Module: ActiveAdmin::BaseController::Authorization
- Extended by:
- ActiveSupport::Concern
- Includes:
- MethodOrProcHelper
- Included in:
- ActiveAdmin::BaseController
- Defined in:
- lib/active_admin/base_controller/authorization.rb
Constant Summary collapse
- ACTIONS_DICTIONARY =
{ index: ActiveAdmin::Authorization::READ, show: ActiveAdmin::Authorization::READ, new: ActiveAdmin::Authorization::CREATE, create: ActiveAdmin::Authorization::CREATE, edit: ActiveAdmin::Authorization::UPDATE, update: ActiveAdmin::Authorization::UPDATE, destroy: ActiveAdmin::Authorization::DESTROY }
Instance Method Summary collapse
-
#action_to_permission(action) ⇒ Symbol
protected
Converts a controller action into one of the correct Active Admin authorization names.
-
#active_admin_authorization ⇒ ActiveAdmin::AuthorizationAdapter
protected
Retrieve or instantiate the authorization instance for this resource.
-
#active_admin_authorization_adapter ⇒ Class
protected
Returns the class to be used as the authorization adapter.
-
#authorize!(action, subject = nil) ⇒ Boolean
protected
Authorize the action and subject.
-
#authorize_resource!(resource) ⇒ Object
protected
Performs authorization on the resource using the current controller action as the permission action.
-
#authorized?(action, subject = nil) ⇒ Boolean
protected
Authorize the action and subject.
- #dispatch_active_admin_access_denied(exception) ⇒ Object protected
- #redirect_backwards_or_to_root ⇒ Object protected
- #rescue_active_admin_access_denied(exception) ⇒ Object protected
Methods included from MethodOrProcHelper
#call_method_or_exec_proc, #call_method_or_proc_on, #render_in_context, #render_or_call_method_or_proc_on
Instance Method Details
#action_to_permission(action) ⇒ Symbol (protected)
Converts a controller action into one of the correct Active Admin authorization names. Uses the ACTIONS_DICTIONARY to convert the action name to permission.
97 98 99 100 101 |
# File 'lib/active_admin/base_controller/authorization.rb', line 97 def (action) if action && action = action.to_sym Authorization::ACTIONS_DICTIONARY[action] || action end end |
#active_admin_authorization ⇒ ActiveAdmin::AuthorizationAdapter (protected)
Retrieve or instantiate the authorization instance for this resource
73 74 75 76 |
# File 'lib/active_admin/base_controller/authorization.rb', line 73 def @active_admin_authorization ||= .new active_admin_config, current_active_admin_user end |
#active_admin_authorization_adapter ⇒ Class (protected)
Returns the class to be used as the authorization adapter
81 82 83 84 85 86 87 88 |
# File 'lib/active_admin/base_controller/authorization.rb', line 81 def adapter = active_admin_namespace. if adapter.is_a? String ActiveSupport::Dependencies.constantize adapter else adapter end end |
#authorize!(action, subject = nil) ⇒ Boolean (protected)
Authorize the action and subject. Available in the controller as well as all the views. If the action is not allowd, it raises an ActiveAdmin::AccessDenied exception.
54 55 56 57 58 59 60 |
# File 'lib/active_admin/base_controller/authorization.rb', line 54 def (action, subject = nil) unless action, subject raise ActiveAdmin::AccessDenied.new(current_active_admin_user, action, subject) end end |
#authorize_resource!(resource) ⇒ Object (protected)
Performs authorization on the resource using the current controller action as the permission action.
65 66 67 68 |
# File 'lib/active_admin/base_controller/authorization.rb', line 65 def (resource) = (params[:action]) , resource end |
#authorized?(action, subject = nil) ⇒ Boolean (protected)
Authorize the action and subject. Available in the controller as well as all the views.
37 38 39 |
# File 'lib/active_admin/base_controller/authorization.rb', line 37 def (action, subject = nil) .(action, subject) end |
#dispatch_active_admin_access_denied(exception) ⇒ Object (protected)
103 104 105 |
# File 'lib/active_admin/base_controller/authorization.rb', line 103 def dispatch_active_admin_access_denied(exception) call_method_or_exec_proc active_admin_namespace., exception end |
#redirect_backwards_or_to_root ⇒ Object (protected)
124 125 126 |
# File 'lib/active_admin/base_controller/authorization.rb', line 124 def redirect_backwards_or_to_root ActiveAdmin::Dependency.rails.redirect_back self, active_admin_root end |
#rescue_active_admin_access_denied(exception) ⇒ Object (protected)
107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 |
# File 'lib/active_admin/base_controller/authorization.rb', line 107 def rescue_active_admin_access_denied(exception) error = exception. respond_to do |format| format.html do flash[:error] = error redirect_backwards_or_to_root end body = ActiveAdmin::Dependency.rails.render_key format.csv { render body => error, status: :unauthorized } format.json { render json: { error: error }, status: :unauthorized } format.xml { render xml: "<error>#{error}</error>", status: :unauthorized } end end |