diff options
| author | rautenberg <rautenberg@in-silico.ch> | 2015-05-13 17:20:41 +0200 |
|---|---|---|
| committer | rautenberg <rautenberg@in-silico.ch> | 2015-05-13 17:20:41 +0200 |
| commit | 43e5c40c55c0cb039857ed9f05aa08c160a2686f (patch) | |
| tree | df11e40d7ce15b6ff4ab5603ac641ebded338429 | |
| parent | b2f8b7cba9d89fdbe6e3a94487626fd451e91ee8 (diff) | |
introduce module AuthorizationHelper to have A&A helpers also in none OpenTox::Application environment available
| -rw-r--r-- | lib/authorization-helper.rb | 19 |
1 files changed, 15 insertions, 4 deletions
diff --git a/lib/authorization-helper.rb b/lib/authorization-helper.rb index 0a03d38..9db1c5d 100644 --- a/lib/authorization-helper.rb +++ b/lib/authorization-helper.rb @@ -2,7 +2,13 @@ module OpenTox # Base class for OpenTox services class Application < Service - helpers do + #Module AuthorizationHelper + #@example AuthorizationHelper + # require "opentox-server" + # helpers OpenTox::Application::AuthorizationHelper + # login("user", "password") + # logout + module AuthorizationHelper # Login to get session for browser application(e.G.: ToxCreate) # @@ -37,7 +43,7 @@ module OpenTox # Checks session and valid subjectid token. # @return [Boolean] true/false def logged_in() - return true if !$aa[SERVICE.to_sym][:uri] + return true unless $aa[SERVICE.to_sym][:uri] if session[:subjectid] != nil return OpenTox::Authorization.is_token_valid(session[:subjectid]) end @@ -48,7 +54,7 @@ module OpenTox # webapplication: redirects with flash[:notice] if unauthorized # webservice: raises error if unauthorized # @param [String]subjectid - def protected!(subjectid) + def protected!(subjectid=RestClientWrapper.subjectid) if env["session"] unless authorized?(subjectid) flash[:notice] = "You don't have access to this section: " @@ -66,7 +72,7 @@ module OpenTox # Check Authorization for URI with method and subjectid. # @param [String]subjectid - def authorized?(subjectid) + def authorized?(subjectid=RestClientWrapper.subjectid) request_method = request.env['REQUEST_METHOD'] uri = clean_uri("#{request.env['rack.url_scheme']}://#{request.env['HTTP_HOST']}#{request.env['REQUEST_URI']}") #.sub("http://","https://") request_method = "GET" if request_method == "POST" && uri =~ /\/model\/\d+\/?$/ @@ -130,5 +136,10 @@ module OpenTox protected!(@subjectid) end end + + helpers do + include AuthorizationHelper + end + end end |