Created
July 23, 2012 07:11
-
-
Save ztmr/3162383 to your computer and use it in GitHub Desktop.
ChicagoBoss: resource-specific access control in general purpose REST controller
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| diff --git a/src/boss/boss_web_controller.erl b/src/boss/boss_web_controller.erl | |
| index 0d5a8f6..5473545 100644 | |
| --- a/src/boss/boss_web_controller.erl | |
| +++ b/src/boss/boss_web_controller.erl | |
| @@ -587,16 +587,19 @@ execute_action({Controller, Action, Tokens} = Location, AppInfo, Req, SessionID, | |
| 2 -> | |
| Module:new(Req, SessionID) | |
| end, | |
| - AuthInfo = case lists:member({"before_", 2}, ExportStrings) of | |
| - true -> | |
| - case ControllerInstance:before_(Action) of | |
| - ok -> | |
| - {ok, undefined}; | |
| - OtherInfo -> | |
| - OtherInfo | |
| - end; | |
| - false -> | |
| - {ok, undefined} | |
| + AuthInfoRaw = case lists:max ([-1|proplists:get_all_values ("before_", ExportStrings)]) of | |
| + %% NOTE: just for the case of multiple before_ definitions, | |
| + %% we expect that more arguments means/allows more restrictive | |
| + %% before_ decisions -- that's the reason why we are getting | |
| + %% higher arity first | |
| + 4 -> ControllerInstance:before_ (Action, Req:request_method (), Tokens); | |
| + 3 -> ControllerInstance:before_ (Action, Req:request_method ()); | |
| + 2 -> ControllerInstance:before_ (Action); | |
| + _ -> {ok, undefined} | |
| + end, | |
| + AuthInfo = case AuthInfoRaw of | |
| + ok -> {ok, undefined}; | |
| + OtherInfo -> OtherInfo | |
| end, | |
| case AuthInfo of | |
| {ok, Info} -> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment