Module: Authorization

Defined in:

lib/declarative_authorization/reader.rb,
lib/declarative_authorization/helper.rb,
lib/declarative_authorization/in_model.rb,
lib/declarative_authorization/maintenance.rb,
lib/declarative_authorization/railsengine.rb,
lib/declarative_authorization/authorization.rb,
lib/declarative_authorization/controller/dsl.rb,
lib/declarative_authorization/controller/grape.rb,
lib/declarative_authorization/controller/rails.rb,
lib/declarative_authorization/obligation_scope.rb,
lib/declarative_authorization/controller/runtime.rb,
lib/generators/authorization/rules/rules_generator.rb,
lib/declarative_authorization/controller_permission.rb,
lib/generators/authorization/install/install_generator.rb

Overview

Mixin to be added to rails controllers

Defined Under Namespace

Modules: AuthorizationHelper, AuthorizationInModel, Controller, Maintenance, Reader, TestHelper Classes: AnonymousUser, Attribute, AttributeAuthorizationError, AttributeWithPermission, AuthorizationError, AuthorizationRule, AuthorizationRuleSet, AuthorizationUsageError, ControllerPermission, Engine, InstallGenerator, NilAttributeValueError, NotAuthorized, ObligationScope, RailsEngine, RulesGenerator

Constant Summary

AUTH_DSL_FILES =

[Pathname.new(Rails.root || '').join("config", "authorization_rules.rb").to_s]

@@dot_path =

"dot"

@@default_role =

:guest

Class Method Summary

• .current_user ⇒ Object

  Controller-independent method for retrieving the current user.

• .current_user=(user) ⇒ Object

  Controller-independent method for setting the current user.

• .default_role ⇒ Object
• .default_role=(role) ⇒ Object
• .dot_path ⇒ Object
• .dot_path=(path) ⇒ Object
• .guest_user ⇒ Object
• .ignore_access_control(state = nil) ⇒ Object

  For use in test cases only.

• .is_a_association_proxy?(object) ⇒ Boolean
• .non_guest_current_user ⇒ Object

Class Method Details

.current_user ⇒ Object

Controller-independent method for retrieving the current user. Needed for model security where the current controller is not available.

# File 'lib/declarative_authorization/authorization.rb', line 28

def self.current_user
  Thread.current["current_user"] || guest_user
end

.current_user=(user) ⇒ Object

Controller-independent method for setting the current user.

# File 'lib/declarative_authorization/authorization.rb', line 33

def self.current_user=(user)
  Thread.current["current_user"] = user
end

.default_role ⇒ Object

# File 'lib/declarative_authorization/authorization.rb', line 61

def self.default_role
  @@default_role
end

.default_role=(role) ⇒ Object

# File 'lib/declarative_authorization/authorization.rb', line 65

def self.default_role=(role)
  @@default_role = role.to_sym
end

.dot_path ⇒ Object

# File 'lib/declarative_authorization/authorization.rb', line 52

def self.dot_path
  @@dot_path
end

.dot_path=(path) ⇒ Object

# File 'lib/declarative_authorization/authorization.rb', line 56

def self.dot_path=(path)
  @@dot_path = path
end

.guest_user ⇒ Object

# File 'lib/declarative_authorization/authorization.rb', line 37

def self.guest_user
  @@guest_user ||= AnonymousUser.new
end

.ignore_access_control(state = nil) ⇒ Object

For use in test cases only

# File 'lib/declarative_authorization/authorization.rb', line 46

def self.ignore_access_control(state = nil) # :nodoc:
  Thread.current["ignore_access_control"] = state unless state.nil?
  Thread.current["ignore_access_control"] || false
end

.is_a_association_proxy?(object) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/declarative_authorization/authorization.rb', line 69

def self.is_a_association_proxy?(object)
  object.respond_to?(:proxy_association)
end

.non_guest_current_user ⇒ Object

# File 'lib/declarative_authorization/authorization.rb', line 41

def self.non_guest_current_user
  current_user unless current_user.is_a?(AnonymousUser)
end