From 3f9dc65636afb57fed441978dca4bf7d3209bd2d Mon Sep 17 00:00:00 2001
From: Azul <azul@leap.se>
Date: Fri, 7 Feb 2014 14:38:56 +0100
Subject: rename authorize to require_login

authorize_admin -> require_admin

also add require_token which will ensure token has been used for auth.
---
 users/app/controllers/controller_extension/authentication.rb       | 4 ++--
 users/app/controllers/controller_extension/token_authentication.rb | 4 ++++
 users/app/controllers/users_controller.rb                          | 4 ++--
 users/app/controllers/v1/users_controller.rb                       | 4 ++--
 4 files changed, 10 insertions(+), 6 deletions(-)

(limited to 'users/app/controllers')

diff --git a/users/app/controllers/controller_extension/authentication.rb b/users/app/controllers/controller_extension/authentication.rb
index d831fbe..e83d6b2 100644
--- a/users/app/controllers/controller_extension/authentication.rb
+++ b/users/app/controllers/controller_extension/authentication.rb
@@ -15,7 +15,7 @@ module ControllerExtension::Authentication
     !!current_user
   end
 
-  def authorize
+  def require_login
     access_denied unless logged_in?
   end
 
@@ -38,7 +38,7 @@ module ControllerExtension::Authentication
     current_user && current_user.is_admin?
   end
 
-  def authorize_admin
+  def require_admin
     access_denied unless admin?
   end
 
diff --git a/users/app/controllers/controller_extension/token_authentication.rb b/users/app/controllers/controller_extension/token_authentication.rb
index cd5c074..ee24f73 100644
--- a/users/app/controllers/controller_extension/token_authentication.rb
+++ b/users/app/controllers/controller_extension/token_authentication.rb
@@ -11,6 +11,10 @@ module ControllerExtension::TokenAuthentication
     token.authenticate if token
   end
 
+  def require_token
+    access_denied unless token
+  end
+
   def logout
     super
     clear_token
diff --git a/users/app/controllers/users_controller.rb b/users/app/controllers/users_controller.rb
index a5461cd..6b32d49 100644
--- a/users/app/controllers/users_controller.rb
+++ b/users/app/controllers/users_controller.rb
@@ -4,9 +4,9 @@
 
 class UsersController < UsersBaseController
 
-  before_filter :authorize, :only => [:show, :edit, :update, :destroy]
+  before_filter :require_login, :except => [:new]
+  before_filter :require_admin, :only => [:index, :deactivate, :enable]
   before_filter :fetch_user, :only => [:show, :edit, :update, :destroy, :deactivate, :enable]
-  before_filter :authorize_admin, :only => [:index, :deactivate, :enable]
 
   respond_to :html
 
diff --git a/users/app/controllers/v1/users_controller.rb b/users/app/controllers/v1/users_controller.rb
index 0903888..a16c6e9 100644
--- a/users/app/controllers/v1/users_controller.rb
+++ b/users/app/controllers/v1/users_controller.rb
@@ -3,8 +3,8 @@ module V1
 
     skip_before_filter :verify_authenticity_token
     before_filter :fetch_user, :only => [:update]
-    before_filter :authorize, :only => [:update]
-    before_filter :authorize_admin, :only => [:index]
+    before_filter :require_login, :only => [:update, :index]
+    before_filter :require_admin, :only => [:index]
 
     respond_to :json
 
-- 
cgit v1.2.3