access_control.rb in orange-0.0.6

- old
+ new

@@ -15,18 +15,21 @@
     #   presenting the login form, or let other parts of the app do that. 
     # @option opts [Boolean] :config_id Whether to use the id set in a config file
     
     def init(opts = {})
       defs = {:locked => [:admin, :orange], :login => '/login', :logout => '/logout',
-              :handle_login => true, :openid => true, :config_id => true}
+              :handle_login => true, :openid => true, :single_user => true}
       opts = opts.with_defaults!(defs)
       @openid = opts[:openid]
       @locked = opts[:locked]
       @login = opts[:login]
       @logout = opts[:logout]
       @handle = opts[:handle_login]
-      @single = opts[:config_id]
+      @single = opts[:single_user]
+      unless @single
+        orange.load(Orange::UserResource.new, :users)
+      end
     end
       
     def packet_call(packet)
       packet['user.id'] ||= (packet.session['user.id'] || false)
       if @openid && need_to_handle?(packet)
@@ -49,11 +52,14 @@
         elsif @single
           # Current id no good. 
           packet['user.id'] = false
           packet.session['user.id'] = false
           false
-        else
+        # Main_user can always log in (root access)
+        elsif packet['user.id'] == packet['orange.globals']['main_user']
           true
+        else
+          orange[:users].access_allowed?(packet, packet['user.id'])
         end
       else
         false
       end
     end
\ No newline at end of file