Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- class HomeController < ApplicationController
- before_filter :login, :except => [:authenticate, :logout]
- def initialize
- @superadmins = ["mike","art"]
- @regularadmins = ["jon"]
- @superusers = ["cody","josh"]
- @regularusers = ["patty"]
- end
- def index
- case
- when superadmin?(@myuser)
- render superadmin
- when regularadmin?(@myuser)
- render regularadmin
- when superuser?(@myuser) else
- render regularuser
- end
- end
- def login
- # set the controller instance_var @myuser to the session[:user]
- # if nil, create a new user object and
- # store it in the controller instance_var @myuser
- @myuser = session[:user] ? session[:user] : Myuser.new
- if ! logged_in? then
- login_form
- end
- end
- def logout
- session[:user] = nil
- render :text =>"logged out"
- end
- def authenticate(user="test",password="testpass")
- # If the @myuser controller instance_var is nil, then create a new
- # use the Myuser model to create a new user if the user/pass pair is valid
- # Myuser.authenticate returns nil if the pair is invalid
- @myuser ||= Myuser.authenticate(user,password)
- # for testing, lets set the instance_var to something specific
- # @myuser.name = "mike"
- session[:user] = @myuser
- render :text => "Logged in"
- end
- protected
- def logged_in?
- # define a controller method to make working with the model easier.
- # This also allows us to change the way we validate logged in
- # thus abstracting it from the model.
- # @muser should be a Myuser object
- @myuser.logged_in?
- end
- def login_form
- #We don't want to accidentally log the user out if they come to the login
- #form inappropriately. We use ||= to accomplish this.
- #Use = to force a logout
- @myuser ||= Myuser.new
- render :text => "Made it to the login form"
- end
- # user is a Myuser object
- def superadmin?(user)
- @superadmins.include?(user.name)
- end
- def regularadmin?(user)
- @regularadmins.include?(user.name)
- end
- def superuser?(user)
- @superusers.include?(user.name)
- end
- def regularuser?(user)
- @regularusers.include?(user.name)
- end
- def superadmin
- render :text => "You are a super admin!"
- end
- def regularadmin
- render :text => "You are an admin."
- end
- def superuser
- render :text => "Just below admin status"
- end
- def regularuser
- render :text => "Hello use end
- end
- end
- class Myuser < ActiveRecord::Base
- attr_accessor :logged_in, :name
- def initialize
- @logged_in = false
- end
- def logged_in?
- @logged_in
- end
- def self.authenticate(user="",password="")
- user = self.new
- # we are just setting the user true because we haven't done the real
- # authentication routine
- user.logged_in = true
- # We want to be sure that the user object is returned so is reference
- # it as the last entry.
- # The current thinking is to return nil if the user cannot authenticate
- user
- end
- end
Add Comment
Please, Sign In to add comment