Module: ActionAccess::UserUtilities
- Defined in:
- lib/action_access/user_utilities.rb
Instance Method Summary collapse
-
#can?(action, resource, options = {}) ⇒ Boolean
Check if the user is authorized to perform a given action.
-
#clearance_levels ⇒ Object
Accessor for the user’s clearance levels.
Instance Method Details
#can?(action, resource, options = {}) ⇒ Boolean
Check if the user is authorized to perform a given action. Resource can be either plural or singular.
Examples:
user.can? :show, :articles
user.can? :show, @article
user.can? :show, ArticlesController
# True if any of the user's clearance levels allows to access 'articles#show'
user.can? :edit, :articles, namespace: :admin
user.can? :edit, @admin_article
user.can? :edit, Admin::ArticlesController
# True if any of the user's clearance levels allows to access 'admin/articles#edit'
18 19 20 21 22 |
# File 'lib/action_access/user_utilities.rb', line 18 def can?(action, resource, = {}) keeper = ActionAccess::Keeper.instance clearance_levels = Array(clearance_levels()) clearance_levels.any? { |c| keeper.lets? c, action, resource, } end |
#clearance_levels ⇒ Object
Accessor for the user’s clearance levels.
Must be overridden to set the proper clearance levels.
Examples:
# Single clearance level (returns string)
def clearance_levels
role.name
end
# Multiple clearance levels (returns array)
def clearance_levels
roles.pluck(:name)
end
41 42 43 44 45 46 47 48 49 50 51 52 |
# File 'lib/action_access/user_utilities.rb', line 41 def clearance_levels # Notify deprecation of `clearance_level` (singular) if defined? clearance_level ActiveSupport::Deprecation.warn \ '[Action Access] The use of "clearance_level" in models ' + 'is going to be deprecated in the next release, rename ' + 'it to "clearance_levels" (plural).' return clearance_level end :guest end |