Module: EasyAdmin::Permissions::Controller

Extended by:

ActiveSupport::Concern

Defined in:

lib/easy_admin/permissions/controller.rb

Defined Under Namespace

Classes: BasicPermissionDeniedComponent, BasicRoleDeniedComponent

Instance Method Summary

• #can?(permission_name, context: nil) ⇒ Boolean

  Check permission in views (helper method).

• #check_permissions_for_action ⇒ Object

  Before action to check permissions for CRUD operations.

• #current_user_can?(permission_name, context: nil) ⇒ Boolean

  Check if current user has permission.

• #current_user_has_role?(role_name, context: nil) ⇒ Boolean

  Check if current user has role.

• #current_user_permissions(context: nil) ⇒ Object

  Get current user’s permissions for view helpers.

• #has_role?(role_name, context: nil) ⇒ Boolean

  Check role in views (helper method).

• #require_permission!(permission_name, context: nil) ⇒ Object

  Require permission or show 403 error.

• #require_role!(role_name, context: nil) ⇒ Object

  Require role or show 403 error.

Instance Method Details

#can?(permission_name, context: nil) ⇒ Boolean

Check permission in views (helper method)

Returns:

• (Boolean)

# File 'lib/easy_admin/permissions/controller.rb', line 67

def can?(permission_name, context: nil)
  current_user_can?(permission_name, context: context)
end

#check_permissions_for_action ⇒ Object

Before action to check permissions for CRUD operations

# File 'lib/easy_admin/permissions/controller.rb', line 41

def check_permissions_for_action
  action = action_name.to_s
  resource_name = controller_name
  
  permission_map = {
    'index' => "#{resource_name}:read",
    'show' => "#{resource_name}:read", 
    'new' => "#{resource_name}:create",
    'create' => "#{resource_name}:create",
    'edit' => "#{resource_name}:update",
    'update' => "#{resource_name}:update",
    'destroy' => "#{resource_name}:delete"
  }
  
  if permission_name = permission_map[action]
    require_permission!(permission_name)
  end
end

#current_user_can?(permission_name, context: nil) ⇒ Boolean

Check if current user has permission

Returns:

• (Boolean)

# File 'lib/easy_admin/permissions/controller.rb', line 17

def current_user_can?(permission_name, context: nil)
  EasyAdmin::Permissions.authorized?(current_user, permission_name, context: context)
end

#current_user_has_role?(role_name, context: nil) ⇒ Boolean

Check if current user has role

Returns:

• (Boolean)

# File 'lib/easy_admin/permissions/controller.rb', line 22

def current_user_has_role?(role_name, context: nil)
  EasyAdmin::Permissions.has_role?(current_user, role_name, context: context)
end

#current_user_permissions(context: nil) ⇒ Object

Get current user’s permissions for view helpers

# File 'lib/easy_admin/permissions/controller.rb', line 61

def current_user_permissions(context: nil)
  return [] unless current_user
  EasyAdmin::Permissions.user_permissions(current_user, context: context)
end

#has_role?(role_name, context: nil) ⇒ Boolean

Check role in views (helper method)

Returns:

• (Boolean)

# File 'lib/easy_admin/permissions/controller.rb', line 72

def has_role?(role_name, context: nil)
  current_user_has_role?(role_name, context: context)
end

#require_permission!(permission_name, context: nil) ⇒ Object

Require permission or show 403 error

# File 'lib/easy_admin/permissions/controller.rb', line 27

def require_permission!(permission_name, context: nil)
  unless current_user_can?(permission_name, context: context)
    handle_permission_denied(permission_name)
  end
end

#require_role!(role_name, context: nil) ⇒ Object

Require role or show 403 error

# File 'lib/easy_admin/permissions/controller.rb', line 34

def require_role!(role_name, context: nil)
  unless current_user_has_role?(role_name, context: context)
    handle_role_denied(role_name)
  end
end