Sha256: 3896ed133ef8fac46dcfe73ffe7ef0c7a6279ab212d88552b5713082a8f7e4e3

Contents?: true

Size: 754 Bytes

Versions: 3

Compression:

Stored size: 754 Bytes

Contents

require "godmin/authorization/policy"
require "godmin/authorization/policy_finder"

module Godmin
  module Authorization
    extend ActiveSupport::Concern

    included do
      helper_method :policy

      rescue_from NotAuthorizedError do
        render text: "You are not authorized to do this", status: 403, layout: "godmin/login"
      end
    end

    def authorize(record, query = nil)
      policy = policy(record)

      unless policy.public_send(query || action_name + "?")
        fail NotAuthorizedError
      end
    end

    def policy(record)
      policies[record] ||= PolicyFinder.find(record).new(admin_user, record)
    end

    def policies
      @_policies ||= {}
    end

    class NotAuthorizedError < StandardError; end
  end
end

Version data entries

3 entries across 3 versions & 1 rubygems

Version Path
godmin-0.12.0 lib/godmin/authorization.rb
godmin-0.11.2 lib/godmin/authorization.rb
godmin-0.11.1 lib/godmin/authorization.rb