class ASF::Auth::MembersAndOfficers

'use' the following class in config.ru to limit access to the application to ASF members and officers and the accounting group.

Public Class Methods

new(app, &block) click to toggle source

Specify 'ASF Members and Officers' as the HTTP auth Realm

Calls superclass method
# File lib/whimsy/asf/rack.rb, line 59
def initialize(app, &block)
  super(app, "ASF Members and Officers", &proc {})
  @block = block 
end

Public Instance Methods

call(env) click to toggle source

Returns unauthorized unless running in test mode or the authenticated user is an ASF Member, a PMC Chair, or if a block is specified on the new call, and that block returns a true value. Block is used by the board agenda to allow invited guests to see the agenda.

# File lib/whimsy/asf/rack.rb, line 69
def call(env)
  authorized = ( ENV['RACK_ENV'] == 'test' )

  person = ASF::Auth.decode(env)

  authorized ||= person.asf_member?
  authorized ||= ASF.pmc_chairs.include? person
  authorized ||= @block.call(env) if @block

  if authorized
    @app.call(env)
  else
    unauthorized
  end
end