Module: Authority::Controller::ClassMethods

Defined in:
lib/authority/controller.rb

Instance Method Summary collapse

Instance Method Details

#add_actions(action_map) ⇒ Object

Adds the passed in actions to the current action map.

with the existing action map

Parameters:

  • action_map (Hash)

    • controller actions and methods to be merged



103
104
105
 
# File 'lib/authority/controller.rb', line 103

def add_actions(action_map)
  authority_action_map.merge!(action_map)
end

#authority_action(action_map) ⇒ Object 



70
71
72
73
74
75
76
 
# File 'lib/authority/controller.rb', line 70

def authority_action(action_map)
  Authority.logger.warn "Authority's `authority_action` method has been renamed \
  to `authority_actions` (plural) to reflect the fact that you can \
  set multiple actions in one shot. Please update your controllers \
  accordingly. (called from #{caller.first})".squeeze(' ')
  authority_actions(action_map)
end

#authority_action_mapHash

The controller action to authority action map used for determining which Rails actions map to which authority actions (ex: index to read)

Returns:

  • (Hash)

    A duplicated copy of the configured controller_action_map



95
96
97
 
# File 'lib/authority/controller.rb', line 95

def authority_action_map
  @authority_action_map ||= Authority.configuration.controller_action_map.dup
end

#authority_actions(action_map) ⇒ Object

Allows defining and overriding a controller’s map of its actions to the model’s authorizer methods

Parameters:

  • action_map (Hash)

    • controller actions and methods, to be merged with existing action_map



64
65
66
67
68
 
# File 'lib/authority/controller.rb', line 64

def authority_actions(action_map)
  forced_action = action_map.delete(:all_actions)
  add_actions(action_map)
  force_action(forced_action) if forced_action
end

#authorize_actions_for(resource_or_finder, options = {}) ⇒ Object

Sets up before_filter to ensure user is allowed to perform a given controller action

should be consulted, or instance method on the controller which will determine that class when the request is made be merged with existing ones and any other options applicable to a before_filter, and can contain an array of :opts to pass to the authorizer

Parameters:

  • resource_or_finder (Class OR Symbol)

    • class whose authorizer

  • options (Hash) (defaults to: {})

    • can contain :actions to



46
47
48
49
50
51
52
53
54
55
56
57
58
59
 
# File 'lib/authority/controller.rb', line 46

def authorize_actions_for(resource_or_finder, options = {})
  self.authority_resource = resource_or_finder
  add_actions(options.fetch(:actions, {}))
  force_action(options[:all_actions]) if options[:all_actions]
  
  # Capture custom authorization options
  self.authority_arguments = options.delete(:args)
  
  if respond_to? :before_action
    before_action :run_authorization_check, options
  else
    before_filter :run_authorization_check, options
  end
end

#ensure_authorization_performed(options = {}) ⇒ Object

Convenience wrapper for instance method



79
80
81
82
83
84
85
86
87
88
89
 
# File 'lib/authority/controller.rb', line 79

def ensure_authorization_performed(options = {})
  if respond_to? :after_action
    after_action(options.slice(:only, :except)) do |controller_instance|
       controller_instance.ensure_authorization_performed(options)
    end
  else
    after_filter(options.slice(:only, :except)) do |controller_instance|
       controller_instance.ensure_authorization_performed(options)
    end
  end        
end

#force_action(forced_action) ⇒ Object

Updates the current action map to use the forced action for all of it’s actions.

for all Rails actions in the action map

Parameters:

  • forced_action (String OR Symbol)

    • the authority action to use



112
113
114
115
116
 
# File 'lib/authority/controller.rb', line 112

def force_action(forced_action)
  add_actions(
    Hash[authority_action_map.map {|key, _| [key, forced_action] }]
  )
end