Module: RailsAuthorize

Defined in:
lib/rails_authorize.rb,
lib/rails_authorize/version.rb

Defined Under Namespace

Classes: AuthorizationNotPerformedError, NotAuthorizedError, ScopingNotPerformedError

Constant Summary collapse

VERSION = 
"1.5.0"

Instance Method Summary collapse

Instance Method Details

#authorize(target, options = {}) ⇒ Object

Throwing an error if the user is not authorized to perform the given action

Parameters:

  • target (Object)

    the target we’re checking permissions of

  • options (Hash) (defaults to: {})

    key/value options (action, user, policy, context)

  • options (:action) (defaults to: {})
    String

    the method to check on the policy (e.g. ‘:show?`)

Returns:

  • (Object)

    the passed target

Raises:



37
38
39
40
41
42
43
44
45
46
47
48
 
# File 'lib/rails_authorize.rb', line 37

def authorize(target, options={})
  return authorize(nil, target) if target.is_a?(Hash)

  action = options.delete(:action) || "#{action_name}?"
  policy = policy(target, options)

  raise(NotAuthorizedError) unless policy.public_send(action)

  @_policy_authorized = true

  target || true
end

#authorized_scope(target, options = {}) ⇒ Scope

Throwing an error if the user is not authorized to perform the given action

Parameters:

  • target (Object)

    the target we’re retrieving the policy scope for

  • options (Hash) (defaults to: {})

    key/value options (action, user, policy, context)

  • options (:action) (defaults to: {})
    String

    the method to check on the policy (e.g. ‘:show?`)

Returns:

  • (Scope)

    authorized policy scope

Raises:



74
75
76
77
78
79
80
81
82
83
 
# File 'lib/rails_authorize.rb', line 74

def authorized_scope(target, options={})
  action = options.delete(:action) || "#{action_name}?"
  policy = policy(target, options)

  raise(NotAuthorizedError) unless policy.public_send(action)

  @_policy_scoped = @_policy_authorized = true

  policy.scope
end

#permitted_attributes(target, options = {}) ⇒ Hash{String => Object}

Retrieves a set of permitted attributes from the policy by instantiating the policy class for the given record and calling ‘permitted_attributes` on it, or `permitted_attributes_for_action` if `action` is defined. It then infers what key the record should have in the params hash and retrieves the permitted attributes from the params hash under that key.

Parameters:

  • record (Object)

    the object we’re retrieving permitted attributes for

  • options (Hash) (defaults to: {})

    key/value options (action, user, policy, context)

  • options (:action) (defaults to: {})
    String

    the method to check on the policy (e.g. ‘:show?`)

Returns:

  • (Hash{String => Object})

    the permitted attributes



95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
 
# File 'lib/rails_authorize.rb', line 95

def permitted_attributes(target, options={})
  return permitted_attributes(nil, target) if target.is_a?(Hash)

  action = options.delete(:action) || action_name
  policy = policy(target, options)

  method_name = if policy.respond_to?("permitted_attributes_for_#{action}")
                  "permitted_attributes_for_#{action}"
                else
                  'permitted_attributes'
                end

  param_key = if options[:param_key]
                options[:param_key]
              elsif policy.try(:param_key).present?
                policy.param_key
              else
                target.model_name.name.underscore
              end

  params.require(param_key).permit(*policy.public_send(method_name))
end

#policy(target, options = {}) ⇒ Object

Finds policy class for given target and returns new instance

Parameters:

  • target (any)

    the target to load policy

  • options (Hash) (defaults to: {})

    key/value options (user, policy, context)

  • options (:user) (defaults to: {})
    Object

    the user that initiated the action

  • options (:policy) (defaults to: {})
    Class

    Authorization class to use for authenticate

  • options (:context) (defaults to: {})
    Hash

    other key/value options to use in the policy methods

Returns:

  • (Object)

    new policy instance



20
21
22
23
24
25
 
# File 'lib/rails_authorize.rb', line 20

def policy(target, options={})
  user = options[:user] || current_user
  klass = options[:policy] || "#{target.model_name.name}Policy".constantize

  klass.new(user, target, options[:context] || {})
end

#policy_scope(target, options = {}) ⇒ Scope

Retrieves the policy scope for the given target

Parameters:

  • target (Object)

    the target we’re retrieving the policy scope for

  • options (Hash) (defaults to: {})

    key/value options (user, policy, context)

Returns:

  • (Scope)

    policy scope



58
59
60
61
62
 
# File 'lib/rails_authorize.rb', line 58

def policy_scope(target, options={})
  @_policy_scoped = true

  policy(target, options).scope
end

#skip_authorizationvoid

This method returns an undefined value.

Allow this action not to perform authorization.



129
130
131
 
# File 'lib/rails_authorize.rb', line 129

def skip_authorization
  @_policy_authorized = true
end

#skip_policy_scopevoid

This method returns an undefined value.

Allow this action not to perform policy scoping.



144
145
146
 
# File 'lib/rails_authorize.rb', line 144

def skip_policy_scope
  @_policy_scoped = true
end

#verify_authorizedvoid

This method returns an undefined value.

Raises an error if authorization has not been performed

Raises:



122
123
124
 
# File 'lib/rails_authorize.rb', line 122

def verify_authorized
  raise AuthorizationNotPerformedError, self.class unless policy_authorized?
end

#verify_policy_scopedvoid

This method returns an undefined value.

Raises an error if policy scoping has not been performed

Raises:



137
138
139
 
# File 'lib/rails_authorize.rb', line 137

def verify_policy_scoped
  raise ScopingNotPerformedError, self.class unless policy_scoped?
end