Sha256: 710e1255686e723e64081b5bf82220ea1211bd20f1065fb0b0659c4f4206e9db

Contents?: true

Size: 780 Bytes

Versions: 7

Compression:

Stored size: 780 Bytes

Contents

require "godmin/authorization/policy"
require "godmin/authorization/policy_finder"

module Godmin
  module Authorization
    extend ActiveSupport::Concern

    included do
      helper_method :policy

      rescue_from NotAuthorizedError do
        render text: "You are not authorized to do this", status: 403, layout: "godmin/login"
      end
    end

    def authorize(record, query = nil)
      policy = policy(record)

      unless policy.public_send(query || action_name + "?")
        fail NotAuthorizedError
      end
    end

    def policy(record)
      policies[record] ||= PolicyFinder.find(record, engine_wrapper.namespace).new(admin_user, record)
    end

    def policies
      @_policies ||= {}
    end

    class NotAuthorizedError < StandardError; end
  end
end

Version data entries

7 entries across 7 versions & 1 rubygems

Version Path
godmin-1.2.0 lib/godmin/authorization.rb
godmin-1.1.0 lib/godmin/authorization.rb
godmin-1.0.0 lib/godmin/authorization.rb
godmin-0.12.4 lib/godmin/authorization.rb
godmin-0.12.3 lib/godmin/authorization.rb
godmin-0.12.2 lib/godmin/authorization.rb
godmin-0.12.1 lib/godmin/authorization.rb