Contents

module Rasti
  class App
    class Policy

      class UnauthorizedError < StandardError
        def initialize(user, permission)
          super "Access denied [#{user} -> #{permission}]"
        end
      end
      
      class << self

        def authorizations
          @authorizations ||= {}
        end

        private

        def authorization(permission, &block)
          authorizations[permission] = block
        end

        def ignore(permission)
          authorization(permission) { true }
        end

      end

      def initialize(container, context)
        @container = container
        @context = context
      end

      def authorized?(permission, params)
        if self.class.authorizations.key? permission
          self.class.authorizations[permission].call params
        else
          user.authorized? permission
        end
      end

      def authorize!(permission, params)
        raise UnauthorizedError.new(user.name, permission) unless authorized? permission, params
      end

      private 

      attr_reader :container, :context

      def user
        context.fetch(:user)
      end

    end
  end
end

Version data entries

4 entries across 4 versions & 1 rubygems

Version	Path
rasti-app-0.0.5	lib/rasti/app/policy.rb
rasti-app-0.0.4	lib/rasti/app/policy.rb
rasti-app-0.0.3	lib/rasti/app/policy.rb
rasti-app-0.0.2	lib/rasti/app/policy.rb