Add option to skip authorization

2013-10-08 17:18:58 +08:00 · 2013-10-08 17:18:58 +08:00 · b4f5fddc5c
parent 315a24556c
commit b4f5fddc5c
1 changed files with 41 additions and 27 deletions
--- a/lib/orbit_core_lib.rb
+++ b/lib/orbit_core_lib.rb
@ -197,37 +197,48 @@ module  OrbitCoreLib
        end
      end

+      def skip_authorization(arg = nil)
+        if arg
+          key = arg.shift
+          prepend_before_filter key[0] => key[1] {|f| f.no_authorization}
+        else
+          prepend_before_filter {|f| f.no_authorization}
+        end
+      end
+
    end

    module InstanceMethods
      protected
      def can_use
        setup_vars
-        set_current_user
-        if @user_type
-          @user_type.each do |user_type|
-            open = false
-            visitor = false
-            case user_type
-            when :admin
-              open ||= check_admin
-            when :manager
-              open ||= check_manager
-            when :sub_manager
-              open ||= check_sub_manager
-            when :approver
-              open ||= check_sub_manager
-            when :visitor
-              open ||= true
-              visitor ||= true
+        unless @no_authorization
+          if @user_type
+            @user_type.each do |user_type|
+              open = false
+              visitor = false
+              case user_type
+              when :admin
+                open ||= check_admin
+              when :manager
+                open ||= check_manager
+              when :sub_manager
+                open ||= check_sub_manager
+              when :approver
+                open ||= check_sub_manager
+              when :visitor
+                set_current_user
+                open ||= true
+                visitor ||= true
+              end
+              check_backend_openness if visitor
+              authenticate_user! unless visitor
+              redirect_to root_url unless open
            end
-            check_backend_openness if visitor
-            authenticate_user! unless visitor
-            redirect_to root_url unless open
+          else
+            authenticate_user!
+            check_user_can_use
          end
-        else
-          authenticate_user!
-          check_user_can_use
        end
      end

@ -248,10 +259,14 @@ module  OrbitCoreLib
      end

      def open_for(var)
-         @user_type ||= []
+        @user_type ||= []
        @user_type << var
      end

+      def no_authorization
+        @no_authorization = true
+      end
+
      def check_user_can_use
        unless current_or_guest_user.admin? || @module_app.is_manager?(current_or_guest_user) || @module_app.is_sub_manager?(current_or_guest_user) || @module_app.can_approve?(current_or_guest_user)
          redirect_to root_url
@ -259,9 +274,8 @@ module  OrbitCoreLib
      end

      def setup_vars
-        @app_title ||= controller_path.split('/')[1].singularize
-        @module_app ||= ModuleApp.first(conditions: {:key => @app_title} )
-        # raise ModuleAppError, 'Can not find ModuleApp' if @module_app.nil?
+        @app_title ||= controller_path.split('/')[1].singularize rescue nil
+        @module_app ||= ModuleApp.first(conditions: {:key => @app_title} ) rescue nil
      end
    end
  end