danielharan / restful-authentication fork watch download tarball
public
Forks209Right
Watchers5Right
Fork of technoweenie/restful-authentication
Description: Generates common user authentication code for Rails/Merb, with a full test/unit and rspec suite built-in.
Homepage: http://weblog.techno-weenie.net
Clone URL: git://github.com/danielharan/restful-authentication.git 
Adds filter to hide stateful user controller actions - only admin should be able 
to delete users
Daniel Haran (author)
Sun Jun 15 14:07:22 -0700 2008
commit  79bc5da34610c392382affb7c5f13a9a668c0dee
tree    7a36008099e669789cf3a36a131ab57557e9a924
parent  761885651e825632786bd7d8969984e630838697
0
generators/authenticated/templates/model_controller.rb 
...
2
3
4
5
6
 
7
8
9
...
79
80
81
 
 
 
 
82
83
84
 
...
2
3
4
 
 
5
6
7
8
...
78
79
80
81
82
83
84
85
86
87
 
0
@@ -2,8 +2,7 @@ class <%= model_controller_class_name %>Controller < ApplicationController
0
   # Be sure to include AuthenticationSystem in Application Controller instead
0
   include AuthenticatedSystem
0
   <% if options[:stateful] %>
0
-  # Protect these actions behind an admin login
0
-  # before_filter :admin_required, :only => [:suspend, :unsuspend, :destroy, :purge]
0
+  before_filter :admin_required, :only => [:suspend, :unsuspend, :destroy, :purge]
0
   before_filter :find_<%= file_name %>, :only => [:suspend, :unsuspend, :destroy, :purge]
0
   <% end %>
0
 
0
@@ -79,6 +78,10 @@ class <%= model_controller_class_name %>Controller < ApplicationController
0
   # supply their old password along with a new one to update it, etc.
0
 
0
 protected
0
+  def admin_required
0
+    false
0
+  end
0
+  
0
   def find_<%= file_name %>
0
     @<%= file_name %> = <%= class_name %>.find(params[:id])
0
   end

Comments