Initial import

git-svn-id: http://www.rousette.org.uk/svn/tracks-repos/trunk@1 a4c988fc-2ded-0310-b66e-134b36920a42
2026-03-03 03:20:15 +01:00 · 2005-01-09 11:59:57 +00:00 · 2005-01-09 11:59:57 +00:00 · ec3ee77797
commit ec3ee77797
83 changed files with 3361 additions and 0 deletions
--- a/tracks/lib/login_system.rb
+++ b/tracks/lib/login_system.rb
@ -0,0 +1,87 @@
+require_dependency "user"
+
+module LoginSystem 
+  
+  protected
+  
+  # overwrite this if you want to restrict access to only a few actions
+  # or if you want to check if the user has the correct rights  
+  # example:
+  #
+  #  # only allow nonbobs
+  #  def authorize?(user)
+  #    user.login != "bob"
+  #  end
+  def authorize?(user)
+     true
+  end
+  
+  # overwrite this method if you only want to protect certain actions of the controller
+  # example:
+  # 
+  #  # don't protect the login and the about method
+  #  def protect?(action)
+  #    if ['action', 'about'].include?(action)
+  #       return false
+  #    else
+  #       return true
+  #    end
+  #  end
+  def protect?(action)
+    true
+  end
+   
+  # login_required filter. add 
+  #
+  #   before_filter :login_required
+  #
+  # if the controller should be under any rights management. 
+  # for finer access control you can overwrite
+  #   
+  #   def authorize?(user)
+  # 
+  def login_required
+    
+    if not protect?(action_name)
+      return true  
+    end
+
+    if @session['user'] and authorize?(@session['user'])
+      return true
+    end
+
+    # store current location so that we can 
+    # come back after the user logged in
+    store_location
+  
+    # call overwriteable reaction to unauthorized access
+    access_denied
+    return false 
+  end
+
+  # overwrite if you want to have special behavior in case the user is not authorized
+  # to access the current operation. 
+  # the default action is to redirect to the login screen
+  # example use :
+  # a popup window might just close itself for instance
+  def access_denied
+    redirect_to :controller=>"login", :action =>"login"
+  end  
+  
+  # store current uri in  the session.
+  # we can return to this location by calling return_location
+  def store_location
+    @session['return-to'] = @request.request_uri
+  end
+
+  # move to the last store_location call or to the passed default one
+  def redirect_back_or_default(default)
+    if @session['return-to'].nil?
+      redirect_to default
+    else
+      redirect_to_url @session['return-to']
+      @session['return-to'] = nil
+    end
+  end
+
+end
--- a/tracks/lib/redcloth.rb
+++ b/tracks/lib/redcloth.rb