|
Revision 1, 0.7 kB
(checked in by falcon, 16 years ago)
|
|
Version one -> initial work from the laptop.
|
| Line | |
|---|
| 1 | module UserSystem |
|---|
| 2 | def user_permitted?(*permissions) |
|---|
| 3 | return false if !logged_in? |
|---|
| 4 | roles = User.find_by_id(session[:user]).roles |
|---|
| 5 | for p in permissions |
|---|
| 6 | if roles.include?(p.to_s) |
|---|
| 7 | return true |
|---|
| 8 | end |
|---|
| 9 | end |
|---|
| 10 | return false |
|---|
| 11 | end |
|---|
| 12 | protected |
|---|
| 13 | |
|---|
| 14 | # method/filter to check permissions for all or single action |
|---|
| 15 | def permission_required(*permissions) |
|---|
| 16 | # if no permissions passed use controller level permissions (filter) |
|---|
| 17 | if permissions.size > 0 |
|---|
| 18 | return true if user_permitted?(*permissions) |
|---|
| 19 | # redirect to desired location when user does not have permission |
|---|
| 20 | redirect_to :controller => 'main', :action => 'main' |
|---|
| 21 | return |
|---|
| 22 | end |
|---|
| 23 | end |
|---|
| 24 | |
|---|
| 25 | end |
|---|
