Module: Subroutine::Auth::ClassMethods

Defined in:

lib/subroutine/auth.rb

Instance Method Summary

• #authorize(validation_name) ⇒ Object
• #no_user_requirements! ⇒ Object
• #policy(*meths) ⇒ Object

  policy :can_update_user policy :can_update_user, unless: :dont_do_it policy :can_update_user, if: :do_it policy :can_do_whatever, policy: :foo_policy.

• #require_no_user! ⇒ Object
• #require_user! ⇒ Object

Instance Method Details

#authorize(validation_name) ⇒ Object

# File 'lib/subroutine/auth.rb', line 36

def authorize(validation_name)
  validate validation_name, unless: :skip_auth_checks?
end

#no_user_requirements! ⇒ Object

# File 'lib/subroutine/auth.rb', line 40

def no_user_requirements!
  self.authorization_declared = true
end

#policy(*meths) ⇒ Object

policy :can_update_user policy :can_update_user, unless: :dont_do_it policy :can_update_user, if: :do_it policy :can_do_whatever, policy: :foo_policy

# File 'lib/subroutine/auth.rb', line 64

def policy(*meths)
  opts = meths.extract_options!
  policy_name = opts[:policy] || :policy

  if_conditionals = Array(opts[:if])
  unless_conditionals = Array( opts[:unless])

  validate unless: :skip_auth_checks? do
    run_it = true
    # http://guides.rubyonrails.org/active_record_validations.html#combining-validation-conditions

    # The validation only runs when all the :if conditions
    if if_conditionals.present?
      run_it &&= if_conditionals.all? { |i| send(i) }
    end

    # and none of the :unless conditions are evaluated to true.
    if unless_conditionals.present?
      run_it &&= unless_conditionals.none? { |u| send(u) }
    end

    next unless run_it

    p = self.send(policy_name)
    if !p || meths.any?{|m| !(p.respond_to?("#{m}?") ? p.send("#{m}?") : p.send(m)) }
      unauthorized! opts[:error]
    end
  end
end

#require_no_user! ⇒ Object

# File 'lib/subroutine/auth.rb', line 52

def require_no_user!
  self.authorization_declared = true

  validate unless: :skip_auth_checks? do
    unauthorized! :empty_unauthorized if current_user.present?
  end
end

#require_user! ⇒ Object

# File 'lib/subroutine/auth.rb', line 44

def require_user!
  self.authorization_declared = true

  validate unless: :skip_auth_checks? do
    unauthorized! unless current_user.present?
  end
end