module ExtremeAas
  module ApplicationController
    private
    def extreme_aas_permission_denied
      render "#{Rails.root}/public/404", :format => [:html], :status => :unauthorized
    end

    def extreme_aas_ask_permission
      #context profile, controller action
      simple_action = ExtremeAas::ExtremeSimpleAction.find_action :controller_name =>params[:controller], :action_name => params[:action]
      extreme_aas_permission_denied unless simple_action && extreme_aas_profile && simple_action.has_permission?(extreme_aas_profile)

    end

    def extreme_aas_profile
      @extreme_aas_profile ||= ExtremeProfile.last #FIXME

      #@extreme_aas_profile ||= ExtremeProfile.find(session[:extreme_aas_profile_id]) if session[:extreme_aas_profile_id]
    end
  end
end