Module: Auth::Controller

Defined in:

lib/nitro/auth/controller.rb

Overview

Include this class in any controller that you want to have authentication and/or authorization on.

Defined Under Namespace

Modules: ClassMethods

Instance Method Summary

• #administrator? ⇒ Boolean

  Is the current user an administrator?.

• #allowed? ⇒ Boolean

  Is the current user allowed to execute the current action?.

• #check_permissions ⇒ Object

  Checks the current user’s permission to run the current action, and redirects to the appropriate auth action if a login is needed or if the current user doesn’t have sufficient permissions.

• #login_link ⇒ Object

  Spits out a link to the login page if there is no current user, or to the logout page if there is one.

• #store_location ⇒ Object

  Stores the current location, so that we can redirect the user to a login page but get back to where they originally wanted to go.

• #user ⇒ Object

  The Auth::User object for the currently logged-in user.

Instance Method Details

#administrator? ⇒ Boolean

Is the current user an administrator?

Returns:

• (Boolean)

# File 'lib/nitro/auth/controller.rb', line 37

def administrator?
    user and user.has_role? Auth.admin_role
end

#allowed? ⇒ Boolean

Is the current user allowed to execute the current action?

Returns:

• (Boolean)

# File 'lib/nitro/auth/controller.rb', line 42

def allowed?
    required = required_roles[action_name.intern]
    not required or (user and user.has_role? required)
end

#check_permissions ⇒ Object

Checks the current user’s permission to run the current action, and redirects to the appropriate auth action if a login is needed or if the current user doesn’t have sufficient permissions.

# File 'lib/nitro/auth/controller.rb', line 50

def check_permissions
    if not allowed?
        store_location
        redirect "/auth/access_denied" if user
        redirect URI.escape("/auth/login?login=#{@expired_login}")
        raise RenderExit
    end
end

#login_link ⇒ Object

Spits out a link to the login page if there is no current user, or to the logout page if there is one.

# File 'lib/nitro/auth/controller.rb', line 68

def login_link
    unless user
        body.a "Login", :href => "/auth/login"
    else
        body.a "Logout", :href => "/auth/logout"
    end
end

#store_location ⇒ Object

Stores the current location, so that we can redirect the user to a login page but get back to where they originally wanted to go.

# File 'lib/nitro/auth/controller.rb', line 61

def store_location
    session["prelogin_uri"] = request.uri
    session["prelogin_referer"] = request.referer
end

#user ⇒ Object

The Auth::User object for the currently logged-in user. Will be nil if no user is logged in.

# File 'lib/nitro/auth/controller.rb', line 11

def user
    # If we don't have a user yet, see if we can get one via
    # the session key cookie.
    if not @user
        session_key = request.cookies['login_session_key']
        if session_key
            @user = User.find_one(:where => "session_key = '#{session_key}'")
        end
    end

    # If we already had a user, or managed to find one above,
    # check for session expiration.
    if @user
        if @user.session_key_expired?
            @expired_login = @user.login
            @user = nil
        else
            @expired_login = nil
        end
    end

    @user
end