Class: Decidim::ActionAuthorizer

Inherits:
Object
  • Object
show all
Defined in:
decidim-core/app/services/decidim/action_authorizer.rb

Overview

This class is used to authorize a user against an action in the context of a component.

Defined Under Namespace

Classes: AuthorizationError, AuthorizationStatus, AuthorizationStatusCollection

Instance Method Summary collapse

Constructor Details

#initialize(user, action, component, resource) ⇒ ActionAuthorizer

Initializes the ActionAuthorizer.

user - The user to authorize against. action - The action to authenticate. component - The component to authenticate against. resource - The resource to authenticate against. Can be nil.


15
16
17
18
19
20
# File 'decidim-core/app/services/decidim/action_authorizer.rb', line 15

def initialize(user, action, component, resource)
  @user = user
  @action = action.to_s if action
  @component = resource.try(:component) || component
  @resource = resource
end

Instance Method Details

#authorizeObject

Authorize user to perform an action in the context of a component.

Returns:

:ok an empty hash                      - When there is no authorization handler related to the action.
result of authorization handler check  - When there is an authorization handler related to the action. Check Decidim::Verifications::DefaultActionAuthorizer class docs.

Raises:


29
30
31
32
33
# File 'decidim-core/app/services/decidim/action_authorizer.rb', line 29

def authorize
  raise AuthorizationError, "Missing data" unless component && action

  AuthorizationStatusCollection.new(authorization_handlers, user, component, resource)
end