Sha256: c8950064ed2004328aa06ae7ce004a2bc93c7e02d7e99927b5ff51fea9d0e5e6
Contents?: true
Size: 1.41 KB
Versions: 1
Compression:
Stored size: 1.41 KB
Contents
module Authority
module Controller
extend ActiveSupport::Concern
included do
rescue_from Authority::SecurityTransgression, :with => :authority_forbidden
class_attribute :authority_resource
class_attribute :authority_actions
end
module ClassMethods
def check_authorization_on(model_class, options = {})
self.authority_resource = model_class
self.authority_actions = Authority.configuration.authority_actions.merge(options[:actions] || {}).symbolize_keys
before_filter :run_authorization_check, options
end
def authority_action(action_map)
self.authority_actions.merge!(action_map).symbolize_keys
end
end
protected
def authority_forbidden(error)
Authority.configuration.logger.warn(error.message)
render :file => Rails.root.join('public', '403.html'), :status => 403, :layout => false
end
def run_authorization_check
check_authorization_for self.class.authority_resource, send(Authority.configuration.user_method)
end
def check_authorization_for(authority_resource, user)
authority_action = self.class.authority_actions[action_name.to_sym]
if authority_action.nil?
raise MissingAction.new("No authority action defined for #{action_name}")
end
Authority.enforce(authority_action, authority_resource, user)
end
class MissingAction < StandardError ; end
end
end
Version data entries
1 entries across 1 versions & 1 rubygems
| Version | Path |
|---|---|
| authority-0.9.0 | lib/authority/controller.rb |