Changesets can be listed by changeset number.
The Git repository is here.
- Revision:
- 4
- Log:
Initial import of Radiant 0.50 sources from a downloaded Tarball.
Radiant is a Ruby On Rails based lightweight content management
system.
- Author:
- adh
- Date:
- Sat Jul 22 16:47:40 +0100 2006
- Size:
- 2166 Bytes
1 | module LoginSystem |
2 | def self.append_features(base) |
3 | base.class_eval %{ |
4 | before_filter :authenticate |
5 | |
6 | @@controllers_where_no_login_required = [] |
7 | @@controller_permissions = Hash.new { |h, k| h[k] = Hash.new { |h, k| h[k] = Hash.new } } |
8 | } |
9 | base.extend ClassMethods |
10 | super |
11 | end |
12 | |
13 | protected |
14 | |
15 | def authenticate |
16 | action = params['action'].to_s.intern |
17 | user = session[:user] |
18 | if no_login_required? or (user and user_has_access_to_action?(action)) |
19 | true |
20 | else |
21 | if user |
22 | permissions = self.class.controller_permissions[self.class][action] |
23 | flash[:error] = permissions[:denied_message] || 'Access denied.' |
24 | redirect_to permissions[:denied_url] || { :action => :index } |
25 | else |
26 | redirect_to login_url |
27 | end |
28 | false |
29 | end |
30 | end |
31 | |
32 | def no_login_required? |
33 | controllers = self.class.controllers_where_no_login_required |
34 | controllers.include?(self.class) |
35 | end |
36 | |
37 | def user_has_role?(role) |
38 | session[:user].send("#{role}?") |
39 | end |
40 | |
41 | def user_has_access_to_action?(action) |
42 | permissions = self.class.controller_permissions[self.class][action] |
43 | case |
44 | when allowed_roles = permissions[:when] |
45 | allowed_roles = [allowed_roles].flatten |
46 | allowed_roles.each do |role| |
47 | return true if user_has_role?(role) |
48 | end |
49 | false |
50 | when condition_method = permissions[:if] |
51 | send(condition_method) |
52 | else |
53 | true |
54 | end |
55 | end |
56 | |
57 | module ClassMethods |
58 | def no_login_required |
59 | controllers_where_no_login_required << self |
60 | end |
61 | |
62 | def only_allow_access_to(*args) |
63 | options = {} |
64 | options = args.pop.dup if args.last.kind_of?(Hash) |
65 | options.symbolize_keys! |
66 | actions = args.map { |a| a.to_s.intern } |
67 | actions.each do |action| |
68 | controller_permissions[self][action] = options |
69 | end |
70 | end |
71 | |
72 | def controller_permissions |
73 | self.class_eval %{ @@controller_permissions } |
74 | end |
75 | |
76 | def controllers_where_no_login_required |
77 | self.class_eval %{ @@controllers_where_no_login_required } |
78 | end |
79 | end |
80 | end |