diff options
author | mguetlein <martin.guetlein@gmail.com> | 2011-01-28 13:56:33 +0100 |
---|---|---|
committer | mguetlein <martin.guetlein@gmail.com> | 2011-01-28 13:56:33 +0100 |
commit | 3aaae5a3fe341073fc0537606aababe387d830e0 (patch) | |
tree | 4a53ff2150d6115d21d26e6d7323ef925dbc363b /lib | |
parent | e1a067953dd9139b01aaebe42ff158a944240540 (diff) |
reorderd Autohorizaion.authorize?
Diffstat (limited to 'lib')
-rw-r--r-- | lib/authorization.rb | 23 |
1 files changed, 12 insertions, 11 deletions
diff --git a/lib/authorization.rb b/lib/authorization.rb index 1573da3..b4c1ee5 100644 --- a/lib/authorization.rb +++ b/lib/authorization.rb @@ -329,19 +329,20 @@ module OpenTox # @return [Boolean] true if access granted, else otherwise def self.authorized?(uri, request_method, subjectid) if OpenTox::Authorization.whitelisted?(uri, request_method) - LOGGER.debug "whitelisted! "+uri.to_s - return true - end - if CONFIG[:authorization][:authorize_request].include?(request_method) + LOGGER.debug "authorized? >>true<< (uris is whitelisted), method: #{request_method}, URI: #{uri}, subjectid: #{subjectid}" + true + elsif CONFIG[:authorization][:authorize_request].include?(request_method) ret = OpenTox::Authorization.authorize(uri, request_method, subjectid) - LOGGER.debug "OpenTox helpers OpenTox::Authorization authorized? method: #{request_method} , URI: #{uri}, subjectid: #{subjectid} with return >>#{ret}<<" - return ret + LOGGER.debug "authorized? >>#{ret}<< (uri authorized), method: #{request_method}, URI: #{uri}, subjectid: #{subjectid}" + ret + elsif CONFIG[:authorization][:authenticate_request].include?(request_method) + ret = OpenTox::Authorization.is_token_valid(subjectid) + LOGGER.debug "authorized? >>#{ret}<< (token is valid), method: #{request_method}, URI: #{uri}, subjectid: #{subjectid}" + ret + else + LOGGER.debug "authorized? >>true<< (request is free), method: #{request_method}, URI: #{uri}, subjectid: #{subjectid}" + true end - if CONFIG[:authorization][:authenticate_request].include?(request_method) - return true if OpenTox::Authorization.is_token_valid(subjectid) - end - LOGGER.debug "Not authorized for: #{uri} with Method: #{request_method} with Token #{subjectid}" - return false end @@whitelist = {} |