StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

PORails routes and authentication?
primarykey
Id
12996951
data
AcceptedAnswerId
12998364
AnswerCount
1
ClosedDate
CommentCount
0
CommunityOwnedDate
CreationDate
2012-10-21T10:17:22.967
FavoriteCount
0
LastActivityDate
2012-10-21T17:42:45.177
LastEditDate
2012-10-21T12:38:42.050
LastEditorUserId
324007
OwnerUserId
324007
ParentId
0
PostTypeId
1
Score
1
ViewCount
441
LastEditorDisplayName
text
Body
I am working on a simple Intranet application, although there are some users, there is no requirement for the general staff to login. They should be able to visit the Intranet from any computer and access what they need without logging in. A number of our users are remote and they should be able to interact in the same way. What I am trying to achieve is the following; a list of IPs & subnets that go straight to the root URL without logging in (admins can still login). Any visitor not on the list of whitelisted IPs & subnets should see the static access denied page. On that page should be a login link. Once logged in they can interact with the Intranet just as they can if they are in our whitelisted subnet. Once they log out they see the access denied page again. I have the following code in my application controller: <pre><code>class ApplicationController < ActionController::Base before_filter :protect protect_from_forgery private def current_user @current_user ||= User.find(session[:user_id]) if session[:user_id] rescue ActiveRecord::RecordNotFound end helper_method :current_user def authorized? not current_user.nil? end def authorize redirect_to login_url, alert: "Not authorized" unless authorized? end def authorize_admin redirect_to login_url, alert: "Not authorized" unless authorized? && current_user.admin? end def protect @ips = ['127.0.0.1','123.123.123.12','192.168.5.0/24'] allowed = false bremote_ip = 0 request.remote_ip.split('.').each { |x| bremote_ip = (bremote_ip << 8) + x.to_i } @ips.each do |ipstring| ip, mask = ipstring.split '/' mask = mask ? mask.to_i : 32 bip = 0 ip.split('.').each { |x| bip = (bip << 8) + x.to_i } bmask = ((1 << mask) - 1) << (32 - mask) if bip & bmask == bremote_ip & bmask allowed = true break end end if not allowed render :template => "static/protect", :layout => "static" return end end end </code></pre> Any pointers on how to achieve this would be appreciated. Thanks!
Tags
<ruby-on-rails-3><authentication><controller><routes>
Title
Rails routes and authentication?
singulars
PostAcceptedAnswerId
1. PO
 singulars
 PostTypePostTypeId
 PTAnswer
PostParentId
1. This table or related slice is empty.
PostTypePostTypeId
1. PTQuestion
UserLastEditorUserId
1. USdannymcc
UserOwnerUserId
1. USdannymcc
plurals
PostLinksPostIdRelatedPostId
1. PL
 singulars
 LinkTypeLinkTypeId
 LTLinked
PostLinksRelatedPostIdPostId
1. This table or related slice is empty.
PostsAcceptedAnswerId
1. This table or related slice is empty.
PostsParentIdCreationDate
1. PO
 singulars
 PostTypePostTypeId
 PTAnswer
VotesPostIdCreationDate
1. VO
 singulars
 PostPostId
 PORails routes and authentication?
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTUpMod
CommentsPostId
1. This table or related slice is empty.

Querying!

Guidance

A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.