[Jifty-commit] r5139 - in jifty/trunk: lib/Jifty/Plugin/OAuth/Model

Jifty commits jifty-commit at lists.jifty.org
Tue Feb 19 19:21:08 EST 2008 

Author: sartak
Date: Tue Feb 19 19:21:05 2008
New Revision: 5139

Modified:
   jifty/trunk/   (props changed)
   jifty/trunk/lib/Jifty/Plugin/OAuth/Model/AccessToken.pm
   jifty/trunk/lib/Jifty/Plugin/OAuth/Model/Consumer.pm
   jifty/trunk/lib/Jifty/Plugin/OAuth/Model/RequestToken.pm

Log:
 r51948 at onn:  sartak | 2008-02-19 19:19:51 -0500
 Make the OAuth models root-only


Modified: jifty/trunk/lib/Jifty/Plugin/OAuth/Model/AccessToken.pm
==============================================================================
--- jifty/trunk/lib/Jifty/Plugin/OAuth/Model/AccessToken.pm	(original)
+++ jifty/trunk/lib/Jifty/Plugin/OAuth/Model/AccessToken.pm	Tue Feb 19 19:21:05 2008
@@ -5,6 +5,8 @@
 
 use base qw( Jifty::Plugin::OAuth::Token Jifty::Record );
 
+use constant is_private => 1;
+
 # kludge 1: you cannot call Jifty->app_class within schema {}
 # kludge 3: due to the loading order, you can't really do this
 #my $app_user;
@@ -65,5 +67,21 @@
     return (1, "Request token valid");
 }
 
+=head2 current_user_can
+
+Only root may have access to this model.
+
+In the near future, we should allow the authorizing user to edit this token
+(taking care of course that the authorizing user is not actually authed via
+OAuth!)
+
+=cut
+
+sub current_user_can {
+    my $self = shift;
+
+    return $self->current_user->is_superuser;
+}
+
 1;
 

Modified: jifty/trunk/lib/Jifty/Plugin/OAuth/Model/Consumer.pm
==============================================================================
--- jifty/trunk/lib/Jifty/Plugin/OAuth/Model/Consumer.pm	(original)
+++ jifty/trunk/lib/Jifty/Plugin/OAuth/Model/Consumer.pm	Tue Feb 19 19:21:05 2008
@@ -5,6 +5,8 @@
 
 use base qw( Jifty::Record );
 
+use constant is_private => 1;
+
 use Jifty::DBI::Schema;
 use Jifty::Record schema {
 
@@ -121,5 +123,17 @@
     $self->set_nonces({ %{$self->nonces}, $nonce => 1 });
 }
 
+=head2 current_user_can
+
+Only root may have access to this model.
+
+=cut
+
+sub current_user_can {
+    my $self = shift;
+
+    return $self->current_user->is_superuser;
+}
+
 1;
 

Modified: jifty/trunk/lib/Jifty/Plugin/OAuth/Model/RequestToken.pm
==============================================================================
--- jifty/trunk/lib/Jifty/Plugin/OAuth/Model/RequestToken.pm	(original)
+++ jifty/trunk/lib/Jifty/Plugin/OAuth/Model/RequestToken.pm	Tue Feb 19 19:21:05 2008
@@ -5,6 +5,8 @@
 
 use base qw( Jifty::Plugin::OAuth::Token Jifty::Record );
 
+use constant is_private => 1;
+
 # kludge 1: you cannot call Jifty->app_class within schema {}
 # kludge 3: due to the loading order, you can't really do this
 #my $app_user;
@@ -96,5 +98,17 @@
     return (1, "Request token valid");
 }
 
+=head2 current_user_can
+
+Only root may have access to this model.
+
+=cut
+
+sub current_user_can {
+    my $self = shift;
+
+    return $self->current_user->is_superuser;
+}
+
 1;

More information about the Jifty-commit mailing list