Module: CubaApi::Guard

Defined in:
lib/cuba_api/guard.rb

Defined Under Namespace

Modules: ClassMethods

Instance Method Summary collapse

Instance Method Details

#allowed_associationsObject 



62
63
64
 
# File 'lib/cuba_api/guard.rb', line 62

def allowed_associations
  guard.associations( guard_context, @_method )
end

#current_groupsObject 



54
55
56
57
58
59
60
 
# File 'lib/cuba_api/guard.rb', line 54

def current_groups
  if current_user
    current_user.groups 
  else
    []
  end
end

#on_associationObject 



85
86
87
88
89
90
91
92
93
 
# File 'lib/cuba_api/guard.rb', line 85

def on_association
  on :association do |association|
    if allowed_associations && allowed_associations.include?( association )
      yield( association )
    else
      no_body :forbidden 
    end
  end
end

#on_context(name, &block) ⇒ Object 



66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
 
# File 'lib/cuba_api/guard.rb', line 66

def on_context( name, &block )
  on name do
    begin
      guard.check_parent( name, guard_context )
      old = guard_context
      guard_context( name )
      yield( *captures )
    rescue Ixtlan::UserManagement::GuardException
      if respond_to?( :authenticated? ) && authenticated?
        no_body :not_found
      else
        no_body :forbidden
      end
    ensure
      guard_context( old )
    end
  end
end

#on_guard(method, *args) ⇒ Object 



95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
 
# File 'lib/cuba_api/guard.rb', line 95

def on_guard( method, *args)
  args.insert( 0, send( method ) )
  on *args do
    
    @_method = method
    
    allowed = allowed( method )

    guard_logger.debug { "check #{method.to_s.upcase} #{guard_context}: #{allowed}" }
    # TODO guard needs no association here
    if allowed
      
      yield( *captures )
    else
      no_body :forbidden # 403
    end
  end
end