Module: Authorization

Defined in:
lib/declarative_authorization/reader.rb,
lib/declarative_authorization/helper.rb,
lib/declarative_authorization/in_model.rb,
lib/declarative_authorization/maintenance.rb,
lib/declarative_authorization/railsengine.rb,
lib/declarative_authorization/authorization.rb,
lib/declarative_authorization/controller/dsl.rb,
lib/declarative_authorization/controller/grape.rb,
lib/declarative_authorization/controller/rails.rb,
lib/declarative_authorization/obligation_scope.rb,
lib/declarative_authorization/controller/runtime.rb,
lib/generators/authorization/rules/rules_generator.rb,
lib/declarative_authorization/controller_permission.rb,
lib/generators/authorization/install/install_generator.rb

Overview

Mixin to be added to rails controllers

Defined Under Namespace

Modules: AuthorizationHelper, AuthorizationInModel, Controller, Maintenance, Reader, TestHelper Classes: AnonymousUser, Attribute, AttributeAuthorizationError, AttributeWithPermission, AuthorizationError, AuthorizationRule, AuthorizationRuleSet, AuthorizationUsageError, Config, ControllerPermission, Engine, InstallGenerator, NilAttributeValueError, NotAuthorized, ObligationScope, RailsEngine, RulesGenerator

Constant Summary collapse

AUTH_DSL_FILES = 
[Pathname.new(Rails.root || '').join("config", "authorization_rules.rb").to_s]
@@dot_path = 
"dot"
@@default_role = 
:guest

Class Method Summary collapse

Class Method Details

.configObject 



35
36
37
 
# File 'lib/declarative_authorization/authorization.rb', line 35

def self.config
  @config ||= Config.new
end

.configure {|config| ... } ⇒ Object

Yields:



39
40
41
 
# File 'lib/declarative_authorization/authorization.rb', line 39

def self.configure
  yield config
end

.current_userObject

Controller-independent method for retrieving the current user. Needed for model security where the current controller is not available.



47
48
49
 
# File 'lib/declarative_authorization/authorization.rb', line 47

def self.current_user
  Thread.current["current_user"] || guest_user
end

.current_user=(user) ⇒ Object

Controller-independent method for setting the current user.



52
53
54
 
# File 'lib/declarative_authorization/authorization.rb', line 52

def self.current_user=(user)
  Thread.current["current_user"] = user
end

.default_roleObject 



80
81
82
 
# File 'lib/declarative_authorization/authorization.rb', line 80

def self.default_role
  @@default_role
end

.default_role=(role) ⇒ Object 



84
85
86
 
# File 'lib/declarative_authorization/authorization.rb', line 84

def self.default_role=(role)
  @@default_role = role.to_sym
end

.dot_pathObject 



71
72
73
 
# File 'lib/declarative_authorization/authorization.rb', line 71

def self.dot_path
  @@dot_path
end

.dot_path=(path) ⇒ Object 



75
76
77
 
# File 'lib/declarative_authorization/authorization.rb', line 75

def self.dot_path=(path)
  @@dot_path = path
end

.guest_userObject 



56
57
58
 
# File 'lib/declarative_authorization/authorization.rb', line 56

def self.guest_user
  @@guest_user ||= AnonymousUser.new
end

.ignore_access_control(state = nil) ⇒ Object

For use in test cases only



65
66
67
68
 
# File 'lib/declarative_authorization/authorization.rb', line 65

def self.ignore_access_control(state = nil) # :nodoc:
  Thread.current["ignore_access_control"] = state unless state.nil?
  Thread.current["ignore_access_control"] || false
end

.is_a_association_proxy?(object) ⇒ Boolean

Returns:

  • (Boolean) 


88
89
90
 
# File 'lib/declarative_authorization/authorization.rb', line 88

def self.is_a_association_proxy?(object)
  object.respond_to?(:proxy_association)
end

.non_guest_current_userObject 



60
61
62
 
# File 'lib/declarative_authorization/authorization.rb', line 60

def self.non_guest_current_user
  current_user unless current_user.is_a?(AnonymousUser)
end