Module: Ez::Permissions::API::Authorize
- Included in:
- Ez::Permissions::API
- Defined in:
- lib/ez/permissions/api/authorize.rb,
lib/ez/permissions/api/authorize/model_permissions.rb,
lib/ez/permissions/api/authorize/godmode_permissions.rb
Defined Under Namespace
Classes: GodmodPermissions, ModelPermissions
Instance Method Summary collapse
-
#authorize(model, *actions, resource, scoped: nil, raise_exception: false) ⇒ Object
TODO: Extract object rubocop:disable all.
- #authorize!(model, *actions, resource, scoped: nil, &block) ⇒ Object
-
#can?(model, *actions, resource, scoped: nil) ⇒ Boolean
rubocop:enable all.
- #godmode_permissions ⇒ Object
- #model_permissions(model) ⇒ Object
Instance Method Details
#authorize(model, *actions, resource, scoped: nil, raise_exception: false) ⇒ Object
TODO: Extract object rubocop:disable all
31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 |
# File 'lib/ez/permissions/api/authorize.rb', line 31 def (model, *actions, resource, scoped: nil, raise_exception: false) return .call(self) if && !model if can?(model, *actions, resource, scoped: scoped) if block_given? return yield else return true end end if .call(self) elsif raise_exception raise NotAuthorizedError, (model, actions, resource, scoped) else false end end |
#authorize!(model, *actions, resource, scoped: nil, &block) ⇒ Object
25 26 27 |
# File 'lib/ez/permissions/api/authorize.rb', line 25 def (model, *actions, resource, scoped: nil, &block) (model, *actions, resource, scoped: scoped, raise_exception: true, &block) end |
#can?(model, *actions, resource, scoped: nil) ⇒ Boolean
rubocop:enable all
52 53 54 |
# File 'lib/ez/permissions/api/authorize.rb', line 52 def can?(model, *actions, resource, scoped: nil) (model, *actions, resource, scoped: scoped).any? end |
#godmode_permissions ⇒ Object
21 22 23 |
# File 'lib/ez/permissions/api/authorize.rb', line 21 def GodmodPermissions.new({}) end |
#model_permissions(model) ⇒ Object
10 11 12 13 14 15 16 17 18 19 |
# File 'lib/ez/permissions/api/authorize.rb', line 10 def (model) ModelPermissions.new( model.class.includes(assigned_roles: { role: :permissions }).find(model.id).assigned_roles.each_with_object({}) do |assigned_role, acum| scoped_key = [assigned_role.scoped_type, assigned_role.scoped_id].compact.join('_') assigned_role.role..each do || acum["#{.action}_#{.resource}_#{scoped_key}".to_sym] = true end end ) end |