12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
|
# File 'lib/generators/vigilante/install/install_generator.rb', line 12
def adapt_application_controller
inject_into_file "app/controllers/application_controller.rb", :after => "class ApplicationController < ActionController::Base" do <<CODE
protected_by_vigilante
#----------------------------------
# Begin Vigilante glue code
#
# note: you can easily rename the functions, the function-names are configured in the
# the @vigilante_config.yml@ configuration file.
#
#----------------------------------
# retrieves the current context, this is called at the top of the @check_permissions@ function.
# This means that inside a nested resource, the nested resources should be retrieved before the
# @check_permissions@ is called, e.g. in a @:before_filter@. This is considered good practice anyway.
#
def current_context
# example :
# context = @blog || @blogs
# context = [context] unless context.nil? || context.is_a?(Array)
nil
end
# retrieves the id from your chosen context-object. You should rename to something more meaningful
# like
#
# get_blog_id_from_context_object
#
# As the extents are stored by id, this is used to check which permissions are valid for you (in this context).
#
def get_context_id_from_context_object(obj)
=begin
# example
logger.debug "get_asp_id_from_context_object received \#{obj.inspect}"
blog_id = if obj.is_a?(Blog)
obj.id
elsif obj.is_a?(Post) || obj.is_a?(Author)
obj.blog_id
else
0
end
blog_id.to_s
=end
"0"
end
# this is used by the finders, to allow automatic finding of the resources, if needed
# You should rename this, for clarity sake, to which parameter you look for (nested resource)
# In this case:
# find_blog_by_blog_id
#
#
def find_context_by_context_id
=begin
@blog = Blog.find_by_id(params[:blog_id]) if params[:blog_id].present?
=end
end
#----------------------------------
# End Vigilante glue code
#----------------------------------
CODE
end
end
|