# Filters added to this controller apply to all controllers in the application.
# Likewise, all the methods added will be available for all controllers.

class ApplicationController < ActionController::Base

  include AuthenticatedSystem

  # Before Filters to check for authentication, and then authorisation to
  # ensure the current user (if they're logged in) has the right to perform
  # the action they are attempting.

  # login_from_cookie is an acts_as_authenticated method, see /lib/authenticated_system.rb
  # login_required is an acts_as_authenticated method, see /lib/authenticated_system.rb
  # check_authorization is a home-baked solution based upon the item in RailsRecepis
  before_filter :login_from_cookie, :login_required, :check_authorization, :except => {:signin, :register} 

  # Define Layout
  layout "screen_full"
  # TODO: Could be a method to detect device type... but it's not gonna be :)
    
  # Pick a unique cookie name to distinguish our session data from others'
  session :session_key => '_ZetaniDVDProject_session_id'
 
  def check_authorization
    if logged_in?
      user = User.find(session[:user])
!!      unless user.roles.detect {|role| role.rights.detect {|right| right.action == action_name && right.controller == self.class.controller_path}}
        flash[:warning] = "You are not authorized to access this resource. (#{self.class.controller_path}/#{action_name})"
        redirect_back_or_default :controller => "welcome"
        return false
      end
    end
  end
  
end