Module: AeUsers::ControllerExtensions::RequirePermission::ClassMethods
- Defined in:
- lib/ae_users.rb
Instance Method Summary collapse
- #require_class_permission(perm_name, conditions = {}) ⇒ Object
- #require_login(conditions = {}) ⇒ Object
- #require_permission(perm_name, conditions = {}) ⇒ Object
- #rest_edit_permissions(options = {}) ⇒ Object
- #rest_permissions(options = {}) ⇒ Object
- #rest_view_permissions(options = {}) ⇒ Object
Instance Method Details
#require_class_permission(perm_name, conditions = {}) ⇒ Object
458 459 460 461 462 463 464 465 466 467 468 469 470 471 472 473 474 475 476 477 478 479 480 481 |
# File 'lib/ae_users.rb', line 458 def (perm_name, conditions = {}) delegated = false if conditions[:class_name] cn = conditions[:class_name] delegated = true elsif conditions[:class_param] cpn = conditions[:class_param] end before_filter conditions do |controller| if cn.nil? and cpn cn = controller.params[cpn] delegated = true end controller_cn = controller.class.name.gsub(/Controller$/, "").singularize cn ||= controller_cn full_perm_name = "#{perm_name}_#{cn.tableize}" if delegated msg = "Sorry, but you are not permitted to #{perm_name} #{controller_cn.tableize.humanize.downcase} in this #{cn.tableize.humanize.singularize.downcase}." else msg = "Sorry, but you are not permitted to #{perm_name} #{cn.tableize.humanize.downcase}." end controller.(nil, full_perm_name, msg) end end |
#require_login(conditions = {}) ⇒ Object
447 448 449 450 451 452 453 454 455 456 |
# File 'lib/ae_users.rb', line 447 def require_login(conditions = {}) before_filter conditions do |controller| if not controller.logged_in? controller.attempt_login_from_params if not controller.logged_in? controller.access_denied "Sorry, but you need to be logged in to view that page." end end end end |
#require_permission(perm_name, conditions = {}) ⇒ Object
483 484 485 486 487 488 489 490 491 492 493 494 495 |
# File 'lib/ae_users.rb', line 483 def (perm_name, conditions = {}) if conditions[:class_name] cn = conditions[:class_name] end id_param = conditions[:id_param] || :id before_filter conditions do |controller| cn ||= controller.class.name.gsub(/Controller$/, "").singularize o = eval(cn).find(controller.params[id_param]) if not o.nil? controller.(o, perm_name, "Sorry, but you are not permitted to #{perm_name} this #{cn.tableize.singularize.humanize.downcase}.") end end end |
#rest_edit_permissions(options = {}) ⇒ Object
497 498 499 500 501 502 503 504 505 506 507 508 |
# File 'lib/ae_users.rb', line 497 def ( = {}) = { :restrict_create => false, }.update() restrict_create = [:restrict_create] .delete(:restrict_create) ("edit", { :only => [:edit, :update] }.update()) if restrict_create ("create", { :only => [:new, :create] }.update()) end ("destroy", { :only => [:destroy] }.update()) end |
#rest_permissions(options = {}) ⇒ Object
524 525 526 527 |
# File 'lib/ae_users.rb', line 524 def ( = {}) () () end |
#rest_view_permissions(options = {}) ⇒ Object
510 511 512 513 514 515 516 517 518 519 520 521 522 |
# File 'lib/ae_users.rb', line 510 def ( = {}) = { :restrict_list => false, }.update() restrict_list = [:restrict_list] .delete(:restrict_list) if restrict_list ("list", { :only => [:index] }.update()) elsif [:class_name] ("show", { :only => [:index], :id_param => "#{[:class_name].tableize}_id" }.update()) end ("show", { :only => [:show] }.update()) end |