Module: Auth::Controller::ClassMethods

Defined in:
lib/nitro/auth/controller.rb

Instance Method Summary collapse

Instance Method Details

#administrative(action, options = {}) ⇒ Object

Protects the given action and requires administrative privileges to call it.



137
138
139
 
# File 'lib/nitro/auth/controller.rb', line 137

def administrative(action, options = {})
    required_role action, Auth.admin_role, options
end

#protect(action, options = {}) ⇒ Object

Protects the given action. Any requests to call it will require login and will check permissions automatically. The original implementation will be “hidden” from Nitro so that it cannot be called directly.

action

The action to protect.

:role

The required role name. (Defaults to Auth.user_role.)

The default role is essentially equivalent to “must be authenticated”, as all users have the user role by default.



130
131
132
133
 
# File 'lib/nitro/auth/controller.rb', line 130

def protect(action, options = {})
    role = options[:role] || Auth.user_role
    required_role action, role, options
end

#required_role(action, role, options = {}) ⇒ Object

Sets the role required to run the given action, and makes the action protected, so that any requests to call it will require login and check permissions automatically.

action

The action to protect.

role

The required role name.



148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
 
# File 'lib/nitro/auth/controller.rb', line 148

def required_role(action, role, options = {})
    action = action.intern if action.is_a? String
    role = role.to_s
    required_roles[action] = role

    unprot_action = "unprotected_" + action.to_s
    protected_methods << unprot_action

    alias_method unprot_action, action
    class_eval %{
        def #{action}
            check_permissions
            #{unprot_action}
        end
    }
end