Class: Authorization::ControllerPermission

Inherits:

Object

• Object
• Authorization::ControllerPermission

Defined in:

lib/declarative_authorization/controller_permission.rb

Overview

:nodoc:

Instance Attribute Summary

• #actions ⇒ Object readonly

  Returns the value of attribute actions.

• #attribute_check ⇒ Object readonly

  Returns the value of attribute attribute_check.

• #context ⇒ Object readonly

  Returns the value of attribute context.

• #privilege ⇒ Object readonly

  Returns the value of attribute privilege.

• #strong_params ⇒ Object readonly

  Returns the value of attribute strong_params.

Instance Method Summary

• #initialize(actions, privilege, context, strong_params, attribute_check = false, load_object_model = nil, load_object_method = nil, filter_block = nil) ⇒ ControllerPermission constructor

  A new instance of ControllerPermission.

• #matches?(action_name) ⇒ Boolean
• #permit!(contr, action_name) ⇒ Object
• #remove_actions(actions) ⇒ Object

Constructor Details

#initialize(actions, privilege, context, strong_params, attribute_check = false, load_object_model = nil, load_object_method = nil, filter_block = nil) ⇒ ControllerPermission

Returns a new instance of ControllerPermission.

# File 'lib/declarative_authorization/controller_permission.rb', line 4

def initialize(actions, privilege, context, strong_params, attribute_check = false,
                load_object_model = nil, load_object_method = nil,
                filter_block = nil)
  @actions = actions.to_set
  @privilege = privilege
  @context = context
  @load_object_model = load_object_model
  @load_object_method = load_object_method
  @filter_block = filter_block
  @attribute_check = attribute_check
  @strong_params = strong_params
end

Instance Attribute Details

#actions ⇒ Object (readonly)

Returns the value of attribute actions.

# File 'lib/declarative_authorization/controller_permission.rb', line 3

def actions
  @actions
end

#attribute_check ⇒ Object (readonly)

Returns the value of attribute attribute_check.

# File 'lib/declarative_authorization/controller_permission.rb', line 3

def attribute_check
  @attribute_check
end

#context ⇒ Object (readonly)

Returns the value of attribute context.

# File 'lib/declarative_authorization/controller_permission.rb', line 3

def context
  @context
end

#privilege ⇒ Object (readonly)

Returns the value of attribute privilege.

# File 'lib/declarative_authorization/controller_permission.rb', line 3

def privilege
  @privilege
end

#strong_params ⇒ Object (readonly)

Returns the value of attribute strong_params.

# File 'lib/declarative_authorization/controller_permission.rb', line 3

def strong_params
  @strong_params
end

Instance Method Details

#matches?(action_name) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/declarative_authorization/controller_permission.rb', line 17

def matches?(action_name)
  @actions.include?(action_name.to_sym) || @actions.include?(action_name)
end

#permit!(contr, action_name) ⇒ Object

# File 'lib/declarative_authorization/controller_permission.rb', line 21

def permit!(contr, action_name)
  if @filter_block
    return contr.instance_eval(&@filter_block)
  end
  object = @attribute_check ? load_object(contr) : nil
  privilege = @privilege || :"#{action_name}"

  contr.authorization_engine.permit!(privilege,
                                     :user => contr.send(:current_user),
                                     :object => object,
                                     :skip_attribute_test => !@attribute_check,
                                     :context => @context || controller_class(contr).decl_auth_context,
                                     :controller => contr)
end

#remove_actions(actions) ⇒ Object

# File 'lib/declarative_authorization/controller_permission.rb', line 36

def remove_actions(actions)
  @actions -= actions
  self
end