Module: RailsIdentity::ApplicationHelper
- Includes:
- Repia::BaseHelper
- Included in:
- ApplicationController
- Defined in:
- app/helpers/rails_identity/application_helper.rb
Instance Method Summary collapse
-
#authorized?(obj) ⇒ Boolean
Determines if the user is authorized for the object.
-
#get_user(fallback: true) ⇒ Object
Helper method to get the user object in the request, which is specified by :user_id parameter.
Instance Method Details
#authorized?(obj) ⇒ Boolean
Determines if the user is authorized for the object.
113 114 115 116 117 118 119 120 121 122 123 124 125 126 |
# File 'app/helpers/rails_identity/application_helper.rb', line 113 def (obj) logger.debug("Checking to see if authorized to access object") if @auth_user.nil? # :nocov: return false # :nocov: elsif @auth_user.role >= Roles::ADMIN return true elsif obj.is_a? User return obj == @auth_user else return obj.try(:user) == @auth_user end end |
#get_user(fallback: true) ⇒ Object
Helper method to get the user object in the request, which is specified by :user_id parameter. There are two ways to specify the user id–one in the routing or the auth context.
An Repia::Errors::Unauthorized is raised if the authenticated user is not authorized for the specified user information.
An Repia::Errors::NotFound is raised if the specified user cannot be found.
16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 |
# File 'app/helpers/rails_identity/application_helper.rb', line 16 def get_user(fallback: true) user_id = params[:user_id] logger.debug("Attempting to get user #{user_id}") if !user_id.nil? && user_id != "current" @user = find_object(User, params[:user_id]) # will throw error if nil unless (@user) raise Repia::Errors::Unauthorized, "Not authorized to access user #{user_id}" end elsif fallback || user_id == "current" @user = @auth_user else # :nocov: raise Repia::Errors::NotFound, "User #{user_id} does not exist" # :nocov: end end |