Module: PgSqlTriggers::PermissionChecking

Extended by:
ActiveSupport::Concern
Included in:
ApplicationController
Defined in:
app/controllers/concerns/pg_sql_triggers/permission_checking.rb

Instance Method Summary collapse

Instance Method Details

#can_apply_triggers?Boolean

Returns true if current actor can apply triggers.

Returns:

  • (Boolean)

    true if current actor can apply triggers



114
115
116
 
# File 'app/controllers/concerns/pg_sql_triggers/permission_checking.rb', line 114

def can_apply_triggers?
  PgSqlTriggers::Permissions.can?(current_actor, :apply_trigger, environment: current_environment)
end

#can_drop_triggers?Boolean

Returns true if current actor can drop triggers.

Returns:

  • (Boolean)

    true if current actor can drop triggers



98
99
100
 
# File 'app/controllers/concerns/pg_sql_triggers/permission_checking.rb', line 98

def can_drop_triggers?
  PgSqlTriggers::Permissions.can?(current_actor, :drop_trigger, environment: current_environment)
end

#can_enable_disable_triggers?Boolean

Returns true if current actor can enable/disable triggers.

Returns:

  • (Boolean)

    true if current actor can enable/disable triggers



93
94
95
 
# File 'app/controllers/concerns/pg_sql_triggers/permission_checking.rb', line 93

def can_enable_disable_triggers?
  PgSqlTriggers::Permissions.can?(current_actor, :enable_trigger, environment: current_environment)
end

#can_execute_sql_operations?Boolean

Returns true if the :execute_sql action is allowed (privileged SQL for host apps; not used by built-in UI).

Returns:

  • (Boolean)

    true if the :execute_sql action is allowed (privileged SQL for host apps; not used by built-in UI)



104
105
106
 
# File 'app/controllers/concerns/pg_sql_triggers/permission_checking.rb', line 104

def can_execute_sql_operations?
  PgSqlTriggers::Permissions.can?(current_actor, :execute_sql, environment: current_environment)
end

#can_generate_triggers?Boolean

Returns true if current actor can generate triggers.

Returns:

  • (Boolean)

    true if current actor can generate triggers



109
110
111
 
# File 'app/controllers/concerns/pg_sql_triggers/permission_checking.rb', line 109

def can_generate_triggers?
  PgSqlTriggers::Permissions.can?(current_actor, :generate_trigger, environment: current_environment)
end

#can_view_triggers?Boolean

Returns true if current actor can view triggers.

Returns:

  • (Boolean)

    true if current actor can view triggers



88
89
90
 
# File 'app/controllers/concerns/pg_sql_triggers/permission_checking.rb', line 88

def can_view_triggers?
  PgSqlTriggers::Permissions.can?(current_actor, :view_triggers, environment: current_environment)
end

#check_admin_permissionObject

Checks if current actor has admin permissions (drop/re-execute).

Raises:

  • (ActionController::RedirectError)

    Redirects if permission denied



73
74
75
76
77
78
79
80
81
82
83
 
# File 'app/controllers/concerns/pg_sql_triggers/permission_checking.rb', line 73

def check_admin_permission
  can_access = begin
    PgSqlTriggers::Permissions.can?(current_actor, :drop_trigger, environment: current_environment)
  rescue StandardError => e
    Rails.logger.error("Permission check failed: #{e.message}\n#{e.backtrace.join("\n")}")
    false
  end
  return if can_access

  redirect_to root_path, alert: "Insufficient permissions. Admin role required."
end

#check_operator_permissionObject

Checks if current actor has operator permissions (enable/disable/apply).

Raises:

  • (ActionController::RedirectError)

    Redirects if permission denied



58
59
60
61
62
63
64
65
66
67
68
 
# File 'app/controllers/concerns/pg_sql_triggers/permission_checking.rb', line 58

def check_operator_permission
  can_access = begin
    PgSqlTriggers::Permissions.can?(current_actor, :enable_trigger, environment: current_environment)
  rescue StandardError => e
    Rails.logger.error("Permission check failed: #{e.message}\n#{e.backtrace.join("\n")}")
    false
  end
  return if can_access

  redirect_to root_path, alert: "Insufficient permissions. Operator role required."
end

#check_viewer_permissionObject

Checks if current actor has viewer permissions.

Raises:

  • (ActionController::RedirectError)

    Redirects if permission denied



43
44
45
46
47
48
49
50
51
52
53
 
# File 'app/controllers/concerns/pg_sql_triggers/permission_checking.rb', line 43

def check_viewer_permission
  can_access = begin
    PgSqlTriggers::Permissions.can?(current_actor, :view_triggers, environment: current_environment)
  rescue StandardError => e
    Rails.logger.error("Permission check failed: #{e.message}\n#{e.backtrace.join("\n")}")
    false
  end
  return if can_access

  redirect_to root_path, alert: "Insufficient permissions. Viewer role required."
end

#current_actorHash

Returns the current actor (user) performing the action. Override this method in host application to provide actual user.

Returns:

  • (Hash)

    Actor information with :type and :id keys



17
18
19
20
21
22
 
# File 'app/controllers/concerns/pg_sql_triggers/permission_checking.rb', line 17

def current_actor
  {
    type: current_user_type,
    id: current_user_id
  }
end

#current_user_idString

Returns the current user ID. Override this method in host application.

Returns:

  • (String)

    User ID (default: “unknown”)



36
37
38
 
# File 'app/controllers/concerns/pg_sql_triggers/permission_checking.rb', line 36

def current_user_id
  "unknown"
end

#current_user_typeString

Returns the current user type. Override this method in host application.

Returns:

  • (String)

    User type (default: “User”)



28
29
30
 
# File 'app/controllers/concerns/pg_sql_triggers/permission_checking.rb', line 28

def current_user_type
  "User"
end