Module: Rddd::Authorization::RulesBuilder

Defined in:: lib/rddd/authorization/rules_builder.rb

Overview

Helper module for building list of authorization rules.

Usage:

builder = Object.new
builder.extends Rddd::Authorization::RulesBuilder

builder.can :create_project do |user, params|
  user.owner? && params[:account_id] == user.account_id
end

# This part happens inside framework
authorizer = Rddd::Authorization::Authorize.new(builder.rules, user)
authorizer.can?(:create_project, {:account_id => 123})

Call to can method define the rule for a given action. The block always takes the user instance and additional parameters which specify details for the performed action.

Instance Attribute Summary collapse

#rules ⇒ Object readonly

Returns the value of attribute rules.

Instance Method Summary collapse

#can(action, &block) ⇒ Object

Create new rule applied to specified action and perform the given block.

Instance Attribute Details

#rules ⇒ `Object` (readonly)

Returns the value of attribute rules.



28
29
30

# File 'lib/rddd/authorization/rules_builder.rb', line 28

def rules
  @rules
end

Instance Method Details

#can(action, &block) ⇒ `Object`

Create new rule applied to specified action and perform the given block.

Parameters:

Action (Symbol | Array) —

the rule applies to.
Block (Block) —

to be executed to evaluate authorization.

# File 'lib/rddd/authorization/rules_builder.rb', line 37

def can(action, &block)
  actions = action.kind_of?(Array) ? action : [action]
  @rules ||= []
  @rules.concat actions.map { |action| Rule.new(action, &block) }
end