Sha256: 615e2d96d3d4ac29db4c1582e2681bbe65518eb21bd6264c82df0281ef4252bd

Contents?: true

Size: 751 Bytes

Versions: 7

Compression:

Stored size: 751 Bytes

Contents

# frozen_string_literal: true

module ApiAuthorizer
  extend ActiveSupport::Concern

  included do
    before_action :hosts_permission
  end

  private

  def hosts_permission
    return if User.current.can?('view_hosts')

    render_error 'access_denied', status: :forbidden,
                                  locals: { details: N_('Missing one of the required permissions: view_hosts'),
                                            missing_permissions: 'view_hosts' }
  end

  def resource_scope(_options = {})
    @resource_scope ||= begin
      scope = PreupgradeReport.joins(:host).merge(Host.authorized(:view_hosts, Host))
      scope = scope.where(job_invocation_id: params[:id]) if action_name == 'job_invocation'
      scope
    end
  end
end

Version data entries

7 entries across 7 versions & 1 rubygems

Version Path
foreman_leapp-1.2.1 app/controllers/api/v2/concerns/api_authorizer.rb
foreman_leapp-1.2.0 app/controllers/api/v2/concerns/api_authorizer.rb
foreman_leapp-0.1.15 app/controllers/api/v2/concerns/api_authorizer.rb
foreman_leapp-1.1.1 app/controllers/api/v2/concerns/api_authorizer.rb
foreman_leapp-1.1.0 app/controllers/api/v2/concerns/api_authorizer.rb
foreman_leapp-1.0.0 app/controllers/api/v2/concerns/api_authorizer.rb
foreman_leapp-0.1.14 app/controllers/api/v2/concerns/api_authorizer.rb