From b4f5fddc5cc53be4308fc7b9110d1b955f6fbe12 Mon Sep 17 00:00:00 2001 From: chris Date: Tue, 8 Oct 2013 17:18:58 +0800 Subject: [PATCH] Add option to skip authorization --- lib/orbit_core_lib.rb | 68 ++++++++++++++++++++++++++----------------- 1 file changed, 41 insertions(+), 27 deletions(-) diff --git a/lib/orbit_core_lib.rb b/lib/orbit_core_lib.rb index 918f43f8..615db4c2 100644 --- a/lib/orbit_core_lib.rb +++ b/lib/orbit_core_lib.rb @@ -197,37 +197,48 @@ module OrbitCoreLib end end + def skip_authorization(arg = nil) + if arg + key = arg.shift + prepend_before_filter key[0] => key[1] {|f| f.no_authorization} + else + prepend_before_filter {|f| f.no_authorization} + end + end + end module InstanceMethods protected def can_use setup_vars - set_current_user - if @user_type - @user_type.each do |user_type| - open = false - visitor = false - case user_type - when :admin - open ||= check_admin - when :manager - open ||= check_manager - when :sub_manager - open ||= check_sub_manager - when :approver - open ||= check_sub_manager - when :visitor - open ||= true - visitor ||= true + unless @no_authorization + if @user_type + @user_type.each do |user_type| + open = false + visitor = false + case user_type + when :admin + open ||= check_admin + when :manager + open ||= check_manager + when :sub_manager + open ||= check_sub_manager + when :approver + open ||= check_sub_manager + when :visitor + set_current_user + open ||= true + visitor ||= true + end + check_backend_openness if visitor + authenticate_user! unless visitor + redirect_to root_url unless open end - check_backend_openness if visitor - authenticate_user! unless visitor - redirect_to root_url unless open + else + authenticate_user! + check_user_can_use end - else - authenticate_user! - check_user_can_use end end @@ -248,10 +259,14 @@ module OrbitCoreLib end def open_for(var) - @user_type ||= [] + @user_type ||= [] @user_type << var end + def no_authorization + @no_authorization = true + end + def check_user_can_use unless current_or_guest_user.admin? || @module_app.is_manager?(current_or_guest_user) || @module_app.is_sub_manager?(current_or_guest_user) || @module_app.can_approve?(current_or_guest_user) redirect_to root_url @@ -259,9 +274,8 @@ module OrbitCoreLib end def setup_vars - @app_title ||= controller_path.split('/')[1].singularize - @module_app ||= ModuleApp.first(conditions: {:key => @app_title} ) - # raise ModuleAppError, 'Can not find ModuleApp' if @module_app.nil? + @app_title ||= controller_path.split('/')[1].singularize rescue nil + @module_app ||= ModuleApp.first(conditions: {:key => @app_title} ) rescue nil end end end