Module: AuthorizedSystem

Defined in:: app/models/authorized_system.rb

Overview

AuthorizedSystem is ‘include’d in ActionController by the authengine engine see lib/authengine/engine.rb

Instance Method Summary collapse

#action_permitted?(controller, action) ⇒ Boolean
#check_permissions(controller = request.parameters["controller"], action = request.parameters["action"]) ⇒ Object

for each and every action, we check the configured permission for the role(s) assigned to the logged-in user The controller and action can be passed as parameters, to check whether or not to display a link/button or else the current request controller/action are used to check whether or not to display a page.
#current_role_ids ⇒ Object
#current_role_ids=(ids) ⇒ Object

established for the session when the user logs in may be modified later if user’s roles are modified or if session is downgraded.
#permitted?(controller, action) ⇒ Boolean

Instance Method Details

#action_permitted?(controller, action) ⇒ `Boolean`

Returns:

(Boolean)



15
16
17

# File 'app/models/authorized_system.rb', line 15

def action_permitted?(controller, action)
  ActionRole.permits_access_for(controller, action, current_role_ids)
end

#check_permissions(controller = request.parameters["controller"], action = request.parameters["action"]) ⇒ `Object`

for each and every action, we check the configured permission for the role(s) assigned to the logged-in user The controller and action can be passed as parameters, to check whether or not to display a link/button or else the current request controller/action are used to check whether or not to display a page

# File 'app/models/authorized_system.rb', line 27

def check_permissions(controller = request.parameters["controller"], action = request.parameters["action"])
  permission = false
  if !logged_in?
    logger.info "access denied: not logged in"
    access_denied
  elsif permitted?(controller, action)
    permission = true
  else
    logger.info "permission denied, #{controller}, #{action}"
    permission_denied
  end
  permission
end

#current_role_ids ⇒ `Object`



11
12
13

# File 'app/models/authorized_system.rb', line 11

def current_role_ids
  session[:role].current_role_ids
end

#current_role_ids=(ids) ⇒ `Object`

established for the session when the user logs in may be modified later if user’s roles are modified or if session is downgraded



7
8
9

# File 'app/models/authorized_system.rb', line 7

def current_role_ids=(ids)
  session[:role].current_role_ids = ids
end

#permitted?(controller, action) ⇒ `Boolean`

Returns:

(Boolean)



19
20
21

# File 'app/models/authorized_system.rb', line 19

def permitted?(controller, action)
  action_permitted?(controller, action) && logged_in?
end

Module: AuthorizedSystem

Overview

Instance Method Summary collapse

Instance Method Details

#action_permitted?(controller, action) ⇒ Boolean

#check_permissions(controller = request.parameters["controller"], action = request.parameters["action"]) ⇒ Object

#current_role_ids ⇒ Object

#current_role_ids=(ids) ⇒ Object

#permitted?(controller, action) ⇒ Boolean

#action_permitted?(controller, action) ⇒ `Boolean`

#check_permissions(controller = request.parameters["controller"], action = request.parameters["action"]) ⇒ `Object`

#current_role_ids ⇒ `Object`

#current_role_ids=(ids) ⇒ `Object`

#permitted?(controller, action) ⇒ `Boolean`