Sha256: 0539b41acb6eccb20aa2f2a83989574dff0fe2791bce71755b95422201f40e76
Contents?: true
Size: 892 Bytes
Versions: 1
Compression:
Stored size: 892 Bytes
Contents
# Returns +true+ is user allowed to access +path+ with operation +access+.
#
def can? path, access = Access::READ
applied_rules = Access.rules_for_path path
# no rules for the path mean the access is not restricted
return true if applied_rules.blank?
# there are rules for the path, but the user is not authenticated
return false unless current_user?
# check if any rule grants access to path/access/user roles.
applied_rules.each do |access_rule|
return true if access_rule.grants?( path, access, current_user.roles )
end
# no luck
return false
end
# Returns constructed link if READ access to +url+ is allowed, returns empty string otherwise.
#
def link_to_if_can( url, text = url, opts = {} )
link_to( url, text, opts ) if can?( url )
end
def on_access_denied( &block )
@on_access_denied_callback = block if block_given?
@on_access_denied_callback
end
Version data entries
1 entries across 1 versions & 1 rubygems
| Version | Path |
|---|---|
| aerogel-users-1.4.3 | app/helpers/access_control.rb |