Module: Sinatra::SessionAuth::Helpers

Defined in:

lib/sinatra/sessionauth.rb

Instance Method Summary

• #allow_password_recovery? ⇒ Boolean
• #auth_to(auth) ⇒ Object

  Verifica que la persona tenga un authorization específico.

• #authorize(login, password) ⇒ Object
• #DELETE 'user' ⇒ Object
• #halt_unless_auth(*args) ⇒ Object
• #halt_unless_auth_any(*args) ⇒ Object
• #is_session_user(user_id) ⇒ Object
• #logout ⇒ Object
• #review_analyzed_by(review_id, user_id) ⇒ Object
• #review_belongs_to(review_id, user_id) ⇒ Object
• #show_user ⇒ Object

Instance Method Details

#allow_password_recovery? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/sinatra/sessionauth.rb', line 32

def allow_password_recovery?
  !ENV['SMTP_SERVER'].nil?
end

#auth_to(auth) ⇒ Object

Verifica que la persona tenga un authorization específico

# File 'lib/sinatra/sessionauth.rb', line 45

def auth_to(auth)

  #log.info(session['authorizations'])
  if session['user'].nil?
    false
  else
    if session['role_id']=='administrator'
      @admin_authorization_roles||=AuthorizationsRole.where(:role_id=>"administrator").select_map(:authorization_id)
      #@authorizations_cache||=Authorization.to_hash(:id)
      #Authorization.insert(:id=>auth, :description=>::I18n::t("sinatra_auth.permission_created_by_administrator")) if @authorizations_cache[auth].nil?
      unless @admin_authorization_roles.include? auth
        auth_o=Authorization[auth]
        raise Buhos::NoAuthorizationId, auth unless auth_o
        Role['administrator'].add_auth_to(auth_o)
      end
      true
    elsif session['authorizations'].include? auth
      true
    else
      false
    end
  end
end

#authorize(login, password) ⇒ Object

# File 'lib/sinatra/sessionauth.rb', line 90

def authorize(login, password)
  u=User.filter(Sequel.lit("(login=? OR email=?) AND password=?", login,login, Digest::SHA1.hexdigest(password)))
  ##$log.info(u.first)
  if u.first
    user=u.first
    session['user']=user[:login]
    session['user_id']=user[:id]
    session['name']=user[:name]
    session['role_id']=user[:role_id]
    session['authorizations']=user.authorizations.map {|v| v.id}
    session['language']=user.language

    ::I18n.locale = session['language'].to_sym

    true
  else
    false
  end
end

#DELETE 'user' ⇒ Object

# File 'lib/sinatra/sessionauth.rb', line 111

session.delete('user')

#halt_unless_auth(*args) ⇒ Object

# File 'lib/sinatra/sessionauth.rb', line 69

def halt_unless_auth(*args)
  halt 403 if args.any? {|per| !auth_to(per)}
end

#halt_unless_auth_any(*args) ⇒ Object

# File 'lib/sinatra/sessionauth.rb', line 73

def halt_unless_auth_any(*args)
  halt 403 unless args.any? {|per| auth_to(per)}
end

#is_session_user(user_id) ⇒ Object

# File 'lib/sinatra/sessionauth.rb', line 77

def is_session_user(user_id)
  user_id.to_i==session['user_id']
end

#logout ⇒ Object

# File 'lib/sinatra/sessionauth.rb', line 110

def logout
  session.delete('user')
end

#review_analyzed_by(review_id, user_id) ⇒ Object

# File 'lib/sinatra/sessionauth.rb', line 86

def review_analyzed_by(review_id, user_id)
  auth_to("review_analyze") and !$db["SELECT * FROM groups_users gu INNER JOIN systematic_reviews rs ON gu.group_id=rs.group_id WHERE rs.id=? AND gu.user_id=?", review_id, user_id].empty?
end

#review_belongs_to(review_id, user_id) ⇒ Object

# File 'lib/sinatra/sessionauth.rb', line 82

def review_belongs_to(review_id,user_id)
  auth_to("review_admin") and SystematicReview[:id=>review_id, :sr_administrator=>user_id]
end

#show_user ⇒ Object

# File 'lib/sinatra/sessionauth.rb', line 35

def show_user
  ##$log.info(session)
  if !session['user'].nil?
    partial(:user)
  else
    partial(:guest)
  end
end