Module: ActiveScaffold::ActiveRecordPermissions::Permissions::SecurityMethods
- Defined in:
- lib/active_scaffold/active_record_permissions.rb
Instance Method Summary collapse
-
#authorized_for?(options = {}) ⇒ Boolean
A generic authorization query.
- #authorized_for_methods(options) ⇒ Object
- #cached_authorized_for_methods(options) ⇒ Object
Instance Method Details
#authorized_for?(options = {}) ⇒ Boolean
A generic authorization query. This is what will be called programatically, since the actual permission methods can’t be guaranteed to exist. And because we want to intelligently combine multiple applicable methods.
options should be a CRUD verb (:create, :read, :update, :destroy) options should be the name of a model attribute options is the name of a method options if returning reason is expected, it will return array with authorized and reason, or nil if no reason
99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 |
# File 'lib/active_scaffold/active_record_permissions.rb', line 99 def ( = {}) raise ArgumentError, "unknown crud type #{[:crud_type]}" if [:crud_type] && !%i[create read update delete].include?([:crud_type]) = ActiveRecordPermissions. # collect other possibly-related methods that actually exist methods = () return ActiveRecordPermissions. if methods.empty? if methods.one? result = send(methods.first) # if not_authorized_reason enabled interpret String as reason for not authorized , reason = && result.is_a?(String) ? [false, result] : result # return array with reason only if requested with options[:reason] return [:reason] ? [, reason] : end # if any method returns false, then return false methods.each do |method| result = send(method) # if not_authorized_reason enabled interpret String as reason for not authorized , reason = && result.is_a?(String) ? [false, result] : [result, nil] next if # return array with reason only if requested with options[:reason] return [:reason] ? [, reason] : end true end |
#authorized_for_methods(options) ⇒ Object
137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 |
# File 'lib/active_scaffold/active_record_permissions.rb', line 137 def () # column_authorized_for_crud_type? has the highest priority over other methods, # you can disable a crud verb and enable that verb for a column # (for example, disable update and enable inplace_edit in a column) method = column_and_crud_type_security_method([:column], [:crud_type]) return [method] if method && respond_to?(method, true) # authorized_for_action? has higher priority than other methods, # you can disable a crud verb and enable an action with that crud verb # (for example, disable update and enable an action with update as crud type) method = action_security_method([:action]) return [method] if method && respond_to?(method, true) # collect other possibly-related methods that actually exist [ column_security_method([:column]), crud_type_security_method([:crud_type]) ].compact.select { |m| respond_to?(m, true) } end |
#cached_authorized_for_methods(options) ⇒ Object
126 127 128 129 130 131 132 133 134 135 |
# File 'lib/active_scaffold/active_record_permissions.rb', line 126 def () key = "#{[:crud_type]}##{[:column]}##{[:action]}" if is_a? Class self.class_security_methods ||= {} self.class_security_methods[key] ||= () else self.class.instance_security_methods ||= {} self.class.instance_security_methods[key] ||= () end end |