# Example of a MasterView admin custom authorization mixin.
#
# This module is included into the MasterviewController, so it has access
# to all the the standard rails controller facilities as well as
# any application-specific features in your own ApplicationController.
#
# To install a custom authorization handler in your application,
# copy this file to the app/masterview directory in your rails application
# and modify the implementation of the allow_access? predicate to
# perform checking suitable in your application for determining
# whether to grant access to the MasterView admininstration pages.
#
# To change the mixin module name or to load your admin_auth module
# from a different directory or file name, set the MasterView 
# admin_auth_mixin configuration setting in your config/masterview/settings.rb 
# or an appropriate config/masterview/environments specification.
# 
# For example, to load an alternate mixin from your app/masterview directory:
#
# config.admin_auth_mixin = {
#   :file => 'alt_admin_auth_mixin',
#   :module => :MasterViewAltAdminAuthMixin, # default is MasterViewAdminAuthMixin
# }
#
# To load an auth_check mixin from your rails lib directory:
#
# config.admin_auth_mixin = {
#   :file => 'lib/custom_admin_auth_mixin',
#   :file_loc => :RAILS_ROOT,
# }
#
module MasterViewAdminAuthMixin

  MasterView::Log.debug { 'Using customized admin_auth mixin for MasterView admin (local requests only)' }

  protected

  # Check that the current user has authorization to access admin operations.
  def allow_access?
    # default allows only for developer testing on local machine
    local_request?
  end

end