Module: Permit::ControllerExtensions::PermitInstanceMethods

Defined in:
lib/permit/controller.rb

Instance Method Summary (collapse)

Instance Method Details

- (false) access_denied (protected)

Called by #check_authorizations when a person is not authorized to access the current action. It calls render_optional_error_file(401) on the controller, to render a Not Authorized error.

If #access_denied is already defined on the superclass, or redefined in the current controller then that will be called instead.

Returns:

  • (false)

    always returns false.



70
71
72
73
 
# File 'lib/permit/controller.rb', line 70

def access_denied
  defined?(super) ? super : render_optional_error_file(401)
  return false
end

- (Boolean) allowed?(roles, options = {}) (protected) - (Boolean) allowed?(options) (protected)

Determines if a person is allowed access by evaluating rules for a controller/action, or for a custom rule.

Overloads:

  • - (Boolean) allowed?(roles, options = {})

    Creates a PermitRule with the arguments that are given, and attempts to match it based on the current subject and binding context.

    For information on the parameters for this method see PermitRule#initialize.

    Returns:

    • (Boolean)

      true if the rule matches, otherwise false.

  • - (Boolean) allowed?(options)

    Attempts to evaluate the rules for the given action against the specified controller using the current subject, and binding context.

    Keep in mind that the evaluation is performed using the binding of the current controller. Any instance variables that may normally be needed for the rules on another controller need to exist in the current controller.

    Parameters:

    • options (Hash)

      the controller/action to evaluate rules for.

    Options Hash (options):

    • controller (String, Symbol)

      the name of the controller to evaluate the rules from. If this is not given then the current controller is used. You may use the string syntax 'namespaced/teams' for a namespaced controller Namespaced::TeamsController.

    • action (Symbol)

      the action to evaluate rules for.

    Returns:

    • (Boolean)

      true if the rule matches, otherwise false.

Returns:

  • (Boolean) 


112
113
114
115
116
117
118
119
120
121
122
 
# File 'lib/permit/controller.rb', line 112

def allowed?(*args)
  options = args.extract_options!
  if options.has_key? :action
    name = options[:controller]
    klass = (name ? "#{name}_controller".camelize.constantize : self)
    klass.permit_rules.permitted? permit_authorization_subject, options[:action], binding
  else
    rule = PermitRule.new args[0], options
    rule.matches? permit_authorization_subject, binding
  end
end

- (Boolean) authorized?(roles, resources) (protected)

Shortcut for current_person#authorized?. If the current person is a guest this will automatically return false.

For information on the parameters for this method see Models::PersonExtensions::PersonInstanceMethods#authorized?

Returns:

  • (Boolean) 


162
163
164
 
# File 'lib/permit/controller.rb', line 162

def authorized?(roles, resources)
  permit_authorization_subject.guest? ? false : permit_authorization_subject.authorized?(roles, resources)
end

- (Object) check_authorizations (protected)

Evaluates the Permit authorization rules for the current person on the current action. If the person is not permitted #access_denied will be called.



78
79
80
81
 
# File 'lib/permit/controller.rb', line 78

def check_authorizations
  return access_denied unless self.permit_rules.permitted?(permit_authorization_subject, params[:action].to_sym, binding)
  true
end

- (Boolean) denied?(roles, options = {}) (protected) - (Boolean) denied?(options) (protected)

Determines if a person is denied access by evaluating rules for a controller/action, or for a custom rule.

Overloads:

  • - (Boolean) denied?(roles, options = {})

    Creates a PermitRule with the arguments that are given, and attempts to match it based on the current subject and binding context.

    For information on the parameters for this method see PermitRule#initialize.

    Returns:

    • (Boolean)

      true if the rule does not match, otherwise false.

  • - (Boolean) denied?(options)

    Attempts to evaluate the rules for the given action against the specified controller using the current subject, and binding context.

    Keep in mind that the evaluation is performed using the binding of the current controller. Any instance variables that may normally be needed for the rules on another controller need to exist in the current controller.

    Parameters:

    • options (Hash)

      the controller/action to evaluate rules for.

    Options Hash (options):

    • controller (String, Symbol)

      the name of the controller to evaluate the rules from. If this is not given then the current controller is used. You may use the string syntax 'namespaced/teams' for a namespaced controller Namespaced::TeamsController.

    • action (Symbol)

      the action to evaluate rules for.

    Returns:

    • (Boolean)

      true if the subject is denied, otherwise false.

Returns:

  • (Boolean) 


153
154
155
 
# File 'lib/permit/controller.rb', line 153

def denied?(*args)
  !allowed? *args
end

- (Object) reset_permit_core (protected)

Needed to reset the core models in development mode as they were defined in the initializer for Permit.



57
58
59
60
 
# File 'lib/permit/controller.rb', line 57

def reset_permit_core
  Permit::Config.reset_core_models
  return true
end