Module: Ez::Permissions::API::Authorize

Included in:

Ez::Permissions::API

Defined in:

lib/ez/permissions/api/authorize.rb,
lib/ez/permissions/api/authorize/model_permissions.rb,
lib/ez/permissions/api/authorize/godmode_permissions.rb

Defined Under Namespace

Classes: GodmodPermissions, ModelPermissions

Instance Method Summary

• #authorize(model, *actions, resource, scoped: nil, raise_exception: false) ⇒ Object

  TODO: Extract object rubocop:disable all.

• #authorize!(model, *actions, resource, scoped: nil, &block) ⇒ Object
• #can?(model, *actions, resource, scoped: nil) ⇒ Boolean

  rubocop:enable all.

• #godmode_permissions ⇒ Object
• #model_permissions(model) ⇒ Object

Instance Method Details

#authorize(model, *actions, resource, scoped: nil, raise_exception: false) ⇒ Object

TODO: Extract object rubocop:disable all

# File 'lib/ez/permissions/api/authorize.rb', line 31

def authorize(model, *actions, resource, scoped: nil, raise_exception: false)
  return handle_no_permission_model_callback.call(self) if handle_no_permission_model_callback && !model

  if can?(model, *actions, resource, scoped: scoped)
    if block_given?
      return yield
    else
      return true
    end
  end

  if handle_not_authorized_callback
    handle_not_authorized_callback.call(self)
  elsif raise_exception
    raise NotAuthorizedError, not_authorized_msg(model, actions, resource, scoped)
  else
    false
  end
end

#authorize!(model, *actions, resource, scoped: nil, &block) ⇒ Object

# File 'lib/ez/permissions/api/authorize.rb', line 25

def authorize!(model, *actions, resource, scoped: nil, &block)
  authorize(model, *actions, resource, scoped: scoped, raise_exception: true, &block)
end

#can?(model, *actions, resource, scoped: nil) ⇒ Boolean

rubocop:enable all

Returns:

• (Boolean)

# File 'lib/ez/permissions/api/authorize.rb', line 52

def can?(model, *actions, resource, scoped: nil)
  permissions(model, *actions, resource, scoped: scoped).any?
end

#godmode_permissions ⇒ Object

# File 'lib/ez/permissions/api/authorize.rb', line 21

def godmode_permissions
  GodmodPermissions.new({})
end

#model_permissions(model) ⇒ Object

# File 'lib/ez/permissions/api/authorize.rb', line 10

def model_permissions(model)
  ModelPermissions.new(
    model.class.includes(assigned_roles: { role: :permissions }).find(model.id).assigned_roles.each_with_object({}) do |assigned_role, acum|
      scoped_key = [assigned_role.scoped_type, assigned_role.scoped_id].compact.join('_')
      assigned_role.role.permissions.each do |permission|
        acum["#{permission.action}_#{permission.resource}_#{scoped_key}".to_sym] = true
      end
    end
  )
end