Module: FourEyes::Concerns::Controllers::Actions

Extended by:

ActiveSupport::Concern

Included in:

ActionsController

Defined in:

lib/four_eyes/concerns/controllers/actions_controller.rb

Instance Method Summary

• #authorize ⇒ Object

  Perform the checker action for the maker checker actions Dispatch to function to process the corresponding action (create, upated, delete).

• #cancel ⇒ Object

  Cancel an action that had been previously initiated.

• #checker_create(action, resource_id) ⇒ Object

  Retrieve hash of saved parameters and instantiate a new object of type object_resource_class_name.

• #checker_delete(action, resource_id) ⇒ Object

  Retrieve a delete action and call destroy on it.

• #checker_update(action, resource_id) ⇒ Object

  Retrieve hash of saved parameters and update the object of type object_resource_class_name.

• #eligible_to_check(action, resource_id) ⇒ Object

  Perform a checker eligibility test.

• #index ⇒ Object
• #show ⇒ Object

Instance Method Details

#authorize ⇒ Object

Perform the checker action for the maker checker actions Dispatch to function to process the corresponding action (create, upated, delete)

Parameters:

• id —

  • The id of the action being authorized

• checker_resource_id —

  • The id of the actor performing the authorization

# File 'lib/four_eyes/concerns/controllers/actions_controller.rb', line 54

def authorize
  @action = Action.find(params[:id])
  checker_resource_id = params[:checker_resource_id].to_i
  if eligible_to_check(@action, checker_resource_id)
    if @action && @action.initiated? && checker_resource_id
      self.send(@action.action_type.gsub('action_', 'checker_'), @action, checker_resource_id)
    end
  else
    flash[:notice] = 'You are not eligible to authorize this action'
    redirect_to action: :index and return
  end
end

#cancel ⇒ Object

Cancel an action that had been previously initiated

Parameters:

• id —

  • The id of the action action that is to be cancelled

• resource_id —

  • The id of the actor performing the cancellation

# File 'lib/four_eyes/concerns/controllers/actions_controller.rb', line 152

def cancel
  @action = Action.find(params[:id])
  checker_resource_id = params[:checker_resource_id].to_i
  if @action
    @action.status = 'Cancelled'
    @action.checker_resource_id = checker_resource_id
    if @action.save
      flash[:notice] = "Action on #{@action.object_resource_class_name.titlecase} cancelled successfully."
      redirect_to action: :index and return
    else
      flash.now[:error] = @action.errors.full_messages
      redirect_to action: :index and return
    end
  end
end

#checker_create(action, resource_id) ⇒ Object

Retrieve hash of saved parameters and instantiate a new object of type object_resource_class_name

Parameters:

• action —

  • The action to authorize

• resource_id —

  • The id of the actor performing the authorization

# File 'lib/four_eyes/concerns/controllers/actions_controller.rb', line 72

def checker_create(action, resource_id)
  object_resource = action.object_resource_class_name.constantize.new(action.data.deep_symbolize_keys)
  if object_resource.save
    action.status = 'Authorized'
    action.checker_resource_id = resource_id
    if action.save
      flash[:notice] = "#{action.object_resource_class_name.titlecase} authorized and created successfully."
      redirect_to action: :index and return
    else
      flash[:notice] = "#{action.object_resource_class_name.titlecase} created successfully. Action not updated"
      redirect_to action: :index and return
    end
  else
    flash[:error] = object_resource.errors.full_messages
    redirect_to action: :index and return
  end
end

#checker_delete(action, resource_id) ⇒ Object

Retrieve a delete action and call destroy on it

Parameters:

• action —

  • The action to authorize

• resource_id —

  • The id of the actor performing the delete authorization

# File 'lib/four_eyes/concerns/controllers/actions_controller.rb', line 123

def checker_delete(action, resource_id)
  begin
    object_resource = action.object_resource_class_name.constantize.find(action.object_resource_id)
    if object_resource.destroy
      action.status = 'Authorized'
      action.checker_resource_id = resource_id
      if action.save
        flash[:notice] = "#{action.object_resource_class_name.titlecase} authorized and deleted successfully."
        redirect_to action: :index and return
      else
        flash[:notice] = "#{action.object_resource_class_name.titlecase} deleted successfully. Action not updated"
        redirect_to action: :index and return
      end
    else
      flash[:error] = object_resource.errors.full_messages
      redirect_to action: :index and return
    end
  rescue ActiveRecord::RecordNotFound
    flash[:error] = 'Record not found'
    redirect_to action: :index and return
  end
end

#checker_update(action, resource_id) ⇒ Object

Retrieve hash of saved parameters and update the object of type object_resource_class_name

Parameters:

• action —

  • The action to authorize

• resource_id —

  • The id of the actor performing the authorization

# File 'lib/four_eyes/concerns/controllers/actions_controller.rb', line 95

def checker_update(action, resource_id)
  begin
    object_resource = action.object_resource_class_name.constantize.find(action.object_resource_id)
    if object_resource.update_attributes(action.data.deep_symbolize_keys)
      action.status = 'Authorized'
      action.checker_resource_id = resource_id
      if action.save
        flash[:notice] = "#{action.object_resource_class_name.titlecase} authorized and updated successfully."
        redirect_to action: :index and return
      else
        flash[:notice] = "#{action.object_resource_class_name.titlecase} updated successfully. Action not updated"
        redirect_to action: :index and return
      end
    else
      flash[:error] = object_resource.errors.full_messages
      redirect_to action: :index and return
    end
  rescue ActiveRecord::RecordNotFound
    flash[:error] = 'Record not found'
    redirect_to action: :index and return
  end
end

#eligible_to_check(action, resource_id) ⇒ Object

Perform a checker eligibility test. At the most basic level, the actor doing the initiating cannot be the same person doing the checking

# File 'lib/four_eyes/concerns/controllers/actions_controller.rb', line 44

def eligible_to_check(action, resource_id)
  action.maker_resource_id != resource_id
end

#index ⇒ Object

Examples:

GET /actions
GET /actions.xml
GET /actions.json

# File 'lib/four_eyes/concerns/controllers/actions_controller.rb', line 14

def index
  @actions = Action.all

  respond_to do |format|
    format.html # index.html.erb
    format.xml { render :xml => @actions }
    format.json { render :json => @actions }
  end
end

#show ⇒ Object

Examples:

GET /action/1
GET /action/1.xml
GET /action/1.json

# File 'lib/four_eyes/concerns/controllers/actions_controller.rb', line 28

def show
  @action = Action.find(params[:id])
  respond_to do |format|
    format.html # show.html.erb
    format.xml { render :xml => @action }
    format.json { render :json => @action }
  end
end