-M000003" class="method-detail">
+        <a name="M000003"></a>
+
+        <div class="method-heading">
+          <a href="#M000003" class="method-signature">
+          <span class="method-name">current_user_session</span><span class="method-args">()</span>
+          </a>
+        </div>
+      
+        <div class="method-description">
+          <p><a class="source-toggle" href="#"
+            onclick="toggleCode('M000003-source');return false;">[Source]</a></p>
+          <div class="method-source-code" id="M000003-source">
+<pre>
+<span class="ruby-comment cmt"># File lib/action_controller/authentic_application.rb, line 24</span>
+      <span class="ruby-keyword kw">def</span> <span class="ruby-identifier">current_user_session</span>
+        <span class="ruby-keyword kw">return</span> <span class="ruby-ivar">@current_user_session</span> <span class="ruby-keyword kw">if</span> <span class="ruby-keyword kw">defined?</span>(<span class="ruby-ivar">@current_user_session</span>)
+        <span class="ruby-ivar">@current_user_session</span> = <span class="ruby-constant">UserSession</span>.<span class="ruby-identifier">find</span>
+      <span class="ruby-keyword kw">end</span>
+</pre>
+          </div>
+        </div>
+      </div>
+
+      <div id="method-M000018" class="method-detail">
+        <a name="M000018"></a>
+
+        <div class="method-heading">
+          <a href="#M000018" class="method-signature">
+          <span class="method-name">enforce_logout_required</span><span class="method-args">()</span>
+          </a>
+        </div>
+      
+        <div class="method-description">
+          <p><a class="source-toggle" href="#"
+            onclick="toggleCode('M000018-source');return false;">[Source]</a></p>
+          <div class="method-source-code" id="M000018-source">
+<pre>
+<span class="ruby-comment cmt"># File lib/action_controller/authentic_application.rb, line 171</span>
+      <span class="ruby-keyword kw">def</span> <span class="ruby-identifier">enforce_logout_required</span>
+        <span class="ruby-identifier">respond_to</span> <span class="ruby-keyword kw">do</span> <span class="ruby-operator">|</span><span class="ruby-identifier">format</span><span class="ruby-operator">|</span>
+          <span class="ruby-identifier">format</span>.<span class="ruby-identifier">html</span> <span class="ruby-keyword kw">do</span>
+            <span class="ruby-identifier">redirect_to</span> <span class="ruby-identifier">current_user</span>
+          <span class="ruby-keyword kw">end</span>
+        <span class="ruby-keyword kw">end</span>
+      <span class="ruby-keyword kw">end</span>
+</pre>
+          </div>
+        </div>
+      </div>
+
+      <div id="method-M000011" class="method-detail">
+        <a name="M000011"></a>
+
+        <div class="method-heading">
+          <a href="#M000011" class="method-signature">
+          <span class="method-name">is_me?</span><span class="method-args">(user)</span>
+          </a>
+        </div>
+      
+        <div class="method-description">
+          <p>
+check to see if the given user is the same as the current user
+</p>
+          <p><a class="source-toggle" href="#"
+            onclick="toggleCode('M000011-source');return false;">[Source]</a></p>
+          <div class="method-source-code" id="M000011-source">
+<pre>
+<span class="ruby-comment cmt"># File lib/action_controller/authentic_application.rb, line 75</span>
+      <span class="ruby-keyword kw">def</span> <span class="ruby-identifier">is_me?</span>(<span class="ruby-identifier">user</span>)
+        <span class="ruby-identifier">user</span> <span class="ruby-operator">==</span> <span class="ruby-identifier">current_user</span>
+      <span class="ruby-keyword kw">end</span>
+</pre>
+          </div>
+        </div>
+      </div>
+
+      <div id="method-M000015" class="method-detail">
+        <a name="M000015"></a>
+
+        <div class="method-heading">
+          <a href="#M000015" class="method-signature">
+          <span class="method-name">is_mine?</span><span class="method-args">(user, &amp;block)</span>
+          </a>
+        </div>
+      
+        <div class="method-description">
