Module: Authorization::Maintenance

Included in:

TestHelper

Defined in:

lib/declarative_authorization/maintenance.rb

Overview

Provides a few maintenance methods for modifying data without enforcing authorization.

Defined Under Namespace

Modules: Usage

Class Method Summary

• .with_user(user) ⇒ Object
• .without_access_control ⇒ Object

  A class method variant of without_access_control.

Instance Method Summary

• #with_user(user) ⇒ Object

  Sets the current user for the declarative authorization plugin to the given one for the execution of the supplied block.

• #without_access_control ⇒ Object

  Disables access control for the given block.

Class Method Details

.with_user(user) ⇒ Object

# File 'lib/declarative_authorization/maintenance.rb', line 47

def self.with_user(user)
  prev_user = Authorization.current_user
  Authorization.current_user = user
  yield
ensure
  Authorization.current_user = prev_user
end

.without_access_control ⇒ Object

A class method variant of without_access_control. Thus, one can call

Authorization::Maintenance::without_access_control do
  ...
end

# File 'lib/declarative_authorization/maintenance.rb', line 28

def self.without_access_control
  previous_state = Authorization.ignore_access_control
  begin
    Authorization.ignore_access_control(true)
    yield
  ensure
    Authorization.ignore_access_control(previous_state)
  end
end

Instance Method Details

#with_user(user) ⇒ Object

Sets the current user for the declarative authorization plugin to the given one for the execution of the supplied block. Suitable for tests on certain users.

# File 'lib/declarative_authorization/maintenance.rb', line 41

def with_user(user)
  Authorization::Maintenance.with_user(user) do
    yield if block_given?
  end
end

#without_access_control ⇒ Object

Disables access control for the given block. Appropriate for maintenance operation at the Rails console or in test case setup.

For use in the Rails console:

require "vendor/plugins/declarative_authorization/lib/maintenance"
include Authorization::Maintenance

without_access_control do
  SomeModel.find(:first).save
end

# File 'lib/declarative_authorization/maintenance.rb', line 18

def without_access_control
  Authorization::Maintenance.without_access_control() do
    yield if block_given?
  end
end