Module: Lockdown::Controller::Rails::InstanceMethods
- Defined in:
- lib/lockdown/controller.rb
Class Method Summary collapse
Instance Method Summary collapse
- #access_denied(e) ⇒ Object
- #authorized?(options) ⇒ Boolean
- #path_from_hash(hsh) ⇒ Object
- #sent_from_uri ⇒ Object
Class Method Details
.included(base) ⇒ Object
149 150 151 152 153 154 |
# File 'lib/lockdown/controller.rb', line 149 def self.included(base) base.class_eval do alias :send_to :redirect_to end base.send :include, Lockdown::Controller::Core end |
Instance Method Details
#access_denied(e) ⇒ Object
188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 |
# File 'lib/lockdown/controller.rb', line 188 def access_denied(e) if Lockdown::System[:logout_on_access_violation] reset_session end respond_to do |accepts| accepts.html do store_location send_to Lockdown::System[:access_denied_path] end accepts.xml do headers["Status"] = "Unauthorized" headers["WWW-Authenticate"] = %(Basic realm="Web Password") render :text => e., :status => "401 Unauthorized" end end false end |
#authorized?(options) ⇒ Boolean
160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 |
# File 'lib/lockdown/controller.rb', line 160 def () return true if current_user_is_admin? url_parts = URI::split url_for() path = url_parts[5] # See if path is known return true if path_allowed?(path) if .is_a?(String) # Test for a named routed begin hsh = ActionController::Routing::Routes.recognize_path() return true if path_allowed?(path_from_hash(hsh)) unless hsh.nil? rescue Exception => e # continue on end end # Test to see if using a get method (show) path += "/show" if path.split("/").last.to_i > 0 return true if path_allowed?(path) return false end |
#path_from_hash(hsh) ⇒ Object
206 207 208 |
# File 'lib/lockdown/controller.rb', line 206 def path_from_hash(hsh) hsh[:controller].to_s + "/" + hsh[:action].to_s end |
#sent_from_uri ⇒ Object
156 157 158 |
# File 'lib/lockdown/controller.rb', line 156 def sent_from_uri request.request_uri end |