Module: Garage::ControllerHelper

Extended by:

ActiveSupport::Concern

Includes:

Utils

Included in:

Meta::DocsController, Meta::ServicesController

Defined in:

lib/garage/controller_helper.rb

Instance Attribute Summary

• #field_selector ⇒ Object

  Returns the value of attribute field_selector.

• #representation ⇒ Object

  Returns the value of attribute representation.

Instance Method Summary

• #allow_access?(klass, action = :read) ⇒ Boolean
• #cache_context ⇒ Object
• #current_resource_owner ⇒ Object

  Implement by using resource_owner_id like:.

• #doorkeeper_token ⇒ Object

  For backword compatiblility.

• #has_scope?(scope) ⇒ Boolean

  Public: returns if the current request includes the given OAuth scope.

• #requested_by?(resource) ⇒ Boolean

  Check if the current resource is the same as the requester.

• #resource_owner_id ⇒ Object
• #unauthorized_render_options(error: nil) ⇒ Hash

  Use this method to render ‘unauthorized’.

Instance Attribute Details

#field_selector ⇒ Object

Returns the value of attribute field_selector.

# File 'lib/garage/controller_helper.rb', line 76

def field_selector
  @field_selector
end

#representation ⇒ Object

Returns the value of attribute representation.

# File 'lib/garage/controller_helper.rb', line 76

def representation
  @representation
end

Instance Method Details

#allow_access?(klass, action = :read) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/garage/controller_helper.rb', line 78

def allow_access?(klass, action = :read)
  ability_from_token.allow?(klass, action)
end

#cache_context ⇒ Object

# File 'lib/garage/controller_helper.rb', line 72

def cache_context
  { t: access_token.try(:id) }
end

#current_resource_owner ⇒ Object

Implement by using resource_owner_id like:

def current_resource_owner
  @current_resource_owner ||= User.find(resource_owner_id) if resource_owner_id
end

# File 'lib/garage/controller_helper.rb', line 47

def current_resource_owner
  raise "Your ApplicationController needs to implement current_resource_owner!"
end

#doorkeeper_token ⇒ Object

For backword compatiblility.

# File 'lib/garage/controller_helper.rb', line 26

def doorkeeper_token
  access_token
end

#has_scope?(scope) ⇒ Boolean

Public: returns if the current request includes the given OAuth scope

Returns:

• (Boolean)

# File 'lib/garage/controller_helper.rb', line 68

def has_scope?(scope)
  access_token && access_token.scopes.include?(scope)
end

#requested_by?(resource) ⇒ Boolean

Check if the current resource is the same as the requester. The resource must respond to resource.id method.

Returns:

• (Boolean)

# File 'lib/garage/controller_helper.rb', line 53

def requested_by?(resource)
  user = resource.respond_to?(:owner) ? resource.owner : resource
  case
  when current_resource_owner.nil?
    false
  when !user.is_a?(current_resource_owner.class)
    false
  when current_resource_owner.id == user.id
    true
  else
    false
  end
end

#resource_owner_id ⇒ Object

# File 'lib/garage/controller_helper.rb', line 30

def resource_owner_id
  access_token.try(:resource_owner_id)
end

#unauthorized_render_options(error: nil) ⇒ Hash

Use this method to render ‘unauthorized’. Garage user may overwrite this method to response custom unauthorized response.

Returns:

• (Hash)

# File 'lib/garage/controller_helper.rb', line 37

def unauthorized_render_options(error: nil)
  { json: { status_code: 401, error: "Unauthorized (invalid token)" } }
end