diff options
| author | rautenberg <rautenberg@in-silico.ch> | 2013-08-06 14:57:18 +0200 |
|---|---|---|
| committer | rautenberg <rautenberg@in-silico.ch> | 2013-08-06 14:57:18 +0200 |
| commit | 6b3a9bc829ea78bc778c321502958b5b1bfc3087 (patch) | |
| tree | 40172d0f590ef1aa459c75c5fdb8fff70287ee1e | |
| parent | 4b2acd3e1ded3819e6aea616180459c38ce3b4d3 (diff) | |
move policy management to opentox-server
| -rw-r--r-- | lib/authorization-helper.rb | 4 | ||||
| -rw-r--r-- | lib/opentox.rb | 8 |
2 files changed, 6 insertions, 6 deletions
diff --git a/lib/authorization-helper.rb b/lib/authorization-helper.rb index 625c99f..0a03d38 100644 --- a/lib/authorization-helper.rb +++ b/lib/authorization-helper.rb @@ -37,7 +37,7 @@ module OpenTox # Checks session and valid subjectid token. # @return [Boolean] true/false def logged_in() - return true if !$aa[:uri] + return true if !$aa[SERVICE.to_sym][:uri] if session[:subjectid] != nil return OpenTox::Authorization.is_token_valid(session[:subjectid]) end @@ -126,7 +126,7 @@ module OpenTox before do get_subjectid() - unless !$aa[:uri] or login_request? or $aa[:free_request].include?(env['REQUEST_METHOD'].to_sym) + unless !$aa[SERVICE.to_sym][:uri] or login_request? or $aa[SERVICE.to_sym][:free_request].include?(env['REQUEST_METHOD'].to_sym) protected!(@subjectid) end end diff --git a/lib/opentox.rb b/lib/opentox.rb index 5809b88..ea29832 100644 --- a/lib/opentox.rb +++ b/lib/opentox.rb @@ -3,7 +3,7 @@ require "sinatra/reloader" ENV["RACK_ENV"] ||= "production" require File.join(ENV["HOME"],".opentox","config","default.rb") if File.exist? File.join(ENV["HOME"],".opentox","config","default.rb") require File.join(ENV["HOME"],".opentox","config","#{SERVICE}.rb") - +$aa[SERVICE.to_sym] = $aa logfile = File.join(ENV['HOME'], ".opentox","log","#{ENV["RACK_ENV"]}.log") $logger = OTLogger.new(logfile) @@ -39,13 +39,13 @@ module OpenTox @accept = request.env['HTTP_ACCEPT'] @accept = "text/html" if @accept =~ /\*\/\*/ or request.env["HTTP_USER_AGENT"]=~/MSIE/ @accept = request.params["media"] if request.params["media"] - Authorization.check_policy(@uri) if env['REQUEST_METHOD'] == "PUT" && $aa[:uri] + Authorization.check_policy(@uri) if env['REQUEST_METHOD'] == "PUT" && $aa[SERVICE.to_sym][:uri] && $aa[SERVICE.to_sym] response['Content-Type'] = @accept end after do - Authorization.check_policy(@uri) if env['REQUEST_METHOD'].to_s == "POST" && $aa[:uri] - + Authorization.check_policy(@uri) if env['REQUEST_METHOD'].to_s == "POST" && $aa[SERVICE.to_sym][:uri] && $aa[SERVICE.to_sym] + Authorization.delete_policies_from_uri(@uri) if env['REQUEST_METHOD'].to_s == "DELETE" && $aa[SERVICE.to_sym][:uri] && $aa[SERVICE.to_sym] end |