Module: RightOn::ActionControllerExtensions

Defined in:

lib/right_on/action_controller_extensions.rb

Class Method Summary

• .included(base) ⇒ Object

Instance Method Summary

• #access_allowed?(opts = {}) ⇒ Boolean

  Checks the access privilege of the user and returns true or false.

• #access_allowed_to_controller?(controller) ⇒ Boolean

  Checks the access privilege for a controller.

• #controller_action_options ⇒ Object
• #permission_denied ⇒ Object

  Called if a security check determines permission is denied.

• #verify_rights ⇒ Object

  Checks the access privilege of the user and renders permission_denied page if required.

Class Method Details

.included(base) ⇒ Object

# File 'lib/right_on/action_controller_extensions.rb', line 5

def self.included(base)
  base.module_eval do
    helper_method :access_allowed?, :access_allowed_to_controller?
    class_attribute :rights_from
    class_attribute :permission_denied_layout
  end
end

Instance Method Details

#access_allowed?(opts = {}) ⇒ Boolean

Checks the access privilege of the user and returns true or false

Returns:

• (Boolean)

# File 'lib/right_on/action_controller_extensions.rb', line 31

def access_allowed?(opts={})
  if opts.is_a?(String)
    controller, action = opts.split('#')
    opts = {:controller => controller, :action => action}
  end
  opts[:controller] ||= params[:controller]
  opts[:action]     ||= params[:action]
  current_user.rights.any? { |r| r.allowed?(opts.slice(:controller, :action)) }
end

#access_allowed_to_controller?(controller) ⇒ Boolean

Checks the access privilege for a controller

Returns:

• (Boolean)

# File 'lib/right_on/action_controller_extensions.rb', line 19

def access_allowed_to_controller?(controller)
  controller_class = "#{controller.to_s.camelcase}Controller".safe_constantize

  # Handle inheritance of rights
  if controller_class && controller_class.rights_from.present?
    controller = controller_class.rights_from.to_s
  end

  access_allowed?(controller)
end

#controller_action_options ⇒ Object

# File 'lib/right_on/action_controller_extensions.rb', line 60

def controller_action_options
  opts = params.slice(:controller, :action)
  opts[:controller] = rights_from.to_s if rights_from
  opts
end

#permission_denied ⇒ Object

Called if a security check determines permission is denied

# File 'lib/right_on/action_controller_extensions.rb', line 42

def permission_denied
  @permission_denied_response = RightOn::PermissionDeniedResponse.new(params, controller_action_options)

  respond_to do |format|
    format.html { render status: 401, template: 'permission_denied', layout: (permission_denied_layout || false) }
    format.json do
      render status: 401, json: @permission_denied_response.to_json
    end
    format.js do
      render :update, status: 401 do |page|
        page.alert(@permission_denied_layout.text_message)
      end
    end
  end

  false
end

#verify_rights ⇒ Object

Checks the access privilege of the user and renders permission_denied page if required

# File 'lib/right_on/action_controller_extensions.rb', line 14

def verify_rights
  access_allowed?(controller_action_options) || permission_denied
end