helper method for checking permissions

git-svn-id: http://svn.barleysodas.com/barleysodas/trunk@86 0f7b21a7-9e3a-4941-bbeb-ce5c7c368fa7
master
andrew 2008-01-09 05:15:53 +00:00
parent 00a3768981
commit befa9ba60e
1 changed files with 8 additions and 6 deletions

View File

@ -5,7 +5,7 @@ class ApplicationController < ActionController::Base
append_before_filter :authorized? append_before_filter :authorized?
append_before_filter :set_current_people_id append_before_filter :set_current_people_id
helper_method :logged_in? helper_method :logged_in?, :has_permission_for_action?
cattr_accessor :current_people_id cattr_accessor :current_people_id
@ -164,17 +164,19 @@ class ApplicationController < ActionController::Base
# to a particular aspect of the system. Also finds the Guest user and checks # to a particular aspect of the system. Also finds the Guest user and checks
# for the Guest Role. # for the Guest Role.
# #
def has_permission_for_action? def has_permission_for_action?(aname = nil, cname = nil)
role = nil role = nil
aname ||= params[:action]
cname ||= params[:controller]
aname = aname.to_s
cname = cname.to_s
if logged_in? if logged_in?
role = People.find_by_title(session[:people_title]).role rescue nil role = People.find(session[:people_id]).role rescue nil
end end
logger.debug("role is #{role.inspect}")
role ||= Role.base_role role ||= Role.base_role
while role while role
return true if role.permissions.detect do |p| return true if role.permissions.detect do |p|
p.controller.to_s == params[:controller].to_s and p.controller.to_s == cname and p.action.to_s == aname
p.action.to_s == params[:action].to_s
end end
role = role.parent role = role.parent
end end