Permalink
Browse files

Add clarifying comments to padrino-admin/access_control.rb

  • Loading branch information...
Daniel Tahara
Daniel Tahara committed Jun 30, 2012
1 parent 2c3796e commit 21146f6ffbedcce89b4ae23c48bba7c1bf8edc42
Showing with 4 additions and 2 deletions.
  1. +4 −2 padrino-admin/lib/padrino-admin/access_control.rb
@@ -102,11 +102,13 @@ def allowed?(account=nil, path=nil)
denied_paths = authorizations.map(&:denied).flatten.uniq
if account
denied_paths.clear
# explicit authorizations for the role associated with the given account
authorizations = @authorizations.find_all { |auth| auth.roles.include?(role) }
allowed_paths += authorizations.map(&:allowed).flatten.uniq
# other explicit authorizations
authorizations = @authorizations.find_all { |auth| !auth.roles.include?(role) && !auth.roles.include?(:any) }
denied_paths += authorizations.map(&:allowed).flatten.uniq
denied_paths += authorizations.map(&:denied).flatten.uniq
denied_paths += authorizations.map(&:allowed).flatten.uniq # remove paths explicitly allowed for other roles
denied_paths += authorizations.map(&:denied).flatten.uniq # remove paths explicitly denied to other roles
end
return true if allowed_paths.any? { |p| path =~ /^#{p}/ }
return false if denied_paths.any? { |p| path =~ /^#{p}/ }

0 comments on commit 21146f6

Please sign in to comment.