Module: ActionPolicy::Policy::Authorization
- Included in:
- Base
- Defined in:
- lib/action_policy/policy/authorization.rb
Overview
Authorization context could include multiple parameters.
It is possible to provide more verificatio contexts, by specifying them in the policy and providing them at the authorization step.
For example:
class ApplicationPolicy < ActionPolicy::Base
# Add user and account to the context; it's required to be passed
# to a policy constructor and be not nil
:user, :account
# you can skip non-nil check if you want
# authorize :account, allow_nil: true
def manage?
# available as a simple accessor
account.enabled?
end
end
ApplicantPolicy.new(user: user, account: account)
Defined Under Namespace
Modules: ClassMethods
Instance Attribute Summary collapse
-
#authorization_context ⇒ Object
readonly
Returns the value of attribute authorization_context.
Class Method Summary collapse
Instance Method Summary collapse
Instance Attribute Details
#authorization_context ⇒ Object (readonly)
Returns the value of attribute authorization_context.
44 45 46 |
# File 'lib/action_policy/policy/authorization.rb', line 44 def @authorization_context end |
Class Method Details
.included(base) ⇒ Object
39 40 41 |
# File 'lib/action_policy/policy/authorization.rb', line 39 def included(base) base.extend ClassMethods end |
Instance Method Details
#initialize(*args, **params) ⇒ Object
46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 |
# File 'lib/action_policy/policy/authorization.rb', line 46 def initialize(*args, **params) super(*args) @authorization_context = {} self.class..each do |id, opts| raise AuthorizationContextMissing, id unless params.key?(id) val = params.fetch(id) raise AuthorizationContextMissing, id if val.nil? && opts[:allow_nil] != true [id] = instance_variable_set("@#{id}", val) end .freeze end |