else\r
{}\r
\r
- filters: () ->\r
- if Pettanr.is_sns()\r
- Pettanr.ActionFilter.sns_filters()\r
- else\r
- Pettanr.ActionFilter.blog_filters()\r
- \r
- my_filters: (role, params) ->\r
- f = @filters()\r
- c = f[params['controller']] || {}\r
- r = c[role]\r
- r\r
- \r
- # return false if allow\r
- # return true if deny\r
- authenticate: (role, params) ->\r
- n = 'is_' + role\r
- if not @operators[n]() # ex: operators.is_user()\r
- filter = @my_filters(role, params)\r
- if Pettanr.before_filter(params['action'], filter)\r
- return true\r
- false\r
- \r
- # access block\r
- # return sign in form if invalid url\r
- # return null if url is valid\r
- block: (params) ->\r
- return @guest_url() if @authenticate('reader', params) or @authenticate('resource_reader', params) or @authenticate('user', params)\r
- return @new_author_url() if @authenticate('author', params)\r
- return @new_artist_url() if @authenticate('artist', params)\r
- null\r
- \r
- guest_url: () ->\r
- 'user_seeeions/new'\r
- \r
- new_author_url: () ->\r
- 'authors/new'\r
- \r
- new_artist_url: () ->\r
- 'artists/new'\r
- \r
# render App(render:all)\r
home: () ->\r
params = @home_params()\r
# ex) scrolls/3/edit\r
c_i_a: (controller, id, action, query_string, form) ->\r
params = @c_i_a_params(controller, id, action, query_string)\r
- if safe_url = @block(params)\r
- @trigger('deny', params, form, safe_url)\r
- else\r
- @trigger('go', params, form)\r
+ @trigger('go', params, form)\r
\r
c_i_a_params: (controller, id, action, query_string) ->\r
params = @parse_query_string(query_string)\r
# ex) scrolls/3\r
c_i: (controller, id, query_string, form) ->\r
params = @c_i_params(controller, id, query_string)\r
- if safe_url = @block(params)\r
- @trigger('deny', params, form, safe_url)\r
- else\r
- @trigger('go', params, form)\r
+ @trigger('go', params, form)\r
\r
c_i_params: (controller, id, query_string) ->\r
params = @parse_query_string(query_string)\r
# ex) scrolls\r
c: (controller, query_string, form) ->\r
params = @c_params(controller, query_string)\r
- if safe_url = @block(params)\r
- @trigger('deny', params, form, safe_url)\r
- else\r
- @trigger('go', params, form)\r
+ @trigger('go', params, form)\r
\r
c_params: (controller, query_string) ->\r
params = @parse_query_string(query_string)\r
\r
top_a: (action, query_string, form) ->\r
params = @users_a_params(action, query_string)\r
- if safe_url = @block(params)\r
- @trigger('deny', params, safe_url)\r
- else\r
- @trigger('go', params, form)\r
+ @trigger('go', params, form)\r
\r
top_a_params: (action, query_string) ->\r
params = @parse_query_string(query_string)\r
\r
user_sessions_a: (action, query_string, form) ->\r
params = @user_sessions_a_params(action, query_string)\r
- if safe_url = @block(params)\r
- @trigger('deny', params, safe_url)\r
- else\r
- @trigger('go', params, form)\r
+ @trigger('go', params, form)\r
\r
user_sessions_a_params: (action, query_string) ->\r
params = @parse_query_string(query_string)\r
\r
users_a: (action, query_string, form) ->\r
params = @users_a_params(action, query_string)\r
- if safe_url = @block(params)\r
- @trigger('deny', params, safe_url)\r
- else\r
- @trigger('go', params, form)\r
+ @trigger('go', params, form)\r
\r
users_a_params: (action, query_string) ->\r
params = @parse_query_string(query_string)\r