Skip to content

Authorization integration for plugins #231

Closed
mikldt opened this Issue Oct 24, 2012 · 1 comment

1 participant

@mikldt
Concerto Digital Signage member
mikldt commented Oct 24, 2012

Plugins will need to perform several authorization tasks.

  1. Define authorization rules for their own models

  2. Perform authorization checks (in controllers, views, and callback code) against their own models

  3. Perform authorization checks against models from the main application
    (for example, prior to showing a link)

We need to develop a recommended way for them to perform these tasks, and if necessary write functions in the ConcertoPlugin interface to facilitate them.

@mikldt mikldt was assigned Oct 24, 2012
@mikldt mikldt added a commit that referenced this issue Dec 28, 2012
@mikldt mikldt Plugins: Provide for authorization from main app
Plugins will have their own ability classes for their resources.
However, their hooks which execute in the main_app context will need to
access them. This commit provides away to do that. (#231 is almost there)
a51bdb4
@mikldt mikldt added a commit that referenced this issue Dec 28, 2012
@mikldt mikldt Plugins: make auth! work for engines
If the model and the engine are in the same module, this makes auth!
from the main application work reliably when used in the controllers for
engine resources. Should have no effect on main application's auth.

Continuing work on #231 ...
f49fc7c
@mikldt
Concerto Digital Signage member
mikldt commented Dec 31, 2012

Done! This is documented in the wiki on the Plugin Development page, under Adding Authorization. concerto-hardware provides a live test case.

@mikldt mikldt closed this Dec 31, 2012
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.