Module: Subroutine::Auth::ClassMethods

Defined in:

lib/subroutine/auth.rb

Instance Method Summary

• #authorization_declared? ⇒ Boolean
• #authorize(check_name) ⇒ Object
• #no_user_requirements! ⇒ Object
• #policy(*meths) ⇒ Object

  policy :can_update_user policy :can_update_user, unless: :dont_do_it policy :can_update_user, if: :do_it policy :can_do_whatever, policy: :foo_policy.

• #require_no_user! ⇒ Object
• #require_user! ⇒ Object
• #supported_user_class_names ⇒ Object

Instance Method Details

#authorization_declared? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/subroutine/auth.rb', line 27

def authorization_declared?
  authorization_checks.any?
end

#authorize(check_name) ⇒ Object

# File 'lib/subroutine/auth.rb', line 31

def authorize(check_name)
  self.authorization_checks += [check_name.to_sym]
end

#no_user_requirements! ⇒ Object

# File 'lib/subroutine/auth.rb', line 35

def no_user_requirements!
  authorize :authorize_user_not_required
end

#policy(*meths) ⇒ Object

policy :can_update_user policy :can_update_user, unless: :dont_do_it policy :can_update_user, if: :do_it policy :can_do_whatever, policy: :foo_policy

# File 'lib/subroutine/auth.rb', line 51

def policy(*meths)
  opts = meths.extract_options!
  policy_name = opts[:policy] || :policy

  if_conditionals = Array(opts[:if])
  unless_conditionals = Array(opts[:unless])

  meths.each do |meth|
    normalized_meth = if normalized_meth.to_s.end_with?("?")
                        meth.to_s[0...-1]
                      else
                        meth
                      end

    auth_method_name = :"authorize_#{policy_name}_#{normalized_meth}"

    define_method auth_method_name do
      run_it = true
      # http://guides.rubyonrails.org/active_record_validations.html#combining-validation-conditions

      # The validation only runs when all the :if conditions evaluate to true
      if if_conditionals.present?
        run_it &&= if_conditionals.all? { |i| send(i) }
      end

      # and none of the :unless conditions are evaluated to true.
      if unless_conditionals.present?
        run_it &&= unless_conditionals.none? { |u| send(u) }
      end

      return unless run_it

      p = send(policy_name)
      unauthorized! unless p

      result = if p.respond_to?("#{normalized_meth}?")
                 p.send("#{normalized_meth}?")
               else
                 p.send(normalized_meth)
               end

      unauthorized! opts[:error] unless result
    end

    authorize auth_method_name
  end
end

#require_no_user! ⇒ Object

# File 'lib/subroutine/auth.rb', line 43

def require_no_user!
  authorize :authorize_no_user_required
end

#require_user! ⇒ Object

# File 'lib/subroutine/auth.rb', line 39

def require_user!
  authorize :authorize_user_required
end

#supported_user_class_names ⇒ Object

# File 'lib/subroutine/auth.rb', line 23

def supported_user_class_names
  [user_class_name, "Integer", "NilClass"].compact
end