+          <p><a class="source-toggle" href="#"
+            onclick="toggleCode('M000015-source');return false;">[Source]</a></p>
+          <div class="method-source-code" id="M000015-source">
+<pre>
+<span class="ruby-comment cmt"># File lib/action_controller/authentic_application.rb, line 112</span>
+      <span class="ruby-keyword kw">def</span> <span class="ruby-identifier">is_mine?</span>(<span class="ruby-identifier">user</span>, <span class="ruby-operator">&amp;</span><span class="ruby-identifier">block</span>)
+        <span class="ruby-keyword kw">if</span> <span class="ruby-identifier">logged_in?</span> <span class="ruby-operator">&amp;&amp;</span> (<span class="ruby-identifier">current_user</span>.<span class="ruby-identifier">id</span> <span class="ruby-operator">==</span> <span class="ruby-identifier">user</span>.<span class="ruby-identifier">id</span>)
+          <span class="ruby-identifier">content</span> = <span class="ruby-identifier">capture</span>(<span class="ruby-operator">&amp;</span><span class="ruby-identifier">block</span>)
+          <span class="ruby-identifier">concat</span>(<span class="ruby-identifier">content</span>, <span class="ruby-identifier">block</span>.<span class="ruby-identifier">binding</span>)
+        <span class="ruby-keyword kw">end</span> 
+      <span class="ruby-keyword kw">end</span>
+</pre>
+          </div>
+        </div>
+      </div>
+
+      <div id="method-M000009" class="method-detail">
+        <a name="M000009"></a>
+
+        <div class="method-heading">
+          <a href="#M000009" class="method-signature">
+          <span class="method-name">is_owner?</span><span class="method-args">(obj)</span>
+          </a>
+        </div>
+      
+        <div class="method-description">
+          <p>
+check to see if the current user is the owner of the specified object
+</p>
+          <p><a class="source-toggle" href="#"
+            onclick="toggleCode('M000009-source');return false;">[Source]</a></p>
+          <div class="method-source-code" id="M000009-source">
+<pre>
+<span class="ruby-comment cmt"># File lib/action_controller/authentic_application.rb, line 66</span>
+      <span class="ruby-keyword kw">def</span> <span class="ruby-identifier">is_owner?</span>(<span class="ruby-identifier">obj</span>)
+        <span class="ruby-identifier">obj</span>.<span class="ruby-identifier">user_id</span> <span class="ruby-operator">==</span> <span class="ruby-identifier">current_user</span>.<span class="ruby-identifier">id</span>
+      <span class="ruby-keyword kw">end</span>
+</pre>
+          </div>
+        </div>
+      </div>
+
+      <div id="method-M000010" class="method-detail">
+        <a name="M000010"></a>
+
+        <div class="method-heading">
+          <a href="#M000010" class="method-signature">
+          <span class="method-name">is_owner?</span><span class="method-args">(user, user_id)</span>
+          </a>
+        </div>
+      
+        <div class="method-description">
+          <p><a class="source-toggle" href="#"
+            onclick="toggleCode('M000010-source');return false;">[Source]</a></p>
+          <div class="method-source-code" id="M000010-source">
+<pre>
+<span class="ruby-comment cmt"># File lib/action_controller/authentic_application.rb, line 70</span>
+      <span class="ruby-keyword kw">def</span> <span class="ruby-identifier">is_owner?</span>(<span class="ruby-identifier">user</span>, <span class="ruby-identifier">user_id</span>)
+        <span class="ruby-identifier">user</span>.<span class="ruby-identifier">id</span> <span class="ruby-operator">==</span> <span class="ruby-identifier">user_id</span>
+      <span class="ruby-keyword kw">end</span>
+</pre>
+          </div>
+        </div>
+      </div>
+
+      <div id="method-M000002" class="method-detail">
+        <a name="M000002"></a>
+
+        <div class="method-heading">
+          <a href="#M000002" class="method-signature">
+          <span class="method-name">logged_in?</span><span class="method-args">()</span>
+          </a>
+        </div>
+      
+        <div class="method-description">
+          <p>
+Returns true or false if the user is logged in.
