Sha256: 0666413cdb3c7ff63c7a026b49b204280e648199453d8fb419d8151138fffe77
Contents?: true
Size: 1.69 KB
Versions: 28
Compression:
Stored size: 1.69 KB
Contents
require 'singleton'
module AuthorizationPlugin
include Praxis::PluginConcern
class Plugin < Praxis::Plugin
include Singleton
def config_key
:authorization
end
def initialize
@options = {config_file: 'config/authorization.yml'}
end
def prepare_config!(node)
node.attributes do
attribute :default_abilities, Attributor::Collection
end
end
def default_abilities
config.default_abilities
end
def authorized?(request)
abilities = default_abilities.clone
abilities |= request.user_abilities
(request.action.required_abilities - abilities).empty?
end
end
module Request
def user_abilities
[]
end
end
module Controller
extend ActiveSupport::Concern
included do
before :action do |controller|
verify_abilities(controller.request)
end
end
module ClassMethods
def verify_abilities(request)
return true unless request.action.required_abilities
authorized = AuthorizationPlugin::Plugin.instance.authorized?(request)
unless authorized
return Praxis::Responses::Forbidden.new
end
end
end
def subject
#p [self, :subject]
end
end
module ResourceDefinition
end
module ActionDefinition
extend ActiveSupport::Concern
included do
attr_accessor :required_abilities
decorate_docs do |action, docs|
docs[:required_abilities] = action.required_abilities
end
end
def requires_ability(ability)
@required_abilities ||= []
@required_abilities << ability
response :forbidden
requires_authentication true
end
end
end
Version data entries
28 entries across 28 versions & 1 rubygems