Module: ActiveRecordPermissions::Permissions

Defined in:

lib/six-updater-web/vendor/plugins/active_scaffold/lib/active_record_permissions.rb

Defined Under Namespace

Modules: ClassMethods

Class Method Summary

• .included(base) ⇒ Object

Instance Method Summary

• #authorized_for?(options = {}) ⇒ Boolean

  A generic authorization query.

• #existing_record_check? ⇒ Boolean

  Because any class-level queries get delegated to the instance level via a new record, it’s useful to know when the authorization query is meant for a specific record or not.

Class Method Details

.included(base) ⇒ Object

# File 'lib/six-updater-web/vendor/plugins/active_scaffold/lib/active_record_permissions.rb', line 71

def self.included(base)
  base.extend ClassMethods
end

Instance Method Details

#authorized_for?(options = {}) ⇒ Boolean

A generic authorization query. This is what will be called programatically, since the actual permission methods can’t be guaranteed to exist. And because we want to intelligently combine multiple applicable methods.

options should be a CRUD verb (:create, :read, :update, :destroy) options should be the name of a model attribute

Returns:

• (Boolean)

Raises:

• (ArgumentError)

# File 'lib/six-updater-web/vendor/plugins/active_scaffold/lib/active_record_permissions.rb', line 81

def authorized_for?(options = {})
  # AST allowed_actions
  raise ArgumentError, "unknown action #{options[:action]}" if options[:action] and !ActiveRecordPermissions.allowed_actions.include?(options[:action])

  # column_authorized_for_action? has priority over other methods,
  # you can disable an action and enable that action for a column
  # (for example, disable update and enable inplace_edit in a column)
  method = column_and_action_security_method(options[:column], options[:action])
  return send(method) if method and respond_to?(method)

  # collect the possibly-related methods that actually exist
  methods = [
    column_security_method(options[:column]),
    action_security_method(options[:action]),
  ].compact.select {|m| respond_to?(m)}

  # if any method returns false, then return false
  return false if methods.any? {|m| !send(m)}

  # if any method actually exists then it must've returned true, so return true
  return true unless methods.empty?

  # if no method exists, return the default permission
  return ActiveRecordPermissions.default_permission
end

#existing_record_check? ⇒ Boolean

Because any class-level queries get delegated to the instance level via a new record, it’s useful to know when the authorization query is meant for a specific record or not. But using new_record? is confusing, even though accurate. So this is basically just a wrapper.

Returns:

• (Boolean)

# File 'lib/six-updater-web/vendor/plugins/active_scaffold/lib/active_record_permissions.rb', line 110

def existing_record_check?
  !new_record?
end