Module: Canned::ControllerExt

Defined in:

lib/canned/controller_ext.rb

Overview

Action Controller extension

Include this in the the base application controller and use the acts_as_restricted method to seal it.

ApplicationController << ActionController:Base
  include Canned:ControllerExt

  # Call canned setup method passing the desired profile definition object
  acts_as_restricted Profiles do

    # Put authentication code here...

    # Return profiles you wish to validate
    [:profile_1, :profile_2]
  end

end

Defined Under Namespace

Modules: ClassMethods Classes: ControllerProxy

Class Method Summary

• .included(klass) ⇒ Object

Instance Method Summary

• #is_restricted? ⇒ Boolean

  Returns true if the current action is protected.

• #perform_access_authorization(_definition, _profiles) ⇒ Object

  Performs access authorization for current action.

• #perform_resource_loading ⇒ Object

  Performs resource loading for current action.

Class Method Details

.included(klass) ⇒ Object

# File 'lib/canned/controller_ext.rb', line 25

def self.included(klass)
  class << klass
    attr_accessor :_cn_actors
    attr_accessor :_cn_excluded
    attr_accessor :_cn_resources
  end

  # actors are shared between subclasses
  klass.cattr_accessor :_cn_actors
  klass._cn_actors = ActiveSupport::HashWithIndifferentAccess.new

  klass.extend ClassMethods
end

Instance Method Details

#is_restricted? ⇒ Boolean

Returns true if the current action is protected.

Returns:

• (Boolean)

# File 'lib/canned/controller_ext.rb', line 72

def is_restricted?
  return true if self.class._cn_excluded.nil?
  return false if self.class._cn_excluded == :all
  return !(self.class._cn_excluded.include? action_name.to_sym)
end

#perform_access_authorization(_definition, _profiles) ⇒ Object

Performs access authorization for current action

Parameters:

• _definition (Definition) —

  Profile definition

• _profiles (Array<String>) —

  Profiles to validate

# File 'lib/canned/controller_ext.rb', line 45

def perform_access_authorization(_definition, _profiles)
  # preload resources, retrieve resource proxy
  proxy = perform_resource_loading

  # run profile validation
  result = false
  _profiles.each do |profile|
    case _definition.validate proxy, profile, [controller_path, "#{controller_path}##{action_name}"]
    when :forbidden then return false
    when :allowed then result = true
    end
  end
  return result
end

#perform_resource_loading ⇒ Object

Performs resource loading for current action

# File 'lib/canned/controller_ext.rb', line 64

def perform_resource_loading
  proxy = ControllerProxy.new self
  proxy.preload_resources_for action_name
  return proxy
end