Class: PermissionPolicy::Authorization

Inherits:
Object
  • Object
show all
Defined in:
lib/permission_policy/authorization.rb

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(context) ⇒ Authorization

Returns a new instance of Authorization.



5
6
7
8
9
10
11
12
13
 
# File 'lib/permission_policy/authorization.rb', line 5

def initialize(context)
  @preconditions = []
  @context = context

  context.authorization_preconditions.each do |precondition|
    set! precondition, context.public_send(precondition)
    @preconditions << precondition
  end
end

Instance Attribute Details

#preconditionsObject (readonly)

Returns the value of attribute preconditions.



3
4
5
 
# File 'lib/permission_policy/authorization.rb', line 3

def preconditions
  @preconditions
end

#verifiedObject (readonly)

Returns the value of attribute verified.



3
4
5
 
# File 'lib/permission_policy/authorization.rb', line 3

def verified
  @verified
end

Instance Method Details

#allowed?(action, options = {}) ⇒ Boolean

Decides if the action is allowed based on the matching strategy. You may want to use this method for controlflow inside views.

Example:

do_something if allowed?(:manage, subject: my_subject)

Returns:

  • (Boolean) 


22
23
24
 
# File 'lib/permission_policy/authorization.rb', line 22

def allowed?(action, options = {})
  strategy_for(action, options).allowed?
end

#authorize!(action, options = {}) ⇒ Object

Delegates to #allowed? but raises a NotAllowed exception when false. You may want to use this method for halting the execution of a controller method.

Example:

def edit
  allow!(:manage, subject: my_subject)
end



35
36
37
38
 
# File 'lib/permission_policy/authorization.rb', line 35

def authorize!(action, options = {})
  @verified = true
  !!allowed?(action, options) or raise PermissionPolicy::NotAllowed
end