Module: Auth::Concerns::TokenConcern
- Extended by:
- ActiveSupport::Concern
- Included in:
- AdminCreateUsersController, AuthenticatedController, ProfilesController, RegistrationsController, SearchController, Shopping::BarCodesController, Shopping::CartItemsController, Shopping::CartsController, Shopping::DiscountsController, Shopping::PaymentsController, Shopping::PersonalitiesController, Shopping::PlacesController, Shopping::ProductsController, Work::CommunicationsController, Work::InstructionsController
- Defined in:
- app/controllers/auth/concerns/token_concern.rb
Instance Method Summary collapse
-
#add_owner_and_signed_in_resource(obj, options = {}) ⇒ Object
@param obj: the object whose owner is to be defined.
-
#add_owner_resource(obj, options = {}) ⇒ Object
only adds the owner resource if its not already present, implying that once the owner resource is set, it should never change.
-
#add_signed_in_resource(obj, options = {}) ⇒ Object
convenience method to add the current signed in resource to the model instance.
-
#current_signed_in_resource ⇒ Object
the current signed in resource.
-
#is_admin_user ⇒ Object
this is used as a before_filter.
- #lookup_resource ⇒ Object
-
#set_resource ⇒ Object
iterates all the authentication resources in the config.
Instance Method Details
#add_owner_and_signed_in_resource(obj, options = {}) ⇒ Object
184 185 186 187 188 |
# File 'app/controllers/auth/concerns/token_concern.rb', line 184 def add_owner_and_signed_in_resource(obj,={}) obj = add_owner_resource(obj,) obj = add_signed_in_resource(obj,) obj end |
#add_owner_resource(obj, options = {}) ⇒ Object
only adds the owner resource if its not already present, implying that once the owner resource is set, it should never change.
168 169 170 171 172 173 174 175 176 177 178 179 |
# File 'app/controllers/auth/concerns/token_concern.rb', line 168 def add_owner_resource(obj,={}) if (obj.respond_to? :resource_id) && (obj.respond_to? :resource_class) if [:owner_is_current_resource] obj.resource_id = current_signed_in_resource.id.to_s if obj.resource_id.nil? obj.resource_class = current_signed_in_resource.class.name.to_s if obj.resource_class.nil? else obj.resource_id = lookup_resource.id.to_s if obj.resource_id.nil? obj.resource_class = lookup_resource.class.name.to_s if obj.resource_class.nil? end end return obj end |
#add_signed_in_resource(obj, options = {}) ⇒ Object
convenience method to add the current signed in resource to the model instance. the object instance passed in MUST implement the owner concern @param : instance of any object that implements the OwnerConcern.
160 161 162 163 164 165 |
# File 'app/controllers/auth/concerns/token_concern.rb', line 160 def add_signed_in_resource(obj,={}) if obj.respond_to? :signed_in_resource obj.signed_in_resource = current_signed_in_resource end return obj end |
#current_signed_in_resource ⇒ Object
the current signed in resource.
151 152 153 |
# File 'app/controllers/auth/concerns/token_concern.rb', line 151 def current_signed_in_resource @resource end |
#is_admin_user ⇒ Object
this is used as a before_filter.
191 192 193 194 |
# File 'app/controllers/auth/concerns/token_concern.rb', line 191 def is_admin_user not_found("not authorized") unless current_signed_in_resource not_found("You don't have sufficient privileges to complete that action") if !current_signed_in_resource.is_admin? end |
#lookup_resource ⇒ Object
119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 |
# File 'app/controllers/auth/concerns/token_concern.rb', line 119 def lookup_resource puts "came to lookup resource." ## if the current signed in resource si not an admin, just return it, because the concept of proxy arises only if the current_signed in resource is an admin. #puts "current signed in resource : #{current_signed_in_resource}" return current_signed_in_resource unless current_signed_in_resource.is_admin? #puts "crossed resource." ## else. ## first check the session or the params for a proxy resource. proxy_resource_id = params[:proxy_resource_id] || session[:proxy_resource_id] proxy_resource_class = params[:proxy_resource_class] || session[:proxy_resource_class] proxy_resource_id = current_signed_in_resource.id.to_s if (current_signed_in_resource.is_admin? && proxy_resource_id.nil?) proxy_resource_class = current_signed_in_resource.class.to_s if (current_signed_in_resource.is_admin? && proxy_resource_class.nil?) ## now return nil if the proxy resource is still nil. return nil unless (proxy_resource_class && proxy_resource_id) return nil unless (Auth.configuration.auth_resources.include? proxy_resource_class.capitalize) proxy_resource_class = proxy_resource_class.capitalize.constantize begin proxy_resource = proxy_resource_class.find(proxy_resource_id) proxy_resource rescue Mongoid::Errors::DocumentNotFound => error nil end end |
#set_resource ⇒ Object
iterates all the authentication resources in the config. tries to see if we have a current_resource for any of them if yes, sets the resource to the first encoutered such key and breaks the iteration basically a convenience method to set @resource variable, since when we have more than one model that is being authenticated with Devise, there is no way to know which one to call.
100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 |
# File 'app/controllers/auth/concerns/token_concern.rb', line 100 def set_resource puts "--------------------came to set resource." Auth.configuration.auth_resources.keys.each do |resource| break if @resource = self.send("current_#{resource.downcase}") end ## devise in registrations_controller#destroy assumes the existence of an 'resource' variable, so we set that here. if devise_controller? self.resource = @resource end #puts "resource is: #{@resource.to_s}" end |