throw user to login if trying to edit without logging in

author Steve Coast <steve@asklater.com>

Sat, 7 Apr 2007 10:28:38 +0000 (10:28 +0000)

committer Steve Coast <steve@asklater.com>

Sat, 7 Apr 2007 10:28:38 +0000 (10:28 +0000)
author Steve Coast <steve@asklater.com>
Sat, 7 Apr 2007 10:28:38 +0000 (10:28 +0000)
committer Steve Coast <steve@asklater.com>
Sat, 7 Apr 2007 10:28:38 +0000 (10:28 +0000)
diff --git a/app/controllers/application.rb b/app/controllers/application.rb

index a4f65cd54b9d30bb095285b370b402ecabdeb818..6520e027bc8b5a35b127fe9c15667d4964215235 100644 (file)
--- a/app/controllers/application.rb
+++ b/app/controllers/application.rb
@@ -6,6 +6,10 @@ class ApplicationController < ActionController::Base
      @user = User.find_by_token(session[:token])
    end
  
+  def require_user
+    redirect_to :controller => 'user', :action => 'login' unless @user
+  end
+
    def authorize(realm='Web Password', errormessage="Could't authenticate you") \r
      username, passwd = get_auth_data # parse from headers\r
      # authenticate per-scheme
diff --git a/app/controllers/site_controller.rb b/app/controllers/site_controller.rb

index 380c41436d92c4f71993262e4d62e5cf3b817496..f4ccd3c742cc7e1ebb9fd1e56a98d7ae2ce86a62 100644 (file)
--- a/app/controllers/site_controller.rb
+++ b/app/controllers/site_controller.rb
@@ -1,6 +1,6 @@
  class SiteController < ApplicationController
    before_filter :authorize_web
-
+  before_filter :require_user, :only => [:edit]
    def index
  
    end
author	Steve Coast <steve@asklater.com>
	Sat, 7 Apr 2007 10:28:38 +0000 (10:28 +0000)
committer	Steve Coast <steve@asklater.com>
	Sat, 7 Apr 2007 10:28:38 +0000 (10:28 +0000)
app/controllers/application.rb		patch \| blob \| history
app/controllers/site_controller.rb		patch \| blob \| history