Module: Puffer::Controller::Auth::InstanceMethods

Defined in:
lib/puffer/controller/auth.rb

Instance Method Summary collapse

Instance Method Details

#current_puffer_userObject

Return current user instance, used for authorization. This method can be redefined in ApplicationController if you want to use application’s auth system.

ex:

class ApplicationController < ActionController::Base
  def current_puffer_user
    current_user
  end
end

In this case returner user model instance should respond to has_role? method, or you should properly redefine has_puffer_access? See has_puffer_access? source and docs.



37
38
39
 
# File 'lib/puffer/controller/auth.rb', line 37

def current_puffer_user
  @current_puffer_user ||= super rescue (PufferUser.find(session[:puffer_user_id]) if session[:puffer_user_id])
end

#has_puffer_access?(namespace) ⇒ Boolean

This method is also part of auth system and it can be redefined at the ApplicationController.

ex:

class ApplicationController < ActionController::Base
  # <tt>current_puffer_user.admin?</tt>
  # <tt>current_puffer_user.manager?</tt>
  # <tt>current_puffer_user.seo?</tt>
  def has_puffer_access? namespace
    current_puffer_user.send("#{namespace}?")
  end
end

Returns:

  • (Boolean) 


62
63
64
 
# File 'lib/puffer/controller/auth.rb', line 62

def has_puffer_access? namespace
  super rescue (current_puffer_user && current_puffer_user.has_role?(namespace))
end

#require_puffer_userObject

Used in before_filter to prevent unauthorized access



42
43
44
45
46
47
 
# File 'lib/puffer/controller/auth.rb', line 42

def require_puffer_user
  unless has_puffer_access?(puffer_namespace)
    redirect_to new_admin_session_url(:return_to => request.fullpath)
    return false
  end
end