Class: Merb::Controller

Inherits:
Object show all
Defined in:
lib/role-authz/authorization/controller_mixin.rb

Defined Under Namespace

Classes: Unauthorized

Class Method Summary collapse

Instance Method Summary collapse

Class Method Details

.authorize(klass, &block) ⇒ Object 



10
11
12
13
14
15
16
17
18
 
# File 'lib/role-authz/authorization/controller_mixin.rb', line 10

def self.authorize(klass, &block)
  klass.class_inheritable_accessor :_authorization_proxy
  klass._authorization_proxy = self
  self._authorization_target = klass
  self._authorization ||= Authorization::ControllerHelper.new
  self._authorization.instance_eval(&block) if block_given?
  before :ensure_authorized
  self._authorization
end

.role(name, &block) ⇒ Object 



6
7
8
 
# File 'lib/role-authz/authorization/controller_mixin.rb', line 6

def self.role(name, &block)
  Authorization.add_role(name, &block)
end

Instance Method Details

#authorization_targetObject 



20
21
22
23
24
25
26
 
# File 'lib/role-authz/authorization/controller_mixin.rb', line 20

def authorization_target
  if _authorization_target.respond_to?(:get)
    _authorization_target.get(params[:id])
  else
    nil
  end
end

#ensure_authorizedObject 



28
29
30
31
32
33
34
35
36
37
38
39
40
 
# File 'lib/role-authz/authorization/controller_mixin.rb', line 28

def ensure_authorized
  operator = (session.user if session.authenticated?)
  roles = Authorization.roles_for(operator, authorization_target)
  roles.each do |role|
    actions = self.class._authorization.actions_for(role)
    return true if actions.include?(params[:action].to_sym) || actions.include?(:all)
  end
  if session.authenticated?
    raise Unauthorized
  else
    raise Unauthenticated
  end
end