app/controllers/kblog/articles_controller.rb in kblog-0.0.1 vs app/controllers/kblog/articles_controller.rb in kblog-0.0.2
- old
+ new
@@ -2,15 +2,18 @@
module Kblog
class ArticlesController < ApplicationController
before_filter :set_blog_user
before_filter :set_article, only: [:show, :edit, :update, :destroy]
-
+ before_filter :authenticate, only: [:edit, :update, :create, :destroy]
- if Kblog.authentication == 'basic'
+ if Kblog.auth_type == 'basic'
http_basic_authenticate_with :name => Kblog.authname, :password => Kblog.authpassword, :except => [:index,:show]
end
+ if Kblog.auth_type == 'role'
+
+ end
# GET /articles
def index
@articles = Article.order("created_at DESC").paginate(:page => params[:page], :per_page => 3)
end
@@ -69,7 +72,11 @@
# Never trust parameters from the scary internet, only allow the white list through.
def article_params
params[:article]
#params.require(:article).permit(:title, :content)
end
- end
+
+ def authenticate
+ render :status => :forbidden and return unless Article.user_rights(@blog_user)
+ end
+ end
end