+</p>
+          <p><a class="source-toggle" href="#"
+            onclick="toggleCode('M000002-source');return false;">[Source]</a></p>
+          <div class="method-source-code" id="M000002-source">
+<pre>
+<span class="ruby-comment cmt"># File lib/action_controller/authentic_application.rb, line 20</span>
+      <span class="ruby-keyword kw">def</span> <span class="ruby-identifier">logged_in?</span>
+        <span class="ruby-operator">!</span><span class="ruby-identifier">current_user</span>.<span class="ruby-identifier">blank?</span>
+      <span class="ruby-keyword kw">end</span>
+</pre>
+          </div>
+        </div>
+      </div>
+
+      <div id="method-M000005" class="method-detail">
+        <a name="M000005"></a>
+
+        <div class="method-heading">
+          <a href="#M000005" class="method-signature">
+          <span class="method-name">login_required</span><span class="method-args">()</span>
+          </a>
+        </div>
+      
+        <div class="method-description">
+          <p><a class="source-toggle" href="#"
+            onclick="toggleCode('M000005-source');return false;">[Source]</a></p>
+          <div class="method-source-code" id="M000005-source">
+<pre>
+<span class="ruby-comment cmt"># File lib/action_controller/authentic_application.rb, line 34</span>
+      <span class="ruby-keyword kw">def</span> <span class="ruby-identifier">login_required</span>
+        <span class="ruby-keyword kw">unless</span> <span class="ruby-identifier">logged_in?</span>
+          <span class="ruby-identifier">store_location</span>
+          <span class="ruby-identifier">flash</span>[<span class="ruby-identifier">:notice</span>] = <span class="ruby-constant">I18n</span>.<span class="ruby-identifier">t</span>(<span class="ruby-value str">'muck.users.login_requred'</span>)
+          <span class="ruby-identifier">access_denied</span>
+        <span class="ruby-keyword kw">end</span>
+      <span class="ruby-keyword kw">end</span>
+</pre>
+          </div>
+        </div>
+      </div>
+
+      <div id="method-M000006" class="method-detail">
+        <a name="M000006"></a>
+
+        <div class="method-heading">
+          <a href="#M000006" class="method-signature">
+          <span class="method-name">not_logged_in_required</span><span class="method-args">()</span>
+          </a>
+        </div>
+      
+        <div class="method-description">
+          <p><a class="source-toggle" href="#"
+            onclick="toggleCode('M000006-source');return false;">[Source]</a></p>
+          <div class="method-source-code" id="M000006-source">
+<pre>
+<span class="ruby-comment cmt"># File lib/action_controller/authentic_application.rb, line 42</span>
+      <span class="ruby-keyword kw">def</span> <span class="ruby-identifier">not_logged_in_required</span>
+        <span class="ruby-keyword kw">if</span> <span class="ruby-identifier">logged_in?</span>
+          <span class="ruby-identifier">store_location</span>
+          <span class="ruby-identifier">flash</span>[<span class="ruby-identifier">:notice</span>] = <span class="ruby-identifier">t</span>(<span class="ruby-value str">'muck.users.logout_required'</span>)
+          <span class="ruby-identifier">enforce_logout_required</span>
+        <span class="ruby-keyword kw">end</span>
+      <span class="ruby-keyword kw">end</span>
+</pre>
+          </div>
+        </div>
+      </div>
+
+      <div id="method-M000017" class="method-detail">
+        <a name="M000017"></a>
+
+        <div class="method-heading">
+          <a href="#M000017" class="method-signature">
+          <span class="method-name">permission_denied</span><span class="method-args">()</span>
+          </a>
+        </div>
+      
+        <div class="method-description">
+          <p><a class="source-toggle" href="#"
+            onclick="toggleCode('M000017-source');return false;">[Source]</a></p>
+          <div class="method-source-code" id="M000017-source">
