diff options
Diffstat (limited to 'app')
-rw-r--r-- | app/controllers/application_controller.rb | 1 | ||||
-rw-r--r-- | app/models/account.rb | 8 |
2 files changed, 9 insertions, 0 deletions
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 15cc108..9df7c73 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -31,6 +31,7 @@ class ApplicationController < ActionController::Base def authorize!(object) if object.is_a? User authorized_to_show_user?(object) || raise(Aclog::Exceptions::UserProtected, object) + object.try(:account).try(:opted_out?) && raise(Aclog::Exceptions::UserOptedOut, object) elsif object.is_a? Tweet authorize! object.user else diff --git a/app/models/account.rb b/app/models/account.rb index 377efe0..6a89d32 100644 --- a/app/models/account.rb +++ b/app/models/account.rb @@ -2,6 +2,7 @@ class Account < ActiveRecord::Base ACTIVE = 0 INACTIVE = 1 REVOKED = 2 + OPTOUT = 3 belongs_to :user scope :active, -> { where(status: ACTIVE) } @@ -14,12 +15,19 @@ class Account < ActiveRecord::Base status == ACTIVE end + def opted_out? + status == OPTOUT + end + class << self # Registers a new account or updates an existing account. # @param [Hash] hash data # @return [Account] The target account object. def register(hash) account = where(user_id: hash[:user_id]).first_or_initialize + if account.opted_out? + raise UserOptedOut.new + end account.oauth_token = hash[:oauth_token] account.oauth_token_secret = hash[:oauth_token_secret] account.status = ACTIVE |