summaryrefslogtreecommitdiff
path: root/users/app
diff options
context:
space:
mode:
Diffstat (limited to 'users/app')
-rw-r--r--users/app/controllers/application_controller.rb14
-rw-r--r--users/app/controllers/controller_extension/authentication.rb34
-rw-r--r--users/app/models/user.rb8
-rw-r--r--users/app/views/sessions/_nav.html.haml5
4 files changed, 41 insertions, 20 deletions
diff --git a/users/app/controllers/application_controller.rb b/users/app/controllers/application_controller.rb
deleted file mode 100644
index 8388dda..0000000
--- a/users/app/controllers/application_controller.rb
+++ /dev/null
@@ -1,14 +0,0 @@
-class ApplicationController < ActionController::Base
- protect_from_forgery
-
- private
-
- def current_user
- @current_user ||= env['warden'].user
- end
- helper_method :current_user
-
- def authorize
- redirect_to login_url, alert: "Not authorized" if current_user.nil?
- end
-end
diff --git a/users/app/controllers/controller_extension/authentication.rb b/users/app/controllers/controller_extension/authentication.rb
new file mode 100644
index 0000000..50cf0d1
--- /dev/null
+++ b/users/app/controllers/controller_extension/authentication.rb
@@ -0,0 +1,34 @@
+module ControllerExtension::Authentication
+ extend ActiveSupport::Concern
+
+ private
+
+ included do
+ helper_method :current_user, :logged_in?, :admin?
+ end
+
+ def current_user
+ @current_user ||= env['warden'].user
+ end
+
+ def logged_in?
+ !!current_user
+ end
+
+ def authorize
+ access_denied unless logged_in?
+ end
+
+ def access_denied
+ redirect_to login_url, :alert => "Not authorized"
+ end
+
+ def admin?
+ current_user && current_user.is_admin?
+ end
+
+ def authorize_admin
+ access_denied unless admin?
+ end
+
+end
diff --git a/users/app/models/user.rb b/users/app/models/user.rb
index 737e083..0f5d650 100644
--- a/users/app/models/user.rb
+++ b/users/app/models/user.rb
@@ -66,11 +66,9 @@ class User < CouchRest::Model::Base
login
end
- def self.current
- Thread.current[:user]
- end
- def self.current=(user)
- Thread.current[:user] = user
+ # Since we are storing admins by login, we cannot allow admins to change their login.
+ def is_admin?
+ APP_CONFIG['admins'].include? self.login
end
end
diff --git a/users/app/views/sessions/_nav.html.haml b/users/app/views/sessions/_nav.html.haml
index a5397bd..204ba88 100644
--- a/users/app/views/sessions/_nav.html.haml
+++ b/users/app/views/sessions/_nav.html.haml
@@ -1,6 +1,9 @@
-- if current_user
+- if logged_in?
%li
+ = 'logged in as ' + current_user.login
= link_to t(:logout), logout_path
+ - if admin?
+ = 'ADMIN' # obviously not like this
- else
%li
= link_to t(:login), login_path