class ASF::Auth::MembersAndOfficers

‘use’ the following class in config.ru to limit access to the application to ASF members and officers and the accounting group.

Public Class Methods

new (app, &block)

Source

# File lib/whimsy/asf/rack.rb, line 62
def initialize(app, &block)
  super(app, 'ASF Members and Officers', &proc {})
  @block = block
end

Specify ‘ASF Members and Officers’ as the HTTP auth Realm

Calls superclass method

Public Instance Methods

call (env)

Source

# File lib/whimsy/asf/rack.rb, line 72
def call(env)
  authorized = ( ENV['RACK_ENV'] == 'test' )

  person = ASF::Auth.decode(env)

  authorized ||= person.asf_chair_or_member?
  authorized ||= @block.call(env) if @block

  if authorized
    @app.call(env)
  else
    unauthorized
  end
end

Returns unauthorized unless running in test mode or the authenticated user is an ASF Member, a PMC Chair, or if a block is specified on the new call, and that block returns a true value. Block is used by the board agenda to allow invited guests to see the agenda.