Created
May 3, 2012 17:19
-
-
Save ideaoforder/2587365 to your computer and use it in GitHub Desktop.
Doorkeeper/CanCan scope hack--restrict Oauth applications to user who created them
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| admin_authenticator do |routes| | |
| # Put your admin authentication logic here. | |
| # If you want to use named routes from your app you need | |
| # to call them on routes object eg. | |
| # routes.new_admin_session_path | |
| # Admin.find_by_id(session[:admin_id]) || redirect_to(routes.new_admin_session_path) | |
| if current_user | |
| if session[:customer_id] | |
| current_customer = Customer.find_by_id(session[:customer_id]) | |
| redirect_to(routes.customers_path) if !current_customer | |
| if params[:controller] == 'doorkeeper/applications' | |
| case params[:action] | |
| when 'create': params[:application][:customer_id] = session[:customer_id] | |
| when 'index', 'show': redirect_to routes.edit_customer_path(session[:customer_id]) | |
| when 'update', 'destroy', 'edit' | |
| if !current_customer.oauth_applications.collect(&:id).include? params[:id].to_i | |
| flash[:warning] = "You don't have access to that application." | |
| redirect_to routes.edit_customer_path(session[:customer_id]) | |
| end | |
| end | |
| end | |
| elsif !current_user.admin? | |
| flash[:warning] = "You don't have access to that application." | |
| redirect_to routes.root_path | |
| end | |
| else | |
| flash[:warning] = "You must be logged in to access to that application." | |
| redirect_to routes.login_path | |
| end | |
| end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment