Module: ActiveScaffold::Bridges::Cancan::ActiveRecord::SecurityMethods
- Defined in:
- lib/active_scaffold/bridges/cancan/cancan_bridge.rb
Defined Under Namespace
Classes: InvalidArgument
Instance Method Summary collapse
-
#authorized_for?(options = {}) ⇒ Boolean
is usually called with :crud_type and :column, or :action :update, column: ‘some_colum_name’ ‘edit’ to allow access cancan must allow both :crud_type and :action if cancan says “no”, it delegates to default AS behavior.
Instance Method Details
#authorized_for?(options = {}) ⇒ Boolean
is usually called with :crud_type and :column, or :action
{crud_type: :update, column: 'some_colum_name'}
{action: 'edit'}
to allow access cancan must allow both :crud_type and :action if cancan says “no”, it delegates to default AS behavior
108 109 110 111 112 113 114 115 116 117 118 119 120 |
# File 'lib/active_scaffold/bridges/cancan/cancan_bridge.rb', line 108 def ( = {}) raise InvalidArgument if [:crud_type].blank? && [:action].blank? if current_ability.present? crud_type_result = [:crud_type].nil? ? true : current_ability.can?([:crud_type], self) action_result = [:action].nil? ? true : current_ability.can?([:action].to_sym, self) else crud_type_result = action_result = false end result = (crud_type_result && action_result) || super(.merge(reason: nil)) # return array with nil reason if requested with options[:reason], we don't have reason but caller expects array [:reason] ? [result, nil] : result end |