Module: Eaco::Controller

Extended by:
ActiveSupport::Concern
Defined in:
lib/eaco/controller.rb

Overview

An ActionController extension to verify authorization in Rails applications.

Tested on Rails 3.2 and up on Ruby 2.0 and up.

Defined Under Namespace

Modules: ClassMethods

Instance Method Summary collapse

Instance Method Details

#confront_eaco (protected)

This method returns an undefined value.

Asks Eaco whether thou shalt pass or not.

The implementation is left in this method's body, despite a bit long for many's taste, as it is pretty imperative and simple code. Moreover, the less we pollute ActionController's namespace, the better.

La Guardiana

                                       /\
                      .-_-.           /  \
             ||   .-.(    .' .-.   // \  /
              \\\/ (((\   /)))  \ / // )(
               ) '._  ,-.   ___. )/ //(__)
               \_((( (  :)  \)))/ ,  / ||
                \_  \ '-' /_   /| ),// ||
                  \ (_._.'_ \ (o__//  _||_
                   \ )\  .(/ /  __)   \   \
                   ( \ '_  .'  /(      |-. \
                    \_'._'.\__/))))    (__)'.'.
                   _._   |  |    _.-._ ||   \ '.
                  / //--'  / '--//'-'/\||____\  '.
                  \---.\ .----.//  //  ||//  '\   \
                 /   ' \/    ' \\__\\ ,||\\_______.'
                 \\___//\\____//\____\ ||
      _.-'''---. /\___/  \____/  \\/   ||
   ..'_.''''---.|   /.  \        /     ||
 .'.-'O    __  /  _/  )_.--.____(      ||
/ / /  \__/  /'  /\ \(__.--._____)     ||
| |    /\ \  \_.' | |   \      |       ||
\  '.__\,_.'.__/./ /     ) .   |\      ||
 '..__ O --' ___..'     /\     /|'.    ||
      ''----'           | \/\.' / /'.  ||
                        |\(()).' /   \ ||
                      _/ \ \/   /     \||
              __..--''    '.   |      |||
          .-''            / '._|/     |||
         /                __.- /      /||
         \   ____..-----''    /      | ||
          '.     )).         |       / ||
            ''._//  \        .-----./  ||
                '.   \      (.-----.)  ||
                  '.  \      |    /    ||
                    )_ \     |   |     ||
                   /__'O\    ( ) (     ||
     _______mrf,-'____/|/__   |\  \    ||
                              |    |   ||
                              |____)  (__)
                              '-----'  ||
                               \   |   ||
                                \  |   ||
                                 \ |   ||
                                  | \  ||
                                  |_ \ ||
                                  /_'O\||
                               .-'___/(__)

                               http://ascii.co.uk/art/guardiana

Raises:

  • (Error)

    if the instance variable configured in authorize is not found

  • (Forbidden)

    if the current_user is not granted access.


161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
# File 'lib/eaco/controller.rb', line 161

def confront_eaco
  action = params[:action].intern
  resource_ivar, permission = self.class.permission_for(action)

  if resource_ivar && permission
    resource = instance_variable_get(['@', resource_ivar].join.intern)

    if resource.nil?
      raise Error, <<-EOF
        @#{resource_ivar} is not set, can't authorize #{self}##{action}
      EOF
    end

    unless current_user.can? permission, resource
      raise Forbidden, <<-EOF
        `#{current_user}' not authorized to `#{action}' on `#{resource}'
      EOF
    end
  end
end