always check a method for a given role

Question

always check a method for a given role

Closed this issue 13 years ago · 3 comments

I want to check a list of whitelisted IP addresses whenever my admin role is accessed. So, instead of doing something like:

action :access_admin pages do
allow :admin do
user.matches_list_of_ips?
end
end

simply do this:

action :access_admin pages do
allow :admin
end

I haven't been able to find a good place to hook into aegis to do this. Ideas?

Answer 1 · 2012-01-18T16:45:25.000Z

Actually - Ideally, this will be implemented for all my roles except :user. So blacklisting(?) in some way would be nice.

Answer 2 · 2012-01-18T17:11:54.000Z

You can override #role_name in your user model and return a different role when the request IP isn't whitelisted.

Note that your models have no direct way to access the current request. Only controllers can do that. So you need to make your controller tell the user the current IP, e.g. when you load the current user.

Answer 3 · 2012-01-18T17:58:45.000Z

Excellent. Thanks!