Module: CubaApi::Guard
- Defined in:
- lib/cuba_api/guard.rb
Defined Under Namespace
Modules: ClassMethods
Instance Method Summary collapse
- #allowed_associations ⇒ Object
- #current_groups ⇒ Object
- #on_association ⇒ Object
- #on_context(name, &block) ⇒ Object
- #on_guard(method, *args) ⇒ Object
Instance Method Details
#allowed_associations ⇒ Object
62 63 64 |
# File 'lib/cuba_api/guard.rb', line 62 def allowed_associations guard.associations( guard_context, @_method ) end |
#current_groups ⇒ Object
54 55 56 57 58 59 60 |
# File 'lib/cuba_api/guard.rb', line 54 def current_groups if current_user current_user.groups else [] end end |
#on_association ⇒ Object
85 86 87 88 89 90 91 92 93 |
# File 'lib/cuba_api/guard.rb', line 85 def on_association on :association do |association| if allowed_associations && allowed_associations.include?( association ) yield( association ) else no_body :forbidden end end end |
#on_context(name, &block) ⇒ Object
66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 |
# File 'lib/cuba_api/guard.rb', line 66 def on_context( name, &block ) on name do begin guard.check_parent( name, guard_context ) old = guard_context guard_context( name ) yield( *captures ) rescue Ixtlan::UserManagement::GuardException if respond_to?( :authenticated? ) && authenticated? no_body :not_found else no_body :forbidden end ensure guard_context( old ) end end end |
#on_guard(method, *args) ⇒ Object
95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 |
# File 'lib/cuba_api/guard.rb', line 95 def on_guard( method, *args) args.insert( 0, send( method ) ) on *args do @_method = method allowed = allowed( method ) guard_logger.debug { "check #{method.to_s.upcase} #{guard_context}: #{allowed}" } # TODO guard needs no association here if allowed yield( *captures ) else no_body :forbidden # 403 end end end |