[myexperiment-hackers] [2059] branches/authorization

[myexperiment-hackers] [2059] branches/authorization_new/lib/authorizati

From:

noreply

Subject:

[myexperiment-hackers] [2059] branches/authorization_new/lib/authorization.rb: Auth module.

Date:

Fri, 16 Jan 2009 10:52:03 -0500 (EST)

Revision: 2059
Author: alekses6
Date: 2009-01-16 10:52:02 -0500 (Fri, 16 Jan 2009)

Log Message

Auth module. Added proper checks for groups.

Modified Paths

branches/authorization_new/lib/authorization.rb

Diff

Modified: branches/authorization_new/lib/authorization.rb (2058 => 2059)


--- branches/authorization_new/lib/authorization.rb	2009-01-16 15:42:23 UTC (rev 2058)
+++ branches/authorization_new/lib/authorization.rb	2009-01-16 15:52:02 UTC (rev 2059)
@@ -190,9 +190,13 @@
         end
         
       when "Network"
-        # TODO
-        # add checks to allow only admin to edit / delete / accept memberships / etc
-        is_authorized = true
+        case action
+          when "edit", "destroy"
+            # check to allow only admin to edit / delete the group
+            is_authorized = is_network_admin?(user_id, thing_id)
+          else
+            is_authorized = true
+        end
         
       when "Experiment", "Job", "TavernaEnactor", "Runner"
         # user instance is absolutely required for this - so find it, if not yet available

[Prev in Thread]

Current Thread

[Next in Thread]

[myexperiment-hackers] [2059] branches/authorization_new/lib/authorization.rb: Auth module., noreply <=