Contents

class AdminRequired
  def self.filter(controller)
    # Check if the user is even lgged in
    # If not then redirect them to the login page
    unless controller.session[:user]
    	controller.flash[:warning] = 'Please login to continue'
    	controller.session[:return_to] = controller.request.fullpath
    	controller.redirect_to :controller => 'users', :action => 'login'
    	return false
    end

    unless controller.session[:user] and controller.session[:user][:role] <= 1
      controller.flash[:warning] = 'Please login to continue'
      controller.session[:return_to] = controller.request.fullpath
      controller.render :inline => "You are not authorized for this part of the application!  Return <a href='/'>home</a>"
      return false
    end
    
    return true
  end
end

Version data entries

1 entries across 1 versions & 1 rubygems

Version	Path
fs_auth-0.0.1	app/filters/AdminRequired.rb