Permalink
Browse files

cantango. omfg.

Something is still wrong, though; in my permissions.yml if I remove the "guest" role the guest user can manage users again.
  • Loading branch information...
1 parent 5e5cdf2 commit 6e0e6c1a00109caed0d4295f54099eb700ec0e43 @davelnewton committed Sep 8, 2011
View
@@ -5,6 +5,7 @@ gem 'sqlite3'
gem 'authlogic'
gem 'rails3-generators'
+gem 'cantango'#, :git => 'https://github.com/kristianmandrup/cantango.git'
group :development, :test do
# Debugging/etc.
@@ -2,23 +2,27 @@ class ApplicationController < ActionController::Base
protect_from_forgery
- helper_method :current_user_session, :current_user
+ helper_method :current_user_session, :current_user, :is_guest?
+
+ protected
- private
def current_user_session
- logger.debug "ApplicationController::current_user_session"
return @current_user_session if defined?(@current_user_session)
@current_user_session = UserSession.find
end
def current_user
- logger.debug "ApplicationController::current_user"
return @current_user if defined?(@current_user)
@current_user = current_user_session && current_user_session.user
end
+ def is_guest?
+ logger.debug "-=> #{@current_user} #{@current_user.class}"
+ @current_user = Guest.new if current_user.nil?
+ @current_user.class == Guest || @current_user.class == NilClass
+ end
+
def require_user
- logger.debug "ApplicationController::require_user"
unless current_user
store_location
flash[:notice] = "You must be logged in to access this page"
@@ -28,7 +32,6 @@ def require_user
end
def require_no_user
- logger.debug "ApplicationController::require_no_user"
if current_user
store_location
flash[:notice] = "You must be logged out to access this page"
@@ -4,7 +4,7 @@ def current_user_name
end
def login_logout_link
- current_user ? link_to("Log out", logout_path) : link_to("Log in", login_path)
+ is_guest? ? link_to("Sign in", login_path) : link_to("Sign out #{current_user.first_name}", logout_path)
end
end
View
@@ -0,0 +1,23 @@
+class Guest
+
+ attr_accessor :email, :first_name, :last_name
+
+ def initialize
+ super
+ @email = 'guest@plugh.com'
+ @first_name = 'Guest'
+ @last_name = 'User'
+ end
+
+ #def has_role? name
+ # name.to_sym == :guest
+ #end
+
+ def roles_list
+ []
+ end
+
+ def role_groups_list
+ []
+ end
+end
View
@@ -1,6 +1,8 @@
class User < ActiveRecord::Base
- attr_accessible :first_name, :last_name, :email, :nickname, :password
+ tango_user
+
+ attr_accessible :first_name, :last_name, :email, :nickname, :password, :user_session
validates :first_name, :presence => true
validates :last_name, :presence => true
@@ -15,6 +17,18 @@ class User < ActiveRecord::Base
c.require_password_confirmation = false
end
+ def roles_list
+ (self.email.ends_with? "gmail.com") ? [:user] : []
+ end
+
+ def has_role? name
+ roles_list.contains name.to_sym
+ end
+
+ def role_groups_list
+ []
+ end
+
class << self
# TODO Any risk in allowing emails as nicknames?
# Might want to disallow using someone else's email address.
@@ -7,8 +7,13 @@
<%= csrf_meta_tag %>
</head>
- <body>
- <%= link_to "Home", root_path %> | <%= link_to "Users", users_path %> | <%= login_logout_link %>
+ <%
+ links = [ link_to("Home", root_path) ]
+ links << link_to("Users", users_path) if user_can?(:manage, User)
+ links << login_logout_link
+ %>
+
+ <%= links.join(' | ').html_safe %>
<hr/>
<%= yield %>
</body>
View
No changes.
@@ -0,0 +1,13 @@
+CanTango.config do |config|
+ config.engines.all :on
+ config.guest.user Guest.new
+ config.cache_engine.set :off
+ #config.cache.store.default_type = :memory
+end
+
+CanTango.config.user do |user|
+ user.clear! # set user settings back to default
+ user.unique_key_field = :email
+end
+
+CanTango.config.users.register :user
View
@@ -0,0 +1,9 @@
+roles:
+ user:
+ can:
+ manage:
+ - User
+ guest:
+ cannot:
+ manage:
+ - User

0 comments on commit 6e0e6c1

Please sign in to comment.