Sha256: 6d1aabdaafb2bb3711f503717812b9c21b62b72b0683398ade0e0236ad712d8c

Contents?: true

Size: 847 Bytes

Versions: 3

Compression:

Stored size: 847 Bytes

Contents

module Curupira
  module Authorizer
    extend ActiveSupport::Concern

    def authorize_for_group
      unless has_authorization_for_group?
        deny_access
      end
    end

    def authorize
      unless has_authorization?
        deny_access
      end
    end

    def has_authorization?
      has_authorization_for(params)
    end

    def has_authorization_for(params)
      return true if current_user.admin?
      query(params).present?
    end

    private

    def deny_access
      redirect_to "/", notice: "Sem autorização"
    end

    def query(params)
      User.joins(
        role_group_users: { role: { features: [:action_labels] } }
      )
      .where(
        features: { controller: params[:controller] },
        action_labels: { name: [params[:action], 'manage'] },
        id: current_user
      )
    end
  end
end

Version data entries

3 entries across 3 versions & 1 rubygems

Version Path
curupira-0.1.7 lib/curupira/authorizer.rb
curupira-0.1.6 lib/curupira/authorizer.rb
curupira-0.1.4 lib/curupira/authorizer.rb