Module: Lipsiadmin::AccessControl::Authentication

This provide a simple login for backend and frontend. Use backend_login_required in backend and frontend_login_requirded in frontend.

  Examples:

    class FrontendController <  ApplicationController
      before_filter :frontend_login_required, :except => [:login]
    end

Methods

allowed?
backend_login_required
current_account
current_account=
frontend_login_required
logged_in?
redirect_back_or_default

Protected Instance methods

allowed?()

Returns true if the current_account is allowed to see the requested controller/action.

For configure this role please refer to: Lipsiadmin::AccessControl::Base

[ show source ]

    # File lib/access_control/authentication.rb, line 41
41:         def allowed?
42:           maps = AccountAccess.maps_for(current_account)
43:           
44:           allowed = maps.collect(&:allowed).flatten.uniq
45:           denied  = maps.collect(&:denied).flatten.uniq
46:           
47:           allow = allowed.find do |a|
48:             a[:controller] == params[:controller] &&
49:             (a[:action].blank? || a[:action] == params[:action])
50:           end
51:           
52:           deny = denied.find do |a|
53:             a[:controller] == params[:controller] &&
54:             (a[:action].blank? || a[:action] == params[:action])
55:           end
56:           
57:           return allow && !deny
58:         end

backend_login_required()

Returns a helper to pass in a before_filter for check if an account are: logged_in? and allowed?

By default this method is used in BackendController so is not necessary

[ show source ]

    # File lib/access_control/authentication.rb, line 64
64:         def backend_login_required
65:           logged_in?  && allowed? || access_denied(:backend)
66:         end

current_account()

Returns the current_account, it‘s an instance of Account model

[ show source ]

    # File lib/access_control/authentication.rb, line 22
22:         def current_account
23:           @current_account ||= (login_from_session || :false)
24:         end

current_account=(new_account)

Ovverride the current_account, you must provide an instance of Account Model

  Examples:

    current_account = Account.last

[ show source ]

    # File lib/access_control/authentication.rb, line 32
32:         def current_account=(new_account)
33:           session[:account] = (new_account.nil? || new_account.is_a?(Symbol)) ? nil : new_account.id
34:           @current_account = new_account
35:         end

frontend_login_required()

Returns a helper to pass in a before_filter for check if an account are: logged_in? and allowed?

  Examples:

    before_filter :frontend_login_required, :except => [:some]

[ show source ]

    # File lib/access_control/authentication.rb, line 75
75:         def frontend_login_required
76:           logged_in?  && allowed? || access_denied(:frontend)
77:         end

logged_in?()

Returns true if current_account is logged and active.

[ show source ]

    # File lib/access_control/authentication.rb, line 17
17:         def logged_in?
18:           current_account != :false && current_account.active?
19:         end

redirect_back_or_default(default)

Redirect the account to the page that requested an authentication or if the account is not allowed/logged return it to a default page

[ show source ]

    # File lib/access_control/authentication.rb, line 93
93:         def redirect_back_or_default(default)
94:           redirect_to(session[:return_to] || default)
95:           session[:return_to] = nil
96:         end