Module: Canner

Defined in:

lib/canner.rb,
lib/canner/version.rb,
lib/generators/canner/policy/policy_generator.rb,
lib/generators/canner/install/install_generator.rb

Overview

ASSUMES that your permissions policy is in a file with the same name as your model but with Perm. i.e UserPerm, CustomerPerm

Defined Under Namespace

Modules: Generators Classes: AuthNotUsedError, NotAuthorizedError, ScopeNotUsedError

Constant Summary

VERSION =

"0.0.2"

Class Method Summary

• .included(c) ⇒ Object

  so you don’t have to have a helper method in the app_controller.

Instance Method Summary

• #can?(method_name, target_model) ⇒ Boolean

  method_name - The controller action method that you are concerned with access target_model - Name of the object you are limiting access to.

• #canner_scope(method_name, target_model) ⇒ Object

  method_name - The controller action method that you are concerned with access target_model - Name of the object you are limiting access to.

• #instance_can?(method_name, target_model, target_obj) ⇒ Boolean

  method_name - The controller action method that you are concerned with access target_model - Name of the object you are limiting access to.

Class Method Details

.included(c) ⇒ Object

so you don’t have to have a helper method in the app_controller

# File 'lib/canner.rb', line 6

def self.included(c)
  c.helper_method :canner_policy
end

Instance Method Details

#can?(method_name, target_model) ⇒ Boolean

method_name - The controller action method that you are concerned with access target_model - Name of the object you are limiting access to. ( :user, :pet, :customer )

Returns:

• (Boolean)

Raises:

• (NotAuthorizedError)

# File 'lib/canner.rb', line 27

def can?(method_name, target_model)
  @auth_used = true
  raise NotAuthorizedError.new("You are not authorized to perform this action.") unless canner_policy(method_name, target_model).can?
end

#canner_scope(method_name, target_model) ⇒ Object

method_name - The controller action method that you are concerned with access target_model - Name of the object you are limiting access to. ( :user, :pet, :customer )

# File 'lib/canner.rb', line 34

def canner_scope(method_name, target_model)
  @scope_used = true
  canner_policy(method_name, target_model).canner_scope
end

#instance_can?(method_name, target_model, target_obj) ⇒ Boolean

method_name - The controller action method that you are concerned with access target_model - Name of the object you are limiting access to. ( :user, :pet, :customer ) target_obj - The instance obj for what you want to test. ( does user 1 have access to company 1?)

Returns:

• (Boolean)

Raises:

• (NotAuthorizedError)

# File 'lib/canner.rb', line 20

def instance_can?(method_name, target_model, target_obj)
  policy = canner_policy(method_name, target_model)
  raise NotAuthorizedError.new("You do not have access to this #{target_model.capitalize}") unless policy.instance_can?(target_obj)
end