Module: BreakDance::ControllerAdditions

Defined in:
lib/break_dance/controller_additions.rb

Defined Under Namespace

Modules: ClassMethods

Class Method Summary collapse

Instance Method Summary collapse

Class Method Details

.included(base) ⇒ Object 



10
11
12
13
 
# File 'lib/break_dance/controller_additions.rb', line 10

def self.included(base)
  base.extend ClassMethods
  base.helper_method :can?, :cannot?
end

Instance Method Details

#can?(action, resource) ⇒ Boolean

Returns:



19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
 
# File 'lib/break_dance/controller_additions.rb', line 19

def can?(action, resource)
  return true unless with_authorization?

  allowed_permissions = current_permissions['resources'].select { |_,v| v == '1'}

  allowed = allowed_permissions.any? do |r|
    RequestStore.store[:security_policy_holder].resources[r[0].to_sym] and RequestStore.store[:security_policy_holder].resources[r[0].to_sym][:can].any? do |k,v|
      v = Array.wrap(v)
      k == resource.to_sym && (
      (
        v.include?(:all_actions) &&
        !(
          RequestStore.store[:security_policy_holder].resources[r[0].to_sym][:except] &&
          RequestStore.store[:security_policy_holder].resources[r[0].to_sym][:except][resource.to_sym] &&
          RequestStore.store[:security_policy_holder].resources[r[0].to_sym][:except][resource.to_sym].include?(action.to_sym)
        )
      ) || v.include?(action.to_sym) )
    end
  end

  allowed
end

#cannot?(action, resource) ⇒ Boolean

Returns:



42
43
44
 
# File 'lib/break_dance/controller_additions.rb', line 42

def cannot?(action, resource)
  !can?(action, resource)
end

#current_permissionsObject 



46
47
48
 
# File 'lib/break_dance/controller_additions.rb', line 46

def current_permissions
  Permissions.for_user(current_user)
end

#with_authorization?Boolean

Returns:



15
16
17
 
# File 'lib/break_dance/controller_additions.rb', line 15

def with_authorization?
  @with_authorization || false
end