3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
|
# File 'lib/thwart/enforcer.rb', line 3
def thwart_access(resource, action = nil)
if action.blank?
raise ArgumentError, "thwart_access needs an action or the params hash to have an [:action] to enforce." if !self.respond_to?(:params) || !self.params.respond_to?(:[]) || self.params[:action].nil?
action = params[:action]
end
action = action.to_sym
raise ArgumentError, "Thwart needs a current_user method to enforce permissions." unless self.respond_to?(:current_user)
raise ArgumentError, "Unknown action #{action} to enforce" unless Thwart::Actions.has_can?(action)
unless Thwart.query(current_user, resource, action)
raise Thwart::NoPermissionError, "User #{current_user} doesn't have permission to #{action} #{resource}."
else
true
end
end
|