22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
|
# File 'lib/petergate/action_controller/base.rb', line 22
def access(rules = {}, &block)
if block
b_rules = block.call
rules = rules.merge(b_rules) if b_rules.is_a?(Hash)
end
instance_eval do
@_controller_rules = rules
@_controller_message = rules.delete(:message)
def controller_rules
@_controller_rules
end
def controller_message
@_controller_message || "Permission Denied"
end
def inherited(subclass)
super
subclass.instance_variable_set("@_controller_rules", instance_variable_get("@_controller_rules"))
subclass.instance_variable_set("@_controller_message", instance_variable_get("@_controller_message"))
end
end
before_action do
unless logged_in?(:root_admin)
message = permissions(self.class.controller_rules)
if message == false || message.is_a?(String)
if current_user || @user
forbidden! message
else
unauthorized!
end
end
end
end
end
|