RubygemsResearch

Sha256: e9d83095d98ba2dad51417b53c1700f215e8a55ecaee775736bef8bc22d4fb7c

Contents?: true

Size: 1.82 KB

Versions: 3

Compression:

Stored size: 1.82 KB

module MasterView
  module Admin
    
    # This module is mixed into the MasterView Admin Controller to provide the default
    # authorization for MasterView admin page access.
    #
    # The authorization method must be a predicate named allow_access?.
    # The mixin is included in an ApplicationController subclass
    # and thus may access all services available to controllers
    # in your application.
    #
    # To override this method, create a module with your auth_check predicate
    # and configure the load specification setting in the config.admin_auth_mixin.
    # Default if not specified is to load admin_auth_mixin.rb from the rails
    # app/masterview directory, if present, and install mixin module MasterViewAdminAuthMixin.
    #
    # example: 
    #
    ##config.admin_auth_mixin = {
    #   :file => 'admin_auth_mixin', # require file in app/masterview unless alt :file_loc context specified
    #   :file_loc => nil,
    #   :module => :MasterViewAdminAuthMixin, # module to mix in to MasterView controller
    # }
    #
    module AuthMixin

      MasterView::Log.info { 'Using default admin_auth mixin for MasterView admin (local requests only)' }

      protected

      # Check that the current user has authorization to access admin operations.
      #
      # Default implementation of authorization check
      # restricts access to requests from the local machine (developer testing).
      #
      # An application with a user authorization scheme might do something like
      # verifying that an authenticated login is available and that the current
      # user has permission to perform admin operations:
      #
      #    current_user && user_has_perm?('mv-admin')
      # 
      def allow_access?
        # default only allow for developer testing on local machine
        local_request?
      end

    end
  end
end

Version data entries

3 entries across 3 versions & 1 rubygems

Version	Path
masterview-0.3.4	lib/masterview/extras/admin_auth_mixin.rb
masterview-0.3.2	lib/masterview/extras/admin_auth_mixin.rb
masterview-0.3.3	lib/masterview/extras/admin_auth_mixin.rb