Permalink
Browse files

Added auto admin creation, found code in beast, very clean. Also hook…

…ed admin? into helper method. Made admin required for site settings.

git-svn-id: svn://svn.roundhaus.com/steelpixel/signal/trunk@40 c8df4723-973c-463a-b466-deb924a697da
  • Loading branch information...
1 parent ebb2912 commit 17f0c484078625f778ecb056ab904dbb8e6b19fc josh committed Sep 2, 2007
Showing with 19 additions and 3 deletions.
  1. +6 −1 app/controllers/sites_controller.rb
  2. +1 −0 app/models/user.rb
  3. +4 −1 app/views/shared/_navbar.html.erb
  4. +2 −1 db/schema.rb
  5. +6 −0 lib/authenticated_system.rb
@@ -1,5 +1,5 @@
class SitesController < ApplicationController
-
+ before_filter :login_required
# GET /sites/1
# GET /sites/1.xml
def show
@@ -28,4 +28,9 @@ def update
end
end
+ protected
+ def authorized?
+ admin?
+ end
+
end
View
@@ -31,6 +31,7 @@ class User < ActiveRecord::Base
validates_length_of :email, :within => 3..100, :if => :not_openid?
validates_uniqueness_of :login, :email, :case_sensitive => false
before_save :encrypt_password
+ before_create { |u| u.admin = true if User.count == 0 }
# prevents a user from submitting a crafted form that bypasses activation
# anything else you want your user to change should be added here.
@@ -1,6 +1,9 @@
<ul id="nav">
<% if logged_in? -%>
- <li><%= link_to "settings", site_url %></li>
+ <% if current_user.admin? -%>
+ <li><%= link_to "settings", site_path %></li>
+ <li><%= link_to "users", users_path %></li>
+ <% end -%>
<li><%= link_to "logout", logout_path %></li>
<% else -%>
<li><%= link_to "login", login_path %></li>
View
@@ -2,7 +2,7 @@
# migrations feature of ActiveRecord to incrementally modify your database, and
# then regenerate this schema definition.
-ActiveRecord::Schema.define(:version => 8) do
+ActiveRecord::Schema.define(:version => 9) do
create_table "open_id_authentication_associations", :force => true do |t|
t.binary "server_url"
@@ -67,6 +67,7 @@
t.string "remember_token"
t.datetime "remember_token_expires_at"
t.string "identity_url"
+ t.boolean "admin"
end
end
@@ -52,6 +52,10 @@ def login_required
authorized? || access_denied
end
+ def admin?
+ logged_in? && current_user.admin?
+ end
+
# Redirect as appropriate when an access request fails.
#
# The default action is to redirect to the login screen.
@@ -115,6 +119,8 @@ def login_from_cookie
self.current_user = user
end
end
+
+
private
@@http_auth_headers = %w(X-HTTP_AUTHORIZATION HTTP_AUTHORIZATION Authorization)

0 comments on commit 17f0c48

Please sign in to comment.