Module: Authorizr::Controller

Defined in:
lib/authorizr/controller.rb

Defined Under Namespace

Modules: ClassMethods

Class Method Summary collapse

Instance Method Summary collapse

Class Method Details

.included(to) ⇒ Object 



48
49
50
51
 
# File 'lib/authorizr/controller.rb', line 48

def self.included to
  to.extend ClassMethods
  to.create_authblock_catalog
end

Instance Method Details

#authorize!Object

the before-filter that gets called on every action



55
56
57
58
59
60
61
 
# File 'lib/authorizr/controller.rb', line 55

def authorize!
  authorized = call_auth_block

  logit authorized
  return true if authorized
  call_failure_block
end

#build_resource(parameters) ⇒ Object

attempt to sort out a model from the url and controller name



115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
 
# File 'lib/authorizr/controller.rb', line 115

def build_resource parameters
  return [nil, nil] if parameters.nil? || parameters[:id].nil?
  model_name = self.controller_name.classify

  begin
    model = Module.const_get model_name
    if model.respond_to? :find
      resource = model.find parameters[:id]
    else
      model = nil
    end
  rescue ActiveRecord::RecordNotFound
    Rails.logger.warn "\033[31m Record not found.  Model:#{model_name} ID:#{parameters[:id]}"
    model = resource = nil
  rescue NameError
    Rails.logger.warn "\033[31m Name Error.  Model:#{model_name} ID:#{parameters[:id]}"
    model = resource = nil
  end

  [model, resource]
end

#call_auth_blockObject 



63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
 
# File 'lib/authorizr/controller.rb', line 63

def call_auth_block
  auth_block = self.class.authorization_blocks[self.class.to_s]
  return false if auth_block.nil?

  params = request.parameters || nil

  model, resource = build_resource params

  auth_block.call({
    :user => current_user,
    :action => self.action_name,
    :controller => self,
    :params => params,
    :resource => resource,
    :model => model
  })
end

#call_failure_blockObject 



81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
 
# File 'lib/authorizr/controller.rb', line 81

def call_failure_block
  failure_block = self.class.failure_blocks[self.class.to_s]

  if failure_block.nil?
    render_error and return false
  else
    abort_action = failure_block.call({:controller => self})

    if !abort_action
      # if a render has been declared by the abort action, don't call the default error render error
      render_error unless performed?
      return false
    else
      abort_action
    end
  end
end

#current_userObject

override in application



110
111
112
 
# File 'lib/authorizr/controller.rb', line 110

def current_user
  nil
end

#logit(authorized) ⇒ Object 



99
100
101
102
103
104
105
106
107
 
# File 'lib/authorizr/controller.rb', line 99

def logit authorized
  if ::Rails.env == 'development'
    if authorized
      ::Rails.logger.warn "\033[32mGRANT:\033[0m #{self.controller_name} #{self.action_name}"
    else
      ::Rails.logger.warn "\033[31mDENY:\033[0m #{self.controller_name} #{self.action_name}"
    end
  end
end

#render_errorObject 



137
138
139
 
# File 'lib/authorizr/controller.rb', line 137

def render_error
  render :text => '404'
end