Module: Authoreyes::Helpers::InController
- Extended by:
- ActiveSupport::Concern
- Defined in:
- lib/authoreyes/helpers/in_controller.rb
Overview
This module handles authorization at the Controller level. It allows various actions within the controller to be configured to work with Authoreyes, only permitting access to that action if certain conditions are met, according to the defined Authorization Rules.
Instance Method Summary collapse
-
#filter_resource_access(options = {}) ⇒ Object
TODO: Implement this!.
-
#permitted_to!(privelege, object_or_symbol = nil, options = {}) ⇒ Object
Works similar to the permitted_to? method, but throws the authorization exceptions, just like Engine#permit!
privelege
is the symbol name of the privele checkedobject_or_symbol
is the object the privelege is checked on. -
#permitted_to?(privelege, object_or_symbol = nil, options = {}) ⇒ Boolean
If the current user meets the given privilege, permitted_to? returns true and yields to the optional block.
Instance Method Details
#filter_resource_access(options = {}) ⇒ Object
TODO: Implement this!
16 17 |
# File 'lib/authoreyes/helpers/in_controller.rb', line 16 def filter_resource_access( = {}) end |
#permitted_to!(privelege, object_or_symbol = nil, options = {}) ⇒ Object
Works similar to the permitted_to? method, but throws the authorization exceptions, just like Engine#permit! privelege
is the symbol name of the privele checked object_or_symbol
is the object the privelege is checked on
91 92 93 94 95 |
# File 'lib/authoreyes/helpers/in_controller.rb', line 91 def permitted_to!(privelege, object_or_symbol = nil, = {}) Authoreyes::ENGINE.permit!( privelege, (object_or_symbol, , true) ) end |
#permitted_to?(privelege, object_or_symbol = nil, options = {}) ⇒ Boolean
If the current user meets the given privilege, permitted_to? returns true and yields to the optional block. The attribute checks that are defined in the authorization rules are only evaluated if an object is given for context.
See examples for Authorization::AuthorizationHelper #permitted_to?
If no object or context is specified, the controller_name is used as context. TODO: Use permit? instead of permit! privelege
is the symbol name of the privele checked object_or_symbol
is the object the privelege is checked on
76 77 78 79 80 81 82 83 84 85 |
# File 'lib/authoreyes/helpers/in_controller.rb', line 76 def permitted_to?(privelege, object_or_symbol = nil, = {}) if Authoreyes::ENGINE.permit!( privelege, (object_or_symbol, , false) ) yield if block_given? true else false end end |