Class: ActiveAdmin::AuthorizationAdapter

Inherits:
Object
  • Object
show all
Defined in:
lib/active_admin/authorization_adapter.rb

Overview

Active Admin’s default authorization adapter. This adapter returns true for all requests to ‘#authorized?`. It should be the starting point for implementing your own authorization adapter.

To view an example subclass, check out ‘ActiveAdmin::CanCanAdapter`

Direct Known Subclasses

CanCanAdapter, PunditAdapter

Defined Under Namespace

Classes: NormalizedMatcher

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(resource, user) ⇒ AuthorizationAdapter

Initialize a new authorization adapter. This happens on each and every request to a controller.

Parameters:

  • resource (ActiveAdmin::Resource, ActiveAdmin::Page)

    The resource that the user is currently on. Note, we may be authorizing access to a different subject, so don’t rely on this other than to pull configuration information from.

  • user (any)

    The current user. The user is set to whatever is returned from ‘#current_active_admin_user` in the controller.



35
36
37
38
# File 'lib/active_admin/authorization_adapter.rb', line 35

def initialize(resource, user)
  @resource = resource
  @user = user
end

Instance Attribute Details

#resourceObject (readonly)

Returns the value of attribute resource.



22
23
24
# File 'lib/active_admin/authorization_adapter.rb', line 22

def resource
  @resource
end

#userObject (readonly)

Returns the value of attribute user.



22
23
24
# File 'lib/active_admin/authorization_adapter.rb', line 22

def user
  @user
end

Instance Method Details

#authorized?(action, subject = nil) ⇒ Boolean

Returns true of false depending on if the user is authorized to perform the action on the subject.

Parameters:

  • action (Symbol)

    The name of the action to perform. Usually this will be one of the ‘ActiveAdmin::Auth::*` symbols.

  • subject (any) (defaults to: nil)

    The subject the action is being performed on usually this is a model object. Note, that this is NOT always in instance, it can be the class of the subject also. For example, Active Admin uses the class of the resource to decide if the resource should be displayed in the global navigation. To deal with this nicely in a case statement, take a look at ‘#normalized(klass)`

Returns:

  • (Boolean)


54
55
56
# File 'lib/active_admin/authorization_adapter.rb', line 54

def authorized?(action, subject = nil)
  true
end

#scope_collection(collection, action = Auth::READ) ⇒ ActiveRecord::Relation

A hook method for authorization libraries to scope the collection. By default, we just return the same collection. The returned scope is used as the starting point for all queries to the db in the controller.

Parameters:

  • collection (ActiveRecord::Relation)

    The collection the user is attempting to view.

  • action (Symbol) (defaults to: Auth::READ)

    The name of the action to perform. Usually this will be one of the ‘ActiveAdmin::Auth::*` symbols. Defaults to `Auth::READ` if no action passed in.

Returns:

  • (ActiveRecord::Relation)

    A new collection, scoped to the objects that the current user has access to.



71
72
73
# File 'lib/active_admin/authorization_adapter.rb', line 71

def scope_collection(collection, action = Auth::READ)
  collection
end