Module: NestedModelAuth::Base::InstanceMethods
- Defined in:
- lib/nested_model_auth.rb
Instance Method Summary collapse
Instance Method Details
#allow_save_by?(resource) ⇒ Boolean
37 38 39 40 |
# File 'lib/nested_model_auth.rb', line 37 def allow_save_by?(resource) @authorizations[:save] ||= {} @authorizations[:save][resource[resource.class.primary_key]] ||= (resource) end |
#run_authorization_rules(resource) ⇒ Object
42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 |
# File 'lib/nested_model_auth.rb', line 42 def (resource) # To allow access, one :allow rule must return true, and NO deny rules must return true allow_access = false deny_access = false self.class.[:save].each do |rule| if rule.auth_action == :allow allow_access ||= rule.invoke_for(self, resource) end if rule.auth_action == :deny deny_access ||= rule.invoke_for(self, resource) break if deny_access end end if (allow_access && !deny_access) true else false end end |