[Jifty-commit] r5139 - in jifty/trunk: lib/Jifty/Plugin/OAuth/Model
Jifty commits
jifty-commit at lists.jifty.org
Tue Feb 19 19:21:08 EST 2008
Author: sartak
Date: Tue Feb 19 19:21:05 2008
New Revision: 5139
Modified:
jifty/trunk/ (props changed)
jifty/trunk/lib/Jifty/Plugin/OAuth/Model/AccessToken.pm
jifty/trunk/lib/Jifty/Plugin/OAuth/Model/Consumer.pm
jifty/trunk/lib/Jifty/Plugin/OAuth/Model/RequestToken.pm
Log:
r51948 at onn: sartak | 2008-02-19 19:19:51 -0500
Make the OAuth models root-only
Modified: jifty/trunk/lib/Jifty/Plugin/OAuth/Model/AccessToken.pm
==============================================================================
--- jifty/trunk/lib/Jifty/Plugin/OAuth/Model/AccessToken.pm (original)
+++ jifty/trunk/lib/Jifty/Plugin/OAuth/Model/AccessToken.pm Tue Feb 19 19:21:05 2008
@@ -5,6 +5,8 @@
use base qw( Jifty::Plugin::OAuth::Token Jifty::Record );
+use constant is_private => 1;
+
# kludge 1: you cannot call Jifty->app_class within schema {}
# kludge 3: due to the loading order, you can't really do this
#my $app_user;
@@ -65,5 +67,21 @@
return (1, "Request token valid");
}
+=head2 current_user_can
+
+Only root may have access to this model.
+
+In the near future, we should allow the authorizing user to edit this token
+(taking care of course that the authorizing user is not actually authed via
+OAuth!)
+
+=cut
+
+sub current_user_can {
+ my $self = shift;
+
+ return $self->current_user->is_superuser;
+}
+
1;
Modified: jifty/trunk/lib/Jifty/Plugin/OAuth/Model/Consumer.pm
==============================================================================
--- jifty/trunk/lib/Jifty/Plugin/OAuth/Model/Consumer.pm (original)
+++ jifty/trunk/lib/Jifty/Plugin/OAuth/Model/Consumer.pm Tue Feb 19 19:21:05 2008
@@ -5,6 +5,8 @@
use base qw( Jifty::Record );
+use constant is_private => 1;
+
use Jifty::DBI::Schema;
use Jifty::Record schema {
@@ -121,5 +123,17 @@
$self->set_nonces({ %{$self->nonces}, $nonce => 1 });
}
+=head2 current_user_can
+
+Only root may have access to this model.
+
+=cut
+
+sub current_user_can {
+ my $self = shift;
+
+ return $self->current_user->is_superuser;
+}
+
1;
Modified: jifty/trunk/lib/Jifty/Plugin/OAuth/Model/RequestToken.pm
==============================================================================
--- jifty/trunk/lib/Jifty/Plugin/OAuth/Model/RequestToken.pm (original)
+++ jifty/trunk/lib/Jifty/Plugin/OAuth/Model/RequestToken.pm Tue Feb 19 19:21:05 2008
@@ -5,6 +5,8 @@
use base qw( Jifty::Plugin::OAuth::Token Jifty::Record );
+use constant is_private => 1;
+
# kludge 1: you cannot call Jifty->app_class within schema {}
# kludge 3: due to the loading order, you can't really do this
#my $app_user;
@@ -96,5 +98,17 @@
return (1, "Request token valid");
}
+=head2 current_user_can
+
+Only root may have access to this model.
+
+=cut
+
+sub current_user_can {
+ my $self = shift;
+
+ return $self->current_user->is_superuser;
+}
+
1;
More information about the Jifty-commit
mailing list