module Padrino::Admin::Helpers::AuthenticationHelpers

Common helpers used for authorization within an application.

Public Instance Methods

allowed?() click to toggle source

Returns true if the current_account is allowed to see the requested path.

For configure this role please refer to: Padrino::Admin::AccessControl::Base

# File lib/padrino-admin/helpers/authentication_helpers.rb, line 38
def allowed?
  access_control.allowed?(current_account, request.path_info)
end
current_account() click to toggle source

Returns the current_account, it's an instance of Account model.

# File lib/padrino-admin/helpers/authentication_helpers.rb, line 18
def current_account
  @current_account ||= login_from_session
end
logged_in?() click to toggle source

Returns true if current_account is logged and active.

# File lib/padrino-admin/helpers/authentication_helpers.rb, line 11
def logged_in?
  !current_account.nil?
end
login_required() click to toggle source

Returns a helper useful in a before_filter for check if an account are: logged_in? and allowed?

By default this method is used in Admin Apps.

# File lib/padrino-admin/helpers/authentication_helpers.rb, line 55
def login_required
  unless allowed?
    store_location! if store_location
    access_denied
  end
end
project_modules() click to toggle source

Returns project modules for the current account.

# File lib/padrino-admin/helpers/authentication_helpers.rb, line 45
def project_modules
  access_control.project_modules(current_account)
end
redirect_back_or_default(default) click to toggle source

Redirect the account to the page that requested an authentication or if the account is not allowed/logged return it to a default page.

# File lib/padrino-admin/helpers/authentication_helpers.rb, line 73
def redirect_back_or_default(default)
  return_to = session.delete(:return_to)
  redirect(return_to || default)
end
set_current_account(account=nil) click to toggle source

Override the current_account, you must provide an instance of Account model.

@example

set_current_account(Account.authenticate(params[:email], params[:password])
# File lib/padrino-admin/helpers/authentication_helpers.rb, line 28
def set_current_account(account=nil)
  session[settings.session_id] = account ? account.id : nil
  @current_account = account
end
store_location!() click to toggle source

Store in session the env.

# File lib/padrino-admin/helpers/authentication_helpers.rb, line 65
def store_location!
  session[:return_to] = "#{ENV['RACK_BASE_URI']}#{env['REQUEST_URI']}" if env['REQUEST_URI']
end

Private Instance Methods

access_denied() click to toggle source
# File lib/padrino-admin/helpers/authentication_helpers.rb, line 80
def access_denied
  if login_page
    redirect url(login_page)
  else
    halt 401, "You don't have permission for this resource"
  end
end
admin_model_obj() click to toggle source
# File lib/padrino-admin/helpers/authentication_helpers.rb, line 100
def admin_model_obj
  @_admin_model_obj ||= settings.admin_model.constantize
rescue NameError
  raise Padrino::Admin::AccessControlError, "You must define an #{settings.admin_model} Model"
end
login_from_session() click to toggle source
# File lib/padrino-admin/helpers/authentication_helpers.rb, line 96
def login_from_session
  admin_model_obj.find_by_id(session[settings.session_id]) if admin_model_obj
end
login_page() click to toggle source
# File lib/padrino-admin/helpers/authentication_helpers.rb, line 88
def login_page
  settings.respond_to?(:login_page) && settings.login_page
end
store_location() click to toggle source
# File lib/padrino-admin/helpers/authentication_helpers.rb, line 92
def store_location
  settings.respond_to?(:store_location) && settings.store_location
end