Module: Eaco::Controller::ClassMethods

Defined in:: lib/eaco/controller.rb

Overview

Controller authorization DSL.

Instance Method Summary collapse

#authorization_permissions ⇒ Object protected

Permission requirements configured on this controller.
#authorize(*actions) ⇒ Object

Defines the ability required to access a given controller action.
#permission_for(action) ⇒ Symbol

The permission required to access the given action.

Instance Method Details

#authorization_permissions ⇒ `Object` (protected)

Permission requirements configured on this controller.



67
68
69

# File 'lib/eaco/controller.rb', line 67

def authorization_permissions
  @_authorization_permissions ||= {}
end

#authorize(*actions) ⇒ `Object`

Defines the ability required to access a given controller action.

Example:

class DocumentsController < ApplicationController
  authorize :index,           [:folder, :index]
  authorize :show,            [:folder, :read]
  authorize :create, :update, [:folder, :write]
end

Here @folder is expected to be an authorized Resource, and for the index action the current_user is checked to can?(:index, @folder) while for show, can?(:read, @folder) and for create and update checks that it can?(:write, @folder).

The special :all action name requires the given ability on the given Resource for all actions.

If an action has no authorization defined, access is granted.

Adds Eaco::Controller#confront_eaco as a before_filter.

Parameters:

actions (Variadic) —

see above.

Returns:

void

# File 'lib/eaco/controller.rb', line 45

def authorize(*actions)
  target = actions.pop

  actions.each {|action| authorization_permissions.update(action => target)}

  @_eaco_filter_installed ||= begin
    before_filter :confront_eaco
    true
  end
end

#permission_for(action) ⇒ `Symbol`

Returns the permission required to access the given action.