Module: Canner
- Extended by:
- ActiveSupport::Concern
- Defined in:
- lib/canner.rb,
lib/canner/policy.rb,
lib/canner/version.rb,
lib/generators/canner/policy/policy_generator.rb,
lib/generators/canner/fetch_roles/fetch_roles_generator.rb
Defined Under Namespace
Modules: Generators Classes: AuthNotUsedError, InstanceNotProtectedError, NotAuthorizedError, Policy, ScopeNotUsedError
Constant Summary collapse
- VERSION =
"0.4.0"
Instance Method Summary collapse
- #auth_used ⇒ Object
-
#can?(method_name, target_model) ⇒ Boolean
method_name - The controller action method that you are concerned with access target_model - Name of the object you are limiting access to.
-
#canner_branch ⇒ Object
override this if your method for getting the current branch isn’t called current_branch.
-
#canner_scope(method_name, target_model) ⇒ Object
method_name - The controller action method that you are concerned with access target_model - Name of the object you are limiting access to.
-
#canner_user ⇒ Object
override this if your method for getting the current user isn’t called current_user.
-
#instance_can?(method_name, target_model, target_obj) ⇒ Boolean
method_name - The controller action method that you are concerned with access target_model - Name of the object you are limiting access to.
- #instance_checked ⇒ Object
- #scope_used ⇒ Object
Instance Method Details
#auth_used ⇒ Object
27 28 29 |
# File 'lib/canner.rb', line 27 def auth_used @auth_used ||= false end |
#can?(method_name, target_model) ⇒ Boolean
method_name - The controller action method that you are concerned with access target_model - Name of the object you are limiting access to. ( :user, :pet, :customer )
51 52 53 54 55 |
# File 'lib/canner.rb', line 51 def can?(method_name, target_model) @auth_used = true raise NotAuthorizedError.new("You are not authorized to perform this action.") unless canner_policy(method_name, target_model).can? true end |
#canner_branch ⇒ Object
override this if your method for getting the current branch isn’t called current_branch.
70 71 72 |
# File 'lib/canner.rb', line 70 def canner_branch current_branch rescue nil end |
#canner_scope(method_name, target_model) ⇒ Object
method_name - The controller action method that you are concerned with access target_model - Name of the object you are limiting access to. ( :user, :pet, :customer )
59 60 61 62 |
# File 'lib/canner.rb', line 59 def canner_scope(method_name, target_model) @scope_used = true canner_policy(method_name, target_model).canner_scope end |
#canner_user ⇒ Object
override this if your method for getting the current user isn’t called current_user.
65 66 67 |
# File 'lib/canner.rb', line 65 def canner_user current_user end |
#instance_can?(method_name, target_model, target_obj) ⇒ Boolean
method_name - The controller action method that you are concerned with access target_model - Name of the object you are limiting access to. ( :user, :pet, :customer ) target_obj - The instance obj for what you want to test. ( does user 1 have access to company 1?)
42 43 44 45 46 47 |
# File 'lib/canner.rb', line 42 def instance_can?(method_name, target_model, target_obj) @instance_checked = true policy = canner_policy(method_name, target_model) raise NotAuthorizedError.new("You do not have access to this #{target_model.to_s.humanize.capitalize}") unless policy.instance_can?(target_obj) true end |
#instance_checked ⇒ Object
35 36 37 |
# File 'lib/canner.rb', line 35 def instance_checked @instance_checked ||= false end |
#scope_used ⇒ Object
31 32 33 |
# File 'lib/canner.rb', line 31 def scope_used @scope_used ||= false end |