diff options
| author | Azul <azul@leap.se> | 2012-11-04 17:57:03 +0100 |
|---|---|---|
| committer | Azul <azul@leap.se> | 2012-11-04 17:57:03 +0100 |
| commit | c0f92bf9f481463dcaef6f4b30343130a8910a00 (patch) | |
| tree | 3ba89c6f38d19a7b96a0ef599b7cb6364ba5821f /users/app | |
| parent | b92d418ebec6486a9e728c57f38f82d4c3343341 (diff) | |
| parent | 19008253d01fd6d7a864e98a7ae5dc216070aee1 (diff) | |
Merge branch 'develop' into feature-warden-srp
Conflicts:
Gemfile.lock
users/app/controllers/application_controller.rb
users/leap_web_users.gemspec
Diffstat (limited to 'users/app')
| -rw-r--r-- | users/app/controllers/application_controller.rb | 14 | ||||
| -rw-r--r-- | users/app/controllers/controller_extension/authentication.rb | 34 | ||||
| -rw-r--r-- | users/app/models/user.rb | 8 | ||||
| -rw-r--r-- | users/app/views/sessions/_nav.html.haml | 5 |
4 files changed, 41 insertions, 20 deletions
diff --git a/users/app/controllers/application_controller.rb b/users/app/controllers/application_controller.rb deleted file mode 100644 index 8388dda..0000000 --- a/users/app/controllers/application_controller.rb +++ /dev/null @@ -1,14 +0,0 @@ -class ApplicationController < ActionController::Base - protect_from_forgery - - private - - def current_user - @current_user ||= env['warden'].user - end - helper_method :current_user - - def authorize - redirect_to login_url, alert: "Not authorized" if current_user.nil? - end -end diff --git a/users/app/controllers/controller_extension/authentication.rb b/users/app/controllers/controller_extension/authentication.rb new file mode 100644 index 0000000..50cf0d1 --- /dev/null +++ b/users/app/controllers/controller_extension/authentication.rb @@ -0,0 +1,34 @@ +module ControllerExtension::Authentication + extend ActiveSupport::Concern + + private + + included do + helper_method :current_user, :logged_in?, :admin? + end + + def current_user + @current_user ||= env['warden'].user + end + + def logged_in? + !!current_user + end + + def authorize + access_denied unless logged_in? + end + + def access_denied + redirect_to login_url, :alert => "Not authorized" + end + + def admin? + current_user && current_user.is_admin? + end + + def authorize_admin + access_denied unless admin? + end + +end diff --git a/users/app/models/user.rb b/users/app/models/user.rb index 737e083..0f5d650 100644 --- a/users/app/models/user.rb +++ b/users/app/models/user.rb @@ -66,11 +66,9 @@ class User < CouchRest::Model::Base login end - def self.current - Thread.current[:user] - end - def self.current=(user) - Thread.current[:user] = user + # Since we are storing admins by login, we cannot allow admins to change their login. + def is_admin? + APP_CONFIG['admins'].include? self.login end end diff --git a/users/app/views/sessions/_nav.html.haml b/users/app/views/sessions/_nav.html.haml index a5397bd..204ba88 100644 --- a/users/app/views/sessions/_nav.html.haml +++ b/users/app/views/sessions/_nav.html.haml @@ -1,6 +1,9 @@ -- if current_user +- if logged_in? %li + = 'logged in as ' + current_user.login = link_to t(:logout), logout_path + - if admin? + = 'ADMIN' # obviously not like this - else %li = link_to t(:login), login_path |