+<pre>
+<span class="ruby-comment cmt"># File lib/action_controller/authentic_application.rb, line 140</span>
+      <span class="ruby-keyword kw">def</span> <span class="ruby-identifier">permission_denied</span>      
+        <span class="ruby-identifier">respond_to</span> <span class="ruby-keyword kw">do</span> <span class="ruby-operator">|</span><span class="ruby-identifier">format</span><span class="ruby-operator">|</span>
+          <span class="ruby-identifier">format</span>.<span class="ruby-identifier">html</span> <span class="ruby-keyword kw">do</span>
+            <span class="ruby-comment cmt">#Put your domain name here ex. http://www.example.com</span>
+            <span class="ruby-identifier">domain_name</span> = <span class="ruby-constant">GlobalConfig</span>.<span class="ruby-identifier">application_base_url</span>
+            <span class="ruby-identifier">http_referer</span> = <span class="ruby-identifier">session</span>[<span class="ruby-identifier">:refer_to</span>]
+            <span class="ruby-keyword kw">if</span> <span class="ruby-identifier">http_referer</span>.<span class="ruby-identifier">nil?</span>
+              <span class="ruby-identifier">store_referer</span>
+              <span class="ruby-identifier">http_referer</span> = ( <span class="ruby-identifier">session</span>[<span class="ruby-identifier">:refer_to</span>] <span class="ruby-operator">||</span> <span class="ruby-identifier">domain_name</span> )
+            <span class="ruby-keyword kw">end</span>
+            <span class="ruby-identifier">flash</span>[<span class="ruby-identifier">:error</span>] = <span class="ruby-constant">I18n</span>.<span class="ruby-identifier">t</span>(<span class="ruby-value str">'muck.users.permission_denied'</span>)
+            <span class="ruby-comment cmt">#The [0..20] represents the 21 characters in http://localhost:3000</span>
+            <span class="ruby-comment cmt">#You have to set that to the number of characters in your domain name</span>
+            <span class="ruby-keyword kw">if</span> <span class="ruby-identifier">http_referer</span>[<span class="ruby-value">0</span><span class="ruby-operator">..</span><span class="ruby-identifier">domain_name</span>.<span class="ruby-identifier">length</span>] <span class="ruby-operator">!=</span> <span class="ruby-identifier">domain_name</span>  
+              <span class="ruby-identifier">session</span>[<span class="ruby-identifier">:refer_to</span>] = <span class="ruby-keyword kw">nil</span>
+              <span class="ruby-identifier">redirect_to</span> <span class="ruby-identifier">root_path</span>
+            <span class="ruby-keyword kw">else</span>
+              <span class="ruby-identifier">redirect_to_referer_or_default</span>(<span class="ruby-identifier">root_path</span>)  
+            <span class="ruby-keyword kw">end</span>
+          <span class="ruby-keyword kw">end</span>
+          <span class="ruby-identifier">format</span>.<span class="ruby-identifier">xml</span> <span class="ruby-keyword kw">do</span>
+            <span class="ruby-identifier">headers</span>[<span class="ruby-value str">&quot;Status&quot;</span>]           = <span class="ruby-value str">&quot;Unauthorized&quot;</span>
+            <span class="ruby-identifier">headers</span>[<span class="ruby-value str">&quot;WWW-Authenticate&quot;</span>] = <span class="ruby-value str">%(Basic realm=&quot;Web Password&quot;)</span>
+            <span class="ruby-identifier">render</span> <span class="ruby-identifier">:text</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-constant">I18n</span>.<span class="ruby-identifier">t</span>(<span class="ruby-value str">'muck.users.permission_denied'</span>), <span class="ruby-identifier">:status</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-value str">'401 Unauthorized'</span>
+          <span class="ruby-keyword kw">end</span>
