lib/gds-sso/controller_methods.rb in gds-sso-0.6.1 vs lib/gds-sso/controller_methods.rb in gds-sso-0.7.0
- old
+ new
@@ -1,7 +1,22 @@
module GDS
module SSO
module ControllerMethods
+ class PermissionDeniedException < StandardError
+ end
+
+ def authorise_user!(scope, permission)
+ if not current_user.has_permission?(scope, permission)
+ raise PermissionDeniedException
+ end
+ end
+
+ def require_signin_permission!
+ authorise_user!(GDS::SSO::Config.default_scope, 'signin')
+ rescue PermissionDeniedException
+ redirect_to cant_signin_url
+ end
+
def authenticate_user!
warden.authenticate!
end
def user_signed_in?