diff options
| author | rautenberg <rautenberg@in-silico.ch> | 2013-04-29 17:59:02 +0200 |
|---|---|---|
| committer | rautenberg <rautenberg@in-silico.ch> | 2013-04-29 17:59:02 +0200 |
| commit | 627a5bcc293f017026e9f35d2e5a8c01d11e9f97 (patch) | |
| tree | 9c1290d0364a9e5d16666a6a9ba261d19043c3c2 | |
| parent | e65b7a218d772551a1310e0f4bfca950956a9da3 (diff) | |
add check_policy to POST and PUT
| -rw-r--r-- | lib/opentox.rb | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/lib/opentox.rb b/lib/opentox.rb index eb35b38..c7072d3 100644 --- a/lib/opentox.rb +++ b/lib/opentox.rb @@ -29,6 +29,7 @@ module OpenTox before do @uri = uri(request.env['REQUEST_URI']) + get_subjectid if respond_to? :get_subjectid # fix IE request.env['HTTP_ACCEPT'] += ";text/html" if request.env["HTTP_USER_AGENT"]=~/MSIE/ request.env['HTTP_ACCEPT'] = request.params["media"] if request.params["media"] @@ -38,9 +39,15 @@ module OpenTox @accept = request.env['HTTP_ACCEPT'] @accept = "text/html" if @accept =~ /\*\/\*/ or request.env["HTTP_USER_AGENT"]=~/MSIE/ @accept = request.params["media"] if request.params["media"] + Authorization.check_policy(@uri, @subjectid) if env['REQUEST_METHOD'] == "PUT" && $aa[:uri] response['Content-Type'] = @accept end + after do + Authorization.check_policy(@uri, @subjectid) if env['REQUEST_METHOD'].to_s == "POST" && $aa[:uri] + end + + helpers do def parse_input case request.content_type |