Module: Dry::Ability::Controller::DSL
- Included in:
- ClassMethods
- Defined in:
- lib/dry/ability/controller/dsl.rb
Instance Method Summary collapse
- #cancan_skipper ⇒ Object
-
#check_authorization(**options) ⇒ Object
Add this to a controller to ensure it performs authorization through
authorized
! orauthorize_resource
call. - #set_resource_mediator_callback(name, **opts) ⇒ Object (also: #load_and_authorize_resource, #load_resource, #authorize_resource) private
-
#skip_authorization_check(*args) ⇒ Object
Call this in the class of a controller to skip the check_authorization behavior on the actions.
-
#skip_authorize_resource(name, **options) ⇒ Object
Skip the authorization behavior of CanCan.
-
#skip_load_and_authorize_resource(*args) ⇒ Object
Skip both the loading and authorization behavior of CanCan for this given controller.
-
#skip_load_resource(name, **options) ⇒ Object
Skip the loading behavior of CanCan.
Instance Method Details
#cancan_skipper ⇒ Object
155 156 157 |
# File 'lib/dry/ability/controller/dsl.rb', line 155 def cancan_skipper @_cancan_skipper ||= { authorize: {}, load: {} } end |
#check_authorization(**options) ⇒ Object
Add this to a controller to ensure it performs authorization through authorized
! or authorize_resource
call. If neither of these authorization methods are called, a CanCan::AuthorizationNotPerformed exception will be raised. This is normally added to the ApplicationController to ensure all controller actions do authorization.
class ApplicationController < ActionController::Base
end
See skip_authorization_check to bypass this check on specific controller actions.
Options:
- :
only
-
Only applies to given actions.
- :
except
-
Does not apply to given actions.
- :
if
-
Supply the name of a controller method to be called. The authorization check only takes place if this returns true.
:if => :admin_controller?
- :
unless
-
Supply the name of a controller method to be called. The authorization check only takes place if this returns false.
:unless => :devise_controller?
133 134 135 136 137 138 139 140 |
# File 'lib/dry/ability/controller/dsl.rb', line 133 def (**) after_action(**) do |controller| next if controller.instance_variable_defined?(:@_authorized) raise AuthorizationNotPerformed, 'This action failed the check_authorization because it does not authorize_resource. '\ 'Add skip_authorization_check to bypass this check.' end end |
#set_resource_mediator_callback(name, **opts) ⇒ Object Also known as: load_resource, ,
This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.
17 18 19 20 21 22 23 24 |
# File 'lib/dry/ability/controller/dsl.rb', line 17 def set_resource_mediator_callback(name, **opts) = opts.extract!(:only, :except, :if, :unless, :prepend) @_resource_mediators ||= Concurrent::Map.new @_resource_mediators.fetch_or_store(name) do ResourceMediator.new(name, controller_path, __callee__, **opts). tap { |m| before_action m, } end.sequence << __callee__ end |
#skip_authorization_check(*args) ⇒ Object
Call this in the class of a controller to skip the check_authorization behavior on the actions.
class HomeController < ApplicationController
:only => :index
end
Any arguments are passed to the before_action
it triggers.
149 150 151 152 153 |
# File 'lib/dry/ability/controller/dsl.rb', line 149 def (*args) before_action(*args) do |controller| controller.instance_variable_set(:@_authorized, true) end end |
#skip_authorize_resource(name, **options) ⇒ Object
Skip the authorization behavior of CanCan. This is useful when using load_and_authorize_resource
but want to only do loading on certain actions. You can pass :only and :except options to specify which actions to skip the effects on. It will apply to all actions by default.
class ProjectsController < ApplicationController
:only => :index
end
You can also pass the resource name as the first argument to skip that resource.
99 100 101 |
# File 'lib/dry/ability/controller/dsl.rb', line 99 def (name, **) cancan_skipper[:authorize][name] = end |
#skip_load_and_authorize_resource(*args) ⇒ Object
Skip both the loading and authorization behavior of CanCan for this given controller. This is primarily useful to skip the behavior of a superclass. You can pass :only and :except options to specify which actions to skip the effects on. It will apply to all actions by default.
class ProjectsController < SomeOtherController
:only => :index
end
You can also pass the resource name as the first argument to skip that resource.
70 71 72 73 |
# File 'lib/dry/ability/controller/dsl.rb', line 70 def (*args) skip_load_resource(*args) (*args) end |
#skip_load_resource(name, **options) ⇒ Object
Skip the loading behavior of CanCan. This is useful when using load_and_authorize_resource
but want to only do authorization on certain actions. You can pass :only and :except options to specify which actions to skip the effects on. It will apply to all actions by default.
class ProjectsController < ApplicationController
skip_load_resource :only => :index
end
You can also pass the resource name as the first argument to skip that resource.
85 86 87 |
# File 'lib/dry/ability/controller/dsl.rb', line 85 def skip_load_resource(name, **) cancan_skipper[:load][name] = end |