Module: ActionSentinelGroup::Permissions

Defined in:

lib/action_sentinel_group/permissions.rb

Overview

Provides methods for check access permissions of a user model related to groups.

This module is designed to be included in user models that need to check access permissions. It introduces methods for checking permissions associated with a specific controller and actions.

Examples:

Including Permissions in a Model

class User < ApplicationRecord
  include ActionSentinelGroup::Permissions
end

user = User.new
user.has_permission_to?('create', 'users')

Instance Method Summary

• #has_permission_to?(action, controller_path) ⇒ Boolean

  Checks if the user has permission to perform a specific action on a controller.

Instance Method Details

#has_permission_to?(action, controller_path) ⇒ Boolean

Checks if the user has permission to perform a specific action on a controller.

Parameters:

• action (String) —

  The action to check permission for.

• controller_path (String) —

  The path of the controller to check permission for.

Returns:

• (Boolean) —

  Returns true if the user has permission, otherwise false.

# File 'lib/action_sentinel_group/permissions.rb', line 25

def has_permission_to?(action, controller_path)
  query = AccessPermission
          .joins(group_table_name.singularize.to_sym => user_groups_table_name.to_sym)
          .where(user_groups_table_name.to_sym => { "#{user_table_name.singularize}_id".to_sym => id })
          .where(controller_path: controller_path)

  query = if %w[sqlite sqlite3].include? self.class.connection.adapter_name.downcase
            query.where("actions LIKE ?", "%#{action}%")
          else
            query.where(':action = ANY("access_permissions"."actions")', action: action)
          end

  query.exists?
end