Module: Eaco::Controller::ClassMethods

Defined in:
lib/eaco/controller.rb

Overview

Controller authorization DSL.

Instance Method Summary collapse

Instance Method Details

#authorization_permissionsHash (protected)

Permission requirements configured on this controller, keyed by permission symbol and with role symbols as values.

Returns:

  • (Hash)

See Also:

  • Eaco::Controller::ClassMethods.{Eaco{Eaco::DSL{Eaco::DSL::Resource}

90
91
92
# File 'lib/eaco/controller.rb', line 90

def authorization_permissions
  @_authorization_permissions ||= {}
end

#authorize(*actions) ⇒ Object

Defines the ability required to access a given controller action.

Example:

class DocumentsController < ApplicationController
  authorize :index,           [:folder, :index]
  authorize :show,            [:folder, :read]
  authorize :create, :update, [:folder, :write]
end

Here @folder is expected to be an authorized Resource, and for the index action the current_user is checked to can?(:index, @folder) while for show, can?(:read, @folder) and for create and update checks that it can?(:write, @folder).

The special :all action name requires the given ability on the given Resource for all actions.

If an action has no authorization defined, access is granted.

Adds Eaco::Controller#confront_eaco as a before_filter.

Parameters:

  • actions (Variadic)

    see above.

Returns:

  • void


51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
# File 'lib/eaco/controller.rb', line 51

def authorize(*actions)
  target = actions.pop

  actions.each {|action| authorization_permissions.update(action => target)}

  @_eaco_filter_installed ||= begin
    if ActionPack::VERSION::MAJOR == 5
      before_action :confront_eaco
    else
      before_filter :confront_eaco
    end

    true
  end
end

#permission_for(action) ⇒ Symbol

Gets the permission required to access the given action, falling back on the default :all action, or nil if no permission is defined.

Returns:

  • (Symbol)

    the required permission or nil

See Also:

  • Eaco::Controller::ClassMethods.{Eaco{Eaco::Resource}
  • Eaco::Controller::ClassMethods.{Eaco{Eaco::DSL{Eaco::DSL::Resource}

77
78
79
# File 'lib/eaco/controller.rb', line 77

def permission_for(action)
  authorization_permissions[action] || authorization_permissions[:all]
end