diff options
author | re4k <re4k@re4k.info> | 2013-05-06 15:37:02 +0900 |
---|---|---|
committer | re4k <re4k@re4k.info> | 2013-05-06 15:37:02 +0900 |
commit | c0f5cce4645697823080c271e26de6d2c35a41c8 (patch) | |
tree | 98cf9e4aad85cb910900bfdbde0d276cf5339046 /app/controllers/application_controller.rb | |
parent | af3990115b393efed9bf1c90fdb6648e3a1e1ef0 (diff) | |
download | aclog-c0f5cce4645697823080c271e26de6d2c35a41c8.tar.gz |
add OAuth Echo support
Diffstat (limited to 'app/controllers/application_controller.rb')
-rw-r--r-- | app/controllers/application_controller.rb | 26 |
1 files changed, 16 insertions, 10 deletions
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 0ed7cf0..3579533 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -1,5 +1,7 @@ # -*- coding: utf-8 -*- class ApplicationController < ActionController::Base + include Aclog::TwitterOauthEchoAuthentication::ControllerMethods + protect_from_forgery before_filter :set_format, :check_session after_filter :xhtml @@ -14,17 +16,21 @@ class ApplicationController < ActionController::Base end def authorized_to_show?(user) - case - when (not user.protected?) - true - when (not session[:user_id]) - false - when user.id == session[:user_id] - true - when session[:account].following?(user) - true + return true if not user.protected? + + if session[:user_id] + return session[:account].following?(user.id) + elsif request.headers["X-Verify-Credentials-Authorization"] + # OAuth Echo + user_id = authenticate_with_twitter_oauth_echo + account = Account.find_by(user_id: user_id) + if account + return account.following?(user.id) + else + return false + end else - false + return false end end |