@@ -3,6 +3,8 @@ HEADER_AUTHORIZE_KEY = 'authorization.header' HEADER_AUTHORIZE_ATTR = 'authorization.attribute' HEADER_AUTHORIZE_DEV_ACCOUNT = 'authorization.development.account' HEADER_AUTHORIZE_USER_INIT = 'authorization.users.create' +HEADER_AUTHORIZE_ANONYMOUS_VAL = 'authorization.anonymous.value' +HEADER_AUTHORIZE_ANONYMOUS_REDIRECT = 'authorization.anonymous.redirect' class HeaderAuthorizeExtension < Radiant::Extension version "1.0" @@ -35,6 +37,20 @@ class HeaderAuthorizeExtension < Radiant::Extension auth_config.update_attribute :description, "When this is set to true, any authorized use that enters will have a user account created for them. To disable this, set the value to 'false'" end end + if Radiant::Config[HEADER_AUTHORIZE_ANONYMOUS_VAL].blank? + Radiant::Config[HEADER_AUTHORIZE_ANONYMOUS_VAL] = 'anonymous' + auth_config = Radiant::Config.find_by_key(HEADER_AUTHORIZE_ANONYMOUS_VAL) + if auth_config.respond_to?(:description) + auth_config.update_attribute :description, "A user with this given value for her authorization.header will be used to restricted from access." + end + end + if Radiant::Config[HEADER_AUTHORIZE_ANONYMOUS_REDIRECT].blank? + Radiant::Config[HEADER_AUTHORIZE_ANONYMOUS_REDIRECT] = '/' + auth_config = Radiant::Config.find_by_key(HEADER_AUTHORIZE_ANONYMOUS_REDIRECT) + if auth_config.respond_to?(:description) + auth_config.update_attribute :description, "An anonymous user will be redirected to the location given here." + end + end if RAILS_ENV == 'development' if Radiant::Config[HEADER_AUTHORIZE_DEV_ACCOUNT].blank? Radiant::Config[HEADER_AUTHORIZE_DEV_ACCOUNT] = User.find(:first)[:login] header_authorize_extension.rb @@ -8,26 +8,38 @@ module HeaderAuthorization end def auth_header - Radiant::Config[HEADER_AUTHORIZE_KEY] || 'HTTP_USER_ID' + config[HEADER_AUTHORIZE_KEY] || 'HTTP_USER_ID' end def auth_attr - Radiant::Config[HEADER_AUTHORIZE_ATTR] || 'login' + config[HEADER_AUTHORIZE_ATTR] || 'login' + end + + def auth_anonymous_redirect_location + config[HEADER_AUTHORIZE_ANONYMOUS_REDIRECT] || '/' + end + + def auth_anonymous_val + config[HEADER_AUTHORIZE_ANONYMOUS_VAL] || 'anonymous' end def authenticate_with_header - unless self.current_user + unless current_user if !request.env[auth_header].blank? if self.current_user = User.send("find_by_#{auth_attr}",request.env[auth_header]) self.send(:set_current_user) else - if Radiant::Config[HEADER_AUTHORIZE_USER_INIT] + if config[HEADER_AUTHORIZE_USER_INIT] && request.env[auth_header] != auth_anonymous_val self.current_user = User.create!(:login => request.env[auth_header], :name => request.env[auth_header], :password => request.env[auth_header], :password_confirmation => request.env[auth_header]) self.send(:set_current_user) flash[:notice] = 'Welcome. A new account has been created for you.' end end end + else + if !request.env[auth_header].blank? && auth_anonymous_val == request.env[auth_header] && request.url.match('/admin') + redirect_to auth_anonymous_redirect_location + end end end lib/header_authorization.rb 19912027a482c6a02cf25c72b39cb509ab02b133 Jim Gay jim@saturnflyer.com http://github.com/saturnflyer/radiant-header_authorize-extension/commit/9864c7e78b080de26d123953bbeb1c8b4a45487f 9864c7e78b080de26d123953bbeb1c8b4a45487f 2008-11-10T19:14:01-08:00 2008-11-10T19:14:01-08:00 redirect for anonymous user c0bc655ea6134cbbc7750538f84e3e83e2bf29dd Jim Gay jim@saturnflyer.com