Access Control
- Authentication *
class ApplicationController < ActionController::Base authenticate :signin => {:controller => “authentication”, :action => “signin”}, :model => :user end
Given parameters are default and can be left out. If the use is not logged in, he will be redirected to the signin action. The given model has to use acts_as_authenticated.
class AuthenticationController < ApplicationController no_authentication_for :signin, :signout end
def signin
if request.post?
user_class = ApplicationController.authentication_options[:model].to_class
user = user_class.authenticate(params:user, user_class.hash_password(params:user))
if user
session[ApplicationController.authentication_options[:model]] = user
if session[:intended_uri]
redirect_to(session[:intended_uri] || {:action => "index"})
session[:intended_uri] = nil
else
redirect_to :controller => "guestbook"
end
else
flash[:notice] = "We could not log you in."
end
end
enddef signout
session[ApplicationController.authentication_options[:model]] = nil
redirect_to authentication_options[:signin]
end- acts_as_authenticated *
require ‘digest/sha1’ class Use < ActiveRecord::Base acts_as_authenticated :signin_id => :user_name, :password => :password end
Given parameters are default and can be left out.
- Authorization *
class AdminController < ApplicationController authorize “admin:rw” authorize “admin:x”, :only => :special_action end
def index
...
enddef create
...
enddef destroy
...
enddef special_action
...
end- Migration *
Migration script is available at /vendor/plugins/access_control/generators/authentication/templates/migration.rb
NOTE: This description has been extracted from the Plugin README and so the formatting may need updating to make browser friendly
Edit
Report
