Module: ForestLiana::Ability

Includes:
Permission
Included in:
ResourcesController, SmartActionsController, StatsController
Defined in:
app/services/forest_liana/ability.rb,
app/services/forest_liana/ability/fetch.rb,
app/services/forest_liana/ability/permission.rb,
app/services/forest_liana/ability/exceptions/access_denied.rb,
app/services/forest_liana/ability/exceptions/require_approval.rb,
app/services/forest_liana/ability/exceptions/trigger_forbidden.rb,
app/services/forest_liana/ability/exceptions/unknown_collection.rb,
app/services/forest_liana/ability/permission/request_permission.rb,
app/services/forest_liana/ability/permission/smart_action_checker.rb,
app/services/forest_liana/ability/exceptions/action_condition_error.rb

Defined Under Namespace

Modules: Exceptions, Fetch, Permission

Constant Summary collapse

ALLOWED_PERMISSION_LEVELS =
%w[admin editor developer].freeze

Constants included from Permission

Permission::TTL

Instance Method Summary collapse

Methods included from Permission

#is_chart_authorized?, #is_crud_authorized?, #is_smart_action_authorized?

Methods included from Fetch

#get_permissions

Instance Method Details

#forest_authorize!(action, user, collection, args = {}) ⇒ Object



7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
# File 'app/services/forest_liana/ability.rb', line 7

def forest_authorize!(action, user, collection, args = {})
  case action
  when 'browse', 'read', 'edit', 'add', 'delete', 'export'
    raise ForestLiana::Ability::Exceptions::AccessDenied.new unless is_crud_authorized?(action, user, collection)
  when 'chart'
    if ALLOWED_PERMISSION_LEVELS.exclude?(user['permission_level'])
      raise ForestLiana::Errors::HTTP422Error.new('The argument parameters is missing') if args[:parameters].nil?
      raise ForestLiana::Ability::Exceptions::AccessDenied.new unless is_chart_authorized?(user, args[:parameters])
    end
  when 'action'
    validate_collection collection
    raise ForestLiana::Errors::HTTP422Error.new('You must implement the arguments : parameters, endpoint & http_method') if args[:parameters].nil? || args[:endpoint].nil? || args[:http_method].nil?
    is_smart_action_authorized?(user, collection, args[:parameters], args[:endpoint], args[:http_method])
  else
    raise ForestLiana::Ability::Exceptions::AccessDenied.new
  end
end