Module: Newshound::Authorization

Defined in:: lib/newshound/authorization.rb

Class Method Summary collapse

.authorized?(controller) ⇒ Boolean

Check if the current user/controller is authorized to view Newshound data.

Class Method Details

.authorized?(controller) ⇒ `Boolean`

Check if the current user/controller is authorized to view Newshound data

Returns:

(Boolean)

# File 'lib/newshound/authorization.rb', line 7

def authorized?(controller)
  return false unless Newshound.configuration.enabled

  # Use custom authorization block if provided
  if Newshound.configuration.authorization_block
    return Newshound.configuration.authorization_block.call(controller)
  end

  # Default authorization: check if current_user has an authorized role
  user = current_user_from(controller)
  return false unless user

  user_role = user_role_from(user)
  return false unless user_role

  Newshound.configuration.authorized_roles.include?(user_role.to_sym)
end

Module: Newshound::Authorization

Class Method Summary collapse

Class Method Details

.authorized?(controller) ⇒ Boolean

.authorized?(controller) ⇒ `Boolean`