Module: Area51::InstanceMethods

Defined in:
lib/area_51.rb

Overview

This module contains methods which will be added as instance methods to your controller.

Instance Method Summary collapse

Instance Method Details

#area_51_check_accessObject

A before_filter that checks if authorization is needed to access the current path. If authorization is needed, and it fails, the user is redirected to the safe_zone, or to root_path if safe_zone is not defined. It also sets flash#notice with a message, which should be defined in a locale file with the key :restricted.



133
134
135
136
137
138
 
# File 'lib/area_51.rb', line 133

def area_51_check_access
  if entering_unauthorized_area?(request.path)
    flash.notice = I18n.t(:restricted)
    redirect_to self.class.safe_zone || self.root_path
  end
end

#entering_unauthorized_area?(path) ⇒ Boolean

Checks to see if the user is entering a restricted zone. It does this by enumerating through the list of configured authorization triggers for this controller. If one of them returns true, the paths tied to the trigger are checked against the current path.

If the current path matches one of the paths configured for the trigger, and the access type for the trigger is :restricted, the method returns true. If it is :unrestricted, or the current path is the same as the safe_zone, it returns +false.

Returns:

  • (Boolean) 


149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
 
# File 'lib/area_51.rb', line 149

def entering_unauthorized_area?(path)
  return false if path == self.class.safe_zone

  self.class.authorization_triggers.any? do |trigger, paths|
    if authorization_triggered? trigger

      # Now that we know an authorization should be performed, let's do it!

      if path.match(combined_paths(paths[:restricted]))
        true
      elsif path.match(combined_paths(paths[:unrestricted]))
        false
      else
        trigger.default_access == :restricted
      end
    end
  end
end