gem six auth concern

auth.rb

# app/controllers/concerns/auth.rb
 
module Concerns::Auth
  extend ActiveSupport::Concern
 
  class AccessDenied < RuntimeError; end
 
  included do
    helper_method :can?
 
    after_action :store_location, :if => lambda {|controller| controller.request.get? && controller.request.format == :html}
  end
 
 
  private
 
  def abilities
    @abilities ||= Six.new
  end
 
  def can?(action, subject)
    # override like:
    #
    # abilities << subject
    # abilities.allowed?(current_user, action, subject)
 
    raise NotImplementedError
  end
 
  def authorize!(action, subject = self)
    raise AccessDenied unless can?(action, subject)
  end
 
  def store_location
    session[:return_to] = request.protocol + request.host_with_port + request.path
    true
  end
 
  def redirect_back_or_default(default, options = {})
    return_to = session[:return_to].blank? ? default : session[:return_to]
    session[:return_to] = nil
 
    respond_to do |format|
      format.js { render :js => "window.location.href = '\#{j return_to}';" }
      format.html { redirect_to return_to, options }
    end
  end
end