+          <span class="ruby-identifier">format</span>.<span class="ruby-identifier">js</span> <span class="ruby-keyword kw">do</span>
+            <span class="ruby-identifier">render</span> <span class="ruby-identifier">:text</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-constant">I18n</span>.<span class="ruby-identifier">t</span>(<span class="ruby-value str">'muck.users.permission_denied'</span>)
+          <span class="ruby-keyword kw">end</span>
+        <span class="ruby-keyword kw">end</span>
+      <span class="ruby-keyword kw">end</span>
+</pre>
+          </div>
+        </div>
+      </div>
+
+      <div id="method-M000012" class="method-detail">
+        <a name="M000012"></a>
+
+        <div class="method-heading">
+          <a href="#M000012" class="method-signature">
+          <span class="method-name">protect_owner</span><span class="method-args">(obj)</span>
+          </a>
+        </div>
+      
+        <div class="method-description">
+          <p>
+checks permissions on an object. Redirects if the current user
+doesn&#8216;t own it or have admin rights
+</p>
+          <p><a class="source-toggle" href="#"
+            onclick="toggleCode('M000012-source');return false;">[Source]</a></p>
+          <div class="method-source-code" id="M000012-source">
+<pre>
+<span class="ruby-comment cmt"># File lib/action_controller/authentic_application.rb, line 81</span>
+      <span class="ruby-keyword kw">def</span> <span class="ruby-identifier">protect_owner</span>(<span class="ruby-identifier">obj</span>)
+        <span class="ruby-keyword kw">if</span> <span class="ruby-identifier">is_owner?</span>(<span class="ruby-identifier">obj</span>) <span class="ruby-operator">||</span> <span class="ruby-identifier">admin?</span>
+          <span class="ruby-keyword kw">true</span>
+        <span class="ruby-keyword kw">else</span>
+          <span class="ruby-identifier">permission_denied</span>
+          <span class="ruby-keyword kw">false</span>
+        <span class="ruby-keyword kw">end</span>
+      <span class="ruby-keyword kw">end</span>
+</pre>
+          </div>
+        </div>
+      </div>
+
+      <div id="method-M000021" class="method-detail">
+        <a name="M000021"></a>
+
+        <div class="method-heading">
+          <a href="#M000021" class="method-signature">
+          <span class="method-name">redirect_back_or_default</span><span class="method-args">(default)</span>
+          </a>
+        </div>
+      
+        <div class="method-description">
+          <p>
+Redirect to the URI stored by the most recent <a
+href="InstanceMethods.html#M000019">store_location</a> call or to the
+passed default.
+</p>
+          <p><a class="source-toggle" href="#"
+            onclick="toggleCode('M000021-source');return false;">[Source]</a></p>
+          <div class="method-source-code" id="M000021-source">
+<pre>
+<span class="ruby-comment cmt"># File lib/action_controller/authentic_application.rb, line 194</span>
+      <span class="ruby-keyword kw">def</span> <span class="ruby-identifier">redirect_back_or_default</span>(<span class="ruby-identifier">default</span>)
+        <span class="ruby-identifier">redirect_to</span>(<span class="ruby-identifier">session</span>[<span class="ruby-identifier">:return_to</span>] <span class="ruby-operator">||</span> <span class="ruby-identifier">default</span>)
+        <span class="ruby-identifier">session</span>[<span class="ruby-identifier">:return_to</span>] = <span class="ruby-keyword kw">nil</span>
+      <span class="ruby-keyword kw">end</span>
+</pre>
+          </div>
+        </div>
+      </div>
+
+      <div id="method-M000022" class="method-detail">
+        <a name="M000022"></a>
+
+        <div class="method-heading">
+          <a href="#M000022" class="method-signature">
+          <span class="method-name">redirect_to_referer_or_default</span><span class="method-args">(default)</span>
+          </a>
+        </div>
+      
+        <div class="method-description">
+          <p><a class="source-toggle" href="#"
+            onclick="toggleCode('M000022-source');return false;">[Source]</a></p>
+          <div class="method-source-code" id="M000022-source">
+<pre>
+<span class="ruby-comment cmt"># File lib/action_controller/authentic_application.rb, line 199</span>
+      <span class="ruby-keyword kw">def</span> <span class="ruby-identifier">redirect_to_referer_or_default</span>(<span class="ruby-identifier">default</span>)
+        <span class="ruby-identifier">redirect_to</span>(<span class="ruby-identifier">session</span>[<span class="ruby-identifier">:refer_to</span>] <span class="ruby-operator">||</span> <span class="ruby-identifier">default</span>)
+        <span class="ruby-identifier">session</span>[<span class="ruby-identifier">:refer_to</span>] = <span class="ruby-keyword kw">nil</span>
+      <span class="ruby-keyword kw">end</span>
+</pre>
+          </div>
+        </div>
+      </div>
+
+      <div id="method-M000019" class="method-detail">
+        <a name="M000019"></a>
+
+        <div class="method-heading">
+          <a href="#M000019" class="method-signature">
+          <span class="method-name">store_location</span><span class="method-args">()</span>
+          </a>
+        </div>
+      
+        <div class="method-description">
+          <p>
+Store the URI of the current request in the session. We can return to this
+location by calling <a
+href="InstanceMethods.html#M000021">redirect_back_or_default</a>. Only
+store html requests so we don&#8216;t redirect a user back to and rss or
+xml feed
+</p>
+          <p><a class="source-toggle" href="#"
+            onclick="toggleCode('M000019-source');return false;">[Source]</a></p>
+          <div class="method-source-code" id="M000019-source">
+<pre>
+<span class="ruby-comment cmt"># File lib/action_controller/authentic_application.rb, line 182</span>
+      <span class="ruby-keyword kw">def</span> <span class="ruby-identifier">store_location</span>
+        <span class="ruby-keyword kw">if</span> <span class="ruby-identifier">request</span>.<span class="ruby-identifier">format</span> <span class="ruby-operator">==</span> <span class="ruby-identifier">:html</span>
+          <span class="ruby-identifier">session</span>[<span class="ruby-identifier">:return_to</span>] = <span class="ruby-identifier">request</span>.<span class="ruby-identifier">request_uri</span>
+        <span class="ruby-keyword kw">end</span>
+      <span class="ruby-keyword kw">end</span>
+</pre>
+          </div>
+        </div>
+      </div>
+
+      <div id="method-M000020" class="method-detail">
+        <a name="M000020"></a>
+
+        <div class="method-heading">
+          <a href="#M000020" class="method-signature">
+          <span class="method-name">store_referer</span><span class="method-args">()</span>
+          </a>
+        </div>
+      
+        <div class="method-description">
+          <p><a class="source-toggle" href="#"
+            onclick="toggleCode('M000020-source');return false;">[Source]</a></p>
+          <div class="method-source-code" id="M000020-source">
+<pre>
+<span class="ruby-comment cmt"># File lib/action_controller/authentic_application.rb, line 188</span>
+      <span class="ruby-keyword kw">def</span> <span class="ruby-identifier">store_referer</span>
+        <span class="ruby-identifier">session</span>[<span class="ruby-identifier">:refer_to</span>] = <span class="ruby-identifier">request</span>.<span class="ruby-identifier">env</span>[<span class="ruby-value str">&quot;HTTP_REFERER&quot;</span>]
+      <span class="ruby-keyword kw">end</span>
+</pre>
+          </div>
+        </div>
+      </div>
+
+
+    </div>
+
+
+  </div>
+
+
+<div id="validator-badges">
+  <p><small><a href="http://validator.w3.org/check/referer">[Validate]</a></small></p>
+</div>
+
+</body>
+</html>