Class: Helioth::ControllerResource

Inherits:

Object

• Object
• Helioth::ControllerResource

Defined in:

lib/helioth/controller_resource.rb

Class Method Summary

• .add_before_filter(controller_class, method, *args) ⇒ Object

Instance Method Summary

• #initialize(controller, feature, *actions) ⇒ ControllerResource constructor

  A new instance of ControllerResource.

• #load_and_authorize_for ⇒ Object

Constructor Details

#initialize(controller, feature, *actions) ⇒ ControllerResource

Returns a new instance of ControllerResource.

# File 'lib/helioth/controller_resource.rb', line 15

def initialize(controller, feature, *actions)
  @controller = controller
  @feature = feature
  @actions = actions.flatten
end

Class Method Details

.add_before_filter(controller_class, method, *args) ⇒ Object

# File 'lib/helioth/controller_resource.rb', line 5

def self.add_before_filter(controller_class, method, *args)
  feature = args.first
  options = args.extract_options!

  before_filter_method = options.delete(:prepend) ? :prepend_before_filter : :before_filter
  controller_class.send(:before_filter, options.slice(:only, :except, :if, :unless)) do |controller|
    ControllerResource.new(controller, feature, (options.slice(:action, :actions)).values).send(method)
  end
end

Instance Method Details

#load_and_authorize_for ⇒ Object

# File 'lib/helioth/controller_resource.rb', line 21

def load_and_authorize_for
  unless @controller.access_to?(@feature, @actions)
    ##TODO change the behavior based on rails env
    Rails.logger.info("Access to controller forbidden for feature :#{@feature}")
    @controller.render :text=>"Access forbidden", :status=>403
  else
    Rails.logger.debug("Access to controller granted for feature :#{@feature}")
    Rails.logger.debug("Access to controller granted for actions #{@actions.inspect}") if @actions.present?
  end
end