Module: Authority::Controller::ClassMethods

Defined in:

lib/authority/controller.rb

Instance Method Summary

• #authority_action(action_map) ⇒ Object
• #authority_action_map ⇒ Hash

  The controller action to authority action map used for determining which Rails actions map to which authority actions (ex: index to read).

• #authority_actions(action_map) ⇒ Object

  Allows defining and overriding a controller’s map of its actions to the model’s authorizer methods.

• #authorize_actions_for(resource_or_finder, options = {}) ⇒ Object

  Sets up before_filter to ensure user is allowed to perform a given controller action.

Instance Method Details

#authority_action(action_map) ⇒ Object

# File 'lib/authority/controller.rb', line 43

def authority_action(action_map)
  Authority.logger.warn "Authority's `authority_action` method has been renamed \
  to `authority_actions` (plural) to reflect the fact that you can \
  set multiple actions in one shot. Please update your controllers \
  accordingly. (called from #{caller.first})".squeeze(' ')
  authority_actions(action_map)
end

#authority_action_map ⇒ Hash

The controller action to authority action map used for determining which Rails actions map to which authority actions (ex: index to read)

Returns:

• (Hash) —

  A duplicated copy of the configured controller_action_map

# File 'lib/authority/controller.rb', line 55

def authority_action_map
  @authority_action_map ||= Authority.configuration.controller_action_map.dup
end

#authority_actions(action_map) ⇒ Object

Allows defining and overriding a controller’s map of its actions to the model’s authorizer methods

Parameters:

• action_map (Hash) —

  • controller actions and methods, to be merged with existing action_map

# File 'lib/authority/controller.rb', line 39

def authority_actions(action_map)
  authority_action_map.merge!(action_map.symbolize_keys)
end

#authorize_actions_for(resource_or_finder, options = {}) ⇒ Object

Sets up before_filter to ensure user is allowed to perform a given controller action

should be consulted, or instance method on the controller which will determine that class when the request is made be merged with existing ones and any other options applicable to a before_filter

Parameters:

• resource_or_finder (Class OR Symbol) —

  • class whose authorizer

• options (Hash) (defaults to: {}) —

  • can contain :actions to

# File 'lib/authority/controller.rb', line 30

def authorize_actions_for(resource_or_finder, options = {})
  self.authority_resource = resource_or_finder
  authority_actions(options[:actions] || {})
  before_filter :run_authorization_check, options
end