Module: Outpost::Controller::Authorization

Included in:: ApplicationController

Defined in:: lib/outpost/controller/authorization.rb

Instance Method Summary collapse

#authorize(resource) ⇒ Object

Make sure the user can authorize the current resource.
#authorize_resource ⇒ Object

Use this for before_filter.
#handle_unauthorized(resource) ⇒ Object

What to do when a user doesn’t have proper permissions.

Instance Method Details

#authorize(resource) ⇒ `Object`

Make sure the user can authorize the current resource

# File 'lib/outpost/controller/authorization.rb', line 9

def authorize(resource)
  if !current_user.can_manage?(resource)
    handle_unauthorized(resource)
  end
end

#authorize_resource ⇒ `Object`

Use this for before_filter. Should be overridden for custom behavor.



16
17
18

# File 'lib/outpost/controller/authorization.rb', line 16

def authorize_resource
  authorize(self.class.model)
end

#handle_unauthorized(resource) ⇒ `Object`

What to do when a user doesn’t have proper permissions

# File 'lib/outpost/controller/authorization.rb', line 21

def handle_unauthorized(resource)
  redirect_to outpost.root_path,
    alert: "You don't have permission to manage " \
           "#{resource.to_title.pluralize}"
  return false
end

Module: Outpost::Controller::Authorization

Instance Method Summary collapse

Instance Method Details

#authorize(resource) ⇒ Object

#authorize_resource ⇒ Object

#handle_unauthorized(resource) ⇒ Object

#authorize(resource) ⇒ `Object`

#authorize_resource ⇒ `Object`

#handle_unauthorized(resource) ⇒ `Object`