Add option to skip authorization

This commit is contained in:
chris 2013-10-08 17:18:58 +08:00
parent 315a24556c
commit b4f5fddc5c
1 changed files with 41 additions and 27 deletions

View File

@ -197,37 +197,48 @@ module OrbitCoreLib
end end
end end
def skip_authorization(arg = nil)
if arg
key = arg.shift
prepend_before_filter key[0] => key[1] {|f| f.no_authorization}
else
prepend_before_filter {|f| f.no_authorization}
end
end
end end
module InstanceMethods module InstanceMethods
protected protected
def can_use def can_use
setup_vars setup_vars
set_current_user unless @no_authorization
if @user_type if @user_type
@user_type.each do |user_type| @user_type.each do |user_type|
open = false open = false
visitor = false visitor = false
case user_type case user_type
when :admin when :admin
open ||= check_admin open ||= check_admin
when :manager when :manager
open ||= check_manager open ||= check_manager
when :sub_manager when :sub_manager
open ||= check_sub_manager open ||= check_sub_manager
when :approver when :approver
open ||= check_sub_manager open ||= check_sub_manager
when :visitor when :visitor
open ||= true set_current_user
visitor ||= true open ||= true
visitor ||= true
end
check_backend_openness if visitor
authenticate_user! unless visitor
redirect_to root_url unless open
end end
check_backend_openness if visitor else
authenticate_user! unless visitor authenticate_user!
redirect_to root_url unless open check_user_can_use
end end
else
authenticate_user!
check_user_can_use
end end
end end
@ -248,10 +259,14 @@ module OrbitCoreLib
end end
def open_for(var) def open_for(var)
@user_type ||= [] @user_type ||= []
@user_type << var @user_type << var
end end
def no_authorization
@no_authorization = true
end
def check_user_can_use def check_user_can_use
unless current_or_guest_user.admin? || @module_app.is_manager?(current_or_guest_user) || @module_app.is_sub_manager?(current_or_guest_user) || @module_app.can_approve?(current_or_guest_user) unless current_or_guest_user.admin? || @module_app.is_manager?(current_or_guest_user) || @module_app.is_sub_manager?(current_or_guest_user) || @module_app.can_approve?(current_or_guest_user)
redirect_to root_url redirect_to root_url
@ -259,9 +274,8 @@ module OrbitCoreLib
end end
def setup_vars def setup_vars
@app_title ||= controller_path.split('/')[1].singularize @app_title ||= controller_path.split('/')[1].singularize rescue nil
@module_app ||= ModuleApp.first(conditions: {:key => @app_title} ) @module_app ||= ModuleApp.first(conditions: {:key => @app_title} ) rescue nil
# raise ModuleAppError, 'Can not find ModuleApp' if @module_app.nil?
end end
end end
end end