Class: ActionController::Metal
- Inherits:
-
Object
- Object
- ActionController::Metal
- Defined in:
- lib/authorizer/action_controller_patch.rb
Overview
This class adds instance methods to base controller to increase the ease with which authorization may be checked from controllers.
Instance Method Summary collapse
-
#check_authorization(resource, authorizee, **options) ⇒ Object
This method checks the authorization of a given actor (authorizee) to complete the controller action for the specified resource.
Instance Method Details
#check_authorization(resource, authorizee, **options) ⇒ Object
This method checks the authorization of a given actor (authorizee) to complete the controller action for the specified resource.
The resource can be a single model or a List of models. In the case of a list of models, there are several options for dealing with list members that fail authorization checks. The default option is behavior: :filter which will authorize the list but will hide all members of the list which fail the authorization check. Other options are :allow_all and :deny_all. :allow_all will permit the entire list and include even list members which fail the authorization test. :deny_all, on the other, authorizes the list only if all of its members pass the authorization check. Therefore, if any list member fails the authorization check, the actor is forbidden from completing the action on the entire list.
31 32 33 34 35 36 37 38 39 40 41 42 43 |
# File 'lib/authorizer/action_controller_patch.rb', line 31 def (resource, , **) action = "#{params[:controller]}##{action_name}" if resource.respond_to?(:length) return resource if resource.length == 0 r = Resource.new(action, , *resource, **) result = r.get else result = resource.(action, ) end result end |