Sha256: feae991e2c25f15932209707344a385743c17373550779bbd0782c4cedbbaf90
Contents?: true
Size: 1.27 KB
Versions: 1
Compression:
Stored size: 1.27 KB
Contents
module Rasti
class App
class Policy
class UnauthorizedError < StandardError
attr_reader :user, :permission
def initialize(user, permission)
@user = user
@permission = permission
end
def message
"Permission denied [#{user} -> #{permission}]"
end
end
class << self
def authorizations
@authorizations ||= {}
end
private
def authorization(permission, &block)
authorizations[permission] = block
end
def ignore(permission)
authorization(permission) { true }
end
end
def initialize(container, context)
@container = container
@context = context
end
def authorized?(permission, params={})
if self.class.authorizations.key? permission
instance_exec params, &self.class.authorizations[permission]
else
user.authorized? permission
end
end
def authorize!(permission, params={})
raise UnauthorizedError.new(user.name, permission) unless authorized? permission, params
end
private
attr_reader :container, :context
def user
context.fetch(:user)
end
end
end
end
Version data entries
1 entries across 1 versions & 1 rubygems
| Version | Path |
|---|---|
| rasti-app-0.0.7 | lib/rasti/app/policy.rb |