module Padrino::Access
Padrino
authorization module.
@example
class Nifty::Application < Padrino::Application # optional settings set :credentials_reader, :visitor # the name of getter method in helpers # required statement register Padrino::Access # example persistance storage enable :sessions end # optional helpers Nifty::Application.helpers do def visitor session[:visitor] ||= Visitor.guest_account end end # example visitor model module Visitor extend self def guest_account OpenStruct.new(:role => :guest, :id => 1) end end # example controllers Nifty::Application.controller :public_area do set_access :* get(:index){ 'public content' } end Nifty::Application.controller :members_area do set_access :member get(:index){ 'secret content' } end Nifty::Application.controller :login do set_access :* get(:index){ session[:visitor] = OpenStruct.new(:role => :guest, :id => 1) } end
Public Class Methods
included(base)
click to toggle source
# File lib/padrino-auth/access.rb, line 60 def included(base) base.send(:include, InstanceMethods) base.extend(ClassMethods) end
registered(app)
click to toggle source
# File lib/padrino-auth/access.rb, line 48 def registered(app) included(app) app.default(:credentials_reader, :credentials) app.default(:access_errors, true) app.send :attr_reader, app.credentials_reader unless app.instance_methods.include?(app.credentials_reader) app.set :permissions, Permissions.new app.login_permissions if app.respond_to?(:login_permissions) app.before do authorized? || error(403, '403 Forbidden') end end