Module: Authority::Controller::ClassMethods

Defined in:
lib/authority/controller.rb

Instance Method Summary collapse

Instance Method Details

#add_actions(action_map) ⇒ Object

Adds the passed in actions to the current action map.

with the existing action map

Parameters:

  • action_map (Hash)

    • controller actions and methods to be merged



91
92
93
 
# File 'lib/authority/controller.rb', line 91

def add_actions(action_map)
  authority_action_map.merge!(action_map)
end

#authority_action(action_map) ⇒ Object 



64
65
66
67
68
69
70
 
# File 'lib/authority/controller.rb', line 64

def authority_action(action_map)
  Authority.logger.warn "Authority's `authority_action` method has been renamed \
  to `authority_actions` (plural) to reflect the fact that you can \
  set multiple actions in one shot. Please update your controllers \
  accordingly. (called from #{caller.first})".squeeze(' ')
  authority_actions(action_map)
end

#authority_action_mapHash

The controller action to authority action map used for determining which Rails actions map to which authority actions (ex: index to read)

Returns:

  • (Hash)

    A duplicated copy of the configured controller_action_map



83
84
85
 
# File 'lib/authority/controller.rb', line 83

def authority_action_map
  @authority_action_map ||= Authority.configuration.controller_action_map.dup
end

#authority_actions(action_map) ⇒ Object

Allows defining and overriding a controller’s map of its actions to the model’s authorizer methods

Parameters:

  • action_map (Hash)

    • controller actions and methods, to be merged with existing action_map



58
59
60
61
62
 
# File 'lib/authority/controller.rb', line 58

def authority_actions(action_map)
  forced_action = action_map.delete(:all_actions)
  add_actions(action_map)
  force_action(forced_action) if forced_action
end

#authorize_actions_for(resource_or_finder, options = {}) ⇒ Object

Sets up before_filter to ensure user is allowed to perform a given controller action

should be consulted, or instance method on the controller which will determine that class when the request is made be merged with existing ones and any other options applicable to a before_filter

Parameters:

  • resource_or_finder (Class OR Symbol)

    • class whose authorizer

  • options (Hash) (defaults to: {})

    • can contain :actions to



44
45
46
47
48
49
50
51
52
53
 
# File 'lib/authority/controller.rb', line 44

def authorize_actions_for(resource_or_finder, options = {})
  self.authority_resource = resource_or_finder
  add_actions(options.fetch(:actions, {}))
  force_action(options[:all_actions]) if options[:all_actions]
  if respond_to? :before_action
    before_action :run_authorization_check, options
  else
    before_filter :run_authorization_check, options
  end
end

#ensure_authorization_performed(options = {}) ⇒ Object

Convenience wrapper for instance method



73
74
75
76
77
 
# File 'lib/authority/controller.rb', line 73

def ensure_authorization_performed(options = {})
  after_filter(options.slice(:only, :except)) do |controller_instance|
    controller_instance.ensure_authorization_performed(options)
  end
end

#force_action(forced_action) ⇒ Object

Updates the current action map to use the forced action for all of it’s actions.

for all Rails actions in the action map

Parameters:

  • forced_action (String OR Symbol)

    • the authority action to use



100
101
102
103
104
 
# File 'lib/authority/controller.rb', line 100

def force_action(forced_action)
  add_actions(
    Hash[authority_action_map.map {|key, _| [key, forced_action] }]
  )
end