Sha256: 3e8348006bc058ff130161be75df3ce60d92e519513b86ef6edefd34d8ddb38a
Contents?: true
Size: 1.25 KB
Versions: 6
Compression:
Stored size: 1.25 KB
Contents
module Rad::Controller::Http::Authorized
inherited do
helper_method :can?, :owner?
end
module ClassMethods
def require_permission operation, *args, &object_proc
operation = operation.must_be.a(String, Symbol).to_s
options = args.extract_options!
# object_proc = args.size > 0 ? args.first : lambda{}
object_proc ||= lambda{|controller|}
method = "require_permission_#{operation}"
define_method method do
require_permission operation, instance_eval(&object_proc)
end
before method, options
end
end
protected
def can? *args
rad.user.can? *args
end
def owner? *args
rad.user.owner? *args
end
def login_required
access_denied! unless rad.user.registered?
end
def login_not_required
raise_user_error t(:login_not_required) if rad.user.registered?
end
def require_permission operation, object = nil
operation = operation.must_be.a(String, Symbol).to_s
unless rad.user.can? operation, object
rad.logger.warn "RAD access denied, #{rad.user.name} hasn't rights to #{operation}!"
access_denied!
end
end
def access_denied!
raise_user_error t(:access_denied)
end
end
Version data entries
6 entries across 6 versions & 1 rubygems