Class: Decidim::ActionAuthorizer

Inherits:

Object

Object
Decidim::ActionAuthorizer

show all

Defined in:: decidim-core/app/services/decidim/action_authorizer.rb

Overview

This class is used to authorize a user against an action in the context of a component.

Defined Under Namespace

Classes: AuthorizationError, AuthorizationStatus, AuthorizationStatusCollection

Instance Method Summary collapse

#authorize ⇒ Object

Authorize user to perform an action in the context of a component.
#initialize(user, action, component, resource) ⇒ ActionAuthorizer constructor

Initializes the ActionAuthorizer.

Constructor Details

#initialize(user, action, component, resource) ⇒ `ActionAuthorizer`

Initializes the ActionAuthorizer.

user - The user to authorize against. action - The action to authenticate. component - The component to authenticate against. resource - The resource to authenticate against. Can be nil.

# File 'decidim-core/app/services/decidim/action_authorizer.rb', line 15

def initialize(user, action, component, resource)
  @user = user
  @action = action.to_s if action
  @component = resource.try(:component) || component
  @resource = resource
end

Instance Method Details

#authorize ⇒ `Object`

Authorize user to perform an action in the context of a component.

Returns:

:ok an empty hash                      - When there is no authorization handler related to the action.
result of authorization handler check  - When there is an authorization handler related to the action. Check Decidim::Verifications::DefaultActionAuthorizer class docs.

Raises:

(AuthorizationError)

# File 'decidim-core/app/services/decidim/action_authorizer.rb', line 29

def authorize
  raise AuthorizationError, "Missing data" unless component && action

  AuthorizationStatusCollection.new(authorization_handlers, user, component, resource)
end